npm - @nauth-toolkit/client - Versions diffs - 0.1.99 → 0.1.101 - Mend

@nauth-toolkit/client 0.1.99 → 0.1.101

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -361,6 +361,26 @@ interface SocialLoginOptions {
      * Default: 'login'
      */
     action?: 'login' | 'link';
+    /**
+     * Optional OAuth parameters to pass to the provider
+     *
+     * These parameters override config defaults and allow per-request customization.
+     * Use cases:
+     * - Google: Force account chooser, restrict to domain
+     * - Facebook: Rerequest declined permissions
+     * - Apple: Add nonce for ID token validation
+     *
+     * @example Google - Force account chooser
+     * ```typescript
+     * { prompt: 'select_account' }
+     * ```
+     *
+     * @example Facebook - Rerequest permissions
+     * ```typescript
+     * { auth_type: 'rerequest' }
+     * ```
+     */
+    oauthParams?: Record<string, string>;
 }
 /**
  * Linked social accounts response.
@@ -2735,6 +2755,9 @@ declare class NAuthClient {
      * - In cookie delivery modes, httpOnly cookies can only be cleared by the backend; this method
      *   only clears client-side state (e.g., cached user + persisted tokens in JSON mode).
      *
+     * IMPORTANT: Also clears any pending challenge sessions to prevent ghost states where the UI
+     * shows a challenge screen but the backend session is invalid.
+     *
      * @param options - Optional behavior flags
      * @returns Promise that resolves when local state is cleared
      *

package/dist/index.d.ts CHANGED Viewed

@@ -361,6 +361,26 @@ interface SocialLoginOptions {
      * Default: 'login'
      */
     action?: 'login' | 'link';
+    /**
+     * Optional OAuth parameters to pass to the provider
+     *
+     * These parameters override config defaults and allow per-request customization.
+     * Use cases:
+     * - Google: Force account chooser, restrict to domain
+     * - Facebook: Rerequest declined permissions
+     * - Apple: Add nonce for ID token validation
+     *
+     * @example Google - Force account chooser
+     * ```typescript
+     * { prompt: 'select_account' }
+     * ```
+     *
+     * @example Facebook - Rerequest permissions
+     * ```typescript
+     * { auth_type: 'rerequest' }
+     * ```
+     */
+    oauthParams?: Record<string, string>;
 }
 /**
  * Linked social accounts response.
@@ -2735,6 +2755,9 @@ declare class NAuthClient {
      * - In cookie delivery modes, httpOnly cookies can only be cleared by the backend; this method
      *   only clears client-side state (e.g., cached user + persisted tokens in JSON mode).
      *
+     * IMPORTANT: Also clears any pending challenge sessions to prevent ghost states where the UI
+     * shows a challenge screen but the backend session is invalid.
+     *
      * @param options - Optional behavior flags
      * @returns Promise that resolves when local state is cleared
      *

package/dist/index.mjs CHANGED Viewed

@@ -1625,6 +1625,9 @@ var NAuthClient = class {
    * - In cookie delivery modes, httpOnly cookies can only be cleared by the backend; this method
    *   only clears client-side state (e.g., cached user + persisted tokens in JSON mode).
    *
+   * IMPORTANT: Also clears any pending challenge sessions to prevent ghost states where the UI
+   * shows a challenge screen but the backend session is invalid.
+   *
    * @param options - Optional behavior flags
    * @returns Promise that resolves when local state is cleared
    *
@@ -1636,6 +1639,7 @@ var NAuthClient = class {
    */
   async clearLocalAuthState(options) {
     await this.clearAuthState(options?.forgetDevice ?? false);
+    await this.clearChallenge();
   }
   /**
    * Logout current session.
@@ -1652,6 +1656,7 @@ var NAuthClient = class {
       console.warn("[nauth] Logout request failed (session may already be invalid):", error);
     } finally {
       await this.clearAuthState(forgetDevice);
+      await this.clearChallenge();
       this.eventEmitter.emit({
         type: "auth:logout",
         data: { forgetDevice: !!forgetDevice, global: false },
@@ -1679,6 +1684,7 @@ var NAuthClient = class {
         true
       );
       await this.clearAuthState(forgetDevices);
+      await this.clearChallenge();
       this.eventEmitter.emit({
         type: "auth:logout",
         data: { forgetDevice: !!forgetDevices, global: true },
@@ -1687,6 +1693,7 @@ var NAuthClient = class {
       return { revokedCount: result.revokedCount };
     } catch (error) {
       await this.clearAuthState(forgetDevices);
+      await this.clearChallenge();
       this.eventEmitter.emit({
         type: "auth:logout",
         data: { forgetDevice: !!forgetDevices, global: true },
@@ -2006,6 +2013,9 @@ var NAuthClient = class {
       if (typeof options?.appState === "string" && options.appState.trim() !== "") {
         startUrl.searchParams.set("appState", options.appState);
       }
+      if (options?.oauthParams && Object.keys(options.oauthParams).length > 0) {
+        startUrl.searchParams.set("oauthParams", JSON.stringify(options.oauthParams));
+      }
       window.location.href = startUrl.toString();
     }
   }
@@ -2260,6 +2270,10 @@ var NAuthClient = class {
     if (forgetDevice && this.config.tokenDelivery === "json") {
       await this.config.storage.removeItem(this.config.deviceTrust.storageKey);
     }
+    try {
+      await this.oauthStorage.removeItem(OAUTH_STATE_KEY2);
+    } catch {
+    }
     this.config.onAuthStateChange?.(null);
   }
   /**