@authly/sdk 1.2.1 → 1.2.3

package/dist/globals/clients/AuthlyClient.d.ts

@@ -20,19 +20,23 @@ declare class AuthlyClient {
      */
     private readonly serviceId;
     /**
-     * @summary The issuer of the client.
+     * @summary The issuer of the client (for validation).
      */
     private readonly issuer;
     /**
-     * @summary The authorize path of the client.
+     * @summary The base URL for API requests.
+     */
+    private readonly baseUrl;
+    /**
+     * @summary The authorize path.
      */
     private readonly authorizePath;
     /**
-     * @summary The token path of the client.
+     * @summary The token path.
      */
     private readonly tokenPath;
     /**
-     * @summary The user info path of the client.
+     * @summary The user info path.
      */
     private readonly userInfoPath;
     /**

package/dist/globals/clients/AuthlyClient.js

@@ -23,19 +23,23 @@ class AuthlyClient {
      */
     serviceId;
     /**
-     * @summary The issuer of the client.
+     * @summary The issuer of the client (for validation).
      */
     issuer;
     /**
-     * @summary The authorize path of the client.
+     * @summary The base URL for API requests.
+     */
+    baseUrl;
+    /**
+     * @summary The authorize path.
      */
     authorizePath;
     /**
-     * @summary The token path of the client.
+     * @summary The token path.
      */
     tokenPath;
     /**
-     * @summary The user info path of the client.
+     * @summary The user info path.
      */
     userInfoPath;
     /**
@@ -56,6 +60,8 @@ class AuthlyClient {
      */
     constructor(options) {
         this.issuer = options.issuer.replace(/\/$/, "");
+        // Use baseUrl if provided, otherwise fallback to issuer
+        this.baseUrl = (options.baseUrl || this.issuer).replace(/\/$/, "");
         this.serviceId = options.serviceId;
         this.authorizePath = options.authorizePath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_AUTHORIZE_PATH;
         this.tokenPath = options.tokenPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_TOKEN_PATH;
@@ -68,7 +74,7 @@ class AuthlyClient {
         this.verifier = new JWTVerifier_1.JWTVerifier({
             issuer: this.issuer,
             audience: options.audience,
-            jwksUrl: `${this.issuer}${options.jwksPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_JWKS_PATH}`,
+            jwksUrl: `${this.baseUrl}${options.jwksPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_JWKS_PATH}`,
             algorithms: options.algorithms,
         });
     }
@@ -103,7 +109,7 @@ class AuthlyClient {
      * @returns The full authorization URL.
      */
     getAuthorizeUrl(options) {
-        const url = new URL(`${this.issuer}${this.authorizePath}`);
+        const url = new URL(`${this.baseUrl}${this.authorizePath}`);
         url.searchParams.set("client_id", this.serviceId);
         url.searchParams.set("redirect_uri", options.redirectUri);
         url.searchParams.set("response_type", options.responseType || "code");
@@ -174,7 +180,7 @@ class AuthlyClient {
      * @returns A promise that resolves to the new access token.
      */
     async refreshToken(refreshToken) {
-        const url = `${this.issuer}${this.tokenPath}`;
+        const url = `${this.baseUrl}${this.tokenPath}`;
         const body = {
             grant_type: "refresh_token",
             client_id: this.serviceId,
@@ -204,7 +210,7 @@ class AuthlyClient {
         if (!token)
             return null;
         const fetchInfo = async (currentBuffer) => {
-            return HttpClient_1.HttpClient.get(`${this.issuer}${this.userInfoPath}`, {
+            return HttpClient_1.HttpClient.get(`${this.baseUrl}${this.userInfoPath}`, {
                 headers: {
                     Authorization: `Bearer ${currentBuffer}`,
                 },
@@ -239,6 +245,7 @@ class AuthlyClient {
             const decoded = (0, jose_1.decodeJwt)(token);
             if (!decoded.exp)
                 return true;
+            // Check if token is expired with a 10s buffer
             const now = Math.floor(Date.now() / 1000);
             return decoded.exp > now + 10;
         }
@@ -263,7 +270,7 @@ class AuthlyClient {
      * @returns A promise that resolves to the token response.
      */
     async exchangeCodeForToken(code, redirectUri, codeVerifier) {
-        const url = `${this.issuer}${this.tokenPath}`;
+        const url = `${this.baseUrl}${this.tokenPath}`;
         const body = {
             grant_type: "authorization_code",
             client_id: this.serviceId,

package/dist/models/globals/clients/interfaces/IAuthlyClientOptions.d.ts

@@ -5,9 +5,16 @@ import type { IAuthlyStorage } from "./IAuthlyStorage";
 interface IAuthlyClientOptions {
     /**
      * @summary The base URL of the identity provider.
+     * @description Used for token validation (iss claim). If baseUrl is not provided, it is also used for API requests.
      * @example "https://auth.example.com"
      */
     readonly issuer: string;
+    /**
+     * @summary The base URL for API requests (optional).
+     * @description Use this if your API is hosted on a different URL than the issuer (e.g. localhost vs production domain).
+     * @example "http://localhost:8000"
+     */
+    readonly baseUrl?: string;
     /**
      * @summary The expected audience claim (aud) in the token.
      * @example "https://app.example.com"
@@ -29,25 +36,25 @@ interface IAuthlyClientOptions {
      */
     readonly storage?: IAuthlyStorage;
     /**
-     * @summary The path to the JWKS endpoint relative to the issuer.
+     * @summary The path to the JWKS endpoint relative to the baseUrl.
      * @example "/.well-known/jwks.json"
      * @default "/.well-known/jwks.json"
      */
     readonly jwksPath?: string;
     /**
-     * @summary The path to the authorize endpoint relative to the issuer.
+     * @summary The path to the authorize endpoint relative to the baseUrl.
      * @example "/v1/oauth/authorize"
-     * @default "/authorize"
+     * @default "/v1/oauth/authorize"
      */
     readonly authorizePath?: string;
     /**
-     * @summary The path to the token endpoint relative to the issuer.
+     * @summary The path to the token endpoint relative to the baseUrl.
      * @example "/v1/oauth/token"
-     * @default "/oauth/token"
+     * @default "/v1/oauth/token"
      */
     readonly tokenPath?: string;
     /**
-     * @summary The path to the user info endpoint relative to the issuer.
+     * @summary The path to the user info endpoint relative to the baseUrl.
      * @example "/v1/oauth/userinfo"
      * @default "/v1/oauth/userinfo"
      */

package/dist/react/AuthlyCallback.js

@@ -1,4 +1,5 @@
 "use strict";
+"use client";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthlyCallback = void 0;
 const jsx_runtime_1 = require("react/jsx-runtime");
@@ -15,11 +16,15 @@ const AuthlyCallback = ({ onSuccess = "/", onFailure = "/login", navigate }) =>
             const params = new URLSearchParams(window.location.search);
             const code = params.get("code");
             const state = params.get("state");
+            console.log("[AuthlyCallback] Processing callback...", { code: !!code, state: !!state });
             if (!code || !state) {
+                console.warn("[AuthlyCallback] Missing code or state parameters.");
                 return;
             }
             try {
+                console.log("[AuthlyCallback] Exchanging token...");
                 await client.exchangeToken(params);
+                console.log("[AuthlyCallback] Token exchanged successfully.");
                 await refresh();
                 if (navigate) {
                     navigate(onSuccess);

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@authly/sdk",
     "description": "A library for building authentication systems using Authly.",
-    "version": "1.2.1",
+    "version": "1.2.3",
     "author": {
         "name": "Anvoria",
         "url": "https://github.com/Anvoria"