You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Mirrors the approach from https://github.com/worldcoin/oxide/pull/1050: android-id / ios-id clients should produce WorldID user agents, while existing World App clients stay on WorldApp.
Adds the Kotlin/Swift-accessible header value API needed for downstream apps to consume the WalletKit builder directly.
Scope note: WalletKit can now build the correct header for downstream and WalletKit-owned clients, but Authenticator.init_with_defaults / register_with_defaults still cannot inject it into internal world-id-core indexer/gateway requests until world-id-core exposes a user-agent/client hook.
Changes
Map android-id / ios-id client names to the WorldID user-agent product.
Keep all other client names mapped to WorldApp.
Add UserAgentBuilder helpers for app product selection and client-name/os-version suffixes.
Expose UserAgent.header_value() for FFI consumers so Android/iOS can pass the exact built header value.
Add user-agent coverage for World App and World ID Android/iOS formats, plus FFI header value access.
Downstream validation
Published org.world:walletkit:0.19.1-SNAPSHOT locally and integrated it in wld-android.
This PR now mirrors the oxide user-agent product mapping (android-id / ios-id -> WorldID, existing android / ios -> WorldApp) and exposes the built header value for FFI consumers so downstream apps can pass it to WalletKit-owned / app-owned HTTP paths.
During downstream Android integration, I noticed one remaining coverage question: WalletKit's init_with_defaults / register_with_defaults wrappers eventually call into world-id-core / world-id-authenticator, and that dependency currently creates its own reqwest::Client internally for indexer/gateway requests. There does not appear to be a user-agent/client hook WalletKit can pass through for those internal requests yet.
Do we want to keep this PR scoped to the WalletKit builder + FFI surface and follow up in world-id-core with a user-agent injection hook, then wire WalletKit defaults through it? Or should this PR be blocked until the world-id-core path can be covered too?
My lean is to keep this PR scoped and track the world-id-core hook as follow-up, because the hook belongs in that dependency boundary, but I want to make sure reviewers agree with that split.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
android-id/ios-idclients should produceWorldIDuser agents, while existing World App clients stay onWorldApp.Authenticator.init_with_defaults/register_with_defaultsstill cannot inject it into internalworld-id-coreindexer/gateway requests untilworld-id-coreexposes a user-agent/client hook.Changes
android-id/ios-idclient names to theWorldIDuser-agent product.WorldApp.UserAgentBuilderhelpers for app product selection andclient-name/os-versionsuffixes.UserAgent.header_value()for FFI consumers so Android/iOS can pass the exact built header value.Downstream validation
org.world:walletkit:0.19.1-SNAPSHOTlocally and integrated it inwld-android.android->WorldApp/<app-version> walletkit-core/<version> android/<os-version>android-id->WorldID/<app-version> walletkit-core/<version> android-id/<os-version>.devAndroid apps successfully on a connected Pixel 3 / Android 12 device.Testing Instructions
cargo fmt --checkcargo test -p walletkit-core user_agent --libcargo clippy -p walletkit-core --lib --tests -- -D warningsRUSTUP_HOME=~/.rustup CARGO_HOME=~/.cargo ./kotlin/local_kotlin.sh 0.19.1-SNAPSHOT./gradlew :walletKit:impl:connectedDebugAndroidTest -Pandroid.testInstrumentationRunnerArguments.class=com.world.walletkit.impl.WalletKitUserAgentInstrumentedTest./gradlew :app:assembleDevDebug :worldIdApp:assembleDevDebug :app:installDevDebug :worldIdApp:installDevDebug