npm - @blackcode_sa/metaestetics-api - Versions diffs - 1.12.12 → 1.12.13 - Mend

@blackcode_sa/metaestetics-api 1.12.12 → 1.12.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.d.mts +0 -21
package/dist/index.d.ts +0 -21
package/dist/index.js +7 -124
package/dist/index.mjs +7 -124
package/package.json +1 -1
package/src/services/auth/auth.service.ts +10 -162

package/dist/index.d.mts CHANGED Viewed

@@ -6191,17 +6191,6 @@ declare class AuthService extends BaseService {
      * @returns The signed-in or newly created user.
      */
     signInWithGoogleIdToken(idToken: string, initialRole?: UserRole): Promise<User>;
-    /**
-     * Signs in a user with a Google authorization code from a mobile client.
-     * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-     * with the platform-specific client ID (no client secret needed for native apps).
-     * @param authorizationCode - The Google authorization code obtained from the mobile app.
-     * @param redirectUri - The redirect URI used in the OAuth flow.
-     * @param clientId - The platform-specific Google OAuth client ID.
-     * @param initialRole - The role to assign to the user if they are being created.
-     * @returns The signed-in or newly created user.
-     */
-    signInWithGoogleAuthCode(authorizationCode: string, redirectUri: string, clientId: string, initialRole?: UserRole): Promise<User>;
     /**
      * Links a Google account to the currently signed-in user using an ID token.
      * This is used to upgrade an anonymous user or to allow an existing user
@@ -6210,16 +6199,6 @@ declare class AuthService extends BaseService {
      * @returns The updated user profile.
      */
     linkGoogleAccount(idToken: string): Promise<User>;
-    /**
-     * Links a Google account to the currently signed-in user using an authorization code.
-     * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-     * with the platform-specific client ID, then links the Google account to the current user.
-     * @param authorizationCode - The Google authorization code obtained from the mobile app.
-     * @param redirectUri - The redirect URI used in the OAuth flow.
-     * @param clientId - The platform-specific Google OAuth client ID.
-     * @returns The updated user profile.
-     */
-    linkGoogleAccountWithAuthCode(authorizationCode: string, redirectUri: string, clientId: string): Promise<User>;
 }
 /**

package/dist/index.d.ts CHANGED Viewed

@@ -6191,17 +6191,6 @@ declare class AuthService extends BaseService {
      * @returns The signed-in or newly created user.
      */
     signInWithGoogleIdToken(idToken: string, initialRole?: UserRole): Promise<User>;
-    /**
-     * Signs in a user with a Google authorization code from a mobile client.
-     * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-     * with the platform-specific client ID (no client secret needed for native apps).
-     * @param authorizationCode - The Google authorization code obtained from the mobile app.
-     * @param redirectUri - The redirect URI used in the OAuth flow.
-     * @param clientId - The platform-specific Google OAuth client ID.
-     * @param initialRole - The role to assign to the user if they are being created.
-     * @returns The signed-in or newly created user.
-     */
-    signInWithGoogleAuthCode(authorizationCode: string, redirectUri: string, clientId: string, initialRole?: UserRole): Promise<User>;
     /**
      * Links a Google account to the currently signed-in user using an ID token.
      * This is used to upgrade an anonymous user or to allow an existing user
@@ -6210,16 +6199,6 @@ declare class AuthService extends BaseService {
      * @returns The updated user profile.
      */
     linkGoogleAccount(idToken: string): Promise<User>;
-    /**
-     * Links a Google account to the currently signed-in user using an authorization code.
-     * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-     * with the platform-specific client ID, then links the Google account to the current user.
-     * @param authorizationCode - The Google authorization code obtained from the mobile app.
-     * @param redirectUri - The redirect URI used in the OAuth flow.
-     * @param clientId - The platform-specific Google OAuth client ID.
-     * @returns The updated user profile.
-     */
-    linkGoogleAccountWithAuthCode(authorizationCode: string, redirectUri: string, clientId: string): Promise<User>;
 }
 /**

package/dist/index.js CHANGED Viewed

@@ -10388,75 +10388,18 @@ var AuthService = class extends BaseService {
         console.log("[AUTH] Existing user found, returning profile:", existingUser.uid);
         return existingUser;
       }
-      console.log("[AUTH] No existing user found, creating new profile for:", firebaseUser.uid);
-      return this.userService.createUser(firebaseUser, [initialRole]);
+      console.log("[AUTH] No existing user found for Google account:", firebaseUser.email);
+      await (0, import_auth7.signOut)(this.auth);
+      throw new AuthError(
+        'No account found. Please complete registration by starting with "Get Started".',
+        "AUTH/USER_NOT_FOUND",
+        404
+      );
     } catch (error) {
       console.error("[AUTH] Error in signInWithGoogleIdToken:", error);
       throw handleFirebaseError(error);
     }
   }
-  /**
-   * Signs in a user with a Google authorization code from a mobile client.
-   * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-   * with the platform-specific client ID (no client secret needed for native apps).
-   * @param authorizationCode - The Google authorization code obtained from the mobile app.
-   * @param redirectUri - The redirect URI used in the OAuth flow.
-   * @param clientId - The platform-specific Google OAuth client ID.
-   * @param initialRole - The role to assign to the user if they are being created.
-   * @returns The signed-in or newly created user.
-   */
-  async signInWithGoogleAuthCode(authorizationCode, redirectUri, clientId, initialRole = "patient" /* PATIENT */) {
-    try {
-      console.log("[AUTH] Signing in with Google authorization code (native flow)");
-      console.log("[AUTH] Redirect URI:", redirectUri);
-      console.log("[AUTH] Code length:", authorizationCode.length);
-      if (!clientId) {
-        throw new Error("Google client ID is required for authorization code exchange");
-      }
-      console.log("[AUTH] Using client ID:", `${clientId.substring(0, 20)}...`);
-      const tokenEndpoint = "https://oauth2.googleapis.com/token";
-      const params = new URLSearchParams({
-        client_id: clientId,
-        code: authorizationCode,
-        grant_type: "authorization_code",
-        redirect_uri: redirectUri
-        // For native apps, we don't include client_secret
-      });
-      console.log("[AUTH] Making request to Google token endpoint...");
-      const response = await fetch(tokenEndpoint, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/x-www-form-urlencoded"
-        },
-        body: params.toString()
-      });
-      if (!response.ok) {
-        const errorText = await response.text();
-        console.error("[AUTH] Google token exchange failed:", {
-          status: response.status,
-          statusText: response.statusText,
-          error: errorText
-        });
-        throw new Error(`Google token exchange failed: ${response.status} - ${errorText}`);
-      }
-      const tokenData = await response.json();
-      console.log("[AUTH] Token exchange response received:", {
-        hasIdToken: !!tokenData.id_token,
-        hasAccessToken: !!tokenData.access_token,
-        hasRefreshToken: !!tokenData.refresh_token
-      });
-      if (!tokenData.id_token) {
-        console.error("[AUTH] No ID token in response:", tokenData);
-        throw new Error("No ID token received from Google token exchange");
-      }
-      console.log("[AUTH] Successfully obtained ID token from Google");
-      console.log("[AUTH] ID token length:", tokenData.id_token.length);
-      return await this.signInWithGoogleIdToken(tokenData.id_token, initialRole);
-    } catch (error) {
-      console.error("[AUTH] Error in signInWithGoogleAuthCode:", error);
-      throw handleFirebaseError(error);
-    }
-  }
   /**
    * Links a Google account to the currently signed-in user using an ID token.
    * This is used to upgrade an anonymous user or to allow an existing user
@@ -10490,66 +10433,6 @@ var AuthService = class extends BaseService {
       throw handleFirebaseError(error);
     }
   }
-  /**
-   * Links a Google account to the currently signed-in user using an authorization code.
-   * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-   * with the platform-specific client ID, then links the Google account to the current user.
-   * @param authorizationCode - The Google authorization code obtained from the mobile app.
-   * @param redirectUri - The redirect URI used in the OAuth flow.
-   * @param clientId - The platform-specific Google OAuth client ID.
-   * @returns The updated user profile.
-   */
-  async linkGoogleAccountWithAuthCode(authorizationCode, redirectUri, clientId) {
-    try {
-      console.log("[AUTH] Linking Google account with authorization code (native flow)");
-      console.log("[AUTH] Redirect URI:", redirectUri);
-      console.log("[AUTH] Code length:", authorizationCode.length);
-      if (!clientId) {
-        throw new Error("Google client ID is required for authorization code exchange");
-      }
-      console.log("[AUTH] Using client ID:", `${clientId.substring(0, 20)}...`);
-      const tokenEndpoint = "https://oauth2.googleapis.com/token";
-      const params = new URLSearchParams({
-        client_id: clientId,
-        code: authorizationCode,
-        grant_type: "authorization_code",
-        redirect_uri: redirectUri
-      });
-      console.log("[AUTH] Making request to Google token endpoint...");
-      const response = await fetch(tokenEndpoint, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/x-www-form-urlencoded"
-        },
-        body: params.toString()
-      });
-      if (!response.ok) {
-        const errorText = await response.text();
-        console.error("[AUTH] Google token exchange failed:", {
-          status: response.status,
-          statusText: response.statusText,
-          error: errorText
-        });
-        throw new Error(`Google token exchange failed: ${response.status} - ${errorText}`);
-      }
-      const tokenData = await response.json();
-      console.log("[AUTH] Token exchange response received:", {
-        hasIdToken: !!tokenData.id_token,
-        hasAccessToken: !!tokenData.access_token,
-        hasRefreshToken: !!tokenData.refresh_token
-      });
-      if (!tokenData.id_token) {
-        console.error("[AUTH] No ID token in response:", tokenData);
-        throw new Error("No ID token received from Google token exchange");
-      }
-      console.log("[AUTH] Successfully obtained ID token from Google");
-      console.log("[AUTH] ID token length:", tokenData.id_token.length);
-      return await this.linkGoogleAccount(tokenData.id_token);
-    } catch (error) {
-      console.error("[AUTH] Error in linkGoogleAccountWithAuthCode:", error);
-      throw handleFirebaseError(error);
-    }
-  }
 };
 // src/services/calendar/calendar.v2.service.ts

package/dist/index.mjs CHANGED Viewed

@@ -10492,75 +10492,18 @@ var AuthService = class extends BaseService {
         console.log("[AUTH] Existing user found, returning profile:", existingUser.uid);
         return existingUser;
       }
-      console.log("[AUTH] No existing user found, creating new profile for:", firebaseUser.uid);
-      return this.userService.createUser(firebaseUser, [initialRole]);
+      console.log("[AUTH] No existing user found for Google account:", firebaseUser.email);
+      await firebaseSignOut(this.auth);
+      throw new AuthError(
+        'No account found. Please complete registration by starting with "Get Started".',
+        "AUTH/USER_NOT_FOUND",
+        404
+      );
     } catch (error) {
       console.error("[AUTH] Error in signInWithGoogleIdToken:", error);
       throw handleFirebaseError(error);
     }
   }
-  /**
-   * Signs in a user with a Google authorization code from a mobile client.
-   * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-   * with the platform-specific client ID (no client secret needed for native apps).
-   * @param authorizationCode - The Google authorization code obtained from the mobile app.
-   * @param redirectUri - The redirect URI used in the OAuth flow.
-   * @param clientId - The platform-specific Google OAuth client ID.
-   * @param initialRole - The role to assign to the user if they are being created.
-   * @returns The signed-in or newly created user.
-   */
-  async signInWithGoogleAuthCode(authorizationCode, redirectUri, clientId, initialRole = "patient" /* PATIENT */) {
-    try {
-      console.log("[AUTH] Signing in with Google authorization code (native flow)");
-      console.log("[AUTH] Redirect URI:", redirectUri);
-      console.log("[AUTH] Code length:", authorizationCode.length);
-      if (!clientId) {
-        throw new Error("Google client ID is required for authorization code exchange");
-      }
-      console.log("[AUTH] Using client ID:", `${clientId.substring(0, 20)}...`);
-      const tokenEndpoint = "https://oauth2.googleapis.com/token";
-      const params = new URLSearchParams({
-        client_id: clientId,
-        code: authorizationCode,
-        grant_type: "authorization_code",
-        redirect_uri: redirectUri
-        // For native apps, we don't include client_secret
-      });
-      console.log("[AUTH] Making request to Google token endpoint...");
-      const response = await fetch(tokenEndpoint, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/x-www-form-urlencoded"
-        },
-        body: params.toString()
-      });
-      if (!response.ok) {
-        const errorText = await response.text();
-        console.error("[AUTH] Google token exchange failed:", {
-          status: response.status,
-          statusText: response.statusText,
-          error: errorText
-        });
-        throw new Error(`Google token exchange failed: ${response.status} - ${errorText}`);
-      }
-      const tokenData = await response.json();
-      console.log("[AUTH] Token exchange response received:", {
-        hasIdToken: !!tokenData.id_token,
-        hasAccessToken: !!tokenData.access_token,
-        hasRefreshToken: !!tokenData.refresh_token
-      });
-      if (!tokenData.id_token) {
-        console.error("[AUTH] No ID token in response:", tokenData);
-        throw new Error("No ID token received from Google token exchange");
-      }
-      console.log("[AUTH] Successfully obtained ID token from Google");
-      console.log("[AUTH] ID token length:", tokenData.id_token.length);
-      return await this.signInWithGoogleIdToken(tokenData.id_token, initialRole);
-    } catch (error) {
-      console.error("[AUTH] Error in signInWithGoogleAuthCode:", error);
-      throw handleFirebaseError(error);
-    }
-  }
   /**
    * Links a Google account to the currently signed-in user using an ID token.
    * This is used to upgrade an anonymous user or to allow an existing user
@@ -10594,66 +10537,6 @@ var AuthService = class extends BaseService {
       throw handleFirebaseError(error);
     }
   }
-  /**
-   * Links a Google account to the currently signed-in user using an authorization code.
-   * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-   * with the platform-specific client ID, then links the Google account to the current user.
-   * @param authorizationCode - The Google authorization code obtained from the mobile app.
-   * @param redirectUri - The redirect URI used in the OAuth flow.
-   * @param clientId - The platform-specific Google OAuth client ID.
-   * @returns The updated user profile.
-   */
-  async linkGoogleAccountWithAuthCode(authorizationCode, redirectUri, clientId) {
-    try {
-      console.log("[AUTH] Linking Google account with authorization code (native flow)");
-      console.log("[AUTH] Redirect URI:", redirectUri);
-      console.log("[AUTH] Code length:", authorizationCode.length);
-      if (!clientId) {
-        throw new Error("Google client ID is required for authorization code exchange");
-      }
-      console.log("[AUTH] Using client ID:", `${clientId.substring(0, 20)}...`);
-      const tokenEndpoint = "https://oauth2.googleapis.com/token";
-      const params = new URLSearchParams({
-        client_id: clientId,
-        code: authorizationCode,
-        grant_type: "authorization_code",
-        redirect_uri: redirectUri
-      });
-      console.log("[AUTH] Making request to Google token endpoint...");
-      const response = await fetch(tokenEndpoint, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/x-www-form-urlencoded"
-        },
-        body: params.toString()
-      });
-      if (!response.ok) {
-        const errorText = await response.text();
-        console.error("[AUTH] Google token exchange failed:", {
-          status: response.status,
-          statusText: response.statusText,
-          error: errorText
-        });
-        throw new Error(`Google token exchange failed: ${response.status} - ${errorText}`);
-      }
-      const tokenData = await response.json();
-      console.log("[AUTH] Token exchange response received:", {
-        hasIdToken: !!tokenData.id_token,
-        hasAccessToken: !!tokenData.access_token,
-        hasRefreshToken: !!tokenData.refresh_token
-      });
-      if (!tokenData.id_token) {
-        console.error("[AUTH] No ID token in response:", tokenData);
-        throw new Error("No ID token received from Google token exchange");
-      }
-      console.log("[AUTH] Successfully obtained ID token from Google");
-      console.log("[AUTH] ID token length:", tokenData.id_token.length);
-      return await this.linkGoogleAccount(tokenData.id_token);
-    } catch (error) {
-      console.error("[AUTH] Error in linkGoogleAccountWithAuthCode:", error);
-      throw handleFirebaseError(error);
-    }
-  }
 };
 // src/services/calendar/calendar.v2.service.ts

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@blackcode_sa/metaestetics-api",
   "private": false,
-  "version": "1.12.12",
+  "version": "1.12.13",
   "description": "Firebase authentication service with anonymous upgrade support",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/src/services/auth/auth.service.ts CHANGED Viewed

@@ -894,93 +894,19 @@ export class AuthService extends BaseService {
         return existingUser;
       }
-      // If no profile exists, create a new one
-      console.log('[AUTH] No existing user found, creating new profile for:', firebaseUser.uid);
-      return this.userService.createUser(firebaseUser, [initialRole]);
-    } catch (error) {
-      console.error('[AUTH] Error in signInWithGoogleIdToken:', error);
-      throw handleFirebaseError(error);
-    }
-  }
-  /**
-   * Signs in a user with a Google authorization code from a mobile client.
-   * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-   * with the platform-specific client ID (no client secret needed for native apps).
-   * @param authorizationCode - The Google authorization code obtained from the mobile app.
-   * @param redirectUri - The redirect URI used in the OAuth flow.
-   * @param clientId - The platform-specific Google OAuth client ID.
-   * @param initialRole - The role to assign to the user if they are being created.
-   * @returns The signed-in or newly created user.
-   */
-  async signInWithGoogleAuthCode(
-    authorizationCode: string,
-    redirectUri: string,
-    clientId: string,
-    initialRole: UserRole = UserRole.PATIENT,
-  ): Promise<User> {
-    try {
-      console.log('[AUTH] Signing in with Google authorization code (native flow)');
-      console.log('[AUTH] Redirect URI:', redirectUri);
-      console.log('[AUTH] Code length:', authorizationCode.length);
-      if (!clientId) {
-        throw new Error('Google client ID is required for authorization code exchange');
-      }
+      // If no profile exists, reject the login - user must complete onboarding first
+      console.log('[AUTH] No existing user found for Google account:', firebaseUser.email);
-      console.log('[AUTH] Using client ID:', `${clientId.substring(0, 20)}...`);
+      // Sign out the Firebase user since we don't allow auto-registration
+      await firebaseSignOut(this.auth);
-      // Exchange authorization code for tokens using Google's OAuth2 API
-      // For native apps, we don't need a client secret
-      const tokenEndpoint = 'https://oauth2.googleapis.com/token';
-      const params = new URLSearchParams({
-        client_id: clientId,
-        code: authorizationCode,
-        grant_type: 'authorization_code',
-        redirect_uri: redirectUri,
-        // For native apps, we don't include client_secret
-      });
-      console.log('[AUTH] Making request to Google token endpoint...');
-      const response = await fetch(tokenEndpoint, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/x-www-form-urlencoded',
-        },
-        body: params.toString(),
-      });
-      if (!response.ok) {
-        const errorText = await response.text();
-        console.error('[AUTH] Google token exchange failed:', {
-          status: response.status,
-          statusText: response.statusText,
-          error: errorText,
-        });
-        throw new Error(`Google token exchange failed: ${response.status} - ${errorText}`);
-      }
-      const tokenData = await response.json();
-      console.log('[AUTH] Token exchange response received:', {
-        hasIdToken: !!tokenData.id_token,
-        hasAccessToken: !!tokenData.access_token,
-        hasRefreshToken: !!tokenData.refresh_token,
-      });
-      if (!tokenData.id_token) {
-        console.error('[AUTH] No ID token in response:', tokenData);
-        throw new Error('No ID token received from Google token exchange');
-      }
-      console.log('[AUTH] Successfully obtained ID token from Google');
-      console.log('[AUTH] ID token length:', tokenData.id_token.length);
-      // Now sign in with the ID token
-      return await this.signInWithGoogleIdToken(tokenData.id_token, initialRole);
+      throw new AuthError(
+        'No account found. Please complete registration by starting with "Get Started".',
+        'AUTH/USER_NOT_FOUND',
+        404,
+      );
     } catch (error) {
-      console.error('[AUTH] Error in signInWithGoogleAuthCode:', error);
+      console.error('[AUTH] Error in signInWithGoogleIdToken:', error);
       throw handleFirebaseError(error);
     }
   }
@@ -1023,82 +949,4 @@ export class AuthService extends BaseService {
       throw handleFirebaseError(error);
     }
   }
-  /**
-   * Links a Google account to the currently signed-in user using an authorization code.
-   * This method directly exchanges the authorization code for tokens using Google's OAuth2 API
-   * with the platform-specific client ID, then links the Google account to the current user.
-   * @param authorizationCode - The Google authorization code obtained from the mobile app.
-   * @param redirectUri - The redirect URI used in the OAuth flow.
-   * @param clientId - The platform-specific Google OAuth client ID.
-   * @returns The updated user profile.
-   */
-  async linkGoogleAccountWithAuthCode(
-    authorizationCode: string,
-    redirectUri: string,
-    clientId: string,
-  ): Promise<User> {
-    try {
-      console.log('[AUTH] Linking Google account with authorization code (native flow)');
-      console.log('[AUTH] Redirect URI:', redirectUri);
-      console.log('[AUTH] Code length:', authorizationCode.length);
-      if (!clientId) {
-        throw new Error('Google client ID is required for authorization code exchange');
-      }
-      console.log('[AUTH] Using client ID:', `${clientId.substring(0, 20)}...`);
-      // Exchange authorization code for tokens using Google's OAuth2 API
-      const tokenEndpoint = 'https://oauth2.googleapis.com/token';
-      const params = new URLSearchParams({
-        client_id: clientId,
-        code: authorizationCode,
-        grant_type: 'authorization_code',
-        redirect_uri: redirectUri,
-      });
-      console.log('[AUTH] Making request to Google token endpoint...');
-      const response = await fetch(tokenEndpoint, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/x-www-form-urlencoded',
-        },
-        body: params.toString(),
-      });
-      if (!response.ok) {
-        const errorText = await response.text();
-        console.error('[AUTH] Google token exchange failed:', {
-          status: response.status,
-          statusText: response.statusText,
-          error: errorText,
-        });
-        throw new Error(`Google token exchange failed: ${response.status} - ${errorText}`);
-      }
-      const tokenData = await response.json();
-      console.log('[AUTH] Token exchange response received:', {
-        hasIdToken: !!tokenData.id_token,
-        hasAccessToken: !!tokenData.access_token,
-        hasRefreshToken: !!tokenData.refresh_token,
-      });
-      if (!tokenData.id_token) {
-        console.error('[AUTH] No ID token in response:', tokenData);
-        throw new Error('No ID token received from Google token exchange');
-      }
-      console.log('[AUTH] Successfully obtained ID token from Google');
-      console.log('[AUTH] ID token length:', tokenData.id_token.length);
-      // Now link the Google account using the ID token
-      return await this.linkGoogleAccount(tokenData.id_token);
-    } catch (error) {
-      console.error('[AUTH] Error in linkGoogleAccountWithAuthCode:', error);
-      throw handleFirebaseError(error);
-    }
-  }
 }