npm - @ollaid/native-sso - Versions diffs - 2.7.1 → 2.7.3 - Mend

@ollaid/native-sso 2.7.1 → 2.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -40,8 +40,9 @@ export { mobilePasswordService } from './services/mobilePassword';
 export { profileChangeService } from './services/profileChange';
 export { profileMediaService } from './services/profileMedia';
 export { iamAccountService } from './services/iamAccount';
-export { setNativeAuthConfig, getNativeAuthConfig, setNativeStorage, getNativeStorage, ApiError, getAuthToken, getAuthUser, getAccountType, clearAuthToken, logout, getSsoSessionSnapshot, hasSsoSession, getDeviceId, getSessionUuid, STORAGE_KEYS, PROFILE_PROMPT_KEYS, getProfilePromptState, setProfilePromptState, markProfilePromptComplete, snoozeProfilePrompt, } from './services/api';
+export { setNativeAuthConfig, getNativeAuthConfig, setNativeStorage, getNativeStorage, ApiError, getAuthToken, getAuthUser, getAccountType, clearAuthToken, clearNativeSsoStorage, repairNativeSsoStorage, logout, getSsoSessionSnapshot, hasSsoSession, getDeviceId, getSessionUuid, STORAGE_KEYS, PROFILE_PROMPT_KEYS, getProfilePromptState, setProfilePromptState, markProfilePromptComplete, snoozeProfilePrompt, } from './services/api';
 export type { NativeAuthConfig, NativeStorageAdapter, ApiErrorType, ProfilePromptState } from './services/api';
+export type { NativeSsoStorageRepairResult } from './services/api';
 export type { SsoSessionSnapshot } from './services/api';
 export type { NativeAuthType, NativeAuthStatus, AccountType, RegistrationType, NativeCredentials, NativeEncryptRequest, NativeEncryptResponse, NativeConfigResponse, NativeInitResponse, NativeValidateResponse, NativeGrantAccessResponse, NativeResendOtpResponse, NativeExchangeResponse, NativeRefreshResponse, NativeUser, NativeAuthState, UserInfos, LinkPhoneRequest, LinkPhoneResponse, LinkEmailRequest, LinkEmailResponse, RefreshUserInfoSingleRequest, RefreshUserInfoSingleResponse, RefreshUserInfoBulkRequest, RefreshUserInfoBulkResponse, UpdateAvatarRequest, UpdateAvatarResponse, ResetAvatarRequest, ResetAvatarResponse, CheckTokenResponse, } from './types/native';
 export type { MobilePasswordState, MobilePasswordStatus, } from './types/mobile';

package/dist/index.js CHANGED Viewed

@@ -7106,6 +7106,27 @@ function isRawStorageKey(key) {
 function getLegacyStorageKey(key) {
   return LEGACY_STORAGE_KEYS[key] || null;
 }
+function normalizeStorageValue(value) {
+  if (typeof value === "string") return value;
+  if (value === null || value === void 0) return "";
+  if (typeof value === "number" || typeof value === "boolean" || typeof value === "bigint") {
+    return String(value);
+  }
+  try {
+    const serialized = JSON.stringify(value);
+    return serialized ?? "";
+  } catch {
+    return String(value);
+  }
+}
+function safeJSONStringify(value) {
+  try {
+    const serialized = JSON.stringify(value);
+    return serialized ?? "null";
+  } catch {
+    return "null";
+  }
+}
 function migrateLegacyValue(base, key, legacyKey, rawValue) {
   base.setItem(key, encryptStorageValue(rawValue));
   base.removeItem(legacyKey);
@@ -7114,31 +7135,44 @@ function migrateLegacyValue(base, key, legacyKey, rawValue) {
 function getStorageEncryptionSecret() {
   var _a;
   const storage = rawStorageAdapter;
-  let seed = storage.getItem("native_sso_storage_seed");
+  let seed = storage.getItem(STORAGE_SEED_KEY);
   if (!seed) {
     seed = `seed_${Date.now()}_${Math.random().toString(36).substring(2, 15)}_${Math.random().toString(36).substring(2, 15)}`;
-    storage.setItem("native_sso_storage_seed", seed);
+    storage.setItem(STORAGE_SEED_KEY, seed);
   }
   const origin = typeof window !== "undefined" && ((_a = window.location) == null ? void 0 : _a.origin) ? window.location.origin : "unknown-origin";
   const prefix = config.configPrefix || "iam";
   return `${STORAGE_ENCRYPTION_SECRET_PREFIX}::${origin}::${prefix}::${seed}`;
 }
 function encryptStorageValue(value) {
-  const secret = getStorageEncryptionSecret();
-  const ciphertext = cryptoJsExports.AES.encrypt(value, secret).toString();
-  return `${STORAGE_ENCRYPTION_PREFIX}${ciphertext}`;
+  const normalizedValue = normalizeStorageValue(value);
+  try {
+    const secret = getStorageEncryptionSecret();
+    const ciphertext = cryptoJsExports.AES.encrypt(normalizedValue, secret).toString();
+    return `${STORAGE_ENCRYPTION_PREFIX}${ciphertext}`;
+  } catch (error) {
+    if (isDebugMode()) {
+      console.warn("⚠️ [native-sso] Encryption storage fallback to plain value", error);
+    }
+    return normalizedValue;
+  }
 }
 function decryptStorageValue(value) {
-  if (!value.startsWith(STORAGE_ENCRYPTION_PREFIX)) {
-    return value;
+  const normalizedValue = normalizeStorageValue(value);
+  if (!normalizedValue.startsWith(STORAGE_ENCRYPTION_PREFIX)) {
+    return normalizedValue;
   }
-  const secret = getStorageEncryptionSecret();
-  const ciphertext = value.slice(STORAGE_ENCRYPTION_PREFIX.length);
+  const ciphertext = normalizedValue.slice(STORAGE_ENCRYPTION_PREFIX.length);
+  if (!ciphertext) return null;
   try {
+    const secret = getStorageEncryptionSecret();
     const bytes = cryptoJsExports.AES.decrypt(ciphertext, secret);
     const plaintext = bytes.toString(cryptoJsExports.enc.Utf8);
     return plaintext || null;
-  } catch {
+  } catch (error) {
+    if (isDebugMode()) {
+      console.warn("⚠️ [native-sso] Failed to decrypt storage value, clearing corrupted entry", error);
+    }
     return null;
   }
 }
@@ -7154,8 +7188,9 @@ function createEncryptedStorageAdapter(base) {
         if (decrypted !== null) {
           return decrypted;
         }
-        if (rawValue.length > 0) {
-          base.setItem(key, encryptStorageValue(rawValue));
+        if (normalizeStorageValue(rawValue).startsWith(STORAGE_ENCRYPTION_PREFIX)) {
+          base.removeItem(key);
+          return null;
         }
         return rawValue;
       }
@@ -7176,7 +7211,7 @@ function createEncryptedStorageAdapter(base) {
     },
     setItem: (key, value) => {
       if (isRawStorageKey(key)) {
-        base.setItem(key, value);
+        base.setItem(key, normalizeStorageValue(value));
         return;
       }
       base.setItem(key, encryptStorageValue(value));
@@ -7228,6 +7263,7 @@ const getIamApiBaseUrl = () => {
 };
 const DEVICE_ID_KEY = "sso_device_id";
 const SESSION_UUID_KEY = "sso_session_uuid";
+const STORAGE_SEED_KEY = "native_sso_storage_seed";
 function generateUuid() {
   const globalCrypto = typeof globalThis !== "undefined" ? globalThis.crypto : void 0;
   if (globalCrypto && typeof globalCrypto.randomUUID === "function") {
@@ -7335,8 +7371,26 @@ const PROFILE_STORAGE = {
   IMAGE_LAST_CHECK: "sso_image_last_check",
   IMAGE_RECHECK_AT: "sso_image_recheck_at"
 };
+const ALL_SESSION_STORAGE_KEYS = [
+  STORAGE.AUTH_TOKEN,
+  STORAGE.TOKEN,
+  STORAGE.USER,
+  STORAGE.ACCOUNT_TYPE,
+  STORAGE.ALIAS_REFERENCE,
+  STORAGE.APP_ACCESS_TOKEN_REF,
+  STORAGE.REFRESH_TOKEN,
+  STORAGE.TOKEN_EXPIRES_AT,
+  STORAGE.REFRESH_EXPIRES_AT,
+  PROFILE_STORAGE.IMAGE_LAST_STATUS,
+  PROFILE_STORAGE.IMAGE_LAST_CHECK,
+  PROFILE_STORAGE.IMAGE_RECHECK_AT,
+  DEVICE_ID_KEY,
+  SESSION_UUID_KEY,
+  STORAGE_SEED_KEY
+];
 const setAuthToken = (token) => {
   const storage = getNativeStorage();
+  if (typeof token !== "string" || token.length === 0) return;
   storage.setItem(STORAGE.AUTH_TOKEN, token);
 };
 const getAuthToken = () => {
@@ -7355,13 +7409,45 @@ const clearAuthToken = () => {
   storage.removeItem(STORAGE.TOKEN_EXPIRES_AT);
   storage.removeItem(STORAGE.REFRESH_EXPIRES_AT);
 };
+const clearNativeSsoStorage = (options) => {
+  const storage = getNativeStorage();
+  const preserveDeviceIdentity = (options == null ? void 0 : options.preserveDeviceIdentity) === true;
+  ALL_SESSION_STORAGE_KEYS.forEach((key) => {
+    if (preserveDeviceIdentity && (key === DEVICE_ID_KEY || key === SESSION_UUID_KEY || key === STORAGE_SEED_KEY)) {
+      return;
+    }
+    storage.removeItem(key);
+  });
+};
+const repairNativeSsoStorage = () => {
+  const storage = getNativeStorage();
+  const authToken = getAuthToken();
+  const userRaw = storage.getItem(STORAGE.USER);
+  if (userRaw && !authToken) {
+    clearNativeSsoStorage();
+    return { cleaned: true, reason: "incomplete_session" };
+  }
+  if (authToken && !userRaw) {
+    clearNativeSsoStorage();
+    return { cleaned: true, reason: "incomplete_session" };
+  }
+  if (userRaw) {
+    try {
+      JSON.parse(userRaw);
+    } catch {
+      clearNativeSsoStorage();
+      return { cleaned: true, reason: "invalid_user_json" };
+    }
+  }
+  return { cleaned: false, reason: null };
+};
 const logout = async () => {
   const { nativeAuthService: nativeAuthService2 } = await Promise.resolve().then(() => nativeAuth);
   const token = getAuthToken();
   return nativeAuthService2.logout(token || void 0);
 };
 const setAuthUser = (user) => {
-  getNativeStorage().setItem(STORAGE.USER, JSON.stringify(user));
+  getNativeStorage().setItem(STORAGE.USER, safeJSONStringify(user));
 };
 const getAuthUser = () => {
   const user = getNativeStorage().getItem(STORAGE.USER);
@@ -9615,6 +9701,8 @@ function LoginModal({
   const [loginSuccess, setLoginSuccess] = useState(false);
   const [loginData, setLoginData] = useState(null);
   const [showPasswordRecovery, setShowPasswordRecovery] = useState(false);
+  const [passwordSubmitting, setPasswordSubmitting] = useState(false);
+  const successCallbackTimerRef = useRef(null);
   const CCPHONE = "+221";
   const isSubmitting = authLoading || loading;
   const error = localError || authError;
@@ -9632,15 +9720,11 @@ function LoginModal({
       setResendCooldown(60);
     }
   }, [status, step]);
-  useEffect(() => {
-    if (loginSuccess && loginData) {
-      const timer = setTimeout(() => {
-        onLoginSuccess == null ? void 0 : onLoginSuccess(loginData.token, loginData.user);
-      }, 1e3);
-      return () => clearTimeout(timer);
-    }
-  }, [loginSuccess, loginData, onLoginSuccess]);
   const resetState = useCallback(() => {
+    if (successCallbackTimerRef.current) {
+      clearTimeout(successCallbackTimerRef.current);
+      successCallbackTimerRef.current = null;
+    }
     setStep("choice");
     setEmail("");
     setPassword("");
@@ -9654,6 +9738,7 @@ function LoginModal({
     setLoginSuccess(false);
     setLoginData(null);
     setResendCooldown(0);
+    setPasswordSubmitting(false);
     resetAuth();
   }, [resetAuth]);
   useEffect(() => {
@@ -9666,12 +9751,34 @@ function LoginModal({
     }
   }, [open, initialPhone]);
   const finalizeLogin = (result) => {
-    if (result.success && result.user) {
+    if (result.success) {
       const token = getAuthToken() || "";
-      setLoginData({ token, user: result.user });
-      setLoginSuccess(true);
+      const resolvedUser = result.user || user;
+      if (resolvedUser) {
+        setLoginData({ token, user: resolvedUser });
+        setLoginSuccess(true);
+      }
     }
   };
+  useEffect(() => {
+    if (!loginSuccess || !loginData || !onLoginSuccess) return;
+    if (successCallbackTimerRef.current) {
+      clearTimeout(successCallbackTimerRef.current);
+    }
+    successCallbackTimerRef.current = setTimeout(() => {
+      try {
+        onLoginSuccess(loginData.token, loginData.user);
+      } catch (callbackError) {
+        console.error("Erreur dans onLoginSuccess", callbackError);
+      }
+    }, 900);
+    return () => {
+      if (successCallbackTimerRef.current) {
+        clearTimeout(successCallbackTimerRef.current);
+        successCallbackTimerRef.current = null;
+      }
+    };
+  }, [loginSuccess, loginData, onLoginSuccess]);
   const handleEmailCheck = async () => {
     setLocalError(null);
     clearError();
@@ -9688,18 +9795,24 @@ function LoginModal({
   };
   const handleEmailPasswordSubmit = async (e) => {
     e.preventDefault();
+    if (passwordSubmitting || isSubmitting) return;
+    setPasswordSubmitting(true);
     setLocalError(null);
     clearError();
-    if (!password) {
-      setLocalError("Le mot de passe est requis");
-      return;
-    }
-    if (password.length < 8) {
-      setLocalError("Le mot de passe doit contenir au moins 8 caractères");
-      return;
+    try {
+      if (!password) {
+        setLocalError("Le mot de passe est requis");
+        return;
+      }
+      if (password.length < 8) {
+        setLocalError("Le mot de passe doit contenir au moins 8 caractères");
+        return;
+      }
+      const result = await submitPassword(password);
+      finalizeLogin(result);
+    } finally {
+      setPasswordSubmitting(false);
     }
-    const result = await submitPassword(password);
-    finalizeLogin(result);
   };
   const handleEmailOtpVerify = async () => {
     setLocalError(null);
@@ -9963,7 +10076,7 @@ function LoginModal({
                     placeholder: "••••••••",
                     value: password,
                     onChange: (e) => setPassword(e.target.value),
-                    disabled: isSubmitting,
+                    disabled: isSubmitting || passwordSubmitting,
                     style: { paddingRight: "2.5rem" }
                   }
                 ),
@@ -9979,7 +10092,7 @@ function LoginModal({
               ] })
             ] })
           ] }) }),
-          /* @__PURE__ */ jsx(DialogFooter, { children: /* @__PURE__ */ jsx(Button, { type: "submit", disabled: isSubmitting || !password, style: { width: "100%" }, children: isSubmitting ? /* @__PURE__ */ jsxs("span", { style: { display: "flex", alignItems: "center", gap: "0.5rem" }, children: [
+          /* @__PURE__ */ jsx(DialogFooter, { children: /* @__PURE__ */ jsx(Button, { type: "submit", disabled: isSubmitting || passwordSubmitting || !password, style: { width: "100%" }, children: isSubmitting ? /* @__PURE__ */ jsxs("span", { style: { display: "flex", alignItems: "center", gap: "0.5rem" }, children: [
             /* @__PURE__ */ jsx(IconLoader2, { style: { width: "1rem", height: "1rem" } }),
             "Connexion..."
           ] }) : "Se connecter" }) })
@@ -13235,6 +13348,8 @@ function NativeSSOPage({
   const [showOnboarding, setShowOnboarding] = useState(false);
   const [pendingSession, setPendingSession] = useState(null);
   const [debugOnboardingState, setDebugOnboardingState] = useState(null);
+  const [redirectingTarget, setRedirectingTarget] = useState(null);
+  const [redirectingReason, setRedirectingReason] = useState(null);
   const [session, setSession] = useState(() => {
     try {
       const storage2 = getNativeStorage();
@@ -13257,6 +13372,27 @@ function NativeSSOPage({
   useEffect(() => {
     sessionRef.current = session;
   }, [session]);
+  useEffect(() => {
+    const repairResult = repairNativeSsoStorage();
+    if (repairResult.cleaned) {
+      setSession(null);
+      const isDev = Boolean(false);
+      if (isDev) {
+        console.warn("🔧 [NativeSSOPage] Storage SSO réparé", repairResult.reason);
+      }
+    }
+  }, []);
+  useEffect(() => {
+    if (!redirectingTarget) return;
+    const timer = window.setTimeout(() => {
+      const redirected = safeRedirect(redirectingTarget);
+      if (!redirected) {
+        setRedirectingTarget(null);
+        setRedirectingReason(null);
+      }
+    }, 200);
+    return () => window.clearTimeout(timer);
+  }, [redirectingTarget]);
   const clearOnboardingTimers = useCallback(() => {
     if (onboardingPromptTimerRef.current) {
       clearTimeout(onboardingPromptTimerRef.current);
@@ -13424,6 +13560,12 @@ function NativeSSOPage({
     setLoginInitialPhone(phone);
     setTimeout(() => setModal("login"), 150);
   }, []);
+  const beginRedirect = useCallback((target, reason = "login") => {
+    if (!target) return false;
+    setRedirectingReason(reason);
+    setRedirectingTarget(target);
+    return true;
+  }, []);
   const handleLoginSuccess = useCallback((token, user) => {
     const userObj = {
       reference: "",
@@ -13440,10 +13582,14 @@ function NativeSSOPage({
     void refreshSessionProfile(true);
     if (!needsOnboarding(userObj)) {
       markProfilePromptComplete();
-      onLoginSuccess == null ? void 0 : onLoginSuccess(token, user);
-      safeRedirect(redirectAfterLogin);
+      try {
+        onLoginSuccess == null ? void 0 : onLoginSuccess(token, user);
+      } catch (callbackError) {
+        console.error("Erreur dans le callback onLoginSuccess du wrapper SSO", callbackError);
+      }
+      beginRedirect(redirectAfterLogin, "login");
     }
-  }, [onLoginSuccess, redirectAfterLogin, persistSessionUser, syncProfilePrompt, refreshSessionProfile, accountType]);
+  }, [onLoginSuccess, redirectAfterLogin, persistSessionUser, syncProfilePrompt, refreshSessionProfile, accountType, beginRedirect]);
   const handleOnboardingComplete = useCallback((data) => {
     const activeSession = debugOnboardingState || pendingSession;
     if (!activeSession) return;
@@ -13487,11 +13633,15 @@ function NativeSSOPage({
     if (!debugOnboardingState) {
       persistSessionUser(activeSession.token, activeSession.user);
       snoozeProfilePrompt(PROFILE_PROMPT_SNOOZE_MS / (60 * 60 * 1e3));
-      onLoginSuccess == null ? void 0 : onLoginSuccess(activeSession.token, activeSession.user);
-      safeRedirect(redirectAfterLogin);
+      try {
+        onLoginSuccess == null ? void 0 : onLoginSuccess(activeSession.token, activeSession.user);
+      } catch (callbackError) {
+        console.error("Erreur dans le callback onLoginSuccess du wrapper SSO", callbackError);
+      }
+      beginRedirect(redirectAfterLogin, "login");
       return;
     }
-  }, [pendingSession, debugOnboardingState, onLoginSuccess, redirectAfterLogin, persistSessionUser]);
+  }, [pendingSession, debugOnboardingState, onLoginSuccess, redirectAfterLogin, persistSessionUser, beginRedirect]);
   const handleOnboardingDismiss = useCallback(() => {
     setShowOnboarding(false);
     setPendingSession(null);
@@ -13504,8 +13654,8 @@ function NativeSSOPage({
     setDebugOnboardingState(null);
     clearOnboardingTimers();
     onLogout == null ? void 0 : onLogout();
-    safeRedirect(redirectAfterLogout);
-  }, [onLogout, redirectAfterLogout, clearOnboardingTimers]);
+    beginRedirect(redirectAfterLogout, "logout");
+  }, [onLogout, redirectAfterLogout, clearOnboardingTimers, beginRedirect]);
   const openDebugLogin = useCallback(() => {
     clearOnboardingTimers();
     setShowOnboarding(false);
@@ -13520,6 +13670,10 @@ function NativeSSOPage({
     setDebugOnboardingState(null);
     setModal("signup");
   }, [clearOnboardingTimers]);
+  useEffect(() => {
+    if (!(session == null ? void 0 : session.token) || !redirectAfterLogin || redirectingTarget) return;
+    beginRedirect(redirectAfterLogin, "already-authenticated");
+  }, [session == null ? void 0 : session.token, redirectAfterLogin, redirectingTarget, beginRedirect]);
   const openDebugOnboarding = useCallback((preset = "current") => {
     if (!session) return;
     clearOnboardingTimers();
@@ -13642,14 +13796,18 @@ function NativeSSOPage({
       overflow: "hidden"
     }, children: /* @__PURE__ */ jsx(AppsLogoSlider, { iamApiUrl, speed: "normal" }) }) })
   ] }) });
+  if (redirectingTarget) {
+    return /* @__PURE__ */ jsxs("div", { style: containerStyle, children: [
+      /* @__PURE__ */ jsx(TopBranding, { subtitle: title }),
+      /* @__PURE__ */ jsx(SliderBadge, {}),
+      /* @__PURE__ */ jsx("div", { style: cardStyle, children: /* @__PURE__ */ jsxs("div", { style: { padding: "2rem 1.5rem 1.5rem", textAlign: "center" }, children: [
+        /* @__PURE__ */ jsx("h2", { style: { fontSize: "1.25rem", fontWeight: 600, color: COLORS.cardForeground }, children: redirectingReason === "logout" ? "Déconnexion réussie" : redirectingReason === "already-authenticated" ? "Session déjà valide" : "Connexion réussie" }),
+        /* @__PURE__ */ jsx("p", { style: { fontSize: "0.875rem", color: COLORS.muted, marginTop: "0.5rem" }, children: "Redirection en cours..." })
+      ] }) }),
+      /* @__PURE__ */ jsx(Footer, { hideFooter })
+    ] });
+  }
   if (session) {
-    if (redirectAfterLogin) {
-      safeRedirect(redirectAfterLogin);
-      return /* @__PURE__ */ jsxs("div", { style: containerStyle, children: [
-        /* @__PURE__ */ jsx(TopBranding, { subtitle: title }),
-        /* @__PURE__ */ jsx("p", { style: { color: "rgba(255,255,255,0.7)", fontSize: "0.875rem" }, children: "Redirection en cours..." })
-      ] });
-    }
     return /* @__PURE__ */ jsxs("div", { style: containerStyle, children: [
       /* @__PURE__ */ jsx(TopBranding, { subtitle: title }),
       /* @__PURE__ */ jsx(SliderBadge, {}),
@@ -13972,6 +14130,7 @@ export {
   STORAGE as STORAGE_KEYS,
   SignupModal,
   clearAuthToken,
+  clearNativeSsoStorage,
   getAccountType,
   getAuthToken,
   getAuthUser,
@@ -13992,6 +14151,7 @@ export {
   nativeAuthService,
   profileChangeService,
   profileMediaService,
+  repairNativeSsoStorage,
   searchCountries,
   setNativeAuthConfig,
   setNativeStorage,