@appboxo/web-sdk 1.0.6 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +87 -8
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -40,14 +40,19 @@ const sdk = new AppboxoWebSDK({
|
|
|
40
40
|
userId?: string; // Optional, user reference identifier
|
|
41
41
|
baseUrl?: string; // Optional, default: "https://dashboard.appboxo.com/api/v1"
|
|
42
42
|
debug?: boolean; // Optional, default: false
|
|
43
|
-
onGetAuthCode?: () => Promise<string>; // Optional, for automatic auth code retrieval
|
|
43
|
+
onGetAuthCode?: () => Promise<string>; // Optional, for automatic auth code retrieval (OAuth)
|
|
44
|
+
onGetAuthTokens?: () => Promise<LoginResponse>; // Optional, for Boxo Connect Direct
|
|
44
45
|
onPaymentRequest?: (params: PaymentRequest) => Promise<PaymentResponse>; // Optional, for handling payment requests
|
|
45
46
|
});
|
|
46
47
|
```
|
|
47
48
|
|
|
48
49
|
### Authentication
|
|
49
50
|
|
|
50
|
-
|
|
51
|
+
The SDK supports two authentication methods: **Boxo Connect OAuth** and **Boxo Connect Direct**.
|
|
52
|
+
|
|
53
|
+
#### Boxo Connect OAuth
|
|
54
|
+
|
|
55
|
+
Traditional OAuth 2.0 flow where the host app backend provides auth codes and access tokens to the Boxo Platform.
|
|
51
56
|
|
|
52
57
|
**1. Set auth code explicitly**
|
|
53
58
|
|
|
@@ -68,11 +73,74 @@ const sdk = new AppboxoWebSDK({
|
|
|
68
73
|
});
|
|
69
74
|
```
|
|
70
75
|
|
|
71
|
-
The SDK will try
|
|
72
|
-
|
|
76
|
+
The SDK will try OAuth methods in this order:
|
|
73
77
|
1. Explicitly set auth code
|
|
74
|
-
2. Callback function
|
|
75
|
-
3. Mock auth code (fallback)
|
|
78
|
+
2. Callback function (`onGetAuthCode`)
|
|
79
|
+
3. Mock auth code (fallback for testing)
|
|
80
|
+
|
|
81
|
+
#### Boxo Connect Direct
|
|
82
|
+
|
|
83
|
+
Direct authentication flow where the host app backend calls Boxo Dashboard connect endpoint to get miniapp tokens, then provides them directly to the SDK.
|
|
84
|
+
|
|
85
|
+
**1. Use `onAuth` lifecycle hook (Recommended)**
|
|
86
|
+
|
|
87
|
+
```typescript
|
|
88
|
+
const sdk = new AppboxoWebSDK({
|
|
89
|
+
clientId: "your-client-id",
|
|
90
|
+
appId: "your-app-id"
|
|
91
|
+
});
|
|
92
|
+
|
|
93
|
+
// onAuth hook is triggered when miniapp calls login()
|
|
94
|
+
sdk.onAuth(async () => {
|
|
95
|
+
// Your backend calls Boxo Dashboard connect endpoint to get miniapp tokens
|
|
96
|
+
const response = await fetch('/api/get-miniapp-tokens', {
|
|
97
|
+
headers: { 'Authorization': `Bearer ${yourHostAppToken}` }
|
|
98
|
+
});
|
|
99
|
+
const tokens = await response.json();
|
|
100
|
+
|
|
101
|
+
// Set tokens directly
|
|
102
|
+
sdk.setAuthTokens(tokens.access_token, tokens.refresh_token);
|
|
103
|
+
});
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
**2. Use `onGetAuthTokens` callback**
|
|
107
|
+
|
|
108
|
+
```typescript
|
|
109
|
+
const sdk = new AppboxoWebSDK({
|
|
110
|
+
clientId: "your-client-id",
|
|
111
|
+
appId: "your-app-id",
|
|
112
|
+
onGetAuthTokens: async () => {
|
|
113
|
+
const response = await fetch('/api/get-miniapp-tokens', {
|
|
114
|
+
headers: { 'Authorization': `Bearer ${yourHostAppToken}` }
|
|
115
|
+
});
|
|
116
|
+
const result = await response.json();
|
|
117
|
+
return {
|
|
118
|
+
token: result.access_token,
|
|
119
|
+
refresh_token: result.refresh_token
|
|
120
|
+
};
|
|
121
|
+
}
|
|
122
|
+
});
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
**3. Pre-set tokens before login**
|
|
126
|
+
|
|
127
|
+
```typescript
|
|
128
|
+
const sdk = new AppboxoWebSDK({
|
|
129
|
+
clientId: "your-client-id",
|
|
130
|
+
appId: "your-app-id"
|
|
131
|
+
});
|
|
132
|
+
|
|
133
|
+
// If you already have tokens, set them before miniapp calls login()
|
|
134
|
+
const tokens = await getTokensFromBackend();
|
|
135
|
+
sdk.setAuthTokens(tokens.access_token, tokens.refresh_token);
|
|
136
|
+
```
|
|
137
|
+
|
|
138
|
+
**Authentication Priority Order:**
|
|
139
|
+
|
|
140
|
+
When the miniapp calls `login()`, the SDK will try these methods in order:
|
|
141
|
+
1. Pre-set tokens (via `setAuthTokens()`)
|
|
142
|
+
2. `onGetAuthTokens` callback
|
|
143
|
+
3. OAuth flow (`setAuthCode()` or `onGetAuthCode` callback)
|
|
76
144
|
|
|
77
145
|
### Payment Processing
|
|
78
146
|
|
|
@@ -115,7 +183,9 @@ Note: When `onPaymentRequest` is set, the SDK automatically tells the miniapp it
|
|
|
115
183
|
|
|
116
184
|
| Method | Description |
|
|
117
185
|
|--------|-------------|
|
|
118
|
-
| `setAuthCode(code)` | Set authentication code |
|
|
186
|
+
| `setAuthCode(code)` | Set authentication code (OAuth) |
|
|
187
|
+
| `setAuthTokens(token, refreshToken?)` | Set authentication tokens directly (Boxo Connect Direct) |
|
|
188
|
+
| `onAuth(callback)` | Register lifecycle hook for authentication (Boxo Connect Direct) |
|
|
119
189
|
| `mount(config)` | Create iframe and initialize SDK |
|
|
120
190
|
| `setIframe(iframe)` | Set iframe element manually |
|
|
121
191
|
| `initialize()` | Start listening for events |
|
|
@@ -165,7 +235,16 @@ function App() {
|
|
|
165
235
|
},
|
|
166
236
|
});
|
|
167
237
|
|
|
168
|
-
|
|
238
|
+
// Boxo Connect OAuth
|
|
239
|
+
// s.setAuthCode("your-auth-code");
|
|
240
|
+
|
|
241
|
+
// Boxo Connect Direct - onAuth hook
|
|
242
|
+
s.onAuth(async () => {
|
|
243
|
+
const response = await fetch('/api/get-miniapp-tokens');
|
|
244
|
+
const tokens = await response.json();
|
|
245
|
+
s.setAuthTokens(tokens.access_token, tokens.refresh_token);
|
|
246
|
+
});
|
|
247
|
+
|
|
169
248
|
s.onLoginComplete((success, data) => {
|
|
170
249
|
console.log('Login:', success ? 'success' : 'failed', data);
|
|
171
250
|
});
|