@turnkey/core 1.2.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/dist/__clients__/core.d.ts +57 -2
  2. package/dist/__clients__/core.d.ts.map +1 -1
  3. package/dist/__clients__/core.js +210 -123
  4. package/dist/__clients__/core.js.map +1 -1
  5. package/dist/__clients__/core.mjs +212 -125
  6. package/dist/__clients__/core.mjs.map +1 -1
  7. package/dist/__generated__/sdk-client-base.d.ts +2 -2
  8. package/dist/__generated__/sdk-client-base.d.ts.map +1 -1
  9. package/dist/__generated__/sdk-client-base.js +23 -3
  10. package/dist/__generated__/sdk-client-base.js.map +1 -1
  11. package/dist/__generated__/sdk-client-base.mjs +23 -3
  12. package/dist/__generated__/sdk-client-base.mjs.map +1 -1
  13. package/dist/__generated__/version.d.ts +1 -1
  14. package/dist/__generated__/version.js +1 -1
  15. package/dist/__generated__/version.mjs +1 -1
  16. package/dist/__stampers__/passkey/base.d.ts +1 -3
  17. package/dist/__stampers__/passkey/base.d.ts.map +1 -1
  18. package/dist/__stampers__/passkey/base.js.map +1 -1
  19. package/dist/__stampers__/passkey/base.mjs.map +1 -1
  20. package/dist/__types__/config.d.ts +5 -0
  21. package/dist/__types__/config.d.ts.map +1 -1
  22. package/dist/__types__/http.d.ts +17 -0
  23. package/dist/__types__/http.d.ts.map +1 -0
  24. package/dist/__types__/http.js +11 -0
  25. package/dist/__types__/http.js.map +1 -0
  26. package/dist/__types__/http.mjs +9 -0
  27. package/dist/__types__/http.mjs.map +1 -0
  28. package/dist/__types__/index.d.ts +1 -0
  29. package/dist/__types__/index.d.ts.map +1 -1
  30. package/dist/__types__/method-types.d.ts +24 -2
  31. package/dist/__types__/method-types.d.ts.map +1 -1
  32. package/dist/__wallet__/web/manager.d.ts +10 -0
  33. package/dist/__wallet__/web/manager.d.ts.map +1 -1
  34. package/dist/__wallet__/web/manager.js +41 -2
  35. package/dist/__wallet__/web/manager.js.map +1 -1
  36. package/dist/__wallet__/web/manager.mjs +41 -2
  37. package/dist/__wallet__/web/manager.mjs.map +1 -1
  38. package/dist/__wallet__/web/native/solana.js +2 -2
  39. package/dist/__wallet__/web/native/solana.js.map +1 -1
  40. package/dist/__wallet__/web/native/solana.mjs +2 -2
  41. package/dist/__wallet__/web/native/solana.mjs.map +1 -1
  42. package/dist/index.d.ts +2 -1
  43. package/dist/index.d.ts.map +1 -1
  44. package/dist/index.js +3 -1
  45. package/dist/index.js.map +1 -1
  46. package/dist/index.mjs +2 -2
  47. package/dist/utils.d.ts +16 -1
  48. package/dist/utils.d.ts.map +1 -1
  49. package/dist/utils.js +69 -1
  50. package/dist/utils.js.map +1 -1
  51. package/dist/utils.mjs +68 -4
  52. package/dist/utils.mjs.map +1 -1
  53. package/package.json +5 -6
package/dist/__clients__/core.js CHANGED
@@ -17,6 +17,41 @@ class TurnkeyClient {
17
17
  constructor(config,
18
18
  // Users can pass in their own stampers, or we will create them. Should we remove this?
19
19
  apiKeyStamper, passkeyStamper, walletManager) {
20
+ /**
21
+ * Creates a new TurnkeySDKClientBase instance with the provided configuration.
22
+ * This method is used internally to create the HTTP client for making API requests,
23
+ * but can also be used to create an additional client with different configurations if needed.
24
+ * By default, it uses the configuration provided during the TurnkeyClient initialization.
25
+ *
26
+ * @param params - Optional configuration parameters to override the default client configuration.
27
+ * @param params.apiBaseUrl - The base URL of the Turnkey API (defaults to `https://api.turnkey.com` if not provided).
28
+ * @param params.organizationId - The organization ID to associate requests with.
29
+ * @param params.authProxyUrl - The base URL of the Auth Proxy (defaults to `https://authproxy.turnkey.com` if not provided).
30
+ * @param params.authProxyConfigId - The configuration ID to use when making Auth Proxy requests.
31
+ * @param params.defaultStamperType - The default stamper type to use for signing requests
32
+ * (overrides automatic detection of ApiKey, Passkey, or Wallet stampers).
33
+ *
34
+ * @returns A new instance of {@link TurnkeySDKClientBase} configured with the provided parameters.
35
+ */
36
+ this.createHttpClient = (params) => {
37
+ // We can comfortably default to the prod urls here
38
+ const apiBaseUrl = params?.apiBaseUrl || this.config.apiBaseUrl || "https://api.turnkey.com";
39
+ const authProxyUrl = params?.authProxyUrl ||
40
+ this.config.authProxyUrl ||
41
+ "https://authproxy.turnkey.com";
42
+ const organizationId = params?.organizationId || this.config.organizationId;
43
+ return new sdkClientBase.TurnkeySDKClientBase({
44
+ ...this.config,
45
+ ...params,
46
+ apiBaseUrl,
47
+ authProxyUrl,
48
+ organizationId,
49
+ apiKeyStamper: this.apiKeyStamper,
50
+ passkeyStamper: this.passkeyStamper,
51
+ walletStamper: this.walletManager?.stamper,
52
+ storageManager: this.storageManager,
53
+ });
54
+ };
20
55
  /**
21
56
  * Creates a new passkey authenticator for the user.
22
57
  *
@@ -379,6 +414,105 @@ class TurnkeyClient {
379
414
  errorCode: sdkTypes.TurnkeyErrorCodes.SWITCH_WALLET_CHAIN_ERROR,
380
415
  });
381
416
  };
417
+ /**
418
+ * Builds and signs a wallet login request without submitting it to Turnkey.
419
+ *
420
+ * - This function prepares a signed request for wallet authentication, which can later be used
421
+ * to log in or sign up a user with Turnkey.
422
+ * - It initializes the wallet stamper, ensures a valid session public key (generating one if needed),
423
+ * and signs the login intent with the connected wallet.
424
+ * - For Ethereum wallets, derives the public key from the stamped request header.
425
+ * - For Solana wallets, retrieves the public key directly from the connected wallet.
426
+ * - The signed request is not sent to Turnkey immediately; it is meant to be used in a subsequent flow
427
+ * (e.g., `loginOrSignupWithWallet`) where sub-organization existence is verified or created first.
428
+ *
429
+ * @param params.walletProvider - the wallet provider used for authentication and signing.
430
+ * @param params.publicKey - optional pre-generated session public key (auto-generated if not provided).
431
+ * @param params.expirationSeconds - optional session expiration time in seconds (defaults to the configured default).
432
+ * @returns A promise resolving to an object containing:
433
+ * - `signedRequest`: the signed wallet login request.
434
+ * - `publicKey`: the public key associated with the signed request.
435
+ * @throws {TurnkeyError} If the wallet stamper is not initialized, the signing process fails,
436
+ * or the public key cannot be derived or generated.
437
+ */
438
+ this.buildWalletLoginRequest = async (params) => {
439
+ const { walletProvider, publicKey: providedPublicKey } = params;
440
+ const expirationSeconds = params.expirationSeconds || auth.DEFAULT_SESSION_EXPIRATION_IN_SECONDS;
441
+ let generatedPublicKey = undefined;
442
+ return utils.withTurnkeyErrorHandling(async () => {
443
+ if (!this.walletManager?.stamper) {
444
+ throw new sdkTypes.TurnkeyError("Wallet stamper is not initialized", sdkTypes.TurnkeyErrorCodes.WALLET_MANAGER_COMPONENT_NOT_INITIALIZED);
445
+ }
446
+ const futureSessionPublicKey = providedPublicKey ??
447
+ (generatedPublicKey = await this.apiKeyStamper?.createKeyPair());
448
+ if (!futureSessionPublicKey) {
449
+ throw new sdkTypes.TurnkeyError("Failed to find or generate a public key for building the wallet login request", sdkTypes.TurnkeyErrorCodes.WALLET_BUILD_LOGIN_REQUEST_ERROR);
450
+ }
451
+ this.walletManager.stamper.setProvider(walletProvider.interfaceType, walletProvider);
452
+ // here we sign the request with the wallet, but we don't send it to Turnkey yet
453
+ // this is because we need to check if the subOrg exists first, and create one if it doesn't
454
+ // once we have the subOrg for the publicKey, we then can send the request to Turnkey
455
+ const signedRequest = await utils.withTurnkeyErrorHandling(async () => {
456
+ return this.httpClient.stampStampLogin({
457
+ publicKey: futureSessionPublicKey,
458
+ organizationId: this.config.organizationId,
459
+ expirationSeconds,
460
+ }, enums.StamperType.Wallet);
461
+ }, {
462
+ errorMessage: "Failed to create stamped request for wallet login",
463
+ errorCode: sdkTypes.TurnkeyErrorCodes.WALLET_BUILD_LOGIN_REQUEST_ERROR,
464
+ customErrorsByMessages: {
465
+ "WalletConnect: The connection request has expired. Please scan the QR code again.": {
466
+ message: "Your WalletConnect session expired. Please scan the QR code again.",
467
+ code: sdkTypes.TurnkeyErrorCodes.WALLET_CONNECT_EXPIRED,
468
+ },
469
+ "Failed to sign the message": {
470
+ message: "Wallet auth was cancelled by the user.",
471
+ code: sdkTypes.TurnkeyErrorCodes.CONNECT_WALLET_CANCELLED,
472
+ },
473
+ },
474
+ });
475
+ if (!signedRequest) {
476
+ throw new sdkTypes.TurnkeyError("Failed to create stamped request for wallet login", sdkTypes.TurnkeyErrorCodes.BAD_RESPONSE);
477
+ }
478
+ let publicKey;
479
+ switch (walletProvider.chainInfo.namespace) {
480
+ case enums.Chain.Ethereum: {
481
+ // for Ethereum, there is no way to get the public key from the wallet address
482
+ // so we derive it from the signed request
483
+ publicKey = utils.getPublicKeyFromStampHeader(signedRequest.stamp.stampHeaderValue);
484
+ break;
485
+ }
486
+ case enums.Chain.Solana: {
487
+ // for Solana, we can get the public key from the wallet address
488
+ // since the wallet address is the public key
489
+ // this doesn't require any action from the user as long as the wallet is connected
490
+ // which it has to be since they just called stampStampLogin()
491
+ publicKey = await this.walletManager.stamper.getPublicKey(walletProvider.interfaceType, walletProvider);
492
+ break;
493
+ }
494
+ default:
495
+ throw new sdkTypes.TurnkeyError(`Unsupported interface type: ${walletProvider.interfaceType}`, sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
496
+ }
497
+ return {
498
+ signedRequest,
499
+ publicKey: publicKey,
500
+ };
501
+ }, {
502
+ errorCode: sdkTypes.TurnkeyErrorCodes.WALLET_BUILD_LOGIN_REQUEST_ERROR,
503
+ errorMessage: "Failed to build wallet login request",
504
+ catchFn: async () => {
505
+ if (generatedPublicKey) {
506
+ try {
507
+ await this.apiKeyStamper?.deleteKeyPair(generatedPublicKey);
508
+ }
509
+ catch (cleanupError) {
510
+ throw new sdkTypes.TurnkeyError(`Failed to clean up generated key pair`, sdkTypes.TurnkeyErrorCodes.KEY_PAIR_CLEANUP_ERROR, cleanupError);
511
+ }
512
+ }
513
+ },
514
+ });
515
+ };
382
516
  /**
383
517
  * Logs in a user using the specified wallet provider.
384
518
  *
@@ -399,7 +533,7 @@ class TurnkeyClient {
399
533
  * @throws {TurnkeyError} If the wallet stamper is uninitialized, a public key cannot be found or generated, or login fails.
400
534
  */
401
535
  this.loginWithWallet = async (params) => {
402
- let publicKey = params.publicKey || (await this.apiKeyStamper?.createKeyPair());
536
+ const publicKey = params.publicKey || (await this.apiKeyStamper?.createKeyPair());
403
537
  return utils.withTurnkeyErrorHandling(async () => {
404
538
  if (!this.walletManager?.stamper) {
405
539
  throw new sdkTypes.TurnkeyError("Wallet stamper is not initialized", sdkTypes.TurnkeyErrorCodes.WALLET_MANAGER_COMPONENT_NOT_INITIALIZED);
@@ -546,6 +680,7 @@ class TurnkeyClient {
546
680
  * - Stores the resulting session token under the specified session key, or the default session key if not provided.
547
681
  *
548
682
  * @param params.walletProvider - wallet provider to use for authentication.
683
+ * @param params.publicKey - optional public key to associate with the session (generated if not provided).
549
684
  * @param params.createSubOrgParams - optional parameters for creating a sub-organization (e.g., authenticators, user metadata).
550
685
  * @param params.sessionKey - session key to use for storing the session (defaults to the default session key).
551
686
  * @param params.expirationSeconds - session expiration time in seconds (defaults to the configured default).
@@ -560,59 +695,8 @@ class TurnkeyClient {
560
695
  const createSubOrgParams = params.createSubOrgParams;
561
696
  const sessionKey = params.sessionKey || enums.SessionKey.DefaultSessionkey;
562
697
  const walletProvider = params.walletProvider;
563
- const expirationSeconds = params.expirationSeconds || auth.DEFAULT_SESSION_EXPIRATION_IN_SECONDS;
564
- let generatedPublicKey = undefined;
565
698
  return utils.withTurnkeyErrorHandling(async () => {
566
- if (!this.walletManager?.stamper) {
567
- throw new sdkTypes.TurnkeyError("Wallet stamper is not initialized", sdkTypes.TurnkeyErrorCodes.WALLET_MANAGER_COMPONENT_NOT_INITIALIZED);
568
- }
569
- generatedPublicKey = await this.apiKeyStamper?.createKeyPair();
570
- this.walletManager.stamper.setProvider(walletProvider.interfaceType, walletProvider);
571
- // here we sign the request with the wallet, but we don't send it to Turnkey yet
572
- // this is because we need to check if the subOrg exists first, and create one if it doesn't
573
- // once we have the subOrg for the publicKey, we then can send the request to Turnkey
574
- const signedRequest = await utils.withTurnkeyErrorHandling(async () => {
575
- return this.httpClient.stampStampLogin({
576
- publicKey: generatedPublicKey,
577
- organizationId: this.config.organizationId,
578
- expirationSeconds,
579
- }, enums.StamperType.Wallet);
580
- }, {
581
- errorMessage: "Failed to create stamped request for wallet login",
582
- errorCode: sdkTypes.TurnkeyErrorCodes.WALLET_LOGIN_OR_SIGNUP_ERROR,
583
- customErrorsByMessages: {
584
- "WalletConnect: The connection request has expired. Please scan the QR code again.": {
585
- message: "Your WalletConnect session expired. Please scan the QR code again.",
586
- code: sdkTypes.TurnkeyErrorCodes.WALLET_CONNECT_EXPIRED,
587
- },
588
- "Failed to sign the message": {
589
- message: "Wallet auth was cancelled by the user.",
590
- code: sdkTypes.TurnkeyErrorCodes.CONNECT_WALLET_CANCELLED,
591
- },
592
- },
593
- });
594
- if (!signedRequest) {
595
- throw new sdkTypes.TurnkeyError("Failed to create stamped request for wallet login", sdkTypes.TurnkeyErrorCodes.BAD_RESPONSE);
596
- }
597
- let publicKey;
598
- switch (walletProvider.chainInfo.namespace) {
599
- case enums.Chain.Ethereum: {
600
- // for Ethereum, there is no way to get the public key from the wallet address
601
- // so we derive it from the signed request
602
- publicKey = utils.getPublicKeyFromStampHeader(signedRequest.stamp.stampHeaderValue);
603
- break;
604
- }
605
- case enums.Chain.Solana: {
606
- // for Solana, we can get the public key from the wallet address
607
- // since the wallet address is the public key
608
- // this doesn't require any action from the user as long as the wallet is connected
609
- // which it has to be since they just called stampStampLogin()
610
- publicKey = await this.walletManager.stamper.getPublicKey(walletProvider.interfaceType, walletProvider);
611
- break;
612
- }
613
- default:
614
- throw new sdkTypes.TurnkeyError(`Unsupported interface type: ${walletProvider.interfaceType}`, sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
615
- }
699
+ const { signedRequest, publicKey } = await this.buildWalletLoginRequest(params);
616
700
  // here we check if the subOrg exists and create one
617
701
  // then we send off the stamped request to Turnkey
618
702
  const accountRes = await this.httpClient.proxyGetAccount({
@@ -643,20 +727,7 @@ class TurnkeyClient {
643
727
  }
644
728
  }
645
729
  // now we can send the stamped request to Turnkey
646
- const headers = {
647
- "Content-Type": "application/json",
648
- [signedRequest.stamp.stampHeaderName]: signedRequest.stamp.stampHeaderValue,
649
- };
650
- const res = await fetch(signedRequest.url, {
651
- method: "POST",
652
- headers,
653
- body: signedRequest.body,
654
- });
655
- if (!res.ok) {
656
- const errorText = await res.text();
657
- throw new sdkTypes.TurnkeyNetworkError(`Stamped request failed`, res.status, sdkTypes.TurnkeyErrorCodes.WALLET_LOGIN_AUTH_ERROR, errorText);
658
- }
659
- const sessionResponse = await res.json();
730
+ const sessionResponse = await utils.sendSignedRequest(signedRequest);
660
731
  const sessionToken = sessionResponse.activity.result.stampLoginResult?.session;
661
732
  if (!sessionToken) {
662
733
  throw new sdkTypes.TurnkeyError("Session token not found in the response", sdkTypes.TurnkeyErrorCodes.BAD_RESPONSE);
@@ -675,14 +746,6 @@ class TurnkeyClient {
675
746
  errorCode: sdkTypes.TurnkeyErrorCodes.WALLET_LOGIN_OR_SIGNUP_ERROR,
676
747
  errorMessage: "Failed to log in or sign up with wallet",
677
748
  catchFn: async () => {
678
- if (generatedPublicKey) {
679
- try {
680
- await this.apiKeyStamper?.deleteKeyPair(generatedPublicKey);
681
- }
682
- catch (cleanupError) {
683
- throw new sdkTypes.TurnkeyError(`Failed to clean up generated key pair`, sdkTypes.TurnkeyErrorCodes.KEY_PAIR_CLEANUP_ERROR, cleanupError);
684
- }
685
- }
686
749
  },
687
750
  });
688
751
  };
@@ -1125,7 +1188,7 @@ class TurnkeyClient {
1125
1188
  * @throws {TurnkeyError} If no active session is found or if there is an error fetching wallets.
1126
1189
  */
1127
1190
  this.fetchWallets = async (params) => {
1128
- const { walletProviders, organizationId: organizationIdFromParams, userId: userIdFromParams, connectedOnly, stampWith, } = params || {};
1191
+ const { walletProviders, organizationId: organizationIdFromParams, userId: userIdFromParams, connectedOnly, stampWith = this.config.defaultStamperType, } = params || {};
1129
1192
  const session = await this.storageManager.getActiveSession();
1130
1193
  if (!session && !connectedOnly) {
1131
1194
  throw new sdkTypes.TurnkeyError("No active session found. Fetching embedded wallets requires a valid session. If you only need connected wallets, set the 'connectedOnly' parameter to true.", sdkTypes.TurnkeyErrorCodes.NO_SESSION_FOUND);
@@ -1147,16 +1210,10 @@ class TurnkeyClient {
1147
1210
  if (!userId) {
1148
1211
  throw new sdkTypes.TurnkeyError("No user ID provided and no active session found. Please log in first or pass in a user ID.", sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
1149
1212
  }
1150
- const res = await this.httpClient.getWalletAccounts({
1151
- organizationId,
1152
- includeWalletDetails: true,
1153
- }, stampWith);
1213
+ const accounts = await utils.fetchAllWalletAccountsWithCursor(this.httpClient, organizationId, stampWith);
1154
1214
  const walletsRes = await this.httpClient.getWallets({
1155
1215
  organizationId,
1156
1216
  }, stampWith);
1157
- if (!res || !res.accounts) {
1158
- throw new sdkTypes.TurnkeyError("No wallet accounts found in the response", sdkTypes.TurnkeyErrorCodes.BAD_RESPONSE);
1159
- }
1160
1217
  // create a map of walletId to EmbeddedWallet for easy lookup
1161
1218
  const walletMap = new Map(walletsRes.wallets.map((wallet) => [
1162
1219
  wallet.walletId,
@@ -1167,7 +1224,7 @@ class TurnkeyClient {
1167
1224
  },
1168
1225
  ]));
1169
1226
  // map the accounts to their respective wallets
1170
- embedded = utils.mapAccountsToWallet(res.accounts, walletMap);
1227
+ embedded = utils.mapAccountsToWallet(accounts, walletMap);
1171
1228
  }
1172
1229
  // if wallet connecting is disabled we return only embedded wallets
1173
1230
  // this will never be hit if `connectedOnly` is true because of the check above
@@ -1240,7 +1297,7 @@ class TurnkeyClient {
1240
1297
  * @throws {TurnkeyError} If no active session is found or if there is an error fetching wallet accounts.
1241
1298
  */
1242
1299
  this.fetchWalletAccounts = async (params) => {
1243
- const { wallet, stampWith, walletProviders, paginationOptions } = params;
1300
+ const { wallet, stampWith = this.config.defaultStamperType, walletProviders, paginationOptions, } = params;
1244
1301
  const session = await this.storageManager.getActiveSession();
1245
1302
  const organizationId = params?.organizationId || session?.organizationId;
1246
1303
  const userId = params?.userId || session?.userId;
@@ -1369,7 +1426,7 @@ class TurnkeyClient {
1369
1426
  * @throws {TurnkeyError} If no active session is found or if there is an error fetching private keys.
1370
1427
  */
1371
1428
  this.fetchPrivateKeys = async (params) => {
1372
- const { stampWith } = params || {};
1429
+ const { stampWith = this.config.defaultStamperType } = params || {};
1373
1430
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1374
1431
  const organizationId = params?.organizationId || session?.organizationId;
1375
1432
  if (!organizationId) {
@@ -1425,7 +1482,7 @@ class TurnkeyClient {
1425
1482
  * @throws {TurnkeyError} If signing fails, the wallet type does not support message signing, or the response is invalid.
1426
1483
  */
1427
1484
  this.signMessage = async (params) => {
1428
- const { message, walletAccount, stampWith, addEthereumPrefix, organizationId, } = params;
1485
+ const { message, walletAccount, stampWith = this.config.defaultStamperType, addEthereumPrefix, organizationId, } = params;
1429
1486
  const hashFunction = params.hashFunction || utils.getHashFunction(walletAccount.addressFormat);
1430
1487
  const payloadEncoding = params.encoding || utils.getEncodingType(walletAccount.addressFormat);
1431
1488
  return utils.withTurnkeyErrorHandling(async () => {
@@ -1496,7 +1553,7 @@ class TurnkeyClient {
1496
1553
  * @throws {TurnkeyError} If the wallet type is unsupported, signing fails, or the response is invalid.
1497
1554
  */
1498
1555
  this.signTransaction = async (params) => {
1499
- const { walletAccount, unsignedTransaction, transactionType, stampWith, organizationId, } = params;
1556
+ const { walletAccount, unsignedTransaction, transactionType, stampWith = this.config.defaultStamperType, organizationId, } = params;
1500
1557
  return utils.withTurnkeyErrorHandling(async () => {
1501
1558
  if (walletAccount.source === enums.WalletSource.Connected) {
1502
1559
  switch (walletAccount.chainInfo.namespace) {
@@ -1551,7 +1608,7 @@ class TurnkeyClient {
1551
1608
  * @throws {TurnkeyError} If the wallet type is unsupported, or if signing/broadcasting fails.
1552
1609
  */
1553
1610
  this.signAndSendTransaction = async (params) => {
1554
- const { walletAccount, unsignedTransaction, transactionType, rpcUrl, stampWith, organizationId, } = params;
1611
+ const { walletAccount, unsignedTransaction, transactionType, rpcUrl, stampWith = this.config.defaultStamperType, organizationId, } = params;
1555
1612
  return utils.withTurnkeyErrorHandling(async () => {
1556
1613
  if (walletAccount.source === enums.WalletSource.Connected) {
1557
1614
  // this is a connected wallet account
@@ -1616,7 +1673,7 @@ class TurnkeyClient {
1616
1673
  * @throws {TurnkeyError} If there is no active session, if there is no userId, or if there is an error fetching user details.
1617
1674
  */
1618
1675
  this.fetchUser = async (params) => {
1619
- const { organizationId: organizationIdFromParams, userId: userIdFromParams, stampWith, } = params || {};
1676
+ const { organizationId: organizationIdFromParams, userId: userIdFromParams, stampWith = this.config.defaultStamperType, } = params || {};
1620
1677
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1621
1678
  const userId = userIdFromParams || session?.userId;
1622
1679
  if (!userId) {
@@ -1654,7 +1711,7 @@ class TurnkeyClient {
1654
1711
  * @throws {TurnkeyError} If there is no active session, if the input is invalid, if user retrieval fails, or if user creation fails.
1655
1712
  */
1656
1713
  this.fetchOrCreateP256ApiKeyUser = async (params) => {
1657
- const { publicKey, createParams, stampWith, organizationId: organizationIdFromParams, } = params;
1714
+ const { publicKey, createParams, stampWith = this.config.defaultStamperType, organizationId: organizationIdFromParams, } = params;
1658
1715
  return utils.withTurnkeyErrorHandling(async () => {
1659
1716
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1660
1717
  const organizationId = organizationIdFromParams || session?.organizationId;
@@ -1736,7 +1793,7 @@ class TurnkeyClient {
1736
1793
  * if fetching policies fails, or if creating policies fails.
1737
1794
  */
1738
1795
  this.fetchOrCreatePolicies = async (params) => {
1739
- const { policies, stampWith } = params;
1796
+ const { policies, stampWith = this.config.defaultStamperType } = params;
1740
1797
  return await utils.withTurnkeyErrorHandling(async () => {
1741
1798
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1742
1799
  if (!Array.isArray(policies) || policies.length === 0) {
@@ -1819,7 +1876,7 @@ class TurnkeyClient {
1819
1876
  * @throws {TurnkeyError} If there is no active session, if the userId is missing, or if there is an error updating or verifying the user email.
1820
1877
  */
1821
1878
  this.updateUserEmail = async (params) => {
1822
- const { verificationToken, email, stampWith, organizationId } = params;
1879
+ const { verificationToken, email, stampWith = this.config.defaultStamperType, organizationId, } = params;
1823
1880
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1824
1881
  const userId = params?.userId || session?.userId;
1825
1882
  if (!userId) {
@@ -1863,7 +1920,7 @@ class TurnkeyClient {
1863
1920
  * @throws {TurnkeyError} If there is no active session, if the userId is missing, or if there is an error removing the user email.
1864
1921
  */
1865
1922
  this.removeUserEmail = async (params) => {
1866
- const { stampWith, organizationId } = params || {};
1923
+ const { stampWith = this.config.defaultStamperType, organizationId } = params || {};
1867
1924
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1868
1925
  return utils.withTurnkeyErrorHandling(async () => {
1869
1926
  const userId = params?.userId || session?.userId;
@@ -1902,7 +1959,7 @@ class TurnkeyClient {
1902
1959
  * @throws {TurnkeyError} If there is no active session, if the userId is missing, or if there is an error updating or verifying the user phone number.
1903
1960
  */
1904
1961
  this.updateUserPhoneNumber = async (params) => {
1905
- const { verificationToken, phoneNumber, stampWith, organizationId } = params;
1962
+ const { verificationToken, phoneNumber, stampWith = this.config.defaultStamperType, organizationId, } = params;
1906
1963
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1907
1964
  const userId = params?.userId || session?.userId;
1908
1965
  if (!userId) {
@@ -1939,7 +1996,7 @@ class TurnkeyClient {
1939
1996
  * @throws {TurnkeyError} If there is no active session, if the userId is missing, or if there is an error removing the user phone number.
1940
1997
  */
1941
1998
  this.removeUserPhoneNumber = async (params) => {
1942
- const { stampWith, organizationId } = params || {};
1999
+ const { stampWith = this.config.defaultStamperType, organizationId } = params || {};
1943
2000
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1944
2001
  const userId = params?.userId || session?.userId;
1945
2002
  if (!userId) {
@@ -1977,7 +2034,7 @@ class TurnkeyClient {
1977
2034
  * @throws {TurnkeyError} If there is no active session, if the userId is missing, or if there is an error updating the user name.
1978
2035
  */
1979
2036
  this.updateUserName = async (params) => {
1980
- const { userName, stampWith, organizationId } = params;
2037
+ const { userName, stampWith = this.config.defaultStamperType, organizationId, } = params;
1981
2038
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
1982
2039
  const userId = params?.userId || session?.userId;
1983
2040
  if (!userId) {
@@ -2017,7 +2074,7 @@ class TurnkeyClient {
2017
2074
  * @throws {TurnkeyError} If there is no active session, if the account already exists, or if there is an error adding the OAuth provider.
2018
2075
  */
2019
2076
  this.addOauthProvider = async (params) => {
2020
- const { providerName, oidcToken, stampWith } = params;
2077
+ const { providerName, oidcToken, stampWith = this.config.defaultStamperType, } = params;
2021
2078
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2022
2079
  return utils.withTurnkeyErrorHandling(async () => {
2023
2080
  const accountRes = await this.httpClient.proxyGetAccount({
@@ -2093,7 +2150,7 @@ class TurnkeyClient {
2093
2150
  * @throws {TurnkeyError} If there is no active session, if the userId is missing, or if there is an error removing the OAuth provider.
2094
2151
  */
2095
2152
  this.removeOauthProviders = async (params) => {
2096
- const { providerIds, stampWith, organizationId } = params;
2153
+ const { providerIds, stampWith = this.config.defaultStamperType, organizationId, } = params;
2097
2154
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2098
2155
  const userId = params?.userId || session?.userId;
2099
2156
  if (!userId) {
@@ -2132,7 +2189,7 @@ class TurnkeyClient {
2132
2189
  * @throws {TurnkeyError} If there is no active session, if passkey creation fails, or if there is an error adding the passkey.
2133
2190
  */
2134
2191
  this.addPasskey = async (params) => {
2135
- const { stampWith, organizationId } = params || {};
2192
+ const { stampWith = this.config.defaultStamperType, organizationId } = params || {};
2136
2193
  const name = params?.name || `Turnkey Passkey-${Date.now()}`;
2137
2194
  return utils.withTurnkeyErrorHandling(async () => {
2138
2195
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
@@ -2180,7 +2237,7 @@ class TurnkeyClient {
2180
2237
  * @throws {TurnkeyError} If there is no active session, if the userId is missing, or if there is an error removing the passkeys.
2181
2238
  */
2182
2239
  this.removePasskeys = async (params) => {
2183
- const { authenticatorIds, stampWith, organizationId } = params;
2240
+ const { authenticatorIds, stampWith = this.config.defaultStamperType, organizationId, } = params;
2184
2241
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2185
2242
  const userId = params?.userId || session?.userId;
2186
2243
  if (!userId) {
@@ -2221,7 +2278,7 @@ class TurnkeyClient {
2221
2278
  * @throws {TurnkeyError} If there is no active session or if there is an error creating the wallet.
2222
2279
  */
2223
2280
  this.createWallet = async (params) => {
2224
- const { walletName, accounts, organizationId: organizationIdFromParams, mnemonicLength, stampWith, } = params;
2281
+ const { walletName, accounts, organizationId: organizationIdFromParams, mnemonicLength, stampWith = this.config.defaultStamperType, } = params;
2225
2282
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2226
2283
  const organizationId = organizationIdFromParams || session?.organizationId;
2227
2284
  if (!organizationId) {
@@ -2273,7 +2330,7 @@ class TurnkeyClient {
2273
2330
  * @throws {TurnkeyError} If there is no active session, if the wallet does not exist, or if there is an error creating the wallet accounts.
2274
2331
  */
2275
2332
  this.createWalletAccounts = async (params) => {
2276
- const { accounts, walletId, organizationId: organizationIdFromParams, stampWith, } = params;
2333
+ const { accounts, walletId, organizationId: organizationIdFromParams, stampWith = this.config.defaultStamperType, } = params;
2277
2334
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2278
2335
  const organizationId = organizationIdFromParams || session?.organizationId;
2279
2336
  if (!organizationId) {
@@ -2328,7 +2385,7 @@ class TurnkeyClient {
2328
2385
  * @throws {TurnkeyError} If there is no active session, if the targetPublicKey is missing, or if there is an error exporting the wallet.
2329
2386
  */
2330
2387
  this.exportWallet = async (params) => {
2331
- const { walletId, targetPublicKey, stampWith, organizationId: organizationIdFromParams, } = params;
2388
+ const { walletId, targetPublicKey, stampWith = this.config.defaultStamperType, organizationId: organizationIdFromParams, } = params;
2332
2389
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2333
2390
  const organizationId = organizationIdFromParams || session?.organizationId;
2334
2391
  if (!organizationId) {
@@ -2366,7 +2423,7 @@ class TurnkeyClient {
2366
2423
  * @throws {TurnkeyError} If there is no active session, if the targetPublicKey is missing, or if there is an error exporting the private key.
2367
2424
  */
2368
2425
  this.exportPrivateKey = async (params) => {
2369
- const { privateKeyId, targetPublicKey, stampWith, organizationId: organizationIdFromParams, } = params;
2426
+ const { privateKeyId, targetPublicKey, stampWith = this.config.defaultStamperType, organizationId: organizationIdFromParams, } = params;
2370
2427
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2371
2428
  const organizationId = organizationIdFromParams || session?.organizationId;
2372
2429
  if (!organizationId) {
@@ -2405,7 +2462,7 @@ class TurnkeyClient {
2405
2462
  *
2406
2463
  */
2407
2464
  this.exportWalletAccount = async (params) => {
2408
- const { address, targetPublicKey, stampWith, organizationId: organizationIdFromParams, } = params;
2465
+ const { address, targetPublicKey, stampWith = this.config.defaultStamperType, organizationId: organizationIdFromParams, } = params;
2409
2466
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2410
2467
  const organizationId = organizationIdFromParams || session?.organizationId;
2411
2468
  if (!organizationId) {
@@ -2446,7 +2503,7 @@ class TurnkeyClient {
2446
2503
  * @throws {TurnkeyError} If there is no active session, if the encrypted bundle is invalid, or if there is an error importing the wallet.
2447
2504
  */
2448
2505
  this.importWallet = async (params) => {
2449
- const { encryptedBundle, accounts, walletName, organizationId: organizationIdFromParams, userId: userIdFromParams, stampWith, } = params;
2506
+ const { encryptedBundle, accounts, walletName, organizationId: organizationIdFromParams, userId: userIdFromParams, stampWith = this.config.defaultStamperType, } = params;
2450
2507
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2451
2508
  const organizationId = organizationIdFromParams || session?.organizationId;
2452
2509
  if (!organizationId) {
@@ -2504,7 +2561,7 @@ class TurnkeyClient {
2504
2561
  * @throws {TurnkeyError} If there is no active session, if the encrypted bundle is invalid, or if there is an error importing the wallet.
2505
2562
  */
2506
2563
  this.importPrivateKey = async (params) => {
2507
- const { encryptedBundle, privateKeyName, addressFormats, curve, organizationId: organizationIdFromParams, userId: userIdFromParams, stampWith, } = params;
2564
+ const { encryptedBundle, privateKeyName, addressFormats, curve, organizationId: organizationIdFromParams, userId: userIdFromParams, stampWith = this.config.defaultStamperType, } = params;
2508
2565
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2509
2566
  const organizationId = organizationIdFromParams || session?.organizationId;
2510
2567
  if (!organizationId) {
@@ -2554,7 +2611,7 @@ class TurnkeyClient {
2554
2611
  * @throws {TurnkeyError} If there is no active session or if there is an error deleting the sub-organization.
2555
2612
  */
2556
2613
  this.deleteSubOrganization = async (params) => {
2557
- const { deleteWithoutExport = false, organizationId: organizationIdFromParams, stampWith, } = params || {};
2614
+ const { deleteWithoutExport = false, organizationId: organizationIdFromParams, stampWith = this.config.defaultStamperType, } = params || {};
2558
2615
  const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2559
2616
  const organizationId = organizationIdFromParams || session?.organizationId;
2560
2617
  return utils.withTurnkeyErrorHandling(async () => {
@@ -2662,7 +2719,7 @@ class TurnkeyClient {
2662
2719
  * @throws {TurnkeyError} If the session key does not exist, if there is no active session, or if there is an error refreshing the session.
2663
2720
  */
2664
2721
  this.refreshSession = async (params) => {
2665
- const { sessionKey = await this.storageManager.getActiveSessionKey(), expirationSeconds = auth.DEFAULT_SESSION_EXPIRATION_IN_SECONDS, publicKey, invalidateExisitng = false, } = params || {};
2722
+ const { sessionKey = await this.storageManager.getActiveSessionKey(), expirationSeconds = auth.DEFAULT_SESSION_EXPIRATION_IN_SECONDS, publicKey, stampWith = this.config.defaultStamperType, invalidateExisitng = false, } = params || {};
2666
2723
  if (!sessionKey) {
2667
2724
  throw new sdkTypes.TurnkeyError("No session key provided or active session to refresh session", sdkTypes.TurnkeyErrorCodes.NO_SESSION_FOUND);
2668
2725
  }
@@ -2685,7 +2742,7 @@ class TurnkeyClient {
2685
2742
  publicKey: keyPair,
2686
2743
  expirationSeconds,
2687
2744
  invalidateExisting: invalidateExisitng,
2688
- }, params?.stampWith);
2745
+ }, stampWith);
2689
2746
  if (!res || !res.session) {
2690
2747
  throw new sdkTypes.TurnkeyError("No session found in the refresh response", sdkTypes.TurnkeyErrorCodes.BAD_RESPONSE);
2691
2748
  }
@@ -2883,6 +2940,46 @@ class TurnkeyClient {
2883
2940
  errorCode: sdkTypes.TurnkeyErrorCodes.GET_PROXY_AUTH_CONFIG_ERROR,
2884
2941
  });
2885
2942
  };
2943
+ /**
2944
+ * Fetches the boot proof for a given app proof.
2945
+ *
2946
+ * - This function is idempotent: multiple calls with the same `app proof` will always return the boot proof.
2947
+ * - Attempts to find the boot proof for the given app proof.
2948
+ * - If a boot proof is found, it is returned as is.
2949
+ * - If no boot proof is found, an error is thrown.
2950
+ *
2951
+ * @param params.appProof - the app proof for which the boot proof is being fetched.
2952
+ * @param params.organizationId - organization ID to specify the sub-organization (defaults to the current session's organizationId).
2953
+ * @param params.stampWith - parameter to stamp the request with a specific stamper (StamperType.Passkey, StamperType.ApiKey, or StamperType.Wallet).
2954
+ * @returns A promise that resolves to the {@link v1BootProof} associated with the given app proof.
2955
+ * @throws {TurnkeyError} If there is no active session, if the input is invalid, or if boot proof retrieval fails.
2956
+ */
2957
+ this.fetchBootProofForAppProof = async (params) => {
2958
+ const { appProof, stampWith = this.config.defaultStamperType, organizationId: organizationIdFromParams, } = params;
2959
+ return utils.withTurnkeyErrorHandling(async () => {
2960
+ const session = await utils.getActiveSessionOrThrowIfRequired(stampWith, this.storageManager.getActiveSession);
2961
+ const organizationId = organizationIdFromParams || session?.organizationId;
2962
+ if (!organizationId) {
2963
+ throw new sdkTypes.TurnkeyError("Organization ID is required to fetch a Boot Proof.", sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
2964
+ }
2965
+ // validate their input
2966
+ if (appProof === null || appProof?.publicKey === null) {
2967
+ throw new sdkTypes.TurnkeyError("'appProof' is required and cannot be empty.", sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
2968
+ }
2969
+ const ephemeralKey = appProof.publicKey;
2970
+ const bootProofResponse = await this.httpClient.getBootProof({
2971
+ organizationId,
2972
+ ephemeralKey,
2973
+ }, stampWith);
2974
+ if (!bootProofResponse || !bootProofResponse.bootProof) {
2975
+ throw new sdkTypes.TurnkeyError("No boot proof found in the response", sdkTypes.TurnkeyErrorCodes.BAD_RESPONSE);
2976
+ }
2977
+ return bootProofResponse.bootProof;
2978
+ }, {
2979
+ errorMessage: "Failed to get boot proof for app proof",
2980
+ errorCode: sdkTypes.TurnkeyErrorCodes.FETCH_BOOT_PROOF_ERROR,
2981
+ });
2982
+ };
2886
2983
  this.config = config;
2887
2984
  // Just store any explicitly provided stampers
2888
2985
  this.apiKeyStamper = apiKeyStamper;
@@ -2905,19 +3002,9 @@ class TurnkeyClient {
2905
3002
  this.config.walletConfig?.features?.connecting) {
2906
3003
  this.walletManager = await base$3.createWalletManager(this.config.walletConfig);
2907
3004
  }
2908
- // We can comfortably default to the prod urls here
2909
- const apiBaseUrl = this.config.apiBaseUrl || "https://api.turnkey.com";
2910
- const authProxyUrl = this.config.authProxyUrl || "https://authproxy.turnkey.com";
2911
3005
  // Initialize the HTTP client with the appropriate stampers
2912
- this.httpClient = new sdkClientBase.TurnkeySDKClientBase({
2913
- ...this.config,
2914
- apiBaseUrl,
2915
- authProxyUrl,
2916
- apiKeyStamper: this.apiKeyStamper,
2917
- passkeyStamper: this.passkeyStamper,
2918
- walletStamper: this.walletManager?.stamper,
2919
- storageManager: this.storageManager,
2920
- });
3006
+ // Note: not passing anything here since we want to use the configured stampers and this.config
3007
+ this.httpClient = this.createHttpClient();
2921
3008
  }
2922
3009
  }
2923
3010