@stellar/typescript-wallet-sdk 1.4.0 → 1.5.0

package/lib/index.d.ts

@@ -11,6 +11,7 @@ export { Anchor } from "./walletSdk/Anchor";
 export { Sep24 } from "./walletSdk/Anchor/Sep24";
 export { IssuedAssetId, NativeAssetId, FiatAssetId } from "./walletSdk/Asset";
 export { Sep10, WalletSigner, DefaultSigner } from "./walletSdk/Auth";
+export { AuthHeaderSigner, DefaultAuthHeaderSigner, DomainAuthHeaderSigner, } from "./walletSdk/Auth/AuthHeaderSigner";
 export { AccountKeypair, PublicKeypair, SigningKeypair, AccountService, Stellar, CommonTransactionBuilder, TransactionBuilder, SponsoringBuilder, } from "./walletSdk/Horizon";
 export { Recovery } from "./walletSdk/Recovery";
 export { Watcher } from "./walletSdk/Watcher";

package/lib/walletSdk/Anchor/index.d.ts

@@ -1,5 +1,5 @@
 import { AxiosInstance } from "axios";
-import { Config } from "walletSdk";
+import { Config } from "../";
 import { Sep10 } from "../Auth";
 import { Sep12 } from "../Customer";
 import { Sep6 } from "./Sep6";

package/lib/walletSdk/Auth/AuthHeaderSigner.d.ts

@@ -0,0 +1,61 @@
+import { AxiosInstance } from "axios";
+import { AuthHeaderClaims, AuthHeaderCreateTokenParams } from "../Types";
+export interface AuthHeaderSigner {
+    createToken({ claims, clientDomain, issuer, }: AuthHeaderCreateTokenParams): Promise<string>;
+}
+/**
+ * Signer for signing JWT for GET /Auth with a custodial private key
+ *
+ * @class
+ */
+export declare class DefaultAuthHeaderSigner implements AuthHeaderSigner {
+    expiration: number;
+    constructor(expiration?: number);
+    /**
+     * Create a signed JWT for the auth header
+     * @constructor
+     * @param {AuthHeaderCreateTokenParams} params - The create token parameters
+     * @param {AuthHeaderClaims} params.claims - the data to be signed in the JWT
+     * @param {string} [params.clientDomain] - the client domain hosting SEP-1 toml
+     * @param {AccountKeypair} [params.issuer] - the account signing the JWT
+     * @returns {Promise<string>} The signed JWT
+     */
+    createToken({ claims, clientDomain, issuer, }: AuthHeaderCreateTokenParams): Promise<string>;
+}
+/**
+ * Signer for signing JWT for GET /Auth using a remote server to sign.
+ *
+ * @class
+ */
+export declare class DomainAuthHeaderSigner implements AuthHeaderSigner {
+    signerUrl: string;
+    expiration: number;
+    httpClient: AxiosInstance;
+    constructor(signerUrl: string, expiration?: number, httpClient?: AxiosInstance);
+    /**
+     * Create a signed JWT for the auth header by using a remote server to sign the JWT
+     * @constructor
+     * @param {AuthHeaderCreateTokenParams} params - The create token parameters
+     * @param {AuthHeaderClaims} params.claims - the data to be signed in the JWT
+     * @param {string} [params.clientDomain] - the client domain hosting SEP-1 toml
+     * @param {AccountKeypair} [params.issuer] - unused, will not be used to sign
+     * @returns {Promise<string>} The signed JWT
+     */
+    createToken({ claims, clientDomain, issuer, }: AuthHeaderCreateTokenParams): Promise<string>;
+    /**
+     * Sign JWT by calling a remote server
+     * @constructor
+     * @param {SignTokenRemoteParams} params - the sign token params
+     * @param {AuthHeaderClaims} params.claims - the data to be signed in the JWT
+     * @param {string} params.clientDomain - the client domain hosting SEP-1 toml
+     * @param {number} params.expiration - when the token should expire
+     * @param {number} params.issuedAt - when the token was created
+     * @returns {Promise<string>} The signed JWT
+     */
+    signTokenRemote({ claims, clientDomain, expiration, issuedAt, }: {
+        claims: AuthHeaderClaims;
+        clientDomain: string;
+        expiration: number;
+        issuedAt: number;
+    }): Promise<string>;
+}

package/lib/walletSdk/Auth/index.d.ts

@@ -1,5 +1,5 @@
 import { AxiosInstance } from "axios";
-import { Config } from "walletSdk";
+import { Config } from "../";
 import { AuthenticateParams, AuthToken } from "../Types";
 export { WalletSigner, DefaultSigner } from "./WalletSigner";
 type Sep10Params = {
@@ -35,7 +35,7 @@ export declare class Sep10 {
      * @param {string} [params.clientDomain] - Domain hosting stellar.toml file containing `SIGNING_KEY`.
      * @returns {Promise<AuthToken>} The authentication token.
      */
-    authenticate({ accountKp, walletSigner, memoId, clientDomain, }: AuthenticateParams): Promise<AuthToken>;
+    authenticate({ accountKp, walletSigner, memoId, clientDomain, authHeaderSigner, }: AuthenticateParams): Promise<AuthToken>;
     private challenge;
     private sign;
     private getToken;

package/lib/walletSdk/Exceptions/index.d.ts

@@ -115,3 +115,9 @@ export declare class UnknownAnchorTransactionError extends Error {
 export declare class InvalidJsonError extends Error {
     constructor();
 }
+export declare class AuthHeaderSigningKeypairRequiredError extends Error {
+    constructor();
+}
+export declare class AuthHeaderClientDomainRequiredError extends Error {
+    constructor();
+}

package/lib/walletSdk/Horizon/AccountService.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="node" />
 import { Horizon } from "@stellar/stellar-sdk";
-import { Config } from "walletSdk";
+import { Config } from "../";
 import { SigningKeypair } from "./Account";
 import { HORIZON_ORDER } from "../Types";
 /**

package/lib/walletSdk/Horizon/Stellar.d.ts

@@ -1,5 +1,5 @@
 import { Horizon, Transaction, FeeBumpTransaction } from "@stellar/stellar-sdk";
-import { Config } from "walletSdk";
+import { Config } from "../";
 import { AccountService } from "./AccountService";
 import { TransactionBuilder } from "./Transaction/TransactionBuilder";
 import { TransactionParams, SubmitWithFeeIncreaseParams, FeeBumpTransactionParams } from "../Types";

package/lib/walletSdk/Horizon/Transaction/TransactionBuilder.d.ts

@@ -1,5 +1,5 @@
 import { Account as StellarAccount, Transaction, Horizon, Memo, xdr } from "@stellar/stellar-sdk";
-import { Config } from "walletSdk";
+import { Config } from "../../";
 import { AccountKeypair } from "../Account";
 import { StellarAssetId } from "../../Asset";
 import { WithdrawTransaction, PathPayParams } from "../../Types";

package/lib/walletSdk/Recovery/AccountRecover.d.ts

@@ -1,6 +1,6 @@
 import { AxiosInstance } from "axios";
 import { Transaction } from "@stellar/stellar-sdk";
-import { RecoveryServer, RecoveryServerKey, RecoveryServerMap, RecoveryServerSigningMap } from "walletSdk/Types";
+import { RecoveryServer, RecoveryServerKey, RecoveryServerMap, RecoveryServerSigningMap } from "../Types";
 import { AccountKeypair, Stellar } from "../Horizon";
 /**
  * Used for Account Recovery using Sep-30.

package/lib/walletSdk/Recovery/index.d.ts

@@ -1,7 +1,7 @@
 import { AxiosInstance } from "axios";
 import { Transaction } from "@stellar/stellar-sdk";
-import { Config } from "walletSdk";
-import { AccountSigner, AccountThreshold, CommonBuilder, RecoverableWallet, RecoverableWalletConfig, RecoveryAccountInfoMap, RecoveryAuthMap, RecoveryServerKey, RecoveryServerMap } from "walletSdk/Types";
+import { Config } from "../";
+import { AccountSigner, AccountThreshold, CommonBuilder, RecoverableWallet, RecoverableWalletConfig, RecoveryAccountInfoMap, RecoveryAuthMap, RecoveryServerKey, RecoveryServerMap } from "../Types";
 import { AccountRecover } from "./AccountRecover";
 import { Sep10 } from "../Auth";
 import { AccountKeypair, Stellar } from "../Horizon";

package/lib/walletSdk/Types/auth.d.ts

@@ -1,11 +1,13 @@
 import { Transaction } from "@stellar/stellar-sdk";
 import { WalletSigner } from "../Auth/WalletSigner";
 import { AccountKeypair, SigningKeypair } from "../Horizon/Account";
+import { AuthHeaderSigner } from "../Auth/AuthHeaderSigner";
 export type AuthenticateParams = {
     accountKp: AccountKeypair;
     walletSigner?: WalletSigner;
     memoId?: string;
     clientDomain?: string;
+    authHeaderSigner?: AuthHeaderSigner;
 };
 export declare class AuthToken {
     token: string;
@@ -22,6 +24,7 @@ export type ChallengeParams = {
     accountKp: AccountKeypair;
     memoId?: string;
     clientDomain?: string;
+    authHeaderSigner?: AuthHeaderSigner;
 };
 export type XdrEncodedTransaction = string;
 export type NetworkPassphrase = string;
@@ -56,3 +59,17 @@ export type SignChallengeTxnResponse = {
     transaction: XdrEncodedTransaction;
     networkPassphrase: NetworkPassphrase;
 };
+export type AuthHeaderClaims = {
+    account: string;
+    home_domain: string;
+    web_auth_endpoint: string;
+    memo?: string;
+    client_domain?: string;
+    exp?: number;
+    iat?: number;
+};
+export type AuthHeaderCreateTokenParams = {
+    claims: AuthHeaderClaims;
+    clientDomain?: string;
+    issuer?: AccountKeypair;
+};

package/lib/walletSdk/Types/horizon.d.ts

@@ -1,6 +1,6 @@
 import { Memo, Horizon, Transaction } from "@stellar/stellar-sdk";
 import { AccountKeypair } from "../Horizon/Account";
-import { SponsoringBuilder, TransactionBuilder } from "walletSdk/Horizon";
+import { SponsoringBuilder, TransactionBuilder } from "../Horizon";
 import { StellarAssetId } from "../Asset";
 export declare enum NETWORK_URLS {
     PUBLIC = "https://horizon.stellar.org",

package/lib/walletSdk/Types/index.d.ts

@@ -1,6 +1,6 @@
 import { RawAxiosRequestHeaders } from "axios";
 import { Networks } from "@stellar/stellar-sdk";
-import { ApplicationConfiguration, StellarConfiguration } from "walletSdk";
+import { ApplicationConfiguration, StellarConfiguration } from "../";
 import { RecoveryServerMap } from "./recovery";
 export type WalletParams = {
     stellarConfiguration: StellarConfiguration;

package/lib/walletSdk/Types/recovery.d.ts

@@ -1,6 +1,6 @@
 import { Transaction } from "@stellar/stellar-sdk";
-import { WalletSigner } from "walletSdk/Auth";
-import { AccountKeypair, PublicKeypair } from "walletSdk/Horizon";
+import { WalletSigner } from "../Auth";
+import { AccountKeypair, PublicKeypair } from "../Horizon";
 import { AuthToken } from "./auth";
 import { CommonBuilder } from "./horizon";
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stellar/typescript-wallet-sdk",
-  "version": "1.4.0",
+  "version": "1.5.0",
   "engines": {
     "node": ">=18"
   },
@@ -29,6 +29,7 @@
     "jest": "^29.4.1",
     "lint-staged": "^14.0.1",
     "npm-run-all": "^4.1.5",
+    "playwright": "^1.43.1",
     "prettier": "^2.0.5",
     "pretty-quick": "^2.0.1",
     "process": "^0.11.10",
@@ -45,11 +46,14 @@
   "dependencies": {
     "@stellar/stellar-sdk": "^11.1.0",
     "axios": "^1.4.0",
+    "base64url": "^3.0.1",
     "https-browserify": "^1.0.0",
     "jws": "^4.0.0",
     "lodash": "^4.17.21",
     "query-string": "^7.1.3",
     "stream-http": "^3.2.0",
+    "tweetnacl": "^1.0.3",
+    "tweetnacl-util": "^0.15.1",
     "url": "^0.11.0",
     "util": "^0.12.5",
     "utility-types": "^3.10.0",
@@ -58,6 +62,7 @@
   "scripts": {
     "test": "jest --watchAll",
     "test:ci": "jest --ci",
+    "test:e2e:ci": "jest --config jest.e2e.config.js --ci",
     "test:recovery:ci": "jest --config jest.integration.config.js recovery.test.ts --ci",
     "test:anchorplatform:ci": "yarn jest --config jest.integration.config.js anchorplatform.test.ts --ci",
     "build:web": "webpack --config webpack.config.js",

package/src/index.ts

@@ -17,6 +17,11 @@ export { Anchor } from "./walletSdk/Anchor";
 export { Sep24 } from "./walletSdk/Anchor/Sep24";
 export { IssuedAssetId, NativeAssetId, FiatAssetId } from "./walletSdk/Asset";
 export { Sep10, WalletSigner, DefaultSigner } from "./walletSdk/Auth";
+export {
+  AuthHeaderSigner,
+  DefaultAuthHeaderSigner,
+  DomainAuthHeaderSigner,
+} from "./walletSdk/Auth/AuthHeaderSigner";
 export {
   AccountKeypair,
   PublicKeypair,

package/src/walletSdk/Anchor/index.ts

@@ -1,7 +1,7 @@
 import { AxiosInstance } from "axios";
 import { StellarToml } from "@stellar/stellar-sdk";
 
-import { Config } from "walletSdk";
+import { Config } from "../";
 import { Sep10 } from "../Auth";
 import { Sep12 } from "../Customer";
 import {

package/src/walletSdk/Auth/AuthHeaderSigner.ts

@@ -0,0 +1,162 @@
+import { AxiosInstance } from "axios";
+import { StrKey } from "@stellar/stellar-sdk";
+import nacl from "tweetnacl";
+import naclUtil from "tweetnacl-util";
+import base64url from "base64url";
+
+import { SigningKeypair } from "../Horizon/Account";
+import { DefaultClient } from "../";
+import { AuthHeaderClaims, AuthHeaderCreateTokenParams } from "../Types";
+import {
+  AuthHeaderSigningKeypairRequiredError,
+  AuthHeaderClientDomainRequiredError,
+} from "../Exceptions";
+
+export interface AuthHeaderSigner {
+  createToken({
+    claims,
+    clientDomain,
+    issuer,
+  }: AuthHeaderCreateTokenParams): Promise<string>;
+}
+
+/**
+ * Signer for signing JWT for GET /Auth with a custodial private key
+ *
+ * @class
+ */
+export class DefaultAuthHeaderSigner implements AuthHeaderSigner {
+  expiration: number;
+
+  constructor(expiration: number = 900) {
+    this.expiration = expiration;
+  }
+
+  /**
+   * Create a signed JWT for the auth header
+   * @constructor
+   * @param {AuthHeaderCreateTokenParams} params - The create token parameters
+   * @param {AuthHeaderClaims} params.claims - the data to be signed in the JWT
+   * @param {string} [params.clientDomain] - the client domain hosting SEP-1 toml
+   * @param {AccountKeypair} [params.issuer] - the account signing the JWT
+   * @returns {Promise<string>} The signed JWT
+   */
+  // eslint-disable-next-line @typescript-eslint/require-await
+  async createToken({
+    claims,
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    clientDomain,
+    issuer,
+  }: AuthHeaderCreateTokenParams): Promise<string> {
+    if (!(issuer instanceof SigningKeypair)) {
+      throw new AuthHeaderSigningKeypairRequiredError();
+    }
+
+    const issuedAt = claims.iat || Math.floor(Date.now() / 1000);
+    const timeExp =
+      claims.exp || Math.floor(Date.now() / 1000) + this.expiration;
+
+    // turn stellar kp into nacl kp for creating JWT
+    const rawSeed = StrKey.decodeEd25519SecretSeed(issuer.secretKey);
+    const naclKP = nacl.sign.keyPair.fromSeed(rawSeed);
+
+    // encode JWT message
+    const header = { alg: "EdDSA" };
+    const encodedHeader = base64url(JSON.stringify(header));
+    const encodedPayload = base64url(
+      JSON.stringify({ ...claims, exp: timeExp, iat: issuedAt }),
+    );
+
+    // sign JWT and create signature
+    const signature = nacl.sign.detached(
+      naclUtil.decodeUTF8(`${encodedHeader}.${encodedPayload}`),
+      naclKP.secretKey,
+    );
+    const encodedSignature = base64url(Buffer.from(signature));
+
+    const jwt = `${encodedHeader}.${encodedPayload}.${encodedSignature}`;
+    return jwt;
+  }
+}
+
+/**
+ * Signer for signing JWT for GET /Auth using a remote server to sign.
+ *
+ * @class
+ */
+export class DomainAuthHeaderSigner implements AuthHeaderSigner {
+  signerUrl: string;
+  expiration: number;
+  httpClient: AxiosInstance;
+
+  constructor(
+    signerUrl: string,
+    expiration: number = 900,
+    httpClient?: AxiosInstance,
+  ) {
+    this.signerUrl = signerUrl;
+    this.expiration = expiration;
+    this.httpClient = httpClient || DefaultClient;
+  }
+
+  /**
+   * Create a signed JWT for the auth header by using a remote server to sign the JWT
+   * @constructor
+   * @param {AuthHeaderCreateTokenParams} params - The create token parameters
+   * @param {AuthHeaderClaims} params.claims - the data to be signed in the JWT
+   * @param {string} [params.clientDomain] - the client domain hosting SEP-1 toml
+   * @param {AccountKeypair} [params.issuer] - unused, will not be used to sign
+   * @returns {Promise<string>} The signed JWT
+   */
+  async createToken({
+    claims,
+    clientDomain,
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    issuer,
+  }: AuthHeaderCreateTokenParams): Promise<string> {
+    if (!clientDomain) {
+      throw new AuthHeaderClientDomainRequiredError();
+    }
+
+    const issuedAt = Math.floor(Date.now() / 1000);
+    const expiration = Math.floor(Date.now() / 1000) + this.expiration;
+
+    return await this.signTokenRemote({
+      claims,
+      clientDomain,
+      expiration,
+      issuedAt,
+    });
+  }
+
+  /**
+   * Sign JWT by calling a remote server
+   * @constructor
+   * @param {SignTokenRemoteParams} params - the sign token params
+   * @param {AuthHeaderClaims} params.claims - the data to be signed in the JWT
+   * @param {string} params.clientDomain - the client domain hosting SEP-1 toml
+   * @param {number} params.expiration - when the token should expire
+   * @param {number} params.issuedAt - when the token was created
+   * @returns {Promise<string>} The signed JWT
+   */
+  async signTokenRemote({
+    claims,
+    clientDomain,
+    expiration,
+    issuedAt,
+  }: {
+    claims: AuthHeaderClaims;
+    clientDomain: string;
+    expiration: number;
+    issuedAt: number;
+  }): Promise<string> {
+    const resp = await this.httpClient.post(this.signerUrl, {
+      clientDomain,
+      expiration,
+      issuedAt,
+      ...claims,
+    });
+
+    return resp.data.token;
+  }
+}

package/src/walletSdk/Auth/index.ts

@@ -2,7 +2,7 @@ import { AxiosInstance } from "axios";
 import { TransactionBuilder, Transaction } from "@stellar/stellar-sdk";
 import { decode } from "jws";
 
-import { Config } from "walletSdk";
+import { Config } from "../";
 import {
   InvalidMemoError,
   ClientDomainWithMemoError,
@@ -17,7 +17,10 @@ import {
   ChallengeParams,
   ChallengeResponse,
   SignParams,
+  AuthHeaderClaims,
 } from "../Types";
+import { AccountKeypair } from "../Horizon/Account";
+import { AuthHeaderSigner } from "./AuthHeaderSigner";
 
 export { WalletSigner, DefaultSigner } from "./WalletSigner";
 
@@ -71,11 +74,13 @@ export class Sep10 {
     walletSigner,
     memoId,
     clientDomain,
+    authHeaderSigner,
   }: AuthenticateParams): Promise<AuthToken> {
     const challengeResponse = await this.challenge({
       accountKp,
       memoId,
       clientDomain: clientDomain || this.cfg.app.defaultClientDomain,
+      authHeaderSigner,
     });
     const signedTransaction = await this.sign({
       accountKp,
@@ -90,6 +95,7 @@ export class Sep10 {
     accountKp,
     memoId,
     clientDomain,
+    authHeaderSigner,
   }: ChallengeParams): Promise<ChallengeResponse> {
     if (memoId && parseInt(memoId) < 0) {
       throw new InvalidMemoError();
@@ -104,8 +110,29 @@ export class Sep10 {
     }${clientDomain ? `&client_domain=${clientDomain}` : ""}${
       this.homeDomain ? `&home_domain=${this.homeDomain}` : ""
     }`;
+
+    const claims = {
+      account: accountKp.publicKey,
+      home_domain: this.homeDomain,
+      memo: memoId,
+      client_domain: clientDomain,
+      web_auth_endpoint: this.webAuthEndpoint,
+    };
+
+    const token = await createAuthSignToken(
+      accountKp,
+      claims,
+      clientDomain,
+      authHeaderSigner,
+    );
+
+    let headers = {};
+    if (token) {
+      headers = { Authorization: `Bearer ${token}` };
+    }
+
     try {
-      const resp = await this.httpClient.get(url);
+      const resp = await this.httpClient.get(url, { headers });
       const challengeResponse: ChallengeResponse = resp.data;
       return challengeResponse;
     } catch (e) {
@@ -165,3 +192,22 @@ const validateToken = (token: string) => {
     throw new ExpiredTokenError(parsedToken.expiresAt);
   }
 };
+
+const createAuthSignToken = async (
+  account: AccountKeypair,
+  claims: AuthHeaderClaims,
+  clientDomain?: string,
+  authHeaderSigner?: AuthHeaderSigner,
+) => {
+  if (!authHeaderSigner) {
+    return null;
+  }
+
+  const issuer = clientDomain ? null : account;
+
+  return authHeaderSigner.createToken({
+    claims,
+    clientDomain,
+    issuer,
+  });
+};

package/src/walletSdk/Exceptions/index.ts

@@ -305,3 +305,22 @@ export class InvalidJsonError extends Error {
     Object.setPrototypeOf(this, InvalidJsonError.prototype);
   }
 }
+
+export class AuthHeaderSigningKeypairRequiredError extends Error {
+  constructor() {
+    super("Must be SigningKeypair to sign auth header");
+    Object.setPrototypeOf(
+      this,
+      AuthHeaderSigningKeypairRequiredError.prototype,
+    );
+  }
+}
+
+export class AuthHeaderClientDomainRequiredError extends Error {
+  constructor() {
+    super(
+      "This class should only be used for remote signing. For local signing use DefaultAuthHeaderSigner.",
+    );
+    Object.setPrototypeOf(this, AuthHeaderClientDomainRequiredError.prototype);
+  }
+}

package/src/walletSdk/Horizon/AccountService.ts

@@ -1,6 +1,6 @@
 import { Keypair, Networks, Horizon } from "@stellar/stellar-sdk";
 
-import { Config } from "walletSdk";
+import { Config } from "../";
 import { SigningKeypair } from "./Account";
 import {
   HORIZON_LIMIT_DEFAULT,

package/src/walletSdk/Horizon/Stellar.ts

@@ -7,7 +7,7 @@ import {
 } from "@stellar/stellar-sdk";
 import axios from "axios";
 
-import { Config } from "walletSdk";
+import { Config } from "../";
 import { AccountService } from "./AccountService";
 import { TransactionBuilder } from "./Transaction/TransactionBuilder";
 import {

package/src/walletSdk/Horizon/Transaction/TransactionBuilder.ts

@@ -8,7 +8,7 @@ import {
   xdr,
 } from "@stellar/stellar-sdk";
 
-import { Config } from "walletSdk";
+import { Config } from "../../";
 import { AccountKeypair } from "../Account";
 import {
   InsufficientStartingBalanceError,

package/src/walletSdk/Recovery/AccountRecover.ts

@@ -7,7 +7,7 @@ import {
   RecoveryServerMap,
   RecoveryServerSigning,
   RecoveryServerSigningMap,
-} from "walletSdk/Types";
+} from "../Types";
 import {
   LostSignerKeyNotFound,
   NoDeviceKeyForAccountError,

package/src/walletSdk/Recovery/index.ts

@@ -1,7 +1,7 @@
 import { AxiosInstance } from "axios";
 import { Transaction } from "@stellar/stellar-sdk";
 
-import { Config } from "walletSdk";
+import { Config } from "../";
 import {
   AccountSigner,
   AccountThreshold,
@@ -16,7 +16,7 @@ import {
   RecoveryIdentityMap,
   RecoveryServerKey,
   RecoveryServerMap,
-} from "walletSdk/Types";
+} from "../Types";
 import { AccountRecover } from "./AccountRecover";
 import { Sep10 } from "../Auth";
 import {

package/src/walletSdk/Types/auth.ts

@@ -3,12 +3,14 @@ import { decode } from "jws";
 
 import { WalletSigner } from "../Auth/WalletSigner";
 import { AccountKeypair, SigningKeypair } from "../Horizon/Account";
+import { AuthHeaderSigner } from "../Auth/AuthHeaderSigner";
 
 export type AuthenticateParams = {
   accountKp: AccountKeypair;
   walletSigner?: WalletSigner;
   memoId?: string;
   clientDomain?: string;
+  authHeaderSigner?: AuthHeaderSigner;
 };
 
 export class AuthToken {
@@ -49,6 +51,7 @@ export type ChallengeParams = {
   accountKp: AccountKeypair;
   memoId?: string;
   clientDomain?: string;
+  authHeaderSigner?: AuthHeaderSigner;
 };
 
 export type XdrEncodedTransaction = string;
@@ -91,3 +94,19 @@ export type SignChallengeTxnResponse = {
   transaction: XdrEncodedTransaction;
   networkPassphrase: NetworkPassphrase;
 };
+
+export type AuthHeaderClaims = {
+  account: string;
+  home_domain: string;
+  web_auth_endpoint: string;
+  memo?: string;
+  client_domain?: string;
+  exp?: number;
+  iat?: number;
+};
+
+export type AuthHeaderCreateTokenParams = {
+  claims: AuthHeaderClaims;
+  clientDomain?: string;
+  issuer?: AccountKeypair;
+};

package/src/walletSdk/Types/horizon.ts

@@ -1,6 +1,6 @@
 import { Memo, Horizon, Transaction } from "@stellar/stellar-sdk";
 import { AccountKeypair } from "../Horizon/Account";
-import { SponsoringBuilder, TransactionBuilder } from "walletSdk/Horizon";
+import { SponsoringBuilder, TransactionBuilder } from "../Horizon";
 import { StellarAssetId } from "../Asset";
 
 export enum NETWORK_URLS {