@better-auth/expo 1.6.15 → 1.6.17

package/dist/client.d.ts

@@ -132,11 +132,6 @@ declare const expoClient: (opts: ExpoClientOptions) => {
     init(url: string, options: ({
       priority?: RequestPriority | undefined;
       method?: string | undefined;
-      headers?: (HeadersInit & (HeadersInit | {
-        accept: "application/json" | "text/plain" | "application/octet-stream";
-        "content-type": "application/json" | "text/plain" | "application/x-www-form-urlencoded" | "multipart/form-data" | "application/octet-stream";
-        authorization: "Bearer" | "Basic";
-      })) | undefined;
       redirect?: RequestRedirect | undefined;
       window?: null | undefined;
       cache?: RequestCache | undefined;
@@ -172,6 +167,12 @@ declare const expoClient: (opts: ExpoClientOptions) => {
         prefix: string | (() => string | undefined) | undefined;
         value: string | (() => string | undefined) | undefined;
       }) | undefined;
+      headers?: {} | {
+        [x: string]: string | undefined;
+        accept?: ((string & {}) | "application/json" | "text/plain" | "application/octet-stream") | undefined;
+        "content-type"?: ((string & {}) | "application/json" | "text/plain" | "application/octet-stream" | "application/x-www-form-urlencoded" | "multipart/form-data") | undefined;
+        authorization?: ((string & {}) | `Bearer ${string}` | `Basic ${string}`) | undefined;
+      } | undefined;
       body?: any;
       query?: any;
       params?: any;

package/dist/client.js

@@ -1,4 +1,4 @@
-import { t as PACKAGE_VERSION } from "./version-CdUF4nQi.js";
+import { t as PACKAGE_VERSION } from "./version-FMOwlXga.js";
 import { safeJSONParse } from "@better-auth/core/utils/json";
 import { SECURE_COOKIE_PREFIX, parseSetCookieHeader, parseSetCookieHeader as parseSetCookieHeader$1, stripSecureCookiePrefix } from "better-auth/cookies";
 import Constants from "expo-constants";
@@ -254,6 +254,16 @@ const expoClient = (opts) => {
 	const storage = storageAdapter(opts?.storage);
 	const isWeb = Platform.OS === "web";
 	const cookiePrefix = opts?.cookiePrefix || "better-auth";
+	const clearSessionCache = async () => {
+		await storage.setItem(cookieName, "{}");
+		store?.atoms.session?.set({
+			...store.atoms.session.get(),
+			data: null,
+			error: null,
+			isPending: false
+		});
+		await storage.setItem(localCacheName, "{}");
+	};
 	const rawScheme = opts?.scheme || Constants.expoConfig?.scheme || Constants.platform?.scheme;
 	const scheme = Array.isArray(rawScheme) ? rawScheme[0] : rawScheme;
 	if (!scheme && !isWeb) throw new Error("Scheme not found in app.json. Please provide a scheme in the options.");
@@ -298,6 +308,7 @@ const expoClient = (opts) => {
 					const data = context.data;
 					await storage.setItem(localCacheName, JSON.stringify(data));
 				}
+				if (context.request.url.toString().includes("/sign-out")) await clearSessionCache();
 				if (context.data?.redirect && (context.request.url.toString().includes("/sign-in") || context.request.url.toString().includes("/link-social")) && !context.request?.body.includes("idToken")) {
 					const to = JSON.parse(context.request.body)?.callbackURL;
 					const signInURL = context.data?.url;
@@ -334,11 +345,14 @@ const expoClient = (opts) => {
 				};
 				options = options || {};
 				options.credentials = "omit";
-				if (options.body?.idToken !== void 0) options.headers = {
-					...options.headers,
-					"x-skip-oauth-proxy": "true"
-				};
-				else {
+				if (options.body?.idToken !== void 0) {
+					const cookie = url.includes("/link-social") ? getCookie(storage.getItem(cookieName) || "{}") : "";
+					options.headers = {
+						...options.headers,
+						...cookie ? { cookie } : {},
+						"x-skip-oauth-proxy": "true"
+					};
+				} else {
 					const cookie = getCookie(storage.getItem(cookieName) || "{}");
 					options.headers = {
 						...options.headers,
@@ -364,16 +378,7 @@ const expoClient = (opts) => {
 							options.body.errorCallbackURL = url;
 						}
 					}
-					if (url.includes("/sign-out")) {
-						await storage.setItem(cookieName, "{}");
-						store?.atoms.session?.set({
-							...store.atoms.session.get(),
-							data: null,
-							error: null,
-							isPending: false
-						});
-						await storage.setItem(localCacheName, "{}");
-					}
+					if (url.includes("/sign-out")) await clearSessionCache();
 				}
 				return {
 					url,

package/dist/index.js

@@ -1,4 +1,4 @@
-import { t as PACKAGE_VERSION } from "./version-CdUF4nQi.js";
+import { t as PACKAGE_VERSION } from "./version-FMOwlXga.js";
 import { createAuthMiddleware } from "@better-auth/core/api";
 import { HIDE_METADATA } from "better-auth";
 import { APIError, createAuthEndpoint } from "better-auth/api";
@@ -12,14 +12,22 @@ const expoAuthorizationProxy = createAuthEndpoint("/expo-authorization-proxy", {
 	}),
 	metadata: HIDE_METADATA
 }, async (ctx) => {
+	const { authorizationURL } = ctx.query;
+	if (authorizationURL.includes("#")) throw new APIError("BAD_REQUEST", { message: "Invalid authorizationURL" });
+	let url;
+	try {
+		url = new URL(authorizationURL);
+	} catch {
+		throw new APIError("BAD_REQUEST", { message: "Invalid authorizationURL" });
+	}
+	if (url.protocol !== "https:" || url.origin === new URL(ctx.context.baseURL).origin) throw new APIError("BAD_REQUEST", { message: "Invalid authorizationURL" });
 	const { oauthState } = ctx.query;
 	if (oauthState) {
 		const oauthStateCookie = ctx.context.createAuthCookie("oauth_state", { maxAge: 600 });
 		ctx.setCookie(oauthStateCookie.name, oauthState, oauthStateCookie.attributes);
-		return ctx.redirect(ctx.query.authorizationURL);
+		return ctx.redirect(authorizationURL);
 	}
-	const { authorizationURL } = ctx.query;
-	const state = new URL(authorizationURL).searchParams.get("state");
+	const state = url.searchParams.get("state");
 	if (!state) throw new APIError("BAD_REQUEST", { message: "Unexpected error" });
 	const stateCookie = ctx.context.createAuthCookie("state", { maxAge: 300 });
 	await ctx.setSignedCookie(stateCookie.name, state, ctx.context.secret, stateCookie.attributes);

package/dist/plugins/index.js

@@ -1,4 +1,4 @@
-import { t as PACKAGE_VERSION } from "../version-CdUF4nQi.js";
+import { t as PACKAGE_VERSION } from "../version-FMOwlXga.js";
 //#region src/plugins/last-login-method.ts
 const paths = [
 	"/callback/",

package/dist/{version-CdUF4nQi.js → version-FMOwlXga.js}

@@ -1,5 +1,5 @@
 //#endregion
 //#region src/version.ts
-const PACKAGE_VERSION = "1.6.15";
+const PACKAGE_VERSION = "1.6.17";
 //#endregion
 export { PACKAGE_VERSION as t };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/expo",
-  "version": "1.6.15",
+  "version": "1.6.17",
   "description": "Better Auth integration for Expo and React Native applications.",
   "type": "module",
   "license": "MIT",
@@ -58,28 +58,28 @@
     }
   },
   "dependencies": {
-    "@better-fetch/fetch": "1.1.21",
-    "better-call": "1.3.5",
+    "@better-fetch/fetch": "1.3.0",
+    "better-call": "1.3.6",
     "zod": "^4.3.6"
   },
   "devDependencies": {
-    "@better-fetch/fetch": "1.1.21",
+    "@better-fetch/fetch": "1.3.0",
     "expo-constants": "~55.0.7",
     "expo-linking": "~55.0.7",
     "expo-network": "~55.0.8",
     "expo-web-browser": "~55.0.9",
     "react-native": "~0.84.1",
     "tsdown": "0.21.1",
-    "@better-auth/core": "1.6.15",
-    "better-auth": "1.6.15"
+    "@better-auth/core": "1.6.17",
+    "better-auth": "1.6.17"
   },
   "peerDependencies": {
     "expo-constants": ">=17.0.0",
     "expo-linking": ">=7.0.0",
     "expo-network": ">=8.0.7",
     "expo-web-browser": ">=14.0.0",
-    "@better-auth/core": "^1.6.15",
-    "better-auth": "^1.6.15"
+    "@better-auth/core": "^1.6.17",
+    "better-auth": "^1.6.17"
   },
   "peerDependenciesMeta": {
     "expo-constants": {