npm - @feelflow/ffid-sdk - Versions diffs - 2.16.0 → 2.17.1 - Mend

@feelflow/ffid-sdk 2.16.0 → 2.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/{chunk-PA6S2M7C.cjs → chunk-DERFBYBZ.cjs} +65 -14
package/dist/{chunk-4IWCKZJV.js → chunk-FGTRPNSW.js} +65 -14
package/dist/components/index.cjs +8 -8
package/dist/components/index.d.cts +1 -1
package/dist/components/index.d.ts +1 -1
package/dist/components/index.js +1 -1
package/dist/{index-DbEyptzr.d.cts → index-Cv1qXIl1.d.cts} +5 -2
package/dist/{index-DbEyptzr.d.ts → index-Cv1qXIl1.d.ts} +5 -2
package/dist/index.cjs +28 -28
package/dist/index.d.cts +12 -9
package/dist/index.d.ts +12 -9
package/dist/index.js +2 -2
package/dist/server/index.cjs +19 -7
package/dist/server/index.d.cts +5 -2
package/dist/server/index.d.ts +5 -2
package/dist/server/index.js +19 -7
package/package.json +1 -1

package/dist/{chunk-PA6S2M7C.cjs → chunk-DERFBYBZ.cjs} RENAMED Viewed

@@ -810,10 +810,11 @@ function createProfileMethods(deps) {
 }
 // src/client/version-check.ts
-var SDK_VERSION = "2.16.0";
+var SDK_VERSION = "2.17.1";
 var SDK_USER_AGENT = `FFID-SDK/${SDK_VERSION} (TypeScript)`;
 var SDK_VERSION_HEADER = "X-FFID-SDK-Version";
 function sdkHeaders() {
+  if (typeof window !== "undefined") return {};
   return {
     "User-Agent": SDK_USER_AGENT,
     [SDK_VERSION_HEADER]: SDK_VERSION
@@ -1264,6 +1265,9 @@ function createSessionMethods(deps) {
 // src/auth/pkce.ts
 var VERIFIER_STORAGE_KEY = "ffid_code_verifier";
+var VERIFIER_FALLBACK_STORAGE_KEY = "ffid_code_verifier_fb";
+var VERIFIER_FALLBACK_TIMESTAMP_KEY = "ffid_code_verifier_fb_ts";
+var CODE_VERIFIER_MAX_AGE_MS = 5 * 60 * 1e3;
 var CODE_VERIFIER_MIN_LENGTH = 43;
 var UNRESERVED_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
 function generateCodeVerifier() {
@@ -1283,30 +1287,77 @@ async function generateCodeChallenge(verifier) {
   return base64UrlEncode(digest);
 }
 function storeCodeVerifier(verifier, logger) {
+  if (typeof window === "undefined") {
+    logger?.warn("storeCodeVerifier: storage is not available in SSR context");
+    return false;
+  }
+  let sessionStored = false;
   try {
-    if (typeof window === "undefined") {
-      logger?.warn("storeCodeVerifier: sessionStorage is not available in SSR context");
-      return false;
-    }
     window.sessionStorage.setItem(VERIFIER_STORAGE_KEY, verifier);
-    return true;
+    sessionStored = true;
   } catch (error) {
     logger?.warn("storeCodeVerifier: sessionStorage \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
-    return false;
   }
+  let localStored = false;
+  try {
+    window.localStorage.setItem(VERIFIER_FALLBACK_STORAGE_KEY, verifier);
+    window.localStorage.setItem(VERIFIER_FALLBACK_TIMESTAMP_KEY, String(Date.now()));
+    localStored = true;
+  } catch (error) {
+    logger?.warn("storeCodeVerifier: localStorage fallback \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  return sessionStored || localStored;
 }
 function retrieveCodeVerifier(logger) {
+  if (typeof window === "undefined") return null;
+  let sessionVerifier = null;
   try {
-    if (typeof window === "undefined") return null;
-    const verifier = window.sessionStorage.getItem(VERIFIER_STORAGE_KEY);
-    if (verifier) {
-      window.sessionStorage.removeItem(VERIFIER_STORAGE_KEY);
-    }
-    return verifier;
+    sessionVerifier = window.sessionStorage.getItem(VERIFIER_STORAGE_KEY);
   } catch (error) {
     logger?.warn("retrieveCodeVerifier: sessionStorage \u304B\u3089\u306E\u53D6\u5F97\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  if (sessionVerifier) {
+    cleanupVerifierStorage(logger);
+    return sessionVerifier;
+  }
+  let fallbackVerifier = null;
+  let fallbackTimestamp = null;
+  try {
+    fallbackVerifier = window.localStorage.getItem(VERIFIER_FALLBACK_STORAGE_KEY);
+    fallbackTimestamp = window.localStorage.getItem(VERIFIER_FALLBACK_TIMESTAMP_KEY);
+  } catch (error) {
+    logger?.warn("retrieveCodeVerifier: localStorage fallback \u304B\u3089\u306E\u53D6\u5F97\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+    cleanupVerifierStorage(logger);
+    return null;
+  }
+  if (!fallbackVerifier || !fallbackTimestamp) {
+    cleanupVerifierStorage(logger);
     return null;
   }
+  const ts = Number(fallbackTimestamp);
+  const age = Date.now() - ts;
+  if (!Number.isFinite(ts) || age < 0 || age > CODE_VERIFIER_MAX_AGE_MS) {
+    cleanupVerifierStorage(logger);
+    return null;
+  }
+  logger?.warn(
+    "retrieveCodeVerifier: sessionStorage was empty, recovered code_verifier from localStorage fallback"
+  );
+  cleanupVerifierStorage(logger);
+  return fallbackVerifier;
+}
+function cleanupVerifierStorage(logger) {
+  try {
+    window.sessionStorage.removeItem(VERIFIER_STORAGE_KEY);
+  } catch (error) {
+    logger?.warn("retrieveCodeVerifier: sessionStorage \u306E\u30AF\u30EA\u30FC\u30F3\u30A2\u30C3\u30D7\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  try {
+    window.localStorage.removeItem(VERIFIER_FALLBACK_STORAGE_KEY);
+    window.localStorage.removeItem(VERIFIER_FALLBACK_TIMESTAMP_KEY);
+  } catch (error) {
+    logger?.warn("retrieveCodeVerifier: localStorage \u306E\u30AF\u30EA\u30FC\u30F3\u30A2\u30C3\u30D7\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
 }
 function base64UrlEncode(buffer) {
   const bytes = new Uint8Array(buffer);
@@ -2498,7 +2549,7 @@ function FFIDProvider({
     const code = urlParams.get("code");
     if (!code) return;
     client.logger.debug("Authorization code detected, exchanging for tokens");
-    const codeVerifier = retrieveCodeVerifier();
+    const codeVerifier = retrieveCodeVerifier(client.logger);
     client.exchangeCodeForTokens(code, codeVerifier ?? void 0).then((result) => {
       if (result.error) {
         client.logger.error("Token exchange failed:", result.error);

package/dist/{chunk-4IWCKZJV.js → chunk-FGTRPNSW.js} RENAMED Viewed

@@ -808,10 +808,11 @@ function createProfileMethods(deps) {
 }
 // src/client/version-check.ts
-var SDK_VERSION = "2.16.0";
+var SDK_VERSION = "2.17.1";
 var SDK_USER_AGENT = `FFID-SDK/${SDK_VERSION} (TypeScript)`;
 var SDK_VERSION_HEADER = "X-FFID-SDK-Version";
 function sdkHeaders() {
+  if (typeof window !== "undefined") return {};
   return {
     "User-Agent": SDK_USER_AGENT,
     [SDK_VERSION_HEADER]: SDK_VERSION
@@ -1262,6 +1263,9 @@ function createSessionMethods(deps) {
 // src/auth/pkce.ts
 var VERIFIER_STORAGE_KEY = "ffid_code_verifier";
+var VERIFIER_FALLBACK_STORAGE_KEY = "ffid_code_verifier_fb";
+var VERIFIER_FALLBACK_TIMESTAMP_KEY = "ffid_code_verifier_fb_ts";
+var CODE_VERIFIER_MAX_AGE_MS = 5 * 60 * 1e3;
 var CODE_VERIFIER_MIN_LENGTH = 43;
 var UNRESERVED_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
 function generateCodeVerifier() {
@@ -1281,30 +1285,77 @@ async function generateCodeChallenge(verifier) {
   return base64UrlEncode(digest);
 }
 function storeCodeVerifier(verifier, logger) {
+  if (typeof window === "undefined") {
+    logger?.warn("storeCodeVerifier: storage is not available in SSR context");
+    return false;
+  }
+  let sessionStored = false;
   try {
-    if (typeof window === "undefined") {
-      logger?.warn("storeCodeVerifier: sessionStorage is not available in SSR context");
-      return false;
-    }
     window.sessionStorage.setItem(VERIFIER_STORAGE_KEY, verifier);
-    return true;
+    sessionStored = true;
   } catch (error) {
     logger?.warn("storeCodeVerifier: sessionStorage \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
-    return false;
   }
+  let localStored = false;
+  try {
+    window.localStorage.setItem(VERIFIER_FALLBACK_STORAGE_KEY, verifier);
+    window.localStorage.setItem(VERIFIER_FALLBACK_TIMESTAMP_KEY, String(Date.now()));
+    localStored = true;
+  } catch (error) {
+    logger?.warn("storeCodeVerifier: localStorage fallback \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  return sessionStored || localStored;
 }
 function retrieveCodeVerifier(logger) {
+  if (typeof window === "undefined") return null;
+  let sessionVerifier = null;
   try {
-    if (typeof window === "undefined") return null;
-    const verifier = window.sessionStorage.getItem(VERIFIER_STORAGE_KEY);
-    if (verifier) {
-      window.sessionStorage.removeItem(VERIFIER_STORAGE_KEY);
-    }
-    return verifier;
+    sessionVerifier = window.sessionStorage.getItem(VERIFIER_STORAGE_KEY);
   } catch (error) {
     logger?.warn("retrieveCodeVerifier: sessionStorage \u304B\u3089\u306E\u53D6\u5F97\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  if (sessionVerifier) {
+    cleanupVerifierStorage(logger);
+    return sessionVerifier;
+  }
+  let fallbackVerifier = null;
+  let fallbackTimestamp = null;
+  try {
+    fallbackVerifier = window.localStorage.getItem(VERIFIER_FALLBACK_STORAGE_KEY);
+    fallbackTimestamp = window.localStorage.getItem(VERIFIER_FALLBACK_TIMESTAMP_KEY);
+  } catch (error) {
+    logger?.warn("retrieveCodeVerifier: localStorage fallback \u304B\u3089\u306E\u53D6\u5F97\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+    cleanupVerifierStorage(logger);
+    return null;
+  }
+  if (!fallbackVerifier || !fallbackTimestamp) {
+    cleanupVerifierStorage(logger);
     return null;
   }
+  const ts = Number(fallbackTimestamp);
+  const age = Date.now() - ts;
+  if (!Number.isFinite(ts) || age < 0 || age > CODE_VERIFIER_MAX_AGE_MS) {
+    cleanupVerifierStorage(logger);
+    return null;
+  }
+  logger?.warn(
+    "retrieveCodeVerifier: sessionStorage was empty, recovered code_verifier from localStorage fallback"
+  );
+  cleanupVerifierStorage(logger);
+  return fallbackVerifier;
+}
+function cleanupVerifierStorage(logger) {
+  try {
+    window.sessionStorage.removeItem(VERIFIER_STORAGE_KEY);
+  } catch (error) {
+    logger?.warn("retrieveCodeVerifier: sessionStorage \u306E\u30AF\u30EA\u30FC\u30F3\u30A2\u30C3\u30D7\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  try {
+    window.localStorage.removeItem(VERIFIER_FALLBACK_STORAGE_KEY);
+    window.localStorage.removeItem(VERIFIER_FALLBACK_TIMESTAMP_KEY);
+  } catch (error) {
+    logger?.warn("retrieveCodeVerifier: localStorage \u306E\u30AF\u30EA\u30FC\u30F3\u30A2\u30C3\u30D7\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
 }
 function base64UrlEncode(buffer) {
   const bytes = new Uint8Array(buffer);
@@ -2496,7 +2547,7 @@ function FFIDProvider({
     const code = urlParams.get("code");
     if (!code) return;
     client.logger.debug("Authorization code detected, exchanging for tokens");
-    const codeVerifier = retrieveCodeVerifier();
+    const codeVerifier = retrieveCodeVerifier(client.logger);
     client.exchangeCodeForTokens(code, codeVerifier ?? void 0).then((result) => {
       if (result.error) {
         client.logger.error("Token exchange failed:", result.error);

package/dist/components/index.cjs CHANGED Viewed

@@ -1,34 +1,34 @@
 'use strict';
-var chunkPA6S2M7C_cjs = require('../chunk-PA6S2M7C.cjs');
+var chunkDERFBYBZ_cjs = require('../chunk-DERFBYBZ.cjs');
 Object.defineProperty(exports, "FFIDAnnouncementBadge", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDAnnouncementBadge; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDAnnouncementBadge; }
 });
 Object.defineProperty(exports, "FFIDAnnouncementList", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDAnnouncementList; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDAnnouncementList; }
 });
 Object.defineProperty(exports, "FFIDInquiryForm", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDInquiryForm; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDInquiryForm; }
 });
 Object.defineProperty(exports, "FFIDLoginButton", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDLoginButton; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDLoginButton; }
 });
 Object.defineProperty(exports, "FFIDOrganizationSwitcher", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDOrganizationSwitcher; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDOrganizationSwitcher; }
 });
 Object.defineProperty(exports, "FFIDSubscriptionBadge", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDSubscriptionBadge; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDSubscriptionBadge; }
 });
 Object.defineProperty(exports, "FFIDUserMenu", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDUserMenu; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDUserMenu; }
 });

package/dist/components/index.d.cts CHANGED Viewed

@@ -1,3 +1,3 @@
-export { K as FFIDAnnouncementBadge, aj as FFIDAnnouncementBadgeClassNames, ak as FFIDAnnouncementBadgeProps, M as FFIDAnnouncementList, al as FFIDAnnouncementListClassNames, am as FFIDAnnouncementListProps, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a2 as FFIDLoginButton, an as FFIDLoginButtonProps, a8 as FFIDOrganizationSwitcher, ao as FFIDOrganizationSwitcherClassNames, ap as FFIDOrganizationSwitcherProps, aa as FFIDSubscriptionBadge, aq as FFIDSubscriptionBadgeClassNames, ar as FFIDSubscriptionBadgeProps, ac as FFIDUserMenu, as as FFIDUserMenuClassNames, at as FFIDUserMenuProps } from '../index-DbEyptzr.cjs';
+export { K as FFIDAnnouncementBadge, aj as FFIDAnnouncementBadgeClassNames, ak as FFIDAnnouncementBadgeProps, M as FFIDAnnouncementList, al as FFIDAnnouncementListClassNames, am as FFIDAnnouncementListProps, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a2 as FFIDLoginButton, an as FFIDLoginButtonProps, a8 as FFIDOrganizationSwitcher, ao as FFIDOrganizationSwitcherClassNames, ap as FFIDOrganizationSwitcherProps, aa as FFIDSubscriptionBadge, aq as FFIDSubscriptionBadgeClassNames, ar as FFIDSubscriptionBadgeProps, ac as FFIDUserMenu, as as FFIDUserMenuClassNames, at as FFIDUserMenuProps } from '../index-Cv1qXIl1.cjs';
 import 'react/jsx-runtime';
 import 'react';

package/dist/components/index.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
-export { K as FFIDAnnouncementBadge, aj as FFIDAnnouncementBadgeClassNames, ak as FFIDAnnouncementBadgeProps, M as FFIDAnnouncementList, al as FFIDAnnouncementListClassNames, am as FFIDAnnouncementListProps, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a2 as FFIDLoginButton, an as FFIDLoginButtonProps, a8 as FFIDOrganizationSwitcher, ao as FFIDOrganizationSwitcherClassNames, ap as FFIDOrganizationSwitcherProps, aa as FFIDSubscriptionBadge, aq as FFIDSubscriptionBadgeClassNames, ar as FFIDSubscriptionBadgeProps, ac as FFIDUserMenu, as as FFIDUserMenuClassNames, at as FFIDUserMenuProps } from '../index-DbEyptzr.js';
+export { K as FFIDAnnouncementBadge, aj as FFIDAnnouncementBadgeClassNames, ak as FFIDAnnouncementBadgeProps, M as FFIDAnnouncementList, al as FFIDAnnouncementListClassNames, am as FFIDAnnouncementListProps, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a2 as FFIDLoginButton, an as FFIDLoginButtonProps, a8 as FFIDOrganizationSwitcher, ao as FFIDOrganizationSwitcherClassNames, ap as FFIDOrganizationSwitcherProps, aa as FFIDSubscriptionBadge, aq as FFIDSubscriptionBadgeClassNames, ar as FFIDSubscriptionBadgeProps, ac as FFIDUserMenu, as as FFIDUserMenuClassNames, at as FFIDUserMenuProps } from '../index-Cv1qXIl1.js';
 import 'react/jsx-runtime';
 import 'react';

package/dist/components/index.js CHANGED Viewed

	@@ -1 +1 @@
1	- export { FFIDAnnouncementBadge, FFIDAnnouncementList, FFIDInquiryForm, FFIDLoginButton, FFIDOrganizationSwitcher, FFIDSubscriptionBadge, FFIDUserMenu } from '../chunk-~~4IWCKZJV~~.js';
1	+ export { FFIDAnnouncementBadge, FFIDAnnouncementList, FFIDInquiryForm, FFIDLoginButton, FFIDOrganizationSwitcher, FFIDSubscriptionBadge, FFIDUserMenu } from '../chunk-FGTRPNSW.js';

package/dist/{index-DbEyptzr.d.cts → index-Cv1qXIl1.d.cts} RENAMED Viewed

@@ -471,8 +471,11 @@ interface FFIDUserProfile {
  * When `accessToken` is supplied with a non-empty value, it overrides the client's
  * configured auth mode: authentication for that request uses only
  * `Authorization: Bearer <accessToken>` (no service key, no cookie, no token-store
- * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` and
- * SDK metadata headers (User-Agent / X-FFID-SDK-Version) are still attached.
+ * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` are
+ * still attached. SDK metadata headers (`User-Agent` / `X-FFID-SDK-Version`) are
+ * attached on non-browser runtimes only (Node.js / Cloudflare Workers / Edge /
+ * Deno); browsers receive an empty object to avoid iOS WebKit `fetch()` breakage
+ * (see #2417).
  *
  * Runtime semantics:
  * - `accessToken` omitted (or `undefined`) → no override, configured `authMode` is used

package/dist/{index-DbEyptzr.d.ts → index-Cv1qXIl1.d.ts} RENAMED Viewed

@@ -471,8 +471,11 @@ interface FFIDUserProfile {
  * When `accessToken` is supplied with a non-empty value, it overrides the client's
  * configured auth mode: authentication for that request uses only
  * `Authorization: Bearer <accessToken>` (no service key, no cookie, no token-store
- * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` and
- * SDK metadata headers (User-Agent / X-FFID-SDK-Version) are still attached.
+ * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` are
+ * still attached. SDK metadata headers (`User-Agent` / `X-FFID-SDK-Version`) are
+ * attached on non-browser runtimes only (Node.js / Cloudflare Workers / Edge /
+ * Deno); browsers receive an empty object to avoid iOS WebKit `fetch()` breakage
+ * (see #2417).
  *
  * Runtime semantics:
  * - `accessToken` omitted (or `undefined`) → no override, configured `authMode` is used

package/dist/index.cjs CHANGED Viewed

@@ -1,6 +1,6 @@
 'use strict';
-var chunkPA6S2M7C_cjs = require('./chunk-PA6S2M7C.cjs');
+var chunkDERFBYBZ_cjs = require('./chunk-DERFBYBZ.cjs');
 var react = require('react');
 var jsxRuntime = require('react/jsx-runtime');
@@ -46,7 +46,7 @@ function createKVCacheAdapter(kv) {
 }
 function withFFIDAuth(Component, options = {}) {
   const WrappedComponent = (props) => {
-    const { isLoading, isAuthenticated, login } = chunkPA6S2M7C_cjs.useFFIDContext();
+    const { isLoading, isAuthenticated, login } = chunkDERFBYBZ_cjs.useFFIDContext();
     const hasRedirected = react.useRef(false);
     react.useEffect(() => {
       if (!isLoading && !isAuthenticated && options.redirectToLogin && !hasRedirected.current) {
@@ -74,107 +74,107 @@ var FFID_NEWSLETTER_TYPES = ["inquiry_followup", "general"];
 Object.defineProperty(exports, "DEFAULT_API_BASE_URL", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.DEFAULT_API_BASE_URL; }
+  get: function () { return chunkDERFBYBZ_cjs.DEFAULT_API_BASE_URL; }
 });
 Object.defineProperty(exports, "FFIDAnnouncementBadge", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDAnnouncementBadge; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDAnnouncementBadge; }
 });
 Object.defineProperty(exports, "FFIDAnnouncementList", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDAnnouncementList; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDAnnouncementList; }
 });
 Object.defineProperty(exports, "FFIDInquiryForm", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDInquiryForm; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDInquiryForm; }
 });
 Object.defineProperty(exports, "FFIDLoginButton", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDLoginButton; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDLoginButton; }
 });
 Object.defineProperty(exports, "FFIDOrganizationSwitcher", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDOrganizationSwitcher; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDOrganizationSwitcher; }
 });
 Object.defineProperty(exports, "FFIDProvider", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDProvider; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDProvider; }
 });
 Object.defineProperty(exports, "FFIDSDKError", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDSDKError; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDSDKError; }
 });
 Object.defineProperty(exports, "FFIDSubscriptionBadge", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDSubscriptionBadge; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDSubscriptionBadge; }
 });
 Object.defineProperty(exports, "FFIDUserMenu", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFIDUserMenu; }
+  get: function () { return chunkDERFBYBZ_cjs.FFIDUserMenu; }
 });
 Object.defineProperty(exports, "FFID_ANNOUNCEMENTS_ERROR_CODES", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFID_ANNOUNCEMENTS_ERROR_CODES; }
+  get: function () { return chunkDERFBYBZ_cjs.FFID_ANNOUNCEMENTS_ERROR_CODES; }
 });
 Object.defineProperty(exports, "FFID_INQUIRY_CATEGORIES", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFID_INQUIRY_CATEGORIES; }
+  get: function () { return chunkDERFBYBZ_cjs.FFID_INQUIRY_CATEGORIES; }
 });
 Object.defineProperty(exports, "FFID_INQUIRY_CATEGORIES_SITE_2026", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.FFID_INQUIRY_CATEGORIES_SITE_2026; }
+  get: function () { return chunkDERFBYBZ_cjs.FFID_INQUIRY_CATEGORIES_SITE_2026; }
 });
 Object.defineProperty(exports, "createFFIDAnnouncementsClient", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.createFFIDAnnouncementsClient; }
+  get: function () { return chunkDERFBYBZ_cjs.createFFIDAnnouncementsClient; }
 });
 Object.defineProperty(exports, "createFFIDClient", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.createFFIDClient; }
+  get: function () { return chunkDERFBYBZ_cjs.createFFIDClient; }
 });
 Object.defineProperty(exports, "createTokenStore", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.createTokenStore; }
+  get: function () { return chunkDERFBYBZ_cjs.createTokenStore; }
 });
 Object.defineProperty(exports, "generateCodeChallenge", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.generateCodeChallenge; }
+  get: function () { return chunkDERFBYBZ_cjs.generateCodeChallenge; }
 });
 Object.defineProperty(exports, "generateCodeVerifier", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.generateCodeVerifier; }
+  get: function () { return chunkDERFBYBZ_cjs.generateCodeVerifier; }
 });
 Object.defineProperty(exports, "isFFIDInquiryCategorySite2026", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.isFFIDInquiryCategorySite2026; }
+  get: function () { return chunkDERFBYBZ_cjs.isFFIDInquiryCategorySite2026; }
 });
 Object.defineProperty(exports, "normalizeRedirectUri", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.normalizeRedirectUri; }
+  get: function () { return chunkDERFBYBZ_cjs.normalizeRedirectUri; }
 });
 Object.defineProperty(exports, "retrieveCodeVerifier", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.retrieveCodeVerifier; }
+  get: function () { return chunkDERFBYBZ_cjs.retrieveCodeVerifier; }
 });
 Object.defineProperty(exports, "storeCodeVerifier", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.storeCodeVerifier; }
+  get: function () { return chunkDERFBYBZ_cjs.storeCodeVerifier; }
 });
 Object.defineProperty(exports, "useFFID", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.useFFID; }
+  get: function () { return chunkDERFBYBZ_cjs.useFFID; }
 });
 Object.defineProperty(exports, "useFFIDAnnouncements", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.useFFIDAnnouncements; }
+  get: function () { return chunkDERFBYBZ_cjs.useFFIDAnnouncements; }
 });
 Object.defineProperty(exports, "useSubscription", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.useSubscription; }
+  get: function () { return chunkDERFBYBZ_cjs.useSubscription; }
 });
 Object.defineProperty(exports, "withSubscription", {
   enumerable: true,
-  get: function () { return chunkPA6S2M7C_cjs.withSubscription; }
+  get: function () { return chunkDERFBYBZ_cjs.withSubscription; }
 });
 exports.FFID_NEWSLETTER_TYPES = FFID_NEWSLETTER_TYPES;
 exports.createKVCacheAdapter = createKVCacheAdapter;

package/dist/index.d.cts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { F as FFIDSubscriptionStatus, a as FFIDConfig, b as FFIDApiResponse, c as FFIDSessionResponse, d as FFIDRedirectResult, e as FFIDError, f as FFIDSubscriptionCheckResponse, g as FFIDListMembersResponse, h as FFIDMemberRole, i as FFIDUpdateMemberRoleResponse, j as FFIDRemoveMemberResponse, k as FFIDProfileCallOptions, l as FFIDUserProfile, m as FFIDUpdateUserProfileRequest, n as FFIDCreateCheckoutParams, o as FFIDCheckoutSessionResponse, p as FFIDCreatePortalParams, q as FFIDPortalSessionResponse, r as FFIDVerifyAccessTokenOptions, s as FFIDOAuthUserInfo, t as FFIDInquiryCreateParams, u as FFIDInquiryCreateResponse, v as FFIDAuthMode, w as FFIDLogger, x as FFIDCacheAdapter, y as FFIDUser, z as FFIDOrganization, A as FFIDSubscription, B as FFIDSubscriptionContextValue, C as FFIDAnnouncementsClientConfig, L as ListAnnouncementsOptions, D as FFIDAnnouncementsApiResponse, E as AnnouncementListResponse, G as FFIDAnnouncementsLogger } from './index-DbEyptzr.cjs';
-export { H as Announcement, I as AnnouncementStatus, J as AnnouncementType, K as FFIDAnnouncementBadge, M as FFIDAnnouncementList, N as FFIDAnnouncementsError, O as FFIDAnnouncementsErrorCode, P as FFIDAnnouncementsServerResponse, Q as FFIDCacheConfig, R as FFIDContextValue, S as FFIDInquiryCategory, T as FFIDInquiryCategorySite2026, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a1 as FFIDJwtClaims, a2 as FFIDLoginButton, a3 as FFIDMemberStatus, a4 as FFIDOAuthTokenResponse, a5 as FFIDOAuthUserInfoMemberRole, a6 as FFIDOAuthUserInfoSubscription, a7 as FFIDOrganizationMember, a8 as FFIDOrganizationSwitcher, a9 as FFIDSeatModel, aa as FFIDSubscriptionBadge, ab as FFIDTokenIntrospectionResponse, ac as FFIDUserMenu, ad as FFID_INQUIRY_CATEGORIES, ae as FFID_INQUIRY_CATEGORIES_SITE_2026, af as UseFFIDAnnouncementsOptions, ag as UseFFIDAnnouncementsReturn, ah as isFFIDInquiryCategorySite2026, ai as useFFIDAnnouncements } from './index-DbEyptzr.cjs';
+import { F as FFIDSubscriptionStatus, a as FFIDConfig, b as FFIDApiResponse, c as FFIDSessionResponse, d as FFIDRedirectResult, e as FFIDError, f as FFIDSubscriptionCheckResponse, g as FFIDListMembersResponse, h as FFIDMemberRole, i as FFIDUpdateMemberRoleResponse, j as FFIDRemoveMemberResponse, k as FFIDProfileCallOptions, l as FFIDUserProfile, m as FFIDUpdateUserProfileRequest, n as FFIDCreateCheckoutParams, o as FFIDCheckoutSessionResponse, p as FFIDCreatePortalParams, q as FFIDPortalSessionResponse, r as FFIDVerifyAccessTokenOptions, s as FFIDOAuthUserInfo, t as FFIDInquiryCreateParams, u as FFIDInquiryCreateResponse, v as FFIDAuthMode, w as FFIDLogger, x as FFIDCacheAdapter, y as FFIDUser, z as FFIDOrganization, A as FFIDSubscription, B as FFIDSubscriptionContextValue, C as FFIDAnnouncementsClientConfig, L as ListAnnouncementsOptions, D as FFIDAnnouncementsApiResponse, E as AnnouncementListResponse, G as FFIDAnnouncementsLogger } from './index-Cv1qXIl1.cjs';
+export { H as Announcement, I as AnnouncementStatus, J as AnnouncementType, K as FFIDAnnouncementBadge, M as FFIDAnnouncementList, N as FFIDAnnouncementsError, O as FFIDAnnouncementsErrorCode, P as FFIDAnnouncementsServerResponse, Q as FFIDCacheConfig, R as FFIDContextValue, S as FFIDInquiryCategory, T as FFIDInquiryCategorySite2026, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a1 as FFIDJwtClaims, a2 as FFIDLoginButton, a3 as FFIDMemberStatus, a4 as FFIDOAuthTokenResponse, a5 as FFIDOAuthUserInfoMemberRole, a6 as FFIDOAuthUserInfoSubscription, a7 as FFIDOrganizationMember, a8 as FFIDOrganizationSwitcher, a9 as FFIDSeatModel, aa as FFIDSubscriptionBadge, ab as FFIDTokenIntrospectionResponse, ac as FFIDUserMenu, ad as FFID_INQUIRY_CATEGORIES, ae as FFID_INQUIRY_CATEGORIES_SITE_2026, af as UseFFIDAnnouncementsOptions, ag as UseFFIDAnnouncementsReturn, ah as isFFIDInquiryCategorySite2026, ai as useFFIDAnnouncements } from './index-Cv1qXIl1.cjs';
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import { ReactNode, ComponentType, FC } from 'react';
@@ -73,20 +73,23 @@ interface PKCELogger {
     warn: (...args: unknown[]) => void;
 }
 /**
- * Store code verifier in sessionStorage for later retrieval.
- * Uses window.sessionStorage explicitly to ensure browser Web Storage API.
+ * Store code verifier for later retrieval.
+ *
+ * Writes to both sessionStorage (primary) and localStorage (fallback for iOS
+ * WebKit sessionStorage eviction during external OAuth bounces). Returns true
+ * if at least one write succeeded.
  *
  * @param verifier - The code verifier to store
  * @param logger - Optional logger for warning on storage failure
- * @returns true if stored successfully, false otherwise
+ * @returns true if stored in at least one storage, false otherwise
  */
 declare function storeCodeVerifier(verifier: string, logger?: PKCELogger): boolean;
 /**
- * Retrieve and remove the code verifier from sessionStorage.
- * Uses window.sessionStorage explicitly to ensure browser Web Storage API.
+ * Retrieve and remove the code verifier.
  *
- * Returns null if no verifier is stored or if storage is unavailable.
- * Removes the verifier after retrieval (one-time use).
+ * Reads from sessionStorage first, falls back to localStorage (with 5-minute TTL).
+ * Removes from all storages after retrieval (one-time use). Returns null if no
+ * verifier is stored, the fallback is stale (>5 min), or storage is unavailable.
  *
  * @param logger - Optional logger for warning on storage failure
  */

package/dist/index.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { F as FFIDSubscriptionStatus, a as FFIDConfig, b as FFIDApiResponse, c as FFIDSessionResponse, d as FFIDRedirectResult, e as FFIDError, f as FFIDSubscriptionCheckResponse, g as FFIDListMembersResponse, h as FFIDMemberRole, i as FFIDUpdateMemberRoleResponse, j as FFIDRemoveMemberResponse, k as FFIDProfileCallOptions, l as FFIDUserProfile, m as FFIDUpdateUserProfileRequest, n as FFIDCreateCheckoutParams, o as FFIDCheckoutSessionResponse, p as FFIDCreatePortalParams, q as FFIDPortalSessionResponse, r as FFIDVerifyAccessTokenOptions, s as FFIDOAuthUserInfo, t as FFIDInquiryCreateParams, u as FFIDInquiryCreateResponse, v as FFIDAuthMode, w as FFIDLogger, x as FFIDCacheAdapter, y as FFIDUser, z as FFIDOrganization, A as FFIDSubscription, B as FFIDSubscriptionContextValue, C as FFIDAnnouncementsClientConfig, L as ListAnnouncementsOptions, D as FFIDAnnouncementsApiResponse, E as AnnouncementListResponse, G as FFIDAnnouncementsLogger } from './index-DbEyptzr.js';
-export { H as Announcement, I as AnnouncementStatus, J as AnnouncementType, K as FFIDAnnouncementBadge, M as FFIDAnnouncementList, N as FFIDAnnouncementsError, O as FFIDAnnouncementsErrorCode, P as FFIDAnnouncementsServerResponse, Q as FFIDCacheConfig, R as FFIDContextValue, S as FFIDInquiryCategory, T as FFIDInquiryCategorySite2026, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a1 as FFIDJwtClaims, a2 as FFIDLoginButton, a3 as FFIDMemberStatus, a4 as FFIDOAuthTokenResponse, a5 as FFIDOAuthUserInfoMemberRole, a6 as FFIDOAuthUserInfoSubscription, a7 as FFIDOrganizationMember, a8 as FFIDOrganizationSwitcher, a9 as FFIDSeatModel, aa as FFIDSubscriptionBadge, ab as FFIDTokenIntrospectionResponse, ac as FFIDUserMenu, ad as FFID_INQUIRY_CATEGORIES, ae as FFID_INQUIRY_CATEGORIES_SITE_2026, af as UseFFIDAnnouncementsOptions, ag as UseFFIDAnnouncementsReturn, ah as isFFIDInquiryCategorySite2026, ai as useFFIDAnnouncements } from './index-DbEyptzr.js';
+import { F as FFIDSubscriptionStatus, a as FFIDConfig, b as FFIDApiResponse, c as FFIDSessionResponse, d as FFIDRedirectResult, e as FFIDError, f as FFIDSubscriptionCheckResponse, g as FFIDListMembersResponse, h as FFIDMemberRole, i as FFIDUpdateMemberRoleResponse, j as FFIDRemoveMemberResponse, k as FFIDProfileCallOptions, l as FFIDUserProfile, m as FFIDUpdateUserProfileRequest, n as FFIDCreateCheckoutParams, o as FFIDCheckoutSessionResponse, p as FFIDCreatePortalParams, q as FFIDPortalSessionResponse, r as FFIDVerifyAccessTokenOptions, s as FFIDOAuthUserInfo, t as FFIDInquiryCreateParams, u as FFIDInquiryCreateResponse, v as FFIDAuthMode, w as FFIDLogger, x as FFIDCacheAdapter, y as FFIDUser, z as FFIDOrganization, A as FFIDSubscription, B as FFIDSubscriptionContextValue, C as FFIDAnnouncementsClientConfig, L as ListAnnouncementsOptions, D as FFIDAnnouncementsApiResponse, E as AnnouncementListResponse, G as FFIDAnnouncementsLogger } from './index-Cv1qXIl1.js';
+export { H as Announcement, I as AnnouncementStatus, J as AnnouncementType, K as FFIDAnnouncementBadge, M as FFIDAnnouncementList, N as FFIDAnnouncementsError, O as FFIDAnnouncementsErrorCode, P as FFIDAnnouncementsServerResponse, Q as FFIDCacheConfig, R as FFIDContextValue, S as FFIDInquiryCategory, T as FFIDInquiryCategorySite2026, U as FFIDInquiryForm, V as FFIDInquiryFormCategoryItem, W as FFIDInquiryFormClassNames, X as FFIDInquiryFormOrganization, Y as FFIDInquiryFormPlaceholderContext, Z as FFIDInquiryFormPrefill, _ as FFIDInquiryFormProps, $ as FFIDInquiryFormSubmitData, a0 as FFIDInquiryFormSubmitResult, a1 as FFIDJwtClaims, a2 as FFIDLoginButton, a3 as FFIDMemberStatus, a4 as FFIDOAuthTokenResponse, a5 as FFIDOAuthUserInfoMemberRole, a6 as FFIDOAuthUserInfoSubscription, a7 as FFIDOrganizationMember, a8 as FFIDOrganizationSwitcher, a9 as FFIDSeatModel, aa as FFIDSubscriptionBadge, ab as FFIDTokenIntrospectionResponse, ac as FFIDUserMenu, ad as FFID_INQUIRY_CATEGORIES, ae as FFID_INQUIRY_CATEGORIES_SITE_2026, af as UseFFIDAnnouncementsOptions, ag as UseFFIDAnnouncementsReturn, ah as isFFIDInquiryCategorySite2026, ai as useFFIDAnnouncements } from './index-Cv1qXIl1.js';
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import { ReactNode, ComponentType, FC } from 'react';
@@ -73,20 +73,23 @@ interface PKCELogger {
     warn: (...args: unknown[]) => void;
 }
 /**
- * Store code verifier in sessionStorage for later retrieval.
- * Uses window.sessionStorage explicitly to ensure browser Web Storage API.
+ * Store code verifier for later retrieval.
+ *
+ * Writes to both sessionStorage (primary) and localStorage (fallback for iOS
+ * WebKit sessionStorage eviction during external OAuth bounces). Returns true
+ * if at least one write succeeded.
  *
  * @param verifier - The code verifier to store
  * @param logger - Optional logger for warning on storage failure
- * @returns true if stored successfully, false otherwise
+ * @returns true if stored in at least one storage, false otherwise
  */
 declare function storeCodeVerifier(verifier: string, logger?: PKCELogger): boolean;
 /**
- * Retrieve and remove the code verifier from sessionStorage.
- * Uses window.sessionStorage explicitly to ensure browser Web Storage API.
+ * Retrieve and remove the code verifier.
  *
- * Returns null if no verifier is stored or if storage is unavailable.
- * Removes the verifier after retrieval (one-time use).
+ * Reads from sessionStorage first, falls back to localStorage (with 5-minute TTL).
+ * Removes from all storages after retrieval (one-time use). Returns null if no
+ * verifier is stored, the fallback is stale (>5 min), or storage is unavailable.
  *
  * @param logger - Optional logger for warning on storage failure
  */

package/dist/index.js CHANGED Viewed

@@ -1,5 +1,5 @@
-import { useFFIDContext } from './chunk-4IWCKZJV.js';
-export { DEFAULT_API_BASE_URL, FFIDAnnouncementBadge, FFIDAnnouncementList, FFIDInquiryForm, FFIDLoginButton, FFIDOrganizationSwitcher, FFIDProvider, FFIDSDKError, FFIDSubscriptionBadge, FFIDUserMenu, FFID_ANNOUNCEMENTS_ERROR_CODES, FFID_INQUIRY_CATEGORIES, FFID_INQUIRY_CATEGORIES_SITE_2026, createFFIDAnnouncementsClient, createFFIDClient, createTokenStore, generateCodeChallenge, generateCodeVerifier, isFFIDInquiryCategorySite2026, normalizeRedirectUri, retrieveCodeVerifier, storeCodeVerifier, useFFID, useFFIDAnnouncements, useSubscription, withSubscription } from './chunk-4IWCKZJV.js';
+import { useFFIDContext } from './chunk-FGTRPNSW.js';
+export { DEFAULT_API_BASE_URL, FFIDAnnouncementBadge, FFIDAnnouncementList, FFIDInquiryForm, FFIDLoginButton, FFIDOrganizationSwitcher, FFIDProvider, FFIDSDKError, FFIDSubscriptionBadge, FFIDUserMenu, FFID_ANNOUNCEMENTS_ERROR_CODES, FFID_INQUIRY_CATEGORIES, FFID_INQUIRY_CATEGORIES_SITE_2026, createFFIDAnnouncementsClient, createFFIDClient, createTokenStore, generateCodeChallenge, generateCodeVerifier, isFFIDInquiryCategorySite2026, normalizeRedirectUri, retrieveCodeVerifier, storeCodeVerifier, useFFID, useFFIDAnnouncements, useSubscription, withSubscription } from './chunk-FGTRPNSW.js';
 import { useRef, useEffect } from 'react';
 import { jsx, Fragment } from 'react/jsx-runtime';

package/dist/server/index.cjs CHANGED Viewed

@@ -806,10 +806,11 @@ function createProfileMethods(deps) {
 }
 // src/client/version-check.ts
-var SDK_VERSION = "2.16.0";
+var SDK_VERSION = "2.17.1";
 var SDK_USER_AGENT = `FFID-SDK/${SDK_VERSION} (TypeScript)`;
 var SDK_VERSION_HEADER = "X-FFID-SDK-Version";
 function sdkHeaders() {
+  if (typeof window !== "undefined") return {};
   return {
     "User-Agent": SDK_USER_AGENT,
     [SDK_VERSION_HEADER]: SDK_VERSION
@@ -1260,6 +1261,8 @@ function createSessionMethods(deps) {
 // src/auth/pkce.ts
 var VERIFIER_STORAGE_KEY = "ffid_code_verifier";
+var VERIFIER_FALLBACK_STORAGE_KEY = "ffid_code_verifier_fb";
+var VERIFIER_FALLBACK_TIMESTAMP_KEY = "ffid_code_verifier_fb_ts";
 var CODE_VERIFIER_MIN_LENGTH = 43;
 var UNRESERVED_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
 function generateCodeVerifier() {
@@ -1279,17 +1282,26 @@ async function generateCodeChallenge(verifier) {
   return base64UrlEncode(digest);
 }
 function storeCodeVerifier(verifier, logger) {
+  if (typeof window === "undefined") {
+    logger?.warn("storeCodeVerifier: storage is not available in SSR context");
+    return false;
+  }
+  let sessionStored = false;
   try {
-    if (typeof window === "undefined") {
-      logger?.warn("storeCodeVerifier: sessionStorage is not available in SSR context");
-      return false;
-    }
     window.sessionStorage.setItem(VERIFIER_STORAGE_KEY, verifier);
-    return true;
+    sessionStored = true;
   } catch (error) {
     logger?.warn("storeCodeVerifier: sessionStorage \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
-    return false;
   }
+  let localStored = false;
+  try {
+    window.localStorage.setItem(VERIFIER_FALLBACK_STORAGE_KEY, verifier);
+    window.localStorage.setItem(VERIFIER_FALLBACK_TIMESTAMP_KEY, String(Date.now()));
+    localStored = true;
+  } catch (error) {
+    logger?.warn("storeCodeVerifier: localStorage fallback \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  return sessionStored || localStored;
 }
 function base64UrlEncode(buffer) {
   const bytes = new Uint8Array(buffer);

package/dist/server/index.d.cts CHANGED Viewed

@@ -825,8 +825,11 @@ interface FFIDUserProfile {
  * When `accessToken` is supplied with a non-empty value, it overrides the client's
  * configured auth mode: authentication for that request uses only
  * `Authorization: Bearer <accessToken>` (no service key, no cookie, no token-store
- * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` and
- * SDK metadata headers (User-Agent / X-FFID-SDK-Version) are still attached.
+ * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` are
+ * still attached. SDK metadata headers (`User-Agent` / `X-FFID-SDK-Version`) are
+ * attached on non-browser runtimes only (Node.js / Cloudflare Workers / Edge /
+ * Deno); browsers receive an empty object to avoid iOS WebKit `fetch()` breakage
+ * (see #2417).
  *
  * Runtime semantics:
  * - `accessToken` omitted (or `undefined`) → no override, configured `authMode` is used

package/dist/server/index.d.ts CHANGED Viewed

@@ -825,8 +825,11 @@ interface FFIDUserProfile {
  * When `accessToken` is supplied with a non-empty value, it overrides the client's
  * configured auth mode: authentication for that request uses only
  * `Authorization: Bearer <accessToken>` (no service key, no cookie, no token-store
- * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` and
- * SDK metadata headers (User-Agent / X-FFID-SDK-Version) are still attached.
+ * lookup, no auto-refresh on 401). Non-auth headers such as `Content-Type` are
+ * still attached. SDK metadata headers (`User-Agent` / `X-FFID-SDK-Version`) are
+ * attached on non-browser runtimes only (Node.js / Cloudflare Workers / Edge /
+ * Deno); browsers receive an empty object to avoid iOS WebKit `fetch()` breakage
+ * (see #2417).
  *
  * Runtime semantics:
  * - `accessToken` omitted (or `undefined`) → no override, configured `authMode` is used

package/dist/server/index.js CHANGED Viewed

@@ -805,10 +805,11 @@ function createProfileMethods(deps) {
 }
 // src/client/version-check.ts
-var SDK_VERSION = "2.16.0";
+var SDK_VERSION = "2.17.1";
 var SDK_USER_AGENT = `FFID-SDK/${SDK_VERSION} (TypeScript)`;
 var SDK_VERSION_HEADER = "X-FFID-SDK-Version";
 function sdkHeaders() {
+  if (typeof window !== "undefined") return {};
   return {
     "User-Agent": SDK_USER_AGENT,
     [SDK_VERSION_HEADER]: SDK_VERSION
@@ -1259,6 +1260,8 @@ function createSessionMethods(deps) {
 // src/auth/pkce.ts
 var VERIFIER_STORAGE_KEY = "ffid_code_verifier";
+var VERIFIER_FALLBACK_STORAGE_KEY = "ffid_code_verifier_fb";
+var VERIFIER_FALLBACK_TIMESTAMP_KEY = "ffid_code_verifier_fb_ts";
 var CODE_VERIFIER_MIN_LENGTH = 43;
 var UNRESERVED_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
 function generateCodeVerifier() {
@@ -1278,17 +1281,26 @@ async function generateCodeChallenge(verifier) {
   return base64UrlEncode(digest);
 }
 function storeCodeVerifier(verifier, logger) {
+  if (typeof window === "undefined") {
+    logger?.warn("storeCodeVerifier: storage is not available in SSR context");
+    return false;
+  }
+  let sessionStored = false;
   try {
-    if (typeof window === "undefined") {
-      logger?.warn("storeCodeVerifier: sessionStorage is not available in SSR context");
-      return false;
-    }
     window.sessionStorage.setItem(VERIFIER_STORAGE_KEY, verifier);
-    return true;
+    sessionStored = true;
   } catch (error) {
     logger?.warn("storeCodeVerifier: sessionStorage \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
-    return false;
   }
+  let localStored = false;
+  try {
+    window.localStorage.setItem(VERIFIER_FALLBACK_STORAGE_KEY, verifier);
+    window.localStorage.setItem(VERIFIER_FALLBACK_TIMESTAMP_KEY, String(Date.now()));
+    localStored = true;
+  } catch (error) {
+    logger?.warn("storeCodeVerifier: localStorage fallback \u3078\u306E\u4FDD\u5B58\u306B\u5931\u6557\u3057\u307E\u3057\u305F:", error);
+  }
+  return sessionStored || localStored;
 }
 function base64UrlEncode(buffer) {
   const bytes = new Uint8Array(buffer);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@feelflow/ffid-sdk",
-  "version": "2.16.0",
+  "version": "2.17.1",
   "description": "FeelFlow ID Platform SDK for React/Next.js applications",
   "keywords": [
     "feelflow",