@blackcode_sa/metaestetics-api 1.14.71 → 1.14.73

package/dist/index.d.mts

@@ -8615,6 +8615,22 @@ declare class AuthService extends BaseService {
      * @returns The updated user profile.
      */
     linkGoogleAccount(idToken: string): Promise<User>;
+    /**
+     * Sign in with Apple ID token (for existing users only).
+     * Mirrors signInWithGoogleIdToken — verifies the user exists before allowing sign-in.
+     */
+    signInWithAppleIdToken(idToken: string, rawNonce: string, appleUserInfo?: {
+        fullName?: {
+            givenName?: string;
+            familyName?: string;
+        };
+        email?: string;
+    }): Promise<User>;
+    /**
+     * Link an Apple account to the current user (anonymous → full account upgrade).
+     * Mirrors linkGoogleAccount.
+     */
+    linkAppleAccount(idToken: string, rawNonce: string): Promise<User>;
 }
 
 /**

package/dist/index.d.ts

@@ -8615,6 +8615,22 @@ declare class AuthService extends BaseService {
      * @returns The updated user profile.
      */
     linkGoogleAccount(idToken: string): Promise<User>;
+    /**
+     * Sign in with Apple ID token (for existing users only).
+     * Mirrors signInWithGoogleIdToken — verifies the user exists before allowing sign-in.
+     */
+    signInWithAppleIdToken(idToken: string, rawNonce: string, appleUserInfo?: {
+        fullName?: {
+            givenName?: string;
+            familyName?: string;
+        };
+        email?: string;
+    }): Promise<User>;
+    /**
+     * Link an Apple account to the current user (anonymous → full account upgrade).
+     * Mirrors linkGoogleAccount.
+     */
+    linkAppleAccount(idToken: string, rawNonce: string): Promise<User>;
 }
 
 /**

package/dist/index.js

@@ -17040,6 +17040,66 @@ var AuthService = class extends BaseService {
       throw handleFirebaseError(error);
     }
   }
+  /**
+   * Sign in with Apple ID token (for existing users only).
+   * Mirrors signInWithGoogleIdToken — verifies the user exists before allowing sign-in.
+   */
+  async signInWithAppleIdToken(idToken, rawNonce, appleUserInfo) {
+    try {
+      console.log("[AUTH] Signing in with Apple ID Token");
+      const provider = new import_auth8.OAuthProvider("apple.com");
+      const credential = provider.credential({ idToken, rawNonce });
+      const { user: firebaseUser } = await (0, import_auth8.signInWithCredential)(this.auth, credential);
+      console.log("[AUTH] Firebase user signed in via Apple:", firebaseUser.uid);
+      const existingUser = await this.userService.getUserById(firebaseUser.uid);
+      if (existingUser) {
+        console.log("[AUTH] Existing user found, returning profile:", existingUser.uid);
+        return existingUser;
+      }
+      console.log("[AUTH] No existing MetaEstetics user for Apple account \u2013 signing out.");
+      await (0, import_auth8.signOut)(this.auth);
+      throw new AuthError(
+        'No account found. Please complete registration by starting with "Get Started".',
+        "AUTH/USER_NOT_FOUND",
+        404
+      );
+    } catch (error) {
+      console.error("[AUTH] Error in signInWithAppleIdToken:", error);
+      throw handleFirebaseError(error);
+    }
+  }
+  /**
+   * Link an Apple account to the current user (anonymous → full account upgrade).
+   * Mirrors linkGoogleAccount.
+   */
+  async linkAppleAccount(idToken, rawNonce) {
+    try {
+      console.log("[AUTH] Linking Apple account with ID Token");
+      const currentUser = this.auth.currentUser;
+      if (!currentUser) {
+        throw AUTH_ERRORS.NOT_AUTHENTICATED;
+      }
+      const wasAnonymous = currentUser.isAnonymous;
+      console.log(`[AUTH] Current user is ${wasAnonymous ? "anonymous" : "not anonymous"}`);
+      const provider = new import_auth8.OAuthProvider("apple.com");
+      const credential = provider.credential({ idToken, rawNonce });
+      const userCredential = await (0, import_auth8.linkWithCredential)(currentUser, credential);
+      const linkedFirebaseUser = userCredential.user;
+      console.log("[AUTH] Apple account linked successfully to user:", linkedFirebaseUser.uid);
+      if (wasAnonymous) {
+        console.log("[AUTH] Upgrading anonymous user profile");
+        const email = linkedFirebaseUser.email || "";
+        return await this.userService.upgradeAnonymousUser(
+          linkedFirebaseUser.uid,
+          email
+        );
+      }
+      return await this.userService.getUserById(linkedFirebaseUser.uid);
+    } catch (error) {
+      console.error("[AUTH] Error in linkAppleAccount:", error);
+      throw handleFirebaseError(error);
+    }
+  }
 };
 
 // src/services/calendar/calendar.v2.service.ts

package/dist/index.mjs

@@ -7639,7 +7639,8 @@ import {
   verifyPasswordResetCode,
   confirmPasswordReset,
   fetchSignInMethodsForEmail as fetchSignInMethodsForEmail2,
-  signInWithCredential
+  signInWithCredential,
+  OAuthProvider
 } from "firebase/auth";
 import {
   collection as collection21,
@@ -17128,6 +17129,66 @@ var AuthService = class extends BaseService {
       throw handleFirebaseError(error);
     }
   }
+  /**
+   * Sign in with Apple ID token (for existing users only).
+   * Mirrors signInWithGoogleIdToken — verifies the user exists before allowing sign-in.
+   */
+  async signInWithAppleIdToken(idToken, rawNonce, appleUserInfo) {
+    try {
+      console.log("[AUTH] Signing in with Apple ID Token");
+      const provider = new OAuthProvider("apple.com");
+      const credential = provider.credential({ idToken, rawNonce });
+      const { user: firebaseUser } = await signInWithCredential(this.auth, credential);
+      console.log("[AUTH] Firebase user signed in via Apple:", firebaseUser.uid);
+      const existingUser = await this.userService.getUserById(firebaseUser.uid);
+      if (existingUser) {
+        console.log("[AUTH] Existing user found, returning profile:", existingUser.uid);
+        return existingUser;
+      }
+      console.log("[AUTH] No existing MetaEstetics user for Apple account \u2013 signing out.");
+      await firebaseSignOut(this.auth);
+      throw new AuthError(
+        'No account found. Please complete registration by starting with "Get Started".',
+        "AUTH/USER_NOT_FOUND",
+        404
+      );
+    } catch (error) {
+      console.error("[AUTH] Error in signInWithAppleIdToken:", error);
+      throw handleFirebaseError(error);
+    }
+  }
+  /**
+   * Link an Apple account to the current user (anonymous → full account upgrade).
+   * Mirrors linkGoogleAccount.
+   */
+  async linkAppleAccount(idToken, rawNonce) {
+    try {
+      console.log("[AUTH] Linking Apple account with ID Token");
+      const currentUser = this.auth.currentUser;
+      if (!currentUser) {
+        throw AUTH_ERRORS.NOT_AUTHENTICATED;
+      }
+      const wasAnonymous = currentUser.isAnonymous;
+      console.log(`[AUTH] Current user is ${wasAnonymous ? "anonymous" : "not anonymous"}`);
+      const provider = new OAuthProvider("apple.com");
+      const credential = provider.credential({ idToken, rawNonce });
+      const userCredential = await linkWithCredential(currentUser, credential);
+      const linkedFirebaseUser = userCredential.user;
+      console.log("[AUTH] Apple account linked successfully to user:", linkedFirebaseUser.uid);
+      if (wasAnonymous) {
+        console.log("[AUTH] Upgrading anonymous user profile");
+        const email = linkedFirebaseUser.email || "";
+        return await this.userService.upgradeAnonymousUser(
+          linkedFirebaseUser.uid,
+          email
+        );
+      }
+      return await this.userService.getUserById(linkedFirebaseUser.uid);
+    } catch (error) {
+      console.error("[AUTH] Error in linkAppleAccount:", error);
+      throw handleFirebaseError(error);
+    }
+  }
 };
 
 // src/services/calendar/calendar.v2.service.ts

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@blackcode_sa/metaestetics-api",
   "private": false,
-  "version": "1.14.71",
+  "version": "1.14.73",
   "description": "Firebase authentication service with anonymous upgrade support",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/src/services/auth/auth.service.ts

@@ -17,6 +17,7 @@ import {
   confirmPasswordReset,
   fetchSignInMethodsForEmail,
   signInWithCredential,
+  OAuthProvider,
 } from 'firebase/auth';
 import {
   getFirestore,
@@ -1411,4 +1412,82 @@ export class AuthService extends BaseService {
       throw handleFirebaseError(error);
     }
   }
+
+  /**
+   * Sign in with Apple ID token (for existing users only).
+   * Mirrors signInWithGoogleIdToken — verifies the user exists before allowing sign-in.
+   */
+  async signInWithAppleIdToken(
+    idToken: string,
+    rawNonce: string,
+    appleUserInfo?: { fullName?: { givenName?: string; familyName?: string }; email?: string },
+  ): Promise<User> {
+    try {
+      console.log('[AUTH] Signing in with Apple ID Token');
+
+      // Build Apple OAuth credential
+      const provider = new OAuthProvider('apple.com');
+      const credential = provider.credential({ idToken, rawNonce });
+
+      // Sign in to Firebase
+      const { user: firebaseUser } = await signInWithCredential(this.auth, credential);
+      console.log('[AUTH] Firebase user signed in via Apple:', firebaseUser.uid);
+
+      // Load domain user document
+      const existingUser = await this.userService.getUserById(firebaseUser.uid);
+      if (existingUser) {
+        console.log('[AUTH] Existing user found, returning profile:', existingUser.uid);
+        return existingUser;
+      }
+
+      // No user document — sign out and error
+      console.log('[AUTH] No existing MetaEstetics user for Apple account – signing out.');
+      await firebaseSignOut(this.auth);
+      throw new AuthError(
+        'No account found. Please complete registration by starting with "Get Started".',
+        'AUTH/USER_NOT_FOUND',
+        404,
+      );
+    } catch (error) {
+      console.error('[AUTH] Error in signInWithAppleIdToken:', error);
+      throw handleFirebaseError(error);
+    }
+  }
+
+  /**
+   * Link an Apple account to the current user (anonymous → full account upgrade).
+   * Mirrors linkGoogleAccount.
+   */
+  async linkAppleAccount(idToken: string, rawNonce: string): Promise<User> {
+    try {
+      console.log('[AUTH] Linking Apple account with ID Token');
+      const currentUser = this.auth.currentUser;
+      if (!currentUser) {
+        throw AUTH_ERRORS.NOT_AUTHENTICATED;
+      }
+
+      const wasAnonymous = currentUser.isAnonymous;
+      console.log(`[AUTH] Current user is ${wasAnonymous ? 'anonymous' : 'not anonymous'}`);
+
+      const provider = new OAuthProvider('apple.com');
+      const credential = provider.credential({ idToken, rawNonce });
+      const userCredential = await linkWithCredential(currentUser, credential);
+      const linkedFirebaseUser = userCredential.user;
+      console.log('[AUTH] Apple account linked successfully to user:', linkedFirebaseUser.uid);
+
+      if (wasAnonymous) {
+        console.log('[AUTH] Upgrading anonymous user profile');
+        const email = linkedFirebaseUser.email || '';
+        return await this.userService.upgradeAnonymousUser(
+          linkedFirebaseUser.uid,
+          email,
+        );
+      }
+
+      return (await this.userService.getUserById(linkedFirebaseUser.uid))!;
+    } catch (error) {
+      console.error('[AUTH] Error in linkAppleAccount:', error);
+      throw handleFirebaseError(error);
+    }
+  }
 }