- update deps

- cleanup unused code
- better error msgs
- add 3pc handling for safari
- move to eventemitter3

package.json

@@ -22,7 +22,7 @@
   ],
   "peerDependencies": {
     "@babel/runtime": "^7.x",
-    "@sentry/types": "^7.x"
+    "@sentry/types": "^8.x"
   },
   "peerDependenciesMeta": {
     "@sentry/types": {
@@ -31,33 +31,31 @@
   },
   "dependencies": {
     "@chaitanyapotti/register-service-worker": "^1.7.4",
-    "@toruslabs/broadcast-channel": "^10.0.2",
-    "@toruslabs/constants": "^13.2.0",
-    "@toruslabs/eccrypto": "^4.0.0",
-    "@toruslabs/fetch-node-details": "^13.2.0",
-    "@toruslabs/http-helpers": "^6.1.0",
-    "@toruslabs/metadata-helpers": "^5.1.0",
-    "@toruslabs/openlogin-session-manager": "^3.1.1",
-    "@toruslabs/torus.js": "^12.2.0",
+    "@toruslabs/broadcast-channel": "^11.0.0",
+    "@toruslabs/constants": "^14.0.0",
+    "@toruslabs/eccrypto": "^5.0.4",
+    "@toruslabs/fetch-node-details": "^14.0.0",
+    "@toruslabs/http-helpers": "^7.0.0",
+    "@toruslabs/metadata-helpers": "^6.0.0",
+    "@toruslabs/session-manager": "^1.0.0",
+    "@toruslabs/torus.js": "^14.0.0",
     "base64url": "^3.0.1",
     "bowser": "^2.11.0",
-    "events": "^3.3.0",
-    "jwt-decode": "^4.0.0",
-    "lodash.merge": "^4.6.2",
+    "eventemitter3": "^5.0.1",
+    "deepmerge": "^4.3.1",
     "loglevel": "^1.9.1"
   },
   "devDependencies": {
-    "@sentry/types": "^7.107.0",
-    "@toruslabs/config": "^2.0.2",
-    "@toruslabs/eslint-config-typescript": "^3.2.0",
-    "@toruslabs/torus-scripts": "^5.3.0",
-    "@types/lodash.merge": "^4.6.9",
+    "@sentry/types": "^8.16.0",
+    "@toruslabs/config": "^2.1.0",
+    "@toruslabs/eslint-config-typescript": "^3.3.1",
+    "@toruslabs/torus-scripts": "^6.0.1",
     "eslint": "^8.57.0",
     "husky": "^9.0.11",
-    "lint-staged": "^15.2.2",
-    "prettier": "^3.2.5",
-    "rimraf": "^5.0.5",
-    "typescript": "^5.4.2"
+    "lint-staged": "^15.2.7",
+    "prettier": "^3.3.2",
+    "rimraf": "^6.0.0",
+    "typescript": "^5.5.3"
   },
   "author": "Torus Labs",
   "license": "MIT",

src/handlers/DiscordHandler.ts

@@ -1,5 +1,5 @@
 import { get } from "@toruslabs/http-helpers";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
 import AbstractLoginHandler from "./AbstractLoginHandler";
@@ -37,8 +37,9 @@ export default class DiscordHandler extends AbstractLoginHandler {
       },
       clonedParams
     );
-    Object.keys(finalJwtParams).forEach((key) => {
-      if (finalJwtParams[key]) finalUrl.searchParams.append(key, finalJwtParams[key]);
+    Object.keys(finalJwtParams).forEach((key: string) => {
+      const localKey = key as keyof typeof finalJwtParams;
+      if (finalJwtParams[localKey]) finalUrl.searchParams.append(localKey, finalJwtParams[localKey]);
     });
     this.finalURL = finalUrl;
   }

src/handlers/FacebookHandler.ts

@@ -1,5 +1,5 @@
 import { get } from "@toruslabs/http-helpers";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
 import AbstractLoginHandler from "./AbstractLoginHandler";
@@ -37,8 +37,9 @@ export default class FacebookHandler extends AbstractLoginHandler {
       },
       clonedParams
     );
-    Object.keys(finalJwtParams).forEach((key) => {
-      if (finalJwtParams[key]) finalUrl.searchParams.append(key, finalJwtParams[key]);
+    Object.keys(finalJwtParams).forEach((key: string) => {
+      const localKey = key as keyof typeof finalJwtParams;
+      if (finalJwtParams[localKey]) finalUrl.searchParams.append(localKey, finalJwtParams[localKey]);
     });
     this.finalURL = finalUrl;
   }

src/handlers/GoogleHandler.ts

@@ -1,5 +1,5 @@
 import { get } from "@toruslabs/http-helpers";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
 import AbstractLoginHandler from "./AbstractLoginHandler";
@@ -41,8 +41,9 @@ export default class GoogleHandler extends AbstractLoginHandler {
       },
       clonedParams
     );
-    Object.keys(finalJwtParams).forEach((key) => {
-      if (finalJwtParams[key]) finalUrl.searchParams.append(key, finalJwtParams[key]);
+    Object.keys(finalJwtParams).forEach((key: string) => {
+      const localKey = key as keyof typeof finalJwtParams;
+      if (finalJwtParams[localKey]) finalUrl.searchParams.append(localKey, finalJwtParams[localKey]);
     });
     this.finalURL = finalUrl;
   }

src/handlers/HandlerFactory.ts

@@ -21,7 +21,7 @@ const createHandler = ({
   customState,
 }: CreateHandlerParams): ILoginHandler => {
   if (!verifier || !typeOfLogin || !clientId) {
-    throw new Error("Invalid params");
+    throw new Error("Invalid params. Missing verifier, typeOfLogin or clientId");
   }
   const { domain, login_hint, id_token, access_token } = jwtParams || {};
   switch (typeOfLogin) {
@@ -36,7 +36,7 @@ const createHandler = ({
     case LOGIN.DISCORD:
       return new DiscordHandler(clientId, verifier, redirect_uri, typeOfLogin, uxMode, redirectToOpener, jwtParams, customState);
     case LOGIN.PASSWORDLESS:
-      if (!domain || !login_hint) throw new Error("Invalid params");
+      if (!domain || !login_hint) throw new Error("Invalid params. Missing domain or login_hint for passwordless login");
       return new PasswordlessHandler(clientId, verifier, redirect_uri, typeOfLogin, uxMode, redirectToOpener, jwtParams, customState);
     case LOGIN.APPLE:
     case LOGIN.GITHUB:
@@ -49,12 +49,12 @@ const createHandler = ({
       if (id_token || access_token) {
         return new MockLoginHandler(clientId, verifier, redirect_uri, typeOfLogin, uxMode, redirectToOpener, jwtParams, customState);
       }
-      if (!domain) throw new Error("Invalid params");
+      if (!domain) throw new Error("Invalid params for jwt login. Missing domain");
       return new JwtHandler(clientId, verifier, redirect_uri, typeOfLogin, uxMode, redirectToOpener, jwtParams, customState);
     case LOGIN.PASSKEYS:
       return new PasskeysHandler(clientId, verifier, redirect_uri, typeOfLogin, uxMode, redirectToOpener, jwtParams, customState);
     default:
-      throw new Error("Invalid login type");
+      throw new Error("Unsupported login type");
   }
 };
 

src/handlers/JwtHandler.ts

@@ -1,10 +1,9 @@
 import { get } from "@toruslabs/http-helpers";
-import { jwtDecode } from "jwt-decode";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 import log from "loglevel";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
-import { getVerifierId, loginToConnectionMap, padUrlString, validateAndConstructUrl } from "../utils/helpers";
+import { decodeToken, getVerifierId, loginToConnectionMap, padUrlString, validateAndConstructUrl } from "../utils/helpers";
 import AbstractLoginHandler from "./AbstractLoginHandler";
 import {
   AUTH0_JWT_LOGIN_TYPE,
@@ -55,8 +54,9 @@ export default class JwtHandler extends AbstractLoginHandler {
       },
       clonedParams
     );
-    Object.keys(finalJwtParams).forEach((key) => {
-      if (finalJwtParams[key]) finalUrl.searchParams.append(key, finalJwtParams[key]);
+    Object.keys(finalJwtParams).forEach((key: string) => {
+      const localKey = key as keyof typeof finalJwtParams;
+      if (finalJwtParams[localKey]) finalUrl.searchParams.append(localKey, finalJwtParams[localKey]);
     });
     this.finalURL = finalUrl;
   }
@@ -87,7 +87,7 @@ export default class JwtHandler extends AbstractLoginHandler {
       }
     }
     if (idToken) {
-      const decodedToken = jwtDecode<Auth0UserInfo>(idToken);
+      const decodedToken = decodeToken<Auth0UserInfo>(idToken).payload;
       const { name, email, picture } = decodedToken;
       return {
         profileImage: picture,

src/handlers/MockLoginHandler.ts

@@ -1,10 +1,9 @@
 import { get } from "@toruslabs/http-helpers";
-import { jwtDecode } from "jwt-decode";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 import log from "loglevel";
 
 import { LOGIN_TYPE, UX_MODE, UX_MODE_TYPE } from "../utils/enums";
-import { constructURL, getVerifierId, padUrlString } from "../utils/helpers";
+import { constructURL, decodeToken, getVerifierId, padUrlString } from "../utils/helpers";
 import PopupHandler from "../utils/PopupHandler";
 import AbstractLoginHandler from "./AbstractLoginHandler";
 import { Auth0ClientOptions, Auth0UserInfo, LoginWindowResponse, TorusGenericObject, TorusVerifierResponse } from "./interfaces";
@@ -65,7 +64,7 @@ export default class MockLoginHandler extends AbstractLoginHandler {
       }
     }
     if (idToken) {
-      const decodedToken = jwtDecode<Auth0UserInfo>(idToken);
+      const decodedToken = decodeToken<Auth0UserInfo>(idToken).payload;
       const { name, email, picture } = decodedToken;
       return {
         profileImage: picture,

src/handlers/PasskeysHandler.ts

@@ -1,5 +1,5 @@
 import base64url from "base64url";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
 import { fetchDataFromBroadcastServer } from "../utils/sessionHelper";
@@ -34,8 +34,9 @@ export default class PasskeysHandler extends AbstractLoginHandler {
       },
       clonedParams
     );
-    Object.keys(finalJwtParams).forEach((key) => {
-      if (finalJwtParams[key]) finalUrl.searchParams.append(key, finalJwtParams[key]);
+    Object.keys(finalJwtParams).forEach((key: string) => {
+      const localKey = key as keyof typeof finalJwtParams;
+      if (finalJwtParams[localKey]) finalUrl.searchParams.append(localKey, finalJwtParams[localKey]);
     });
     this.finalURL = finalUrl;
   }

src/handlers/PasswordlessHandler.ts

@@ -1,9 +1,8 @@
 import { get, post } from "@toruslabs/http-helpers";
-import { jwtDecode } from "jwt-decode";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
-import { broadcastChannelOptions, getVerifierId, padUrlString, validateAndConstructUrl } from "../utils/helpers";
+import { broadcastChannelOptions, decodeToken, getVerifierId, padUrlString, validateAndConstructUrl } from "../utils/helpers";
 import log from "../utils/loglevel";
 import AbstractLoginHandler from "./AbstractLoginHandler";
 import { Auth0ClientOptions, Auth0UserInfo, LoginWindowResponse, PopupResponse, TorusGenericObject, TorusVerifierResponse } from "./interfaces";
@@ -58,7 +57,7 @@ export default class JwtHandler extends AbstractLoginHandler {
       };
     } catch (error) {
       log.error(error);
-      const decodedToken = jwtDecode(idToken) as Auth0UserInfo;
+      const decodedToken = decodeToken<Auth0UserInfo>(idToken).payload;
       const { name, email, picture } = decodedToken;
       return {
         profileImage: picture,

src/handlers/RedditHandler.ts

@@ -1,5 +1,5 @@
 import { get } from "@toruslabs/http-helpers";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
 import AbstractLoginHandler from "./AbstractLoginHandler";
@@ -37,8 +37,9 @@ export default class RedditHandler extends AbstractLoginHandler {
       },
       clonedParams
     );
-    Object.keys(finalJwtParams).forEach((key) => {
-      if (finalJwtParams[key]) finalUrl.searchParams.append(key, finalJwtParams[key]);
+    Object.keys(finalJwtParams).forEach((key: string) => {
+      const localKey = key as keyof typeof finalJwtParams;
+      if (finalJwtParams[localKey]) finalUrl.searchParams.append(localKey, finalJwtParams[localKey]);
     });
     this.finalURL = finalUrl;
   }

src/handlers/TwitchHandler.ts

@@ -1,5 +1,5 @@
 import { get } from "@toruslabs/http-helpers";
-import deepmerge from "lodash.merge";
+import deepmerge from "deepmerge";
 
 import { LOGIN_TYPE, UX_MODE_TYPE } from "../utils/enums";
 import AbstractLoginHandler from "./AbstractLoginHandler";
@@ -34,12 +34,13 @@ export default class TwitchHandler extends AbstractLoginHandler {
         client_id: this.clientId,
         redirect_uri: this.redirect_uri,
         scope: this.SCOPE,
-        force_verify: true,
+        force_verify: "true",
       },
       clonedParams
     );
-    Object.keys(finalJwtParams).forEach((key) => {
-      if (finalJwtParams[key]) finalUrl.searchParams.append(key, finalJwtParams[key]);
+    Object.keys(finalJwtParams).forEach((key: string) => {
+      const localKey = key as keyof typeof finalJwtParams;
+      if (finalJwtParams[localKey]) finalUrl.searchParams.append(localKey, finalJwtParams[localKey]);
     });
     this.finalURL = finalUrl;
   }

src/login.ts

@@ -360,16 +360,6 @@ class CustomAuth {
     const nodeDetails = await this.nodeDetailManager.getNodeDetails({ verifier, verifierId });
     this.sentryHandler.finishTransaction(nodeTx);
 
-    if (this.torus.isLegacyNetwork) {
-      // Call getPublicAddress to do keyassign for legacy networks which are not migrated
-      const pubLookupTx = this.sentryHandler.startTransaction({
-        name: SENTRY_TXNS.PUB_ADDRESS_LOOKUP,
-      });
-      const address = await this.torus.getPublicAddress(nodeDetails.torusNodeEndpoints, nodeDetails.torusNodePub, { verifier, verifierId });
-      this.sentryHandler.finishTransaction(pubLookupTx);
-      log.debug("torus-direct/getTorusKey", { getPublicAddress: address });
-    }
-
     log.debug("torus-direct/getTorusKey", { torusNodeEndpoints: nodeDetails.torusNodeEndpoints });
 
     const sharesTx = this.sentryHandler.startTransaction({

src/utils/PopupHandler.ts

@@ -1,8 +1,12 @@
-import { EventEmitter } from "events";
+import { EventEmitter } from "eventemitter3";
 
 import { getPopupFeatures } from "./helpers";
 
-class PopupHandler extends EventEmitter {
+export interface PopupHandlerEvents {
+  close: void;
+}
+
+class PopupHandler extends EventEmitter<PopupHandlerEvents> {
   url: URL;
 
   target: string;

src/utils/helpers.ts

@@ -180,16 +180,16 @@ export function are3PCSupported(): boolean {
   const browserInfo = Bowser.parse(navigator.userAgent);
   log.info(JSON.stringify(browserInfo), "current browser info");
 
-  const thirdPartyCookieSupport = true;
+  let thirdPartyCookieSupport = true;
   // brave
-  // if ((navigator as unknown as { brave: boolean })?.brave) {
-  //   thirdPartyCookieSupport = false;
-  // }
-  // // All webkit & gecko engine instances use itp (intelligent tracking prevention -
-  // // https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp)
-  // if (browserInfo.engine.name === Bowser.ENGINE_MAP.WebKit || browserInfo.engine.name === Bowser.ENGINE_MAP.Gecko) {
-  //   thirdPartyCookieSupport = false;
-  // }
+  if ((navigator as unknown as { brave: boolean })?.brave) {
+    thirdPartyCookieSupport = false;
+  }
+  // All webkit & gecko engine instances use itp (intelligent tracking prevention -
+  // https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp)
+  if (browserInfo.engine.name === Bowser.ENGINE_MAP.WebKit || browserInfo.engine.name === Bowser.ENGINE_MAP.Gecko) {
+    thirdPartyCookieSupport = false;
+  }
 
   return thirdPartyCookieSupport;
 }
@@ -215,3 +215,11 @@ export function getTimeout(typeOfLogin: LOGIN_TYPE) {
   }
   return 1000 * 10; // 10 seconds
 }
+
+export function decodeToken<T>(token: string): { header: { alg: string; typ: string; kid?: string }; payload: T } {
+  const [header, payload] = token.split(".");
+  return {
+    header: JSON.parse(base64url.decode(header)),
+    payload: JSON.parse(base64url.decode(payload)) as T,
+  };
+}

src/utils/sessionHelper.ts

@@ -1,4 +1,4 @@
-import { OpenloginSessionManager } from "@toruslabs/openlogin-session-manager";
+import { OpenloginSessionManager } from "@toruslabs/session-manager";
 import log from "loglevel";
 
 export async function fetchDataFromBroadcastServer<T>(identifier: string, storageServerUrl?: string) {