Merged
Conversation
Contributor
Author
|
This PR depends on the citadel-server PR, https://github.com/Web3Auth/citadel-server/pull/32 and need to deploy the citadel before merging this. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
arch1995
reviewed
Mar 30, 2026
arch1995
reviewed
Mar 30, 2026
arch1995
reviewed
Mar 30, 2026
lwin-kyaw
force-pushed
the
feat/track-auth-flow
branch
from
d6295cf to
f10014c
Compare
arch1995
previously approved these changes
Mar 31, 2026
Contributor
Author
OAuth login initiated
OAuth login completed -> verification completed
OAuth login completed -> verification failed
|
chaitanyapotti
previously approved these changes
Mar 31, 2026
tuna1207
approved these changes
Mar 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Jira Link
https://consensyssoftware.atlassian.net/browse/EMBED-226
Description
This PR adds Citadel auth flow audit reporting around the share retrieval flow so auth-related events can be correlated with a shared
recordId. It also extends the public request interfaces to carry the analytics metadata needed for grouped and provider-based auth flows.Changes
CitadelAuthFlowAuditParamsandCitadelAuditParamsinsrc/helpers/citadelUtils.tsbuildAuditPayload()andcallAuditApi()to send audit data to the new/v1/user/auditendpointTorus.retrieveShares()to generate or reuse arecordIdacross the flowTorus.retrieveShares()to report auth flow audit events during the retrieve/login lifecyclerecordIdused during share retrievalTorus.importPrivateKey()to accept and reuse an optionalrecordIdVerifierParamswithsub_verifier_idsRetrieveSharesParamswithauthConnectionRetrieveSharesParamswithrecordIdImportKeyParamswithrecordIdHow has this been tested?
Screenshots (if appropriate)
Types of changes
Checklist
Note
Medium Risk
Adds new Citadel audit/allow tracking calls and propagates a shared
recordIdthrough share-retrieval/import flows, which introduces new network requests and changes request interfaces used by consumers.Overview
Adds Citadel auth-flow auditing around share retrieval by introducing a new
/v1/auth/auditPUTreport path and expanding the existing signerallowtracking to use explicit OAuth step flags.retrieveSharesandimportPrivateKeynow generate or reuse a caller-suppliedrecordIdand report verification success/failure via either the allow API (norecordIdprovided) or the new audit API (whenrecordIdis provided). Public interfaces are extended to carry analytics metadata (RetrieveSharesParams.authConnection,*.recordId, andVerifierParams.sub_verifier_ids).Written by Cursor Bugbot for commit c3c05b9. This will update automatically on new commits. Configure here.