feat(PKPPermissionsManager): implement addPermittedAuthMethod and removePermittedAuthMethodScope methods with corresponding handlers and tests

Author: Ansonhkg

e2e/src/helper/tests/pkp-permissions-manager-flow.ts

@@ -109,5 +109,92 @@ export const createPkpPermissionsManagerFlowTest = (
 
     assert.toBe(finalAddressPermitted, initialAddressPermitted);
     assert.toBe(finalActionPermitted, initialActionPermitted);
+
+    // Test 8: Verify new addPermittedAuthMethod method exists and is callable
+    assert.toBeDefined(pkpPermissionsManager.addPermittedAuthMethod);
+    assert.toBe(typeof pkpPermissionsManager.addPermittedAuthMethod, 'function');
+
+    // Test 9: Verify new removePermittedAuthMethodScope method exists and is callable
+    assert.toBeDefined(pkpPermissionsManager.removePermittedAuthMethodScope);
+    assert.toBe(typeof pkpPermissionsManager.removePermittedAuthMethodScope, 'function');
+
+    // Test 10: Actually test addPermittedAuthMethod functionality
+    const testAuthMethodParams = {
+      authMethodType: 1, // EthWallet
+      authMethodId: '0x1234567890abcdef1234567890abcdef12345678',
+      userPubkey: '0x04abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef',
+      scopes: ['sign-anything'] as const,
+    };
+
+    // Get initial auth methods count
+    const initialAuthMethods = await pkpPermissionsManager.getPermittedAuthMethods();
+    const initialAuthMethodsCount = initialAuthMethods.length;
+
+    console.log('🧪 Adding test auth method...');
+    // Add the test auth method
+    const addAuthMethodTx = await pkpPermissionsManager.addPermittedAuthMethod(testAuthMethodParams);
+    assert.toBeDefined(addAuthMethodTx.hash);
+    assert.toBeDefined(addAuthMethodTx.receipt);
+    assert.toBe(addAuthMethodTx.receipt.status, 'success');
+
+    // Verify the auth method was added
+    const authMethodsAfterAdd = await pkpPermissionsManager.getPermittedAuthMethods();
+    assert.toBe(authMethodsAfterAdd.length, initialAuthMethodsCount + 1);
+
+    // Find our added auth method
+    const addedAuthMethod = authMethodsAfterAdd.find(
+      (am) => 
+        am.id === testAuthMethodParams.authMethodId &&
+        Number(am.authMethodType) === testAuthMethodParams.authMethodType
+    );
+    assert.toBeDefined(addedAuthMethod);
+    console.log('✅ Test auth method successfully added');
+
+    // Test 11: Test removePermittedAuthMethodScope functionality
+    const testScopeParams = {
+      authMethodType: testAuthMethodParams.authMethodType,
+      authMethodId: testAuthMethodParams.authMethodId,
+      scopeId: 1, // SignAnything scope
+    };
+
+    console.log('🧪 Removing scope from test auth method...');
+    // Remove a scope from the auth method
+    const removeScopeTx = await pkpPermissionsManager.removePermittedAuthMethodScope(testScopeParams);
+    assert.toBeDefined(removeScopeTx.hash);
+    assert.toBeDefined(removeScopeTx.receipt);
+    assert.toBe(removeScopeTx.receipt.status, 'success');
+
+    // Verify the scope was removed by checking auth method scopes
+    const authMethodScopes = await pkpPermissionsManager.getPermittedAuthMethodScopes({
+      authMethodType: testAuthMethodParams.authMethodType,
+      authMethodId: testAuthMethodParams.authMethodId,
+      scopeId: 1,
+    });
+    // After removing scope 1, it should return false for that specific scope
+    assert.toBe(authMethodScopes[0], false);
+    console.log('✅ Scope successfully removed from test auth method');
+
+    // Test 12: Cleanup - Remove the test auth method entirely
+    console.log('🧹 Cleaning up test auth method...');
+    const removeAuthMethodTx = await pkpPermissionsManager.removePermittedAuthMethod({
+      authMethodType: testAuthMethodParams.authMethodType,
+      authMethodId: testAuthMethodParams.authMethodId,
+    });
+    assert.toBeDefined(removeAuthMethodTx.hash);
+    assert.toBeDefined(removeAuthMethodTx.receipt);
+    assert.toBe(removeAuthMethodTx.receipt.status, 'success');
+
+    // Verify the auth method was removed
+    const finalAuthMethods = await pkpPermissionsManager.getPermittedAuthMethods();
+    assert.toBe(finalAuthMethods.length, initialAuthMethodsCount);
+
+    // Ensure our test auth method is no longer in the list
+    const removedAuthMethod = finalAuthMethods.find(
+      (am) => 
+        am.id === testAuthMethodParams.authMethodId &&
+        Number(am.authMethodType) === testAuthMethodParams.authMethodType
+    );
+    assert.toBe(removedAuthMethod, undefined);
+    console.log('✅ Test auth method successfully cleaned up');
   };
 };

packages/networks/src/networks/vNaga/LitChainClient/apis/highLevelApis/PKPPermissionsManager/PKPPermissionsManager.ts

@@ -31,6 +31,7 @@ import { PkpIdentifierRaw } from '../../rawContractApis/permissions/utils/resolv
 // Import all handler functions
 import { addPermittedActionByIdentifier } from './handlers/addPermittedActionByIdentifier';
 import { addPermittedAddressByIdentifier } from './handlers/addPermittedAddressByIdentifier';
+import { addPermittedAuthMethodByIdentifier } from './handlers/addPermittedAuthMethodByIdentifier';
 import { addPermittedAuthMethodScopeByIdentifier } from './handlers/addPermittedAuthMethodScopeByIdentifier';
 import {
   getPermissionsContext,
@@ -50,6 +51,7 @@ import { isPermittedAddressByIdentifier } from './handlers/isPermittedAddressByI
 import { removePermittedActionByIdentifier } from './handlers/removePermittedActionByIdentifier';
 import { removePermittedAddressByIdentifier } from './handlers/removePermittedAddressByIdentifier';
 import { removePermittedAuthMethodByIdentifier } from './handlers/removePermittedAuthMethodByIdentifier';
+import { removePermittedAuthMethodScopeByIdentifier } from './handlers/removePermittedAuthMethodScopeByIdentifier';
 
 import type { PKPStorageProvider } from '../../../../../../storage/types';
 import { logger } from '../../../../../shared/logger';
@@ -137,6 +139,31 @@ export class PKPPermissionsManager {
     );
   }
 
+  /**
+   * Adds a permitted authentication method to the PKP
+   *
+   * @param params - Parameters containing authMethodType, authMethodId, userPubkey, and scopes
+   * @returns Promise resolving to transaction details
+   */
+  async addPermittedAuthMethod(params: {
+    authMethodType: string | number | bigint;
+    authMethodId: string;
+    userPubkey: string;
+    scopes: ScopeString[];
+  }): Promise<LitTxVoid> {
+    return addPermittedAuthMethodByIdentifier(
+      {
+        authMethodType: params.authMethodType,
+        authMethodId: params.authMethodId,
+        userPubkey: params.userPubkey,
+        scopes: params.scopes,
+        ...this.getIdentifierParams(),
+      },
+      this.networkContext,
+      this.accountOrWalletClient
+    );
+  }
+
   /**
    * Adds a permitted authentication method scope to the PKP
    *
@@ -217,6 +244,29 @@ export class PKPPermissionsManager {
     );
   }
 
+  /**
+   * Removes a specific scope from a permitted authentication method for the PKP
+   *
+   * @param params - Parameters containing authMethodType, authMethodId, and scopeId
+   * @returns Promise resolving to transaction details
+   */
+  async removePermittedAuthMethodScope(params: {
+    authMethodType: string | number | bigint;
+    authMethodId: string;
+    scopeId: string | number | bigint;
+  }): Promise<LitTxVoid> {
+    return removePermittedAuthMethodScopeByIdentifier(
+      {
+        authMethodType: params.authMethodType,
+        authMethodId: params.authMethodId,
+        scopeId: params.scopeId,
+        ...this.getIdentifierParams(),
+      },
+      this.networkContext,
+      this.accountOrWalletClient
+    );
+  }
+
   /**
    * Checks if a LitAction is permitted for the PKP
    *
@@ -387,18 +437,31 @@ export class PKPPermissionsManager {
       | { type: 'addAction'; ipfsId: string; scopes: ScopeString[] }
       | { type: 'addAddress'; address: string; scopes: ScopeString[] }
       | {
-          type: 'addAuthMethodScope';
-          authMethodType: string | number | bigint;
-          authMethodId: string;
-          scopeId: string | number | bigint;
-        }
+        type: 'addAuthMethod';
+        authMethodType: string | number | bigint;
+        authMethodId: string;
+        userPubkey: string;
+        scopes: ScopeString[];
+      }
+      | {
+        type: 'addAuthMethodScope';
+        authMethodType: string | number | bigint;
+        authMethodId: string;
+        scopeId: string | number | bigint;
+      }
       | { type: 'removeAction'; ipfsId: string }
       | { type: 'removeAddress'; address: string }
       | {
-          type: 'removeAuthMethod';
-          authMethodType: string | number | bigint;
-          authMethodId: string;
-        }
+        type: 'removeAuthMethod';
+        authMethodType: string | number | bigint;
+        authMethodId: string;
+      }
+      | {
+        type: 'removeAuthMethodScope';
+        authMethodType: string | number | bigint;
+        authMethodId: string;
+        scopeId: string | number | bigint;
+      }
     >
   ): Promise<void> {
     // Process operations sequentially to avoid transaction conflicts
@@ -416,6 +479,14 @@ export class PKPPermissionsManager {
             scopes: op.scopes,
           });
           break;
+        case 'addAuthMethod':
+          await this.addPermittedAuthMethod({
+            authMethodType: op.authMethodType,
+            authMethodId: op.authMethodId,
+            userPubkey: op.userPubkey,
+            scopes: op.scopes,
+          });
+          break;
         case 'addAuthMethodScope':
           await this.addPermittedAuthMethodScope({
             authMethodType: op.authMethodType,
@@ -439,6 +510,13 @@ export class PKPPermissionsManager {
             authMethodId: op.authMethodId,
           });
           break;
+        case 'removeAuthMethodScope':
+          await this.removePermittedAuthMethodScope({
+            authMethodType: op.authMethodType,
+            authMethodId: op.authMethodId,
+            scopeId: op.scopeId,
+          });
+          break;
       }
     }
   }

packages/networks/src/networks/vNaga/LitChainClient/apis/highLevelApis/PKPPermissionsManager/handlers/addPermittedAuthMethodByIdentifier.ts

@@ -0,0 +1,80 @@
+import { z } from 'zod';
+import { DefaultNetworkConfig } from '../../../../../interfaces/NetworkContext';
+import { ScopeStringSchema } from '../../../../schemas/shared/ScopeSchema';
+import {
+  PkpIdentifierRaw,
+  resolvePkpTokenId,
+} from '../../../rawContractApis/permissions/utils/resolvePkpTokenId';
+import { addPermittedAuthMethod } from '../../../rawContractApis/permissions/write/addPermittedAuthMethod';
+import { LitTxVoid } from '../../../types';
+import { ExpectedAccountOrWalletClient } from '../../../../contract-manager/createContractsManager';
+
+// Schema for the request
+const addPermittedAuthMethodByIdentifierSchema = z.intersection(
+  z.object({
+    authMethodType: z.string().or(z.number()).or(z.bigint()),
+    authMethodId: z.string(),
+    userPubkey: z.string(),
+    scopes: z.array(ScopeStringSchema),
+  }),
+  z.union([
+    z.object({ tokenId: z.string().or(z.number()).or(z.bigint()) }),
+    z.object({ pubkey: z.string() }),
+    z.object({ address: z.string() }),
+  ])
+);
+
+type AddPermittedAuthMethodByIdentifierRequest = z.infer<
+  typeof addPermittedAuthMethodByIdentifierSchema
+>;
+
+/**
+ * Adds a permitted authentication method to a PKP token using various identifier types
+ * @param request - Object containing either tokenId/address/pubkey, authMethodType, authMethodId, userPubkey, and scopes
+ * @param networkCtx - Network context for contract interactions
+ * @param accountOrWalletClient - Account or wallet client for signing
+ * @returns Promise resolving to transaction details
+ */
+export async function addPermittedAuthMethodByIdentifier(
+  request: AddPermittedAuthMethodByIdentifierRequest,
+  networkCtx: DefaultNetworkConfig,
+  accountOrWalletClient: ExpectedAccountOrWalletClient
+): Promise<LitTxVoid> {
+  const { authMethodType, authMethodId, userPubkey, scopes, ...identifier } = request;
+  const pkpTokenId = await resolvePkpTokenId(
+    identifier as PkpIdentifierRaw,
+    networkCtx
+  );
+
+  return addPermittedAuthMethod(
+    {
+      tokenId: pkpTokenId.toString(),
+      authMethodType: authMethodType.toString(),
+      id: authMethodId,
+      userPubkey,
+      scopes,
+    },
+    networkCtx,
+    accountOrWalletClient
+  );
+}
+
+// Example usage
+// if (import.meta.main) {
+//   const networkCtx = networkContext;
+
+//   const res = await addPermittedAuthMethodByIdentifier(
+//     {
+//       tokenId:
+//         "76136736151863037541847315168980811654782785653773679312890341037699996601290",
+//       authMethodType: 1, // AuthMethodType.EthWallet
+//       authMethodId: "0x1234567890abcdef1234567890abcdef12345678",
+//       userPubkey: "0x04abcdef...",
+//       scopes: ["sign-anything"],
+//     },
+//     networkCtx,
+//     accountOrWalletClient
+//   );
+
+//   console.log("res", res);
+// }