Unified Identity - Account Linking (#55)

Author: 0xFirekeeper

Thirdweb.Console/Program.cs

@@ -24,6 +24,39 @@ internal VerifyResult(bool isNewUser, string authToken, string walletUserId, str
             internal string PhoneNumber { get; }
         }
 
+        [DataContract]
+        internal class AccountConnectResponse
+        {
+            [DataMember(Name = "linkedAccounts", IsRequired = true)]
+            public List<LinkedAccount> LinkedAccounts { get; set; }
+        }
+
+        [DataContract]
+        public class LinkedAccount
+        {
+            [DataMember(Name = "type", IsRequired = true)]
+            public string Type { get; set; }
+
+            [DataMember(Name = "details", IsRequired = true)]
+            public LinkedAccountDetails Details { get; set; }
+
+            [DataContract]
+            public class LinkedAccountDetails
+            {
+                [DataMember(Name = "email", EmitDefaultValue = false)]
+                public string Email { get; set; }
+
+                [DataMember(Name = "address", EmitDefaultValue = false)]
+                public string Address { get; set; }
+
+                [DataMember(Name = "phone", EmitDefaultValue = false)]
+                public string Phone { get; set; }
+
+                [DataMember(Name = "id", EmitDefaultValue = false)]
+                public string Id { get; set; }
+            }
+        }
+
         [DataContract]
         private class SendEmailOtpReturnType
         {

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/Server.Types.cs

@@ -5,7 +5,9 @@ namespace Thirdweb.EWS
 {
     internal abstract class ServerBase
     {
-        internal abstract Task<string> VerifyThirdwebClientIdAsync(string domain);
+        internal abstract Task<List<Server.LinkedAccount>> LinkAccountAsync(string currentAccountToken, string authTokenToConnect);
+        internal abstract Task<List<Server.LinkedAccount>> GetLinkedAccountsAsync(string currentAccountToken);
+
         internal abstract Task<Server.UserWallet> FetchUserDetailsAsync(string emailAddress, string authToken);
         internal abstract Task StoreAddressAndSharesAsync(string walletAddress, string authShare, string encryptedRecoveryShare, string authToken);
 
@@ -50,16 +52,29 @@ internal Server(ThirdwebClient client, IThirdwebHttpClient httpClient)
             thirdwebHttpClientType = httpClient.GetType();
         }
 
-        // embedded-wallet/verify-thirdweb-client-id
-        internal override async Task<string> VerifyThirdwebClientIdAsync(string parentDomain)
+        // account/connect
+        internal override async Task<List<LinkedAccount>> LinkAccountAsync(string currentAccountToken, string authTokenToConnect)
         {
-            Dictionary<string, string> queryParams = new() { { "clientId", clientId }, { "parentDomain", parentDomain } };
-            var uri = MakeUri2023("/embedded-wallet/verify-thirdweb-client-id", queryParams);
-            var content = MakeHttpContent(new { clientId, parentDomain });
+            var uri = MakeUri2024("/account/connect");
+            var content = MakeHttpContent(new { accountAuthTokenToConnect = authTokenToConnect });
+            httpClient.AddHeader("Authorization", $"Bearer iaw-auth-token:{currentAccountToken}");
             var response = await httpClient.PostAsync(uri.ToString(), content).ConfigureAwait(false);
+            httpClient.RemoveHeader("Authorization");
             await CheckStatusCodeAsync(response).ConfigureAwait(false);
-            var error = await DeserializeAsync<HttpErrorWithMessage>(response).ConfigureAwait(false);
-            return error.Error;
+
+            var res = await DeserializeAsync<AccountConnectResponse>(response).ConfigureAwait(false);
+            return res == null || res.LinkedAccounts == null || res.LinkedAccounts.Count == 0 ? throw new InvalidOperationException("No linked accounts returned") : res.LinkedAccounts;
+        }
+
+        // accounts GET
+        internal override async Task<List<LinkedAccount>> GetLinkedAccountsAsync(string currentAccountToken)
+        {
+            var uri = MakeUri2024("/accounts");
+            var response = await SendHttpWithAuthAsync(uri, currentAccountToken).ConfigureAwait(false);
+            await CheckStatusCodeAsync(response).ConfigureAwait(false);
+
+            var res = await DeserializeAsync<AccountConnectResponse>(response).ConfigureAwait(false);
+            return res == null || res.LinkedAccounts == null || res.LinkedAccounts.Count == 0 ? new List<LinkedAccount>() : res.LinkedAccounts;
         }
 
         // embedded-wallet/embedded-wallet-user-details

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/Server.cs

@@ -20,7 +20,7 @@ internal LocalStorage(string clientId, string storageDirectoryPath = null)
         {
             string directory;
             directory = storageDirectoryPath ?? Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData);
-            directory = Path.Combine(directory, "EWS");
+            directory = Path.Combine(directory, "Thirdweb", "InAppWallet");
             _ = Directory.CreateDirectory(directory);
             filePath = Path.Combine(directory, $"{clientId}.txt");
             try

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Storage/LocalStorage.cs

@@ -0,0 +1,15 @@
+namespace Thirdweb.EWS
+{
+    internal partial class EmbeddedWallet
+    {
+        public async Task<List<Server.LinkedAccount>> LinkAccountAsync(string currentAccountToken, string authTokenToConnect)
+        {
+            return await server.LinkAccountAsync(currentAccountToken, authTokenToConnect).ConfigureAwait(false);
+        }
+
+        public async Task<List<Server.LinkedAccount>> GetLinkedAccountsAsync(string currentAccountToken)
+        {
+            return await server.GetLinkedAccountsAsync(currentAccountToken).ConfigureAwait(false);
+        }
+    }
+}

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet/EmbeddedWallet.AccountLinking.cs

@@ -2,10 +2,9 @@ namespace Thirdweb.EWS
 {
     internal partial class EmbeddedWallet
     {
-        public async Task<VerifyResult> SignInWithAuthEndpointAsync(string payload, string encryptionKey)
+        public async Task<Server.VerifyResult> SignInWithAuthEndpointAsync(string payload)
         {
-            var result = await server.VerifyAuthEndpointAsync(payload).ConfigureAwait(false);
-            return await PostAuthSetup(result, encryptionKey, "AuthEndpoint").ConfigureAwait(false);
+            return await server.VerifyAuthEndpointAsync(payload).ConfigureAwait(false);
         }
     }
 }

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet/EmbeddedWallet.AuthEndpoint.cs

@@ -11,18 +11,10 @@ internal partial class EmbeddedWallet
             return (userWallet.IsNewUser, isNewDevice);
         }
 
-        public async Task<VerifyResult> VerifyEmailOtpAsync(string emailAddress, string otp)
+        public async Task<Server.VerifyResult> VerifyEmailOtpAsync(string emailAddress, string otp)
         {
             emailAddress = emailAddress.ToLower();
-            try
-            {
-                var result = await server.VerifyEmailOtpAsync(emailAddress, otp).ConfigureAwait(false);
-                return await PostAuthSetup(result, null, "Email").ConfigureAwait(false);
-            }
-            catch (VerificationException ex)
-            {
-                return new VerifyResult(ex.CanRetry);
-            }
+            return await server.VerifyEmailOtpAsync(emailAddress, otp).ConfigureAwait(false);
         }
     }
 }

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet/EmbeddedWallet.EmailOTP.cs

@@ -2,10 +2,9 @@ namespace Thirdweb.EWS
 {
     internal partial class EmbeddedWallet
     {
-        public async Task<VerifyResult> SignInWithJwtAsync(string jwt, string encryptionKey)
+        public async Task<Server.VerifyResult> SignInWithJwtAsync(string jwt)
         {
-            var result = await server.VerifyJwtAsync(jwt).ConfigureAwait(false);
-            return await PostAuthSetup(result, encryptionKey, "JWT").ConfigureAwait(false);
+            return await server.VerifyJwtAsync(jwt).ConfigureAwait(false);
         }
     }
 }

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet/EmbeddedWallet.JWT.cs

@@ -4,16 +4,12 @@ namespace Thirdweb.EWS
 {
     internal partial class EmbeddedWallet
     {
-        public async Task VerifyThirdwebClientIdAsync(string domain)
+        internal string GetCurrentAuthToken()
         {
-            var error = await server.VerifyThirdwebClientIdAsync(domain).ConfigureAwait(false);
-            if (error != "")
-            {
-                throw new InvalidOperationException($"Invalid thirdweb client id for domain {domain} | {error}");
-            }
+            return localStorage.Data?.AuthToken;
         }
 
-        private async Task<VerifyResult> PostAuthSetup(Server.VerifyResult result, string twManagedRecoveryCodeOverride, string authProvider)
+        internal async Task<VerifyResult> PostAuthSetup(Server.VerifyResult result, string twManagedRecoveryCodeOverride, string authProvider)
         {
             var walletUserId = result.WalletUserId;
             var authToken = result.AuthToken;
@@ -52,15 +48,12 @@ public async Task<User> GetUserAsync(string email, string phone, string authProv
             switch (userWallet.Status)
             {
                 case "Logged Out":
-                    await SignOutAsync().ConfigureAwait(false);
                     throw new InvalidOperationException("User is logged out");
                 case "Logged In, Wallet Uninitialized":
-                    await SignOutAsync().ConfigureAwait(false);
                     throw new InvalidOperationException("User is logged in but wallet is uninitialized");
                 case "Logged In, Wallet Initialized":
                     if (string.IsNullOrEmpty(localStorage.Data?.DeviceShare))
                     {
-                        await SignOutAsync().ConfigureAwait(false);
                         throw new InvalidOperationException("User is logged in but wallet is uninitialized");
                     }
 
@@ -70,12 +63,10 @@ public async Task<User> GetUserAsync(string email, string phone, string authProv
 
                     if ((email != null && email != emailAddress) || (phone != null && phone != phoneNumber))
                     {
-                        await SignOutAsync().ConfigureAwait(false);
                         throw new InvalidOperationException("User email or phone number do not match");
                     }
                     else if (email == null && localStorage.Data.AuthProvider != authProvider)
                     {
-                        await SignOutAsync().ConfigureAwait(false);
                         throw new InvalidOperationException($"User auth provider does not match. Expected {localStorage.Data.AuthProvider}, got {authProvider}");
                     }
                     else if (authShare == null)

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet/EmbeddedWallet.Misc.cs

@@ -4,10 +4,9 @@ namespace Thirdweb.EWS
 {
     internal partial class EmbeddedWallet
     {
-        public async Task<VerifyResult> SignInWithOauthAsync(string authProvider, string authResult)
+        public async Task<Server.VerifyResult> SignInWithOauthAsync(string authProvider, string authResult)
         {
-            var result = await server.VerifyOAuthAsync(authResult).ConfigureAwait(false);
-            return await PostAuthSetup(result, null, authProvider).ConfigureAwait(false);
+            return await server.VerifyOAuthAsync(authResult).ConfigureAwait(false);
         }
 
         public async Task<string> FetchHeadlessOauthLoginLinkAsync(string authProvider, string platform)