@ollaid/native-sso 1.0.0 → 1.0.2

package/dist/index.js

@@ -479,7 +479,8 @@ const STORAGE = {
   AUTH_TOKEN: "auth_token",
   TOKEN: "token",
   USER: "user",
-  ACCOUNT_TYPE: "account_type"
+  ACCOUNT_TYPE: "account_type",
+  ALIAS_REFERENCE: "alias_reference"
 };
 const setAuthToken = (token) => {
   if (typeof localStorage !== "undefined") {
@@ -497,6 +498,7 @@ const clearAuthToken = () => {
     localStorage.removeItem(STORAGE.TOKEN);
     localStorage.removeItem(STORAGE.USER);
     localStorage.removeItem(STORAGE.ACCOUNT_TYPE);
+    localStorage.removeItem(STORAGE.ALIAS_REFERENCE);
   }
 };
 const setAuthUser = (user) => {
@@ -585,6 +587,10 @@ function getHeaders(token) {
   return headers;
 }
 let credentials = null;
+let credentialsLoadedAt = 0;
+let credentialsTtl = 300;
+const DEFAULT_TTL = 300;
+const REFRESH_MARGIN = 30;
 const nativeAuthService = {
   hasCredentials() {
     return credentials !== null;
@@ -592,6 +598,26 @@ const nativeAuthService = {
   getCredentials() {
     return credentials ? { ...credentials } : null;
   },
+  getCredentialsTtl() {
+    return credentialsTtl;
+  },
+  getCredentialsAge() {
+    if (!credentialsLoadedAt) return Infinity;
+    return (Date.now() - credentialsLoadedAt) / 1e3;
+  },
+  areCredentialsExpiringSoon() {
+    if (!credentials || !credentialsLoadedAt) return true;
+    const age = this.getCredentialsAge();
+    return age >= credentialsTtl - REFRESH_MARGIN;
+  },
+  async ensureFreshCredentials() {
+    if (!credentials || this.areCredentialsExpiringSoon()) {
+      if (isDebugMode()) {
+        console.log("🔄 [Native] Credentials expirés ou proches — auto-refresh");
+      }
+      await this.loadCredentials();
+    }
+  },
   async loadCredentials() {
     const config2 = getNativeAuthConfig();
     if (!config2.saasApiUrl) {
@@ -612,6 +638,8 @@ const nativeAuthService = {
       appKey: response.app_key,
       encryptedCredentials: response.encrypted_credentials
     };
+    credentialsLoadedAt = Date.now();
+    credentialsTtl = response.credentials_ttl || DEFAULT_TTL;
     if (typeof response.debug === "boolean") {
       const currentConfig = getNativeAuthConfig();
       if (currentConfig.debug !== true) {
@@ -619,11 +647,12 @@ const nativeAuthService = {
       }
     }
     if (isDebugMode()) {
-      console.log("✅ [SaaS] Credentials chargés (debug:", response.debug ?? "non défini", ")");
+      console.log("✅ [SaaS] Credentials chargés (ttl:", credentialsTtl, "s, debug:", response.debug ?? "non défini", ")");
     }
     return credentials;
   },
   async encrypt(type, data) {
+    await this.ensureFreshCredentials();
     if (!credentials) {
       throw new ApiError("Credentials non chargés. Appelez loadCredentials() d'abord.", "auth");
     }
@@ -831,15 +860,18 @@ const nativeAuthService = {
       );
       clearAuthToken();
       credentials = null;
+      credentialsLoadedAt = 0;
       return response;
     } catch {
       clearAuthToken();
       credentials = null;
+      credentialsLoadedAt = 0;
       return { success: true };
     }
   },
   clearCredentials() {
     credentials = null;
+    credentialsLoadedAt = 0;
   },
   // ============================================
   // High-level methods
@@ -1022,14 +1054,14 @@ function getErrorMessage$2(err, context) {
   return { message: `Erreur lors de ${context}`, type: "unknown" };
 }
 function useMobilePassword(options) {
-  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true, debug = false } = options;
+  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true } = options;
   const configuredRef = useRef(false);
   useEffect(() => {
     if (!configuredRef.current) {
-      setNativeAuthConfig({ saasApiUrl, iamApiUrl, debug });
+      setNativeAuthConfig({ saasApiUrl, iamApiUrl });
       configuredRef.current = true;
     }
-  }, [saasApiUrl, iamApiUrl, debug]);
+  }, [saasApiUrl, iamApiUrl]);
   const [state, setState] = useState({
     credentialsLoaded: false,
     processToken: null,
@@ -1265,7 +1297,7 @@ const backBtnStyle$2 = {
   color: C$3.gray700,
   zIndex: 10
 };
-function PasswordRecoveryModal({ open, onOpenChange, onSuccess, saasApiUrl, iamApiUrl, debug = false }) {
+function PasswordRecoveryModal({ open, onOpenChange, onSuccess, saasApiUrl, iamApiUrl }) {
   const {
     status,
     loading: pwLoading,
@@ -1280,7 +1312,7 @@ function PasswordRecoveryModal({ open, onOpenChange, onSuccess, saasApiUrl, iamA
     resendOtp,
     reset: resetHook,
     clearError
-  } = useMobilePassword({ saasApiUrl, iamApiUrl, debug });
+  } = useMobilePassword({ saasApiUrl, iamApiUrl });
   const [step, setStep] = useState("email");
   const [email, setEmail] = useState("");
   const [otp, setOtp] = useState("");
@@ -1567,11 +1599,22 @@ function useTokenHealthCheck(options) {
   }, [enabled, saasApiUrl, performCheck, debug]);
 }
 function saveSession(exchangeResult, accountType) {
+  var _a, _b;
   const sanctumToken = exchangeResult.auth_token || exchangeResult.token;
   localStorage.setItem(STORAGE.AUTH_TOKEN, sanctumToken);
   localStorage.setItem(STORAGE.TOKEN, sanctumToken);
-  const userToStore = exchangeResult.user_infos ? { ...exchangeResult.user, ...exchangeResult.user_infos } : exchangeResult.user;
-  const acctType = accountType === "phone-only" ? "client" : "user";
+  const baseUser = exchangeResult.user_infos ? { ...exchangeResult.user, ...exchangeResult.user_infos } : exchangeResult.user;
+  const aliasRef = ((_a = exchangeResult.user) == null ? void 0 : _a.alias_reference) || exchangeResult.alias_reference || "";
+  const iamRef = ((_b = exchangeResult.user) == null ? void 0 : _b.reference) || "";
+  const userToStore = {
+    ...baseUser,
+    iam_reference: iamRef,
+    alias_reference: aliasRef
+  };
+  if (aliasRef) {
+    localStorage.setItem(STORAGE.ALIAS_REFERENCE, aliasRef);
+  }
+  const acctType = typeof accountType === "string" ? accountType : "user";
   localStorage.setItem(STORAGE.USER, JSON.stringify(userToStore));
   localStorage.setItem(STORAGE.ACCOUNT_TYPE, acctType);
   return { token: sanctumToken, user: userToStore };
@@ -1581,6 +1624,7 @@ function clearSession() {
   localStorage.removeItem(STORAGE.TOKEN);
   localStorage.removeItem(STORAGE.USER);
   localStorage.removeItem(STORAGE.ACCOUNT_TYPE);
+  localStorage.removeItem(STORAGE.ALIAS_REFERENCE);
 }
 function getErrorMessage$1(err, context) {
   if (err instanceof Error) {
@@ -1595,14 +1639,15 @@ function getErrorMessage$1(err, context) {
   return { message: `Erreur lors de ${context}`, type: "unknown" };
 }
 function useNativeAuth(options) {
-  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true, debug = false } = options;
+  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true, defaultAccountType = "user" } = options;
   const configuredRef = useRef(false);
+  const debug = isDebugMode();
   useEffect(() => {
     if (!configuredRef.current) {
-      setNativeAuthConfig({ saasApiUrl, iamApiUrl, debug });
+      setNativeAuthConfig({ saasApiUrl, iamApiUrl });
       configuredRef.current = true;
     }
-  }, [saasApiUrl, iamApiUrl, debug]);
+  }, [saasApiUrl, iamApiUrl]);
   const [state, setState] = useState({
     credentialsLoaded: false,
     processToken: null,
@@ -1674,6 +1719,23 @@ function useNativeAuth(options) {
       loadCredentials();
     }
   }, [autoLoadCredentials, state.credentialsLoaded, state.user]);
+  useEffect(() => {
+    if (state.status === "completed" || !state.credentialsLoaded) return;
+    const ttl = nativeAuthService.getCredentialsTtl();
+    const refreshInterval = Math.max((ttl - 30) * 1e3, 3e4);
+    if (debug) {
+      console.log(`🔄 [Native] Auto-refresh credentials every ${refreshInterval / 1e3}s (TTL: ${ttl}s)`);
+    }
+    const timer = setInterval(async () => {
+      try {
+        await nativeAuthService.loadCredentials();
+        if (debug) console.log("✅ [Native] Credentials auto-refreshed");
+      } catch (err) {
+        if (debug) console.warn("⚠️ [Native] Auto-refresh failed:", err);
+      }
+    }, refreshInterval);
+    return () => clearInterval(timer);
+  }, [state.status, state.credentialsLoaded, debug]);
   const loadCredentials = useCallback(async () => {
     setState((prev) => ({ ...prev, loading: true, error: null }));
     try {
@@ -1901,7 +1963,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -1962,7 +2024,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -2023,7 +2085,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -2057,7 +2119,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -2102,14 +2164,14 @@ function useNativeAuth(options) {
     }
   }, [state.processToken]);
   const setSession = useCallback((data) => {
-    const { user: savedUser } = saveSession(data, accountType);
+    const { user: savedUser } = saveSession(data, defaultAccountType);
     setState((prev) => ({
       ...prev,
       user: savedUser,
       status: "completed",
       processToken: null
     }));
-  }, [accountType]);
+  }, [defaultAccountType]);
   const logout = useCallback(async () => {
     const token = localStorage.getItem(STORAGE.AUTH_TOKEN) || localStorage.getItem(STORAGE.TOKEN);
     try {
@@ -2269,7 +2331,7 @@ function LoginModal({
   iamApiUrl,
   loading,
   showSwitchToSignup = true,
-  debug = false
+  defaultAccountType
 }) {
   const {
     status,
@@ -2288,7 +2350,7 @@ function LoginModal({
     setSession,
     reset: resetAuth,
     clearError
-  } = useNativeAuth({ saasApiUrl, iamApiUrl, debug });
+  } = useNativeAuth({ saasApiUrl, iamApiUrl, defaultAccountType });
   const [step, setStep] = useState("choice");
   const [email, setEmail] = useState("");
   const [password, setPassword] = useState("");
@@ -2797,8 +2859,7 @@ function LoginModal({
         onOpenChange: setShowPasswordRecovery,
         onSuccess: () => setShowPasswordRecovery(false),
         saasApiUrl,
-        iamApiUrl,
-        debug
+        iamApiUrl
       }
     )
   ] });
@@ -3056,8 +3117,7 @@ function useMobileRegistration(options) {
     if (options && !configuredRef.current) {
       setNativeAuthConfig({
         saasApiUrl: options.saasApiUrl,
-        iamApiUrl: options.iamApiUrl,
-        debug: options.debug
+        iamApiUrl: options.iamApiUrl
       });
       configuredRef.current = true;
     }
@@ -3356,7 +3416,7 @@ function SuccessOrbit() {
     })
   ] });
 }
-function SignupModal({ open, onOpenChange, onSwitchToLogin, onSignupSuccess, saasApiUrl, iamApiUrl, debug = false }) {
+function SignupModal({ open, onOpenChange, onSwitchToLogin, onSignupSuccess, saasApiUrl, iamApiUrl, defaultAccountType }) {
   const {
     status,
     formData,
@@ -3372,7 +3432,7 @@ function SignupModal({ open, onOpenChange, onSwitchToLogin, onSignupSuccess, saa
     resendOtp,
     reset: resetReg,
     clearError
-  } = useMobileRegistration({ saasApiUrl, iamApiUrl, debug });
+  } = useMobileRegistration({ saasApiUrl, iamApiUrl });
   const [step, setStep] = useState("intro");
   const [otpCode, setOtpCode] = useState("");
   const [password, setPassword] = useState("");
@@ -4073,7 +4133,7 @@ function NativeSSOPage({
   onLoginSuccess,
   onLogout,
   onOnboardingComplete,
-  debug,
+  accountType = "user",
   title = "Un compte, plusieurs accès",
   description = "Connectez-vous avec votre compte Ollaid pour accéder à toutes les applications partenaires.",
   logoUrl,
@@ -4091,7 +4151,7 @@ function NativeSSOPage({
     }
     return null;
   });
-  const resolvedDebug = debug !== void 0 ? debug : isDebugMode();
+  const resolvedDebug = isDebugMode();
   useEffect(() => {
     const root = document.documentElement;
     const originalValues = {};
@@ -4170,6 +4230,7 @@ function NativeSSOPage({
     localStorage.removeItem(STORAGE.TOKEN);
     localStorage.removeItem(STORAGE.USER);
     localStorage.removeItem(STORAGE.ACCOUNT_TYPE);
+    localStorage.removeItem(STORAGE.ALIAS_REFERENCE);
     setSession(null);
     onLogout == null ? void 0 : onLogout();
   }, [onLogout]);
@@ -4268,7 +4329,7 @@ function NativeSSOPage({
         onLoginSuccess: handleLoginSuccess,
         saasApiUrl,
         iamApiUrl,
-        debug: resolvedDebug
+        defaultAccountType: accountType
       }
     ),
     /* @__PURE__ */ jsx(
@@ -4282,7 +4343,7 @@ function NativeSSOPage({
         onSignupSuccess: handleLoginSuccess,
         saasApiUrl,
         iamApiUrl,
-        debug: resolvedDebug
+        defaultAccountType: accountType
       }
     ),
     pendingSession && /* @__PURE__ */ jsx(