@web3auth/no-modal 11.0.0-beta.0 → 11.0.0-beta.2

package/dist/lib.esm/connectors/auth-connector/authConnector.js

@@ -1,23 +1,35 @@
 import _objectSpread from '@babel/runtime/helpers/objectSpread2';
 import _defineProperty from '@babel/runtime/helpers/defineProperty';
 import { CITADEL_SERVER_MAP } from '@toruslabs/constants';
-import { put } from '@toruslabs/http-helpers';
+import { get, put } from '@toruslabs/http-helpers';
 import { SecurePubSub } from '@toruslabs/secure-pub-sub';
 import { BUILD_ENV, UX_MODE, Auth, SDK_MODE, SUPPORTED_KEY_CURVES, generateRecordId, version, createHandler, PopupHandler, getUserId } from '@web3auth/auth';
 import { WS_EMBED_LOGIN_MODE } from '@web3auth/ws-embed';
 import deepmerge from 'deepmerge';
+import { numberToHex } from 'viem';
 import { generateNonce, parseToken } from '../utils.js';
 import { AuthSolanaWallet } from './authSolanaWallet.js';
-import { BaseConnector } from '../../base/connector/baseConnector.js';
+import { WalletLoginError, WalletInitializationError, Web3AuthError, AccountLinkingError } from '../../base/errors/index.js';
 import { WALLET_CONNECTORS } from '../../base/wallet/index.js';
+import { BaseConnector } from '../../base/connector/baseConnector.js';
 import { CONNECTOR_NAMESPACES } from '../../base/chain/IChainInterface.js';
 import { CONNECTOR_CATEGORY, CONNECTOR_STATUS, CONNECTOR_EVENTS } from '../../base/connector/constants.js';
-import { WalletInitializationError, WalletLoginError, Web3AuthError } from '../../base/errors/index.js';
-import { log } from '../../base/loglevel.js';
-import { getCaipChainId } from '../../base/utils.js';
 import { CONNECTED_STATUSES } from '../../base/connector/connectorStatus.js';
+import { log } from '../../base/loglevel.js';
+import { Analytics, ANALYTICS_EVENTS } from '../../base/analytics.js';
+import { citadelServerUrl, getErrorAnalyticsProperties, parseChainNamespaceFromCitadelResponse } from '../../base/utils.js';
+import { makeAccountLinkingRequest, makeAccountUnlinkingRequest } from '../../account-linking/rest.js';
 import { CHAIN_NAMESPACES, cloneDeep } from '@toruslabs/base-controllers';
 
+// Auth connections that have been deprecated and are no longer supported by the SDK.
+// Passing any of these as `authConnection` results in a hard error so consumers
+// migrate off the removed providers instead of silently continuing.
+const DEPRECATED_AUTH_CONNECTIONS = new Set(["farcaster"]);
+function assertAuthConnectionSupported(authConnection) {
+  if (DEPRECATED_AUTH_CONNECTIONS.has(authConnection)) {
+    throw WalletInitializationError.invalidParams(`Auth connection "${authConnection}" has been deprecated and is no longer supported by the Web3Auth SDKs. ` + `Please use a different authConnection value.`);
+  }
+}
 class AuthConnector extends BaseConnector {
   constructor(params) {
     super(params);
@@ -35,7 +47,22 @@ class AuthConnector extends BaseConnector {
     _defineProperty(this, "wsEmbedInstance", null);
     _defineProperty(this, "authConnectionConfig", []);
     _defineProperty(this, "wsEmbedInstancePromise", null);
+    _defineProperty(this, "wsEmbedProviderListenerTarget", null);
     _defineProperty(this, "_solanaWallet", null);
+    _defineProperty(this, "analytics", void 0);
+    _defineProperty(this, "handleWsEmbedAccountsChanged", accounts => {
+      if (accounts.length === 0) {
+        if (!CONNECTED_STATUSES.includes(this.status)) {
+          return;
+        }
+        log.info("No accounts found in the wallet, disconnecting");
+        void this.disconnect({
+          cleanup: true
+        }).catch(error => {
+          log.error("Failed to disconnect auth connector after wallet accounts changed", error);
+        });
+      }
+    });
     this.authOptions = params.connectorSettings;
     this.loginSettings = params.loginSettings || {
       authConnection: ""
@@ -44,13 +71,12 @@ class AuthConnector extends BaseConnector {
       loginMode: WS_EMBED_LOGIN_MODE.PLUGIN
     };
     this.authConnectionConfig = params.authConnectionConfig || [];
+    this.analytics = params.analytics || new Analytics();
   }
   get provider() {
     if (this.status !== CONNECTOR_STATUS.NOT_READY) {
-      var _this$wsEmbedInstance;
-      if ((_this$wsEmbedInstance = this.wsEmbedInstance) !== null && _this$wsEmbedInstance !== void 0 && _this$wsEmbedInstance.provider) {
-        return this.wsEmbedInstance.provider;
-      } else if (this.privateKeyProvider) return this.privateKeyProvider;
+      const wsEmbedProvider = this.getWsEmbedProvider();
+      return wsEmbedProvider || this.privateKeyProvider;
     }
     return null;
   }
@@ -119,6 +145,7 @@ class AuthConnector extends BaseConnector {
               buildEnv: this.authOptions.buildEnv,
               whiteLabel: _objectSpread(_objectSpread({}, this.authOptions.whiteLabel), this.wsSettings.whiteLabel)
             })).then(() => {
+              this.bindWsEmbedProviderEvents();
               this.wsEmbedInstancePromise = null;
               return;
             });
@@ -168,6 +195,7 @@ class AuthConnector extends BaseConnector {
     }
   }
   async connect(params) {
+    assertAuthConnectionSupported(params === null || params === void 0 ? void 0 : params.authConnection);
     super.checkConnectionRequirements();
     this.status = CONNECTOR_STATUS.CONNECTING;
     this.emit(CONNECTOR_EVENTS.CONNECTING, _objectSpread(_objectSpread({}, params), {}, {
@@ -197,6 +225,7 @@ class AuthConnector extends BaseConnector {
   async enableMFA(params = {
     authConnection: ""
   }) {
+    assertAuthConnectionSupported(params === null || params === void 0 ? void 0 : params.authConnection);
     if (!this.connected) throw WalletLoginError.notConnectedError("Not connected with wallet");
     if (!this.authInstance) throw WalletInitializationError.notReady("authInstance is not ready");
     try {
@@ -214,6 +243,7 @@ class AuthConnector extends BaseConnector {
   async manageMFA(params = {
     authConnection: ""
   }) {
+    assertAuthConnectionSupported(params === null || params === void 0 ? void 0 : params.authConnection);
     if (!this.connected) throw WalletLoginError.notConnectedError("Not connected with wallet");
     if (!this.authInstance) throw WalletInitializationError.notReady("authInstance is not ready");
     try {
@@ -245,7 +275,10 @@ class AuthConnector extends BaseConnector {
     }
     this.rehydrated = false;
     this._solanaWallet = null;
-    this.emit(CONNECTOR_EVENTS.DISCONNECTED);
+    this.unbindWsEmbedProviderEvents();
+    this.emit(CONNECTOR_EVENTS.DISCONNECTED, {
+      connector: WALLET_CONNECTORS.AUTH
+    });
   }
   async getAuthTokenInfo() {
     if (!this.canAuthorize) throw WalletLoginError.notConnectedError("Not connected with wallet, Please login/connect first");
@@ -273,8 +306,24 @@ class AuthConnector extends BaseConnector {
   async getUserInfo() {
     if (!this.canAuthorize) throw WalletLoginError.notConnectedError("Not connected with wallet");
     if (!this.authInstance) throw WalletInitializationError.notReady("authInstance is not ready");
-    const userInfo = this.authInstance.getUserInfo();
-    return userInfo;
+    const [userInfo, linkedAccounts] = await Promise.all([this.authInstance.getUserInfo(), this.getLinkedAccounts()]);
+    return _objectSpread(_objectSpread({}, userInfo), {}, {
+      linkedAccounts
+    });
+  }
+  async getLinkedAccounts() {
+    const accessToken = await this.authInstance.authSessionManager.getAccessToken();
+    if (!accessToken) throw WalletLoginError.connectionError("Could not obtain an access token from the current AUTH session.");
+    const citadelUserInfo = await get(`${citadelServerUrl(this.coreOptions.authBuildEnv)}/v1/user`, {
+      headers: {
+        Authorization: `Bearer ${accessToken}`
+      }
+    });
+    const linkedAccounts = (citadelUserInfo === null || citadelUserInfo === void 0 ? void 0 : citadelUserInfo.accounts) || [];
+    return linkedAccounts.map(account => _objectSpread(_objectSpread({}, account), {}, {
+      // by default, the primary account is the active account
+      active: account.isPrimary
+    }));
   }
   async switchChain(params, init = false) {
     super.checkSwitchChainRequirements(params, init);
@@ -288,13 +337,15 @@ class AuthConnector extends BaseConnector {
     const newChainConfig = this.coreOptions.chains.find(c => c.chainId === newChainId);
     if (!newChainConfig) throw WalletInitializationError.invalidParams("Chain config is not available");
     if (newChainConfig.chainNamespace === CHAIN_NAMESPACES.SOLANA || newChainConfig.chainNamespace === CHAIN_NAMESPACES.EIP155) {
-      var _this$wsEmbedInstance2;
-      if (!((_this$wsEmbedInstance2 = this.wsEmbedInstance) !== null && _this$wsEmbedInstance2 !== void 0 && _this$wsEmbedInstance2.provider)) throw WalletInitializationError.notReady("Wallet embed is not ready");
-      const fullChainId = getCaipChainId(newChainConfig);
+      var _this$wsEmbedInstance;
+      if (!((_this$wsEmbedInstance = this.wsEmbedInstance) !== null && _this$wsEmbedInstance !== void 0 && _this$wsEmbedInstance.provider)) throw WalletInitializationError.notReady("Wallet embed is not ready");
+      const chainIdNum = parseInt(newChainConfig.chainId, 16);
+      // WsEmbed expects the chainId in hex format
+      const chainIdHex = numberToHex(chainIdNum);
       await this.wsEmbedInstance.provider.request({
         method: "wallet_switchChain",
         params: {
-          chainId: fullChainId
+          chainId: chainIdHex
         }
       });
     } else {
@@ -308,6 +359,8 @@ class AuthConnector extends BaseConnector {
     if (this.wsEmbedInstance) {
       this.wsEmbedInstance.clearInit();
     }
+    this._solanaWallet = null;
+    this.unbindWsEmbedProviderEvents();
   }
   getOAuthProviderConfig(params) {
     const {
@@ -327,9 +380,378 @@ class AuthConnector extends BaseConnector {
     });
     return providerConfig;
   }
+  async generateChallengeAndSign() {
+    // we do not support this for auth connector, as of now. since auth login returns a valid idToken
+    throw new Error("Not implemented");
+  }
+  async switchAccount(account, context) {
+    if (!CONNECTED_STATUSES.includes(this.status)) {
+      throw WalletLoginError.notConnectedError("No wallet is connected. Connect with AUTH before switching accounts.");
+    }
+    try {
+      var _userInfo$linkedAccou;
+      const userInfo = await this.getUserInfo();
+      const linkedAccounts = (_userInfo$linkedAccou = userInfo.linkedAccounts) !== null && _userInfo$linkedAccou !== void 0 ? _userInfo$linkedAccou : [];
+      const targetAccount = linkedAccounts.find(candidate => candidate.id === account.id);
+      if (!targetAccount) {
+        throw AccountLinkingError.requestFailed(`No connected wallet matches account id "${account.id}". Refresh user info and try again.`);
+      }
+      const currentActiveAccount = context.activeAccount;
+      const isTargetAlreadyActive = currentActiveAccount ? currentActiveAccount.id === targetAccount.id : targetAccount.isPrimary;
+      if (isTargetAlreadyActive) {
+        return;
+      }
+      this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_SWITCH_STARTED, this.getSwitchAccountTrackData(targetAccount));
+      if (targetAccount.connector === WALLET_CONNECTORS.AUTH && targetAccount.isPrimary) {
+        var _this$provider$chainI, _this$provider;
+        const activeChainId = this.getChainIdForLinkedAccount(targetAccount, (_this$provider$chainI = (_this$provider = this.provider) === null || _this$provider === void 0 ? void 0 : _this$provider.chainId) !== null && _this$provider$chainI !== void 0 ? _this$provider$chainI : context.currentChainId);
+        const ethereumProvider = this.provider;
+        const solanaWallet = this.solanaWallet;
+        if (!ethereumProvider && !solanaWallet) {
+          throw AccountLinkingError.requestFailed("Failed to restore the primary AUTH session for account switch.");
+        }
+        return {
+          kind: "primary",
+          targetAccount,
+          activeAccount: null,
+          activeChainId,
+          connectorName: this.name,
+          connectorNamespace: this.connectorNamespace,
+          ethereumProvider,
+          solanaWallet
+        };
+      }
+      return {
+        kind: "external",
+        targetAccount,
+        activeAccount: targetAccount,
+        activeChainId: this.getChainIdForLinkedAccount(targetAccount, context.currentChainId)
+      };
+    } catch (error) {
+      await this.trackSwitchAccountFailed(account, error);
+      throw error;
+    }
+  }
+  async trackSwitchAccountCompleted(account) {
+    await this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_SWITCH_COMPLETED, _objectSpread(_objectSpread({}, this.getSwitchAccountTrackData(account)), {}, {
+      connector: account.connector
+    }));
+  }
+  async trackSwitchAccountFailed(account, error) {
+    await this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_SWITCH_FAILED, _objectSpread(_objectSpread({}, this.getSwitchAccountTrackData(account)), getErrorAnalyticsProperties(error)));
+  }
+  async linkAccount(params) {
+    if (!CONNECTED_STATUSES.includes(this.status)) {
+      throw WalletLoginError.notConnectedError("No wallet is connected. Connect with AUTH before linking an account.");
+    }
+    const {
+      connectorName,
+      chainId,
+      connectorToLink
+    } = params;
+    try {
+      if (!connectorToLink.connected) {
+        const connection = await connectorToLink.connect({
+          chainId,
+          isAccountLinking: true
+        });
+        if (!connection) {
+          throw AccountLinkingError.walletProofFailed(`Failed to connect to "${params.connectorName}" for account linking.`);
+        }
+      }
+    } catch (error) {
+      if (error instanceof AccountLinkingError) {
+        throw error;
+      }
+      throw AccountLinkingError.walletProofFailed(error instanceof Error ? error.message : String(error), error);
+    }
+    const trackData = {
+      connector: this.name,
+      linking_connector: connectorName,
+      chain_id: params.chainId
+    };
+    try {
+      await this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_LINKING_STARTED, trackData);
+      const {
+        accessToken,
+        idToken
+      } = await this.getPrimaryAuthSession(params.authSessionTokens);
+      const walletProof = await this.createWalletLinkingProof(params.connectorToLink);
+      const authServerUrl = citadelServerUrl(this.coreOptions.authBuildEnv);
+      const result = await makeAccountLinkingRequest(authServerUrl, accessToken, {
+        idToken,
+        network: walletProof.network,
+        connector: params.connectorName,
+        message: walletProof.challenge,
+        signature: {
+          s: walletProof.signature,
+          t: walletProof.signatureType
+        }
+      });
+      this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_LINKING_COMPLETED, _objectSpread(_objectSpread({}, trackData), {}, {
+        linked_address: walletProof.address
+      }));
+      return result;
+    } catch (error) {
+      this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_LINKING_FAILED, _objectSpread(_objectSpread({}, trackData), getErrorAnalyticsProperties(error)));
+
+      // disconnect the wallet connector to avoid any leftover state
+      try {
+        if (connectorToLink.connected) {
+          await connectorToLink.disconnect({
+            cleanup: true
+          });
+        }
+      } catch (disconnectError) {
+        log.debug("Failed to disconnect wallet connector after linking failure", disconnectError);
+      }
+      throw error;
+    }
+  }
+  async unlinkAccount(params) {
+    if (!CONNECTED_STATUSES.includes(this.status)) {
+      throw WalletLoginError.notConnectedError("No wallet is connected. Connect with AUTH before unlinking an account.");
+    }
+    const {
+      address,
+      authSessionTokens
+    } = params;
+    const trackData = {
+      connector: this.name,
+      address
+    };
+    await this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_UNLINKING_STARTED, trackData);
+    try {
+      const {
+        accessToken,
+        idToken,
+        linkedAccounts
+      } = await this.getPrimaryAuthSession(authSessionTokens, {
+        includeLinkedAccounts: true
+      });
+      const network = this.getNetworkForUnlinkAddress(linkedAccounts, address);
+      const authServerUrl = citadelServerUrl(this.coreOptions.authBuildEnv);
+      const result = await makeAccountUnlinkingRequest(authServerUrl, accessToken, {
+        idToken,
+        address,
+        network
+      });
+      await this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_UNLINKING_COMPLETED, _objectSpread(_objectSpread({}, trackData), {}, {
+        linked_address: address
+      }));
+      return result;
+    } catch (error) {
+      await this.analytics.track(ANALYTICS_EVENTS.ACCOUNT_UNLINKING_FAILED, _objectSpread(_objectSpread({}, trackData), getErrorAnalyticsProperties(error)));
+      throw error;
+    }
+  }
+  getChainIdForLinkedAccount(account, preferredChainId) {
+    const accountChainNamespace = account.chainNamespace ? parseChainNamespaceFromCitadelResponse(account.chainNamespace) : null;
+    if (preferredChainId) {
+      const preferredChain = this.coreOptions.chains.find(chain => chain.chainId === preferredChainId);
+      if (preferredChain && (!accountChainNamespace || preferredChain.chainNamespace === accountChainNamespace)) {
+        return preferredChainId;
+      }
+    }
+    if (accountChainNamespace) {
+      const namespaceChain = this.coreOptions.chains.find(chain => chain.chainNamespace === accountChainNamespace);
+      if (namespaceChain) {
+        return namespaceChain.chainId;
+      }
+    }
+    throw WalletInitializationError.invalidParams(`No compatible chainId found for connector "${account.connector}".`);
+  }
+  async assertSwitchAccountConnectorMatchesTarget(connector, account) {
+    if (!account.chainNamespace) {
+      throw AccountLinkingError.requestFailed(`Could not determine the chain namespace for linked account "${account.eoaAddress}".`);
+    }
+    const chainNamespace = parseChainNamespaceFromCitadelResponse(account.chainNamespace);
+    let connectedAddress = null;
+    if (chainNamespace === CHAIN_NAMESPACES.EIP155) {
+      var _accounts$;
+      const accounts = connector.provider ? await connector.provider.request({
+        method: "eth_accounts"
+      }) : [];
+      connectedAddress = (_accounts$ = accounts === null || accounts === void 0 ? void 0 : accounts[0]) !== null && _accounts$ !== void 0 ? _accounts$ : null;
+    } else if (chainNamespace === CHAIN_NAMESPACES.SOLANA) {
+      var _connector$solanaWall, _connector$solanaWall2;
+      connectedAddress = (_connector$solanaWall = (_connector$solanaWall2 = connector.solanaWallet) === null || _connector$solanaWall2 === void 0 || (_connector$solanaWall2 = _connector$solanaWall2.accounts) === null || _connector$solanaWall2 === void 0 || (_connector$solanaWall2 = _connector$solanaWall2[0]) === null || _connector$solanaWall2 === void 0 ? void 0 : _connector$solanaWall2.address) !== null && _connector$solanaWall !== void 0 ? _connector$solanaWall : null;
+    } else {
+      throw AccountLinkingError.requestFailed(`Unsupported chain namespace "${account.chainNamespace}" for linked account "${account.eoaAddress}".`);
+    }
+    if (!connectedAddress) {
+      throw AccountLinkingError.requestFailed(`Connector "${account.connector}" is not connected to linked account "${account.eoaAddress}". Connect the intended wallet account and try again.`);
+    }
+    const isExpectedAddress = chainNamespace === CHAIN_NAMESPACES.EIP155 ? connectedAddress.toLowerCase() === account.eoaAddress.toLowerCase() : connectedAddress === account.eoaAddress;
+    if (!isExpectedAddress) {
+      throw AccountLinkingError.requestFailed(`Connector "${account.connector}" is connected to "${connectedAddress}" instead of linked account "${account.eoaAddress}". Connect the intended wallet account and try again.`);
+    }
+  }
+  toSwitchAccountConnectorError(account, error) {
+    if (error instanceof AccountLinkingError && error.code === 5401) {
+      return error;
+    }
+    const message = error instanceof Error ? error.message : String(error);
+    const isUnavailableConnectorError = error instanceof AccountLinkingError && error.code === 5405 || /not available|not initialized|not ready/i.test(message);
+    if (isUnavailableConnectorError) {
+      return AccountLinkingError.requestFailed(`Connector "${account.connector}" is not available for linked account "${account.eoaAddress}". Make sure the wallet is installed, unlocked, and accessible, then try again.`, error);
+    }
+    return AccountLinkingError.requestFailed(`Failed to connect connector "${account.connector}" for linked account "${account.eoaAddress}". ${message}`, error);
+  }
+  getSwitchAccountTrackData(account) {
+    var _account$eoaAddress;
+    return {
+      connector: this.name,
+      account_id: account.id,
+      account_type: account.accountType,
+      switched_to_address: (_account$eoaAddress = account.eoaAddress) !== null && _account$eoaAddress !== void 0 ? _account$eoaAddress : null
+    };
+  }
+  async getPrimaryAuthSession(authSessionTokens, options = {}) {
+    const {
+      accessToken: cachedAccessToken,
+      idToken: cachedIdToken
+    } = authSessionTokens;
+    const {
+      includeLinkedAccounts = false
+    } = options;
+    let accessToken = cachedAccessToken;
+    let idToken = cachedIdToken;
+    let linkedAccounts = [];
+    if (includeLinkedAccounts) {
+      const userInfoPromise = this.getUserInfo();
+      if (!accessToken || !idToken) {
+        var _userInfo$linkedAccou2;
+        const [tokenInfo, userInfo] = await Promise.all([this.getAuthTokenInfo(), userInfoPromise]);
+        accessToken = tokenInfo.accessToken;
+        idToken = tokenInfo.idToken;
+        linkedAccounts = (_userInfo$linkedAccou2 = userInfo.linkedAccounts) !== null && _userInfo$linkedAccou2 !== void 0 ? _userInfo$linkedAccou2 : [];
+      } else {
+        var _userInfo$linkedAccou3;
+        const userInfo = await userInfoPromise;
+        linkedAccounts = (_userInfo$linkedAccou3 = userInfo.linkedAccounts) !== null && _userInfo$linkedAccou3 !== void 0 ? _userInfo$linkedAccou3 : [];
+      }
+    } else if (!accessToken || !idToken) {
+      const tokenInfo = await this.getAuthTokenInfo();
+      accessToken = tokenInfo.accessToken;
+      idToken = tokenInfo.idToken;
+    }
+    if (!accessToken || !idToken) {
+      throw AccountLinkingError.primaryTokenNotAvailable("Could not obtain an identity token from the current AUTH session.");
+    }
+    return {
+      accessToken,
+      idToken,
+      linkedAccounts
+    };
+  }
+  getNetworkForUnlinkAddress(accounts, address) {
+    const matchedAccount = accounts.find(account => {
+      var _account$address, _account$eoaAddress2;
+      if (!account.chainNamespace || parseChainNamespaceFromCitadelResponse(account.chainNamespace) !== CHAIN_NAMESPACES.EIP155) {
+        return false;
+      }
+      const normalizedAddress = address.toLowerCase();
+      return ((_account$address = account.address) === null || _account$address === void 0 ? void 0 : _account$address.toLowerCase()) === normalizedAddress || ((_account$eoaAddress2 = account.eoaAddress) === null || _account$eoaAddress2 === void 0 ? void 0 : _account$eoaAddress2.toLowerCase()) === normalizedAddress;
+    });
+    if (!matchedAccount) {
+      throw AccountLinkingError.requestFailed(`No connected wallet matches address "${address}".`);
+    }
+    if (!matchedAccount.chainNamespace) {
+      throw AccountLinkingError.requestFailed(`Could not determine the chain namespace for address "${address}".`);
+    }
+    const chainNamespace = parseChainNamespaceFromCitadelResponse(matchedAccount.chainNamespace);
+    if (chainNamespace === CHAIN_NAMESPACES.EIP155) {
+      return "ethereum";
+    }
+    if (chainNamespace === CHAIN_NAMESPACES.SOLANA) {
+      return "solana";
+    }
+    throw AccountLinkingError.requestFailed(`Unsupported chain namespace "${matchedAccount.chainNamespace}" for address "${address}".`);
+  }
+  async createWalletLinkingProof(connector) {
+    // Notify listeners that the linking wallet is about to be asked for a signature so the UI
+    // (e.g. modal) can switch from a "connecting" loader to an "authorizing" prompt while the
+    // user reviews the signature request inside their wallet. Emitted on the isolated wallet
+    // connector (not the auth connector) so it doesn't mutate the global SDK status.
+    connector.emit(CONNECTOR_EVENTS.AUTHORIZING, {
+      connector: connector.name
+    });
+    const {
+      challenge,
+      signature,
+      chainNamespace
+    } = await connector.generateChallengeAndSign();
+    const address = await this.getLinkingWalletAddress(connector, chainNamespace);
+    if (chainNamespace === CHAIN_NAMESPACES.EIP155) {
+      return {
+        address,
+        challenge,
+        signature,
+        signatureType: "eip191",
+        network: "ethereum"
+      };
+    }
+    if (chainNamespace === CHAIN_NAMESPACES.SOLANA) {
+      return {
+        address,
+        challenge,
+        signature,
+        signatureType: "sip99",
+        network: "solana"
+      };
+    }
+    throw AccountLinkingError.unsupportedConnector(`Connector "${connector.name}" returned unsupported chain namespace "${chainNamespace}".`);
+  }
+  async getLinkingWalletAddress(connector, chainNamespace) {
+    if (chainNamespace === CHAIN_NAMESPACES.SOLANA) {
+      var _connector$solanaWall3;
+      const address = (_connector$solanaWall3 = connector.solanaWallet) === null || _connector$solanaWall3 === void 0 || (_connector$solanaWall3 = _connector$solanaWall3.accounts) === null || _connector$solanaWall3 === void 0 || (_connector$solanaWall3 = _connector$solanaWall3[0]) === null || _connector$solanaWall3 === void 0 ? void 0 : _connector$solanaWall3.address;
+      if (!address) {
+        throw AccountLinkingError.walletProofFailed("No connected Solana account found for account linking.");
+      }
+      return address;
+    }
+    if (!connector.provider) {
+      throw AccountLinkingError.walletProofFailed("No connected EVM account found for account linking.");
+    }
+    const accounts = await connector.provider.request({
+      method: "eth_accounts"
+    });
+    if (!(accounts !== null && accounts !== void 0 && accounts.length)) {
+      throw AccountLinkingError.walletProofFailed("No connected EVM account found for account linking.");
+    }
+    return accounts[0];
+  }
+  getWsEmbedProvider() {
+    var _ref, _this$wsEmbedInstance2;
+    return (_ref = (_this$wsEmbedInstance2 = this.wsEmbedInstance) === null || _this$wsEmbedInstance2 === void 0 ? void 0 : _this$wsEmbedInstance2.provider) !== null && _ref !== void 0 ? _ref : null;
+  }
+  bindWsEmbedProviderEvents() {
+    const rawProvider = this.getWsEmbedProvider();
+    if (this.wsEmbedProviderListenerTarget === rawProvider) {
+      return;
+    }
+    this.unbindWsEmbedProviderEvents();
+    if (!rawProvider) {
+      return;
+    }
+    rawProvider.on("accountsChanged", this.handleWsEmbedAccountsChanged);
+    this.wsEmbedProviderListenerTarget = rawProvider;
+  }
+  unbindWsEmbedProviderEvents() {
+    if (!this.wsEmbedProviderListenerTarget) {
+      return;
+    }
+    this.wsEmbedProviderListenerTarget.removeListener("accountsChanged", this.handleWsEmbedAccountsChanged);
+    this.wsEmbedProviderListenerTarget = null;
+  }
   setupSolanaWallet() {
     const solanaChains = this.coreOptions.chains.filter(c => c.chainNamespace === CHAIN_NAMESPACES.SOLANA);
     if (solanaChains.length === 0 || !this.provider) return;
+    if (this._solanaWallet instanceof AuthSolanaWallet) {
+      return;
+    }
     this._solanaWallet = new AuthSolanaWallet(this.provider, solanaChains);
   }
   _getFinalPrivKey() {
@@ -392,13 +814,13 @@ class AuthConnector extends BaseConnector {
       } = this.authInstance || {};
       if (sessionId) {
         this.wsEmbedInstance.setAccessTokenProvider(this.accessTokenProvider.bind(this));
+        this.bindWsEmbedProviderEvents();
         const isLoggedIn = await this.wsEmbedInstance.connectWithSession({
           sessionId,
           sessionNamespace,
           idToken: await this.getIdToken()
         });
         if (isLoggedIn) {
-          var _this$wsEmbedInstance3;
           this.setupSolanaWallet();
           // if getAuthTokenInfo is true, then get auth token info
           // No need to get auth token info for auth connector as it is already handled
@@ -412,12 +834,6 @@ class AuthConnector extends BaseConnector {
           if (params.getAuthTokenInfo) {
             await this.getAuthTokenInfo();
           }
-          // handle disconnect from ws embed
-          (_this$wsEmbedInstance3 = this.wsEmbedInstance) === null || _this$wsEmbedInstance3 === void 0 || _this$wsEmbedInstance3.provider.on("accountsChanged", (accounts = []) => {
-            if (accounts.length === 0 && CONNECTED_STATUSES.includes(this.status)) this.disconnect({
-              cleanup: false
-            });
-          });
         }
       }
     } else {
@@ -519,9 +935,7 @@ class AuthConnector extends BaseConnector {
       }).catch(error => {
         // swallow the error, dont need to throw.
         log.error("Error during login with social", error);
-        this.auditOAuditProgress(loginParams, "failed").catch(error => {
-          log.error("Error reporting `oauthFailed` audit progress", error);
-        });
+        this.reportFailedOauthAudit(loginParams);
       });
       verifierWindow.once("close", () => {
         if (!isClosedWindow) {
@@ -531,9 +945,7 @@ class AuthConnector extends BaseConnector {
         }
       });
       this.authInstance.postLoginInitiatedMessage(loginParams, nonce).then(resolve).catch(error => {
-        this.auditOAuditProgress(loginParams, "failed").catch(error => {
-          log.error("Error reporting `oauthFailed` audit progress", error);
-        });
+        this.reportFailedOauthAudit(loginParams);
         if (error instanceof Web3AuthError) {
           throw error;
         }
@@ -649,11 +1061,17 @@ class AuthConnector extends BaseConnector {
     }
     await put(auditServerUrl, auditPayload);
   }
+  reportFailedOauthAudit(loginParams) {
+    void this.auditOAuditProgress(loginParams, "failed").catch(error => {
+      log.error("Error reporting `oauthFailed` audit progress", error);
+    });
+  }
 }
 const authConnector = params => {
   return ({
     projectConfig,
-    coreOptions
+    coreOptions,
+    analytics
   }) => {
     var _coreOptions$uiConfig, _coreOptions$walletSe, _coreOptions$walletSe2, _coreOptions$walletSe3;
     // Connector settings
@@ -698,9 +1116,22 @@ const authConnector = params => {
         mfaLevel: coreOptions.mfaLevel
       }),
       coreOptions,
+      analytics,
       authConnectionConfig: projectConfig.embeddedWalletAuth
     });
   };
 };
+function isAuthConnector(connector) {
+  if (!connector || connector.name !== WALLET_CONNECTORS.AUTH) {
+    return false;
+  }
+  const maybeAuthConnector = connector;
+  return typeof maybeAuthConnector.switchAccount === "function" && typeof maybeAuthConnector.linkAccount === "function" && typeof maybeAuthConnector.unlinkAccount === "function";
+}
+function assertAuthConnector(connector, errorMessage = "Account linking is only supported when connected with the AUTH connector.") {
+  if (!isAuthConnector(connector)) {
+    throw WalletLoginError.unsupportedOperation(errorMessage);
+  }
+}
 
-export { authConnector };
+export { assertAuthConnector, authConnector, isAuthConnector };