npm - @nauth-toolkit/client - Versions diffs - 0.1.83 → 0.1.85 - Mend

@nauth-toolkit/client 0.1.83 → 0.1.85

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -568,6 +568,7 @@ var FetchAdapter = class {
 };
 // src/core/challenge-router.ts
+var OAUTH_STATE_KEY = "nauth_oauth_state";
 var ChallengeRouter = class {
   constructor(config) {
     this.config = config;
@@ -586,7 +587,8 @@ var ChallengeRouter = class {
     if (response.challengeName) {
       await this.navigateToChallenge(response);
     } else {
-      await this.navigateToSuccess();
+      const queryParams = await this.getStoredOauthState();
+      await this.navigateToSuccess(queryParams);
     }
   }
   /**
@@ -600,11 +602,44 @@ var ChallengeRouter = class {
   }
   /**
    * Navigate to success URL.
+   *
+   * @param queryParams - Optional query parameters to append to the success URL
+   *
+   * @example
+   * ```typescript
+   * await router.navigateToSuccess({ appState: 'invite-code-123' });
+   * ```
    */
-  async navigateToSuccess() {
-    const url = this.config.redirects?.success || "/";
+  async navigateToSuccess(queryParams) {
+    let url = this.config.redirects?.success || "/";
+    if (queryParams && Object.keys(queryParams).length > 0) {
+      const searchParams = new URLSearchParams();
+      Object.entries(queryParams).forEach(([key, value]) => {
+        if (value) {
+          searchParams.set(key, value);
+        }
+      });
+      const queryString = searchParams.toString();
+      url = queryString ? `${url}${url.includes("?") ? "&" : "?"}${queryString}` : url;
+    }
     await this.navigate(url);
   }
+  /**
+   * Retrieve stored OAuth appState from storage.
+   *
+   * @returns Query params object with appState if present, undefined otherwise
+   */
+  async getStoredOauthState() {
+    try {
+      const stored = await this.config.storage.getItem(OAUTH_STATE_KEY);
+      if (stored) {
+        await this.config.storage.removeItem(OAUTH_STATE_KEY);
+        return { appState: stored };
+      }
+    } catch {
+    }
+    return void 0;
+  }
   /**
    * Navigate to error URL.
    *
@@ -719,6 +754,7 @@ var ChallengeRouter = class {
 // src/core/client.ts
 var USER_KEY2 = "nauth_user";
 var CHALLENGE_KEY2 = "nauth_challenge_session";
+var OAUTH_STATE_KEY2 = "nauth_oauth_state";
 var hasWindow = () => typeof globalThis !== "undefined" && typeof globalThis.window !== "undefined";
 var defaultStorage = () => {
   if (hasWindow() && typeof window.localStorage !== "undefined") {
@@ -1502,13 +1538,19 @@ var NAuthClient = class {
   }
   /**
    * Build request headers for authentication.
+   *
+   * @param auth - Whether to include authentication headers
+   * @param method - HTTP method (GET, POST, PUT, DELETE, PATCH)
+   * @returns Headers object with auth, CSRF, and device trust headers
    * @private
    */
-  async buildHeaders(auth) {
+  async buildHeaders(auth, method = "GET") {
     const headers = {
-      "Content-Type": "application/json",
       ...this.config.headers
     };
+    if (method !== "GET") {
+      headers["Content-Type"] = "application/json";
+    }
     if (auth && this.config.tokenDelivery === "json") {
       const accessToken = (await this.tokenManager.getTokens()).accessToken;
       if (accessToken) {
@@ -1524,7 +1566,8 @@ var NAuthClient = class {
       } catch {
       }
     }
-    if (this.config.tokenDelivery === "cookies" && hasWindow()) {
+    const mutatingMethods = ["POST", "PUT", "PATCH", "DELETE"];
+    if (this.config.tokenDelivery === "cookies" && hasWindow() && mutatingMethods.includes(method)) {
       const csrfToken = this.getCsrfToken();
       if (csrfToken) {
         headers[this.config.csrf.headerName] = csrfToken;
@@ -1547,7 +1590,7 @@ var NAuthClient = class {
    */
   async get(path, auth = false) {
     const url = this.buildUrl(path);
-    const headers = await this.buildHeaders(auth);
+    const headers = await this.buildHeaders(auth, "GET");
     const credentials = this.config.tokenDelivery === "cookies" ? "include" : "omit";
     const response = await this.config.httpAdapter.request({
       method: "GET",
@@ -1563,7 +1606,7 @@ var NAuthClient = class {
    */
   async post(path, body, auth = false) {
     const url = this.buildUrl(path);
-    const headers = await this.buildHeaders(auth);
+    const headers = await this.buildHeaders(auth, "POST");
     const credentials = this.config.tokenDelivery === "cookies" ? "include" : "omit";
     const response = await this.config.httpAdapter.request({
       method: "POST",
@@ -1580,7 +1623,7 @@ var NAuthClient = class {
    */
   async put(path, body, auth = false) {
     const url = this.buildUrl(path);
-    const headers = await this.buildHeaders(auth);
+    const headers = await this.buildHeaders(auth, "PUT");
     const credentials = this.config.tokenDelivery === "cookies" ? "include" : "omit";
     const response = await this.config.httpAdapter.request({
       method: "PUT",
@@ -1597,7 +1640,7 @@ var NAuthClient = class {
    */
   async delete(path, auth = false) {
     const url = this.buildUrl(path);
-    const headers = await this.buildHeaders(auth);
+    const headers = await this.buildHeaders(auth, "DELETE");
     const credentials = this.config.tokenDelivery === "cookies" ? "include" : "omit";
     const response = await this.config.httpAdapter.request({
       method: "DELETE",
@@ -1622,6 +1665,53 @@ var NAuthClient = class {
   getChallengeRouter() {
     return this.challengeRouter;
   }
+  /**
+   * Store OAuth appState from social redirect callback.
+   *
+   * This is called automatically by the social redirect callback guard
+   * when appState is present in the callback URL. The stored state can
+   * be retrieved using getLastOauthState().
+   *
+   * @param appState - OAuth appState value from callback URL
+   *
+   * @example
+   * ```typescript
+   * await client.storeOauthState('invite-code-123');
+   * ```
+   */
+  async storeOauthState(appState) {
+    if (appState && appState.trim() !== "") {
+      await this.config.storage.setItem(OAUTH_STATE_KEY2, appState);
+    }
+  }
+  /**
+   * Get the last OAuth appState from social redirect callback.
+   *
+   * Returns the appState that was stored during the most recent social
+   * login redirect callback. This is useful for restoring UI state,
+   * applying invite codes, or tracking referral information.
+   *
+   * The state is automatically cleared after retrieval to prevent reuse.
+   *
+   * @returns The stored appState, or null if none exists
+   *
+   * @example
+   * ```typescript
+   * const appState = await client.getLastOauthState();
+   * if (appState) {
+   *   // Apply invite code or restore UI state
+   *   console.log('OAuth state:', appState);
+   * }
+   * ```
+   */
+  async getLastOauthState() {
+    const stored = await this.config.storage.getItem(OAUTH_STATE_KEY2);
+    if (stored) {
+      await this.config.storage.removeItem(OAUTH_STATE_KEY2);
+      return stored;
+    }
+    return null;
+  }
 };
 // src/core/challenge-helpers.ts