Skip to content

chore/twitter-google-account-linking#701

Draft
Frederick-88 wants to merge 2 commits into
masterfrom
chore/twitter-google-account-linking
Draft

chore/twitter-google-account-linking#701
Frederick-88 wants to merge 2 commits into
masterfrom
chore/twitter-google-account-linking

Conversation

@Frederick-88

@Frederick-88 Frederick-88 commented Jul 10, 2026

Copy link
Copy Markdown
Collaborator

Summary by CodeRabbit

  • New Features
    • Added the ability to fetch the currently linked OAuth providers for the active session.
    • Expanded OAuth login and OAuth2 response types to more precisely represent authenticated, confirmation, and linking outcomes.
    • Added public exports for the new OAuth-related types to broaden the module’s available interface.
  • Bug Fixes
    • Improved validation for OAuth results by requiring a credential bundle and throwing a clear error when it’s missing.
    • Tightened OAuth2 exchange handling to ensure required session/organization details are present before completing login.

@Frederick-88 Frederick-88 changed the title chore: twitter x google account linking scenarios coverage chore/twitter-google-account-linking Jul 10, 2026
@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

The Turnkey wallet package now publicly exports strategy types and defines dedicated OAuth, OAuth2, and provider response types. OAuth login and confirmation flows use the updated contracts, validate required credentials, and return typed results. A new method resolves the active organization and user before retrieving linked OAuth providers.

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title is concise and relevant to the OAuth account-linking changes in this PR, even if it is broader than the code changes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/twitter-google-account-linking

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts (1)

428-436: 🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

confirmOAuth2 should return existing_account_detected too.
TurnkeyOAuth2Response already includes that status, and the payload carries credentialBundle and organizationId, but this branch currently falls through to loginWithSession. Add it to the early return and widen TurnkeyOAuth2ConfirmResponse to include TurnkeyExistingAccountDetectedResponse.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts` around lines
428 - 436, Update confirmOAuth2 to return early when response.data.status is
either link_required or existing_account_detected, and widen
TurnkeyOAuth2ConfirmResponse to include TurnkeyExistingAccountDetectedResponse
so the returned payload is correctly typed.
🧹 Nitpick comments (1)
packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts (1)

463-476: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Duplicated org/user resolution across linkOAuthProvider and getCurrentOauthProviders.

The getWhoamigetUsers single-user fallback block (Lines 463-476 and 497-510) is identical. Extract a private helper to keep the resolution logic in one place.

♻️ Suggested helper
+  private async resolveCurrentUserId(organizationId: string): Promise<string> {
+    const indexedDbClient = await this.getIndexedDbClient()
+    const user = await indexedDbClient.getWhoami({ organizationId })
+
+    if (user?.userId) {
+      return user.userId
+    }
+
+    const { users } = await indexedDbClient.getUsers({ organizationId })
+
+    if (users.length !== 1) {
+      throw new WalletException(
+        new Error('Unable to resolve current Turnkey user.'),
+      )
+    }
+
+    return users[0].userId
+  }

Both methods can then call const userId = await this.resolveCurrentUserId(organizationId) after the organizationId guard.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts` around lines
463 - 476, Extract the duplicated getWhoami-to-getUsers fallback from
linkOAuthProvider and getCurrentOauthProviders into a private
resolveCurrentUserId(organizationId) helper. Preserve the existing single-user
validation and WalletException behavior, then have both methods call the helper
after validating organizationId.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts`:
- Around line 428-436: Update confirmOAuth2 to return early when
response.data.status is either link_required or existing_account_detected, and
widen TurnkeyOAuth2ConfirmResponse to include
TurnkeyExistingAccountDetectedResponse so the returned payload is correctly
typed.

---

Nitpick comments:
In `@packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts`:
- Around line 463-476: Extract the duplicated getWhoami-to-getUsers fallback
from linkOAuthProvider and getCurrentOauthProviders into a private
resolveCurrentUserId(organizationId) helper. Preserve the existing single-user
validation and WalletException behavior, then have both methods call the helper
after validating organizationId.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a81e7b17-54d7-4557-ae9f-89e28dc42c31

📥 Commits

Reviewing files that changed from the base of the PR and between e385c60 and a63c009.

📒 Files selected for processing (4)
  • packages/wallets/wallet-turnkey/src/index.ts
  • packages/wallets/wallet-turnkey/src/strategy/turnkey/oauth.ts
  • packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts
  • packages/wallets/wallet-turnkey/src/strategy/types.ts

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts (1)

437-468: 🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

getOauthProviders isn’t a TurnkeyIndexedDbClient method — this call won’t type-check against @turnkey/sdk-browser 5.16.1. Use the supported Turnkey/API client path for fetching OAuth providers instead.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts` around lines
437 - 468, The getCurrentOauthProviders method calls unsupported
getOauthProviders on TurnkeyIndexedDbClient. Replace this call with the
supported Turnkey/API client method for retrieving OAuth providers, while
preserving organizationId and resolved userId handling and returning the
provider list.
🧹 Nitpick comments (1)
packages/wallets/wallet-turnkey/src/strategy/types.ts (1)

63-69: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Near-identical type name is error-prone: TurnkeyOauthProvider vs TurnkeyOAuthProvider.

This new object type differs from the existing provider identifier type TurnkeyOAuthProvider (used as a parameter type in confirmOAuth/confirmOAuth2/oauthLogin) only by the casing of "OAuth" vs "Oauth". They represent completely different concepts (a linked-provider record vs a provider selector), so this collision is very easy to mix up and hard to catch in review. Consider a clearer name such as TurnkeyLinkedOauthProvider.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/wallets/wallet-turnkey/src/strategy/types.ts` around lines 63 - 69,
Rename the new linked-provider object type TurnkeyOauthProvider to a distinct
name such as TurnkeyLinkedOauthProvider, updating all imports, exports,
annotations, and references while leaving the existing TurnkeyOAuthProvider
selector type unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts`:
- Around line 437-468: The getCurrentOauthProviders method calls unsupported
getOauthProviders on TurnkeyIndexedDbClient. Replace this call with the
supported Turnkey/API client method for retrieving OAuth providers, while
preserving organizationId and resolved userId handling and returning the
provider list.

---

Nitpick comments:
In `@packages/wallets/wallet-turnkey/src/strategy/types.ts`:
- Around line 63-69: Rename the new linked-provider object type
TurnkeyOauthProvider to a distinct name such as TurnkeyLinkedOauthProvider,
updating all imports, exports, annotations, and references while leaving the
existing TurnkeyOAuthProvider selector type unchanged.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c1c17990-cbc0-4df3-8805-dbc109f29539

📥 Commits

Reviewing files that changed from the base of the PR and between a63c009 and 357e063.

📒 Files selected for processing (3)
  • packages/wallets/wallet-turnkey/src/strategy/turnkey/oauth.ts
  • packages/wallets/wallet-turnkey/src/strategy/turnkey/turnkey.ts
  • packages/wallets/wallet-turnkey/src/strategy/types.ts

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant