@supabase/auth-js 2.58.1-canary.0

package/src/lib/version.ts

@@ -0,0 +1,7 @@
+// Generated automatically during releases by scripts/update-version-files.ts
+// This file provides runtime access to the package version for:
+// - HTTP request headers (e.g., X-Client-Info header for API requests)
+// - Debugging and support (identifying which version is running)
+// - Telemetry and logging (version reporting in errors/analytics)
+// - Ensuring build artifacts match the published package version
+export const version = '2.58.1-canary.0'

package/src/lib/web3/ethereum.ts

@@ -0,0 +1,184 @@
+// types and functions copied over from viem so this library doesn't depend on it
+
+export type Hex = `0x${string}`
+
+export type Address = Hex
+
+export type EIP1193EventMap = {
+  accountsChanged(accounts: Address[]): void
+  chainChanged(chainId: string): void
+  connect(connectInfo: { chainId: string }): void
+  disconnect(error: { code: number; message: string }): void
+  message(message: { type: string; data: unknown }): void
+}
+
+export type EIP1193Events = {
+  on<event extends keyof EIP1193EventMap>(event: event, listener: EIP1193EventMap[event]): void
+  removeListener<event extends keyof EIP1193EventMap>(
+    event: event,
+    listener: EIP1193EventMap[event]
+  ): void
+}
+
+export type EIP1193RequestFn = (args: { method: string; params?: unknown }) => Promise<unknown>
+
+export type EIP1193Provider = EIP1193Events & {
+  address: string
+  request: EIP1193RequestFn
+}
+
+export type EthereumWallet = EIP1193Provider
+
+/**
+ * EIP-4361 message fields
+ */
+export type SiweMessage = {
+  /**
+   * The Ethereum address performing the signing.
+   */
+  address: Address
+  /**
+   * The [EIP-155](https://eips.ethereum.org/EIPS/eip-155) Chain ID to which the session is bound,
+   */
+  chainId: number
+  /**
+   * [RFC 3986](https://www.rfc-editor.org/rfc/rfc3986) authority that is requesting the signing.
+   */
+  domain: string
+  /**
+   * Time when the signed authentication message is no longer valid.
+   */
+  expirationTime?: Date | undefined
+  /**
+   * Time when the message was generated, typically the current time.
+   */
+  issuedAt?: Date | undefined
+  /**
+   * A random string typically chosen by the relying party and used to prevent replay attacks.
+   */
+  nonce?: string
+  /**
+   * Time when the signed authentication message will become valid.
+   */
+  notBefore?: Date | undefined
+  /**
+   * A system-specific identifier that may be used to uniquely refer to the sign-in request.
+   */
+  requestId?: string | undefined
+  /**
+   * A list of information or references to information the user wishes to have resolved as part of authentication by the relying party.
+   */
+  resources?: string[] | undefined
+  /**
+   * [RFC 3986](https://www.rfc-editor.org/rfc/rfc3986#section-3.1) URI scheme of the origin of the request.
+   */
+  scheme?: string | undefined
+  /**
+   * A human-readable ASCII assertion that the user will sign.
+   */
+  statement?: string | undefined
+  /**
+   * [RFC 3986](https://www.rfc-editor.org/rfc/rfc3986) URI referring to the resource that is the subject of the signing (as in the subject of a claim).
+   */
+  uri: string
+  /**
+   * The current version of the SIWE Message.
+   */
+  version: '1'
+}
+
+export type EthereumSignInInput = SiweMessage
+
+export function getAddress(address: string): Address {
+  if (!/^0x[a-fA-F0-9]{40}$/.test(address)) {
+    throw new Error(`@supabase/auth-js: Address "${address}" is invalid.`)
+  }
+  return address.toLowerCase() as Address
+}
+
+export function fromHex(hex: Hex): number {
+  return parseInt(hex, 16)
+}
+
+export function toHex(value: string): Hex {
+  const bytes = new TextEncoder().encode(value)
+  const hex = Array.from(bytes, (byte) => byte.toString(16).padStart(2, '0')).join('')
+  return ('0x' + hex) as Hex
+}
+
+/**
+ * Creates EIP-4361 formatted message.
+ */
+export function createSiweMessage(parameters: SiweMessage): string {
+  const {
+    chainId,
+    domain,
+    expirationTime,
+    issuedAt = new Date(),
+    nonce,
+    notBefore,
+    requestId,
+    resources,
+    scheme,
+    uri,
+    version,
+  } = parameters
+
+  // Validate fields
+  {
+    if (!Number.isInteger(chainId))
+      throw new Error(
+        `@supabase/auth-js: Invalid SIWE message field "chainId". Chain ID must be a EIP-155 chain ID. Provided value: ${chainId}`
+      )
+
+    if (!domain)
+      throw new Error(
+        `@supabase/auth-js: Invalid SIWE message field "domain". Domain must be provided.`
+      )
+
+    if (nonce && nonce.length < 8)
+      throw new Error(
+        `@supabase/auth-js: Invalid SIWE message field "nonce". Nonce must be at least 8 characters. Provided value: ${nonce}`
+      )
+
+    if (!uri)
+      throw new Error(`@supabase/auth-js: Invalid SIWE message field "uri". URI must be provided.`)
+
+    if (version !== '1')
+      throw new Error(
+        `@supabase/auth-js: Invalid SIWE message field "version". Version must be '1'. Provided value: ${version}`
+      )
+
+    if (parameters.statement?.includes('\n'))
+      throw new Error(
+        `@supabase/auth-js: Invalid SIWE message field "statement". Statement must not include '\\n'. Provided value: ${parameters.statement}`
+      )
+  }
+
+  // Construct message
+  const address = getAddress(parameters.address)
+  const origin = scheme ? `${scheme}://${domain}` : domain
+  const statement = parameters.statement ? `${parameters.statement}\n` : ''
+  const prefix = `${origin} wants you to sign in with your Ethereum account:\n${address}\n\n${statement}`
+
+  let suffix = `URI: ${uri}\nVersion: ${version}\nChain ID: ${chainId}${
+    nonce ? `\nNonce: ${nonce}` : ''
+  }\nIssued At: ${issuedAt.toISOString()}`
+
+  if (expirationTime) suffix += `\nExpiration Time: ${expirationTime.toISOString()}`
+  if (notBefore) suffix += `\nNot Before: ${notBefore.toISOString()}`
+  if (requestId) suffix += `\nRequest ID: ${requestId}`
+  if (resources) {
+    let content = '\nResources:'
+    for (const resource of resources) {
+      if (!resource || typeof resource !== 'string')
+        throw new Error(
+          `@supabase/auth-js: Invalid SIWE message field "resources". Every resource must be a valid string. Provided value: ${resource}`
+        )
+      content += `\n- ${resource}`
+    }
+    suffix += content
+  }
+
+  return `${prefix}\n${suffix}`
+}

package/src/lib/web3/solana.ts

@@ -0,0 +1,186 @@
+// types copied over from @solana/wallet-standard-features and @wallet-standard/base so this library doesn't depend on them
+
+/**
+ * A namespaced identifier in the format `${namespace}:${reference}`.
+ *
+ * Used by {@link IdentifierArray} and {@link IdentifierRecord}.
+ *
+ * @group Identifier
+ */
+export type IdentifierString = `${string}:${string}`
+
+/**
+ * A read-only array of namespaced identifiers in the format `${namespace}:${reference}`.
+ *
+ * Used by {@link Wallet.chains | Wallet::chains}, {@link WalletAccount.chains | WalletAccount::chains}, and
+ * {@link WalletAccount.features | WalletAccount::features}.
+ *
+ * @group Identifier
+ */
+export type IdentifierArray = readonly IdentifierString[]
+
+/**
+ * Version of the Wallet Standard implemented by a {@link Wallet}.
+ *
+ * Used by {@link Wallet.version | Wallet::version}.
+ *
+ * Note that this is _NOT_ a version of the Wallet, but a version of the Wallet Standard itself that the Wallet
+ * supports.
+ *
+ * This may be used by the app to determine compatibility and feature detect.
+ *
+ * @group Wallet
+ */
+export type WalletVersion = '1.0.0'
+
+/**
+ * A data URI containing a base64-encoded SVG, WebP, PNG, or GIF image.
+ *
+ * Used by {@link Wallet.icon | Wallet::icon} and {@link WalletAccount.icon | WalletAccount::icon}.
+ *
+ * @group Wallet
+ */
+export type WalletIcon = `data:image/${'svg+xml' | 'webp' | 'png' | 'gif'};base64,${string}`
+
+/**
+ * Interface of a **WalletAccount**, also referred to as an **Account**.
+ *
+ * An account is a _read-only data object_ that is provided from the Wallet to the app, authorizing the app to use it.
+ *
+ * The app can use an account to display and query information from a chain.
+ *
+ * The app can also act using an account by passing it to {@link Wallet.features | features} of the Wallet.
+ *
+ * Wallets may use or extend {@link "@wallet-standard/wallet".ReadonlyWalletAccount} which implements this interface.
+ *
+ * @group Wallet
+ */
+export interface WalletAccount {
+  /** Address of the account, corresponding with a public key. */
+  readonly address: string
+
+  /** Public key of the account, corresponding with a secret key to use. */
+  readonly publicKey: Uint8Array
+
+  /**
+   * Chains supported by the account.
+   *
+   * This must be a subset of the {@link Wallet.chains | chains} of the Wallet.
+   */
+  readonly chains: IdentifierArray
+
+  /**
+   * Feature names supported by the account.
+   *
+   * This must be a subset of the names of {@link Wallet.features | features} of the Wallet.
+   */
+  readonly features: IdentifierArray
+
+  /** Optional user-friendly descriptive label or name for the account. This may be displayed by the app. */
+  readonly label?: string
+
+  /** Optional user-friendly icon for the account. This may be displayed by the app. */
+  readonly icon?: WalletIcon
+}
+
+/** Input for signing in. */
+export interface SolanaSignInInput {
+  /**
+   * Optional EIP-4361 Domain.
+   * If not provided, the wallet must determine the Domain to include in the message.
+   */
+  readonly domain?: string
+
+  /**
+   * Optional EIP-4361 Address.
+   * If not provided, the wallet must determine the Address to include in the message.
+   */
+  readonly address?: string
+
+  /**
+   * Optional EIP-4361 Statement.
+   * If not provided, the wallet must not include Statement in the message.
+   */
+  readonly statement?: string
+
+  /**
+   * Optional EIP-4361 URI.
+   * If not provided, the wallet must not include URI in the message.
+   */
+  readonly uri?: string
+
+  /**
+   * Optional EIP-4361 Version.
+   * If not provided, the wallet must not include Version in the message.
+   */
+  readonly version?: string
+
+  /**
+   * Optional EIP-4361 Chain ID.
+   * If not provided, the wallet must not include Chain ID in the message.
+   */
+  readonly chainId?: string
+
+  /**
+   * Optional EIP-4361 Nonce.
+   * If not provided, the wallet must not include Nonce in the message.
+   */
+  readonly nonce?: string
+
+  /**
+   * Optional EIP-4361 Issued At.
+   * If not provided, the wallet must not include Issued At in the message.
+   */
+  readonly issuedAt?: string
+
+  /**
+   * Optional EIP-4361 Expiration Time.
+   * If not provided, the wallet must not include Expiration Time in the message.
+   */
+  readonly expirationTime?: string
+
+  /**
+   * Optional EIP-4361 Not Before.
+   * If not provided, the wallet must not include Not Before in the message.
+   */
+  readonly notBefore?: string
+
+  /**
+   * Optional EIP-4361 Request ID.
+   * If not provided, the wallet must not include Request ID in the message.
+   */
+  readonly requestId?: string
+
+  /**
+   * Optional EIP-4361 Resources.
+   * If not provided, the wallet must not include Resources in the message.
+   */
+  readonly resources?: readonly string[]
+}
+
+/** Output of signing in. */
+export interface SolanaSignInOutput {
+  /**
+   * Account that was signed in.
+   * The address of the account may be different from the provided input Address.
+   */
+  readonly account: WalletAccount
+
+  /**
+   * Message bytes that were signed.
+   * The wallet may prefix or otherwise modify the message before signing it.
+   */
+  readonly signedMessage: Uint8Array
+
+  /**
+   * Message signature produced.
+   * If the signature type is provided, the signature must be Ed25519.
+   */
+  readonly signature: Uint8Array
+
+  /**
+   * Optional type of the message signature produced.
+   * If not provided, the signature must be Ed25519.
+   */
+  readonly signatureType?: 'ed25519'
+}