@ollaid/native-sso 1.0.0 → 1.0.3

package/dist/index.cjs

@@ -454,7 +454,8 @@ let config = {
   saasApiUrl: "",
   iamApiUrl: "",
   timeout: 3e4,
-  debug: false
+  debug: false,
+  configPrefix: "iam"
 };
 const setNativeAuthConfig = (newConfig) => {
   config = { ...config, ...newConfig };
@@ -481,7 +482,8 @@ const STORAGE = {
   AUTH_TOKEN: "auth_token",
   TOKEN: "token",
   USER: "user",
-  ACCOUNT_TYPE: "account_type"
+  ACCOUNT_TYPE: "account_type",
+  ALIAS_REFERENCE: "alias_reference"
 };
 const setAuthToken = (token) => {
   if (typeof localStorage !== "undefined") {
@@ -499,6 +501,7 @@ const clearAuthToken = () => {
     localStorage.removeItem(STORAGE.TOKEN);
     localStorage.removeItem(STORAGE.USER);
     localStorage.removeItem(STORAGE.ACCOUNT_TYPE);
+    localStorage.removeItem(STORAGE.ALIAS_REFERENCE);
   }
 };
 const setAuthUser = (user) => {
@@ -572,7 +575,7 @@ async function fetchWithTimeout(url, options, timeout) {
     throw new ApiError("Erreur inattendue", "unknown");
   }
 }
-function getHeaders(token) {
+function getHeaders(token, includeConfigPrefix = false) {
   const headers = {
     "Content-Type": "application/json",
     "Accept": "application/json"
@@ -581,12 +584,19 @@ function getHeaders(token) {
   if (deviceId) {
     headers["X-Device-Id"] = deviceId;
   }
+  if (includeConfigPrefix && config.configPrefix) {
+    headers["X-IAM-Config-Prefix"] = config.configPrefix;
+  }
   if (token) {
     headers["Authorization"] = `Bearer ${token}`;
   }
   return headers;
 }
 let credentials = null;
+let credentialsLoadedAt = 0;
+let credentialsTtl = 300;
+const DEFAULT_TTL = 300;
+const REFRESH_MARGIN = 30;
 const nativeAuthService = {
   hasCredentials() {
     return credentials !== null;
@@ -594,6 +604,26 @@ const nativeAuthService = {
   getCredentials() {
     return credentials ? { ...credentials } : null;
   },
+  getCredentialsTtl() {
+    return credentialsTtl;
+  },
+  getCredentialsAge() {
+    if (!credentialsLoadedAt) return Infinity;
+    return (Date.now() - credentialsLoadedAt) / 1e3;
+  },
+  areCredentialsExpiringSoon() {
+    if (!credentials || !credentialsLoadedAt) return true;
+    const age = this.getCredentialsAge();
+    return age >= credentialsTtl - REFRESH_MARGIN;
+  },
+  async ensureFreshCredentials() {
+    if (!credentials || this.areCredentialsExpiringSoon()) {
+      if (isDebugMode()) {
+        console.log("🔄 [Native] Credentials expirés ou proches — auto-refresh");
+      }
+      await this.loadCredentials();
+    }
+  },
   async loadCredentials() {
     const config2 = getNativeAuthConfig();
     if (!config2.saasApiUrl) {
@@ -604,7 +634,7 @@ const nativeAuthService = {
     }
     const response = await fetchWithTimeout(
       `${config2.saasApiUrl}/native/config`,
-      { method: "GET", headers: getHeaders() },
+      { method: "GET", headers: getHeaders(void 0, true) },
       config2.timeout || 3e4
     );
     if (!response.success || !response.encrypted_credentials || !response.app_key) {
@@ -614,6 +644,8 @@ const nativeAuthService = {
       appKey: response.app_key,
       encryptedCredentials: response.encrypted_credentials
     };
+    credentialsLoadedAt = Date.now();
+    credentialsTtl = response.credentials_ttl || DEFAULT_TTL;
     if (typeof response.debug === "boolean") {
       const currentConfig = getNativeAuthConfig();
       if (currentConfig.debug !== true) {
@@ -621,11 +653,12 @@ const nativeAuthService = {
       }
     }
     if (isDebugMode()) {
-      console.log("✅ [SaaS] Credentials chargés (debug:", response.debug ?? "non défini", ")");
+      console.log("✅ [SaaS] Credentials chargés (ttl:", credentialsTtl, "s, debug:", response.debug ?? "non défini", ")");
     }
     return credentials;
   },
   async encrypt(type, data) {
+    await this.ensureFreshCredentials();
     if (!credentials) {
       throw new ApiError("Credentials non chargés. Appelez loadCredentials() d'abord.", "auth");
     }
@@ -776,7 +809,7 @@ const nativeAuthService = {
       `${config2.saasApiUrl}/native/exchange`,
       {
         method: "POST",
-        headers: getHeaders(),
+        headers: getHeaders(void 0, true),
         body: JSON.stringify({ callback_token: callbackToken })
       },
       config2.timeout || 3e4
@@ -805,7 +838,7 @@ const nativeAuthService = {
         `${cfg.saasApiUrl}/native/check-token`,
         {
           method: "POST",
-          headers: getHeaders(token)
+          headers: getHeaders(token, true)
         },
         1e4
       );
@@ -827,21 +860,24 @@ const nativeAuthService = {
         `${config2.saasApiUrl}/native/logout`,
         {
           method: "POST",
-          headers: getHeaders(token)
+          headers: getHeaders(token, true)
         },
         config2.timeout || 3e4
       );
       clearAuthToken();
       credentials = null;
+      credentialsLoadedAt = 0;
       return response;
     } catch {
       clearAuthToken();
       credentials = null;
+      credentialsLoadedAt = 0;
       return { success: true };
     }
   },
   clearCredentials() {
     credentials = null;
+    credentialsLoadedAt = 0;
   },
   // ============================================
   // High-level methods
@@ -1024,14 +1060,14 @@ function getErrorMessage$2(err, context) {
   return { message: `Erreur lors de ${context}`, type: "unknown" };
 }
 function useMobilePassword(options) {
-  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true, debug = false } = options;
+  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true } = options;
   const configuredRef = react.useRef(false);
   react.useEffect(() => {
     if (!configuredRef.current) {
-      setNativeAuthConfig({ saasApiUrl, iamApiUrl, debug });
+      setNativeAuthConfig({ saasApiUrl, iamApiUrl });
       configuredRef.current = true;
     }
-  }, [saasApiUrl, iamApiUrl, debug]);
+  }, [saasApiUrl, iamApiUrl]);
   const [state, setState] = react.useState({
     credentialsLoaded: false,
     processToken: null,
@@ -1267,7 +1303,7 @@ const backBtnStyle$2 = {
   color: C$3.gray700,
   zIndex: 10
 };
-function PasswordRecoveryModal({ open, onOpenChange, onSuccess, saasApiUrl, iamApiUrl, debug = false }) {
+function PasswordRecoveryModal({ open, onOpenChange, onSuccess, saasApiUrl, iamApiUrl }) {
   const {
     status,
     loading: pwLoading,
@@ -1282,7 +1318,7 @@ function PasswordRecoveryModal({ open, onOpenChange, onSuccess, saasApiUrl, iamA
     resendOtp,
     reset: resetHook,
     clearError
-  } = useMobilePassword({ saasApiUrl, iamApiUrl, debug });
+  } = useMobilePassword({ saasApiUrl, iamApiUrl });
   const [step, setStep] = react.useState("email");
   const [email, setEmail] = react.useState("");
   const [otp, setOtp] = react.useState("");
@@ -1569,11 +1605,22 @@ function useTokenHealthCheck(options) {
   }, [enabled, saasApiUrl, performCheck, debug]);
 }
 function saveSession(exchangeResult, accountType) {
+  var _a, _b;
   const sanctumToken = exchangeResult.auth_token || exchangeResult.token;
   localStorage.setItem(STORAGE.AUTH_TOKEN, sanctumToken);
   localStorage.setItem(STORAGE.TOKEN, sanctumToken);
-  const userToStore = exchangeResult.user_infos ? { ...exchangeResult.user, ...exchangeResult.user_infos } : exchangeResult.user;
-  const acctType = accountType === "phone-only" ? "client" : "user";
+  const baseUser = exchangeResult.user_infos ? { ...exchangeResult.user, ...exchangeResult.user_infos } : exchangeResult.user;
+  const aliasRef = ((_a = exchangeResult.user) == null ? void 0 : _a.alias_reference) || exchangeResult.alias_reference || "";
+  const iamRef = ((_b = exchangeResult.user) == null ? void 0 : _b.reference) || "";
+  const userToStore = {
+    ...baseUser,
+    iam_reference: iamRef,
+    alias_reference: aliasRef
+  };
+  if (aliasRef) {
+    localStorage.setItem(STORAGE.ALIAS_REFERENCE, aliasRef);
+  }
+  const acctType = typeof accountType === "string" ? accountType : "user";
   localStorage.setItem(STORAGE.USER, JSON.stringify(userToStore));
   localStorage.setItem(STORAGE.ACCOUNT_TYPE, acctType);
   return { token: sanctumToken, user: userToStore };
@@ -1583,6 +1630,7 @@ function clearSession() {
   localStorage.removeItem(STORAGE.TOKEN);
   localStorage.removeItem(STORAGE.USER);
   localStorage.removeItem(STORAGE.ACCOUNT_TYPE);
+  localStorage.removeItem(STORAGE.ALIAS_REFERENCE);
 }
 function getErrorMessage$1(err, context) {
   if (err instanceof Error) {
@@ -1597,14 +1645,15 @@ function getErrorMessage$1(err, context) {
   return { message: `Erreur lors de ${context}`, type: "unknown" };
 }
 function useNativeAuth(options) {
-  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true, debug = false } = options;
+  const { saasApiUrl, iamApiUrl, autoLoadCredentials = true, defaultAccountType = "user", configPrefix = "iam" } = options;
   const configuredRef = react.useRef(false);
+  const [isDebug, setIsDebug] = react.useState(isDebugMode());
   react.useEffect(() => {
     if (!configuredRef.current) {
-      setNativeAuthConfig({ saasApiUrl, iamApiUrl, debug });
+      setNativeAuthConfig({ saasApiUrl, iamApiUrl, configPrefix });
       configuredRef.current = true;
     }
-  }, [saasApiUrl, iamApiUrl, debug]);
+  }, [saasApiUrl, iamApiUrl, configPrefix]);
   const [state, setState] = react.useState({
     credentialsLoaded: false,
     processToken: null,
@@ -1622,7 +1671,7 @@ function useNativeAuth(options) {
   });
   const [accountType, setAccountType] = react.useState("email");
   const handleTokenInvalid = react.useCallback(() => {
-    if (debug) console.log("🔐 [HealthCheck] Token invalide — déconnexion locale");
+    if (isDebug) console.log("🔐 [HealthCheck] Token invalide — déconnexion locale");
     clearSession();
     setState({
       credentialsLoaded: false,
@@ -1639,7 +1688,7 @@ function useNativeAuth(options) {
       otpMethod: null,
       otpSentTo: null
     });
-  }, [debug]);
+  }, [isDebug]);
   const handleUserUpdated = react.useCallback((userInfos) => {
     const storedRaw = localStorage.getItem(STORAGE.USER);
     if (storedRaw) {
@@ -1657,7 +1706,7 @@ function useNativeAuth(options) {
     saasApiUrl,
     onTokenInvalid: handleTokenInvalid,
     onUserUpdated: handleUserUpdated,
-    debug
+    debug: isDebug
   });
   react.useEffect(() => {
     const storedToken = localStorage.getItem(STORAGE.AUTH_TOKEN) || localStorage.getItem(STORAGE.TOKEN);
@@ -1676,10 +1725,29 @@ function useNativeAuth(options) {
       loadCredentials();
     }
   }, [autoLoadCredentials, state.credentialsLoaded, state.user]);
+  react.useEffect(() => {
+    if (state.status === "completed" || !state.credentialsLoaded) return;
+    const ttl = nativeAuthService.getCredentialsTtl();
+    const refreshInterval = Math.max((ttl - 30) * 1e3, 3e4);
+    if (isDebug) {
+      console.log(`🔄 [Native] Auto-refresh credentials every ${refreshInterval / 1e3}s (TTL: ${ttl}s)`);
+    }
+    const timer = setInterval(async () => {
+      try {
+        await nativeAuthService.loadCredentials();
+        setIsDebug(isDebugMode());
+        if (isDebugMode()) console.log("✅ [Native] Credentials auto-refreshed");
+      } catch (err) {
+        if (isDebugMode()) console.warn("⚠️ [Native] Auto-refresh failed:", err);
+      }
+    }, refreshInterval);
+    return () => clearInterval(timer);
+  }, [state.status, state.credentialsLoaded, isDebug]);
   const loadCredentials = react.useCallback(async () => {
     setState((prev) => ({ ...prev, loading: true, error: null }));
     try {
       await nativeAuthService.loadCredentials();
+      setIsDebug(isDebugMode());
       setState((prev) => ({ ...prev, credentialsLoaded: true, loading: false }));
       return { success: true };
     } catch (err) {
@@ -1903,7 +1971,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -1964,7 +2032,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -2025,7 +2093,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -2059,7 +2127,7 @@ function useNativeAuth(options) {
       if (response.success && response.callback_token) {
         const exchangeResult = await nativeAuthService.exchange(response.callback_token);
         if (exchangeResult.success) {
-          const { user: savedUser } = saveSession(exchangeResult, accountType);
+          const { user: savedUser } = saveSession(exchangeResult, defaultAccountType);
           setState((prev) => ({
             ...prev,
             status: "completed",
@@ -2104,14 +2172,14 @@ function useNativeAuth(options) {
     }
   }, [state.processToken]);
   const setSession = react.useCallback((data) => {
-    const { user: savedUser } = saveSession(data, accountType);
+    const { user: savedUser } = saveSession(data, defaultAccountType);
     setState((prev) => ({
       ...prev,
       user: savedUser,
       status: "completed",
       processToken: null
     }));
-  }, [accountType]);
+  }, [defaultAccountType]);
   const logout = react.useCallback(async () => {
     const token = localStorage.getItem(STORAGE.AUTH_TOKEN) || localStorage.getItem(STORAGE.TOKEN);
     try {
@@ -2167,6 +2235,8 @@ function useNativeAuth(options) {
     error: state.error,
     errorType: state.errorType,
     isAuthenticated: state.status === "completed" && state.user !== null,
+    /** Debug réactif — mis à jour après loadCredentials */
+    isDebug,
     accountType,
     isPhoneOnly: accountType === "phone-only",
     otpMethod: state.otpMethod,
@@ -2271,7 +2341,7 @@ function LoginModal({
   iamApiUrl,
   loading,
   showSwitchToSignup = true,
-  debug = false
+  defaultAccountType
 }) {
   const {
     status,
@@ -2290,7 +2360,7 @@ function LoginModal({
     setSession,
     reset: resetAuth,
     clearError
-  } = useNativeAuth({ saasApiUrl, iamApiUrl, debug });
+  } = useNativeAuth({ saasApiUrl, iamApiUrl, defaultAccountType });
   const [step, setStep] = react.useState("choice");
   const [email, setEmail] = react.useState("");
   const [password, setPassword] = react.useState("");
@@ -2799,8 +2869,7 @@ function LoginModal({
         onOpenChange: setShowPasswordRecovery,
         onSuccess: () => setShowPasswordRecovery(false),
         saasApiUrl,
-        iamApiUrl,
-        debug
+        iamApiUrl
       }
     )
   ] });
@@ -2885,17 +2954,18 @@ function PhoneInput({
     ] })
   ] });
 }
-function AppsLogoSlider({ speed = "normal", className = "" }) {
+function AppsLogoSlider({ speed = "normal", className = "", iamApiUrl: iamApiUrlProp }) {
   const scrollRef = react.useRef(null);
   const [isPaused, setIsPaused] = react.useState(false);
   const [applications, setApplications] = react.useState([]);
   const [isLoading, setIsLoading] = react.useState(true);
   const speedMap = { slow: 50, normal: 30, fast: 15 };
   react.useEffect(() => {
+    const resolvedIamApiUrl = iamApiUrlProp || getNativeAuthConfig().iamApiUrl;
+    if (!resolvedIamApiUrl) return;
     const fetchApps = async () => {
       try {
-        const config2 = getNativeAuthConfig();
-        const iamBaseUrl = config2.iamApiUrl.replace("/api", "");
+        const iamBaseUrl = resolvedIamApiUrl.replace("/api", "");
         const response = await fetch(`${iamBaseUrl}/api/public/applications`, { headers: { "Accept": "application/json" } });
         if (response.ok) {
           const data = await response.json();
@@ -2907,7 +2977,7 @@ function AppsLogoSlider({ speed = "normal", className = "" }) {
       }
     };
     fetchApps();
-  }, []);
+  }, [iamApiUrlProp]);
   react.useEffect(() => {
     const container = scrollRef.current;
     if (!container || applications.length === 0) return;
@@ -2924,8 +2994,8 @@ function AppsLogoSlider({ speed = "normal", className = "" }) {
   const getLogoUrl = (logo) => {
     if (!logo) return null;
     if (logo.startsWith("http")) return logo;
-    const config2 = getNativeAuthConfig();
-    return `${config2.iamApiUrl.replace("/api", "")}/storage/applications/${logo}`;
+    const resolvedUrl = iamApiUrlProp || getNativeAuthConfig().iamApiUrl;
+    return `${resolvedUrl.replace("/api", "")}/storage/applications/${logo}`;
   };
   if (isLoading) {
     return /* @__PURE__ */ jsxRuntime.jsx("div", { className, style: { overflow: "hidden" }, children: /* @__PURE__ */ jsxRuntime.jsx("div", { style: { display: "flex", gap: "1rem", padding: "0.5rem 0" }, children: [1, 2, 3, 4, 5].map((i) => /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { flexShrink: 0, display: "flex", flexDirection: "column", alignItems: "center", gap: "0.5rem" }, children: [
@@ -3058,8 +3128,7 @@ function useMobileRegistration(options) {
     if (options && !configuredRef.current) {
       setNativeAuthConfig({
         saasApiUrl: options.saasApiUrl,
-        iamApiUrl: options.iamApiUrl,
-        debug: options.debug
+        iamApiUrl: options.iamApiUrl
       });
       configuredRef.current = true;
     }
@@ -3358,7 +3427,7 @@ function SuccessOrbit() {
     })
   ] });
 }
-function SignupModal({ open, onOpenChange, onSwitchToLogin, onSignupSuccess, saasApiUrl, iamApiUrl, debug = false }) {
+function SignupModal({ open, onOpenChange, onSwitchToLogin, onSignupSuccess, saasApiUrl, iamApiUrl, defaultAccountType }) {
   const {
     status,
     formData,
@@ -3374,7 +3443,7 @@ function SignupModal({ open, onOpenChange, onSwitchToLogin, onSignupSuccess, saa
     resendOtp,
     reset: resetReg,
     clearError
-  } = useMobileRegistration({ saasApiUrl, iamApiUrl, debug });
+  } = useMobileRegistration({ saasApiUrl, iamApiUrl });
   const [step, setStep] = react.useState("intro");
   const [otpCode, setOtpCode] = react.useState("");
   const [password, setPassword] = react.useState("");
@@ -3521,7 +3590,7 @@ function SignupModal({ open, onOpenChange, onSwitchToLogin, onSignupSuccess, saa
         /* @__PURE__ */ jsxRuntime.jsx(DialogTitle, { children: "Ouvrez un compte Ollaid" }),
         /* @__PURE__ */ jsxRuntime.jsx(DialogDescription, { children: "Un compte unique qui vous donne accès à toutes les applications" })
       ] }),
-      /* @__PURE__ */ jsxRuntime.jsx(AppsLogoSlider, {}),
+      /* @__PURE__ */ jsxRuntime.jsx(AppsLogoSlider, { iamApiUrl }),
       /* @__PURE__ */ jsxRuntime.jsx("div", { style: { display: "flex", flexDirection: "column", gap: "0.75rem", fontSize: "0.875rem", color: C$1.gray500, margin: "1rem 0" }, children: ["Un seul compte pour toutes les applications", "Plus besoin de multiples mots de passe", "Connexion simplifiée et sécurisée"].map((text) => /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { display: "flex", alignItems: "center", gap: "0.75rem" }, children: [
         /* @__PURE__ */ jsxRuntime.jsx(IconCheckCircle2, { style: { width: "1.25rem", height: "1.25rem", color: C$1.green, flexShrink: 0 } }),
         text
@@ -4075,7 +4144,8 @@ function NativeSSOPage({
   onLoginSuccess,
   onLogout,
   onOnboardingComplete,
-  debug,
+  accountType = "user",
+  configPrefix = "iam",
   title = "Un compte, plusieurs accès",
   description = "Connectez-vous avec votre compte Ollaid pour accéder à toutes les applications partenaires.",
   logoUrl,
@@ -4093,7 +4163,7 @@ function NativeSSOPage({
     }
     return null;
   });
-  const resolvedDebug = debug !== void 0 ? debug : isDebugMode();
+  const { isDebug: resolvedDebug } = useNativeAuth({ saasApiUrl, iamApiUrl, configPrefix, autoLoadCredentials: true });
   react.useEffect(() => {
     const root = document.documentElement;
     const originalValues = {};
@@ -4172,6 +4242,7 @@ function NativeSSOPage({
     localStorage.removeItem(STORAGE.TOKEN);
     localStorage.removeItem(STORAGE.USER);
     localStorage.removeItem(STORAGE.ACCOUNT_TYPE);
+    localStorage.removeItem(STORAGE.ALIAS_REFERENCE);
     setSession(null);
     onLogout == null ? void 0 : onLogout();
   }, [onLogout]);
@@ -4209,7 +4280,7 @@ function NativeSSOPage({
   ] }) });
   if (session) {
     return /* @__PURE__ */ jsxRuntime.jsxs("div", { style: containerStyle, children: [
-      /* @__PURE__ */ jsxRuntime.jsx("div", { style: { width: "100%", maxWidth: "28rem", marginBottom: "1.5rem" }, children: /* @__PURE__ */ jsxRuntime.jsx(AppsLogoSlider, {}) }),
+      /* @__PURE__ */ jsxRuntime.jsx("div", { style: { width: "100%", maxWidth: "28rem", marginBottom: "1.5rem" }, children: /* @__PURE__ */ jsxRuntime.jsx(AppsLogoSlider, { iamApiUrl }) }),
       /* @__PURE__ */ jsxRuntime.jsx("div", { style: cardStyle, children: /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { padding: "2rem 1.5rem 1.5rem" }, children: [
         /* @__PURE__ */ jsxRuntime.jsx(BrandingHeader, {}),
         /* @__PURE__ */ jsxRuntime.jsxs("h2", { style: { fontSize: "1.25rem", fontWeight: 600, textAlign: "center", color: COLORS.cardForeground }, children: [
@@ -4229,7 +4300,7 @@ function NativeSSOPage({
     ] });
   }
   return /* @__PURE__ */ jsxRuntime.jsxs("div", { style: containerStyle, children: [
-    /* @__PURE__ */ jsxRuntime.jsx("div", { style: { width: "100%", maxWidth: "28rem", marginBottom: "1.5rem" }, children: logoUrl ? /* @__PURE__ */ jsxRuntime.jsx("img", { src: logoUrl, alt: "Logo", style: { height: "3rem", margin: "0 auto" } }) : /* @__PURE__ */ jsxRuntime.jsx(AppsLogoSlider, {}) }),
+    /* @__PURE__ */ jsxRuntime.jsx("div", { style: { width: "100%", maxWidth: "28rem", marginBottom: "1.5rem" }, children: logoUrl ? /* @__PURE__ */ jsxRuntime.jsx("img", { src: logoUrl, alt: "Logo", style: { height: "3rem", margin: "0 auto" } }) : /* @__PURE__ */ jsxRuntime.jsx(AppsLogoSlider, { iamApiUrl }) }),
     /* @__PURE__ */ jsxRuntime.jsx("div", { style: cardStyle, children: /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { padding: "2rem 1.5rem 1.5rem" }, children: [
       /* @__PURE__ */ jsxRuntime.jsx(BrandingHeader, {}),
       /* @__PURE__ */ jsxRuntime.jsx("h2", { style: { fontSize: "1.25rem", fontWeight: 600, textAlign: "center", color: COLORS.cardForeground, marginBottom: "0.5rem" }, children: title }),
@@ -4270,7 +4341,7 @@ function NativeSSOPage({
         onLoginSuccess: handleLoginSuccess,
         saasApiUrl,
         iamApiUrl,
-        debug: resolvedDebug
+        defaultAccountType: accountType
       }
     ),
     /* @__PURE__ */ jsxRuntime.jsx(
@@ -4284,7 +4355,7 @@ function NativeSSOPage({
         onSignupSuccess: handleLoginSuccess,
         saasApiUrl,
         iamApiUrl,
-        debug: resolvedDebug
+        defaultAccountType: accountType
       }
     ),
     pendingSession && /* @__PURE__ */ jsxRuntime.jsx(