feat: pair social login to profile sync

eslint-suppressions.json

@@ -2057,11 +2057,6 @@
       "count": 2
     }
   },
-  "packages/seedless-onboarding-controller/src/assertions.ts": {
-    "no-restricted-syntax": {
-      "count": 10
-    }
-  },
   "packages/seedless-onboarding-controller/src/errors.ts": {
     "no-restricted-syntax": {
       "count": 4

packages/seedless-onboarding-controller/CHANGELOG.md

@@ -19,6 +19,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Add `SecretMetadata.matchesType` static method for checking if metadata matches a given type ([#7284](https://github.com/MetaMask/core/pull/7284))
 - Re-export `EncAccountDataType` from `@metamask/toprf-secure-backup` ([#7284](https://github.com/MetaMask/core/pull/7284))
 - Add third generic type parameter `EncryptionResult` to `SeedlessOnboardingController` and `SeedlessOnboardingControllerOptions`, constrained by `EncryptionResultConstraint` and defaulting to `DefaultEncryptionResult`, so the vault `encryptor` matches the full `Encryptor` typing from `@metamask/keyring-controller` ([#8411](https://github.com/MetaMask/core/pull/8411))
+- Add Telegram profile-pairing support with `pairProfileServiceWithSocialLogin`, including `AuthConnection.Telegram`, new token/error types, and encrypted-vault storage for `profilePairingToken` ([#8652](https://github.com/MetaMask/core/pull/8652))
+- Add new non-persisted value, `profilePairingToken` to controller state. ([#8652](https://github.com/MetaMask/core/pull/8652))
+  - `authenticate` will also accept the `profilePairingToken` in the params and save it to state.
+- Add optional `profilePairingStatus` to `SocialBackupsMetadata` so profile-pairing state is stored alongside the primary social backup metadata. ([#8652](https://github.com/MetaMask/core/pull/8652))
+  - `pairProfileServiceWithSocialLogin` updates the primary social backup metadata entry instead of storing a top-level controller state value.
 
 ### Changed
 
@@ -35,6 +40,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - **BREAKING:** Remove `version` getter from `SecretMetadata`; use `storageVersion` instead ([#7284](https://github.com/MetaMask/core/pull/7284))
 - Bump `@metamask/base-controller` from `^9.0.1` to `^9.1.0` ([#8457](https://github.com/MetaMask/core/pull/8457))
 - **BREAKING:** Remove `VaultEncryptor` type alias; use `Encryptor` from `@metamask/keyring-controller` with encryption key, key derivation params, and encryption result types ([#8411](https://github.com/MetaMask/core/pull/8411))
+- **BREAKING:** Constructor now require `fetchFunction` and `profilePairingEndpoint` in `SeedlessOnboardingControllerOptions` so the controller can pair social logins with the profile sync service ([#8652](https://github.com/MetaMask/core/pull/8652))
+  - Consumers constructing `SeedlessOnboardingController` must now provide the HTTP transport and profile pairing endpoint URL
 
 ### Fixed
 

packages/seedless-onboarding-controller/src/SeedlessOnboardingController-method-action-types.ts

@@ -35,6 +35,7 @@ export type SeedlessOnboardingControllerPreloadToprfNodeDetailsAction = {
  * @param params.accessToken - Access token for pairing with profile sync auth service and to access other services.
  * @param params.metadataAccessToken - Metadata access token for accessing the metadata service before the vault is created or unlocked.
  * @param params.skipLock - Optional flag to skip acquiring the controller lock. (to prevent deadlock in case the caller already acquired the lock)
+ * @param params.profilePairingToken - The profile pairing token used to pair the user social profile with the profile sync auth service later after the onboarding is complete.
  * @returns A promise that resolves to the authentication result.
  */
 export type SeedlessOnboardingControllerAuthenticateAction = {
@@ -165,6 +166,18 @@ export type SeedlessOnboardingControllerSetLockedAction = {
   handler: SeedlessOnboardingController['setLocked'];
 };
 
+/**
+ * Pair the user social profile with the profile sync auth service.
+ *
+ * @param profileSvcToken - The token from the profile service to pair the user social profile with the profile sync auth service.
+ * @returns A promise that resolves to the success of the operation.
+ */
+export type SeedlessOnboardingControllerPairProfileServiceWithSocialLoginAction =
+  {
+    type: `SeedlessOnboardingController:pairProfileServiceWithSocialLogin`;
+    handler: SeedlessOnboardingController['pairProfileServiceWithSocialLogin'];
+  };
+
 /**
  * Sync the latest global password to the controller.
  * reset vault with latest globalPassword,
@@ -357,6 +370,7 @@ export type SeedlessOnboardingControllerMethodActions =
   | SeedlessOnboardingControllerGetSecretDataBackupStateAction
   | SeedlessOnboardingControllerSubmitPasswordAction
   | SeedlessOnboardingControllerSetLockedAction
+  | SeedlessOnboardingControllerPairProfileServiceWithSocialLoginAction
   | SeedlessOnboardingControllerSyncLatestGlobalPasswordAction
   | SeedlessOnboardingControllerSubmitGlobalPasswordAction
   | SeedlessOnboardingControllerCheckIsPasswordOutdatedAction