@fastshot/auth 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/package.json +1 -1
  2. package/src/auth.ts +14 -2
  3. package/src/hooks/useAppleSignIn.ts +2 -0
  4. package/src/hooks/useGoogleSignIn.ts +2 -0
  5. package/src/utils/deepLink.ts +34 -3
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fastshot/auth",
3
- "version": "1.0.2",
3
+ "version": "1.0.4",
4
4
  "description": "OAuth authentication SDK for Expo React Native applications with Supabase",
5
5
  "main": "src/index.ts",
6
6
  "repository": {
package/src/auth.ts CHANGED
@@ -95,6 +95,7 @@ async function signInWithProvider(
95
95
  options: SignInOptions
96
96
  ): Promise<void> {
97
97
  const {
98
+ supabaseClient,
98
99
  returnTo = getDefaultCallbackUrl(),
99
100
  mode = 'browser',
100
101
  loginHint,
@@ -116,8 +117,19 @@ async function signInWithProvider(
116
117
  throw createAuthError('BROWSER_DISMISSED', 'Authentication was cancelled');
117
118
  }
118
119
 
119
- // Note: The actual session restoration happens in handleAuthCallback
120
- // which should be called when the deep link is received
120
+ // Handle successful auth callback and restore session
121
+ if (result.type === 'success' && result.url) {
122
+ const callbackResult = await handleAuthCallback(result.url, supabaseClient);
123
+ if (!callbackResult.success) {
124
+ throw createAuthError('UNKNOWN_ERROR', callbackResult.error || 'Failed to complete authentication');
125
+ }
126
+ } else {
127
+ // Handle unexpected browser result (e.g., success without URL)
128
+ throw createAuthError(
129
+ 'UNKNOWN_ERROR',
130
+ `Unexpected auth result: type=${result.type}, hasUrl=${!!(result as any).url}`
131
+ );
132
+ }
121
133
  }
122
134
 
123
135
  /**
package/src/hooks/useAppleSignIn.ts CHANGED
@@ -74,6 +74,8 @@ export function useAppleSignIn(config: UseAppleSignInConfig): UseAppleSignInResu
74
74
 
75
75
  setError(authError);
76
76
  config.onError?.(authError);
77
+ // Re-throw so caller can also handle the error
78
+ throw authError;
77
79
  } finally {
78
80
  setIsLoading(false);
79
81
  }
package/src/hooks/useGoogleSignIn.ts CHANGED
@@ -77,6 +77,8 @@ export function useGoogleSignIn(config: UseGoogleSignInConfig): UseGoogleSignInR
77
77
 
78
78
  setError(authError);
79
79
  config.onError?.(authError);
80
+ // Re-throw so caller can also handle the error
81
+ throw authError;
80
82
  } finally {
81
83
  setIsLoading(false);
82
84
  }
package/src/utils/deepLink.ts CHANGED
@@ -1,9 +1,19 @@
1
+ import { Platform } from 'react-native';
1
2
  import { AUTH_CONFIG } from '../constants';
2
3
 
3
4
  /**
4
5
  * Get the default callback URL for OAuth
6
+ * Returns platform-appropriate URL:
7
+ * - Native (iOS/Android): fastshot://auth/callback
8
+ * - Web: https://current-origin/auth/callback
5
9
  */
6
10
  export function getDefaultCallbackUrl(): string {
11
+ if (Platform.OS === 'web') {
12
+ // Use HTTP URL for web browsers
13
+ const origin = (globalThis as any).location?.origin ?? '';
14
+ return `${origin}/${AUTH_CONFIG.CALLBACK_PATH}`;
15
+ }
16
+ // Use deep link scheme for native
7
17
  return `${AUTH_CONFIG.DEEP_LINK_SCHEME}://${AUTH_CONFIG.CALLBACK_PATH}`;
8
18
  }
9
19
 
@@ -26,7 +36,14 @@ export function parseCallbackUrl(url: string): {
26
36
  return {};
27
37
  }
28
38
 
29
- const queryString = url.substring(queryStart + 1);
39
+ // Get query string and strip any URL fragment (#)
40
+ // iOS often appends a trailing # to callback URLs
41
+ let queryString = url.substring(queryStart + 1);
42
+ const hashIndex = queryString.indexOf('#');
43
+ if (hashIndex !== -1) {
44
+ queryString = queryString.substring(0, hashIndex);
45
+ }
46
+
30
47
  const params = new URLSearchParams(queryString);
31
48
 
32
49
  return {
@@ -41,12 +58,26 @@ export function parseCallbackUrl(url: string): {
41
58
 
42
59
  /**
43
60
  * Check if a URL is a valid auth callback URL
61
+ * Supports both native deep links and web HTTP URLs
44
62
  */
45
63
  export function isAuthCallbackUrl(url: string): boolean {
46
64
  if (!url) return false;
47
65
 
48
- const expectedPrefix = `${AUTH_CONFIG.DEEP_LINK_SCHEME}://${AUTH_CONFIG.CALLBACK_PATH}`;
49
- return url.startsWith(expectedPrefix);
66
+ // Check native deep link format: fastshot://auth/callback
67
+ const nativePrefix = `${AUTH_CONFIG.DEEP_LINK_SCHEME}://${AUTH_CONFIG.CALLBACK_PATH}`;
68
+ if (url.startsWith(nativePrefix)) {
69
+ return true;
70
+ }
71
+
72
+ // Check web URL format: https://*/auth/callback or http://*/auth/callback
73
+ try {
74
+ const parsedUrl = new URL(url);
75
+ const isHttpProtocol = parsedUrl.protocol === 'http:' || parsedUrl.protocol === 'https:';
76
+ const hasCallbackPath = parsedUrl.pathname === `/${AUTH_CONFIG.CALLBACK_PATH}`;
77
+ return isHttpProtocol && hasCallbackPath;
78
+ } catch {
79
+ return false;
80
+ }
50
81
  }
51
82
 
52
83
  /**