torusresearch / customauth Goto Github PK

View Code? Open in Web Editor NEW

74.0 74.0 27.0 14.64 MB

Tools that allow applications to interact with the Torus Network. For integration, look at docs.web3auth.io

JavaScript 15.51% HTML 14.69% TypeScript 69.81%

customauth's People

Contributors

Stargazers

Watchers

customauth's Issues

Normalize email before comparing

Hey guys
Found this error message while login with CustomAuth

paramsemail not equal to body.email

And as you can see thats because case-sensitive problem.
Any idea to fix this. thank you

Internal error "code":-32602

I try to clone and run angular-app in examples folder, replace with my Google clientID but it return error

Error: Unable to resolve enough promises, errors: [null,null,null,null,null], responses: [{"jsonrpc":"2.0","error":{"code":-32602,"message":"Internal error","data":"Error occurred while verifying paramsazip is not clientID 75612027790-g73324pote4ojfmra3gfecsnr5i9bk61.apps.googleusercontent.com 366106252773-1kiihfdl71bu24ahb0hogtapdnfm2984.apps.googleusercontent.com"},"id":10},{"jsonrpc":"2.0","error":{"code":-32602,"message":"Internal error","data":"Error occurred while verifying paramsazip is not clientID 75612027790-g73324pote4ojfmra3gfecsnr5i9bk61.apps.googleusercontent.com 366106252773-1kiihfdl71bu24ahb0hogtapdnfm2984.apps.googleusercontent.com"},"id":10},{"jsonrpc":"2.0","error":{"code":-32602,"message":"Internal error","data":"Error occurred while verifying paramsazip is not clientID 75612027790-g73324pote4ojfmra3gfecsnr5i9bk61.apps.googleusercontent.com 366106252773-1kiihfdl71bu24ahb0hogtapdnfm2984.apps.googleusercontent.com"},"id":10},{"jsonrpc":"2.0","error":{"code":-32602,"message":"Internal error","data":"Error occurred while verifying paramsazip is not clientID 75612027790-g73324pote4ojfmra3gfecsnr5i9bk61.apps.googleusercontent.com 366106252773-1kiihfdl71bu24ahb0hogtapdnfm2984.apps.googleusercontent.com"},"id":10},{"jsonrpc":"2.0","error":{"code":-32602,"message":"Internal error","data":"Error occurred while verifying paramsazip is not clientID 75612027790-g73324pote4ojfmra3gfecsnr5i9bk61.apps.googleusercontent.com 366106252773-1kiihfdl71bu24ahb0hogtapdnfm2984.apps.googleusercontent.com"},"id":10}], predicate: invalid

registering service worker via torus.registerServiceWorker doesnt work

env: http://localhost:3000
calling torus.registerServiceWorker(...) doesnt work
i've put some break points and it reach the "register" step but non of the callbacks are being called.
i've verified the swUrl is correct.
i've tried registering the service worker myself with navigator.serviceworker.register(swUrl)
and it works!
so maybe the npm package you use for service worker is broken? broken for localhost?

Error while installing the package

Issue requesting key from mainnet verifier

My production verifier thx-email-password seems to fail POST requests to https://torus.zilinga.network. This currently breaks our authentication flow since no private key can be fetched for the authenticated user..

POST https://torus.zilliqa.network/jrpc ERR_NAME_NOT_RESOLVED
POST https://torus.zilliqa.network/jrpc ERR_NAME_NOT_RESOLVED
POST https://torus.zilliqa.network/jrpc ERR_NAME_NOT_RESOLVED

The weird thing is that the same code on my staging environment with the staging verifier thx-email-password-staging-verifier gives no issues at all. Any clue what could be up here?

Is it possible to tell DirectAuthSDK client to use an alternative node? The directWebSDK bundle shows me this list:

[
  'https://torus-19.torusnode.com/jrpc',
  'https://torus-node.ens.domains/jrpc',
  'https://torus-node.matic.network/jrpc',
  'https://torus.zilliqa.network/jrpc',
  'https://torus-mainnet.cosmos.network/jrpc',
  'https://torus2.etherscan.com/jrpc',
  'https://torus-node-v2.skalelabs.com/jrpc',
  'https://torus-node.binancex.dev/jrpc',
  'https://torusnode.ont.io/jrpc',
];

As you can see a GET request to https://torus.zilliqa.network/jrpc fails to resolve, while the other nodes are responding as expected.

Discord authentication issue

Can't login using the same token within 30 minutes

'triggerLogin' function remains locked after auth window closure

Description

We are currently utilizing the CustomAuth to manage user sign-up and sign-in processes, as well as enabling them to sign transactions using the private key associated with their generated addresses. The module has generally functioned well, but we've recently encountered a specific issue with the Google authentication flow.

The problem arises with the 'triggerLogin' function. We've observed that if a user closes the auth window, the 'triggerLogin' function unexpectedly remains in a locked state. I've taken the initiative to investigate this issue further and have prepared a patch
that seems to resolve the problem. It will be great if a maintainer could review this proposed fix and consider integrating it into an upcoming release. Please feel free to provide any feedback or suggest modifications if required.

Steps to reproduce:

create a new google verifier https://dashboard.web3auth.io/home/team/[YOUR-COMPANY]/customauth ;
init the CustomAuth like:

const torus = new CustomAuth({
    baseUrl: `${window.location.origin}/serviceworker`,
    enableLogging: false,
    network: 'mainnet',
    web3AuthClientId: 'test',
  });
await torus.init({ skipSw: false });
try {
  await torus.triggerLogin({
      typeOfLogin: 'google',
      verifier: '<YOUR VERIFIER IDENTIFIER>',
      clientId: '<YOUR CLIENT ID>',
    });
} finally {
  console.log('triggerLogin has been resolved');
}

google auth window will be opened;
close the window;

Expected Behaviour

torus.triggerLogin function is "released" and 'triggerLogin has been resolved' message appears in the console;

Actual Behaviour

torus.triggerLogin function is "locked" and no 'triggerLogin has been resolved' message appears.

To reduce logo size for email password

The current logo for email password login is too large. Please reduce it to 128px (reference to the second pic attached)

ENGINE_MAP import issue

ENGINE_MAP is not imported corectly in CustomAuth/tree/master/src/utils/helpers.ts file.

✘ [ERROR] No matching export in "node_modules/bowser/src/bowser.js" for import "ENGINE_MAP" node_modules/@toruslabs/customauth/dist/customauth.esm.js:16:17: 16 │ import Bowser, { ENGINE_MAP } from 'bowser';

Sorry, the Torus Network that powers Web3Auth is currently very busy.

I am using Torus custom auth to implement login in my app. I use the triggerLogin() function to redirect my page to the auth0 login page where the user enters his email and logs in using his OTP. After entering the OTP, I am redirected back to my app where I fetch the result of the redirect using getRedirectResult() function. The problem is that once every 4 or 5 times, It gives me the error message that says
'Sorry, the Torus Network that powers Web3Auth is currently very busy. We will generate your key in time. Pls try again later.'

I am guessing that this error has got to do something with the torus servers having too much traffic. Maybe this is an issue with Torus Custom Auth only and has been patched in Web3Auth. If anyone can help me solve this issue, that would be great.

Steps to Reproduce

This error occurs completely randomly without any apparent reason, so it is difficult to reproduce. Still the steps are as follows:

Initialize TorusSDK
Call the triggerLogin function.
Complete the login process.
After redirect catch the error on getRedirectResult function.

Expected behavior

Expected and normal behavior is that it should redirect back to my app and should provide the walletData. In case of any error or exception it should return with the error. it is throwing Error but the reason that happens is not clear to me.

Screenshots

Device Info (please complete the following information):

Device: Lenovo Thinkpad T470
OS: Kubuntu
Browser Brave
Version Version 1.35.103 Chromium: 98.0.4758.102 (Official Build) (64-bit)
Web3Auth Version 2.1.3
Torus Custom Auth Version 9.1.0

Torus w/ Express

Thanks very much for your awesome work! 🤝

I've published this repo to use Tor.us as a drop-in express middleware. I've reused the API keys that were specified in your Vue example; I hope that's okay! 🚀

link to documentation is not valid url

https://github.com/torusresearch/torus-direct-web-sdk/blame/master/README.md#L54

https://docs.tor.us/direct-auth/quick-start is not exist. I would appreciated if you could correct the link

Update to use solana

Can we make this code also get Solana private/public keys?

how to get client ID for trigger?

i'm using this lib for my project?
but i can't get discord client id or twitch client id
you can help or explain for me ???

Receiving a "window not found" error on v4.11.1

I am receiving the following error when using the latest v4.11.1 release on github

ReferenceError: window is not defined
    at Object.<anonymous> (/Users/wai/mojojojo/immortals/node_modules/@toruslabs/torus-direct-web-sdk/dist/directWebSdk.cjs.js:2209:17)
    at __webpack_require__ (/Users/wai/mojojojo/immortals/node_modules/@toruslabs/torus-direct-web-sdk/dist/directWebSdk.cjs.js:21:30)
    at Module.<anonymous> (/Users/wai/mojojojo/immortals/node_modules/@toruslabs/torus-direct-web-sdk/dist/directWebSdk.cjs.js:3784:68)
    at __webpack_require__ (/Users/wai/mojojojo/immortals/node_modules/@toruslabs/torus-direct-web-sdk/dist/directWebSdk.cjs.js:21:30)
    at /Users/wai/mojojojo/immortals/node_modules/@toruslabs/torus-direct-web-sdk/dist/directWebSdk.cjs.js:85:18
    at Object.<anonymous> (/Users/wai/mojojojo/immortals/node_modules/@toruslabs/torus-direct-web-sdk/dist/directWebSdk.cjs.js:88:10)

This is the source code copied over from your React example with some key values swapped out.

import React from "react";
import TorusSdk from "@toruslabs/torus-direct-web-sdk";

const GOOGLE = "google";
const FACEBOOK = "facebook";
const REDDIT = "reddit";
const DISCORD = "discord";
const TWITCH = "twitch";
const GITHUB = "github";
const APPLE = "apple";
const LINKEDIN = "linkedin";
const TWITTER = "twitter";
const WEIBO = "weibo";
const LINE = "line";
const EMAIL_PASSWORD = "email_password";
const PASSWORDLESS = "passwordless";
const HOSTED_EMAIL_PASSWORDLESS = "hosted_email_passwordless";
const HOSTED_SMS_PASSWORDLESS = "hosted_sms_passwordless";
const WEBAUTHN = "webauthn";

const AUTH_DOMAIN = "https://torus-test.auth0.com";

const verifierMap = {
  [GOOGLE]: {
    name: "Google",
    typeOfLogin: "google",
    verifier: "my-won-verifier",
  },
  [FACEBOOK]: {
    name: "Facebook",
    typeOfLogin: "facebook",
    clientId: "617201755556395",
    verifier: "facebook-lrc",
  },
  [REDDIT]: {
    name: "Reddit",
    typeOfLogin: "reddit",
    clientId: "YNsv1YtA_o66fA",
    verifier: "torus-reddit-test",
  },
  [TWITCH]: {
    name: "Twitch",
    typeOfLogin: "twitch",
    clientId: "f5and8beke76mzutmics0zu4gw10dj",
    verifier: "twitch-lrc",
  },
  [DISCORD]: {
    name: "Discord",
    typeOfLogin: "discord",
    clientId: "682533837464666198",
    verifier: "discord-lrc",
  },
  [EMAIL_PASSWORD]: {
    name: "Email Password",
    typeOfLogin: "email_password",
    clientId: "sqKRBVSdwa4WLkaq419U7Bamlh5vK1H7",
    verifier: "torus-auth0-email-password",
  },
  [PASSWORDLESS]: {
    name: "Passwordless",
    typeOfLogin: "passwordless",
    clientId: "P7PJuBCXIHP41lcyty0NEb7Lgf7Zme8Q",
    verifier: "torus-auth0-passwordless",
  },
  [APPLE]: {
    name: "Apple",
    typeOfLogin: "apple",
    clientId: "m1Q0gvDfOyZsJCZ3cucSQEe9XMvl9d9L",
    verifier: "torus-auth0-apple-lrc",
  },
  [GITHUB]: {
    name: "Github",
    typeOfLogin: "github",
    clientId: "PC2a4tfNRvXbT48t89J5am0oFM21Nxff",
    verifier: "torus-auth0-github-lrc",
  },
  [LINKEDIN]: {
    name: "Linkedin",
    typeOfLogin: "linkedin",
    clientId: "59YxSgx79Vl3Wi7tQUBqQTRTxWroTuoc",
    verifier: "torus-auth0-linkedin-lrc",
  },
  [TWITTER]: {
    name: "Twitter",
    typeOfLogin: "twitter",
    clientId: "A7H8kkcmyFRlusJQ9dZiqBLraG2yWIsO",
    verifier: "torus-auth0-twitter-lrc",
  },
  [WEIBO]: {
    name: "Weibo",
    typeOfLogin: "weibo",
    clientId: "dhFGlWQMoACOI5oS5A1jFglp772OAWr1",
    verifier: "torus-auth0-weibo-lrc",
  },
  [LINE]: {
    name: "Line",
    typeOfLogin: "line",
    clientId: "WN8bOmXKNRH1Gs8k475glfBP5gDZr9H1",
    verifier: "torus-auth0-line-lrc",
  },
  [HOSTED_EMAIL_PASSWORDLESS]: {
    name: "Hosted Email Passwordless",
    typeOfLogin: "jwt",
    clientId: "P7PJuBCXIHP41lcyty0NEb7Lgf7Zme8Q",
    verifier: "torus-auth0-passwordless",
  },
  [HOSTED_SMS_PASSWORDLESS]: {
    name: "Hosted SMS Passwordless",
    typeOfLogin: "jwt",
    clientId: "nSYBFalV2b1MSg5b2raWqHl63tfH3KQa",
    verifier: "torus-auth0-sms-passwordless",
  },
  [WEBAUTHN]: {
    name: "WebAuthn",
    typeOfLogin: "webauthn",
    clientId: "webauthn",
    verifier: "webauthn-lrc",
  },
};

class App extends React.Component {
  constructor(props) {
    super(props);
    this.state = {
      selectedVerifier: GOOGLE,
      torusdirectsdk: null,
      loginHint: "",
      consoleText: "",
    };
  }

  componentDidMount = async () => {
    try {
      const torusdirectsdk = new TorusSdk({
        baseUrl: `${window.location.origin}/serviceworker`,
        enableLogging: true,
        network: "testnet", // details for test net
        GOOGLE_CLIENT_ID:
          "my-own-client-id",
      });

      await torusdirectsdk.init({ skipSw: false });

      this.setState({ torusdirectsdk: torusdirectsdk });
    } catch (error) {
      console.error(error, "mounted caught");
    }
  };

  login = async (e) => {
    e.preventDefault();
    const { selectedVerifier, torusdirectsdk } = this.state;

    try {
      const jwtParams = this._loginToConnectionMap()[selectedVerifier] || {};
      const { typeOfLogin, clientId, verifier } = verifierMap[selectedVerifier];
      // const loginDetails = await torusdirectsdk.triggerLogin({
      //   typeOfLogin,
      //   verifier,
      //   clientId,
      //   jwtParams,
      // })
      const loginDetails = await torusdirectsdk.triggerLogin(
        typeOfLogin,
        verifier
      );
      this.setState({
        consoleText:
          typeof loginDetails === "object"
            ? JSON.stringify(loginDetails)
            : loginDetails,
      });
    } catch (error) {
      console.error(error, "login caught");
    }
  };

  _loginToConnectionMap = () => {
    const { loginHint } = this.state;
    return {
      [EMAIL_PASSWORD]: { domain: AUTH_DOMAIN },
      [PASSWORDLESS]: { domain: AUTH_DOMAIN, login_hint: loginHint },
      [HOSTED_EMAIL_PASSWORDLESS]: {
        domain: AUTH_DOMAIN,
        verifierIdField: "name",
        connection: "",
        isVerifierIdCaseSensitive: false,
      },
      [HOSTED_SMS_PASSWORDLESS]: {
        domain: AUTH_DOMAIN,
        verifierIdField: "name",
        connection: "",
      },
      [APPLE]: { domain: AUTH_DOMAIN },
      [GITHUB]: { domain: AUTH_DOMAIN },
      [LINKEDIN]: { domain: AUTH_DOMAIN },
      [TWITTER]: { domain: AUTH_DOMAIN },
      [WEIBO]: { domain: AUTH_DOMAIN },
      [LINE]: { domain: AUTH_DOMAIN },
    };
  };

  render() {
    const { selectedVerifier, loginHint, consoleText } = this.state;
    let emailField = "";

    if (selectedVerifier === PASSWORDLESS) {
      emailField = (
        <div style={{ marginTop: "20px" }}>
          <input
            type="email"
            value={loginHint}
            onChange={(e) => this.setState({ loginHint: e.target.value })}
            placeholder="Enter your email"
          />
        </div>
      );
    }

    return (
      <div className="App">
        <form onSubmit={this.login}>
          <div>
            <span style={{ marginRight: "10px" }}>Verifier:</span>
            <select
              value={selectedVerifier}
              onChange={(e) =>
                this.setState({ selectedVerifier: e.target.value })
              }
            >
              {Object.keys(verifierMap).map((login) => (
                <option value={login} key={login.toString()}>
                  {verifierMap[login].name}
                </option>
              ))}
            </select>
          </div>
          {emailField}
          <div style={{ marginTop: "20px" }}>
            <button>Login with Torus</button>
          </div>
        </form>
        <div id="app">
          <p>
            Please note that the verifiers listed in the example have
            http://localhost:3000/serviceworker/redirect configured as the
            redirect uri.
          </p>
          <p>If you use any other domains, they won't work.</p>
          <p>
            The verifiers listed here only work with the client id's specified
            in example. Please don't edit them
          </p>
          <p>
            The verifiers listed here are for example reference only. Please
            don't use them for anything other than testing purposes.
          </p>
          <div>
            Reach out to us at <a href="mailto:[email protected]">[email protected]</a> or{" "}
            <a href="https://t.me/torusdev">telegram group</a> to get your
            verifier deployed for your client id.
          </div>
          <div id="console">
            <p></p>
          </div>
        </div>
        <div className="console">
          <p>{consoleText}</p>
        </div>
      </div>
    );
  }
}

export default App;

Unable to use own credentials for passwordless login with Auth0 in example

I have been been unable to get email passwordless login working with Auth0 both in the vue example included in this repo and in my own code.

Steps to reproduce the passwordless login issue with Auth0:

Create an account with Auth0.
Create a new application.
Enable passwordless email. Use the default settings.
Go to the settings of your application and make sure the following settings are correct:
Enable passwordless login, disable other options:
Add the client ID and login domain to the login config of torus(for example in the vue example):
Attempt a passwordless login, and you will be met with the following page and console error:

I am aware that this is more likely to be an issue on Auth0's side, however I would appreciate if you looked at my steps to reproduce and could tell me how your configuration is different. I'm sure I won't be the only one to bump into this issue, and followed the instructions from Auth0 to the letter.

Thank you for you help

firefox doesnt fails to initialize redirect mode

on our staging env this happens with clear browser but resolves after reloading the page
but on production it persists (maybe because of cloudflare caching?)

Object { from: "AuthTorus" }
 failed initializing torus Please serve redirect.html present in serviceworker folder of this package on https://wallet.gooddollar.org/Welcome/Auth Error: Please serve redirect.html present in serviceworker folder of this package on https://wallet.gooddollar.org/Welcome/Auth
    onerror directWebSdk.cjs.js:3039
    e directWebSdk.cjs.js:3038
    e directWebSdk.cjs.js:3021
    u runtime.js:45

Documentation - LRC Environment

Hi Team,

Noticed you have an LRC environment https://lrc.tor.us.

What is that environment and who can use it?

It's not documented as far as I could tell, though the implementation documentation is using it:

const verifierMap = {
  [GOOGLE]: {
    //...
    verifier: "google-lrc",
  },

It seems to be on Ropsten, what does LRC mean?

userInfo access and id tokens

When i use the CustomAuth to triggerLogin for a Twitter flow, I get back the userInfo object. However I can't figure out a way to use the accessToken and idToken to then interact with twitter on behalf of the user. Is there a way to get the bearer token from the output of triggerLogin?

Example integration with Terra missing

I'm working on a project trying to use Web3Auth CustomAuth to create a Terra Wallet using terra.js, but I can find no examples on how to do this.

How is one to go about doing this?

Integration in NextJS

Hi @chaitanyapotti,

I have built an example for NextJS - works perfectly:

https://github.com/cittizen/nextjs-torus-direct-web-sdk

Do you want to integrate it in your /examples?

triggerlogin always fail if catching exceptions

I have a strange behaviour
when i do
const user = await triggerLogin('google')
it works just fine
but if i do
const user = await triggerLogin('google').catch(e => ...)
an exception is thrown (user closed popup) and user is undefined
this issue prevents the ability to handle the real case exception when user actually doesn't finish login and closes the popup

Could't connect to Ropsten node

If you specify testnet for network in the argument of constructor, the connection to node will fail. Is there a workaround for this issue?
I think it has something to do with Infura deprecating support for Ropsten.

const torus = new CustomAuth({
  baseUrl: "http://localhost:3000/serviceworker/",
  network: "testnet",
});

Error: CONNECTION ERROR: Couldn't connect to node https://ropsten.infura.io/v3/b8cdb0e4cff24599a286bf8e87ff1c96.
    at Object.ConnectionError (errors.js?490f:66:1)
    at Object.InvalidConnection (errors.js?490f:36:1)
    at HttpProvider.failed (index.js?64e4:136:1)

const [torusDirectSDK, setTorusDirectSDK] = useState<TorusSdk|null>(null);

  useEffect(() => {    
    async function initTorus() {
        try {
            const torusdirectsdk = new TorusSdk({
              baseUrl: `${window.location.origin}/serviceworker`,
              enableLogging: true,
              network: "testnet", // Testnet
            });
    
          await torusdirectsdk.init({ skipSw: false });

          setTorusDirectSDK(torusDirectSDK);
        } catch (error) {
          console.error(error, "mounted caught");
        }
    };

    initTorus();
  }, []);

window is not defined is being thrown, just like it was in this issue .

  "dependencies": {
    "@toruslabs/torus-direct-web-sdk": "^4.13.1",
    "next": "10.2.0",
    "react": "17.0.2",
    "react-dom": "17.0.2"
  },

High Severity Vulnerabilities