chore(lit-auth-client): LIT-4211 - eslint --fix and resolve tslint errors in preparation for moving providers to new auth package as authenticators

Author: MaximusHaximus

package.json

@@ -67,6 +67,7 @@
     "pako": "^2.1.0",
     "siwe": "^2.3.2",
     "siwe-recap": "0.0.2-alpha.0",
+    "stytch": "^12.4.0",
     "tslib": "^2.7.0",
     "tweetnacl": "^1.0.3",
     "tweetnacl-util": "^0.15.1",

packages/lit-auth-client/src/lib/providers/AppleProvider.ts

@@ -1,22 +1,24 @@
-import {
-  AuthMethod,
-  BaseProviderOptions,
-  OAuthProviderOptions,
-} from '@lit-protocol/types';
+import { ethers } from 'ethers';
+import * as jose from 'jose';
+
 import {
   AUTH_METHOD_TYPE,
   UnauthorizedException,
   UnknownError,
 } from '@lit-protocol/constants';
+import {
+  AuthMethod,
+  BaseProviderOptions,
+  OAuthProviderOptions,
+} from '@lit-protocol/types';
+
 import {
   prepareLoginUrl,
   parseLoginParams,
   getStateParam,
   decode,
 } from '../utils';
 import { BaseProvider } from './BaseProvider';
-import { ethers } from 'ethers';
-import * as jose from 'jose';
 
 export default class AppleProvider extends BaseProvider {
   /**

packages/lit-auth-client/src/lib/providers/BaseProvider.ts

@@ -1,11 +1,9 @@
-import depd from 'depd';
 import { ethers } from 'ethers';
 
 import {
   AUTH_METHOD_TYPE_VALUES,
   InvalidArgumentException,
   LitNodeClientNotReadyError,
-  ParamsMissingError,
   UnknownError,
 } from '@lit-protocol/constants';
 import { LitContracts } from '@lit-protocol/contracts-sdk';
@@ -24,8 +22,6 @@ import {
 
 import { validateMintRequestBody } from '../validators';
 
-const deprecated = depd('lit-js-sdk:auth-browser:base-provider');
-
 export abstract class BaseProvider {
   /**
    * Relay server to subsidize minting of PKPs
@@ -65,7 +61,7 @@ export abstract class BaseProvider {
    */
   abstract getAuthMethodId(
     authMethod: AuthMethod,
-    options?: any
+    options?: unknown
   ): Promise<string>;
 
   /**

packages/lit-auth-client/src/lib/providers/DiscordProvider.ts

@@ -1,13 +1,16 @@
-import {
-  AuthMethod,
-  BaseProviderOptions,
-  OAuthProviderOptions,
-} from '@lit-protocol/types';
+import { ethers } from 'ethers';
+
 import {
   AUTH_METHOD_TYPE,
   UnauthorizedException,
   UnknownError,
 } from '@lit-protocol/constants';
+import {
+  AuthMethod,
+  BaseProviderOptions,
+  OAuthProviderOptions,
+} from '@lit-protocol/types';
+
 import { BaseProvider } from './BaseProvider';
 import {
   prepareLoginUrl,
@@ -16,7 +19,6 @@ import {
   decode,
   LIT_LOGIN_GATEWAY,
 } from '../utils';
-import { ethers } from 'ethers';
 
 export default class DiscordProvider extends BaseProvider {
   /**

packages/lit-auth-client/src/lib/providers/StytchAuthFactorOtp.ts

@@ -24,7 +24,6 @@ import {
 export default class StytchAuthFactorOtpProvider<
   T extends FactorParser
 > extends BaseProvider {
-  private _params: StytchOtpProviderOptions;
   private _factor: T;
   private static _provider: string = 'https://stytch.com/session';
 
@@ -34,7 +33,6 @@ export default class StytchAuthFactorOtpProvider<
     factor: T
   ) {
     super(params);
-    this._params = config;
     this._factor = factor;
   }
 
@@ -144,7 +142,7 @@ export default class StytchAuthFactorOtpProvider<
   }
 
   private static _resolveAuthFactor(factor: FactorParser): {
-    parser: Function;
+    parser: (parsedToken: StytchToken, provider: string) => string;
     authMethodType: AUTH_METHOD_TYPE_VALUES;
   } {
     switch (factor) {

packages/lit-auth-client/src/lib/providers/StytchAuthFactors.ts

@@ -1,6 +1,14 @@
+import { ethers } from 'ethers';
+
 import { WrongParamFormat } from '@lit-protocol/constants';
 import { StytchToken } from '@lit-protocol/types';
-import { ethers } from 'ethers';
+
+import type {
+  AuthenticationFactor,
+  AuthenticatorAppFactor,
+  EmailFactor,
+  PhoneNumberFactor,
+} from 'stytch';
 
 export type FactorParser = 'email' | 'sms' | 'whatsApp' | 'totp';
 
@@ -9,10 +17,9 @@ export const emailOtpAuthFactorParser = (
   provider: string
 ): string => {
   const session = parsedToken[provider];
-  const authFactors: any[] = session['authentication_factors'];
-  let authFactor = authFactors.find((value, _index, _obj) => {
-    if (value.email_factor) return value;
-  });
+  const authFactors: AuthenticationFactor[] = session['authentication_factors'];
+
+  const authFactor = authFactors.find((value) => !!value.email_factor);
 
   if (!authFactor) {
     throw new WrongParamFormat(
@@ -25,6 +32,9 @@ export const emailOtpAuthFactorParser = (
       'Could not find email authentication info in session'
     );
   }
+
+  const emailFactor = authFactor.email_factor as EmailFactor;
+
   const audience = (parsedToken['aud'] as string[])[0];
   if (!audience) {
     throw new WrongParamFormat(
@@ -38,7 +48,7 @@ export const emailOtpAuthFactorParser = (
     );
   }
 
-  const userId = authFactor.email_factor.email_address;
+  const userId = emailFactor.email_address;
   const authMethodId = ethers.utils.keccak256(
     ethers.utils.toUtf8Bytes(
       `${userId.toLowerCase()}:${audience.toLowerCase()}`
@@ -53,10 +63,8 @@ export const smsOtpAuthFactorParser = (
   provider: string
 ): string => {
   const session = parsedToken[provider];
-  const authFactors: any[] = session['authentication_factors'];
-  let authFactor = authFactors.find((value, _index, _obj) => {
-    if (value.phone_number_factor) return value;
-  });
+  const authFactors: AuthenticationFactor[] = session['authentication_factors'];
+  const authFactor = authFactors.find((value) => !!value.phone_number_factor);
 
   if (!authFactor) {
     throw new WrongParamFormat(
@@ -66,9 +74,12 @@ export const smsOtpAuthFactorParser = (
           provider,
         },
       },
-      'Could not find email authentication info in session'
+      'Could not find phone authentication info in session'
     );
   }
+
+  const phoneNumberFactor = authFactor.phone_number_factor as PhoneNumberFactor;
+
   const audience = (parsedToken['aud'] as string[])[0];
   if (!audience) {
     throw new WrongParamFormat(
@@ -82,7 +93,7 @@ export const smsOtpAuthFactorParser = (
     );
   }
 
-  const userId = authFactor.phone_number_factor.phone_number;
+  const userId = phoneNumberFactor.phone_number;
   const authMethodId = ethers.utils.keccak256(
     ethers.utils.toUtf8Bytes(
       `${userId.toLowerCase()}:${audience.toLowerCase()}`
@@ -97,10 +108,8 @@ export const whatsAppOtpAuthFactorParser = (
   provider: string
 ): string => {
   const session = parsedToken[provider];
-  const authFactors: any[] = session['authentication_factors'];
-  let authFactor = authFactors.find((value, _index, _obj) => {
-    if (value.phone_number_factor) return value;
-  });
+  const authFactors: AuthenticationFactor[] = session['authentication_factors'];
+  const authFactor = authFactors.find((value) => !!value.phone_number_factor);
 
   if (!authFactor) {
     throw new WrongParamFormat(
@@ -110,9 +119,12 @@ export const whatsAppOtpAuthFactorParser = (
           provider,
         },
       },
-      'Could not find email authentication info in session'
+      'Could not find phone authentication info in session'
     );
   }
+
+  const phoneNumberFactor = authFactor.phone_number_factor as PhoneNumberFactor;
+
   const audience = (parsedToken['aud'] as string[])[0];
   if (!audience) {
     throw new WrongParamFormat(
@@ -126,7 +138,7 @@ export const whatsAppOtpAuthFactorParser = (
     );
   }
 
-  const userId = authFactor.phone_number_factor.phone_number;
+  const userId = phoneNumberFactor.phone_number;
   const authMethodId = ethers.utils.keccak256(
     ethers.utils.toUtf8Bytes(
       `${userId.toLowerCase()}:${audience.toLowerCase()}`
@@ -141,10 +153,10 @@ export const totpAuthFactorParser = (
   provider: string
 ): string => {
   const session = parsedToken[provider];
-  const authFactors: any[] = session['authentication_factors'];
-  let authFactor = authFactors.find((value, _index, _obj) => {
-    if (value.phone_number_factor) return value;
-  });
+  const authFactors: AuthenticationFactor[] = session['authentication_factors'];
+  const authFactor = authFactors.find(
+    (value) => !!value.authenticator_app_factor
+  );
 
   if (!authFactor) {
     throw new WrongParamFormat(
@@ -154,9 +166,13 @@ export const totpAuthFactorParser = (
           provider,
         },
       },
-      'Could not find email authentication info in session'
+      'Could not find authenticator app authentication info in session'
     );
   }
+
+  const authenticatorAppFactor =
+    authFactor.authenticator_app_factor as AuthenticatorAppFactor;
+
   const audience = (parsedToken['aud'] as string[])[0];
   if (!audience) {
     throw new WrongParamFormat(
@@ -170,7 +186,7 @@ export const totpAuthFactorParser = (
     );
   }
 
-  const userId = authFactor.authenticator_app_factor.totp_id;
+  const userId = authenticatorAppFactor.totp_id;
   const authMethodId = ethers.utils.keccak256(
     ethers.utils.toUtf8Bytes(
       `${userId.toLowerCase()}:${audience.toLowerCase()}`

packages/lit-auth-client/src/lib/providers/WebAuthnProvider.ts

@@ -1,24 +1,26 @@
 import {
-  AuthMethod,
-  BaseProviderOptions,
-  MintRequestBody,
-  WebAuthnProviderOptions,
-} from '@lit-protocol/types';
+  PublicKeyCredentialCreationOptionsJSON,
+  UserVerificationRequirement,
+  RegistrationResponseJSON,
+} from '@simplewebauthn/typescript-types';
+import base64url from 'base64url';
+import { ethers } from 'ethers';
+
 import {
   AUTH_METHOD_TYPE,
   RemovedFunctionError,
   UnknownError,
   WrongParamFormat,
 } from '@lit-protocol/constants';
-import { ethers } from 'ethers';
 import {
-  PublicKeyCredentialCreationOptionsJSON,
-  UserVerificationRequirement,
-} from '@simplewebauthn/typescript-types';
-import base64url from 'base64url';
+  AuthMethod,
+  BaseProviderOptions,
+  MintRequestBody,
+  WebAuthnProviderOptions,
+} from '@lit-protocol/types';
+
 import { getRPIdFromOrigin, parseAuthenticatorData } from '../utils';
 import { BaseProvider } from './BaseProvider';
-import { RegistrationResponseJSON } from '@simplewebauthn/typescript-types';
 
 export default class WebAuthnProvider extends BaseProvider {
   /**
@@ -228,8 +230,8 @@ export default class WebAuthnProvider extends BaseProvider {
 
       // Parse the buffer to reconstruct the object
       // Buffer is COSE formatted, utilities decode the buffer into json, and extract the public key information
-      const authenticationResponse: any =
-        parseAuthenticatorData(attestationBuffer);
+      const authenticationResponse = parseAuthenticatorData(attestationBuffer);
+      assertAuthenticationResponse(authenticationResponse);
 
       // Public key in cose format to register the auth method
       const publicKeyCoseBuffer: Buffer = authenticationResponse
@@ -251,3 +253,34 @@ export default class WebAuthnProvider extends BaseProvider {
     return publicKey;
   }
 }
+
+function assertAuthenticationResponse(
+  authenticationResponse: unknown
+): asserts authenticationResponse is {
+  attestedCredentialData: {
+    credentialPublicKey: Buffer;
+  };
+} {
+  /* eslint-disable @typescript-eslint/no-explicit-any */
+  if (
+    typeof authenticationResponse !== 'object' ||
+    authenticationResponse === null ||
+    !('attestedCredentialData' in authenticationResponse) ||
+    typeof (authenticationResponse as any).attestedCredentialData !==
+      'object' ||
+    (authenticationResponse as any).attestedCredentialData === null ||
+    !(
+      'credentialPublicKey' in
+      (authenticationResponse as any).attestedCredentialData
+    ) ||
+    !(
+      (authenticationResponse as any).attestedCredentialData
+        .credentialPublicKey instanceof Buffer
+    )
+  ) {
+    throw new Error(
+      'authenticationResponse does not match the expected structure: { attestedCredentialData: { credentialPublicKey: Buffer } }'
+    );
+  }
+  /* eslint-enable @typescript-eslint/no-explicit-any */
+}

yarn.lock

@@ -15538,6 +15538,11 @@ jose@^4.14.4:
   resolved "https://registry.yarnpkg.com/jose/-/jose-4.15.9.tgz#9b68eda29e9a0614c042fa29387196c7dd800100"
   integrity sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==
 
+jose@^5.6.3:
+  version "5.9.6"
+  resolved "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz#77f1f901d88ebdc405e57cce08d2a91f47521883"
+  integrity sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==
+
 js-levenshtein@^1.1.6:
   version "1.1.6"
   resolved "https://registry.yarnpkg.com/js-levenshtein/-/js-levenshtein-1.1.6.tgz#c6cee58eb3550372df8deb85fad5ce66ce01d59d"
@@ -21615,6 +21620,14 @@ strong-log-transformer@^2.1.0:
     minimist "^1.2.0"
     through "^2.3.4"
 
+stytch@^12.4.0:
+  version "12.4.0"
+  resolved "https://registry.npmjs.org/stytch/-/stytch-12.4.0.tgz#2a9dbac10e2a45057409ed1bd4f7743e1fc6cda9"
+  integrity sha512-jyYIfirVnhy3gAtGLEIK5c5tSp5bhi9tUE0JRzItJlwISBW/StMMOvP0hhPUb831EGjV2l1S4YRPg/NqJ+eYNg==
+  dependencies:
+    jose "^5.6.3"
+    undici "^6.19.5"
+
 superstatic@^7.1.0:
   version "7.1.0"
   resolved "https://registry.yarnpkg.com/superstatic/-/superstatic-7.1.0.tgz#42cc773a0f500fb691841e0533d0b8c31f25997f"