@phantom/embedded-provider-core 1.0.6 → 2.0.0-beta.0

package/README.md

@@ -61,8 +61,9 @@ const config: EmbeddedProviderConfig = {
   embeddedWalletType: "user-wallet", // or 'app-wallet'
   addressTypes: ["solana", "ethereum"],
   authOptions: {
-    authUrl: "https://auth.phantom.app",
+    authUrl: "https://connect.phantom.app/login/start",
     redirectUrl: "https://your-app.com/callback",
+    authApiBaseUrl: "https://auth.phantom.app",
   },
 };
 
@@ -275,7 +276,8 @@ interface EmbeddedProviderConfig {
   // Optional
   authOptions?: {
     authUrl?: string; // Custom auth URL
-    redirectUrl?: string; // OAuth redirect URL
+    redirectUrl: string?; // OAuth redirect URL
+    authUrl?: string; // Custom OAuth URL
   };
 }
 ```

package/dist/index.d.mts

@@ -1,8 +1,8 @@
-import { AddressType, SpendingLimitError } from '@phantom/client';
+import { AddressType, PresignTransactionContext, SpendingLimitError } from '@phantom/client';
 import { NetworkId, ClientSideSdkHeaders } from '@phantom/constants';
 import { ParsedSignatureResult, ParsedTransactionResult } from '@phantom/parsers';
 import { Algorithm, StamperWithKeyManagement, Transaction, VersionedTransaction } from '@phantom/sdk-types';
-import { ISolanaChain, IEthereumChain, EthTransactionRequest } from '@phantom/chain-interfaces';
+import { ISolanaChain, IEthereumChain, SignAndSendTransactionOptions, EthTransactionRequest } from '@phantom/chain-interfaces';
 import { Logger } from '@phantom/utils';
 export { Logger as DebugLogger } from '@phantom/utils';
 
@@ -34,6 +34,7 @@ interface SignTransactionParams {
 interface SignAndSendTransactionParams {
     transaction: any;
     networkId: NetworkId;
+    presignTransaction?: (transaction: string, context: PresignTransactionContext) => Promise<string>;
 }
 interface SignedTransaction extends ParsedTransactionResult {
 }
@@ -46,13 +47,9 @@ interface EmbeddedProviderConfig {
     apiBaseUrl: string;
     appId: string;
     authOptions: {
-        authUrl?: string;
-        redirectUrl?: string;
-    };
-    /** When also provided, the Auth2 PKCE flow is used instead of the legacy Phantom Connect flow. */
-    unstable__auth2Options?: {
+        authUrl: string;
+        redirectUrl: string;
         authApiBaseUrl: string;
-        clientId: string;
     };
     embeddedWalletType: "app-wallet" | "user-wallet" | (string & Record<never, never>);
     addressTypes: AddressType[];
@@ -224,7 +221,8 @@ declare class EmbeddedProvider {
     disconnect(shouldClearPreviousSession?: boolean): Promise<void>;
     /**
      * Handles errors from signing operations.
-     * Disconnects the user if the server returns a 401/403 (revoked or expired authenticator).
+     * Disconnects the user if the server returns a 401/403 (revoked or expired authenticator)
+     * or if the Auth2 token (a2t) has expired.
      */
     private handleSigningError;
     signMessage(params: SignMessageParams): Promise<ParsedSignatureResult>;
@@ -263,7 +261,7 @@ declare class EmbeddedSolanaChain implements ISolanaChain {
         publicKey: string;
     }>;
     signTransaction(transaction: Transaction | VersionedTransaction): Promise<Transaction | VersionedTransaction>;
-    signAndSendTransaction(transaction: Transaction | VersionedTransaction): Promise<{
+    signAndSendTransaction(transaction: Transaction | VersionedTransaction, options?: SignAndSendTransactionOptions): Promise<{
         signature: string;
     }>;
     signAllTransactions(transactions: (Transaction | VersionedTransaction)[]): Promise<(Transaction | VersionedTransaction)[]>;

package/dist/index.d.ts

@@ -1,8 +1,8 @@
-import { AddressType, SpendingLimitError } from '@phantom/client';
+import { AddressType, PresignTransactionContext, SpendingLimitError } from '@phantom/client';
 import { NetworkId, ClientSideSdkHeaders } from '@phantom/constants';
 import { ParsedSignatureResult, ParsedTransactionResult } from '@phantom/parsers';
 import { Algorithm, StamperWithKeyManagement, Transaction, VersionedTransaction } from '@phantom/sdk-types';
-import { ISolanaChain, IEthereumChain, EthTransactionRequest } from '@phantom/chain-interfaces';
+import { ISolanaChain, IEthereumChain, SignAndSendTransactionOptions, EthTransactionRequest } from '@phantom/chain-interfaces';
 import { Logger } from '@phantom/utils';
 export { Logger as DebugLogger } from '@phantom/utils';
 
@@ -34,6 +34,7 @@ interface SignTransactionParams {
 interface SignAndSendTransactionParams {
     transaction: any;
     networkId: NetworkId;
+    presignTransaction?: (transaction: string, context: PresignTransactionContext) => Promise<string>;
 }
 interface SignedTransaction extends ParsedTransactionResult {
 }
@@ -46,13 +47,9 @@ interface EmbeddedProviderConfig {
     apiBaseUrl: string;
     appId: string;
     authOptions: {
-        authUrl?: string;
-        redirectUrl?: string;
-    };
-    /** When also provided, the Auth2 PKCE flow is used instead of the legacy Phantom Connect flow. */
-    unstable__auth2Options?: {
+        authUrl: string;
+        redirectUrl: string;
         authApiBaseUrl: string;
-        clientId: string;
     };
     embeddedWalletType: "app-wallet" | "user-wallet" | (string & Record<never, never>);
     addressTypes: AddressType[];
@@ -224,7 +221,8 @@ declare class EmbeddedProvider {
     disconnect(shouldClearPreviousSession?: boolean): Promise<void>;
     /**
      * Handles errors from signing operations.
-     * Disconnects the user if the server returns a 401/403 (revoked or expired authenticator).
+     * Disconnects the user if the server returns a 401/403 (revoked or expired authenticator)
+     * or if the Auth2 token (a2t) has expired.
      */
     private handleSigningError;
     signMessage(params: SignMessageParams): Promise<ParsedSignatureResult>;
@@ -263,7 +261,7 @@ declare class EmbeddedSolanaChain implements ISolanaChain {
         publicKey: string;
     }>;
     signTransaction(transaction: Transaction | VersionedTransaction): Promise<Transaction | VersionedTransaction>;
-    signAndSendTransaction(transaction: Transaction | VersionedTransaction): Promise<{
+    signAndSendTransaction(transaction: Transaction | VersionedTransaction, options?: SignAndSendTransactionOptions): Promise<{
         signature: string;
     }>;
     signAllTransactions(transactions: (Transaction | VersionedTransaction)[]): Promise<(Transaction | VersionedTransaction)[]>;

package/dist/index.js

@@ -105,11 +105,12 @@ var EmbeddedSolanaChain = class {
     }
     return signedTransaction;
   }
-  async signAndSendTransaction(transaction) {
+  async signAndSendTransaction(transaction, options) {
     this.ensureConnected();
     const result = await this.provider.signAndSendTransaction({
       transaction,
-      networkId: this.currentNetworkId
+      networkId: this.currentNetworkId,
+      presignTransaction: options?.presignTransaction
     });
     if (!result.hash) {
       throw new Error("Transaction not submitted");
@@ -410,6 +411,7 @@ function generateSessionId() {
 }
 
 // src/embedded-provider.ts
+var import_auth2 = require("@phantom/auth2");
 var noopLogger = {
   info: () => {
   },
@@ -893,7 +895,8 @@ var EmbeddedProvider = class {
   }
   /**
    * Handles errors from signing operations.
-   * Disconnects the user if the server returns a 401/403 (revoked or expired authenticator).
+   * Disconnects the user if the server returns a 401/403 (revoked or expired authenticator)
+   * or if the Auth2 token (a2t) has expired.
    */
   async handleSigningError(error) {
     if ((0, import_client.isAuthenticationError)(error)) {
@@ -901,6 +904,11 @@ var EmbeddedProvider = class {
       await this.disconnect(false);
       throw new Error("Authenticator revoked");
     }
+    if (error instanceof Error && error.name === import_auth2.Auth2TokenExpiredError.name) {
+      this.logger.warn("EMBEDDED_PROVIDER", "Auth2 token expired, disconnecting", { error });
+      await this.disconnect(false);
+      throw error;
+    }
     if (error instanceof import_client.SpendingLimitError) {
       this.emit("spending_limit_reached", { error });
     }
@@ -1053,7 +1061,8 @@ var EmbeddedProvider = class {
       transaction: transactionPayload,
       networkId: params.networkId,
       derivationIndex,
-      account
+      account,
+      presignTransaction: params.presignTransaction
     }).catch((error) => this.handleSigningError(error));
     this.logger.info("EMBEDDED_PROVIDER", "Transaction signed and sent successfully", {
       walletId: this.walletId,
@@ -1348,15 +1357,18 @@ var EmbeddedProvider = class {
     if (!this.stamper.getKeyInfo()) {
       await this.stamper.init();
     }
+    const authHeaderStamper = this.stamper;
     this.client = new import_client.PhantomClient(
       {
         apiBaseUrl: this.config.apiBaseUrl,
         organizationId: session.organizationId,
         headers: {
-          ...this.platform.analyticsHeaders || {},
-          ...session.authUserId ? { "x-auth-user-id": session.authUserId } : {},
-          ...session.bearerToken ? { Authorization: session.bearerToken } : {}
-        }
+          ...this.platform.analyticsHeaders || {}
+        },
+        getHeaders: () => ({
+          authorization: authHeaderStamper.bearerToken ?? session.bearerToken,
+          "x-auth-user-id": authHeaderStamper.auth2Token?.sub ?? session.authUserId
+        })
       },
       this.stamper
     );