@oxyhq/services 5.17.7 → 5.17.9

package/src/ui/context/OxyContextBase.tsx

@@ -2,11 +2,10 @@ import { createContext, useContext } from 'react';
 import type { ReactNode } from 'react';
 import type { OxyServices } from '../../core';
 import type { User, ApiError } from '../../models/interfaces';
-import type { ClientSession } from '../../models/session';
+import type { ClientSession, SessionLoginResponse } from '../../models/session';
 import type { UseFollowHook } from '../hooks/useFollow.types';
 import type { useLanguageManagement } from '../hooks/useLanguageManagement';
 import type { RouteName } from '../navigation/routes';
-import type { BackupData } from '../../crypto';
 
 export interface OxyContextState {
     user: User | null;
@@ -23,27 +22,10 @@ export interface OxyContextState {
     currentLanguageName: string;
     currentNativeLanguageName: string;
 
-    // Identity management (public key authentication - offline-first)
-    createIdentity: () => Promise<{ synced: boolean }>;
-    importIdentity: (backupData: BackupData, password: string) => Promise<{ synced: boolean }>;
-    signIn: (deviceName?: string) => Promise<User>;
-    hasIdentity: () => Promise<boolean>;
-    getPublicKey: () => Promise<string | null>;
-    isIdentitySynced: () => Promise<boolean>;
-    syncIdentity: () => Promise<User>;
-    deleteIdentityAndClearAccount: (skipBackup?: boolean, force?: boolean, userConfirmed?: boolean) => Promise<void>;
-    storeTransferCode: (transferId: string, code: string, sourceDeviceId: string | null, publicKey: string) => Promise<void>;
-    getTransferCode: (transferId: string) => { code: string; sourceDeviceId: string | null; publicKey: string; timestamp: number; state: 'pending' | 'completed' | 'failed' } | null;
-    clearTransferCode: (transferId: string) => Promise<void>;
-    getAllPendingTransfers: () => Array<{ transferId: string; data: { code: string; sourceDeviceId: string | null; publicKey: string; timestamp: number; state: 'pending' | 'completed' | 'failed' } }>;
-    getActiveTransferId: () => string | null;
-    updateTransferState: (transferId: string, state: 'pending' | 'completed' | 'failed') => Promise<void>;
-
-    // Identity sync state (reactive, from Zustand store)
-    identitySyncState: {
-        isSynced: boolean;
-        isSyncing: boolean;
-    };
+    // Authentication (Services SDK only handles tokens/sessions, NOT identity)
+    // Identity management (KeyManager, SignatureService, challenge signing) belongs ONLY in Accounts app
+    // completeSignIn accepts already-verified session data from Accounts app
+    completeSignIn: (sessionResponse: SessionLoginResponse) => Promise<User>;
 
     // Session management
     logout: (targetSessionId?: string) => Promise<void>;

package/src/ui/context/hooks/useAuthOperations.ts

@@ -2,12 +2,10 @@ import { useCallback } from 'react';
 import type { ApiError, User } from '../../../models/interfaces';
 import type { AuthState } from '../../stores/authStore';
 import type { ClientSession, SessionLoginResponse } from '../../../models/session';
-import { DeviceManager } from '../../../utils/deviceManager';
-import { fetchSessionsWithFallback, mapSessionsToClient } from '../../utils/sessionHelpers';
+import { fetchSessionsWithFallback } from '../../utils/sessionHelpers';
 import { handleAuthError, isInvalidSessionError } from '../../utils/errorHandlers';
 import type { StorageInterface } from '../../utils/storageHelpers';
 import type { OxyServices } from '../../../core';
-import { KeyManager, SignatureService, type BackupData } from '../../../crypto';
 
 export interface UseAuthOperationsOptions {
   oxyServices: OxyServices;
@@ -26,41 +24,29 @@ export interface UseAuthOperationsOptions {
   loginFailure: (message: string) => void;
   logoutStore: () => void;
   setAuthState: (state: Partial<AuthState>) => void;
-  // Identity sync store actions
-  setIdentitySynced: (synced: boolean) => void;
-  setSyncing: (syncing: boolean) => void;
   logger?: (message: string, error?: unknown) => void;
 }
 
 export interface UseAuthOperationsResult {
-  /** Create a new identity locally (offline-first) and optionally sync with server */
-  createIdentity: () => Promise<{ synced: boolean }>;
-  /** Import an existing identity from backup file data */
-  importIdentity: (backupData: BackupData, password: string) => Promise<{ synced: boolean }>;
-  /** Sign in with existing identity on device */
-  signIn: (deviceName?: string) => Promise<User>;
+  /** Complete sign-in after external challenge-response (Accounts app signs, Services completes session) */
+  completeSignIn: (sessionResponse: SessionLoginResponse) => Promise<User>;
   /** Logout from current session */
   logout: (targetSessionId?: string) => Promise<void>;
   /** Logout from all sessions */
   logoutAll: () => Promise<void>;
-  /** Check if device has an identity stored */
-  hasIdentity: () => Promise<boolean>;
-  /** Get the public key of the stored identity */
-  getPublicKey: () => Promise<string | null>;
-  /** Check if identity is synced with server */
-  isIdentitySynced: () => Promise<boolean>;
-  /** Sync local identity with server (when online) */
-  syncIdentity: () => Promise<User>;
 }
 
-const LOGIN_ERROR_CODE = 'LOGIN_ERROR';
-const REGISTER_ERROR_CODE = 'REGISTER_ERROR';
 const LOGOUT_ERROR_CODE = 'LOGOUT_ERROR';
 const LOGOUT_ALL_ERROR_CODE = 'LOGOUT_ALL_ERROR';
 
+
 /**
- * Authentication operations using public key cryptography.
- * No passwords required - identity is based on ECDSA key pairs.
+ * Authentication operations for Services SDK.
+ * 
+ * ARCHITECTURE:
+ * - Services SDK only handles tokens/sessions (NOT identity)
+ * - Accounts app handles identity (KeyManager, SignatureService, challenge signing)
+ * - completeSignIn() accepts already-verified session from Accounts app
  */
 export const useAuthOperations = ({
   oxyServices,
@@ -78,444 +64,87 @@ export const useAuthOperations = ({
   loginSuccess,
   loginFailure,
   logoutStore,
-    setAuthState,
-    setIdentitySynced,
-    setSyncing,
-    logger,
+  setAuthState,
+  logger,
 }: UseAuthOperationsOptions): UseAuthOperationsResult => {
   
   /**
-   * Internal function to perform challenge-response sign in (works offline)
+   * Complete sign-in after external authentication.
+   * 
+   * This is called by Accounts app AFTER it has:
+   * 1. Requested challenge from backend
+   * 2. Signed challenge locally with private key
+   * 3. Verified challenge with backend to get sessionResponse
+   * 
+   * Services SDK only stores tokens and manages session state.
+   * 
+   * @param sessionResponse - Session data from verifyChallenge API call
    */
-  const performSignIn = useCallback(
-    async (publicKey: string): Promise<User> => {
-      const deviceFingerprintObj = DeviceManager.getDeviceFingerprint();
-      const deviceFingerprint = JSON.stringify(deviceFingerprintObj);
-      const deviceInfo = await DeviceManager.getDeviceInfo();
-      const deviceName = deviceInfo.deviceName || DeviceManager.getDefaultDeviceName();
-      const USER_ID_STORAGE_KEY = 'oxy_user_id';
-
-      // Online-only sign-in: require backend availability
-      // First, look up the user by public key to get the correct userId
-      // This ensures we always use the userId that matches the current identity's public key
-      let userId: string | null = null;
-      
-      // Always verify the userId matches the current public key
-      // This prevents auth failures when identity has changed
-      const userLookup = await oxyServices.getUserByPublicKey(publicKey);
-      userId = userLookup.id;
-      
-      // Update stored userId to match current identity
-      if (storage && userId) {
-        await storage.setItem(USER_ID_STORAGE_KEY, userId).catch(() => {});
-      }
-      
-      const challengeResponse = await oxyServices.requestChallenge(userId);
-      const challenge = challengeResponse.challenge;
-
-      // Note: Biometric authentication check should be handled by the app layer
-      // (e.g., accounts app) before calling signIn. The biometric preference is stored
-      // in local storage as 'oxy_biometric_enabled' and can be checked there.
-
-      // Sign the challenge
-      const { challenge: signature, timestamp } = await SignatureService.signChallenge(challenge);
-
-      // Online sign-in: use normal flow
-      if (!userId) {
-        throw new Error('User ID not found');
-      }
-      
-      // Verify and create session using userId
-      let sessionResponse;
-      try {
-        sessionResponse = await oxyServices.verifyChallenge(
-          userId,
-          challenge,
-          signature,
-          timestamp,
-          deviceName,
-          deviceFingerprint,
-        );
-      } catch (verifyError) {
-        // Add detailed logging for 401 errors to help diagnose auth failures
-        if (__DEV__) {
-          console.error('[useAuthOperations] verifyChallenge failed:', {
-            error: verifyError,
-            userId,
-            challengeLength: challenge?.length,
-            signatureLength: signature?.length,
-            timestamp,
-            timeSinceChallenge: Date.now() - timestamp,
-          });
-        }
-        throw verifyError;
-      }
-
-      // Store tokens immediately (no extra round-trip)
-      oxyServices.setTokens(sessionResponse.accessToken, sessionResponse.refreshToken);
-
-      // Get full user data
-      const fullUser = await oxyServices.getUserBySession(sessionResponse.sessionId);
-      
-      // IMPORTANT: user.id should be MongoDB ObjectId, not publicKey
-      // The API should return the correct id (ObjectId) from the database
-      // If it doesn't, we need to fix the API, not work around it here
-      // Validate that id is ObjectId format (24 hex characters)
-      if (fullUser.id && !/^[0-9a-fA-F]{24}$/.test(fullUser.id)) {
-        console.warn('[useAuthOperations] User.id is not MongoDB ObjectId format:', {
-          id: fullUser.id.substring(0, 20),
-          publicKey: fullUser.publicKey.substring(0, 20),
-          message: 'API should return MongoDB ObjectId as user.id, not publicKey'
-        });
-        // Don't override - let the API fix this issue
-      }
-
-      // Fetch device sessions
-      let allDeviceSessions: ClientSession[] = [];
-      try {
-        allDeviceSessions = await fetchSessionsWithFallback(oxyServices, sessionResponse.sessionId, {
-          fallbackDeviceId: sessionResponse.deviceId,
-          fallbackUserId: fullUser.id,
-          logger,
-        });
-      } catch (error) {
-        if (__DEV__) {
-          console.warn('Failed to fetch device sessions after login:', error);
-        }
-      }
-
-      // Check for existing session for same user
-      const existingSession = allDeviceSessions.find(
-        (session) =>
-          session.userId?.toString() === fullUser.id?.toString() &&
-          session.sessionId !== sessionResponse.sessionId,
-      );
-
-      if (existingSession) {
-        // Logout duplicate session
-        try {
-          await oxyServices.logoutSession(sessionResponse.sessionId, sessionResponse.sessionId);
-        } catch (logoutError) {
-          if (__DEV__) {
-            console.warn('Failed to logout duplicate session:', logoutError);
-          }
-        }
-        await switchSession(existingSession.sessionId);
-        updateSessions(
-          allDeviceSessions.filter((session) => session.sessionId !== sessionResponse.sessionId),
-          { merge: false },
-        );
-        onAuthStateChange?.(fullUser);
-        return fullUser;
-      }
-
-      setActiveSessionId(sessionResponse.sessionId);
-      await saveActiveSessionId(sessionResponse.sessionId);
-      updateSessions(allDeviceSessions, { merge: true });
-
-      await applyLanguagePreference(fullUser);
-      loginSuccess(); // Services never caches profile - only tokens
-      onAuthStateChange?.(fullUser);
-      if (storage) {
-        await storage.setItem('oxy_identity_synced', 'true').catch(() => {});
-      }
-      setIdentitySynced(true);
-      
-      return fullUser;
-    },
-    [
-      applyLanguagePreference,
-      logger,
-      loginSuccess,
-      onAuthStateChange,
-      oxyServices,
-      saveActiveSessionId,
-      setActiveSessionId,
-      setIdentitySynced,
-      switchSession,
-      updateSessions,
-      storage,
-    ],
-  );
-
-  /**
-   * Create a new identity (offline-first)
-   * Identity is purely cryptographic - no username or email required
-   */
-  const createIdentity = useCallback(
-    async (): Promise<{ synced: boolean }> => {
+  const completeSignIn = useCallback(
+    async (sessionResponse: SessionLoginResponse): Promise<User> => {
       if (!storage) throw new Error('Storage not initialized');
 
       setAuthState({ isLoading: true, error: null });
 
       try {
-        // Generate new key pair directly (works offline)
-        const { publicKey, privateKey } = await KeyManager.generateKeyPair();
-        await KeyManager.importKeyPair(privateKey);
+        // Store tokens (Services' only responsibility)
+        oxyServices.setTokens(sessionResponse.accessToken, sessionResponse.refreshToken);
 
-        // Mark as not synced
-        // Note: createIdentity only creates the key locally (offline-first)
-        // Registration with server (registerIdentity) must be done by the app (Accounts) with profile data
-        await storage.setItem('oxy_identity_synced', 'false');
-        setIdentitySynced(false);
+        // Get full user data
+        const fullUser = await oxyServices.getUserBySession(sessionResponse.sessionId);
 
-        return {
-          synced: false, // Always false - registration must be done separately by Accounts app
-        };
-      } catch (error) {
-        // CRITICAL: Never delete identity on error - it may have been successfully created
-        // Only log the error and let the user recover using their backup file
-        // Identity deletion should ONLY happen when explicitly requested by the user
-        if (__DEV__ && logger) {
-          logger('Error during identity creation (identity may still exist):', error);
-        }
-        
-        // Check if identity was actually created (keys exist)
-        const hasIdentity = await KeyManager.hasIdentity().catch(() => false);
-        if (hasIdentity) {
-          // Identity exists - don't delete it! Just mark as not synced
-          await storage.setItem('oxy_identity_synced', 'false').catch(() => {});
-          setIdentitySynced(false);
-          if (__DEV__ && logger) {
-            logger('Identity was created but sync failed - user can sync later using backup file');
+        // Fetch device sessions
+        let allDeviceSessions: ClientSession[] = [];
+        try {
+          allDeviceSessions = await fetchSessionsWithFallback(oxyServices, sessionResponse.sessionId, {
+            fallbackDeviceId: sessionResponse.deviceId,
+            fallbackUserId: fullUser.id,
+            logger,
+          });
+        } catch (error) {
+          if (__DEV__) {
+            console.warn('Failed to fetch device sessions after login:', error);
           }
-        } else {
-          // No identity exists - this was a generation failure, safe to clean up sync flag
-          await storage.removeItem('oxy_identity_synced').catch(() => {});
-          setIdentitySynced(false);
-        }
-        
-        const message = handleAuthError(error, {
-          defaultMessage: 'Failed to create identity',
-          code: REGISTER_ERROR_CODE,
-          onError,
-          setAuthError: (msg: string) => setAuthState({ error: msg }),
-          logger,
-        });
-        loginFailure(message);
-        throw error;
-      } finally {
-        setAuthState({ isLoading: false });
-      }
-    },
-    [oxyServices, storage, setAuthState, loginFailure, onError, logger, setIdentitySynced],
-  );
-
-  /**
-   * Check if identity is synced with server (reads from storage for persistence)
-   */
-  const isIdentitySyncedFn = useCallback(async (): Promise<boolean> => {
-    if (!storage) return true;
-    const synced = await storage.getItem('oxy_identity_synced');
-    const isSynced = synced !== 'false';
-    setIdentitySynced(isSynced);
-    return isSynced;
-  }, [storage, setIdentitySynced]);
-
-  /**
-   * Sync local identity with server (call when online)
-   * TanStack Query handles offline mutations automatically
-   */
-  const syncIdentity = useCallback(
-    async (): Promise<User> => {
-      if (!storage) throw new Error('Storage not initialized');
-
-      setAuthState({ isLoading: true, error: null });
-      setSyncing(true);
-
-      try {
-        const publicKey = await KeyManager.getPublicKey();
-        if (!publicKey) {
-          throw new Error('No identity found on this device');
-        }
-
-        // Check if already synced
-        const alreadySynced = await storage.getItem('oxy_identity_synced');
-        if (alreadySynced === 'true') {
-          setIdentitySynced(true);
-          return await performSignIn(publicKey);
-        }
-
-        // Check if already registered on server
-        const { registered } = await oxyServices.checkPublicKeyRegistered(publicKey);
-
-        if (!registered) {
-          // Identity is not registered - registration must be done by Accounts app with profile data
-          // syncIdentity only syncs already-registered identities
-          throw new Error('Identity is not registered. Please register your identity first using the Accounts app.');
-        }
-
-        // Mark as synced (Zustand store + storage)
-        await storage.setItem('oxy_identity_synced', 'true');
-        setIdentitySynced(true);
-
-        // Sign in (Services never caches profile - only tokens)
-        const user = await performSignIn(publicKey);
-
-        // Check if user has username - required for syncing
-        if (!user.username) {
-          const usernameError = new Error('USERNAME_REQUIRED');
-          (usernameError as any).code = 'USERNAME_REQUIRED';
-          throw usernameError;
         }
 
-        // TanStack Query will automatically retry any pending mutations
-
-        return user;
-      } catch (error) {
-        const message = handleAuthError(error, {
-          defaultMessage: 'Failed to sync identity',
-          code: REGISTER_ERROR_CODE,
-          onError,
-          setAuthError: (msg: string) => setAuthState({ error: msg }),
-          logger,
-        });
-        loginFailure(message);
-        throw error;
-      } finally {
-        setAuthState({ isLoading: false });
-        setSyncing(false);
-      }
-    },
-    [oxyServices, storage, setAuthState, performSignIn, loginFailure, onError, logger, setSyncing, setIdentitySynced],
-  );
-
-  /**
-   * Import identity from backup file data (offline-first)
-   */
-  const importIdentity = useCallback(
-    async (backupData: BackupData, password: string): Promise<{ synced: boolean }> => {
-      if (!storage) throw new Error('Storage not initialized');
-
-      // Validate arguments - ensure backupData is an object, not a string (old signature)
-      if (!backupData || typeof backupData !== 'object' || Array.isArray(backupData)) {
-        throw new Error('Invalid backup data. Please use the backup file import feature.');
-      }
-
-      if (!backupData.encrypted || !backupData.salt || !backupData.iv || !backupData.publicKey) {
-        throw new Error('Invalid backup data structure. Missing required fields.');
-      }
-
-      if (!password || typeof password !== 'string') {
-        throw new Error('Password is required for backup file import.');
-      }
-
-      setAuthState({ isLoading: true, error: null });
-
-      try {
-        // Decrypt private key from backup data
-        const Crypto = await import('expo-crypto');
-        
-        // Convert hex strings to Uint8Array
-        const saltBytes = new Uint8Array(
-          backupData.salt.match(/.{1,2}/g)?.map(byte => parseInt(byte, 16)) || []
-        );
-        const ivBytes = new Uint8Array(
-          backupData.iv.match(/.{1,2}/g)?.map(byte => parseInt(byte, 16)) || []
+        // Check for existing session for same user
+        const existingSession = allDeviceSessions.find(
+          (session) =>
+            session.userId?.toString() === fullUser.id?.toString() &&
+            session.sessionId !== sessionResponse.sessionId,
         );
 
-        // Derive key from password (same algorithm as EncryptedBackupGenerator)
-        const saltHex = Array.from(saltBytes).map(b => b.toString(16).padStart(2, '0')).join('');
-        let key = password + saltHex;
-        for (let i = 0; i < 10000; i++) {
-          key = await Crypto.digestStringAsync(
-            Crypto.CryptoDigestAlgorithm.SHA256,
-            key
-          );
-        }
-        const keyBytes = new Uint8Array(32);
-        for (let i = 0; i < 64 && i < key.length; i += 2) {
-          keyBytes[i / 2] = parseInt(key.substring(i, i + 2), 16);
-        }
-
-        // Decrypt private key (XOR decryption - same as encryption)
-        const encryptedBytes = Buffer.from(backupData.encrypted, 'base64');
-        const decryptedBytes = new Uint8Array(encryptedBytes.length);
-        for (let i = 0; i < encryptedBytes.length; i++) {
-          decryptedBytes[i] = encryptedBytes[i] ^ keyBytes[i % keyBytes.length] ^ ivBytes[i % ivBytes.length];
-        }
-        const privateKey = new TextDecoder().decode(decryptedBytes);
-
-        // Import the key pair
-        const publicKey = await KeyManager.importKeyPair(privateKey);
-
-        // Verify public key matches
-        if (publicKey !== backupData.publicKey) {
-          throw new Error('Backup file is corrupted or password is incorrect');
-        }
-
-        // Mark as not synced
-        await storage.setItem('oxy_identity_synced', 'false');
-        setIdentitySynced(false);
-
-        // Try to sync with server
-        try {
-          // Check if this identity is already registered
-          const { registered } = await oxyServices.checkPublicKeyRegistered(publicKey);
-
-          if (registered) {
-            // Identity exists, mark as synced
-            await storage.setItem('oxy_identity_synced', 'true');
-            setIdentitySynced(true);
-            return { synced: true };
-          } else {
-            // Identity is not registered - registration must be done by Accounts app with profile data
-            // importIdentity only imports already-registered identities
-            await storage.setItem('oxy_identity_synced', 'false');
-            setIdentitySynced(false);
-            return { synced: false };
+        if (existingSession) {
+          // Logout duplicate session
+          try {
+            await oxyServices.logoutSession(sessionResponse.sessionId, sessionResponse.sessionId);
+          } catch (logoutError) {
+            if (__DEV__) {
+              console.warn('Failed to logout duplicate session:', logoutError);
+            }
           }
-        } catch (syncError) {
-          // Offline - identity restored locally but not synced
-          if (__DEV__) {
-            console.log('[Auth] Identity imported locally, will sync when online:', syncError);
-          }
-          return { synced: false };
+          await switchSession(existingSession.sessionId);
+          updateSessions(
+            allDeviceSessions.filter((session) => session.sessionId !== sessionResponse.sessionId),
+            { merge: false },
+          );
+          onAuthStateChange?.(fullUser);
+          return fullUser;
         }
-      } catch (error) {
-        const message = handleAuthError(error, {
-          defaultMessage: 'Failed to import identity. Please check your password and backup file.',
-          code: REGISTER_ERROR_CODE,
-          onError,
-          setAuthError: (msg: string) => setAuthState({ error: msg }),
-          logger,
-        });
-        loginFailure(message);
-        throw error;
-      } finally {
-        setAuthState({ isLoading: false });
-      }
-    },
-    [oxyServices, storage, setAuthState, loginFailure, onError, logger, setIdentitySynced],
-  );
-
-  /**
-   * Sign in with existing identity on device
-   */
-  const signIn = useCallback(
-    async (deviceName?: string): Promise<User> => {
-      if (!storage) throw new Error('Storage not initialized');
 
-      setAuthState({ isLoading: true, error: null });
+        setActiveSessionId(sessionResponse.sessionId);
+        await saveActiveSessionId(sessionResponse.sessionId);
+        updateSessions(allDeviceSessions, { merge: true });
 
-      try {
-        // Get stored public key
-        const publicKey = await KeyManager.getPublicKey();
-        if (!publicKey) {
-          throw new Error('No identity found on this device. Please create or import an identity.');
-        }
-
-        // Ensure identity is registered before attempting sign-in
-        const { registered } = await oxyServices.checkPublicKeyRegistered(publicKey);
-        if (!registered) {
-          throw new Error('Identity is not registered. Please register your identity in the Accounts app before signing in.');
-        }
+        await applyLanguagePreference(fullUser);
+        loginSuccess();
+        onAuthStateChange?.(fullUser);
 
-        return await performSignIn(publicKey);
+        return fullUser;
       } catch (error) {
         const message = handleAuthError(error, {
           defaultMessage: 'Sign in failed',
-          code: LOGIN_ERROR_CODE,
+          code: 'COMPLETE_SIGNIN_ERROR',
           onError,
           setAuthError: (msg: string) => setAuthState({ error: msg }),
           logger,
@@ -526,9 +155,24 @@ export const useAuthOperations = ({
         setAuthState({ isLoading: false });
       }
     },
-    [storage, setAuthState, performSignIn, loginFailure, onError, logger, oxyServices],
+    [
+      storage,
+      setAuthState,
+      oxyServices,
+      logger,
+      saveActiveSessionId,
+      setActiveSessionId,
+      switchSession,
+      updateSessions,
+      applyLanguagePreference,
+      loginSuccess,
+      onAuthStateChange,
+      onError,
+      loginFailure,
+    ],
   );
 
+
   /**
    * Logout from session
    */
@@ -608,29 +252,9 @@ export const useAuthOperations = ({
     }
   }, [activeSessionId, clearSessionState, logger, onError, oxyServices, setAuthState]);
 
-  /**
-   * Check if device has an identity stored
-   */
-  const hasIdentity = useCallback(async (): Promise<boolean> => {
-    return KeyManager.hasIdentity();
-  }, []);
-
-  /**
-   * Get the public key of the stored identity
-   */
-  const getPublicKey = useCallback(async (): Promise<string | null> => {
-    return KeyManager.getPublicKey();
-  }, []);
-
   return {
-    createIdentity,
-    importIdentity,
-    signIn,
+    completeSignIn,
     logout,
     logoutAll,
-    hasIdentity,
-    getPublicKey,
-    isIdentitySynced: isIdentitySyncedFn,
-    syncIdentity,
   };
 };