From f7b68b028030f94736ab49c6825a0c09519f9bf8 Mon Sep 17 00:00:00 2001
From: David Philipson <david.philipson@gmail.com>
Date: Tue, 24 Sep 2024 15:40:44 -0700
Subject: [PATCH] feat: add auth0connection param

Allow users to set the `connection` query param when using Auth0, which
allows them to link directly to one particular auth method in Auth0
rather than a selection screen.
---
 account-kit/signer/src/client/index.ts |  4 ++++
 account-kit/signer/src/oauth.ts        | 10 ++++-----
 account-kit/signer/src/signer.ts       | 28 +++++++++++++++++++++-----
 3 files changed, 31 insertions(+), 11 deletions(-)

diff --git a/account-kit/signer/src/client/index.ts b/account-kit/signer/src/client/index.ts
index 47aff23b37..5f500c0017 100644
--- a/account-kit/signer/src/client/index.ts
+++ b/account-kit/signer/src/client/index.ts
@@ -483,6 +483,7 @@ export class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams>
     const {
       authProviderId,
       isCustomProvider,
+      auth0Connection,
       scope: providedScope,
       claims: providedClaims,
       mode,
@@ -547,6 +548,9 @@ export class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams>
     if (claims) {
       params.claims = claims;
     }
+    if (auth0Connection) {
+      params.connection = auth0Connection;
+    }
     authUrl.search = new URLSearchParams(params).toString();
     return authUrl.toString();
   };
diff --git a/account-kit/signer/src/oauth.ts b/account-kit/signer/src/oauth.ts
index 4e17617076..8338ffda59 100644
--- a/account-kit/signer/src/oauth.ts
+++ b/account-kit/signer/src/oauth.ts
@@ -1,4 +1,5 @@
 import { sha256 } from "viem";
+import type { KnownAuthProvider } from "./signer";
 
 /**
  * Turnkey requires the nonce in the id token to be in this format.
@@ -15,14 +16,11 @@ export type ScopeAndClaims = {
   claims?: string;
 };
 
-const DEFAULT_SCOPE_AND_CLAIMS: Record<string, ScopeAndClaims> = {
+const DEFAULT_SCOPE_AND_CLAIMS: Record<KnownAuthProvider, ScopeAndClaims> = {
   google: { scope: "openid email" },
   apple: { scope: "openid email" },
   facebook: { scope: "openid email" },
-  twitch: {
-    scope: "openid user:read:email",
-    claims: JSON.stringify({ id_token: { email: null } }),
-  },
+  auth0: { scope: "openid email" },
 };
 
 /**
@@ -32,7 +30,7 @@ const DEFAULT_SCOPE_AND_CLAIMS: Record<string, ScopeAndClaims> = {
  * @returns {ScopeAndClaims | undefined} default scope and claims
  */
 export function getDefaultScopeAndClaims(
-  knownAuthProviderId: string
+  knownAuthProviderId: KnownAuthProvider
 ): ScopeAndClaims | undefined {
   return DEFAULT_SCOPE_AND_CLAIMS[knownAuthProviderId];
 }
diff --git a/account-kit/signer/src/signer.ts b/account-kit/signer/src/signer.ts
index 6ab59cf6ef..c05dfb5e1d 100644
--- a/account-kit/signer/src/signer.ts
+++ b/account-kit/signer/src/signer.ts
@@ -27,19 +27,37 @@ export type AuthParams =
     }
   | ({
       type: "oauth";
-      authProviderId: string;
-      isCustomProvider?: boolean;
       scope?: string;
       claims?: string;
-    } & RedirectConfig)
+    } & OauthProviderConfig &
+      OauthRedirectConfig)
   | { type: "oauthReturn"; bundle: string; orgId: string };
 
-export type OauthMode = "redirect" | "popup";
+export type OauthProviderConfig =
+  | {
+      authProviderId: "auth0";
+      isCustomProvider?: false;
+      auth0Connection?: string;
+    }
+  | {
+      authProviderId: KnownAuthProvider;
+      isCustomProvider?: false;
+      auth0Connection?: never;
+    }
+  | {
+      authProviderId: string;
+      isCustomProvider: true;
+      auth0Connection?: never;
+    };
 
-export type RedirectConfig =
+export type OauthRedirectConfig =
   | { mode: "redirect"; redirectUrl: string }
   | { mode: "popup"; redirectUrl?: never };
 
+export type KnownAuthProvider = "google" | "apple" | "facebook" | "auth0";
+
+export type OauthMode = "redirect" | "popup";
+
 export const AlchemySignerParamsSchema = z
   .object({
     client: z