@turnkey/core 1.6.0 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/dist/__clients__/core.d.ts +10 -5
  2. package/dist/__clients__/core.d.ts.map +1 -1
  3. package/dist/__clients__/core.js +94 -37
  4. package/dist/__clients__/core.js.map +1 -1
  5. package/dist/__clients__/core.mjs +95 -38
  6. package/dist/__clients__/core.mjs.map +1 -1
  7. package/dist/__generated__/sdk-client-base.d.ts +12 -0
  8. package/dist/__generated__/sdk-client-base.d.ts.map +1 -1
  9. package/dist/__generated__/sdk-client-base.js +325 -204
  10. package/dist/__generated__/sdk-client-base.js.map +1 -1
  11. package/dist/__generated__/sdk-client-base.mjs +325 -204
  12. package/dist/__generated__/sdk-client-base.mjs.map +1 -1
  13. package/dist/__generated__/version.d.ts +1 -1
  14. package/dist/__generated__/version.js +1 -1
  15. package/dist/__generated__/version.mjs +1 -1
  16. package/dist/__inputs__/public_api.types.d.ts +296 -6
  17. package/dist/__inputs__/public_api.types.d.ts.map +1 -1
  18. package/dist/__types__/external-wallets.d.ts +19 -0
  19. package/dist/__types__/external-wallets.d.ts.map +1 -1
  20. package/dist/__types__/method-types.d.ts +7 -1
  21. package/dist/__types__/method-types.d.ts.map +1 -1
  22. package/dist/__wallet__/mobile/manager.d.ts.map +1 -1
  23. package/dist/__wallet__/mobile/manager.js +5 -2
  24. package/dist/__wallet__/mobile/manager.js.map +1 -1
  25. package/dist/__wallet__/mobile/manager.mjs +5 -2
  26. package/dist/__wallet__/mobile/manager.mjs.map +1 -1
  27. package/dist/__wallet__/wallet-connect/base.d.ts +25 -11
  28. package/dist/__wallet__/wallet-connect/base.d.ts.map +1 -1
  29. package/dist/__wallet__/wallet-connect/base.js +112 -30
  30. package/dist/__wallet__/wallet-connect/base.js.map +1 -1
  31. package/dist/__wallet__/wallet-connect/base.mjs +112 -30
  32. package/dist/__wallet__/wallet-connect/base.mjs.map +1 -1
  33. package/dist/__wallet__/wallet-connect/client.d.ts.map +1 -1
  34. package/dist/__wallet__/wallet-connect/client.js +4 -0
  35. package/dist/__wallet__/wallet-connect/client.js.map +1 -1
  36. package/dist/__wallet__/wallet-connect/client.mjs +4 -0
  37. package/dist/__wallet__/wallet-connect/client.mjs.map +1 -1
  38. package/dist/__wallet__/web/manager.d.ts +11 -0
  39. package/dist/__wallet__/web/manager.d.ts.map +1 -1
  40. package/dist/__wallet__/web/manager.js +36 -21
  41. package/dist/__wallet__/web/manager.js.map +1 -1
  42. package/dist/__wallet__/web/manager.mjs +36 -21
  43. package/dist/__wallet__/web/manager.mjs.map +1 -1
  44. package/dist/__wallet__/web/native/ethereum.d.ts.map +1 -1
  45. package/dist/__wallet__/web/native/ethereum.js +27 -4
  46. package/dist/__wallet__/web/native/ethereum.js.map +1 -1
  47. package/dist/__wallet__/web/native/ethereum.mjs +27 -4
  48. package/dist/__wallet__/web/native/ethereum.mjs.map +1 -1
  49. package/package.json +8 -8
package/dist/__clients__/core.d.ts CHANGED
@@ -95,10 +95,10 @@ export declare class TurnkeyClient {
95
95
  * - Stores the resulting session token and manages cleanup of unused key pairs.
96
96
  *
97
97
  * @param params.passkeyDisplayName - display name for the passkey (defaults to a generated name based on the current timestamp).
98
+ * @param params.challenge - challenge string to use for passkey registration. If not provided, a new challenge will be generated.
99
+ * @param params.expirationSeconds - session expiration time in seconds (defaults to the configured default).
98
100
  * @param params.createSubOrgParams - parameters for creating a sub-organization (e.g., authenticators, user metadata).
99
101
  * @param params.sessionKey - session key to use for storing the session (defaults to the default session key).
100
- * @param params.expirationSeconds - session expiration time in seconds (defaults to the configured default).
101
- * @param params.challenge - challenge string to use for passkey registration. If not provided, a new challenge will be generated.
102
102
  * @param params.organizationId - organization ID to target (defaults to the session's organization ID or the parent organization ID).
103
103
  * @returns A promise that resolves to a {@link PasskeyAuthResult}, which includes:
104
104
  * - `sessionToken`: the signed JWT session token.
@@ -351,9 +351,10 @@ export declare class TurnkeyClient {
351
351
  * @param params.oidcToken - OIDC token received after successful authentication with the OAuth provider.
352
352
  * @param params.publicKey - public key to use for authentication. Must be generated prior to calling this function, this is because the OIDC nonce has to be set to `sha256(publicKey)`.
353
353
  * @param params.providerName - name of the OAuth provider (defaults to a generated name with a timestamp).
354
- * @param params.sessionKey - session key to use for session creation (defaults to the default session key).
355
- * @param params.invalidateExisting - flag to invalidate existing sessions for the user.
356
354
  * @param params.createSubOrgParams - parameters for sub-organization creation (e.g., authenticators, user metadata).
355
+ * @param params.invalidateExisting - flag to invalidate existing sessions for the user.
356
+ * @param params.sessionKey - session key to use for session creation (defaults to the default session key).
357
+ *
357
358
  * @returns A promise that resolves to an object containing:
358
359
  * - `sessionToken`: the signed JWT session token.
359
360
  * - `action`: whether the flow resulted in a login or signup ({@link AuthAction}).
@@ -371,7 +372,10 @@ export declare class TurnkeyClient {
371
372
  * - Handles cleanup of unused key pairs if login fails.
372
373
  *
373
374
  * @param params.oidcToken - OIDC token received after successful authentication with the OAuth provider.
374
- * @param params.publicKey - public key to use for authentication. Must be generated prior to calling this function.
375
+ * @param params.publicKey - The public key bound to the login session. This key is required because it is directly
376
+ * tied to the nonce used during OIDC token generation and must match the value
377
+ * encoded in the token.
378
+ * @param params.organizationId - ID of the organization to target when creating the session.
375
379
  * @param params.invalidateExisting - flag to invalidate existing sessions for the user.
376
380
  * @param params.sessionKey - session key to use for session creation (defaults to the default session key).
377
381
  * @returns A promise that resolves to a {@link BaseAuthResult}, which includes:
@@ -430,6 +434,7 @@ export declare class TurnkeyClient {
430
434
  * @param params.stampWith - parameter to stamp the request with a specific stamper (StamperType.Passkey, StamperType.ApiKey, or StamperType.Wallet).
431
435
  * @param params.organizationId - organization ID to target (defaults to the session's organization ID).
432
436
  * @param params.userId - user ID to target (defaults to the session's user ID).
437
+ * @param params.authenticatorAddresses - optional authenticator addresses to avoid redundant user fetches (this is used for connected wallets to determine if a connected wallet is an authenticator)
433
438
  *
434
439
  * @returns A promise that resolves to an array of `v1WalletAccount` objects.
435
440
  * @throws {TurnkeyError} If no active session is found or if there is an error fetching wallet accounts.
package/dist/__clients__/core.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"core.d.ts","sourceRoot":"","sources":["../../src/__clients__/core.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EACL,KAAK,8BAA8B,EACnC,KAAK,OAAO,EACZ,KAAK,mBAAmB,EAExB,KAAK,sBAAsB,EAC3B,KAAK,MAAM,EAGX,KAAK,gCAAgC,EAErC,KAAK,YAAY,EACjB,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,UAAU,EACV,KAAK,iBAAiB,EAEtB,KAAK,WAAW,EAEjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAML,KAAK,EAKL,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,KAAK,aAAa,EAClB,KAAK,MAAM,EAMX,KAAK,iBAAiB,EACtB,KAAK,cAAc,EAGnB,KAAK,mBAAmB,EACxB,KAAK,mBAAmB,EACxB,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,8BAA8B,EACnC,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,6BAA6B,EAClC,KAAK,aAAa,EAClB,KAAK,eAAe,EACpB,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,yBAAyB,EAC9B,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,KAAK,4BAA4B,EACjC,KAAK,eAAe,EACpB,KAAK,iCAAiC,EACtC,KAAK,2BAA2B,EAChC,KAAK,2BAA2B,EAChC,KAAK,qBAAqB,EAC1B,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,EAChC,KAAK,2BAA2B,EAChC,KAAK,oBAAoB,EACzB,KAAK,sBAAsB,EAC3B,KAAK,0BAA0B,EAC/B,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,KAAK,kBAAkB,EACvB,KAAK,0BAA0B,EAC/B,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,yBAAyB,EAC9B,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,2BAA2B,EAChC,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,sBAAsB,EAC3B,KAAK,sBAAsB,EAC3B,KAAK,+BAA+B,EACpC,KAAK,sBAAsB,EAC3B,KAAK,6BAA6B,EAClC,KAAK,6BAA6B,EAClC,KAAK,qBAAqB,EAC3B,MAAM,cAAc,CAAC;AA8BtB,OAAO,EAAE,0BAA0B,EAAE,MAAM,0BAA0B,CAAC;AACtE,OAAO,EAAE,2BAA2B,EAAE,MAAM,8BAA8B,CAAC;AAU3E;;;;;;;GAOG;AACH,KAAK,aAAa,CAAC,CAAC,IAAI;KACrB,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,QAAQ,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC;CAC1D,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,IAAI,CACrC,aAAa,CAAC,aAAa,CAAC,EAC5B,MAAM,GAAG,QAAQ,GAAG,YAAY,GAAG,aAAa,CACjD,CAAC;AAEF,qBAAa,aAAa;IACxB,MAAM,EAAE,sBAAsB,CAAC;IAC/B,UAAU,EAAG,oBAAoB,CAAC;IAElC,OAAO,CAAC,aAAa,CAAC,CAAyC;IAC/D,OAAO,CAAC,cAAc,CAAC,CAA0C;IACjE,OAAO,CAAC,aAAa,CAAC,CAAgC;IACtD,OAAO,CAAC,cAAc,CAAe;gBAGnC,MAAM,EAAE,sBAAsB,EAG9B,aAAa,CAAC,EAAE,0BAA0B,EAC1C,cAAc,CAAC,EAAE,2BAA2B,EAC5C,aAAa,CAAC,EAAE,iBAAiB;IAY7B,IAAI;IA4BV;;;;;;;;;;;;;;;OAeG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,oBAAoB,CAuBrB;IAEF;;;;;;;;;;;OAWG;IACH,aAAa,WACH,mBAAmB,KAC1B,QAAQ,mBAAmB,CAAC,CAuE7B;IAEF;;;;;;;;;;OAUG;IACH,MAAM,YAAmB,YAAY,KAAG,QAAQ,IAAI,CAAC,CA4BnD;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,QAAQ,iBAAiB,CAAC,CAqE3B;IAEF;;;;;;;;;;;;;;;;;;;OAmBG;IACH,iBAAiB,YACN,uBAAuB,KAC/B,QAAQ,iBAAiB,CAAC,CAyG3B;IAEF;;;;;;;;;OASG;IACH,oBAAoB,WAAkB,KAAK,KAAG,QAAQ,cAAc,EAAE,CAAC,CAiBrE;IAEF;;;;;;;;OAQG;IACH,oBAAoB,mBACF,cAAc,KAC7B,QAAQ,MAAM,CAAC,CA8BhB;IAEF;;;;;;;;OAQG;IACH,uBAAuB,mBAA0B,cAAc,mBAmB7D;IAEF;;;;;;;;;;;;;;;OAeG;IACH,wBAAwB,WACd,8BAA8B,KACrC,QAAQ,IAAI,CAAC,CAgDd;IAEF;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,uBAAuB,WACb,6BAA6B,KACpC,QAAQ,6BAA6B,CAAC,CA2HvC;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,eAAe,WACL,qBAAqB,KAC5B,QAAQ,gBAAgB,CAAC,CA+E1B;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,gBAAgB,CAAC,CAoH1B;IAEF;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,uBAAuB,WACb,6BAA6B,KACpC,QAAQ,gBAAgB,GAAG;QAAE,MAAM,EAAE,UAAU,CAAA;KAAE,CAAC,CAqGnD;IAEF;;;;;;;;;;;;OAYG;IACH,OAAO,WAAkB,aAAa,KAAG,QAAQ,MAAM,CAAC,CA0BtD;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,SAAS,WAAkB,eAAe,KAAG,QAAQ,eAAe,CAAC,CA6CnE;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,YAAY,WACF,kBAAkB,KACzB,QAAQ,cAAc,CAAC,CA6DxB;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,aAAa,WACH,mBAAmB,KAC1B,QAAQ,cAAc,CAAC,CAiDxB;IAEF;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,WAAW,WACD,iBAAiB,KACxB,QACD,cAAc,GAAG;QAAE,iBAAiB,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,UAAU,CAAA;KAAE,CACnE,CA+DC;IAEF;;;;;;;;;;;;;;;;;;;OAmBG;IACH,aAAa,WACH,mBAAmB,KAC1B,QAAQ,cAAc,GAAG;QAAE,MAAM,EAAE,UAAU,CAAA;KAAE,CAAC,CA2DjD;IAEF;;;;;;;;;;;;;;;OAeG;IACH,cAAc,WACJ,oBAAoB,KAC3B,QAAQ,cAAc,CAAC,CAsExB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,eAAe,WACL,qBAAqB,KAC5B,QAAQ,cAAc,CAAC,CAgDxB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,YAAY,YAAmB,kBAAkB,KAAG,QAAQ,MAAM,EAAE,CAAC,CAyInE;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,mBAAmB,WACT,yBAAyB,KAChC,QAAQ,aAAa,EAAE,CAAC,CAgLzB;IAEF;;;;;;;;;;OAUG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,QAAQ,YAAY,EAAE,CAAC,CAqCxB;IAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAqCG;IACH,WAAW,WACD,iBAAiB,KACxB,QAAQ,sBAAsB,CAAC,CAiFhC;IAEF;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,eAAe,WAAkB,qBAAqB,KAAG,QAAQ,MAAM,CAAC,CAsDtE;IAEF;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,sBAAsB,WACZ,4BAA4B,KACnC,QAAQ,MAAM,CAAC,CAuFhB;IAEF;;;;;;;;;;;;;;OAcG;IACH,SAAS,YAAmB,eAAe,KAAG,QAAQ,MAAM,CAAC,CAgD3D;IAEF;;;;;;;;;;;;;;;OAeG;IACH,2BAA2B,WACjB,iCAAiC,KACxC,QAAQ,MAAM,CAAC,CA6GhB;IAEF;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,qBAAqB,WACX,2BAA2B,KAClC,QAAQ,2BAA2B,CAAC,CAuGrC;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,eAAe,WAAkB,qBAAqB,KAAG,QAAQ,MAAM,CAAC,CA0DtE;IAEF;;;;;;;;;;;;;OAaG;IACH,eAAe,YAAmB,qBAAqB,KAAG,QAAQ,MAAM,CAAC,CAuCvE;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,qBAAqB,WACX,2BAA2B,KAClC,QAAQ,MAAM,CAAC,CA8ChB;IAEF;;;;;;;;;;;;;OAaG;IACH,qBAAqB,YACV,2BAA2B,KACnC,QAAQ,MAAM,CAAC,CAuChB;IAEF;;;;;;;;;;;;;;;OAeG;IACH,cAAc,WAAkB,oBAAoB,KAAG,QAAQ,MAAM,CAAC,CA4CpE;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,MAAM,EAAE,CAAC,CAqGlB;IAEF;;;;;;;;;;;;;;;OAeG;IACH,oBAAoB,WACV,0BAA0B,KACjC,QAAQ,MAAM,EAAE,CAAC,CA0ClB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,UAAU,YAAmB,gBAAgB,KAAG,QAAQ,MAAM,EAAE,CAAC,CAqD/D;IAEF;;;;;;;;;;;;;;;OAeG;IACH,cAAc,WAAkB,mBAAmB,KAAG,QAAQ,MAAM,EAAE,CAAC,CA2CrE;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,MAAM,CAAC,CA0DhE;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,oBAAoB,WACV,0BAA0B,KACjC,QAAQ,MAAM,EAAE,CAAC,CAiElB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,YAAY,CAAC,CA6CtE;IAEF;;;;;;;;;;;;;;;OAeG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,YAAY,CAAC,CA4CtB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,mBAAmB,WACT,yBAAyB,KAChC,QAAQ,YAAY,CAAC,CA4CtB;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,MAAM,CAAC,CAkEhE;IAEF;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,MAAM,CAAC,CAiEhB;IAEF;;;;;;;;;;;;;;OAcG;IACH,qBAAqB,YACV,2BAA2B,KACnC,QAAQ,8BAA8B,CAAC,CA0BxC;IAEF;;;;;;;;;;;;;OAaG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,IAAI,CAAC,CAgB9D;IAEF;;;;;;;;;;;OAWG;IACH,YAAY,YAAmB,kBAAkB,KAAG,QAAQ,IAAI,CAAC,CAoB/D;IAEF;;;;;;;;;;OAUG;IACH,gBAAgB,QAAa,QAAQ,IAAI,CAAC,CAcxC;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,cAAc,YACH,oBAAoB,KAC5B,QAAQ,mBAAmB,GAAG,SAAS,CAAC,CAoEzC;IAEF;;;;;;;;;;OAUG;IACH,UAAU,YACC,gBAAgB,KACxB,QAAQ,OAAO,GAAG,SAAS,CAAC,CAY7B;IAEF;;;;;;;;;;OAUG;IACH,cAAc,QAAa,QAAQ,OAAO,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAAC,CAqBrE;IAEF;;;;;;;;;;;OAWG;IACH,gBAAgB,WAAkB,sBAAsB,KAAG,QAAQ,IAAI,CAAC,CAWtE;IAEF;;;;;;;;;;OAUG;IACH,mBAAmB,QAAa,QAAQ,MAAM,GAAG,SAAS,CAAC,CAUzD;IAEF;;;;;;;;;;OAUG;IACH,mBAAmB,QAAa,QAAQ,IAAI,CAAC,CAoC3C;IAEF;;;;;;;;;;;;;OAaG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,QAAQ,MAAM,CAAC,CA2BhB;IAEF;;;;;;;;;;OAUG;IACH,kBAAkB,QAAa,QAAQ,gCAAgC,CAAC,CAmBtE;IAEF;;;;;;;;;;;;;OAaG;IACH,yBAAyB,WACf,+BAA+B,KACtC,QAAQ,WAAW,CAAC,CAoDrB;IAEF;;;;;;;;;;OAUG;IACH,eAAe,WAAkB,qBAAqB,KAAG,QAAQ,IAAI,CAAC,CA+DpE;CACH"}
1
+ {"version":3,"file":"core.d.ts","sourceRoot":"","sources":["../../src/__clients__/core.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EACL,KAAK,8BAA8B,EACnC,KAAK,OAAO,EACZ,KAAK,mBAAmB,EAExB,KAAK,sBAAsB,EAC3B,KAAK,MAAM,EAGX,KAAK,gCAAgC,EAErC,KAAK,YAAY,EACjB,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,UAAU,EACV,KAAK,iBAAiB,EAEtB,KAAK,WAAW,EAIjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAML,KAAK,EAKL,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,KAAK,aAAa,EAClB,KAAK,MAAM,EAMX,KAAK,iBAAiB,EACtB,KAAK,cAAc,EAGnB,KAAK,mBAAmB,EACxB,KAAK,mBAAmB,EACxB,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,8BAA8B,EACnC,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,6BAA6B,EAClC,KAAK,aAAa,EAClB,KAAK,eAAe,EACpB,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,yBAAyB,EAC9B,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,KAAK,4BAA4B,EACjC,KAAK,eAAe,EACpB,KAAK,iCAAiC,EACtC,KAAK,2BAA2B,EAChC,KAAK,2BAA2B,EAChC,KAAK,qBAAqB,EAC1B,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,EAChC,KAAK,2BAA2B,EAChC,KAAK,oBAAoB,EACzB,KAAK,sBAAsB,EAC3B,KAAK,0BAA0B,EAC/B,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,KAAK,kBAAkB,EACvB,KAAK,0BAA0B,EAC/B,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,yBAAyB,EAC9B,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,2BAA2B,EAChC,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,sBAAsB,EAC3B,KAAK,sBAAsB,EAC3B,KAAK,+BAA+B,EACpC,KAAK,sBAAsB,EAC3B,KAAK,6BAA6B,EAClC,KAAK,6BAA6B,EAClC,KAAK,qBAAqB,EAC3B,MAAM,cAAc,CAAC;AA8BtB,OAAO,EAAE,0BAA0B,EAAE,MAAM,0BAA0B,CAAC;AACtE,OAAO,EAAE,2BAA2B,EAAE,MAAM,8BAA8B,CAAC;AAU3E;;;;;;;GAOG;AACH,KAAK,aAAa,CAAC,CAAC,IAAI;KACrB,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,QAAQ,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC;CAC1D,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,IAAI,CACrC,aAAa,CAAC,aAAa,CAAC,EAC5B,MAAM,GAAG,QAAQ,GAAG,YAAY,GAAG,aAAa,CACjD,CAAC;AAEF,qBAAa,aAAa;IACxB,MAAM,EAAE,sBAAsB,CAAC;IAC/B,UAAU,EAAG,oBAAoB,CAAC;IAElC,OAAO,CAAC,aAAa,CAAC,CAAyC;IAC/D,OAAO,CAAC,cAAc,CAAC,CAA0C;IACjE,OAAO,CAAC,aAAa,CAAC,CAAgC;IACtD,OAAO,CAAC,cAAc,CAAe;gBAGnC,MAAM,EAAE,sBAAsB,EAG9B,aAAa,CAAC,EAAE,0BAA0B,EAC1C,cAAc,CAAC,EAAE,2BAA2B,EAC5C,aAAa,CAAC,EAAE,iBAAiB;IAY7B,IAAI;IA2CV;;;;;;;;;;;;;;;OAeG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,oBAAoB,CAuBrB;IAEF;;;;;;;;;;;OAWG;IACH,aAAa,WACH,mBAAmB,KAC1B,QAAQ,mBAAmB,CAAC,CAuE7B;IAEF;;;;;;;;;;OAUG;IACH,MAAM,YAAmB,YAAY,KAAG,QAAQ,IAAI,CAAC,CA4BnD;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,QAAQ,iBAAiB,CAAC,CAqE3B;IAEF;;;;;;;;;;;;;;;;;;;OAmBG;IACH,iBAAiB,YACN,uBAAuB,KAC/B,QAAQ,iBAAiB,CAAC,CA2G3B;IAEF;;;;;;;;;OASG;IACH,oBAAoB,WAAkB,KAAK,KAAG,QAAQ,cAAc,EAAE,CAAC,CAiBrE;IAEF;;;;;;;;OAQG;IACH,oBAAoB,mBACF,cAAc,KAC7B,QAAQ,MAAM,CAAC,CA8BhB;IAEF;;;;;;;;OAQG;IACH,uBAAuB,mBAA0B,cAAc,mBAmB7D;IAEF;;;;;;;;;;;;;;;OAeG;IACH,wBAAwB,WACd,8BAA8B,KACrC,QAAQ,IAAI,CAAC,CAgDd;IAEF;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,uBAAuB,WACb,6BAA6B,KACpC,QAAQ,6BAA6B,CAAC,CA2HvC;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,eAAe,WACL,qBAAqB,KAC5B,QAAQ,gBAAgB,CAAC,CA+E1B;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,gBAAgB,CAAC,CAqH1B;IAEF;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,uBAAuB,WACb,6BAA6B,KACpC,QAAQ,gBAAgB,GAAG;QAAE,MAAM,EAAE,UAAU,CAAA;KAAE,CAAC,CAqGnD;IAEF;;;;;;;;;;;;OAYG;IACH,OAAO,WAAkB,aAAa,KAAG,QAAQ,MAAM,CAAC,CA0BtD;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,SAAS,WAAkB,eAAe,KAAG,QAAQ,eAAe,CAAC,CA6CnE;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,YAAY,WACF,kBAAkB,KACzB,QAAQ,cAAc,CAAC,CA6DxB;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,aAAa,WACH,mBAAmB,KAC1B,QAAQ,cAAc,CAAC,CAiDxB;IAEF;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,WAAW,WACD,iBAAiB,KACxB,QACD,cAAc,GAAG;QAAE,iBAAiB,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,UAAU,CAAA;KAAE,CACnE,CA+DC;IAEF;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,aAAa,WACH,mBAAmB,KAC1B,QAAQ,cAAc,GAAG;QAAE,MAAM,EAAE,UAAU,CAAA;KAAE,CAAC,CA8DjD;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,cAAc,WACJ,oBAAoB,KAC3B,QAAQ,cAAc,CAAC,CAwExB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,eAAe,WACL,qBAAqB,KAC5B,QAAQ,cAAc,CAAC,CAgDxB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,YAAY,YAAmB,kBAAkB,KAAG,QAAQ,MAAM,EAAE,CAAC,CAwLnE;IAEF;;;;;;;;;;;;;;;;;;;OAmBG;IACH,mBAAmB,WACT,yBAAyB,KAChC,QAAQ,aAAa,EAAE,CAAC,CAmLzB;IAEF;;;;;;;;;;OAUG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,QAAQ,YAAY,EAAE,CAAC,CAqCxB;IAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAqCG;IACH,WAAW,WACD,iBAAiB,KACxB,QAAQ,sBAAsB,CAAC,CAiFhC;IAEF;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,eAAe,WAAkB,qBAAqB,KAAG,QAAQ,MAAM,CAAC,CAsDtE;IAEF;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,sBAAsB,WACZ,4BAA4B,KACnC,QAAQ,MAAM,CAAC,CAuFhB;IAEF;;;;;;;;;;;;;;OAcG;IACH,SAAS,YAAmB,eAAe,KAAG,QAAQ,MAAM,CAAC,CAgD3D;IAEF;;;;;;;;;;;;;;;OAeG;IACH,2BAA2B,WACjB,iCAAiC,KACxC,QAAQ,MAAM,CAAC,CA6GhB;IAEF;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,qBAAqB,WACX,2BAA2B,KAClC,QAAQ,2BAA2B,CAAC,CAuGrC;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,eAAe,WAAkB,qBAAqB,KAAG,QAAQ,MAAM,CAAC,CA0DtE;IAEF;;;;;;;;;;;;;OAaG;IACH,eAAe,YAAmB,qBAAqB,KAAG,QAAQ,MAAM,CAAC,CAuCvE;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,qBAAqB,WACX,2BAA2B,KAClC,QAAQ,MAAM,CAAC,CA8ChB;IAEF;;;;;;;;;;;;;OAaG;IACH,qBAAqB,YACV,2BAA2B,KACnC,QAAQ,MAAM,CAAC,CAuChB;IAEF;;;;;;;;;;;;;;;OAeG;IACH,cAAc,WAAkB,oBAAoB,KAAG,QAAQ,MAAM,CAAC,CA4CpE;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,MAAM,EAAE,CAAC,CAqGlB;IAEF;;;;;;;;;;;;;;;OAeG;IACH,oBAAoB,WACV,0BAA0B,KACjC,QAAQ,MAAM,EAAE,CAAC,CA0ClB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,UAAU,YAAmB,gBAAgB,KAAG,QAAQ,MAAM,EAAE,CAAC,CAqD/D;IAEF;;;;;;;;;;;;;;;OAeG;IACH,cAAc,WAAkB,mBAAmB,KAAG,QAAQ,MAAM,EAAE,CAAC,CA2CrE;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,MAAM,CAAC,CA0DhE;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,oBAAoB,WACV,0BAA0B,KACjC,QAAQ,MAAM,EAAE,CAAC,CAiElB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,YAAY,CAAC,CA6CtE;IAEF;;;;;;;;;;;;;;;OAeG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,YAAY,CAAC,CA4CtB;IAEF;;;;;;;;;;;;;;;;OAgBG;IACH,mBAAmB,WACT,yBAAyB,KAChC,QAAQ,YAAY,CAAC,CA4CtB;IAEF;;;;;;;;;;;;;;;;;;OAkBG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,MAAM,CAAC,CAkEhE;IAEF;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,gBAAgB,WACN,sBAAsB,KAC7B,QAAQ,MAAM,CAAC,CAiEhB;IAEF;;;;;;;;;;;;;;OAcG;IACH,qBAAqB,YACV,2BAA2B,KACnC,QAAQ,8BAA8B,CAAC,CA0BxC;IAEF;;;;;;;;;;;;;OAaG;IACH,YAAY,WAAkB,kBAAkB,KAAG,QAAQ,IAAI,CAAC,CAgB9D;IAEF;;;;;;;;;;;OAWG;IACH,YAAY,YAAmB,kBAAkB,KAAG,QAAQ,IAAI,CAAC,CAsB/D;IAEF;;;;;;;;;;OAUG;IACH,gBAAgB,QAAa,QAAQ,IAAI,CAAC,CAcxC;IAEF;;;;;;;;;;;;;;;;;OAiBG;IACH,cAAc,YACH,oBAAoB,KAC5B,QAAQ,mBAAmB,GAAG,SAAS,CAAC,CAoEzC;IAEF;;;;;;;;;;OAUG;IACH,UAAU,YACC,gBAAgB,KACxB,QAAQ,OAAO,GAAG,SAAS,CAAC,CAY7B;IAEF;;;;;;;;;;OAUG;IACH,cAAc,QAAa,QAAQ,OAAO,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAAC,CAqBrE;IAEF;;;;;;;;;;;OAWG;IACH,gBAAgB,WAAkB,sBAAsB,KAAG,QAAQ,IAAI,CAAC,CAWtE;IAEF;;;;;;;;;;OAUG;IACH,mBAAmB,QAAa,QAAQ,MAAM,GAAG,SAAS,CAAC,CAUzD;IAEF;;;;;;;;;;OAUG;IACH,mBAAmB,QAAa,QAAQ,IAAI,CAAC,CAoC3C;IAEF;;;;;;;;;;;;;OAaG;IACH,gBAAgB,YACL,sBAAsB,KAC9B,QAAQ,MAAM,CAAC,CA2BhB;IAEF;;;;;;;;;;OAUG;IACH,kBAAkB,QAAa,QAAQ,gCAAgC,CAAC,CAmBtE;IAEF;;;;;;;;;;;;;OAaG;IACH,yBAAyB,WACf,+BAA+B,KACtC,QAAQ,WAAW,CAAC,CAoDrB;IAEF;;;;;;;;;;OAUG;IACH,eAAe,WAAkB,qBAAqB,KAAG,QAAQ,IAAI,CAAC,CA+DpE;CACH"}
package/dist/__clients__/core.js CHANGED
@@ -230,10 +230,10 @@ class TurnkeyClient {
230
230
  * - Stores the resulting session token and manages cleanup of unused key pairs.
231
231
  *
232
232
  * @param params.passkeyDisplayName - display name for the passkey (defaults to a generated name based on the current timestamp).
233
+ * @param params.challenge - challenge string to use for passkey registration. If not provided, a new challenge will be generated.
234
+ * @param params.expirationSeconds - session expiration time in seconds (defaults to the configured default).
233
235
  * @param params.createSubOrgParams - parameters for creating a sub-organization (e.g., authenticators, user metadata).
234
236
  * @param params.sessionKey - session key to use for storing the session (defaults to the default session key).
235
- * @param params.expirationSeconds - session expiration time in seconds (defaults to the configured default).
236
- * @param params.challenge - challenge string to use for passkey registration. If not provided, a new challenge will be generated.
237
237
  * @param params.organizationId - organization ID to target (defaults to the session's organization ID or the parent organization ID).
238
238
  * @returns A promise that resolves to a {@link PasskeyAuthResult}, which includes:
239
239
  * - `sessionToken`: the signed JWT session token.
@@ -241,7 +241,7 @@ class TurnkeyClient {
241
241
  * @throws {TurnkeyError} If there is an error during passkey creation, sub-organization creation, or session storage.
242
242
  */
243
243
  this.signUpWithPasskey = async (params) => {
244
- const { createSubOrgParams, passkeyDisplayName, sessionKey = enums.SessionKey.DefaultSessionkey, expirationSeconds = auth.DEFAULT_SESSION_EXPIRATION_IN_SECONDS, organizationId, } = params || {};
244
+ const { passkeyDisplayName, challenge, expirationSeconds = auth.DEFAULT_SESSION_EXPIRATION_IN_SECONDS, createSubOrgParams, sessionKey = enums.SessionKey.DefaultSessionkey, organizationId, } = params || {};
245
245
  let generatedPublicKey = undefined;
246
246
  return utils.withTurnkeyErrorHandling(async () => {
247
247
  generatedPublicKey = await this.apiKeyStamper?.createKeyPair();
@@ -249,7 +249,7 @@ class TurnkeyClient {
249
249
  // A passkey will be created automatically when you call this function. The name is passed in
250
250
  const passkey = await this.createPasskey({
251
251
  name: passkeyName,
252
- ...(params?.challenge && { challenge: params.challenge }),
252
+ ...(challenge && { challenge }),
253
253
  });
254
254
  if (!passkey) {
255
255
  throw new sdkTypes.TurnkeyError("Failed to create passkey: encoded challenge or attestation is missing", sdkTypes.TurnkeyErrorCodes.INTERNAL_ERROR);
@@ -287,11 +287,13 @@ class TurnkeyClient {
287
287
  organizationId: organizationId ?? this.config.organizationId,
288
288
  expirationSeconds,
289
289
  });
290
- await this.apiKeyStamper?.deleteKeyPair(generatedPublicKey);
291
- await this.storeSession({
292
- sessionToken: sessionResponse.session,
293
- sessionKey,
294
- });
290
+ await Promise.all([
291
+ this.apiKeyStamper?.deleteKeyPair(generatedPublicKey),
292
+ this.storeSession({
293
+ sessionToken: sessionResponse.session,
294
+ sessionKey,
295
+ }),
296
+ ]);
295
297
  generatedPublicKey = undefined; // Key pair was successfully used, set to null to prevent cleanup
296
298
  return {
297
299
  sessionToken: sessionResponse.session,
@@ -653,11 +655,13 @@ class TurnkeyClient {
653
655
  organizationId: this.config.organizationId,
654
656
  expirationSeconds,
655
657
  });
656
- await this.apiKeyStamper?.deleteKeyPair(generatedPublicKey);
657
- await this.storeSession({
658
- sessionToken: sessionResponse.session,
659
- sessionKey,
660
- });
658
+ await Promise.all([
659
+ this.apiKeyStamper?.deleteKeyPair(generatedPublicKey),
660
+ this.storeSession({
661
+ sessionToken: sessionResponse.session,
662
+ sessionKey,
663
+ }),
664
+ ]);
661
665
  generatedPublicKey = undefined; // Key pair was successfully used, set to null to prevent cleanup
662
666
  // TODO (Moe): What happens if a user connects to MetaMask on Ethereum,
663
667
  // then switches to a Solana account within MetaMask? Will this flow break?
@@ -1035,16 +1039,17 @@ class TurnkeyClient {
1035
1039
  * @param params.oidcToken - OIDC token received after successful authentication with the OAuth provider.
1036
1040
  * @param params.publicKey - public key to use for authentication. Must be generated prior to calling this function, this is because the OIDC nonce has to be set to `sha256(publicKey)`.
1037
1041
  * @param params.providerName - name of the OAuth provider (defaults to a generated name with a timestamp).
1038
- * @param params.sessionKey - session key to use for session creation (defaults to the default session key).
1039
- * @param params.invalidateExisting - flag to invalidate existing sessions for the user.
1040
1042
  * @param params.createSubOrgParams - parameters for sub-organization creation (e.g., authenticators, user metadata).
1043
+ * @param params.invalidateExisting - flag to invalidate existing sessions for the user.
1044
+ * @param params.sessionKey - session key to use for session creation (defaults to the default session key).
1045
+ *
1041
1046
  * @returns A promise that resolves to an object containing:
1042
1047
  * - `sessionToken`: the signed JWT session token.
1043
1048
  * - `action`: whether the flow resulted in a login or signup ({@link AuthAction}).
1044
1049
  * @throws {TurnkeyError} If there is an error during the OAuth completion process, such as account lookup, sign-up, or login.
1045
1050
  */
1046
1051
  this.completeOauth = async (params) => {
1047
- const { oidcToken, publicKey, createSubOrgParams, providerName = "OpenID Connect Provider" + " " + Date.now(), sessionKey = enums.SessionKey.DefaultSessionkey, invalidateExisting = false, } = params;
1052
+ const { oidcToken, publicKey, providerName, createSubOrgParams, invalidateExisting, sessionKey, } = params;
1048
1053
  return utils.withTurnkeyErrorHandling(async () => {
1049
1054
  const accountRes = await this.httpClient.proxyGetAccount({
1050
1055
  filterType: "OIDC_TOKEN",
@@ -1058,8 +1063,8 @@ class TurnkeyClient {
1058
1063
  const loginRes = await this.loginWithOauth({
1059
1064
  oidcToken,
1060
1065
  publicKey,
1061
- invalidateExisting,
1062
- sessionKey,
1066
+ ...(invalidateExisting && { invalidateExisting }),
1067
+ ...(sessionKey && { sessionKey }),
1063
1068
  });
1064
1069
  return {
1065
1070
  ...loginRes,
@@ -1070,11 +1075,14 @@ class TurnkeyClient {
1070
1075
  const signUpRes = await this.signUpWithOauth({
1071
1076
  oidcToken,
1072
1077
  publicKey,
1073
- providerName,
1074
- sessionKey,
1078
+ ...(providerName && {
1079
+ providerName,
1080
+ }),
1075
1081
  ...(createSubOrgParams && {
1076
1082
  createSubOrgParams,
1077
1083
  }),
1084
+ ...(invalidateExisting && { invalidateExisting }),
1085
+ ...(sessionKey && { sessionKey }),
1078
1086
  });
1079
1087
  return {
1080
1088
  ...signUpRes,
@@ -1095,7 +1103,10 @@ class TurnkeyClient {
1095
1103
  * - Handles cleanup of unused key pairs if login fails.
1096
1104
  *
1097
1105
  * @param params.oidcToken - OIDC token received after successful authentication with the OAuth provider.
1098
- * @param params.publicKey - public key to use for authentication. Must be generated prior to calling this function.
1106
+ * @param params.publicKey - The public key bound to the login session. This key is required because it is directly
1107
+ * tied to the nonce used during OIDC token generation and must match the value
1108
+ * encoded in the token.
1109
+ * @param params.organizationId - ID of the organization to target when creating the session.
1099
1110
  * @param params.invalidateExisting - flag to invalidate existing sessions for the user.
1100
1111
  * @param params.sessionKey - session key to use for session creation (defaults to the default session key).
1101
1112
  * @returns A promise that resolves to a {@link BaseAuthResult}, which includes:
@@ -1103,7 +1114,7 @@ class TurnkeyClient {
1103
1114
  * @throws {TurnkeyError} If there is an error during the OAuth login process or if key pair cleanup fails.
1104
1115
  */
1105
1116
  this.loginWithOauth = async (params) => {
1106
- const { oidcToken, invalidateExisting = false, publicKey, sessionKey = enums.SessionKey.DefaultSessionkey, } = params;
1117
+ const { oidcToken, publicKey, organizationId, invalidateExisting = false, sessionKey = enums.SessionKey.DefaultSessionkey, } = params;
1107
1118
  return utils.withTurnkeyErrorHandling(async () => {
1108
1119
  if (!publicKey) {
1109
1120
  throw new sdkTypes.TurnkeyError("Public key must be provided to log in with OAuth. Please create a key pair first.", sdkTypes.TurnkeyErrorCodes.MISSING_PARAMS);
@@ -1112,6 +1123,7 @@ class TurnkeyClient {
1112
1123
  oidcToken,
1113
1124
  publicKey,
1114
1125
  invalidateExisting,
1126
+ ...(organizationId && { organizationId }),
1115
1127
  });
1116
1128
  if (!loginRes) {
1117
1129
  throw new sdkTypes.TurnkeyError(`Auth proxy OAuth login failed`, sdkTypes.TurnkeyErrorCodes.OAUTH_LOGIN_ERROR);
@@ -1164,7 +1176,7 @@ class TurnkeyClient {
1164
1176
  * @throws {TurnkeyError} If there is an error during the OAuth sign-up or login process.
1165
1177
  */
1166
1178
  this.signUpWithOauth = async (params) => {
1167
- const { oidcToken, publicKey, providerName, createSubOrgParams, sessionKey, } = params;
1179
+ const { oidcToken, publicKey, providerName = "OpenID Connect Provider" + " " + Date.now(), createSubOrgParams, sessionKey, } = params;
1168
1180
  return utils.withTurnkeyErrorHandling(async () => {
1169
1181
  const signUpBody = utils.buildSignUpBody({
1170
1182
  createSubOrgParams: {
@@ -1225,20 +1237,41 @@ class TurnkeyClient {
1225
1237
  }
1226
1238
  return utils.withTurnkeyErrorHandling(async () => {
1227
1239
  let embedded = [];
1240
+ const organizationId = organizationIdFromParams || session?.organizationId;
1241
+ const userId = userIdFromParams || session?.userId;
1242
+ // we start fetching user early if we have the required params (needed for connected wallets)
1243
+ // this runs in parallel with the embedded wallet fetching below
1244
+ let userPromise;
1245
+ if (organizationId && userId && this.walletManager?.connector) {
1246
+ const signedUserRequest = await this.httpClient.stampGetUser({
1247
+ userId,
1248
+ organizationId,
1249
+ }, stampWith);
1250
+ if (!signedUserRequest) {
1251
+ throw new sdkTypes.TurnkeyError("Failed to stamp user request", sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
1252
+ }
1253
+ userPromise = utils.sendSignedRequest(signedUserRequest).then((response) => utils.getAuthenticatorAddresses(response.user));
1254
+ }
1228
1255
  // if connectedOnly is true, we skip fetching embedded wallets
1229
1256
  if (!connectedOnly) {
1230
- const organizationId = organizationIdFromParams || session?.organizationId;
1231
1257
  if (!organizationId) {
1232
1258
  throw new sdkTypes.TurnkeyError("No organization ID provided and no active session found. Please log in first or pass in an organization ID.", sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
1233
1259
  }
1234
- const userId = userIdFromParams || session?.userId;
1235
1260
  if (!userId) {
1236
1261
  throw new sdkTypes.TurnkeyError("No user ID provided and no active session found. Please log in first or pass in a user ID.", sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
1237
1262
  }
1238
- const accounts = await utils.fetchAllWalletAccountsWithCursor(this.httpClient, organizationId, stampWith);
1239
- const walletsRes = await this.httpClient.getWallets({
1263
+ // we stamp the wallet request first
1264
+ // this is done to avoid concurrent passkey prompts
1265
+ const signedWalletsRequest = await this.httpClient.stampGetWallets({
1240
1266
  organizationId,
1241
1267
  }, stampWith);
1268
+ if (!signedWalletsRequest) {
1269
+ throw new sdkTypes.TurnkeyError("Failed to stamp wallet request", sdkTypes.TurnkeyErrorCodes.INVALID_REQUEST);
1270
+ }
1271
+ const [accounts, walletsRes] = await Promise.all([
1272
+ utils.fetchAllWalletAccountsWithCursor(this.httpClient, organizationId, stampWith),
1273
+ utils.sendSignedRequest(signedWalletsRequest),
1274
+ ]);
1242
1275
  // create a map of walletId to EmbeddedWallet for easy lookup
1243
1276
  const walletMap = new Map(walletsRes.wallets.map((wallet) => [
1244
1277
  wallet.walletId,
@@ -1266,6 +1299,13 @@ class TurnkeyClient {
1266
1299
  group.push(provider);
1267
1300
  groupedProviders.set(walletId, group);
1268
1301
  }
1302
+ // we fetch user once for all connected wallets to avoid duplicate `fetchUser` calls
1303
+ // this is only done if we have `organizationId` and `userId`
1304
+ // Note: this was started earlier in parallel with embedded wallet fetching for performance
1305
+ let authenticatorAddresses;
1306
+ if (userPromise) {
1307
+ authenticatorAddresses = await userPromise;
1308
+ }
1269
1309
  // has to be done in a for of loop so we can await each fetchWalletAccounts call individually
1270
1310
  // otherwise await Promise.all would cause them all to fire at once breaking passkey only set ups
1271
1311
  // (multiple wallet fetches at once causing "OperationError: A request is already pending.")
@@ -1290,6 +1330,7 @@ class TurnkeyClient {
1290
1330
  organizationId: organizationIdFromParams,
1291
1331
  }),
1292
1332
  ...(userIdFromParams !== undefined && { userId: userIdFromParams }),
1333
+ ...(authenticatorAddresses && { authenticatorAddresses }),
1293
1334
  });
1294
1335
  wallet.accounts = accounts;
1295
1336
  if (wallet.accounts.length > 0) {
@@ -1317,6 +1358,7 @@ class TurnkeyClient {
1317
1358
  * @param params.stampWith - parameter to stamp the request with a specific stamper (StamperType.Passkey, StamperType.ApiKey, or StamperType.Wallet).
1318
1359
  * @param params.organizationId - organization ID to target (defaults to the session's organization ID).
1319
1360
  * @param params.userId - user ID to target (defaults to the session's user ID).
1361
+ * @param params.authenticatorAddresses - optional authenticator addresses to avoid redundant user fetches (this is used for connected wallets to determine if a connected wallet is an authenticator)
1320
1362
  *
1321
1363
  * @returns A promise that resolves to an array of `v1WalletAccount` objects.
1322
1364
  * @throws {TurnkeyError} If no active session is found or if there is an error fetching wallet accounts.
@@ -1371,9 +1413,13 @@ class TurnkeyClient {
1371
1413
  const sign = this.walletManager.connector.sign.bind(this.walletManager.connector);
1372
1414
  let ethereumAddresses = [];
1373
1415
  let solanaAddresses = [];
1374
- // we only fetch the user if we have to the organizationId and userId
1375
- // if not that means `isAuthenticator` will always be false
1376
- if (organizationId && userId) {
1416
+ if (params.authenticatorAddresses) {
1417
+ ({ ethereum: ethereumAddresses, solana: solanaAddresses } =
1418
+ params.authenticatorAddresses);
1419
+ }
1420
+ else if (organizationId && userId) {
1421
+ // we only fetch the user if authenticator addresses aren't provided and we have the organizationId and userId
1422
+ // if not, then that means `isAuthenticator` will always be false
1377
1423
  const user = await this.fetchUser({
1378
1424
  userId,
1379
1425
  organizationId,
@@ -2697,8 +2743,10 @@ class TurnkeyClient {
2697
2743
  utils.withTurnkeyErrorHandling(async () => {
2698
2744
  const session = await this.storageManager.getSession(sessionKey);
2699
2745
  if (session) {
2700
- await this.apiKeyStamper?.deleteKeyPair(session.publicKey);
2701
- await this.storageManager.clearSession(sessionKey);
2746
+ await Promise.all([
2747
+ this.apiKeyStamper?.deleteKeyPair(session.publicKey),
2748
+ this.storageManager.clearSession(sessionKey),
2749
+ ]);
2702
2750
  }
2703
2751
  else {
2704
2752
  throw new sdkTypes.TurnkeyError(`No session found with key: ${sessionKey}`, sdkTypes.TurnkeyErrorCodes.NOT_FOUND);
@@ -3073,15 +3121,24 @@ class TurnkeyClient {
3073
3121
  this.storageManager = await base.createStorageManager();
3074
3122
  // Initialize the API key stamper
3075
3123
  this.apiKeyStamper = new base$1.CrossPlatformApiKeyStamper(this.storageManager);
3076
- await this.apiKeyStamper.init();
3124
+ // we parallelize independent initializations:
3125
+ // - API key stamper init
3126
+ // - Passkey stamper creation and init (if configured)
3127
+ // - Wallet manager creation (if configured)
3128
+ const initTasks = [this.apiKeyStamper.init()];
3077
3129
  if (this.config.passkeyConfig) {
3078
- this.passkeyStamper = new base$2.CrossPlatformPasskeyStamper(this.config.passkeyConfig);
3079
- await this.passkeyStamper.init();
3130
+ const passkeyStamper = new base$2.CrossPlatformPasskeyStamper(this.config.passkeyConfig);
3131
+ initTasks.push(passkeyStamper.init().then(() => {
3132
+ this.passkeyStamper = passkeyStamper;
3133
+ }));
3080
3134
  }
3081
3135
  if (this.config.walletConfig?.features?.auth ||
3082
3136
  this.config.walletConfig?.features?.connecting) {
3083
- this.walletManager = await base$3.createWalletManager(this.config.walletConfig);
3137
+ initTasks.push(base$3.createWalletManager(this.config.walletConfig).then((manager) => {
3138
+ this.walletManager = manager;
3139
+ }));
3084
3140
  }
3141
+ await Promise.all(initTasks);
3085
3142
  // Initialize the HTTP client with the appropriate stampers
3086
3143
  // Note: not passing anything here since we want to use the configured stampers and this.config
3087
3144
  this.httpClient = this.createHttpClient();