npm - @feelflow/ffid-sdk - Versions diffs - 1.11.0 → 1.13.0 - Mend

@feelflow/ffid-sdk 1.11.0 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/{chunk-WZZP7SQB.cjs → chunk-7YV3SUEY.cjs} +354 -28
package/dist/{chunk-GW23IWNE.js → chunk-KFOIVZEY.js} +354 -28
package/dist/components/index.cjs +7 -7
package/dist/components/index.d.cts +1 -1
package/dist/components/index.d.ts +1 -1
package/dist/components/index.js +1 -1
package/dist/{index-DMgtXEt5.d.cts → index-GrAWBpmf.d.cts} +13 -1
package/dist/{index-DMgtXEt5.d.ts → index-GrAWBpmf.d.ts} +13 -1
package/dist/index.cjs +22 -22
package/dist/index.d.cts +63 -7
package/dist/index.d.ts +63 -7
package/dist/index.js +2 -2
package/dist/server/index.cjs +351 -26
package/dist/server/index.d.cts +62 -2
package/dist/server/index.d.ts +62 -2
package/dist/server/index.js +351 -26
package/package.json +1 -1

package/dist/{chunk-WZZP7SQB.cjs → chunk-7YV3SUEY.cjs} RENAMED Viewed

@@ -437,7 +437,7 @@ function createBillingMethods(deps) {
 }
 // src/client/version-check.ts
-var SDK_VERSION = "1.11.0";
+var SDK_VERSION = "1.13.0";
 var SDK_USER_AGENT = `FFID-SDK/${SDK_VERSION} (TypeScript)`;
 var SDK_VERSION_HEADER = "X-FFID-SDK-Version";
 function sdkHeaders() {
@@ -483,6 +483,22 @@ npm install @feelflow/ffid-sdk@latest \u3067\u30A2\u30C3\u30D7\u30C7\u30FC\u30C8
 var OAUTH_TOKEN_ENDPOINT = "/api/v1/oauth/token";
 var OAUTH_REVOKE_ENDPOINT = "/api/v1/oauth/revoke";
 var MS_PER_SECOND = 1e3;
+function validateTokenResponse(tokenResponse) {
+  const invalid = [];
+  if (!tokenResponse.access_token) {
+    invalid.push("access_token");
+  }
+  if (!tokenResponse.refresh_token) {
+    invalid.push("refresh_token");
+  }
+  if (typeof tokenResponse.expires_in !== "number" || tokenResponse.expires_in <= 0) {
+    invalid.push("expires_in");
+  }
+  if (invalid.length > 0) {
+    return `\u30C8\u30FC\u30AF\u30F3\u30EC\u30B9\u30DD\u30F3\u30B9\u306B\u4E0D\u6B63\u306A\u30D5\u30A3\u30FC\u30EB\u30C9\u304C\u3042\u308A\u307E\u3059: ${invalid.join(", ")}`;
+  }
+  return null;
+}
 function createOAuthTokenMethods(deps) {
   const {
     baseUrl,
@@ -552,6 +568,16 @@ function createOAuthTokenMethods(deps) {
         }
       };
     }
+    const validationError = validateTokenResponse(tokenResponse);
+    if (validationError) {
+      logger.error("Token exchange validation failed:", validationError);
+      return {
+        error: {
+          code: errorCodes.TOKEN_EXCHANGE_ERROR,
+          message: validationError
+        }
+      };
+    }
     tokenStore.setTokens({
       accessToken: tokenResponse.access_token,
       refreshToken: tokenResponse.refresh_token,
@@ -620,6 +646,16 @@ function createOAuthTokenMethods(deps) {
         }
       };
     }
+    const validationError = validateTokenResponse(tokenResponse);
+    if (validationError) {
+      logger.error("Token refresh validation failed:", validationError);
+      return {
+        error: {
+          code: errorCodes.TOKEN_REFRESH_ERROR,
+          message: validationError
+        }
+      };
+    }
     tokenStore.setTokens({
       accessToken: tokenResponse.access_token,
       refreshToken: tokenResponse.refresh_token,
@@ -873,14 +909,20 @@ async function generateCodeChallenge(verifier) {
   const digest = await crypto.subtle.digest("SHA-256", data);
   return base64UrlEncode(digest);
 }
-function storeCodeVerifier(verifier) {
+function storeCodeVerifier(verifier, logger) {
   try {
-    if (typeof window === "undefined") return;
+    if (typeof window === "undefined") {
+      logger?.warn("storeCodeVerifier: sessionStorage is not available in SSR context");
+      return false;
+    }
     window.sessionStorage.setItem(VERIFIER_STORAGE_KEY, verifier);
-  } catch {
+    return true;
+  } catch (error) {
+    logger?.warn("storeCodeVerifier: sessionStorage \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+    return false;
   }
 }
-function retrieveCodeVerifier() {
+function retrieveCodeVerifier(logger) {
   try {
     if (typeof window === "undefined") return null;
     const verifier = window.sessionStorage.getItem(VERIFIER_STORAGE_KEY);
@@ -888,7 +930,8 @@ function retrieveCodeVerifier() {
       window.sessionStorage.removeItem(VERIFIER_STORAGE_KEY);
     }
     return verifier;
-  } catch {
+  } catch (error) {
+    logger?.warn("retrieveCodeVerifier: sessionStorage \u304B\u3089\u306E\u53D6\u5F97\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
     return null;
   }
 }
@@ -921,32 +964,34 @@ function createRedirectMethods(deps) {
   } = deps;
   async function redirectToAuthorize() {
     const verifier = generateCodeVerifier();
-    storeCodeVerifier(verifier);
+    storeCodeVerifier(verifier, logger);
+    let challenge;
     try {
-      const challenge = await generateCodeChallenge(verifier);
-      const state = generateRandomState();
-      const redirectUri = resolvedRedirectUri ?? window.location.origin + window.location.pathname;
-      const params = new URLSearchParams({
-        response_type: "code",
-        client_id: clientId,
-        redirect_uri: redirectUri,
-        state,
-        code_challenge: challenge,
-        code_challenge_method: "S256"
-      });
-      const authorizeUrl = `${baseUrl}${OAUTH_AUTHORIZE_ENDPOINT}?${params.toString()}`;
-      logger.debug("Redirecting to authorize:", authorizeUrl);
-      window.location.href = authorizeUrl;
-      return true;
+      challenge = await generateCodeChallenge(verifier);
     } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : "PKCE \u30B3\u30FC\u30C9\u30C1\u30E3\u30EC\u30F3\u30B8\u306E\u751F\u6210\u306B\u5931\u6557\u3057\u307E\u3057\u305F";
       logger.error("PKCE \u30B3\u30FC\u30C9\u30C1\u30E3\u30EC\u30F3\u30B8\u306E\u751F\u6210\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
-      return false;
+      return { success: false, error: errorMessage };
     }
+    const state = generateRandomState();
+    const redirectUri = resolvedRedirectUri ?? window.location.origin + window.location.pathname;
+    const params = new URLSearchParams({
+      response_type: "code",
+      client_id: clientId,
+      redirect_uri: redirectUri,
+      state,
+      code_challenge: challenge,
+      code_challenge_method: "S256"
+    });
+    const authorizeUrl = `${baseUrl}${OAUTH_AUTHORIZE_ENDPOINT}?${params.toString()}`;
+    logger.debug("Redirecting to authorize:", authorizeUrl);
+    window.location.href = authorizeUrl;
+    return { success: true };
   }
   async function redirectToLogin() {
     if (typeof window === "undefined") {
-      logger.debug("Cannot redirect in SSR context");
-      return false;
+      logger.warn("SSR \u74B0\u5883\u3067\u306F\u30EA\u30C0\u30A4\u30EC\u30AF\u30C8\u3067\u304D\u307E\u305B\u3093");
+      return { success: false, error: "SSR \u74B0\u5883\u3067\u306F\u30EA\u30C0\u30A4\u30EC\u30AF\u30C8\u3067\u304D\u307E\u305B\u3093" };
     }
     if (authMode === "token") {
       return redirectToAuthorize();
@@ -955,19 +1000,273 @@ function createRedirectMethods(deps) {
     const loginUrl = `${baseUrl}/login?redirect=${encodeURIComponent(currentUrl)}&service=${encodeURIComponent(serviceCode)}`;
     logger.debug("Redirecting to login:", loginUrl);
     window.location.href = loginUrl;
-    return true;
+    return { success: true };
   }
   function getLoginUrl(redirectUrl) {
-    const redirect = redirectUrl ?? (typeof window !== "undefined" ? window.location.href : "");
+    let redirect;
+    if (redirectUrl != null) {
+      redirect = redirectUrl;
+    } else if (typeof window !== "undefined") {
+      redirect = window.location.href;
+    } else {
+      logger.warn("getLoginUrl: SSR \u74B0\u5883\u3067 redirectUrl \u304C\u672A\u6307\u5B9A\u306E\u305F\u3081\u7A7A\u6587\u5B57\u306B\u30D5\u30A9\u30FC\u30EB\u30D0\u30C3\u30AF\u3057\u307E\u3059");
+      redirect = "";
+    }
     return `${baseUrl}/login?redirect=${encodeURIComponent(redirect)}&service=${encodeURIComponent(serviceCode)}`;
   }
   function getSignupUrl(redirectUrl) {
-    const redirect = redirectUrl ?? (typeof window !== "undefined" ? window.location.href : "");
+    let redirect;
+    if (redirectUrl != null) {
+      redirect = redirectUrl;
+    } else if (typeof window !== "undefined") {
+      redirect = window.location.href;
+    } else {
+      logger.warn("getSignupUrl: SSR \u74B0\u5883\u3067 redirectUrl \u304C\u672A\u6307\u5B9A\u306E\u305F\u3081\u7A7A\u6587\u5B57\u306B\u30D5\u30A9\u30FC\u30EB\u30D0\u30C3\u30AF\u3057\u307E\u3059");
+      redirect = "";
+    }
     return `${baseUrl}/signup?redirect=${encodeURIComponent(redirect)}&service=${encodeURIComponent(serviceCode)}`;
   }
   return { redirectToLogin, redirectToAuthorize, getLoginUrl, getSignupUrl };
 }
+// src/client/password-reset.ts
+var RESET_PASSWORD_BASE = "/api/v1/auth/reset-password";
+function isBlank(value) {
+  return !value || !value.trim();
+}
+function createPasswordResetMethods(deps) {
+  const { baseUrl, logger, createError, fetchWithAuth, errorCodes } = deps;
+  async function fetchPublic(endpoint, options = {}) {
+    const url = `${baseUrl}${endpoint}`;
+    logger.debug("Fetching (public):", url);
+    let response;
+    try {
+      response = await fetch(url, {
+        ...options,
+        credentials: "include",
+        headers: {
+          "Content-Type": "application/json",
+          ...sdkHeaders(),
+          ...options.headers
+        }
+      });
+    } catch (error) {
+      logger.error("Network error:", error);
+      return {
+        error: {
+          code: errorCodes.NETWORK_ERROR,
+          message: error instanceof Error ? error.message : "\u30CD\u30C3\u30C8\u30EF\u30FC\u30AF\u30A8\u30E9\u30FC\u304C\u767A\u751F\u3057\u307E\u3057\u305F"
+        }
+      };
+    }
+    let raw;
+    try {
+      raw = await response.json();
+    } catch (parseError) {
+      logger.error("Parse error:", parseError, "Status:", response.status);
+      return {
+        error: {
+          code: errorCodes.PARSE_ERROR,
+          message: `\u30B5\u30FC\u30D0\u30FC\u304B\u3089\u4E0D\u6B63\u306A\u30EC\u30B9\u30DD\u30F3\u30B9\u3092\u53D7\u4FE1\u3057\u307E\u3057\u305F (status: ${response.status})`
+        }
+      };
+    }
+    logger.debug("Response (public):", response.status, raw);
+    checkVersionHeader(response, logger);
+    if (!response.ok) {
+      return {
+        error: raw.error ?? {
+          code: errorCodes.UNKNOWN_ERROR,
+          message: "\u30D1\u30B9\u30EF\u30FC\u30C9\u30EA\u30BB\u30C3\u30C8\u306B\u5931\u6557\u3057\u307E\u3057\u305F"
+        }
+      };
+    }
+    if (raw.data === void 0) {
+      return {
+        error: {
+          code: errorCodes.UNKNOWN_ERROR,
+          message: "\u30B5\u30FC\u30D0\u30FC\u304B\u3089\u30C7\u30FC\u30BF\u304C\u8FD4\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"
+        }
+      };
+    }
+    return { data: raw.data };
+  }
+  async function requestPasswordReset(email) {
+    if (isBlank(email)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    return fetchPublic(
+      RESET_PASSWORD_BASE,
+      {
+        method: "POST",
+        body: JSON.stringify({ email })
+      }
+    );
+  }
+  async function verifyPasswordResetToken(accessToken) {
+    if (isBlank(accessToken)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30A2\u30AF\u30BB\u30B9\u30C8\u30FC\u30AF\u30F3\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    const query = new URLSearchParams({
+      access_token: accessToken,
+      type: "recovery"
+    });
+    return fetchPublic(
+      `${RESET_PASSWORD_BASE}/verify?${query.toString()}`
+    );
+  }
+  async function establishResetSession(accessToken, refreshToken) {
+    if (isBlank(accessToken)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30A2\u30AF\u30BB\u30B9\u30C8\u30FC\u30AF\u30F3\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    if (isBlank(refreshToken)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30EA\u30D5\u30EC\u30C3\u30B7\u30E5\u30C8\u30FC\u30AF\u30F3\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    return fetchPublic(
+      `${RESET_PASSWORD_BASE}/session`,
+      {
+        method: "POST",
+        body: JSON.stringify({ accessToken, refreshToken })
+      }
+    );
+  }
+  async function confirmPasswordReset(password) {
+    if (isBlank(password)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30D1\u30B9\u30EF\u30FC\u30C9\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    return fetchWithAuth(
+      `${RESET_PASSWORD_BASE}/confirm`,
+      {
+        method: "POST",
+        body: JSON.stringify({ password })
+      }
+    );
+  }
+  return {
+    requestPasswordReset,
+    verifyPasswordResetToken,
+    establishResetSession,
+    confirmPasswordReset
+  };
+}
+// src/client/otp.ts
+var OTP_BASE = "/api/v1/auth/otp";
+function isBlank2(value) {
+  return !value || !value.trim();
+}
+function createOtpMethods(deps) {
+  const { baseUrl, logger, createError, errorCodes } = deps;
+  async function fetchPublic(endpoint, options = {}) {
+    const url = `${baseUrl}${endpoint}`;
+    logger.debug("Fetching (public):", url);
+    let response;
+    try {
+      response = await fetch(url, {
+        ...options,
+        credentials: "include",
+        headers: {
+          "Content-Type": "application/json",
+          ...sdkHeaders(),
+          ...options.headers
+        }
+      });
+    } catch (error) {
+      logger.error("Network error:", error);
+      return {
+        error: {
+          code: errorCodes.NETWORK_ERROR,
+          message: error instanceof Error ? error.message : "\u30CD\u30C3\u30C8\u30EF\u30FC\u30AF\u30A8\u30E9\u30FC\u304C\u767A\u751F\u3057\u307E\u3057\u305F"
+        }
+      };
+    }
+    let raw;
+    try {
+      raw = await response.json();
+    } catch (parseError) {
+      logger.error("Parse error:", parseError, "Status:", response.status);
+      return {
+        error: {
+          code: errorCodes.PARSE_ERROR,
+          message: `\u30B5\u30FC\u30D0\u30FC\u304B\u3089\u4E0D\u6B63\u306A\u30EC\u30B9\u30DD\u30F3\u30B9\u3092\u53D7\u4FE1\u3057\u307E\u3057\u305F (status: ${response.status})`
+        }
+      };
+    }
+    logger.debug("Response (public):", response.status, raw);
+    checkVersionHeader(response, logger);
+    if (!response.ok) {
+      return {
+        error: raw.error ?? {
+          code: errorCodes.UNKNOWN_ERROR,
+          message: "OTP\u8A8D\u8A3C\u306B\u5931\u6557\u3057\u307E\u3057\u305F"
+        }
+      };
+    }
+    if (raw.data === void 0) {
+      return {
+        error: {
+          code: errorCodes.UNKNOWN_ERROR,
+          message: "\u30B5\u30FC\u30D0\u30FC\u304B\u3089\u30C7\u30FC\u30BF\u304C\u8FD4\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"
+        }
+      };
+    }
+    return { data: raw.data };
+  }
+  async function sendOtp(email, options) {
+    if (isBlank2(email)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    return fetchPublic(
+      `${OTP_BASE}/send`,
+      {
+        method: "POST",
+        body: JSON.stringify({
+          email,
+          ...options?.redirectUrl ? { redirectUrl: options.redirectUrl } : {}
+        })
+      }
+    );
+  }
+  async function verifyOtp(params) {
+    if (isBlank2(params.accessToken)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30A2\u30AF\u30BB\u30B9\u30C8\u30FC\u30AF\u30F3\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    if (isBlank2(params.refreshToken)) {
+      return {
+        error: createError("VALIDATION_ERROR", "\u30EA\u30D5\u30EC\u30C3\u30B7\u30E5\u30C8\u30FC\u30AF\u30F3\u306F\u5FC5\u9808\u3067\u3059")
+      };
+    }
+    return fetchPublic(
+      `${OTP_BASE}/verify`,
+      {
+        method: "POST",
+        body: JSON.stringify({
+          accessToken: params.accessToken,
+          refreshToken: params.refreshToken
+        })
+      }
+    );
+  }
+  return {
+    sendOtp,
+    verifyOtp
+  };
+}
 // src/client/ffid-client.ts
 var UNAUTHORIZED_STATUS2 = 401;
 var SDK_LOG_PREFIX = "[FFID SDK]";
@@ -1100,6 +1399,9 @@ function createFFIDClient(config) {
             }
           };
         }
+      } else {
+        logger.warn("Token refresh failed, returning refresh error:", refreshResult.error);
+        return { error: refreshResult.error };
       }
     }
     let raw;
@@ -1177,6 +1479,24 @@ function createFFIDClient(config) {
     fetchWithAuth,
     createError
   });
+  const {
+    requestPasswordReset,
+    verifyPasswordResetToken,
+    establishResetSession,
+    confirmPasswordReset
+  } = createPasswordResetMethods({
+    baseUrl,
+    logger,
+    createError,
+    fetchWithAuth,
+    errorCodes: FFID_ERROR_CODES
+  });
+  const { sendOtp, verifyOtp } = createOtpMethods({
+    baseUrl,
+    logger,
+    createError,
+    errorCodes: FFID_ERROR_CODES
+  });
   const verifyAccessToken = createVerifyAccessToken({
     authMode,
     baseUrl,
@@ -1202,6 +1522,12 @@ function createFFIDClient(config) {
     createCheckoutSession,
     createPortalSession,
     verifyAccessToken,
+    requestPasswordReset,
+    verifyPasswordResetToken,
+    establishResetSession,
+    confirmPasswordReset,
+    sendOtp,
+    verifyOtp,
     /** Token store (token mode only) */
     tokenStore,
     /** Resolved auth mode */