plumbing

.github/workflows/ci.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        directory: ["recovery", "export"]
+        directory: ["recovery", "export", "auth"]
 
     steps:
       - name: Checkout

.github/workflows/deploy.yml

@@ -31,3 +31,12 @@ jobs:
           projectName: export
           directory: export
           gitHubToken: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Publish Auth
+        uses: cloudflare/pages-action@f0a1cd58cd66095dee69bfa18fa5efd1dde93bca #v1.5.0
+        with:
+          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          projectName: auth
+          directory: auth
+          gitHubToken: ${{ secrets.GITHUB_TOKEN }}

Dockerfile

@@ -9,8 +9,10 @@ COPY nginx.conf /etc/nginx/nginx.conf
 
 COPY recovery /usr/share/nginx/recovery
 COPY export /usr/share/nginx/export
+COPY auth /usr/share/nginx/auth
 
 EXPOSE 8080/tcp
 EXPOSE 8081/tcp
+EXPOSE 8082/tcp
 
 CMD ["nginx"]

README.md

@@ -1,6 +1,6 @@
 # Frames
 
-This repository contains code for the recovery and export components of Turnkey. These components can be embedded as iframes by users to support end-users in recovery and export.
+This repository contains code for the recovery, export, and auth components of Turnkey. These components can be embedded as iframes by users to support end-users.
 
 ## Email Recovery
 This self-contained HTML page is meant to be used as a standalone document to help first-party Turnkey root users. It's also going to be embedded as an iframe to help with sub-org root recovery.
@@ -12,6 +12,11 @@ This self-contained HTML page is meant to be used as either a standalone documen
 
 This page is hosted at https://export.turnkey.com/
 
+## Auth (via Email)
+This self-contained HTML page is meant to be used as either a standalone document or to be embedded as an iframe.
+
+This page is hosted at https://auth.turnkey.com/
+
 # Getting Started
 
 Clone the repo:
@@ -30,14 +35,16 @@ Install dependencies:
 ```sh
 cd recovery && npm install
 cd export && npm install
+cd auth && npm install
 ```
 
 # Unit Testing
 
-The export and recovery pages have tests. They run on CI automatically. If you want to run them locally:
+The export, recovery, and auth pages each have tests. They run on CI automatically. If you want to run them locally:
 ```sh
 cd recovery && npm test
 cd export  && npm test
+cd auth && npm test
 ```
 
 # Running Local Wallet Export
@@ -51,21 +58,37 @@ Clone the `sdk` repo.
 git clone [email protected]:tkhq/sdk.git
 ```
 
-Follow the README.md for the `key-export` example. Set the `NEXT_PUBLIC_EXPORT_IFRAME_URL="http://localhost:3000/export"` in the example's environment variables configuration. The `wallet-export` example embeds this page as an iframe.
+Follow the README.md for the `wallet-export` [example](https://github.com/tkhq/sdk/tree/main/examples/wallet-export). Set the `NEXT_PUBLIC_EXPORT_IFRAME_URL="http://localhost:3000/"` in the example's environment variables configuration. The `wallet-export` example embeds this page as an iframe.
 ```sh
 cd sdk/examples/wallet-export
 ```
 
+# Running Local Auth
+Start the server. This command will run a simple static server on port 8080.
+```sh
+npm start
+```
+
+Clone the `sdk` repo.
+```sh
+git clone [email protected]:tkhq/sdk.git
+```
+
+Follow the README.md for the `email-auth` [example](https://github.com/tkhq/sdk/tree/main/examples/email-auth). Set the `NEXT_PUBLIC_AUTH_IFRAME_URL="http://localhost:3000/"` in the example's environment variables configuration. The `email-auth` example embeds this page as an iframe.
+```sh
+cd sdk/examples/email-auth
+```
+
 # Building and running in Docker
 
 To build:
 ```
 docker build . -t frames
 ```
 
-To run (mapping 8080 and 8081 to 18080/18081 because they're often busy):
+To run (mapping `[8080, 8081, 8082]` to `[18080, 18081, 18082]` because they're often busy):
 ```
-docker run -p18080:8080 -p18081:8081 -t frames
+docker run -p18080:8080 -p18081:8081 -p18082:8082 -t frames
 ```
 
 # Deploying to a test Kubernetes cluster

auth/index.test.js

@@ -80,13 +80,13 @@ describe("TKHQ", () => {
   })
 
   it("imports auth credentials without errors", async () => {
-    let key = await TKHQ.importEmailAuthCredential(TKHQ.uint8arrayFromHexString("7632de7338577bc12c1731fa29f08019206af381f74af60f4d5e0395218f205c"));
+    let key = await TKHQ.importAuthCredential(TKHQ.uint8arrayFromHexString("7632de7338577bc12c1731fa29f08019206af381f74af60f4d5e0395218f205c"));
     expect(key.constructor.name).toEqual("CryptoKey");
     expect(key.algorithm).toEqual({ name: "ECDSA", namedCurve: "P-256"});
   })
 
   it("imports auth credentials correctly", async () => {
-    let key = await TKHQ.importEmailAuthCredential(TKHQ.uint8arrayFromHexString("7632de7338577bc12c1731fa29f08019206af381f74af60f4d5e0395218f205c"));
+    let key = await TKHQ.importAuthCredential(TKHQ.uint8arrayFromHexString("7632de7338577bc12c1731fa29f08019206af381f74af60f4d5e0395218f205c"));
     let jwkPrivateKey = await crypto.subtle.exportKey("jwk", key);
     let publicKey = await TKHQ.p256JWKPrivateToPublic(jwkPrivateKey);
     let compressedPublicKey = TKHQ.compressRawPublicKey(publicKey);