npm - @blinkdotnew/dev-sdk - Versions diffs - 2.1.3 → 2.1.4 - Mend

@blinkdotnew/dev-sdk 2.1.3 → 2.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -1325,6 +1325,11 @@ declare class BlinkAuth {
      * Uses expo-web-browser to open auth URL and polls for completion
      */
     private signInWithProviderUniversal;
+    /**
+     * OAuth flow via parent window (for iframe context)
+     * Delegates OAuth to parent window since OAuth providers block flows inside iframes
+     */
+    private signInWithProviderViaParent;
     /**
      * Generic provider sign-in method (headless mode)
      *

package/dist/index.d.ts CHANGED Viewed

@@ -1325,6 +1325,11 @@ declare class BlinkAuth {
      * Uses expo-web-browser to open auth URL and polls for completion
      */
     private signInWithProviderUniversal;
+    /**
+     * OAuth flow via parent window (for iframe context)
+     * Delegates OAuth to parent window since OAuth providers block flows inside iframes
+     */
+    private signInWithProviderViaParent;
     /**
      * Generic provider sign-in method (headless mode)
      *

package/dist/index.js CHANGED Viewed

@@ -1285,45 +1285,16 @@ var BlinkAuth = class {
     if (!config.projectId) {
       throw new Error("projectId is required for authentication");
     }
-    const detectAuthUrl = () => {
-      if (typeof window !== "undefined") {
-        const referrer = document.referrer;
-        if (referrer?.includes("dev.blink.new")) {
-          console.log("\u{1F527} Dev environment detected via referrer, using dev.blink.new for auth");
-          return "https://dev.blink.new";
-        }
-        try {
-          if (window.parent !== window) {
-            const parentOrigin = window.parent.location.origin;
-            if (parentOrigin?.includes("dev.blink.new")) {
-              console.log("\u{1F527} Dev environment detected via parent origin, using dev.blink.new for auth");
-              return "https://dev.blink.new";
-            }
-          }
-        } catch {
-        }
-        try {
-          const opener = window.opener?.location?.origin;
-          if (opener?.includes("dev.blink.new")) {
-            console.log("\u{1F527} Dev environment detected via opener, using dev.blink.new for auth");
-            return "https://dev.blink.new";
-          }
-        } catch {
-        }
-      }
-      return "https://blink.new";
-    };
-    const defaultAuthUrl = detectAuthUrl();
     this.authConfig = {
       mode: "managed",
       // Default mode
-      authUrl: defaultAuthUrl,
+      authUrl: "https://blink.new",
       coreUrl: "https://core.blink.new",
       detectSessionInUrl: true,
       // Default to true for web compatibility
       ...config.auth
     };
-    this.authUrl = this.authConfig.authUrl || defaultAuthUrl;
+    this.authUrl = this.authConfig.authUrl || "https://blink.new";
     this.coreUrl = this.authConfig.coreUrl || "https://core.blink.new";
     const hostname = getLocationHostname();
     if (hostname && this.authUrl === "https://blink.new" && (hostname === "localhost" || hostname === "127.0.0.1")) {
@@ -1378,7 +1349,7 @@ var BlinkAuth = class {
   setupParentWindowListener() {
     if (!isWeb || !this.isIframe || !hasWindow()) return;
     window.addEventListener("message", (event) => {
-      if (event.origin !== "https://blink.new" && event.origin !== "https://dev.blink.new" && event.origin !== "http://localhost:3000" && event.origin !== "http://localhost:3001") {
+      if (event.origin !== "https://blink.new" && event.origin !== "http://localhost:3000" && event.origin !== "http://localhost:3001") {
         return;
       }
       if (event.data?.type === "BLINK_AUTH_TOKENS") {
@@ -1995,6 +1966,67 @@ var BlinkAuth = class {
       throw pollError;
     }
   }
+  /**
+   * OAuth flow via parent window (for iframe context)
+   * Delegates OAuth to parent window since OAuth providers block flows inside iframes
+   */
+  signInWithProviderViaParent(provider, options) {
+    return new Promise((resolve, reject) => {
+      const state = this.generateState();
+      const redirectUrl = options?.redirectUrl || getLocationOrigin() || "";
+      let timeoutId;
+      let cleanedUp = false;
+      const cleanup = () => {
+        if (cleanedUp) return;
+        cleanedUp = true;
+        clearTimeout(timeoutId);
+        window.removeEventListener("message", messageListener);
+      };
+      const messageListener = (event) => {
+        const { type, access_token, refresh_token, expires_in, refresh_expires_in, issued_at, projectId, error } = event.data || {};
+        if (type === "BLINK_AUTH_TOKENS") {
+          if (projectId && projectId !== this.config.projectId) {
+            return;
+          }
+          console.log("\u{1F4E5} Received auth tokens from parent window");
+          this.setTokens({
+            access_token,
+            refresh_token,
+            token_type: "Bearer",
+            expires_in: expires_in || 3600,
+            refresh_expires_in,
+            issued_at: issued_at || Math.floor(Date.now() / 1e3)
+          }, true).then(() => {
+            cleanup();
+            resolve(this.authState.user);
+          }).catch((err) => {
+            cleanup();
+            reject(err);
+          });
+        } else if (type === "BLINK_AUTH_ERROR") {
+          cleanup();
+          reject(new BlinkAuthError(
+            "POPUP_CANCELED" /* POPUP_CANCELED */,
+            error || "Authentication failed"
+          ));
+        }
+      };
+      window.addEventListener("message", messageListener);
+      timeoutId = setTimeout(() => {
+        cleanup();
+        reject(new BlinkAuthError("AUTH_TIMEOUT" /* AUTH_TIMEOUT */, "Authentication timed out"));
+      }, 3e5);
+      console.log("\u{1F4E4} Sending OAuth request to parent window");
+      window.parent.postMessage({
+        type: "BLINK_AUTH_OAUTH_REQUEST",
+        provider,
+        projectId: this.config.projectId,
+        redirectUrl,
+        state,
+        authUrl: this.authUrl
+      }, "*");
+    });
+  }
   /**
    * Generic provider sign-in method (headless mode)
    *
@@ -2041,7 +2073,10 @@ var BlinkAuth = class {
     if (!hasWindow()) {
       throw new BlinkAuthError("NETWORK_ERROR" /* NETWORK_ERROR */, "signInWithProvider requires a browser environment");
     }
-    const shouldPreferRedirect = isWeb && this.isIframe || typeof window !== "undefined" && window.crossOriginIsolated === true;
+    if (isWeb && this.isIframe && hasWindow() && window.parent !== window) {
+      console.log("\u{1F5BC}\uFE0F In iframe, delegating OAuth to parent window");
+      return this.signInWithProviderViaParent(provider, options);
+    }
     const state = this.generateState();
     try {
       const sessionStorage = getSessionStorage();
@@ -2061,6 +2096,7 @@ var BlinkAuth = class {
       url.searchParams.set("opener_origin", getLocationOrigin() || "");
       return url;
     };
+    const shouldPreferRedirect = typeof window !== "undefined" && window.crossOriginIsolated === true;
     if (shouldPreferRedirect) {
       window.location.href = buildAuthUrl("redirect").toString();
       return new Promise(() => {

package/dist/index.mjs CHANGED Viewed

@@ -1283,45 +1283,16 @@ var BlinkAuth = class {
     if (!config.projectId) {
       throw new Error("projectId is required for authentication");
     }
-    const detectAuthUrl = () => {
-      if (typeof window !== "undefined") {
-        const referrer = document.referrer;
-        if (referrer?.includes("dev.blink.new")) {
-          console.log("\u{1F527} Dev environment detected via referrer, using dev.blink.new for auth");
-          return "https://dev.blink.new";
-        }
-        try {
-          if (window.parent !== window) {
-            const parentOrigin = window.parent.location.origin;
-            if (parentOrigin?.includes("dev.blink.new")) {
-              console.log("\u{1F527} Dev environment detected via parent origin, using dev.blink.new for auth");
-              return "https://dev.blink.new";
-            }
-          }
-        } catch {
-        }
-        try {
-          const opener = window.opener?.location?.origin;
-          if (opener?.includes("dev.blink.new")) {
-            console.log("\u{1F527} Dev environment detected via opener, using dev.blink.new for auth");
-            return "https://dev.blink.new";
-          }
-        } catch {
-        }
-      }
-      return "https://blink.new";
-    };
-    const defaultAuthUrl = detectAuthUrl();
     this.authConfig = {
       mode: "managed",
       // Default mode
-      authUrl: defaultAuthUrl,
+      authUrl: "https://blink.new",
       coreUrl: "https://core.blink.new",
       detectSessionInUrl: true,
       // Default to true for web compatibility
       ...config.auth
     };
-    this.authUrl = this.authConfig.authUrl || defaultAuthUrl;
+    this.authUrl = this.authConfig.authUrl || "https://blink.new";
     this.coreUrl = this.authConfig.coreUrl || "https://core.blink.new";
     const hostname = getLocationHostname();
     if (hostname && this.authUrl === "https://blink.new" && (hostname === "localhost" || hostname === "127.0.0.1")) {
@@ -1376,7 +1347,7 @@ var BlinkAuth = class {
   setupParentWindowListener() {
     if (!isWeb || !this.isIframe || !hasWindow()) return;
     window.addEventListener("message", (event) => {
-      if (event.origin !== "https://blink.new" && event.origin !== "https://dev.blink.new" && event.origin !== "http://localhost:3000" && event.origin !== "http://localhost:3001") {
+      if (event.origin !== "https://blink.new" && event.origin !== "http://localhost:3000" && event.origin !== "http://localhost:3001") {
         return;
       }
       if (event.data?.type === "BLINK_AUTH_TOKENS") {
@@ -1993,6 +1964,67 @@ var BlinkAuth = class {
       throw pollError;
     }
   }
+  /**
+   * OAuth flow via parent window (for iframe context)
+   * Delegates OAuth to parent window since OAuth providers block flows inside iframes
+   */
+  signInWithProviderViaParent(provider, options) {
+    return new Promise((resolve, reject) => {
+      const state = this.generateState();
+      const redirectUrl = options?.redirectUrl || getLocationOrigin() || "";
+      let timeoutId;
+      let cleanedUp = false;
+      const cleanup = () => {
+        if (cleanedUp) return;
+        cleanedUp = true;
+        clearTimeout(timeoutId);
+        window.removeEventListener("message", messageListener);
+      };
+      const messageListener = (event) => {
+        const { type, access_token, refresh_token, expires_in, refresh_expires_in, issued_at, projectId, error } = event.data || {};
+        if (type === "BLINK_AUTH_TOKENS") {
+          if (projectId && projectId !== this.config.projectId) {
+            return;
+          }
+          console.log("\u{1F4E5} Received auth tokens from parent window");
+          this.setTokens({
+            access_token,
+            refresh_token,
+            token_type: "Bearer",
+            expires_in: expires_in || 3600,
+            refresh_expires_in,
+            issued_at: issued_at || Math.floor(Date.now() / 1e3)
+          }, true).then(() => {
+            cleanup();
+            resolve(this.authState.user);
+          }).catch((err) => {
+            cleanup();
+            reject(err);
+          });
+        } else if (type === "BLINK_AUTH_ERROR") {
+          cleanup();
+          reject(new BlinkAuthError(
+            "POPUP_CANCELED" /* POPUP_CANCELED */,
+            error || "Authentication failed"
+          ));
+        }
+      };
+      window.addEventListener("message", messageListener);
+      timeoutId = setTimeout(() => {
+        cleanup();
+        reject(new BlinkAuthError("AUTH_TIMEOUT" /* AUTH_TIMEOUT */, "Authentication timed out"));
+      }, 3e5);
+      console.log("\u{1F4E4} Sending OAuth request to parent window");
+      window.parent.postMessage({
+        type: "BLINK_AUTH_OAUTH_REQUEST",
+        provider,
+        projectId: this.config.projectId,
+        redirectUrl,
+        state,
+        authUrl: this.authUrl
+      }, "*");
+    });
+  }
   /**
    * Generic provider sign-in method (headless mode)
    *
@@ -2039,7 +2071,10 @@ var BlinkAuth = class {
     if (!hasWindow()) {
       throw new BlinkAuthError("NETWORK_ERROR" /* NETWORK_ERROR */, "signInWithProvider requires a browser environment");
     }
-    const shouldPreferRedirect = isWeb && this.isIframe || typeof window !== "undefined" && window.crossOriginIsolated === true;
+    if (isWeb && this.isIframe && hasWindow() && window.parent !== window) {
+      console.log("\u{1F5BC}\uFE0F In iframe, delegating OAuth to parent window");
+      return this.signInWithProviderViaParent(provider, options);
+    }
     const state = this.generateState();
     try {
       const sessionStorage = getSessionStorage();
@@ -2059,6 +2094,7 @@ var BlinkAuth = class {
       url.searchParams.set("opener_origin", getLocationOrigin() || "");
       return url;
     };
+    const shouldPreferRedirect = typeof window !== "undefined" && window.crossOriginIsolated === true;
     if (shouldPreferRedirect) {
       window.location.href = buildAuthUrl("redirect").toString();
       return new Promise(() => {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@blinkdotnew/dev-sdk",
-  "version": "2.1.3",
+  "version": "2.1.4",
   "description": "Blink TypeScript SDK for client-side applications - Zero-boilerplate CRUD + auth + AI + analytics + notifications for modern SaaS/AI apps",
   "keywords": [
     "blink",