Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update iframestamper and add an example for email auth #169

Merged
merged 5 commits into from
Dec 5, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .changeset/quick-buttons-cross.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
"@turnkey/iframe-stamper": minor
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we flag this as major to follow semver? Another option is to keep compatibility and mark injectRecoverBundle as deprecated. Under the hood it can still send the same event (and if we do this, then we have a minor, backwards-compatible release)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no strong feelings on this one. maybe leave as minor/deprecation for now, and then have a stricter change later?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good to me! Let's keep both function names/implementation around then 👍

(and we can deprecate if we make a breaking change at some point)

---

- Add support for auth (e.g. via email), and include recovery under it. Note that this is a **breaking change**, as we are now using `injectCredentialBundle` as opposed to `injectRecoveryBundle`
- Update protos
2 changes: 1 addition & 1 deletion .github/pull_request_template.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@

## Did you add a changeset?

To add a changeset for your pr run [`pnpm changeset`](https://pnpm.io/using-changesets#adding-new-changesets). `pnpm changest` will generate a file where you should write a human friendly message about the changes. Note how this ([example](https://github.com/tkhq/sdk/blob/b409cd06790f011bf939adcf0755499b8e7497ae/.changeset/extra-http-exports.md?plain=1#L1)) includes the package name (should be auto added by the command) along with the type of [semver change (major.minor.patch)](https://semver.org/) (which you should set).
If updating one of our packages, you'll likely need to add a changeset to your PR. To do so, run [`pnpm changeset`](https://pnpm.io/using-changesets#adding-new-changesets). `pnpm changeset` will generate a file where you should write a human friendly message about the changes. Note how this ([example](https://github.com/tkhq/sdk/blob/b409cd06790f011bf939adcf0755499b8e7497ae/.changeset/extra-http-exports.md?plain=1#L1)) includes the package name (should be auto added by the command) along with the type of [semver change (major.minor.patch)](https://semver.org/) (which you should set).

These changes will be used at release time to determine what packages to publish and how to bump their version. For more context see [this comment](https://github.com/tkhq/sdk/pull/67#issuecomment-1568838440).
20 changes: 12 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,15 @@ API Docs: https://docs.turnkey.com/

## Packages

| Package | NPM | Description | Changelog |
| --------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------- | ---------------------------------------------------- |
| [`@turnkey/ethers`](/packages/ethers) | [![npm](https://img.shields.io/npm/v/@turnkey/ethers?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/ethers) | Turnkey Signer for Ethers | [CHANGELOG](/packages/ethers/CHANGELOG.md) |
| [`@turnkey/viem`](/packages/viem) | [![npm](https://img.shields.io/npm/v/@turnkey/viem?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/viem) | (Experimental) Turnkey Helpers to work with Viem | [CHANGELOG](/packages/viem/CHANGELOG.md) |
| [`@turnkey/cosmjs`](/packages/cosmjs) | [![npm](https://img.shields.io/npm/v/@turnkey/cosmjs?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/cosmjs) | (Experimental) Turnkey Cosmos Signer for CosmJS | [CHANGELOG](/packages/cosmjs/CHANGELOG.md) |
| [`@turnkey/http`](/packages/http) | [![npm](https://img.shields.io/npm/v/@turnkey/http?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/http) | Lower-level, fully typed HTTP client for interacting with Turnkey API | [CHANGELOG](/packages/http/CHANGELOG.md) |
| [`@turnkey/api-key-stamper`](/packages/api-key-stamper) | [![npm](https://img.shields.io/npm/v/@turnkey/api-key-stamper?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/api-key-stamper) | Provide API key signatures over Turnkey requests | [CHANGELOG](/packages/api-key-stamper/CHANGELOG.md) |
| [`@turnkey/webauthn-stamper`](/packages/webauthn-stamper) | [![npm](https://img.shields.io/npm/v/@turnkey/webauthn-stamper?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/webauthn-stamper) | Provide Webauthn signatures over Turnkey requests | [CHANGELOG](/packages/webauthn-stamper/CHANGELOG.md) |
| Package | NPM | Description | Changelog |
| --------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------- | ---------------------------------------------------- |
| [`@turnkey/ethers`](/packages/ethers) | [![npm](https://img.shields.io/npm/v/@turnkey/ethers?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/ethers) | Turnkey Signer for Ethers | [CHANGELOG](/packages/ethers/CHANGELOG.md) |
| [`@turnkey/viem`](/packages/viem) | [![npm](https://img.shields.io/npm/v/@turnkey/viem?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/viem) | (Experimental) Turnkey Helpers to work with Viem | [CHANGELOG](/packages/viem/CHANGELOG.md) |
| [`@turnkey/cosmjs`](/packages/cosmjs) | [![npm](https://img.shields.io/npm/v/@turnkey/cosmjs?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/cosmjs) | (Experimental) Turnkey Cosmos Signer for CosmJS | [CHANGELOG](/packages/cosmjs/CHANGELOG.md) |
| [`@turnkey/http`](/packages/http) | [![npm](https://img.shields.io/npm/v/@turnkey/http?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/http) | Lower-level, fully typed HTTP client for interacting with Turnkey API | [CHANGELOG](/packages/http/CHANGELOG.md) |
| [`@turnkey/api-key-stamper`](/packages/api-key-stamper) | [![npm](https://img.shields.io/npm/v/@turnkey/api-key-stamper?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/api-key-stamper) | Provide API key signatures over Turnkey requests | [CHANGELOG](/packages/api-key-stamper/CHANGELOG.md) |
| [`@turnkey/iframe-stamper`](/packages/iframe-stamper) | [![npm](https://img.shields.io/npm/v/@turnkey/iframe-stamper?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/iframe-stamper) | Provide API key signatures over Turnkey requests within iframe contexts | [CHANGELOG](/packages/iframe-stamper/CHANGELOG.md) |
| [`@turnkey/webauthn-stamper`](/packages/webauthn-stamper) | [![npm](https://img.shields.io/npm/v/@turnkey/webauthn-stamper?color=%234C48FF)](https://www.npmjs.com/package/@turnkey/webauthn-stamper) | Provide Webauthn signatures over Turnkey requests | [CHANGELOG](/packages/webauthn-stamper/CHANGELOG.md) |

## Code Examples

Expand All @@ -24,6 +25,9 @@ API Docs: https://docs.turnkey.com/
| [`demo-ethers-passkeys`](https://github.com/tkhq/demo-ethers-passkeys) | A NextJS app that demonstrates how to use `@turnkey/ethers` to build a passkey-powered application |
| [`demo-viem-passkeys`](https://github.com/tkhq/demo-viem-passkeys) | A NextJS app that demonstrates how to use `@turnkey/viem` to build a passkey-powered application |
| [`deployer`](/examples/deployer/) | Compile and deploy a smart contract |
| [`email-auth`](/examples/email-auth/) | A NextJS app demonstrating a complete email auth flow |
| [`email-recovery`](/examples/email-recovery/) | A NextJS app demonstrating a complete email recovery flow |
| [`wallet-export`](/examples/wallet-export/) | A NextJS app demonstrating a complete wallet export flow |
| [`rebalancer`](/examples/rebalancer/) | A demo application which showcases an example of how to use Turnkey for managing multiple types of keys & users |
| [`sweeper`](/examples/sweeper/) | Sweep funds from one address to a different address |
| [`trading-runner`](/examples/trading-runner/) | A sample application demonstrating a trading operation, using various private keys, users, and policies, powered by Uniswap |
Expand Down
7 changes: 7 additions & 0 deletions examples/email-auth/.env.local.example
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
API_PUBLIC_KEY="<Turnkey API Public Key (that starts with 02 or 03)>"
API_PRIVATE_KEY="<Turnkey API Private Key>"
NEXT_PUBLIC_ORGANIZATION_ID="<Turnkey organization ID>"
NEXT_PUBLIC_BASE_URL="https://api.turnkey.com"
# Can be changed to a localhost iframe if you're modifying the auth flow
# For production, the URL should not be changed and point to the primary Turnkey domain.
NEXT_PUBLIC_AUTH_IFRAME_URL="https://auth.turnkey.com"
3 changes: 3 additions & 0 deletions examples/email-auth/.eslintrc.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{
"extends": "next/core-web-vitals"
}
35 changes: 35 additions & 0 deletions examples/email-auth/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.

# dependencies
/node_modules
/.pnp
.pnp.js

# testing
/coverage

# next.js
/.next/
/out/

# production
/build

# misc
.DS_Store
*.pem

# debug
npm-debug.log*
yarn-debug.log*
yarn-error.log*

# local env files
.env*.local

# vercel
.vercel

# typescript
*.tsbuildinfo
next-env.d.ts
55 changes: 55 additions & 0 deletions examples/email-auth/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
# Example: `email-auth`

This example shows a complete email auth flow. It contains a NextJS app with:

- a frontend application
- a backend application

The overall flow for email auth is outlined below:
![Email auth flow diagram](./email_auth_steps.png)

This example contains an example auth page as well as a stub API endpoint for "your business" (where the email is resolved into an organization ID). The creation of the hidden iframe is abstracted by our `@turnkey/iframe-stamper` package. For more information on email auth, [check out our documentation](https://docs.turnkey.com/getting-started/email-auth).

## Getting started

### 1/ Cloning the example

Make sure you have `node` installed locally; we recommend using Node v16+.

```bash
$ git clone https://github.com/tkhq/sdk
$ cd sdk/
$ corepack enable # Install `pnpm`
$ pnpm install -r # Install dependencies
$ pnpm run build-all # Compile source code
$ cd examples/email-auth/
```

### 2/ Setting up Turnkey

The first step is to set up your Turnkey organization and account. By following the [Quickstart](https://docs.turnkey.com/getting-started/quickstart) guide, you should have:

- A public/private API key pair for Turnkey
- An organization ID

Once you've gathered these values, add them to a new `.env.local` file. Notice that your API private key should be securely managed and **_never_** be committed to git.

```bash
$ cp .env.local.example .env.local
```

Now open `.env.local` and add the missing environment variables:

- `API_PUBLIC_KEY`
- `API_PRIVATE_KEY`
- `NEXT_PUBLIC_ORGANIZATION_ID`
- `NEXT_PUBLIC_BASE_URL` (the `NEXT_PUBLIC` prefix makes the env variable accessible to the frontend app)
- `NEXT_PUBLIC_AUTH_IFRAME_URL`

### 3/ Running the app

```bash
$ pnpm run dev
```

This command will run a NextJS app on port 3000. If you navigate to http://localhost:3000 in your browser, you can follow the prompts to start an email auth.
Binary file added examples/email-auth/email_auth_steps.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
4 changes: 4 additions & 0 deletions examples/email-auth/next.config.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
/** @type {import('next').NextConfig} */
const nextConfig = {};

module.exports = nextConfig;
32 changes: 32 additions & 0 deletions examples/email-auth/package.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"name": "@turnkey/example-email-auth",
"version": "0.1.0",
"private": true,
"scripts": {
"dev": "next dev",
"build": "next build",
"start": "next start",
"lint": "next lint",
"typecheck": "tsc --noEmit"
},
"dependencies": {
"@turnkey/http": "workspace:*",
"@turnkey/api-key-stamper": "workspace:*",
"@turnkey/iframe-stamper": "workspace:*",
"@types/node": "20.3.1",
"@types/react": "18.2.14",
"@types/react-dom": "18.2.6",
"axios": "^1.4.0",
"encoding": "^0.1.13",
"eslint": "8.43.0",
"eslint-config-next": "13.4.7",
"esm": "^3.2.25",
"install": "^0.13.0",
"next": "13.4.7",
"npm": "^9.7.2",
"react": "18.2.0",
"react-dom": "18.2.0",
"react-hook-form": "^7.45.1",
"typescript": "5.1.3"
}
}
10 changes: 10 additions & 0 deletions examples/email-auth/public/favicon.svg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file not shown.
Binary file not shown.
Binary file not shown.
29 changes: 29 additions & 0 deletions examples/email-auth/public/logo.svg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
42 changes: 42 additions & 0 deletions examples/email-auth/src/components/Auth.tsx
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
"use client";

import { IframeStamper } from "@turnkey/iframe-stamper";
import { Dispatch, SetStateAction, useEffect, useState } from "react";

interface AuthProps {
iframeUrl: string;
turnkeyBaseUrl: string;
setIframeStamper: Dispatch<SetStateAction<IframeStamper | null>>;
}

const TurnkeyIframeContainerId = "turnkey-iframe-container-id";
const TurnkeyIframeElementId = "turnkey-iframe-element-id";

export function Auth(props: AuthProps) {
const [iframeStamper, setIframeStamper] = useState<IframeStamper | null>(
null
);

useEffect(() => {
if (!iframeStamper) {
const iframeStamper = new IframeStamper({
iframeUrl: props.iframeUrl,
iframeContainerId: TurnkeyIframeContainerId,
iframeElementId: TurnkeyIframeElementId,
});
iframeStamper.init().then(() => {
setIframeStamper(iframeStamper);
props.setIframeStamper(iframeStamper);
});
}

return () => {
if (iframeStamper) {
iframeStamper.clear();
setIframeStamper(null);
}
};
}, [props, iframeStamper, setIframeStamper]);

return <div style={{ display: "none" }} id={TurnkeyIframeContainerId}></div>;
}
19 changes: 19 additions & 0 deletions examples/email-auth/src/pages/_document.tsx
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
import Document, { Html, Head, Main, NextScript } from "next/document";

class Example extends Document {
render() {
return (
<Html>
<Head>
<link rel="icon" type="image/svg+xml" href="/favicon.svg" />
</Head>
<body>
<Main />
<NextScript />
</body>
</Html>
);
}
}

export default Example;
Loading
Loading