Apple + Facebook + User Managed Recovery Flow Prep + Async Decryption (#126)

Author: 0xFirekeeper

Assets/Thirdweb/Core/Scripts/Wallet.cs

@@ -680,17 +680,20 @@ public class AuthOptions
     {
         public AuthProvider authProvider;
         public string authToken;
+        public string recoveryCode;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="AuthOptions"/> class with the specified parameters.
         /// </summary>
         /// <param name="authProvider">The authentication provider to use.</param>
         /// <param name="authToken">The auth token to use for validation e.g. jwt</param>
+        /// <param name="recoveryCode">The recovery code used for CustomAuth when recovery is User Managed</param>
         /// <returns>A new instance of the <see cref="AuthOptions"/> class.</returns>
-        public AuthOptions(AuthProvider authProvider, string authToken = null)
+        public AuthOptions(AuthProvider authProvider, string authToken = null, string recoveryCode = null)
         {
             this.authProvider = authProvider;
             this.authToken = authToken;
+            this.recoveryCode = recoveryCode;
         }
     }
 
@@ -726,6 +729,16 @@ public enum AuthProvider
         /// </summary>
         Google,
 
+        /// <summary>
+        /// Apple OAuth2 Flow.
+        /// </summary>
+        Apple,
+
+        /// <summary>
+        /// Facebook OAuth2 Flow.
+        /// </summary>
+        Facebook,
+
         /// <summary>
         /// Bring your own auth.
         /// </summary>

Assets/Thirdweb/Core/Scripts/WalletsUI/EmbeddedWalletUI.cs

@@ -71,20 +71,61 @@ public async Task<User> Connect(EmbeddedWallet embeddedWallet, string email, Aut
             RecoveryInput.text = "";
             RecoveryInput.gameObject.SetActive(false);
             SubmitButton.onClick.RemoveAllListeners();
+            RecoveryCodesCopy.onClick.RemoveAllListeners();
             EmbeddedWalletCanvas.SetActive(false);
             RecoveryCodesCanvas.SetActive(false);
 
-            switch (authOptions.authProvider)
+            try
+            {
+                string authProvider = authOptions.authProvider switch
+                {
+                    AuthProvider.EmailOTP => "EmailOTP",
+                    AuthProvider.Google => "Google",
+                    AuthProvider.Apple => "Apple",
+                    AuthProvider.Facebook => "Facebook",
+                    AuthProvider.CustomAuth => "CustomAuth",
+                    _ => throw new UnityException($"Unsupported auth provider: {authOptions.authProvider}"),
+                };
+                return await _embeddedWallet.GetUserAsync(_email, authProvider);
+            }
+            catch (Exception e)
+            {
+                ThirdwebDebug.Log($"Could not recreate user automatically, proceeding with auth: {e.Message}");
+            }
+
+            try
             {
-                case AuthProvider.EmailOTP:
-                    return await LoginWithOTP();
-                case AuthProvider.Google:
-                    return await LoginWithGoogle();
-                case AuthProvider.CustomAuth:
-                    return await LoginWithCustomJwt(authOptions.authToken);
-                default:
-                    throw new UnityException($"Unsupported auth provider: {authOptions.authProvider}");
+                switch (authOptions.authProvider)
+                {
+                    case AuthProvider.EmailOTP:
+                        await LoginWithOTP();
+                        break;
+                    case AuthProvider.Google:
+                        await LoginWithOauth("Google");
+                        break;
+                    case AuthProvider.Apple:
+                        await LoginWithOauth("Apple");
+                        break;
+                    case AuthProvider.Facebook:
+                        await LoginWithOauth("Facebook");
+                        break;
+                    case AuthProvider.CustomAuth:
+                        await LoginWithCustomJwt(authOptions.authToken, authOptions.recoveryCode);
+                        break;
+                    default:
+                        throw new UnityException($"Unsupported auth provider: {authOptions.authProvider}");
+                }
             }
+            catch (Exception e)
+            {
+                _exception = e;
+            }
+
+            await new WaitUntil(() => _user != null || _exception != null);
+            EmbeddedWalletCanvas.SetActive(false);
+            if (_exception != null)
+                throw _exception;
+            return _user;
         }
 
         public void Cancel()
@@ -96,45 +137,26 @@ public void Cancel()
 
         #region Email OTP Flow
 
-        private async Task<User> LoginWithOTP()
+        private async Task LoginWithOTP()
         {
             if (_email == null)
                 throw new UnityException("Email is required for OTP login");
 
-            try
-            {
-                _user = await _embeddedWallet.GetUserAsync(_email);
-            }
-            catch (Exception e)
-            {
-                ThirdwebDebug.Log($"Could not recreate user automatically, proceeding with auth: {e}");
-            }
-
-            if (_user != null)
-            {
-                ThirdwebDebug.Log($"Logged In Existing User - Email: {_user.EmailAddress}, User Address: {_user.Account.Address}");
-                return _user;
-            }
-
             SubmitButton.onClick.AddListener(OnSubmitOTP);
             await OnSendOTP();
             EmbeddedWalletCanvas.SetActive(true);
-            await new WaitUntil(() => _user != null || _exception != null);
-            EmbeddedWalletCanvas.SetActive(false);
-            if (_exception != null)
-                throw _exception;
-            return _user;
         }
 
         private async Task OnSendOTP()
         {
             try
             {
                 (bool isNewUser, bool isNewDevice, bool needsRecoveryCode) = await _embeddedWallet.SendOtpEmailAsync(_email);
-                RecoveryInput.gameObject.SetActive(needsRecoveryCode && !isNewUser && isNewDevice);
+                if (needsRecoveryCode && !isNewUser && isNewDevice)
+                    DisplayRecoveryInput(false);
                 ThirdwebDebug.Log($"finished sending OTP:  isNewUser {isNewUser}, isNewDevice {isNewDevice}");
             }
-            catch (System.Exception e)
+            catch (Exception e)
             {
                 _exception = e;
             }
@@ -148,15 +170,9 @@ private async void OnSubmitOTP()
             try
             {
                 string otp = OTPInput.text;
-                (var res, bool? wasEmailed) = await _embeddedWallet.VerifyOtpAsync(_email, otp, string.IsNullOrEmpty(RecoveryInput.text) ? null : RecoveryInput.text);
+                var res = await _embeddedWallet.VerifyOtpAsync(_email, otp, string.IsNullOrEmpty(RecoveryInput.text) ? null : RecoveryInput.text);
                 _user = res.User;
-                if (res.MainRecoveryCode != null && wasEmailed.HasValue && wasEmailed.Value == false)
-                {
-                    List<string> recoveryCodes = new() { res.MainRecoveryCode };
-                    if (res.BackupRecoveryCodes != null)
-                        recoveryCodes.AddRange(res.BackupRecoveryCodes);
-                    ShowRecoveryCodes(recoveryCodes);
-                }
+                ShowRecoveryCodes(res);
             }
             catch (Exception e)
             {
@@ -170,78 +186,115 @@ private async void OnSubmitOTP()
             }
         }
 
-        private void ShowRecoveryCodes(List<string> recoveryCodes)
-        {
-            string recoveryCodesString = string.Join("\n", recoveryCodes.Select((code, i) => $"{i + 1}. {code}"));
-            string message = $"Please save the following recovery codes in a safe place:\n\n{recoveryCodesString}";
-            ThirdwebDebug.Log(message);
-            RecoveryCodesText.text = message;
-            string messageToSave = JsonConvert.SerializeObject(recoveryCodes);
-            RecoveryCodesCopy.onClick.RemoveAllListeners();
-            RecoveryCodesCopy.onClick.AddListener(() => GUIUtility.systemCopyBuffer = messageToSave);
-            RecoveryCodesCanvas.SetActive(true);
-        }
-
         #endregion
 
         #region OAuth2 Flow
 
-        private async Task<User> LoginWithGoogle()
+        private async Task LoginWithOauth(string authProviderStr)
         {
             if (Application.isMobilePlatform && string.IsNullOrEmpty(_customScheme))
                 throw new UnityException("No custom scheme provided for mobile deeplinks, please set one in your ThirdwebConfig (found in ThirdwebManager)");
 
-            try
-            {
-                string loginUrl = await GetLoginLink();
-                string redirectUrl = Application.isMobilePlatform ? _customScheme : "http://localhost:8789/";
-                CrossPlatformBrowser browser = new();
-                var browserResult = await browser.Login(loginUrl, redirectUrl);
-                if (browserResult.status != BrowserStatus.Success)
-                    _exception = new UnityException($"Failed to login with Google: {browserResult.status} | {browserResult.error}");
-                else
-                    _callbackUrl = browserResult.callbackUrl;
-            }
-            catch (Exception e)
-            {
-                _exception = e;
-            }
+            string loginUrl = await GetLoginLink(authProviderStr);
 
-            await new WaitUntil(() => _callbackUrl != null || _exception != null);
-            if (_exception != null)
-                throw _exception;
+            string redirectUrl = Application.isMobilePlatform ? _customScheme : "http://localhost:8789/";
+            CrossPlatformBrowser browser = new();
+            var browserResult = await browser.Login(loginUrl, redirectUrl);
+            if (browserResult.status != BrowserStatus.Success)
+                _exception = new UnityException($"Failed to login with {authProviderStr}: {browserResult.status} | {browserResult.error}");
+            else
+                _callbackUrl = browserResult.callbackUrl;
+
+            await new WaitUntil(() => _callbackUrl != null);
 
             string decodedUrl = HttpUtility.UrlDecode(_callbackUrl);
             Uri uri = new(decodedUrl);
             string queryString = uri.Query;
             var queryDict = HttpUtility.ParseQueryString(queryString);
             string authResultJson = queryDict["authResult"];
-            var user = await _embeddedWallet.SignInWithGoogleAsync(authResultJson);
-            return user;
+
+            bool needsRecoveryCode = await _embeddedWallet.IsRecoveryCodeNeededAsync(authResultJson);
+
+            if (needsRecoveryCode)
+            {
+                SubmitButton.onClick.AddListener(() => OnSubmitRecoveryOauth(authProviderStr, authResultJson));
+                DisplayRecoveryInput(true);
+            }
+            else
+            {
+                try
+                {
+                    var res = await _embeddedWallet.SignInWithOauth(authProviderStr, authResultJson, null);
+                    _user = res.User;
+                }
+                catch (Exception e)
+                {
+                    _exception = e;
+                }
+            }
         }
 
-        private async Task<string> GetLoginLink(string authProvider = "Google")
+        private async void OnSubmitRecoveryOauth(string authProviderStr, string authResult)
+        {
+            try
+            {
+                string recoveryCode = RecoveryInput.text;
+                var res = await _embeddedWallet.SignInWithOauth(authProviderStr, authResult, recoveryCode);
+                _user = res.User;
+                ShowRecoveryCodes(res);
+            }
+            catch (Exception e)
+            {
+                _exception = e;
+            }
+        }
+
+        private async Task<string> GetLoginLink(string authProvider)
         {
             string loginUrl = await _embeddedWallet.FetchHeadlessOauthLoginLinkAsync(authProvider);
             string platform = "unity";
             string redirectUrl = UnityWebRequest.EscapeURL(Application.isMobilePlatform ? _customScheme : "http://localhost:8789/");
             string developerClientId = UnityWebRequest.EscapeURL(ThirdwebManager.Instance.SDK.session.Options.clientId);
-            return $"{loginUrl}?platform={platform}&redirectUrl={redirectUrl}&developerClientId={developerClientId}";
+            return $"{loginUrl}?platform={platform}&redirectUrl={redirectUrl}&developerClientId={developerClientId}&authOption={authProvider}";
         }
 
         #endregion
 
         #region Custom JWT Flow
 
-        private async Task<User> LoginWithCustomJwt(string jwtToken)
+        private async Task LoginWithCustomJwt(string jwtToken, string recoveryCode)
         {
-            try
-            {
-                return await _embeddedWallet.SignInWithJwtAuthAsync(jwtToken);
-            }
-            catch
+            var res = await _embeddedWallet.SignInWithJwtAuthAsync(jwtToken, recoveryCode);
+            _user = res.User;
+            ShowRecoveryCodes(res);
+        }
+
+        #endregion
+
+        #region Common
+
+        private void DisplayRecoveryInput(bool hideOtpInput)
+        {
+            if (hideOtpInput)
+                OTPInput.gameObject.SetActive(false);
+            RecoveryInput.gameObject.SetActive(true);
+            EmbeddedWalletCanvas.SetActive(true);
+        }
+
+        private void ShowRecoveryCodes(EmbeddedWallet.VerifyResult res)
+        {
+            if (res.MainRecoveryCode != null && res.WasEmailed.HasValue && res.WasEmailed.Value == false)
             {
-                throw;
+                List<string> recoveryCodes = new() { res.MainRecoveryCode };
+                if (res.BackupRecoveryCodes != null)
+                    recoveryCodes.AddRange(res.BackupRecoveryCodes);
+                string recoveryCodesString = string.Join("\n", recoveryCodes.Select((code, i) => $"{i + 1}. {code}"));
+                string message = $"Please save the following recovery codes in a safe place:\n\n{recoveryCodesString}";
+                ThirdwebDebug.Log(message);
+                RecoveryCodesText.text = message;
+                string messageToSave = JsonConvert.SerializeObject(recoveryCodes);
+                RecoveryCodesCopy.onClick.AddListener(() => GUIUtility.systemCopyBuffer = messageToSave);
+                RecoveryCodesCanvas.SetActive(true);
             }
         }