Skip to content

feat(profile-sync-controller): add getCustomerServiceToken method and messenger action#9442

Merged
mathieuartu merged 3 commits into
mainfrom
feat/auth_cs_token
Jul 10, 2026
Merged

feat(profile-sync-controller): add getCustomerServiceToken method and messenger action#9442
mathieuartu merged 3 commits into
mainfrom
feat/auth_cs_token

Conversation

@mathieuartu

@mathieuartu mathieuartu commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Explanation

References

Related to: https://consensyssoftware.atlassian.net/browse/MUL-1982

Checklist

  • I've updated the test suite for new or updated code as appropriate
  • I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
  • I've communicated my changes to consumers by updating changelogs for packages I've changed
  • I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

Note

Medium Risk
Introduces a new authentication surface that mints audience-scoped tokens for support tooling; behavior follows existing token-exchange patterns but expands who can obtain CS credentials from the wallet.

Overview
Adds getCustomerServiceToken end-to-end so wallet clients can obtain a short-lived token for Customer Service tooling. The flow mirrors existing bearer-token APIs: resolve the SRP (optional entropySourceId), ensure sign-in and an unlocked wallet at the controller layer, obtain an OIDC access token (logging in if needed), then POST /api/v2/customer-service/token with Authorization: Bearer to exchange it for a customer-service–scoped access_token.

AuthenticationController exposes the method and registers AuthenticationController:getCustomerServiceToken on the messenger. The SDK adds CUSTOMER_SERVICE_TOKEN_URL, getCustomerServiceToken in services (with SignInError / RateLimitedError handling), and delegates from SRP and SIWE JWT bearer flows plus the auth facade. Tests and nock fixtures cover success, missing token, HTTP errors, rate limits, not signed in, locked wallet, and endpoint failure.

Reviewed by Cursor Bugbot for commit da16264. Bugbot is set up for automated code reviews on this repo. Configure here.

@mathieuartu mathieuartu self-assigned this Jul 9, 2026
@mathieuartu mathieuartu requested a review from a team as a code owner July 9, 2026 08:26
@mathieuartu mathieuartu requested a review from a team as a code owner July 9, 2026 08:26
Comment thread packages/profile-sync-controller/src/sdk/mocks/auth.ts Outdated
Comment thread packages/profile-sync-controller/src/sdk/authentication.ts
@mathieuartu mathieuartu added this pull request to the merge queue Jul 10, 2026
Merged via the queue into main with commit 27eedf6 Jul 10, 2026
421 checks passed
@mathieuartu mathieuartu deleted the feat/auth_cs_token branch July 10, 2026 09:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants