@l4yercak3/cli 1.2.18 → 1.2.19

package/src/generators/expo-auth-generator.js

@@ -0,0 +1,1009 @@
+/**
+ * Expo Auth Session Generator
+ * Generates OAuth authentication for Expo/React Native projects using expo-auth-session
+ */
+
+const fs = require('fs');
+const path = require('path');
+const { ensureDir, writeFileWithBackup, checkFileOverwrite } = require('../utils/file-utils');
+
+class ExpoAuthGenerator {
+  /**
+   * Generate expo-auth-session configuration
+   * @param {Object} options - Generation options
+   * @returns {Promise<Object>} - Generated file paths
+   */
+  async generate(options) {
+    const { projectPath, oauthProviders = [], isTypeScript } = options;
+
+    const results = {};
+
+    // Determine output directory
+    let outputDir;
+    if (fs.existsSync(path.join(projectPath, 'src'))) {
+      outputDir = path.join(projectPath, 'src', 'lib', 'l4yercak3', 'auth');
+    } else {
+      outputDir = path.join(projectPath, 'lib', 'l4yercak3', 'auth');
+    }
+
+    ensureDir(outputDir);
+
+    const ext = isTypeScript ? 'ts' : 'js';
+
+    // Generate auth provider context
+    results.authContext = await this.generateAuthContext(outputDir, ext, isTypeScript, oauthProviders);
+
+    // Generate OAuth hooks for each provider
+    if (oauthProviders.includes('google')) {
+      results.googleAuth = await this.generateGoogleAuth(outputDir, ext, isTypeScript);
+    }
+
+    if (oauthProviders.includes('github')) {
+      results.githubAuth = await this.generateGithubAuth(outputDir, ext, isTypeScript);
+    }
+
+    if (oauthProviders.includes('microsoft')) {
+      results.microsoftAuth = await this.generateMicrosoftAuth(outputDir, ext, isTypeScript);
+    }
+
+    // Generate index file
+    results.index = await this.generateIndex(outputDir, ext, isTypeScript, oauthProviders);
+
+    return results;
+  }
+
+  async generateAuthContext(outputDir, ext, isTypeScript, oauthProviders) {
+    const outputPath = path.join(outputDir, `AuthContext.${isTypeScript ? 'tsx' : 'jsx'}`);
+
+    const action = await checkFileOverwrite(outputPath);
+    if (action === 'skip') {
+      return null;
+    }
+
+    const content = isTypeScript
+      ? this.getAuthContextTS(oauthProviders)
+      : this.getAuthContextJS(oauthProviders);
+
+    return writeFileWithBackup(outputPath, content, action);
+  }
+
+  getAuthContextTS(_oauthProviders) {
+    return `/**
+ * Auth Context for Expo
+ * Provides authentication state and methods using expo-auth-session
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import React, { createContext, useContext, useState, useEffect, ReactNode } from 'react';
+import * as SecureStore from 'expo-secure-store';
+import { getL4yercak3Client } from '../client';
+
+interface User {
+  id: string;
+  email: string;
+  name?: string;
+  image?: string;
+  provider: string;
+}
+
+interface AuthContextType {
+  user: User | null;
+  isLoading: boolean;
+  isAuthenticated: boolean;
+  signIn: (token: string, user: User) => Promise<void>;
+  signOut: () => Promise<void>;
+  refreshToken: () => Promise<void>;
+}
+
+const AuthContext = createContext<AuthContextType | undefined>(undefined);
+
+const TOKEN_KEY = 'l4yercak3_auth_token';
+const USER_KEY = 'l4yercak3_user';
+
+interface AuthProviderProps {
+  children: ReactNode;
+}
+
+export function AuthProvider({ children }: AuthProviderProps) {
+  const [user, setUser] = useState<User | null>(null);
+  const [isLoading, setIsLoading] = useState(true);
+
+  useEffect(() => {
+    loadStoredAuth();
+  }, []);
+
+  const loadStoredAuth = async () => {
+    try {
+      const [token, storedUser] = await Promise.all([
+        SecureStore.getItemAsync(TOKEN_KEY),
+        SecureStore.getItemAsync(USER_KEY),
+      ]);
+
+      if (token && storedUser) {
+        const parsedUser = JSON.parse(storedUser);
+        setUser(parsedUser);
+
+        // Configure client with token
+        const client = getL4yercak3Client();
+        client.setAuthToken(token);
+      }
+    } catch (error) {
+      console.error('Failed to load stored auth:', error);
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signIn = async (token: string, userData: User) => {
+    try {
+      await Promise.all([
+        SecureStore.setItemAsync(TOKEN_KEY, token),
+        SecureStore.setItemAsync(USER_KEY, JSON.stringify(userData)),
+      ]);
+
+      // Configure client with token
+      const client = getL4yercak3Client();
+      client.setAuthToken(token);
+
+      setUser(userData);
+    } catch (error) {
+      console.error('Failed to sign in:', error);
+      throw error;
+    }
+  };
+
+  const signOut = async () => {
+    try {
+      await Promise.all([
+        SecureStore.deleteItemAsync(TOKEN_KEY),
+        SecureStore.deleteItemAsync(USER_KEY),
+      ]);
+
+      // Clear client token
+      const client = getL4yercak3Client();
+      client.setAuthToken(null);
+
+      setUser(null);
+    } catch (error) {
+      console.error('Failed to sign out:', error);
+      throw error;
+    }
+  };
+
+  const refreshToken = async () => {
+    try {
+      const client = getL4yercak3Client();
+      const newToken = await client.refreshAuthToken();
+
+      if (newToken) {
+        await SecureStore.setItemAsync(TOKEN_KEY, newToken);
+        client.setAuthToken(newToken);
+      }
+    } catch (error) {
+      console.error('Failed to refresh token:', error);
+      // If refresh fails, sign out
+      await signOut();
+    }
+  };
+
+  return (
+    <AuthContext.Provider
+      value={{
+        user,
+        isLoading,
+        isAuthenticated: !!user,
+        signIn,
+        signOut,
+        refreshToken,
+      }}
+    >
+      {children}
+    </AuthContext.Provider>
+  );
+}
+
+export function useAuth() {
+  const context = useContext(AuthContext);
+  if (context === undefined) {
+    throw new Error('useAuth must be used within an AuthProvider');
+  }
+  return context;
+}
+`;
+  }
+
+  getAuthContextJS(_oauthProviders) {
+    return `/**
+ * Auth Context for Expo
+ * Provides authentication state and methods using expo-auth-session
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import React, { createContext, useContext, useState, useEffect } from 'react';
+import * as SecureStore from 'expo-secure-store';
+import { getL4yercak3Client } from '../client';
+
+const AuthContext = createContext(undefined);
+
+const TOKEN_KEY = 'l4yercak3_auth_token';
+const USER_KEY = 'l4yercak3_user';
+
+export function AuthProvider({ children }) {
+  const [user, setUser] = useState(null);
+  const [isLoading, setIsLoading] = useState(true);
+
+  useEffect(() => {
+    loadStoredAuth();
+  }, []);
+
+  const loadStoredAuth = async () => {
+    try {
+      const [token, storedUser] = await Promise.all([
+        SecureStore.getItemAsync(TOKEN_KEY),
+        SecureStore.getItemAsync(USER_KEY),
+      ]);
+
+      if (token && storedUser) {
+        const parsedUser = JSON.parse(storedUser);
+        setUser(parsedUser);
+
+        // Configure client with token
+        const client = getL4yercak3Client();
+        client.setAuthToken(token);
+      }
+    } catch (error) {
+      console.error('Failed to load stored auth:', error);
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signIn = async (token, userData) => {
+    try {
+      await Promise.all([
+        SecureStore.setItemAsync(TOKEN_KEY, token),
+        SecureStore.setItemAsync(USER_KEY, JSON.stringify(userData)),
+      ]);
+
+      // Configure client with token
+      const client = getL4yercak3Client();
+      client.setAuthToken(token);
+
+      setUser(userData);
+    } catch (error) {
+      console.error('Failed to sign in:', error);
+      throw error;
+    }
+  };
+
+  const signOut = async () => {
+    try {
+      await Promise.all([
+        SecureStore.deleteItemAsync(TOKEN_KEY),
+        SecureStore.deleteItemAsync(USER_KEY),
+      ]);
+
+      // Clear client token
+      const client = getL4yercak3Client();
+      client.setAuthToken(null);
+
+      setUser(null);
+    } catch (error) {
+      console.error('Failed to sign out:', error);
+      throw error;
+    }
+  };
+
+  const refreshToken = async () => {
+    try {
+      const client = getL4yercak3Client();
+      const newToken = await client.refreshAuthToken();
+
+      if (newToken) {
+        await SecureStore.setItemAsync(TOKEN_KEY, newToken);
+        client.setAuthToken(newToken);
+      }
+    } catch (error) {
+      console.error('Failed to refresh token:', error);
+      // If refresh fails, sign out
+      await signOut();
+    }
+  };
+
+  return (
+    <AuthContext.Provider
+      value={{
+        user,
+        isLoading,
+        isAuthenticated: !!user,
+        signIn,
+        signOut,
+        refreshToken,
+      }}
+    >
+      {children}
+    </AuthContext.Provider>
+  );
+}
+
+export function useAuth() {
+  const context = useContext(AuthContext);
+  if (context === undefined) {
+    throw new Error('useAuth must be used within an AuthProvider');
+  }
+  return context;
+}
+`;
+  }
+
+  async generateGoogleAuth(outputDir, ext, isTypeScript) {
+    const outputPath = path.join(outputDir, `useGoogleAuth.${ext}`);
+
+    const action = await checkFileOverwrite(outputPath);
+    if (action === 'skip') {
+      return null;
+    }
+
+    const content = isTypeScript
+      ? this.getGoogleAuthTS()
+      : this.getGoogleAuthJS();
+
+    return writeFileWithBackup(outputPath, content, action);
+  }
+
+  getGoogleAuthTS() {
+    return `/**
+ * Google OAuth Hook for Expo
+ * Uses expo-auth-session for Google authentication
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import { useState, useEffect } from 'react';
+import * as Google from 'expo-auth-session/providers/google';
+import * as WebBrowser from 'expo-web-browser';
+import { useAuth } from './AuthContext';
+import { getL4yercak3Client } from '../client';
+
+WebBrowser.maybeCompleteAuthSession();
+
+interface UseGoogleAuthOptions {
+  expoClientId?: string;
+  iosClientId?: string;
+  androidClientId?: string;
+  webClientId?: string;
+}
+
+export function useGoogleAuth(options: UseGoogleAuthOptions = {}) {
+  const { signIn } = useAuth();
+  const [isLoading, setIsLoading] = useState(false);
+  const [error, setError] = useState<Error | null>(null);
+
+  const [request, response, promptAsync] = Google.useAuthRequest({
+    expoClientId: options.expoClientId || process.env.EXPO_PUBLIC_GOOGLE_CLIENT_ID,
+    iosClientId: options.iosClientId || process.env.EXPO_PUBLIC_GOOGLE_IOS_CLIENT_ID,
+    androidClientId: options.androidClientId || process.env.EXPO_PUBLIC_GOOGLE_ANDROID_CLIENT_ID,
+    webClientId: options.webClientId || process.env.EXPO_PUBLIC_GOOGLE_WEB_CLIENT_ID,
+    scopes: ['openid', 'profile', 'email'],
+  });
+
+  useEffect(() => {
+    if (response?.type === 'success') {
+      handleGoogleSuccess(response.authentication?.accessToken);
+    } else if (response?.type === 'error') {
+      setError(new Error(response.error?.message || 'Google authentication failed'));
+    }
+  }, [response]);
+
+  const handleGoogleSuccess = async (accessToken: string | undefined) => {
+    if (!accessToken) {
+      setError(new Error('No access token received'));
+      return;
+    }
+
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      // Fetch user info from Google
+      const userInfoResponse = await fetch(
+        'https://www.googleapis.com/userinfo/v2/me',
+        { headers: { Authorization: \`Bearer \${accessToken}\` } }
+      );
+      const googleUser = await userInfoResponse.json();
+
+      // Exchange with L4YERCAK3 backend
+      const client = getL4yercak3Client();
+      const authResult = await client.authenticateWithProvider('google', {
+        accessToken,
+        email: googleUser.email,
+        name: googleUser.name,
+        image: googleUser.picture,
+      });
+
+      // Sign in with the result
+      await signIn(authResult.token, {
+        id: authResult.user.id,
+        email: googleUser.email,
+        name: googleUser.name,
+        image: googleUser.picture,
+        provider: 'google',
+      });
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Authentication failed'));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signInWithGoogle = async () => {
+    setError(null);
+    try {
+      await promptAsync();
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to initiate Google sign in'));
+    }
+  };
+
+  return {
+    signInWithGoogle,
+    isLoading,
+    error,
+    isReady: !!request,
+  };
+}
+`;
+  }
+
+  getGoogleAuthJS() {
+    return `/**
+ * Google OAuth Hook for Expo
+ * Uses expo-auth-session for Google authentication
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import { useState, useEffect } from 'react';
+import * as Google from 'expo-auth-session/providers/google';
+import * as WebBrowser from 'expo-web-browser';
+import { useAuth } from './AuthContext';
+import { getL4yercak3Client } from '../client';
+
+WebBrowser.maybeCompleteAuthSession();
+
+export function useGoogleAuth(options = {}) {
+  const { signIn } = useAuth();
+  const [isLoading, setIsLoading] = useState(false);
+  const [error, setError] = useState(null);
+
+  const [request, response, promptAsync] = Google.useAuthRequest({
+    expoClientId: options.expoClientId || process.env.EXPO_PUBLIC_GOOGLE_CLIENT_ID,
+    iosClientId: options.iosClientId || process.env.EXPO_PUBLIC_GOOGLE_IOS_CLIENT_ID,
+    androidClientId: options.androidClientId || process.env.EXPO_PUBLIC_GOOGLE_ANDROID_CLIENT_ID,
+    webClientId: options.webClientId || process.env.EXPO_PUBLIC_GOOGLE_WEB_CLIENT_ID,
+    scopes: ['openid', 'profile', 'email'],
+  });
+
+  useEffect(() => {
+    if (response?.type === 'success') {
+      handleGoogleSuccess(response.authentication?.accessToken);
+    } else if (response?.type === 'error') {
+      setError(new Error(response.error?.message || 'Google authentication failed'));
+    }
+  }, [response]);
+
+  const handleGoogleSuccess = async (accessToken) => {
+    if (!accessToken) {
+      setError(new Error('No access token received'));
+      return;
+    }
+
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      // Fetch user info from Google
+      const userInfoResponse = await fetch(
+        'https://www.googleapis.com/userinfo/v2/me',
+        { headers: { Authorization: \`Bearer \${accessToken}\` } }
+      );
+      const googleUser = await userInfoResponse.json();
+
+      // Exchange with L4YERCAK3 backend
+      const client = getL4yercak3Client();
+      const authResult = await client.authenticateWithProvider('google', {
+        accessToken,
+        email: googleUser.email,
+        name: googleUser.name,
+        image: googleUser.picture,
+      });
+
+      // Sign in with the result
+      await signIn(authResult.token, {
+        id: authResult.user.id,
+        email: googleUser.email,
+        name: googleUser.name,
+        image: googleUser.picture,
+        provider: 'google',
+      });
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Authentication failed'));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signInWithGoogle = async () => {
+    setError(null);
+    try {
+      await promptAsync();
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to initiate Google sign in'));
+    }
+  };
+
+  return {
+    signInWithGoogle,
+    isLoading,
+    error,
+    isReady: !!request,
+  };
+}
+`;
+  }
+
+  async generateGithubAuth(outputDir, ext, isTypeScript) {
+    const outputPath = path.join(outputDir, `useGithubAuth.${ext}`);
+
+    const action = await checkFileOverwrite(outputPath);
+    if (action === 'skip') {
+      return null;
+    }
+
+    const content = isTypeScript
+      ? this.getGithubAuthTS()
+      : this.getGithubAuthJS();
+
+    return writeFileWithBackup(outputPath, content, action);
+  }
+
+  getGithubAuthTS() {
+    return `/**
+ * GitHub OAuth Hook for Expo
+ * Uses expo-auth-session for GitHub authentication
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import { useState, useEffect } from 'react';
+import * as AuthSession from 'expo-auth-session';
+import * as WebBrowser from 'expo-web-browser';
+import { useAuth } from './AuthContext';
+import { getL4yercak3Client } from '../client';
+
+WebBrowser.maybeCompleteAuthSession();
+
+const discovery = {
+  authorizationEndpoint: 'https://github.com/login/oauth/authorize',
+  tokenEndpoint: 'https://github.com/login/oauth/access_token',
+  revocationEndpoint: \`https://github.com/settings/connections/applications/\${process.env.EXPO_PUBLIC_GITHUB_CLIENT_ID}\`,
+};
+
+interface UseGithubAuthOptions {
+  clientId?: string;
+  clientSecret?: string;
+}
+
+export function useGithubAuth(options: UseGithubAuthOptions = {}) {
+  const { signIn } = useAuth();
+  const [isLoading, setIsLoading] = useState(false);
+  const [error, setError] = useState<Error | null>(null);
+
+  const clientId = options.clientId || process.env.EXPO_PUBLIC_GITHUB_CLIENT_ID || '';
+
+  const redirectUri = AuthSession.makeRedirectUri({
+    scheme: 'l4yercak3',
+    path: 'oauth/github',
+  });
+
+  const [request, response, promptAsync] = AuthSession.useAuthRequest(
+    {
+      clientId,
+      scopes: ['read:user', 'user:email'],
+      redirectUri,
+    },
+    discovery
+  );
+
+  useEffect(() => {
+    if (response?.type === 'success') {
+      handleGithubSuccess(response.params.code);
+    } else if (response?.type === 'error') {
+      setError(new Error(response.error?.message || 'GitHub authentication failed'));
+    }
+  }, [response]);
+
+  const handleGithubSuccess = async (code: string) => {
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      // Exchange code for token via L4YERCAK3 backend
+      const client = getL4yercak3Client();
+      const authResult = await client.authenticateWithProvider('github', {
+        code,
+        redirectUri,
+      });
+
+      // Sign in with the result
+      await signIn(authResult.token, {
+        id: authResult.user.id,
+        email: authResult.user.email,
+        name: authResult.user.name,
+        image: authResult.user.image,
+        provider: 'github',
+      });
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Authentication failed'));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signInWithGithub = async () => {
+    setError(null);
+    try {
+      await promptAsync();
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to initiate GitHub sign in'));
+    }
+  };
+
+  return {
+    signInWithGithub,
+    isLoading,
+    error,
+    isReady: !!request,
+  };
+}
+`;
+  }
+
+  getGithubAuthJS() {
+    return `/**
+ * GitHub OAuth Hook for Expo
+ * Uses expo-auth-session for GitHub authentication
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import { useState, useEffect } from 'react';
+import * as AuthSession from 'expo-auth-session';
+import * as WebBrowser from 'expo-web-browser';
+import { useAuth } from './AuthContext';
+import { getL4yercak3Client } from '../client';
+
+WebBrowser.maybeCompleteAuthSession();
+
+const discovery = {
+  authorizationEndpoint: 'https://github.com/login/oauth/authorize',
+  tokenEndpoint: 'https://github.com/login/oauth/access_token',
+  revocationEndpoint: \`https://github.com/settings/connections/applications/\${process.env.EXPO_PUBLIC_GITHUB_CLIENT_ID}\`,
+};
+
+export function useGithubAuth(options = {}) {
+  const { signIn } = useAuth();
+  const [isLoading, setIsLoading] = useState(false);
+  const [error, setError] = useState(null);
+
+  const clientId = options.clientId || process.env.EXPO_PUBLIC_GITHUB_CLIENT_ID || '';
+
+  const redirectUri = AuthSession.makeRedirectUri({
+    scheme: 'l4yercak3',
+    path: 'oauth/github',
+  });
+
+  const [request, response, promptAsync] = AuthSession.useAuthRequest(
+    {
+      clientId,
+      scopes: ['read:user', 'user:email'],
+      redirectUri,
+    },
+    discovery
+  );
+
+  useEffect(() => {
+    if (response?.type === 'success') {
+      handleGithubSuccess(response.params.code);
+    } else if (response?.type === 'error') {
+      setError(new Error(response.error?.message || 'GitHub authentication failed'));
+    }
+  }, [response]);
+
+  const handleGithubSuccess = async (code) => {
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      // Exchange code for token via L4YERCAK3 backend
+      const client = getL4yercak3Client();
+      const authResult = await client.authenticateWithProvider('github', {
+        code,
+        redirectUri,
+      });
+
+      // Sign in with the result
+      await signIn(authResult.token, {
+        id: authResult.user.id,
+        email: authResult.user.email,
+        name: authResult.user.name,
+        image: authResult.user.image,
+        provider: 'github',
+      });
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Authentication failed'));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signInWithGithub = async () => {
+    setError(null);
+    try {
+      await promptAsync();
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to initiate GitHub sign in'));
+    }
+  };
+
+  return {
+    signInWithGithub,
+    isLoading,
+    error,
+    isReady: !!request,
+  };
+}
+`;
+  }
+
+  async generateMicrosoftAuth(outputDir, ext, isTypeScript) {
+    const outputPath = path.join(outputDir, `useMicrosoftAuth.${ext}`);
+
+    const action = await checkFileOverwrite(outputPath);
+    if (action === 'skip') {
+      return null;
+    }
+
+    const content = isTypeScript
+      ? this.getMicrosoftAuthTS()
+      : this.getMicrosoftAuthJS();
+
+    return writeFileWithBackup(outputPath, content, action);
+  }
+
+  getMicrosoftAuthTS() {
+    return `/**
+ * Microsoft OAuth Hook for Expo
+ * Uses expo-auth-session for Microsoft/Azure AD authentication
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import { useState, useEffect } from 'react';
+import * as AuthSession from 'expo-auth-session';
+import * as WebBrowser from 'expo-web-browser';
+import { useAuth } from './AuthContext';
+import { getL4yercak3Client } from '../client';
+
+WebBrowser.maybeCompleteAuthSession();
+
+interface UseMicrosoftAuthOptions {
+  clientId?: string;
+  tenantId?: string;
+}
+
+export function useMicrosoftAuth(options: UseMicrosoftAuthOptions = {}) {
+  const { signIn } = useAuth();
+  const [isLoading, setIsLoading] = useState(false);
+  const [error, setError] = useState<Error | null>(null);
+
+  const clientId = options.clientId || process.env.EXPO_PUBLIC_AZURE_CLIENT_ID || '';
+  const tenantId = options.tenantId || process.env.EXPO_PUBLIC_AZURE_TENANT_ID || 'common';
+
+  const discovery = AuthSession.useAutoDiscovery(
+    \`https://login.microsoftonline.com/\${tenantId}/v2.0\`
+  );
+
+  const redirectUri = AuthSession.makeRedirectUri({
+    scheme: 'l4yercak3',
+    path: 'oauth/microsoft',
+  });
+
+  const [request, response, promptAsync] = AuthSession.useAuthRequest(
+    {
+      clientId,
+      scopes: ['openid', 'profile', 'email', 'User.Read'],
+      redirectUri,
+    },
+    discovery
+  );
+
+  useEffect(() => {
+    if (response?.type === 'success') {
+      handleMicrosoftSuccess(response.params.code);
+    } else if (response?.type === 'error') {
+      setError(new Error(response.error?.message || 'Microsoft authentication failed'));
+    }
+  }, [response]);
+
+  const handleMicrosoftSuccess = async (code: string) => {
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      // Exchange code for token via L4YERCAK3 backend
+      const client = getL4yercak3Client();
+      const authResult = await client.authenticateWithProvider('microsoft', {
+        code,
+        redirectUri,
+        tenantId,
+      });
+
+      // Sign in with the result
+      await signIn(authResult.token, {
+        id: authResult.user.id,
+        email: authResult.user.email,
+        name: authResult.user.name,
+        image: authResult.user.image,
+        provider: 'microsoft',
+      });
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Authentication failed'));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signInWithMicrosoft = async () => {
+    setError(null);
+    try {
+      await promptAsync();
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to initiate Microsoft sign in'));
+    }
+  };
+
+  return {
+    signInWithMicrosoft,
+    isLoading,
+    error,
+    isReady: !!request,
+  };
+}
+`;
+  }
+
+  getMicrosoftAuthJS() {
+    return `/**
+ * Microsoft OAuth Hook for Expo
+ * Uses expo-auth-session for Microsoft/Azure AD authentication
+ * Auto-generated by @l4yercak3/cli
+ */
+
+import { useState, useEffect } from 'react';
+import * as AuthSession from 'expo-auth-session';
+import * as WebBrowser from 'expo-web-browser';
+import { useAuth } from './AuthContext';
+import { getL4yercak3Client } from '../client';
+
+WebBrowser.maybeCompleteAuthSession();
+
+export function useMicrosoftAuth(options = {}) {
+  const { signIn } = useAuth();
+  const [isLoading, setIsLoading] = useState(false);
+  const [error, setError] = useState(null);
+
+  const clientId = options.clientId || process.env.EXPO_PUBLIC_AZURE_CLIENT_ID || '';
+  const tenantId = options.tenantId || process.env.EXPO_PUBLIC_AZURE_TENANT_ID || 'common';
+
+  const discovery = AuthSession.useAutoDiscovery(
+    \`https://login.microsoftonline.com/\${tenantId}/v2.0\`
+  );
+
+  const redirectUri = AuthSession.makeRedirectUri({
+    scheme: 'l4yercak3',
+    path: 'oauth/microsoft',
+  });
+
+  const [request, response, promptAsync] = AuthSession.useAuthRequest(
+    {
+      clientId,
+      scopes: ['openid', 'profile', 'email', 'User.Read'],
+      redirectUri,
+    },
+    discovery
+  );
+
+  useEffect(() => {
+    if (response?.type === 'success') {
+      handleMicrosoftSuccess(response.params.code);
+    } else if (response?.type === 'error') {
+      setError(new Error(response.error?.message || 'Microsoft authentication failed'));
+    }
+  }, [response]);
+
+  const handleMicrosoftSuccess = async (code) => {
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      // Exchange code for token via L4YERCAK3 backend
+      const client = getL4yercak3Client();
+      const authResult = await client.authenticateWithProvider('microsoft', {
+        code,
+        redirectUri,
+        tenantId,
+      });
+
+      // Sign in with the result
+      await signIn(authResult.token, {
+        id: authResult.user.id,
+        email: authResult.user.email,
+        name: authResult.user.name,
+        image: authResult.user.image,
+        provider: 'microsoft',
+      });
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Authentication failed'));
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
+  const signInWithMicrosoft = async () => {
+    setError(null);
+    try {
+      await promptAsync();
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to initiate Microsoft sign in'));
+    }
+  };
+
+  return {
+    signInWithMicrosoft,
+    isLoading,
+    error,
+    isReady: !!request,
+  };
+}
+`;
+  }
+
+  async generateIndex(outputDir, ext, isTypeScript, oauthProviders) {
+    const outputPath = path.join(outputDir, `index.${ext}`);
+
+    const action = await checkFileOverwrite(outputPath);
+    if (action === 'skip') {
+      return null;
+    }
+
+    const exports = [`export { AuthProvider, useAuth } from './AuthContext';`];
+
+    if (oauthProviders.includes('google')) {
+      exports.push(`export { useGoogleAuth } from './useGoogleAuth';`);
+    }
+    if (oauthProviders.includes('github')) {
+      exports.push(`export { useGithubAuth } from './useGithubAuth';`);
+    }
+    if (oauthProviders.includes('microsoft')) {
+      exports.push(`export { useMicrosoftAuth } from './useMicrosoftAuth';`);
+    }
+
+    const content = `/**
+ * L4YERCAK3 Expo Authentication
+ * Auto-generated by @l4yercak3/cli
+ */
+
+${exports.join('\n')}
+`;
+
+    return writeFileWithBackup(outputPath, content, action);
+  }
+}
+
+module.exports = new ExpoAuthGenerator();