@elvix.is/sdk 0.5.5 → 0.5.7

package/dist/react.d.ts

@@ -58,6 +58,8 @@ type ElvixCopy = {
     subtitle?: string;
     /** Google factor button. */
     googleButton?: string;
+    /** Passkey factor button. */
+    passkeyButton?: string;
     /** Email field placeholder. */
     emailPlaceholder?: string;
     /** Email submit button (identify step). */
@@ -134,6 +136,23 @@ type ElvixBootstrapEnvelope = {
     showHeader: boolean;
     transparentBg: boolean;
     signInVerb: "signin" | "login";
+    /**
+     * Per-app Google Identity Services config (One Tap / Auto-select / Popup
+     * / FedCM). Present on the wire; the SDK's `<ElvixSignInForm>` reads it
+     * into its resolved props. When any GIS flag is on AND `googleClientId`
+     * is present, the form swaps the static redirect anchor for Google's
+     * GIS-rendered personalized button.
+     */
+    googleConfig: unknown;
+    /**
+     * Public Google OAuth client id for GIS (the personalized "Continue as
+     * <name>" One Tap / renderButton path). In the elvix monorepo this is the
+     * build-time `NEXT_PUBLIC_GOOGLE_CLIENT_ID`; for the published SDK it
+     * arrives per-app on the bootstrap envelope. When absent, the Google
+     * factor degrades to the static redirect anchor (which uses elvix's
+     * server-side client id via `/api/auth/google/start`).
+     */
+    googleClientId?: string;
     signinGate: "public" | "private_beta" | "closed";
     archivedAt: string | null;
     /**
@@ -161,7 +180,7 @@ type ElvixSignInResultErr = {
     error: string;
     message?: string;
 };
-type ElvixSignInResult = ElvixSignInResultOk | ElvixSignInResultErr;
+type ElvixSignInResult$1 = ElvixSignInResultOk | ElvixSignInResultErr;
 /** Theme override. Omit to inherit the Console-configured pair. */
 type ElvixTheme = "light" | "dark" | "system";
 
@@ -202,7 +221,7 @@ declare function ElvixProvider({ clientId, theme, brand, baseUrl, children, clas
  * calls `router.push` itself.
  */
 declare function ElvixSignIn({ onResult, redirectAfterSignIn, copy: copyProp, className, width, height, minWidth, maxWidth, minHeight, maxHeight, }: {
-    onResult?: (r: ElvixSignInResult) => void;
+    onResult?: (r: ElvixSignInResult$1) => void;
     /** Default redirect target on success when the server doesn't echo one. */
     redirectAfterSignIn?: string;
     /**
@@ -215,42 +234,182 @@ declare function ElvixSignIn({ onResult, redirectAfterSignIn, copy: copyProp, cl
 } & ElvixSizeProps): react_jsx_runtime.JSX.Element;
 
 /**
- * `<ElvixSignInForm>` — the polished, fully-styled sign-in surface a
- * customer drops onto their own app.
+ * Public ResponseDto shape the SDK surfaces to `onResult` listeners.
+ * Mirrors the `{ ok: true | false, ... }` envelope every elvix API
+ * route returns via `withErrorHandling`. Customers branch on `ok`.
+ */
+type ElvixSignInResult = {
+    ok: true;
+    redirect?: string;
+} | {
+    ok: false;
+    error: string;
+    message?: string;
+    status?: number;
+};
+declare const Mode: {
+    readonly PREVIEW: "preview";
+    readonly INTERACTIVE: "interactive";
+};
+type Mode = (typeof Mode)[keyof typeof Mode];
+declare const Intent: {
+    readonly CONSOLE: "console";
+    readonly ACCOUNT: "account";
+    readonly APP: "app";
+};
+type Intent = (typeof Intent)[keyof typeof Intent];
+declare const Layout: {
+    readonly CENTERED: "centered";
+    readonly LEFT: "left";
+    readonly BANNER: "banner";
+};
+type Layout = (typeof Layout)[keyof typeof Layout];
+declare const SocialLayout: {
+    readonly STACKED: "stacked";
+    readonly GRID: "grid";
+};
+type SocialLayout = (typeof SocialLayout)[keyof typeof SocialLayout];
+declare const Presentation: {
+    readonly CARD: "card";
+    readonly DRAWER: "drawer";
+    readonly MODAL: "modal";
+};
+type Presentation = (typeof Presentation)[keyof typeof Presentation];
+declare const Theme: {
+    readonly LIGHT: "light";
+    readonly DARK: "dark";
+    readonly AUTO: "auto";
+};
+type Theme = (typeof Theme)[keyof typeof Theme];
+declare const SignInVerb: {
+    readonly SIGNIN: "signin";
+    readonly LOGIN: "login";
+};
+type SignInVerb = (typeof SignInVerb)[keyof typeof SignInVerb];
+/**
+ * One auth surface to rule them all. Same component renders:
  *
- * Where `<ElvixSignIn>` is the bare-bones flow (class-hooked, host paints
- * it), this is the finished card: rounded logo tile, "Sign in to {app}"
- * heading, "Continue with Google", an OR divider, the email→code OTP
- * flow, a legal footer, and a "Secured by elvix" badge. It ships with
- * **inline styles only** — no host CSS required, so it looks right the
- * moment it mounts on any origin.
+ *   - The live preview inside the Console (Create app + Sign-in configure).
+ *     mode="preview" → all controls disabled, just visual.
  *
- * Cross-origin correct: OTP start/verify pick credentials from
- * `isSameOrigin(baseUrl)` exactly like `<ElvixSignIn>`; on a third-party
- * origin the session token comes back in the response body and is stored
- * via `setElvixToken`. Google is a top-level redirect.
+ *   - The actual hosted sign-in at /sign-in/<clientId> for any customer app.
+ *     mode="interactive" + intent="app:<clientId>" → real flows.
  *
- * Reads enabled methods + branding from the Console-configured bootstrap
- * envelope (`<ElvixProvider clientId>` must be an ancestor). Renders only
- * the factors the Console turned on; never invents UI it denied.
+ *   - The elvix Console's own sign-in at /sign-in/console.
+ *     mode="interactive" + intent="console" → dogfoods our own auth.
  *
- * `onResult({ ok, ... })` fires on success AND every failure, mirroring
- * `<ElvixSignIn>`. The component never navigates the host itself.
+ *   - The account surface at /sign-in/account.
+ *     mode="interactive" + intent="account".
+ *
+ * Sign-in = Sign-up. There's no separate signup route. If you don't exist
+ * yet, the first successful auth creates you.
  */
-type ElvixSignInFormProps = {
-    /** Fires on every terminal outcome — success and failure — like `<ElvixSignIn>`. */
-    onResult?: (r: ElvixSignInResult) => void;
-    /** Default redirect target on success when the server doesn't echo one. */
-    redirectAfterSignIn?: string;
+type AuthFormProps = {
     /**
-     * Thin per-embed copy override. The primary way to edit copy is the elvix
-     * Console (served live in the bootstrap `strings`); this prop just lets a
-     * single embed tweak a string or two without a Console change.
+     * "interactive" (default) hits real auth endpoints.
+     * "preview" renders the surface read-only — every CTA paints but
+     * never makes a request. Console live-preview uses this.
      */
-    copy?: Partial<ElvixCopy>;
-    className?: string;
-} & /** Sizing — applied to the card root inline style (SDK components are sizable). */ ElvixSizeProps;
-declare function ElvixSignInForm({ onResult, redirectAfterSignIn, copy: copyProp, className, minWidth, maxWidth, minHeight, maxHeight, width, height, }: ElvixSignInFormProps): react_jsx_runtime.JSX.Element;
+    mode?: Mode;
+    /**
+     * App display name. Optional when `<ElvixProvider clientId>` is
+     * mounted — the provider fetches it from the Console-configured
+     * Application row. Explicit prop wins (Console passes its unsaved
+     * live state here).
+     */
+    appName?: string;
+    logoUrl?: string | null;
+    /** Optional dark-mode variant. Used when `theme="dark"`, otherwise we
+     *  show the same logoUrl in both themes. */
+    logoUrlDark?: string | null;
+    /** Optional pre-rendered logo node. Wins over logoUrl + letter fallback. */
+    logoNode?: React.ReactNode;
+    brandColor?: string;
+    /** Foreground colour painted on top of brandColor (CTA text/icons). */
+    onBrandColor?: string;
+    methodGoogle?: boolean;
+    methodEmailOtp?: boolean;
+    methodPasskey?: boolean;
+    methodUsername?: boolean;
+    privacyPolicyUrl?: string | null;
+    termsOfServiceUrl?: string | null;
+    framed?: boolean;
+    /** Used in interactive mode to route auth requests. */
+    intent?: Intent;
+    /** For intent="app": the Application client_id. */
+    clientId?: string;
+    /** If set, the logo becomes a clickable link to this URL (the app's website). */
+    websiteUrl?: string | null;
+    /** Visual layout. Three variants today. */
+    layout?: Layout;
+    /** Social button arrangement: stacked rows (default) or 2-up grid. */
+    socialLayout?: SocialLayout;
+    /** Surrounding chrome — card / drawer (bottom sheet) / modal overlay. */
+    presentation?: Presentation;
+    /** Theme override for the form's surface tokens. */
+    theme?: Theme;
+    /** Hide the built-in header (logo + "Sign in to X" title + subtitle). */
+    showHeader?: boolean;
+    /** Which verb the customer wants on the CTA + heading. Some brands
+     *  prefer "Log in" (banks, B2B legacy); SaaS defaults to "Sign in". */
+    signInVerb?: SignInVerb;
+    /** Strip card bg + border + shadow so the form blends into its host. */
+    transparentBg?: boolean;
+    /** Optional node rendered directly below the "Pick how you want to
+     *  continue" subtitle. Used for gate-state badges ("Private beta",
+     *  "Closed signups") so they sit inline with the form instead of
+     *  competing as a separate surface above the card. */
+    belowHeading?: React.ReactNode;
+    /** Optional pre-rendered node injected just under the methods, on
+     *  the way to the "Secured by elvix" chip. Used for the
+     *  "Inform me when it goes public" + "Request access" text-links
+     *  shown on gated hosted surfaces. */
+    belowMethods?: React.ReactNode;
+    /** Per-app Google Identity Services config. When set + `methodGoogle`
+     *  is on + we're in interactive mode + a `googleClientId` is available,
+     *  the ElvixSignInForm loads the GIS client lib and applies One Tap /
+     *  Auto-select / FedCM / popup ux_mode based on each flag. Falls back to
+     *  the plain redirect-OAuth anchor otherwise. */
+    googleConfig?: {
+        oneTap?: boolean;
+        autoSelect?: boolean;
+        popup?: boolean;
+        fedcm?: boolean;
+        hostedDomain?: string;
+    };
+    /** Public Google OAuth client id for the GIS personalized button. In the
+     *  elvix monorepo this is the build-time `NEXT_PUBLIC_GOOGLE_CLIENT_ID`;
+     *  the SDK reads it off the bootstrap envelope (`googleClientId`). When
+     *  absent, the Google factor degrades to the static redirect anchor. */
+    googleClientId?: string;
+    /**
+     * Fires after a successful sign-in (OTP, Google, Passkey) — BEFORE
+     * the default redirect runs. When provided, the form will NOT
+     * navigate; the host owns post-auth routing. Use this to keep an
+     * embedded surface (Drawer/Modal/Card) in place after auth and let
+     * the host call `router.push()` itself.
+     *
+     * Call `GET /api/me` from the host to fetch the authenticated user.
+     * The v2 SDK will surface user details directly in the payload.
+     */
+    onAuthenticated?: (result: {
+        ok: true;
+        redirect?: string;
+        token?: string;
+    }) => void;
+    /**
+     * Fires on every terminal outcome: success AND every error path
+     * (invalid OTP, expired challenge, rate-limited, network blip,
+     * passkey failure). Mirrors the ResponseDto shape the rest of the
+     * elvix API surfaces, so the customer branches on `ok` the same
+     * way they would for a `/api/v1/verify` call.
+     *
+     * Both `onResult` and `onAuthenticated` may be set. `onResult` fires
+     * regardless; `onAuthenticated` only on success (legacy contract).
+     */
+    onResult?: (result: ElvixSignInResult) => void;
+};
+declare function ElvixSignInForm(props: AuthFormProps): react_jsx_runtime.JSX.Element;
 
 type ElvixSignInButtonSize = "sm" | "md" | "lg";
 type ElvixSignInButtonTheme = "light" | "dark" | "auto";
@@ -276,7 +435,7 @@ type ElvixSignInButtonProps = {
     mode?: ElvixSignInButtonMode;
     onClick?: () => void;
     /** Terminal outcome of mode="embed": success (with token) or error. */
-    onResult?: (result: ElvixSignInResult) => void;
+    onResult?: (result: ElvixSignInResult$1) => void;
 } & /**
  * Dimensional sizing (width/height/min/max), additive to the `size` preset.
  * Merged last into the root element so an explicit width/height wins.
@@ -453,4 +612,4 @@ declare function ElvixLegalEntities({ onResult, width, height, minWidth, maxWidt
     onResult?: (r: ElvixActionResult) => void;
 } & ElvixSizeProps): react_jsx_runtime.JSX.Element;
 
-export { DEFAULT_COPY, ElvixActionResult, ElvixAddressBook, ElvixAvatar, ElvixBanner, type ElvixBootstrapEnvelope, type ElvixBrand, ElvixCard, type ElvixCopy, ElvixDeactivate, ElvixExport, ElvixIdentityForm, ElvixLanguages, ElvixLeave, ElvixLegalEntities, ElvixLifecycleWatcher, ElvixProvider, ElvixRegion, ElvixSecuredBadge, ElvixSessions, ElvixSignIn, ElvixSignInButton, ElvixSignInForm, type ElvixSignInMethod, type ElvixSignInResult, type ElvixSignInResultErr, type ElvixSignInResultOk, type ElvixSizeProps, type ElvixTheme, ElvixUsername, type UseUserListResult, getElvixToken, setElvixToken, useElvixApp, useElvixContext, useUserMemberships, useUserRoles, useUserScopes };
+export { DEFAULT_COPY, ElvixActionResult, ElvixAddressBook, ElvixAvatar, ElvixBanner, type ElvixBootstrapEnvelope, type ElvixBrand, ElvixCard, type ElvixCopy, ElvixDeactivate, ElvixExport, ElvixIdentityForm, ElvixLanguages, ElvixLeave, ElvixLegalEntities, ElvixLifecycleWatcher, ElvixProvider, ElvixRegion, ElvixSecuredBadge, ElvixSessions, ElvixSignIn, ElvixSignInButton, ElvixSignInForm, type ElvixSignInMethod, type ElvixSignInResult$1 as ElvixSignInResult, type ElvixSignInResultErr, type ElvixSignInResultOk, type ElvixSizeProps, type ElvixTheme, ElvixUsername, type UseUserListResult, getElvixToken, setElvixToken, useElvixApp, useElvixContext, useUserMemberships, useUserRoles, useUserScopes };