[EWS] Integrate non-OIDC authentication, enforce encryptionKey (#136)

Author: 0xFirekeeper

Assets/Thirdweb/Core/Scripts/Wallet.cs

@@ -708,7 +708,7 @@ public WalletConnection(
             this.password = password;
             this.email = email;
             this.personalWallet = personalWallet;
-            this.authOptions = authOptions ?? new AuthOptions(authProvider: AuthProvider.EmailOTP, authToken: null);
+            this.authOptions = authOptions ?? new AuthOptions(authProvider: AuthProvider.EmailOTP, jwtOrPayload: null, encryptionKey: null);
             this.smartWalletAccountOverride = smartWalletAccountOverride;
         }
     }
@@ -720,21 +720,21 @@ public WalletConnection(
     public class AuthOptions
     {
         public AuthProvider authProvider;
-        public string authToken;
-        public string recoveryCode;
+        public string jwtOrPayload;
+        public string encryptionKey;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="AuthOptions"/> class with the specified parameters.
         /// </summary>
         /// <param name="authProvider">The authentication provider to use.</param>
-        /// <param name="authToken">The auth token to use for validation e.g. jwt</param>
-        /// <param name="recoveryCode">The recovery code used for CustomAuth when recovery is User Managed</param>
+        /// <param name="jwtOrPayload">Used for custom JWT or AuthEndpoint methods, pass JWT or auth payload respectively.</param>
+        /// <param name="encryptionKey">Used for custom JWT or AuthEndpoint methods, developer-manaed recovery encryption key.</param>
         /// <returns>A new instance of the <see cref="AuthOptions"/> class.</returns>
-        public AuthOptions(AuthProvider authProvider, string authToken = null, string recoveryCode = null)
+        public AuthOptions(AuthProvider authProvider, string jwtOrPayload = null, string encryptionKey = null)
         {
             this.authProvider = authProvider;
-            this.authToken = authToken;
-            this.recoveryCode = recoveryCode;
+            this.jwtOrPayload = jwtOrPayload;
+            this.encryptionKey = encryptionKey;
         }
     }
 
@@ -781,8 +781,13 @@ public enum AuthProvider
         Facebook,
 
         /// <summary>
-        /// Bring your own auth.
+        /// JWT-Based Authentication Flow, checks JWT against developer-set JWKS URI.
         /// </summary>
-        CustomAuth
+        JWT,
+
+        /// <summary>
+        /// Custom Authentication Flow, checks payload against developer-set Auth Endpoint.
+        /// </summary>
+        AuthEndpoint,
     }
 }

Assets/Thirdweb/Core/Scripts/Wallets/ThirdwebEmbeddedWallet.cs

@@ -21,7 +21,7 @@ public ThirdwebEmbeddedWallet(string clientId, string bundleId)
             _web3 = null;
             _provider = WalletProvider.EmbeddedWallet;
             _signerProvider = WalletProvider.LocalWallet;
-            _embeddedWallet = new EmbeddedWallet(clientId, bundleId);
+            _embeddedWallet = new EmbeddedWallet(clientId, bundleId, "unity", ThirdwebSDK.version);
         }
 
         public async Task<string> Connect(WalletConnection walletConnection, string rpc)

Assets/Thirdweb/Core/Scripts/WalletsUI/EmbeddedWalletUI.cs

@@ -83,7 +83,7 @@ public async Task<User> Connect(EmbeddedWallet embeddedWallet, string email, Aut
                     AuthProvider.Google => "Google",
                     AuthProvider.Apple => "Apple",
                     AuthProvider.Facebook => "Facebook",
-                    AuthProvider.CustomAuth => "CustomAuth",
+                    AuthProvider.JWT => "CustomAuth",
                     _ => throw new UnityException($"Unsupported auth provider: {authOptions.authProvider}"),
                 };
                 return await _embeddedWallet.GetUserAsync(_email, authProvider);
@@ -109,8 +109,11 @@ public async Task<User> Connect(EmbeddedWallet embeddedWallet, string email, Aut
                     case AuthProvider.Facebook:
                         await LoginWithOauth("Facebook");
                         break;
-                    case AuthProvider.CustomAuth:
-                        await LoginWithCustomJwt(authOptions.authToken, authOptions.recoveryCode);
+                    case AuthProvider.JWT:
+                        await LoginWithJWT(authOptions.jwtOrPayload, authOptions.encryptionKey);
+                        break;
+                    case AuthProvider.AuthEndpoint:
+                        await LoginWithAuthEndpoint(authOptions.jwtOrPayload, authOptions.encryptionKey);
                         break;
                     default:
                         throw new UnityException($"Unsupported auth provider: {authOptions.authProvider}");
@@ -224,7 +227,7 @@ private async Task LoginWithOauth(string authProviderStr)
             {
                 try
                 {
-                    var res = await _embeddedWallet.SignInWithOauth(authProviderStr, authResultJson, null);
+                    var res = await _embeddedWallet.SignInWithOauthAsync(authProviderStr, authResultJson, null);
                     _user = res.User;
                 }
                 catch (Exception e)
@@ -239,7 +242,7 @@ private async void OnSubmitRecoveryOauth(string authProviderStr, string authResu
             try
             {
                 string recoveryCode = RecoveryInput.text;
-                var res = await _embeddedWallet.SignInWithOauth(authProviderStr, authResult, recoveryCode);
+                var res = await _embeddedWallet.SignInWithOauthAsync(authProviderStr, authResult, recoveryCode);
                 _user = res.User;
                 ShowRecoveryCodes(res);
             }
@@ -260,11 +263,32 @@ private async Task<string> GetLoginLink(string authProvider)
 
         #endregion
 
-        #region Custom JWT Flow
+        #region JWT Flow
 
-        private async Task LoginWithCustomJwt(string jwtToken, string recoveryCode)
+        private async Task LoginWithJWT(string jwtToken, string encryptionKey, string recoveryCode = null)
         {
-            var res = await _embeddedWallet.SignInWithJwtAuthAsync(jwtToken, recoveryCode);
+            if (string.IsNullOrEmpty(jwtToken))
+                throw new UnityException("JWT token is required for JWT login!");
+            if (string.IsNullOrEmpty(encryptionKey))
+                throw new UnityException("Encryption key is required for JWT login!");
+
+            var res = await _embeddedWallet.SignInWithJwtAsync(jwtToken, encryptionKey, recoveryCode);
+            _user = res.User;
+            ShowRecoveryCodes(res);
+        }
+
+        #endregion
+
+        #region Auth Endpoint Flow
+
+        private async Task LoginWithAuthEndpoint(string payload, string encryptionKey, string recoveryCode = null)
+        {
+            if (string.IsNullOrEmpty(payload))
+                throw new UnityException("Auth payload is required for Auth Endpoint login!");
+            if (string.IsNullOrEmpty(encryptionKey))
+                throw new UnityException("Encryption key is required for Auth Endpoint login!");
+
+            var res = await _embeddedWallet.SignInWithAuthEndpointAsync(payload, encryptionKey, recoveryCode);
             _user = res.User;
             ShowRecoveryCodes(res);
         }