refactor: consolidate AuthData schemas and removing strict types

Author: Ansonhkg

packages/auth-services/src/queue-manager/src/handlers/pkpMint/pkpMint.handler.ts

@@ -1,59 +1,22 @@
-import { AuthData } from '@lit-protocol/schemas';
-import { Optional } from '@lit-protocol/types';
-import { Hex } from 'viem';
+import { MintPKPRequest } from '@lit-protocol/schemas';
 
 /**
  * Handles PKP minting tasks.
  * @param jobData The data for the job, expected to contain `requestBody`.
  * @returns The result of the PKP minting process.
  */
 export async function handlePkpMintTask(jobData: {
-  requestBody: {
-    authMethodType: string;
-    authMethodId: Hex;
-    pubkey: Hex;
-    scopes?: ('sign-anything' | 'personal-sign' | 'no-permissions')[];
-  };
+  requestBody: MintPKPRequest;
   reqId?: string;
 }): Promise<any> {
-  // console.log('[PKP Mint][HANDLER][REQ]', {
-  //   reqId: jobData.reqId,
-  //   authMethodType: jobData.requestBody.authMethodType,
-  //   authMethodId: jobData.requestBody.authMethodId,
-  //   pubkey_len: jobData.requestBody.pubkey?.length ?? 0,
-  //   pubkey_is_0x: jobData.requestBody.pubkey === '0x',
-  //   pubkey_preview: (jobData.requestBody.pubkey ?? '').slice(0, 12),
-  //   scopes: jobData.requestBody.scopes,
-  // });
-
-  if (
-    // AUTH_METHOD_TYPE.WebAuthn = 3
-    Number(jobData.requestBody.authMethodType) === 3 &&
-    (!jobData.requestBody.pubkey || jobData.requestBody.pubkey === '0x')
-  ) {
-    throw new Error(
-      `[PKP Mint][HANDLER] WebAuthn requires a non-empty COSE pubkey; got '${jobData.requestBody.pubkey}'. reqId=${jobData.reqId}`
-    );
-  }
-
-  const userAuthData: Optional<AuthData, 'accessToken'> = {
-    authMethodId: jobData.requestBody.authMethodId,
-    authMethodType: Number(jobData.requestBody.authMethodType),
-    publicKey: jobData.requestBody.pubkey,
-  };
-
-  // console.log('[PKP Mint][HANDLER][MAPPING]', {
-  //   reqId: jobData.reqId,
-  //   authMethodType: userAuthData.authMethodType,
-  //   authMethodId: userAuthData.authMethodId,
-  //   publicKey_len: userAuthData.publicKey?.length ?? 0,
-  //   publicKey_preview: (userAuthData.publicKey ?? '').slice(0, 12),
-  // });
-
   const result = await globalThis.systemContext.litClient.mintWithAuth({
     account: globalThis.systemContext.account,
-    authData: userAuthData,
-    scopes: jobData.requestBody.scopes || [],
+    authData: {
+      authMethodId: jobData.requestBody.authMethodId,
+      authMethodType: jobData.requestBody.authMethodType,
+      publicKey: jobData.requestBody.pubkey,
+    },
+    scopes: jobData.requestBody.scopes,
   });
 
   console.log(

packages/lit-client/src/lib/LitClient/createLitClient.ts

@@ -29,7 +29,6 @@ import {
   HexPrefixedSchema,
   JsonSignCustomSessionKeyRequestForPkpReturnSchema,
   JsonSignSessionKeyRequestForPkpReturnSchema,
-  StrictAuthData,
 } from '@lit-protocol/schemas';
 import {
   DecryptRequest,
@@ -850,7 +849,7 @@ export const _createNagaLitClient = async (
       };
     },
     viewPKPsByAuthData: async (params: {
-      authData: Partial<StrictAuthData> | Partial<AuthData>;
+      authData: Partial<AuthData>;
       pagination?: { limit?: number; offset?: number };
     }) => {
       // Use read-only account for viewing PKPs

packages/networks/src/networks/vNaga/shared/factories/BaseChainManagerFactory.ts

@@ -9,7 +9,7 @@ import {
 } from '../interfaces/NetworkContext';
 import type { PKPStorageProvider } from '../../../../storage/types';
 import { DEV_PRIVATE_KEY } from '@lit-protocol/constants';
-import { AuthData, StrictAuthData } from '@lit-protocol/schemas';
+import { AuthData } from '@lit-protocol/schemas';
 
 export type CreateChainManagerReturn = {
   api: {
@@ -27,7 +27,7 @@ export type CreateChainManagerReturn = {
     ) => InstanceType<typeof api.PKPPermissionsManager>;
     paymentManager: () => InstanceType<typeof api.PaymentManager>;
     getPKPsByAuthData: (
-      authData: Partial<StrictAuthData> | Partial<AuthData>,
+      authData: Partial<AuthData>,
       pagination?: { limit?: number; offset?: number },
       storageProvider?: PKPStorageProvider
     ) => ReturnType<typeof api.PKPPermissionsManager.getPKPsByAuthData>;
@@ -100,7 +100,7 @@ export const createChainManagerFactory = <T, M>(
         return new api.PaymentManager(_networkConfig, accountOrWalletClient);
       },
       getPKPsByAuthData: (
-        authData: Partial<StrictAuthData> | Partial<AuthData>,
+        authData: Partial<AuthData>,
         pagination?: { limit?: number; offset?: number },
         storageProvider?: PKPStorageProvider
       ) => {

packages/networks/src/networks/vNaga/shared/factories/BaseModuleFactory.ts

@@ -8,7 +8,6 @@ import {
   HexPrefixedSchema,
   JsonSignCustomSessionKeyRequestForPkpReturnSchema,
   JsonSignSessionKeyRequestForPkpReturnSchema,
-  StrictAuthData,
 } from '@lit-protocol/schemas';
 import { Hex, hexToBytes, stringToBytes, bytesToHex } from 'viem';
 import { z } from 'zod';
@@ -335,7 +334,7 @@ export function createBaseModule<T, M>(config: BaseModuleConfig<T, M>) {
       },
 
       getPKPsByAuthData: async (params: {
-        authData: Partial<StrictAuthData> | Partial<AuthData>;
+        authData: Partial<AuthData>;
         pagination?: { limit?: number; offset?: number };
         storageProvider?: PKPStorageProvider;
         account: ExpectedAccountOrWalletClient;

packages/networks/src/networks/vNaga/shared/managers/LitChainClient/apis/highLevelApis/PKPPermissionsManager/PKPPermissionsManager.ts

@@ -60,7 +60,7 @@ import { ExpectedAccountOrWalletClient } from '../../../../contract-manager/crea
 import { ScopeString } from '../../../schemas/shared/ScopeSchema';
 import { AuthMethod } from '../../rawContractApis/permissions/read/getPermittedAuthMethods';
 import { LitTxVoid } from '../../types';
-import { AuthData, StrictAuthData } from '@lit-protocol/schemas';
+import { AuthData } from '@lit-protocol/schemas';
 
 // This constant is used for testing purposes
 // IPFS CID in v0 format for commonly used test action
@@ -410,7 +410,7 @@ export class PKPPermissionsManager {
    * @returns Promise resolving to paginated PKP information
    */
   static async getPKPsByAuthData(
-    authData: Partial<StrictAuthData> | Partial<AuthData>,
+    authData: Partial<AuthData>,
     pagination: { limit?: number; offset?: number } | undefined,
     storageProvider: PKPStorageProvider | undefined,
     networkContext: DefaultNetworkConfig,

packages/schemas/src/lib/auth/ScopeSchema.ts

@@ -0,0 +1,30 @@
+import { z } from 'zod';
+
+/**
+ * Defines schemas for PKP permission scopes.
+ * Handles both string inputs and bigint transformations for contract calls.
+ */
+
+// Valid scope values
+export const SCOPE_VALUES = [
+  'no-permissions',
+  'sign-anything',
+  'personal-sign',
+] as const;
+export type ScopeString = typeof SCOPE_VALUES[number];
+
+// Mapping from string scopes to their bigint representation
+export const SCOPE_MAPPING = {
+  'no-permissions': 0n,
+  'sign-anything': 1n,
+  'personal-sign': 2n,
+} as const;
+export type ScopeBigInt = typeof SCOPE_MAPPING[ScopeString];
+
+// Schema for string values (used in high-level APIs)
+export const ScopeStringSchema = z.enum(SCOPE_VALUES);
+
+// Schema that transforms strings to bigints (used in contract calls)
+export const ScopeSchemaRaw = ScopeStringSchema.transform(
+  (val) => SCOPE_MAPPING[val]
+);

packages/schemas/src/lib/auth/auth-schemas.ts

@@ -6,6 +6,7 @@ import {
   NodeSetSchema,
   SessionKeyUriSchema,
 } from '../schemas';
+import { ScopeSchemaRaw } from './ScopeSchema';
 
 export const CustomAuthDataSchema = z.object({
   authMethodId: HexPrefixedSchema,
@@ -15,18 +16,6 @@ export const CustomAuthDataSchema = z.object({
 
 export type CustomAuthData = z.infer<typeof CustomAuthDataSchema>;
 
-export const StrictAuthDataSchema = z.object({
-  authMethodId: HexPrefixedSchema,
-  authMethodType: z.union([
-    AuthMethodSchema.shape.authMethodType,
-    z.number(),
-    z.bigint(),
-  ]),
-  accessToken: AuthMethodSchema.shape.accessToken,
-});
-
-export type StrictAuthData = z.infer<typeof StrictAuthDataSchema>;
-
 export const AuthDataSchema = z.object({
   authMethodId: HexPrefixedSchema,
   authMethodType: z.coerce.number().pipe(z.nativeEnum(AUTH_METHOD_TYPE)),
@@ -38,7 +27,8 @@ export const AuthDataSchema = z.object({
   metadata: z.any().optional(),
 });
 
-export type AuthData = z.infer<typeof AuthDataSchema>;
+export type AuthData = z.output<typeof AuthDataSchema>;
+export type AuthDataInput = z.input<typeof AuthDataSchema>;
 
 /**
  * Return Object Schema
@@ -80,3 +70,34 @@ export const JsonSignCustomSessionKeyRequestForPkpReturnSchema = z
       }),
     ])
   );
+
+/**
+ * Consolidated schema for PKP mint requests.
+ * This replaces the duplicated schemas across the codebase.
+ * Handles both string and number authMethodType inputs.
+ */
+export const MintPKPRequestSchema = z
+  .object({
+    authMethodId: HexPrefixedSchema,
+    authMethodType: z.coerce.number().pipe(z.nativeEnum(AUTH_METHOD_TYPE)),
+    pubkey: HexPrefixedSchema.default('0x'),
+    scopes: z.array(ScopeSchemaRaw).optional().default([]),
+  })
+  .refine(
+    (data) => {
+      // Validate pubkey is present for WebAuthn
+      // the default has been set to 0x, so we need to check when
+      // webauthn is used the pubkey should NOT be 0x
+      if (data.authMethodType === AUTH_METHOD_TYPE.WebAuthn) {
+        return data.pubkey && data.pubkey !== '0x';
+      }
+      return true;
+    },
+    {
+      message: 'pubkey is required for WebAuthn and cannot be 0x',
+      path: ['pubkey'],
+    }
+  );
+
+export type MintPKPRequest = z.input<typeof MintPKPRequestSchema>;
+export type MintPKPRequestTransformed = z.output<typeof MintPKPRequestSchema>;