@uptickjs/webauth-sdk 1.0.0

package/package.json

@@ -0,0 +1,35 @@
+{
+  "name": "@uptickjs/webauth-sdk",
+  "version": "1.0.0",
+  "description": "WebAuth JavaScript SDK for React Native - Social login, Wallet and Sign modules",
+  "main": "src/index.ts",
+  "types": "src/index.d.ts",
+  "files": [
+    "src"
+  ],
+  "keywords": [
+    "webauth",
+    "react-native",
+    "authentication",
+    "google-login",
+    "apple-login",
+    "otp",
+    "wallet",
+    "signing"
+  ],
+  "author": "Uptick Dev Team",
+  "license": "MIT",
+  "peerDependencies": {
+    "react-native": ">=0.60.0"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "devDependencies": {
+    "@types/react-native": "^0.73.0",
+    "typescript": "^5.0.0"
+  },
+  "dependencies": {
+    "axios": "^1.6.0"
+  }
+}

package/src/index.ts

@@ -0,0 +1,191 @@
+/**
+ * WebAuth SDK - Main Entry Point
+ * A comprehensive authentication SDK for React Native
+ */
+
+export * from './types';
+export { WebAuthConfigManager, createConfig } from './utils/config';
+export { createTokenStorage, RNTokenStorage, MemoryTokenStorage } from './utils/storage';
+export { createHttpClient, HttpClient } from './utils/http';
+export { AuthModule, createAuthModule } from './modules/Auth';
+export { OTPModule, createOTPModule } from './modules/OTP';
+export { WalletModule, createWalletModule } from './modules/Wallet';
+export { SignModule, createSignModule } from './modules/Sign';
+
+import { WebAuthConfig, TokenStorage, EventListener, AuthEvent } from './types';
+import { WebAuthConfigManager, createConfig } from './utils/config';
+import { createTokenStorage, RNTokenStorage, MemoryTokenStorage } from './utils/storage';
+import { createHttpClient, HttpClient } from './utils/http';
+import { AuthModule, createAuthModule } from './modules/Auth';
+import { OTPModule, createOTPModule } from './modules/OTP';
+import { WalletModule, createWalletModule } from './modules/Wallet';
+import { SignModule, createSignModule } from './modules/Sign';
+
+/**
+ * Main WebAuth Client
+ * Provides unified access to all authentication features
+ */
+export class WebAuthClient {
+  private configManager: WebAuthConfigManager;
+  private tokenStorage: TokenStorage;
+  private httpClient: HttpClient;
+  private auth: AuthModule;
+  private otp: OTPModule;
+  private wallet: WalletModule;
+  private sign: SignModule;
+  private eventListeners: Map<string, EventListener> = new Map();
+  private isInitialized: boolean = false;
+
+  constructor(config: WebAuthConfig, tokenStorage?: TokenStorage) {
+    this.configManager = createConfig(config);
+    this.tokenStorage = tokenStorage || createTokenStorage('memory');
+
+    // Create HTTP client with token accessor
+    this.httpClient = createHttpClient(
+      config.apiBaseUrl,
+      () => this.tokenStorage.getAccessToken()
+    );
+
+    // Initialize modules
+    this.auth = createAuthModule(this.httpClient, this.configManager);
+    this.otp = createOTPModule(this.httpClient);
+    this.wallet = createWalletModule(this.httpClient);
+    this.sign = createSignModule(this.httpClient);
+
+    // Setup auth callback
+    this.auth.setAuthCallback(async (response) => {
+      await this.handleAuthSuccess(response);
+    });
+  }
+
+  /**
+   * Initialize the WebAuth client
+   * Call this at app startup
+   */
+  async initialize(): Promise<void> {
+    if (this.isInitialized) return;
+
+    // Validate tokens and refresh if needed
+    const accessToken = await this.tokenStorage.getAccessToken();
+    const refreshToken = await this.tokenStorage.getRefreshToken();
+
+    if (!accessToken && refreshToken) {
+      try {
+        const response = await this.auth.refreshToken(refreshToken);
+        await this.handleAuthSuccess(response);
+      } catch {
+        await this.tokenStorage.clearTokens();
+      }
+    }
+
+    this.isInitialized = true;
+    this.emit({ type: 'login' });
+  }
+
+  /**
+   * Get Auth module
+   */
+  getAuth(): AuthModule {
+    return this.auth;
+  }
+
+  /**
+   * Get OTP module
+   */
+  getOTP(): OTPModule {
+    return this.otp;
+  }
+
+  /**
+   * Get Wallet module
+   */
+  getWallet(): WalletModule {
+    return this.wallet;
+  }
+
+  /**
+   * Get Sign module
+   */
+  getSign(): SignModule {
+    return this.sign;
+  }
+
+  /**
+   * Check if user is authenticated
+   */
+  async isAuthenticated(): Promise<boolean> {
+    const token = await this.tokenStorage.getAccessToken();
+    return !!token;
+  }
+
+  /**
+   * Handle authentication redirect
+   * Call this when your app receives a deep link callback
+   */
+  async handleRedirect(url: string): Promise<void> {
+    const response = await this.auth.handleAuthRedirect(url);
+    if (response) {
+      await this.handleAuthSuccess(response);
+    }
+  }
+
+  /**
+   * Add event listener
+   */
+  addEventListener(id: string, listener: EventListener): void {
+    this.eventListeners.set(id, listener);
+  }
+
+  /**
+   * Remove event listener
+   */
+  removeEventListener(id: string): void {
+    this.eventListeners.delete(id);
+  }
+
+  /**
+   * Logout current user
+   */
+  async logout(): Promise<void> {
+    try {
+      await this.auth.logout();
+    } catch {
+      // Ignore logout errors
+    }
+    await this.tokenStorage.clearTokens();
+    this.emit({ type: 'logout' });
+  }
+
+  private async handleAuthSuccess(response: any): Promise<void> {
+    console.log('wxl 160---- responseSDK');
+    if (response.access_token) {
+      await this.tokenStorage.setAccessToken(response.access_token);
+    }
+    if (response.refresh_token) {
+      await this.tokenStorage.setRefreshToken(response.refresh_token);
+    }
+    this.emit({ type: 'login', data: response });
+  }
+
+  private emit(event: AuthEvent): void {
+    this.eventListeners.forEach((listener) => {
+      try {
+        listener(event);
+      } catch (error) {
+        console.error('WebAuth: Event listener error', error);
+      }
+    });
+  }
+}
+
+/**
+ * Create a new WebAuth client instance
+ */
+export function createWebAuth(config: WebAuthConfig, tokenStorage?: TokenStorage): WebAuthClient {
+  return new WebAuthClient(config, tokenStorage);
+}
+
+/**
+ * Default export
+ */
+export default WebAuthClient;

package/src/modules/Auth.ts

@@ -0,0 +1,385 @@
+/**
+ * WebAuth SDK - Authentication Module
+ * Supports Google, Apple, and Email login
+ */
+
+import { Linking } from 'react-native';
+import {
+  AuthResponse,
+  UserInfo,
+  SendCodeRequest,
+  SendCodeResponse,
+  EmailLoginRequest,
+  AppleLoginRequest,
+  WebAuthConfig,
+} from '../types';
+import { HttpClient } from '../utils/http';
+import { WebAuthConfigManager } from '../utils/config';
+import { createTokenStorage } from '../utils/storage';
+
+export class AuthModule {
+  private httpClient: HttpClient;
+  private configManager: WebAuthConfigManager;
+  private onAuthCallback?: (response: AuthResponse) => void;
+
+  constructor(httpClient: HttpClient, configManager: WebAuthConfigManager) {
+    this.httpClient = httpClient;
+    this.configManager = configManager;
+  }
+
+  /**
+   * Set callback for auth response (used in redirect flow)
+   */
+  setAuthCallback(callback: (response: AuthResponse) => void): void {
+    this.onAuthCallback = callback;
+  }
+
+  /**
+   * Handle auth redirect from deep link
+   * Call this in your Linking listener when URL contains auth callback
+   */
+  async handleAuthRedirect(url: string): Promise<AuthResponse | null> {
+    try {
+      const urlObj = new URL(url);
+      const params = urlObj.searchParams;
+
+      const accessToken = params.get('access_token');
+      const email = params.get('email');
+      const owner = params.get('owner');
+      const error = params.get('error');
+
+      if (error) {
+        throw new Error(
+          params.get('error_description') || 'Authentication failed',
+        );
+      }
+
+      if (accessToken) {
+        const response: AuthResponse = {
+          access_token: accessToken,
+          refresh_token: params.get('refresh_token') || undefined,
+          email: email,
+          owner: owner,
+          expires_in: params.get('expires_in')
+            ? parseInt(params.get('expires_in')!, 10)
+            : undefined,
+        };
+
+        if (this.onAuthCallback) {
+          this.onAuthCallback(response);
+        }
+
+        return response;
+      }
+
+      return null;
+    } catch (error) {
+      console.error('WebAuth: Handle redirect error', error);
+      return null;
+    }
+  }
+
+  /**
+   * Initiate Google login via browser redirect.
+   * Registers a one-time Linking listener, opens the auth page, then resolves when the app
+   * receives a deep link matching `config.redirectUri` with tokens (or rejects on OAuth error).
+   *
+   * Note: If the OS terminates the app while the browser is open, the returned Promise is
+   * lost on cold start — call `handleAuthRedirect` / app-level `handleRedirect` from
+   * `Linking.getInitialURL()` on launch as a fallback.
+   */
+  async loginWithGoogleRedirect(): Promise<AuthResponse | null> {
+    const config = this.configManager.getConfig();
+    const googleAuthUrl =
+      `${this.configManager.getGoogleAuthUrl()}?` +
+      `apiKey=${config.apiKey}&` +
+      `appLink=${encodeURIComponent(config.redirectUri)}`;
+
+    const timeoutMs = 15 * 60 * 1000;
+
+    return new Promise<AuthResponse | null>((resolve, reject) => {
+      let settled = false;
+      let subscription: { remove: () => void } | undefined;
+
+      const cleanup = () => {
+        clearTimeout(timeoutId);
+        subscription?.remove();
+      };
+
+      const timeoutId = setTimeout(() => {
+        if (settled) {
+          return;
+        }
+        settled = true;
+        cleanup();
+        resolve(null);
+      }, timeoutMs);
+
+      const onIncomingUrl = async (incoming: string | null) => {
+        if (!incoming || settled) {
+          return;
+        }
+        if (!this.isAuthDeepLink(incoming, config.redirectUri)) {
+          return;
+        }
+        try {
+          const urlObj = new URL(incoming);
+          const oauthError = urlObj.searchParams.get('error');
+          if (oauthError) {
+            if (!settled) {
+              settled = true;
+              cleanup();
+              reject(
+                new Error(
+                  urlObj.searchParams.get('error_description') ||
+                    oauthError ||
+                    'Authentication failed',
+                ),
+              );
+            }
+            return;
+          }
+        } catch {
+          return;
+        }
+
+        const response = await this.handleAuthRedirect(incoming);
+        if (response && !settled) {
+          settled = true;
+          cleanup();
+          resolve(response);
+        }
+      };
+
+      subscription = Linking.addEventListener('url', ({ url }) => {
+        void onIncomingUrl(url);
+      });
+
+      void (async () => {
+        try {
+          await this.openBrowser(googleAuthUrl);
+        } catch (e) {
+          if (!settled) {
+            settled = true;
+            cleanup();
+            reject(e instanceof Error ? e : new Error(String(e)));
+          }
+        }
+      })();
+    });
+  }
+
+  /** True when `incoming` targets the same scheme+host as configured `redirectUri`. */
+  private isAuthDeepLink(incoming: string, redirectUri: string): boolean {
+    try {
+      const u = new URL(incoming);
+      const r = new URL(redirectUri);
+      return (
+        u.protocol === r.protocol &&
+        u.hostname.toLowerCase() === r.hostname.toLowerCase()
+      );
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Initiate Apple login via browser redirect.
+   * Same contract as `loginWithGoogleRedirect`: listens for deep link on `config.redirectUri`,
+   * resolves with `AuthResponse` when tokens arrive (or `null` on timeout).
+   */
+  async loginWithAppleRedirect(): Promise<AuthResponse | null> {
+    const config = this.configManager.getConfig();
+    const state = this.generateState();
+
+    const appleAuthUrl =
+      `${this.configManager.getAppleAuthUrl()}?` +
+      `apiKey=${config.apiKey}&` +
+      `response_type=code%20id_token&` +
+      `scope=name%20email&` +
+      `state=${state}&` +
+      `response_mode=form_post&` +
+      `appLink=${encodeURIComponent(config.redirectUri)}`;
+
+    const timeoutMs = 15 * 60 * 1000;
+
+    return new Promise<AuthResponse | null>((resolve, reject) => {
+      let settled = false;
+      let subscription: { remove: () => void } | undefined;
+
+      const cleanup = () => {
+        clearTimeout(timeoutId);
+        subscription?.remove();
+      };
+
+      const timeoutId = setTimeout(() => {
+        if (settled) {
+          return;
+        }
+        settled = true;
+        cleanup();
+        resolve(null);
+      }, timeoutMs);
+
+      const onIncomingUrl = async (incoming: string | null) => {
+        if (!incoming || settled) {
+          return;
+        }
+        if (!this.isAuthDeepLink(incoming, config.redirectUri)) {
+          return;
+        }
+        try {
+          const urlObj = new URL(incoming);
+          const oauthError = urlObj.searchParams.get('error');
+          if (oauthError) {
+            if (!settled) {
+              settled = true;
+              cleanup();
+              reject(
+                new Error(
+                  urlObj.searchParams.get('error_description') ||
+                    oauthError ||
+                    'Authentication failed',
+                ),
+              );
+            }
+            return;
+          }
+          const returnedState = urlObj.searchParams.get('state');
+          if (returnedState != null && returnedState !== state) {
+            return;
+          }
+        } catch {
+          return;
+        }
+
+        const response = await this.handleAuthRedirect(incoming);
+        if (response && !settled) {
+          settled = true;
+          cleanup();
+          resolve(response);
+        }
+      };
+
+      subscription = Linking.addEventListener('url', ({ url }) => {
+        void onIncomingUrl(url);
+      });
+
+      void (async () => {
+        try {
+          await this.openBrowser(appleAuthUrl);
+        } catch (e) {
+          if (!settled) {
+            settled = true;
+            cleanup();
+            reject(e instanceof Error ? e : new Error(String(e)));
+          }
+        }
+      })();
+    });
+  }
+
+  /**
+   * Login with Apple Identity Token
+   */
+  async loginWithApple(
+    identityToken: string,
+    authorizationCode: string,
+  ): Promise<AuthResponse> {
+    const request: AppleLoginRequest = {
+      identityToken,
+      authorizationCode,
+    };
+    const response = await this.httpClient.post<AuthResponse>(
+      '/auth/apple/token',
+      request,
+    );
+    return response;
+  }
+
+  /**
+   * Send verification code to email
+   */
+  async sendEmailCode(email: string): Promise<SendCodeResponse> {
+    const request: SendCodeRequest = { email };
+    const response = await this.httpClient.post<SendCodeResponse>(
+      '/auth/email/send-code',
+      request,
+    );
+    return response;
+  }
+
+  /**
+   * Verify email code and login
+   */
+  async loginWithEmail(email: string, code: string): Promise<AuthResponse> {
+    const request: EmailLoginRequest = { email, code };
+    const response = await this.httpClient.post<AuthResponse>(
+      '/auth/email/login',
+      request,
+    );
+    let data = response.data;
+    //将返回的accessToken和refreshToken存储到本地
+    const ts = createTokenStorage('react-native');
+    if (data?.tokens?.accessToken) {
+      await ts.setAccessToken(data.tokens.accessToken);
+    }
+    if (data?.tokens?.refreshToken) {
+      await ts.setRefreshToken(data.tokens.refreshToken);
+    }
+    return data;
+  }
+
+  /**
+   * Get current user info
+   */
+  async getUserInfo(): Promise<UserInfo> {
+    const response = await this.httpClient.get<UserInfo>('/user/me');
+    return response;
+  }
+
+  /**
+   * Logout current user
+   */
+  async logout(): Promise<void> {
+    await this.httpClient.post('/auth/logout');
+  }
+
+  /**
+   * Refresh access token
+   */
+  async refreshToken(refreshToken: string): Promise<AuthResponse> {
+    const response = await this.httpClient.post<AuthResponse>('/auth/refresh', {
+      refresh_token: refreshToken,
+    });
+    return response;
+  }
+
+  private async openBrowser(url: string): Promise<void> {
+    try {
+      const canOpen = await Linking.canOpenURL(url);
+      if (canOpen) {
+        await Linking.openURL(url);
+      } else {
+        throw new Error('Cannot open browser');
+      }
+    } catch (error) {
+      console.error('WebAuth: Failed to open browser', error);
+      throw error;
+    }
+  }
+
+  private generateState(): string {
+    return (
+      Math.random().toString(36).substring(2, 15) +
+      Math.random().toString(36).substring(2, 15)
+    );
+  }
+}
+
+export function createAuthModule(
+  httpClient: HttpClient,
+  configManager: WebAuthConfigManager,
+): AuthModule {
+  return new AuthModule(httpClient, configManager);
+}

package/src/modules/OTP.ts

@@ -0,0 +1,83 @@
+/**
+ * WebAuth SDK - OTP (One-Time Password) Module
+ * Handles 2FA setup, verification, and management
+ */
+
+import {
+  OTPSetupResponse,
+  OTPVerifyRequest,
+  OTPStatusResponse,
+} from '../types';
+import { HttpClient } from '../utils/http';
+
+export class OTPModule {
+  private httpClient: HttpClient;
+
+  constructor(httpClient: HttpClient) {
+    this.httpClient = httpClient;
+  }
+
+  /**
+   * Setup OTP - Generate secret and QR code for authenticator app
+   * @returns OTPSetupResponse with secret and QR code URL
+   */
+  async setup(): Promise<OTPSetupResponse> {
+    const response = await this.httpClient.post<OTPSetupResponse>(
+      '/security/otp/setup'
+    );
+    return response;
+  }
+
+  /**
+   * Verify OTP code to enable 2FA
+   * @param code - The 6-digit code from your authenticator app
+   * @returns OTP status with enabled flag
+   */
+  async verify(code: string): Promise<OTPStatusResponse> {
+    const request: OTPVerifyRequest = { code };
+    const response = await this.httpClient.post<OTPStatusResponse>(
+      '/security/otp/verify',
+      request
+    );
+    return response;
+  }
+
+  /**
+   * Disable OTP (requires current OTP code)
+   * @param code - Current OTP code for verification before disabling
+   */
+  async disable(code: string): Promise<{ message: string }> {
+    const response = await this.httpClient.post<{ message: string }>(
+      '/security/otp/disable',
+      { code }
+    );
+    return response;
+  }
+
+  /**
+   * Check if OTP is enabled for current user
+   */
+  async getStatus(): Promise<OTPStatusResponse> {
+    const response = await this.httpClient.get<OTPStatusResponse>(
+      '/security/otp/status'
+    );
+    return response;
+  }
+
+  /**
+   * Validate an OTP code without enabling/disabling
+   * Useful for testing or verifying codes during login
+   */
+  async validate(code: string): Promise<boolean> {
+    try {
+      await this.httpClient.post('/security/otp/validate', { code });
+      return true;
+    } catch (error) {
+      return false;
+    }
+  }
+}
+
+export function createOTPModule(httpClient: HttpClient): OTPModule {
+  return new OTPModule(httpClient);
+}

package/src/modules/Sign.ts

@@ -0,0 +1,126 @@
+/**
+ * WebAuth SDK - Sign Module
+ * Handles message signing for MPC wallets
+ */
+
+import {
+  SignRequest,
+  SignResponse,
+} from '../types';
+import { HttpClient } from '../utils/http';
+
+export class SignModule {
+  private httpClient: HttpClient;
+
+  constructor(httpClient: HttpClient) {
+    this.httpClient = httpClient;
+  }
+
+  /**
+   * Request signature for a message
+   * This initiates the MPC signing flow
+   *
+   * @param request - Sign request with message and wallet address
+   * @returns Promise resolving to signed signature
+   */
+  async sign(request: SignRequest): Promise<SignResponse> {
+    const response = await this.httpClient.post<SignResponse>(
+      '/sign',
+      request
+    );
+    return response;
+  }
+
+  /**
+   * Sign a simple text message
+   */
+  async signMessage(
+    message: string,
+    walletAddress: string,
+    chainId?: number
+  ): Promise<SignResponse> {
+    return this.sign({
+      message,
+      walletAddress,
+      chainId,
+    });
+  }
+
+  /**
+   * Sign typed data (EIP-712)
+   */
+  async signTypedData(
+    data: any,
+    walletAddress: string,
+    chainId?: number
+  ): Promise<SignResponse> {
+    const response = await this.httpClient.post<SignResponse>(
+      '/sign/typed-data',
+      {
+        data,
+        walletAddress,
+        chainId,
+      }
+    );
+    return response;
+  }
+
+  /**
+   * Sign a transaction
+   */
+  async signTransaction(
+    transaction: any,
+    walletAddress: string
+  ): Promise<SignResponse> {
+    const response = await this.httpClient.post<SignResponse>(
+      '/sign/transaction',
+      {
+        transaction,
+        walletAddress,
+      }
+    );
+    return response;
+  }
+
+  /**
+   * Verify a signature
+   */
+  async verify(
+    message: string,
+    signature: string,
+    walletAddress: string
+  ): Promise<boolean> {
+    try {
+      const response = await this.httpClient.post<{ valid: boolean }>(
+        '/sign/verify',
+        {
+          message,
+          signature,
+          walletAddress,
+        }
+      );
+      return response.valid;
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Get pending signature requests
+   */
+  async getPendingRequests(): Promise<SignRequest[]> {
+    const response = await this.httpClient.get<SignRequest[]>('/sign/pending');
+    return response;
+  }
+
+  /**
+   * Cancel a pending signature request
+   */
+  async cancelRequest(requestId: string): Promise<void> {
+    await this.httpClient.delete(`/sign/request/${requestId}`);
+  }
+}
+
+export function createSignModule(httpClient: HttpClient): SignModule {
+  return new SignModule(httpClient);
+}

package/src/modules/Wallet.ts

@@ -0,0 +1,89 @@
+/**
+ * WebAuth SDK - Wallet Module (MPC-based)
+ * Handles MPC wallet creation and management
+ */
+
+import {
+  WalletInfo,
+  CreateWalletResponse,
+} from '../types';
+import { HttpClient } from '../utils/http';
+
+export class WalletModule {
+  private httpClient: HttpClient;
+
+  constructor(httpClient: HttpClient) {
+    this.httpClient = httpClient;
+  }
+
+  /**
+   * Create a new MPC wallet
+   * @param name - Optional wallet name/alias
+   * @returns Created wallet information including address
+   */
+  async create(name?: string): Promise<CreateWalletResponse> {
+    const response = await this.httpClient.post<CreateWalletResponse>(
+      '/wallet/create',
+      name ? { name } : undefined
+    );
+    return response;
+  }
+
+  /**
+   * Get wallet information for current user
+   */
+  async getWallet(): Promise<WalletInfo> {
+    const response = await this.httpClient.get<WalletInfo>('/wallet');
+    return response;
+  }
+
+  /**
+   * Check if user has a wallet
+   */
+  async hasWallet(): Promise<boolean> {
+    try {
+      await this.getWallet();
+      return true;
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Export wallet info (address only, no private key)
+   */
+  async exportPublicInfo(): Promise<{ address: string; publicKey?: string }> {
+    const wallet = await this.getWallet();
+    return {
+      address: wallet.address,
+      publicKey: wallet.publicKey,
+    };
+  }
+
+  /**
+   * Get wallet balance (if applicable)
+   */
+  async getBalance(): Promise<{ [token: string]: string }> {
+    const response = await this.httpClient.get<{ [token: string]: string }>(
+      '/wallet/balance'
+    );
+    return response;
+  }
+
+  /**
+   * Get wallet transactions
+   */
+  async getTransactions(
+    page: number = 1,
+    limit: number = 20
+  ): Promise<{ transactions: any[]; total: number }> {
+    const response = await this.httpClient.get<{ transactions: any[]; total: number }>(
+      `/wallet/transactions?page=${page}&limit=${limit}`
+    );
+    return response;
+  }
+}
+
+export function createWalletModule(httpClient: HttpClient): WalletModule {
+  return new WalletModule(httpClient);
+}

package/src/types/index.ts

@@ -0,0 +1,125 @@
+/**
+ * WebAuth SDK Type Definitions
+ */
+
+// Core Configuration
+export interface WebAuthConfig {
+  apiBaseUrl: string;
+  apiKey: string;
+  redirectUri: string;
+  appScheme?: string;
+}
+
+// Auth Types
+export interface AuthResponse {
+  access_token: string;
+  refresh_token?: string;
+  expires_in?: number;
+  token_type?: string;
+  email?: string;
+  owner?: string;
+}
+
+export interface UserInfo {
+  id: string;
+  email?: string;
+  name?: string;
+  avatar?: string;
+  phone?: string;
+  created_at?: string;
+  updated_at?: string;
+}
+
+export interface SendCodeRequest {
+  email: string;
+}
+
+export interface SendCodeResponse {
+  message: string;
+  expires_in?: number;
+}
+
+export interface EmailLoginRequest {
+  email: string;
+  code: string;
+}
+
+export interface AppleLoginRequest {
+  identityToken: string;
+  authorizationCode: string;
+}
+
+// OTP Types
+export interface OTPSetupResponse {
+  secret: string;
+  qrCodeUrl: string;
+  manualEntryKey?: string;
+}
+
+export interface OTPVerifyRequest {
+  code: string;
+}
+
+export interface OTPStatusResponse {
+  enabled: boolean;
+  created_at?: string;
+}
+
+// Wallet Types
+export interface WalletInfo {
+  address: string;
+  publicKey?: string;
+  created_at?: string;
+}
+
+export interface CreateWalletResponse extends WalletInfo {
+  encryptedKey?: string;
+}
+
+export interface SignRequest {
+  message: string;
+  walletAddress: string;
+  chainId?: number;
+}
+
+export interface SignResponse {
+  signature: string;
+  message: string;
+  walletAddress: string;
+  timestamp: number;
+}
+
+// Error Types
+export interface WebAuthError {
+  code: string;
+  message: string;
+  details?: any;
+}
+
+// Event Types
+export type AuthEventType = 'login' | 'logout' | 'token_refresh' | 'error';
+
+export interface AuthEvent {
+  type: AuthEventType;
+  data?: any;
+  error?: WebAuthError;
+}
+
+export type EventListener = (event: AuthEvent) => void;
+
+// Storage Interface
+export interface TokenStorage {
+  getAccessToken(): Promise<string | null>;
+  setAccessToken(token: string): Promise<void>;
+  getRefreshToken(): Promise<string | null>;
+  setRefreshToken(token: string): Promise<void>;
+  clearTokens(): Promise<void>;
+}
+
+// Platform-specific types
+export interface LinkingOptions {
+  url: string;
+  options?: {
+    redirect?: boolean;
+  };
+}

package/src/utils/config.ts

@@ -0,0 +1,87 @@
+/**
+ * WebAuth SDK Configuration Module
+ */
+
+import { WebAuthConfig } from '../types';
+
+const DEFAULT_CONFIG: Partial<WebAuthConfig> = {
+  appScheme: 'webauth',
+};
+
+export class WebAuthConfigManager {
+  private config: WebAuthConfig;
+
+  constructor(config: WebAuthConfig) {
+    this.config = { ...DEFAULT_CONFIG, ...config } as WebAuthConfig;
+    this.validateConfig();
+  }
+
+  private validateConfig(): void {
+    if (!this.config.apiBaseUrl) {
+      throw new Error('WebAuth: apiBaseUrl is required');
+    }
+    if (!this.config.apiKey) {
+      throw new Error('WebAuth: googleClientId is required');
+    }
+    if (!this.config.redirectUri) {
+      throw new Error('WebAuth: redirectUri is required');
+    }
+  }
+
+  getConfig(): WebAuthConfig {
+    return { ...this.config };
+  }
+
+  updateConfig(updates: Partial<WebAuthConfig>): void {
+    this.config = { ...this.config, ...updates };
+    this.validateConfig();
+  }
+
+  getGoogleAuthUrl(): string {
+    return `${this.config.apiBaseUrl}/auth/google/login`;
+  }
+
+  getAppleAuthUrl(): string {
+    return `${this.config.apiBaseUrl}/auth/apple/login`;
+  }
+
+  getEmailSendCodeUrl(): string {
+    return `${this.config.apiBaseUrl}/auth/email/send-code`;
+  }
+
+  getEmailLoginUrl(): string {
+    return `${this.config.apiBaseUrl}/auth/email/login`;
+  }
+
+  getUserMeUrl(): string {
+    return `${this.config.apiBaseUrl}/user/me`;
+  }
+
+  getOTPSetupUrl(): string {
+    return `${this.config.apiBaseUrl}/security/otp/setup`;
+  }
+
+  getOTPVerifyUrl(): string {
+    return `${this.config.apiBaseUrl}/security/otp/verify`;
+  }
+
+  getOTPDisableUrl(): string {
+    return `${this.config.apiBaseUrl}/security/otp/disable`;
+  }
+
+  getWalletCreateUrl(): string {
+    return `${this.config.apiBaseUrl}/wallet/create`;
+  }
+
+  getWalletUrl(): string {
+    return `${this.config.apiBaseUrl}/wallet`;
+  }
+
+  getSignUrl(): string {
+    return `${this.config.apiBaseUrl}/sign`;
+  }
+}
+
+export function createConfig(config: WebAuthConfig): WebAuthConfigManager {
+  return new WebAuthConfigManager(config);
+}

package/src/utils/http.ts

@@ -0,0 +1,106 @@
+/**
+ * WebAuth SDK HTTP Client Module
+ */
+
+import axios, { AxiosInstance, AxiosRequestConfig, AxiosResponse } from 'axios';
+import { WebAuthError } from '../types';
+
+export class HttpClient {
+  private client: AxiosInstance;
+  private accessTokenGetter: () => Promise<string | null>;
+
+  constructor(
+    baseURL: string,
+    accessTokenGetter: () => Promise<string | null>
+  ) {
+    this.accessTokenGetter = accessTokenGetter;
+    this.client = axios.create({
+      baseURL,
+      timeout: 30000,
+      headers: {
+        'Content-Type': 'application/json',
+      },
+    });
+
+    this.setupInterceptors();
+  }
+
+  private setupInterceptors(): void {
+    // Request interceptor to add auth token
+    this.client.interceptors.request.use(
+      async (config) => {
+        const token = await this.accessTokenGetter();
+        if (token) {
+          config.headers.Authorization = `Bearer ${token}`;
+        }
+        return config;
+      },
+      (error) => {
+        return Promise.reject(this.formatError(error));
+      }
+    );
+
+    // Response interceptor for error handling
+    this.client.interceptors.response.use(
+      (response) => response,
+      (error) => {
+        return Promise.reject(this.formatError(error));
+      }
+    );
+  }
+
+  private formatError(error: any): WebAuthError {
+    if (error.response) {
+      const { status, data } = error.response;
+      return {
+        code: `HTTP_${status}`,
+        message: data?.message || data?.error || 'An error occurred',
+        details: data,
+      };
+    } else if (error.request) {
+      return {
+        code: 'NETWORK_ERROR',
+        message: 'Network error - please check your connection',
+        details: error.request,
+      };
+    } else {
+      return {
+        code: 'UNKNOWN_ERROR',
+        message: error.message || 'An unknown error occurred',
+        details: error,
+      };
+    }
+  }
+
+  async get<T>(url: string, config?: AxiosRequestConfig): Promise<T> {
+    const response: AxiosResponse<T> = await this.client.get(url, config);
+    return response.data;
+  }
+
+  async post<T>(url: string, data?: any, config?: AxiosRequestConfig): Promise<T> {
+    const response: AxiosResponse<T> = await this.client.post(url, data, config);
+    return response.data;
+  }
+
+  async put<T>(url: string, data?: any, config?: AxiosRequestConfig): Promise<T> {
+    const response: AxiosResponse<T> = await this.client.put(url, data, config);
+    return response.data;
+  }
+
+  async delete<T>(url: string, config?: AxiosRequestConfig): Promise<T> {
+    const response: AxiosResponse<T> = await this.client.delete(url, config);
+    return response.data;
+  }
+
+  async patch<T>(url: string, data?: any, config?: AxiosRequestConfig): Promise<T> {
+    const response: AxiosResponse<T> = await this.client.patch(url, data, config);
+    return response.data;
+  }
+}
+
+export function createHttpClient(
+  baseURL: string,
+  accessTokenGetter: () => Promise<string | null>
+): HttpClient {
+  return new HttpClient(baseURL, accessTokenGetter);
+}

package/src/utils/storage.ts

@@ -0,0 +1,111 @@
+/**
+ * WebAuth SDK Storage Module
+ * Token storage implementation for React Native
+ */
+
+import { TokenStorage } from '../types';
+
+const STORAGE_KEYS = {
+  ACCESS_TOKEN: 'webauth_access_token',
+  REFRESH_TOKEN: 'webauth_refresh_token',
+};
+
+export class RNTokenStorage implements TokenStorage {
+  private storage: any;
+
+  constructor(storage?: any) {
+    // Use AsyncStorage or custom storage
+    this.storage = storage || {
+      getItem: async (key: string) => {
+        try {
+          // React Native AsyncStorage
+          const AsyncStorage = require('@react-native-async-storage/async-storage').default;
+          return await AsyncStorage.getItem(key);
+        } catch {
+          return null;
+        }
+      },
+      setItem: async (key: string, value: string) => {
+        try {
+          const AsyncStorage = require('@react-native-async-storage/async-storage').default;
+          await AsyncStorage.setItem(key, value);
+        } catch {
+          console.warn('WebAuth: Failed to save token');
+        }
+      },
+      removeItem: async (key: string) => {
+        try {
+          const AsyncStorage = require('@react-native-async-storage/async-storage').default;
+          await AsyncStorage.removeItem(key);
+        } catch {
+          console.warn('WebAuth: Failed to remove token');
+        }
+      },
+    };
+  }
+
+  async getAccessToken(): Promise<string | null> {
+    try {
+      const value = await this.storage.getItem(STORAGE_KEYS.ACCESS_TOKEN);
+      return value;
+    } catch {
+      return null;
+    }
+  }
+
+  async setAccessToken(token: string): Promise<void> {
+    await this.storage.setItem(STORAGE_KEYS.ACCESS_TOKEN, token);
+  }
+
+  async getRefreshToken(): Promise<string | null> {
+    try {
+      const value = await this.storage.getItem(STORAGE_KEYS.REFRESH_TOKEN);
+      return value;
+    } catch {
+      return null;
+    }
+  }
+
+  async setRefreshToken(token: string): Promise<void> {
+    await this.storage.setItem(STORAGE_KEYS.REFRESH_TOKEN, token);
+  }
+
+  async clearTokens(): Promise<void> {
+    await this.storage.removeItem(STORAGE_KEYS.ACCESS_TOKEN);
+    await this.storage.removeItem(STORAGE_KEYS.REFRESH_TOKEN);
+  }
+}
+
+// In-memory storage for web or testing
+export class MemoryTokenStorage implements TokenStorage {
+  private accessToken: string | null = null;
+  private refreshToken: string | null = null;
+
+  async getAccessToken(): Promise<string | null> {
+    return this.accessToken;
+  }
+
+  async setAccessToken(token: string): Promise<void> {
+    this.accessToken = token;
+  }
+
+  async getRefreshToken(): Promise<string | null> {
+    return this.refreshToken;
+  }
+
+  async setRefreshToken(token: string): Promise<void> {
+    this.refreshToken = token;
+  }
+
+  async clearTokens(): Promise<void> {
+    this.accessToken = null;
+    this.refreshToken = null;
+  }
+}
+
+export function createTokenStorage(type: 'react-native' | 'memory' = 'memory', storage?: any): TokenStorage {
+  if (type === 'react-native') {
+    return new RNTokenStorage(storage);
+  }
+  return new MemoryTokenStorage();
+}