diff --git a/examples/react-components/.env.local.example b/examples/react-components/.env.local.example index f66a5a6f..71fabb58 100644 --- a/examples/react-components/.env.local.example +++ b/examples/react-components/.env.local.example @@ -6,7 +6,9 @@ TURNKEY_API_PRIVATE_KEY="" NEXT_PUBLIC_BASE_URL="https://api.turnkey.com" NEXT_PUBLIC_ORGANIZATION_ID="" NEXT_PUBLIC_AUTH_IFRAME_URL="https://auth.turnkey.com" +NEXT_PUBLIC_EXPORT_IFRAME_URL="https://export.turnkey.com" +NEXT_PUBLIC_IMPORT_IFRAME_URL="https://import.turnkey.com" NEXT_PUBLIC_GOOGLE_CLIENT_ID="" NEXT_PUBLIC_APPLE_CLIENT_ID="" NEXT_PUBLIC_FACEBOOK_CLIENT_ID="" -NEXT_PUBLIC_OAUTH_REDIRECT_URI="http://localhost:3000/" # Where your login page is - make sure to have a trailing "/" NOTE: Sign in with Apple and Google does not support localhost redirects! You can use ngrok to test locally +NEXT_PUBLIC_OAUTH_REDIRECT_URI="http://localhost:3000/" # Where your login page is - make sure to have a trailing "/" NOTE: Sign in with Apple and Google does not support localhost redirects! You can use ngrok to test locally \ No newline at end of file diff --git a/examples/react-components/README.md b/examples/react-components/README.md index fb418dff..9ea8322a 100644 --- a/examples/react-components/README.md +++ b/examples/react-components/README.md @@ -1,12 +1,12 @@ # Example: `react-components` -This example shows a an example app created using our react components from @turnkey/sdk-react. For more information [check out our documentation](https://docs.turnkey.com/features/TODO). +This example shows an example app created using our react components from @turnkey/sdk-react. For more information [check out our documentation](https://docs.turnkey.com/features/TODO). #TODO docs for react components and is also hosted [here](TODO) #TODO add hosted URL - e.g demo.turnkey.com ## Getting started ### 1/ Cloning the example -Make sure you have `node` installed locally; we recommend using Node v18+. You will also need NextJs v13+ (for use-server/use-client directives and /app directory structure). Our components leverage use-server to make server side calls using private api keys without requiring developers to setup their own backend for turnkey authentication +Make sure you have `node` installed locally; we recommend using Node v18+. You will also need NextJS v13+ (for use-server/use-client directives and /app directory structure). Our components leverage use-server to make server side calls using private API keys without requiring developers to setup their own backend for Turnkey authentication ```bash $ git clone https://github.com/tkhq/sdk @@ -40,6 +40,8 @@ Now open `.env.local` and add the missing environment variables: - `NEXT_PUBLIC_FACEBOOK_CLIENT_ID` - `NEXT_PUBLIC_APPLE_CLIENT_ID` - `NEXT_PUBLIC_AUTH_IFRAME_URL` +- `NEXT_PUBLIC_IMPORT_IFRAME_URL` +- `NEXT_PUBLIC_EXPORT_IFRAME_URL` - `NEXT_PUBLIC_OAUTH_REDIRECT_URI` ### 3/ Running the app @@ -48,4 +50,4 @@ Now open `.env.local` and add the missing environment variables: $ pnpm run dev ``` -This command will run a NextJS app on port 3000. If you navigate to http://localhost:3000 in your browser, you can follow the prompts to start an oauth activity. +This command will run a NextJS app on port 3000. If you navigate to http://localhost:3000 in your browser, the example app using auth components should be ready to use! diff --git a/examples/react-components/src/app/dashboard/page.tsx b/examples/react-components/src/app/dashboard/page.tsx index 65c97533..c9b5717d 100644 --- a/examples/react-components/src/app/dashboard/page.tsx +++ b/examples/react-components/src/app/dashboard/page.tsx @@ -23,7 +23,10 @@ import { } from "@mui/material"; import LogoutIcon from "@mui/icons-material/Logout"; import DeleteOutlineIcon from "@mui/icons-material/DeleteOutline"; -import { verifyEthSignature, verifySolSignatureWithAddress } from "../utils"; +import { + verifyEthSignatureWithAddress, + verifySolSignatureWithAddress, +} from "../utils"; import { keccak256, toUtf8Bytes } from "ethers"; import { useRouter } from "next/navigation"; import AddCircleIcon from "@mui/icons-material/AddCircle"; @@ -385,7 +388,7 @@ export default function Dashboard() { const addressType = selectedAccount?.startsWith("0x") ? "ETH" : "SOL"; const verificationPassed = addressType === "ETH" - ? verifyEthSignature( + ? verifyEthSignatureWithAddress( messageToSign, signature.r, signature.s, diff --git a/examples/react-components/src/app/page.tsx b/examples/react-components/src/app/page.tsx index c62284fb..2820e546 100644 --- a/examples/react-components/src/app/page.tsx +++ b/examples/react-components/src/app/page.tsx @@ -11,12 +11,18 @@ import { Droppable, Draggable, DropResult, + DroppableProvided, + DraggableProvided, } from "@hello-pangea/dnd"; import "./index.css"; import { useRouter } from "next/navigation"; import Navbar from "./components/Navbar"; import { Toaster, toast } from "sonner"; +// Define reusable types for provided props +type DroppableProvidedProps = DroppableProvided; +type DraggableProvidedProps = DraggableProvided; + // Define types for config and socials interface SocialConfig { enabled: boolean; @@ -37,6 +43,7 @@ export default function AuthPage() { const handleAuthSuccess = async () => { router.push("/dashboard"); }; + const [configOrder, setConfigOrder] = useState([ "socials", "email", @@ -140,25 +147,7 @@ export default function AuthPage() { - {(provided: { - droppableProps: React.JSX.IntrinsicAttributes & - React.ClassAttributes & - React.HTMLAttributes; - innerRef: React.LegacyRef | undefined; - placeholder: - | string - | number - | boolean - | React.ReactElement< - any, - string | React.JSXElementConstructor - > - | Iterable - | React.ReactPortal - | React.PromiseLikeOfReactNode - | null - | undefined; - }) => ( + {(provided: DroppableProvidedProps) => (
- {(provided: { - innerRef: React.LegacyRef | undefined; - draggableProps: React.JSX.IntrinsicAttributes & - React.ClassAttributes & - React.HTMLAttributes; - dragHandleProps: React.JSX.IntrinsicAttributes & - React.ClassAttributes & - React.HTMLAttributes; - }) => ( + {(provided: DraggableProvidedProps) => (
@@ -242,19 +223,11 @@ export default function AuthPage() { (!config[key as keyof Config] as boolean) } > - {(provided: { - innerRef: React.LegacyRef | undefined; - draggableProps: React.JSX.IntrinsicAttributes & - React.ClassAttributes & - React.HTMLAttributes; - dragHandleProps: React.JSX.IntrinsicAttributes & - React.ClassAttributes & - React.HTMLAttributes; - }) => ( + {(provided: DraggableProvidedProps) => (
diff --git a/examples/react-components/src/app/utils.ts b/examples/react-components/src/app/utils.ts index 78ff4c8d..628f16ab 100644 --- a/examples/react-components/src/app/utils.ts +++ b/examples/react-components/src/app/utils.ts @@ -13,7 +13,7 @@ import { hashMessage, keccak256, recoverAddress, toUtf8Bytes } from "ethers"; * @param {string} address - The Ethereum address of the signer. * @returns {boolean} - The recovered Ethereum address. */ -export function verifyEthSignature( +export function verifyEthSignatureWithAddress( message: string, r: string, s: string, diff --git a/examples/react-components/src/app/utils/facebookUtils.ts b/examples/react-components/src/app/utils/facebookUtils.ts index cc833dbb..fcbbae46 100644 --- a/examples/react-components/src/app/utils/facebookUtils.ts +++ b/examples/react-components/src/app/utils/facebookUtils.ts @@ -1,4 +1,5 @@ "use server"; + import crypto from "crypto"; export async function generateChallengePair() { @@ -11,10 +12,10 @@ export async function generateChallengePair() { } export async function exchangeCodeForToken( - clientId: any, - redirectURI: any, - authCode: any, - verifier: any + clientId: string, + redirectURI: string, + authCode: string, + verifier: string ) { const response = await fetch( `https://graph.facebook.com/v11.0/oauth/access_token`, diff --git a/examples/react-components/src/app/utils/oidc.ts b/examples/react-components/src/app/utils/oidc.ts index 58e856f6..27d66ee1 100644 --- a/examples/react-components/src/app/utils/oidc.ts +++ b/examples/react-components/src/app/utils/oidc.ts @@ -4,6 +4,14 @@ import { sha256 } from "@noble/hashes/sha2"; import { bytesToHex } from "@noble/hashes/utils"; import { exchangeCodeForToken, generateChallengePair } from "./facebookUtils"; +// OAuth URLs +const APPLE_AUTH_URL = "https://appleid.apple.com/auth/authorize"; +const GOOGLE_AUTH_URL = "https://accounts.google.com/o/oauth2/v2/auth"; +const FACEBOOK_AUTH_URL = "https://www.facebook.com/v11.0/dialog/oauth"; + +// Popup Size +const popupWidth = 500; +const popupHeight = 600; interface OidcTokenParams { iframePublicKey: string; clientId: string; @@ -16,15 +24,15 @@ export const appleOidcToken = async ({ redirectURI, }: OidcTokenParams): Promise => { const nonce = bytesToHex(sha256(iframePublicKey)); - const appleAuthUrl = new URL("https://appleid.apple.com/auth/authorize"); + const appleAuthUrl = new URL(APPLE_AUTH_URL); appleAuthUrl.searchParams.set("client_id", clientId); appleAuthUrl.searchParams.set("redirect_uri", redirectURI); appleAuthUrl.searchParams.set("response_type", "code id_token"); appleAuthUrl.searchParams.set("response_mode", "fragment"); appleAuthUrl.searchParams.set("nonce", nonce); - const width = 500; - const height = 600; + const width = popupWidth; + const height = popupHeight; const left = window.screenX + (window.innerWidth - width) / 2; const top = window.screenY + (window.innerHeight - height) / 2; @@ -53,7 +61,10 @@ export const appleOidcToken = async ({ } } } catch (error) { - // Ignore cross-origin errors until redirected + // Ignore cross-origin errors until the popup redirects to the same origin. + // These errors occur because the script attempts to access the URL of the popup window while it's on a different domain. + // Due to browser security policies (Same-Origin Policy), accessing properties like location.href on a window that is on a different domain will throw an exception. + // Once the popup redirects to the same origin as the parent window, these errors will no longer occur, and the script can safely access the popup's location to extract parameters. } if (authWindow?.closed) { @@ -70,7 +81,7 @@ export const googleOidcToken = async ({ redirectURI, }: OidcTokenParams): Promise => { const nonce = bytesToHex(sha256(iframePublicKey)); - const googleAuthUrl = new URL("https://accounts.google.com/o/oauth2/v2/auth"); + const googleAuthUrl = new URL(GOOGLE_AUTH_URL); googleAuthUrl.searchParams.set("client_id", clientId); googleAuthUrl.searchParams.set("redirect_uri", redirectURI); googleAuthUrl.searchParams.set("response_type", "id_token"); @@ -78,8 +89,8 @@ export const googleOidcToken = async ({ googleAuthUrl.searchParams.set("nonce", nonce); googleAuthUrl.searchParams.set("prompt", "select_account"); - const width = 500; - const height = 600; + const width = popupWidth; + const height = popupHeight; const left = window.screenX + (window.innerWidth - width) / 2; const top = window.screenY + (window.innerHeight - height) / 2; @@ -108,7 +119,10 @@ export const googleOidcToken = async ({ } } } catch (error) { - // Ignore cross-origin errors until redirected + // Ignore cross-origin errors until the popup redirects to the same origin. + // These errors occur because the script attempts to access the URL of the popup window while it's on a different domain. + // Due to browser security policies (Same-Origin Policy), accessing properties like location.href on a window that is on a different domain will throw an exception. + // Once the popup redirects to the same origin as the parent window, these errors will no longer occur, and the script can safely access the popup's location to extract parameters. } if (authWindow?.closed) { @@ -138,9 +152,9 @@ export const facebookOidcToken = async ({ response_type: "code", }); - const facebookOAuthURL = `https://www.facebook.com/v11.0/dialog/oauth?${params.toString()}`; - const width = 500; - const height = 600; + const facebookOAuthURL = `${FACEBOOK_AUTH_URL}?${params.toString()}`; + const width = popupWidth; + const height = popupHeight; const left = window.screenX + (window.innerWidth - width) / 2; const top = window.screenY + (window.innerHeight - height) / 2; @@ -192,7 +206,10 @@ export const facebookOidcToken = async ({ } } } catch (error) { - // Ignore cross-origin errors until the popup redirects to the same origin + // Ignore cross-origin errors until the popup redirects to the same origin. + // These errors occur because the script attempts to access the URL of the popup window while it's on a different domain. + // Due to browser security policies (Same-Origin Policy), accessing properties like location.href on a window that is on a different domain will throw an exception. + // Once the popup redirects to the same origin as the parent window, these errors will no longer occur, and the script can safely access the popup's location to extract parameters. } }, 250); }); diff --git a/packages/sdk-browser/src/sdk-client.ts b/packages/sdk-browser/src/sdk-client.ts index 1aeee371..e94ad932 100644 --- a/packages/sdk-browser/src/sdk-client.ts +++ b/packages/sdk-browser/src/sdk-client.ts @@ -313,20 +313,25 @@ export class TurnkeyBrowserClient extends TurnkeySDKClientBase { * * @param credentialBundle * @param expirationSeconds - * @returns {Promise} + * @returns {Promise} */ loginWithAuthBundle = async ( credentialBundle: string, expirationSeconds: string = DEFAULT_SESSION_EXPIRATION ): Promise => { - const whoAmIResult = await this.getWhoami(); - - const readWriteSessionResultWithSession = { - ...whoAmIResult, - credentialBundle: credentialBundle, - sessionExpiry: Date.now() + Number(expirationSeconds) * 1000, - }; - await saveSession(readWriteSessionResultWithSession, this.authClient); + try { + const whoAmIResult = await this.getWhoami(); + + const readWriteSessionResultWithSession = { + ...whoAmIResult, + credentialBundle: credentialBundle, + sessionExpiry: Date.now() + Number(expirationSeconds) * 1000, + }; + await saveSession(readWriteSessionResultWithSession, this.authClient); + return true; + } catch { + return false; + } }; } diff --git a/packages/sdk-react/package.json b/packages/sdk-react/package.json index c5ae0f7d..032b345f 100644 --- a/packages/sdk-react/package.json +++ b/packages/sdk-react/package.json @@ -57,9 +57,9 @@ "@react-oauth/google": "^0.12.1", "@turnkey/sdk-browser": "workspace:*", "@turnkey/wallet-stamper": "workspace:*", - "usehooks-ts": "^3.1.0", "@turnkey/crypto": "workspace:*", "@turnkey/sdk-server": "workspace:*", + "usehooks-ts": "^3.1.0", "libphonenumber-js": "^1.11.14", "next": "^15.0.2", "react-apple-login": "^1.1.6", @@ -72,10 +72,6 @@ "@types/react": "^18.2.75", "react": "^18.2.0" }, - "overrides": { - "react": "18.2.0", - "@types/react": "18.2.75" - }, "engines": { "node": ">=18.0.0" } diff --git a/packages/sdk-react/src/components/auth/Apple.tsx b/packages/sdk-react/src/components/auth/Apple.tsx index 5cfed6d8..dff66754 100644 --- a/packages/sdk-react/src/components/auth/Apple.tsx +++ b/packages/sdk-react/src/components/auth/Apple.tsx @@ -3,11 +3,18 @@ import { sha256 } from "@noble/hashes/sha2"; import { bytesToHex } from "@noble/hashes/utils"; import styles from "./Socials.module.css"; import appleIcon from "assets/apple.svg"; +import { + APPLE_AUTH_SCRIPT_URL, + APPLE_AUTH_URL, + popupHeight, + popupWidth, +} from "./constants"; interface AppleAuthButtonProps { iframePublicKey: string; clientId: string; onSuccess: (response: any) => void; + layout: "inline" | "stacked"; } declare global { interface Window { @@ -15,17 +22,19 @@ declare global { } } -const AppleAuthButton: React.FC< - AppleAuthButtonProps & { layout: "inline" | "stacked" } -> = ({ iframePublicKey, onSuccess, clientId, layout }) => { +const AppleAuthButton: React.FC = ({ + iframePublicKey, + onSuccess, + clientId, + layout, +}) => { const [appleSDKLoaded, setAppleSDKLoaded] = useState(false); const redirectURI = process.env.NEXT_PUBLIC_OAUTH_REDIRECT_URI!; useEffect(() => { const loadAppleSDK = () => { const script = document.createElement("script"); - script.src = - "https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"; + script.src = APPLE_AUTH_SCRIPT_URL; script.onload = () => setAppleSDKLoaded(true); script.onerror = () => console.error("Failed to load AppleID SDK"); document.body.appendChild(script); @@ -40,7 +49,7 @@ const AppleAuthButton: React.FC< const handleLogin = () => { const nonce = bytesToHex(sha256(iframePublicKey)); - const appleAuthUrl = new URL("https://appleid.apple.com/auth/authorize"); + const appleAuthUrl = new URL(APPLE_AUTH_URL); appleAuthUrl.searchParams.set("client_id", clientId); appleAuthUrl.searchParams.set("redirect_uri", redirectURI); appleAuthUrl.searchParams.set("response_type", "code id_token"); @@ -48,8 +57,8 @@ const AppleAuthButton: React.FC< appleAuthUrl.searchParams.set("nonce", nonce); // Calculate popup dimensions and position for centering - const width = 500; - const height = 600; + const width = popupWidth; + const height = popupHeight; const left = window.screenX + (window.innerWidth - width) / 2; const top = window.screenY + (window.innerHeight - height) / 2; @@ -79,7 +88,10 @@ const AppleAuthButton: React.FC< } } } catch (error) { - // Ignore cross-origin errors until redirected + // Ignore cross-origin errors until the popup redirects to the same origin. + // These errors occur because the script attempts to access the URL of the popup window while it's on a different domain. + // Due to browser security policies (Same-Origin Policy), accessing properties like location.href on a window that is on a different domain will throw an exception. + // Once the popup redirects to the same origin as the parent window, these errors will no longer occur, and the script can safely access the popup's location to extract parameters. } if (authWindow?.closed) { diff --git a/packages/sdk-react/src/components/auth/Facebook.tsx b/packages/sdk-react/src/components/auth/Facebook.tsx index 345e213b..03924124 100644 --- a/packages/sdk-react/src/components/auth/Facebook.tsx +++ b/packages/sdk-react/src/components/auth/Facebook.tsx @@ -6,15 +6,21 @@ import { exchangeCodeForToken, generateChallengePair } from "./facebookUtils"; import { sha256 } from "@noble/hashes/sha256"; import { bytesToHex } from "@noble/hashes/utils"; import facebookIcon from "assets/facebook.svg"; +import { FACEBOOK_AUTH_URL, popupHeight, popupWidth } from "./constants"; + interface FacebookAuthButtonProps { iframePublicKey: string; clientId: string; onSuccess: (response: any) => void; + layout: "inline" | "stacked"; } -const FacebookAuthButton: React.FC< - FacebookAuthButtonProps & { layout: "inline" | "stacked" } -> = ({ iframePublicKey, onSuccess, clientId, layout }) => { +const FacebookAuthButton: React.FC = ({ + iframePublicKey, + onSuccess, + clientId, + layout, +}) => { const [tokenExchanged, setTokenExchanged] = useState(false); const redirectURI = process.env.NEXT_PUBLIC_OAUTH_REDIRECT_URI!; @@ -33,10 +39,10 @@ const FacebookAuthButton: React.FC< response_type: "code", }); - const facebookOAuthURL = `https://www.facebook.com/v11.0/dialog/oauth?${params.toString()}`; + const facebookOAuthURL = `${FACEBOOK_AUTH_URL}?${params.toString()}`; - const width = 500; - const height = 600; + const width = popupWidth; + const height = popupHeight; const left = window.screenX + (window.innerWidth - width) / 2; const top = window.screenY + (window.innerHeight - height) / 2; @@ -64,7 +70,10 @@ const FacebookAuthButton: React.FC< handleTokenExchange(authCode); } } catch (error) { - // Ignore cross-origin errors until the popup redirects to the same origin + // Ignore cross-origin errors until the popup redirects to the same origin. + // These errors occur because the script attempts to access the URL of the popup window while it's on a different domain. + // Due to browser security policies (Same-Origin Policy), accessing properties like location.href on a window that is on a different domain will throw an exception. + // Once the popup redirects to the same origin as the parent window, these errors will no longer occur, and the script can safely access the popup's location to extract parameters. } }, 250); } diff --git a/packages/sdk-react/src/components/auth/Google.tsx b/packages/sdk-react/src/components/auth/Google.tsx index 45d467f1..8147b469 100644 --- a/packages/sdk-react/src/components/auth/Google.tsx +++ b/packages/sdk-react/src/components/auth/Google.tsx @@ -4,11 +4,13 @@ import { sha256 } from "@noble/hashes/sha2"; import { bytesToHex } from "@noble/hashes/utils"; import styles from "./Socials.module.css"; import googleIcon from "assets/google.svg"; +import { GOOGLE_AUTH_URL, popupHeight, popupWidth } from "./constants"; interface GoogleAuthButtonProps { iframePublicKey: string; clientId: string; onSuccess: (response: any) => void; + layout: "inline" | "stacked"; } declare global { interface Window { @@ -16,9 +18,12 @@ declare global { } } -const GoogleAuthButton: React.FC< - GoogleAuthButtonProps & { layout: "inline" | "stacked" } -> = ({ iframePublicKey, clientId, onSuccess, layout }) => { +const GoogleAuthButton: React.FC = ({ + iframePublicKey, + clientId, + onSuccess, + layout, +}) => { const handleLogin = async () => { const nonce = bytesToHex(sha256(iframePublicKey)); const redirectURI = process.env.NEXT_PUBLIC_OAUTH_REDIRECT_URI!.replace( @@ -26,17 +31,15 @@ const GoogleAuthButton: React.FC< "" ); // Construct the Google OIDC URL - const googleAuthUrl = new URL( - "https://accounts.google.com/o/oauth2/v2/auth" - ); + const googleAuthUrl = new URL(GOOGLE_AUTH_URL); googleAuthUrl.searchParams.set("client_id", clientId); googleAuthUrl.searchParams.set("redirect_uri", redirectURI); // Replace with your actual redirect URI googleAuthUrl.searchParams.set("response_type", "id_token"); // Use id_token for OpenID Connect googleAuthUrl.searchParams.set("scope", "openid email profile"); // Scopes required for OpenID googleAuthUrl.searchParams.set("nonce", nonce); googleAuthUrl.searchParams.set("prompt", "select_account"); - const width = 500; - const height = 600; + const width = popupWidth; + const height = popupHeight; const left = window.screenX + (window.innerWidth - width) / 2; const top = window.screenY + (window.innerHeight - height) / 2; @@ -66,7 +69,10 @@ const GoogleAuthButton: React.FC< } } } catch (error) { - // Ignore cross-origin errors until redirected + // Ignore cross-origin errors until the popup redirects to the same origin. + // These errors occur because the script attempts to access the URL of the popup window while it's on a different domain. + // Due to browser security policies (Same-Origin Policy), accessing properties like location.href on a window that is on a different domain will throw an exception. + // Once the popup redirects to the same origin as the parent window, these errors will no longer occur, and the script can safely access the popup's location to extract parameters. } if (authWindow?.closed) { diff --git a/packages/sdk-react/src/components/auth/constants.ts b/packages/sdk-react/src/components/auth/constants.ts new file mode 100644 index 00000000..ee070789 --- /dev/null +++ b/packages/sdk-react/src/components/auth/constants.ts @@ -0,0 +1,7 @@ +export const GOOGLE_AUTH_URL = "https://accounts.google.com/o/oauth2/v2/auth"; +export const APPLE_AUTH_URL = "https://appleid.apple.com/auth/authorize"; +export const APPLE_AUTH_SCRIPT_URL = + "https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"; +export const FACEBOOK_AUTH_URL = "https://www.facebook.com/v11.0/dialog/oauth"; +export const popupWidth = 500; +export const popupHeight = 600; diff --git a/packages/sdk-react/src/components/auth/facebookUtils.ts b/packages/sdk-react/src/components/auth/facebookUtils.ts index cc833dbb..fcbbae46 100644 --- a/packages/sdk-react/src/components/auth/facebookUtils.ts +++ b/packages/sdk-react/src/components/auth/facebookUtils.ts @@ -1,4 +1,5 @@ "use server"; + import crypto from "crypto"; export async function generateChallengePair() { @@ -11,10 +12,10 @@ export async function generateChallengePair() { } export async function exchangeCodeForToken( - clientId: any, - redirectURI: any, - authCode: any, - verifier: any + clientId: string, + redirectURI: string, + authCode: string, + verifier: string ) { const response = await fetch( `https://graph.facebook.com/v11.0/oauth/access_token`, diff --git a/packages/sdk-react/src/components/export/Export.tsx b/packages/sdk-react/src/components/export/Export.tsx index 1fbfcf1b..cff366df 100644 --- a/packages/sdk-react/src/components/export/Export.tsx +++ b/packages/sdk-react/src/components/export/Export.tsx @@ -42,7 +42,7 @@ const Export: React.FC = ({ walletId }) => { iframeContainer: document.getElementById( TurnkeyExportIframeContainerId ), - iframeUrl: "https://export.turnkey.com", + iframeUrl: process.env.NEXT_PUBLIC_EXPORT_IFRAME_URL!, }); setExportIframeClient(newExportIframeClient!); } catch (error) { diff --git a/packages/sdk-react/src/components/import/Import.tsx b/packages/sdk-react/src/components/import/Import.tsx index 484f2675..b171e135 100644 --- a/packages/sdk-react/src/components/import/Import.tsx +++ b/packages/sdk-react/src/components/import/Import.tsx @@ -42,7 +42,7 @@ const Import: React.FC = ({ onSuccess = () => undefined }) => { iframeContainer: document.getElementById( TurnkeyImportIframeContainerId ), - iframeUrl: "https://import.turnkey.com", + iframeUrl: process.env.NEXT_PUBLIC_IMPORT_IFRAME_URL!, }); setImportIframeClient(newImportIframeClient!); } catch (error) { diff --git a/rollup.config.base.mjs b/rollup.config.base.mjs index 471d7f42..e558e2ac 100644 --- a/rollup.config.base.mjs +++ b/rollup.config.base.mjs @@ -44,4 +44,4 @@ export default () => { esm, cjs ] -} \ No newline at end of file +}