@ollaid/native-sso 2.7.8 → 2.7.9

package/dist/components/DebugPanel.d.ts

@@ -11,7 +11,8 @@ interface DebugPanelProps {
     onOpenLogin?: () => void;
     onOpenSignup?: () => void;
     onOpenOnboarding?: (preset: DebugOnboardingPreset) => void;
+    onOpenPassword?: () => void;
     onResetProfilePrompt?: () => void;
 }
-export declare function DebugPanel({ saasApiUrl, iamApiUrl, onOpenLogin, onOpenSignup, onOpenOnboarding, onResetProfilePrompt }: DebugPanelProps): import("react/jsx-runtime").JSX.Element;
+export declare function DebugPanel({ saasApiUrl, iamApiUrl, onOpenLogin, onOpenSignup, onOpenOnboarding, onOpenPassword, onResetProfilePrompt }: DebugPanelProps): import("react/jsx-runtime").JSX.Element;
 export default DebugPanel;

package/dist/components/PasswordRedirectModal.d.ts

@@ -0,0 +1,12 @@
+interface PasswordRedirectModalProps {
+    open: boolean;
+    onOpenChange: (open: boolean) => void;
+    saasApiUrl?: string;
+    /**
+     * @deprecated Gardé pour compatibilité ascendante.
+     * Préférer `saasApiUrl` car le flux mot de passe passe désormais par le backend SaaS.
+     */
+    iamApiUrl?: string;
+}
+declare const PasswordRedirectModal: ({ open, onOpenChange, saasApiUrl, iamApiUrl }: PasswordRedirectModalProps) => import("react/jsx-runtime").JSX.Element;
+export default PasswordRedirectModal;

package/dist/index.cjs

@@ -11243,7 +11243,7 @@ function SuccessOrbit() {
       justifyContent: "center",
       zIndex: 2
     }, children: /* @__PURE__ */ jsxRuntime.jsx(IconLink, { style: { width: "1.7rem", height: "1.7rem", color: C$1.green } }) }),
-    orbitIcons.map((Icon, i) => {
+    orbitIcons.map((Icon2, i) => {
       const angle = i * 360 / orbitIcons.length;
       return /* @__PURE__ */ jsxRuntime.jsx("div", { style: {
         position: "absolute",
@@ -11262,7 +11262,7 @@ function SuccessOrbit() {
         display: "flex",
         alignItems: "center",
         justifyContent: "center"
-      }, children: /* @__PURE__ */ jsxRuntime.jsx(Icon, { style: { width: "1rem", height: "1rem", color: C$1.gray500 } }) }) }, i);
+      }, children: /* @__PURE__ */ jsxRuntime.jsx(Icon2, { style: { width: "1rem", height: "1rem", color: C$1.gray500 } }) }) }, i);
     })
   ] });
 }
@@ -13300,7 +13300,248 @@ function OnboardingModal({
     renderConfirmDialog()
   ] });
 }
-function DebugPanel({ saasApiUrl, iamApiUrl, onOpenLogin, onOpenSignup, onOpenOnboarding, onResetProfilePrompt }) {
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+const toKebabCase = (string) => string.replace(/([a-z0-9])([A-Z])/g, "$1-$2").toLowerCase();
+const mergeClasses = (...classes) => classes.filter((className, index, array) => {
+  return Boolean(className) && className.trim() !== "" && array.indexOf(className) === index;
+}).join(" ").trim();
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+var defaultAttributes = {
+  xmlns: "http://www.w3.org/2000/svg",
+  width: 24,
+  height: 24,
+  viewBox: "0 0 24 24",
+  fill: "none",
+  stroke: "currentColor",
+  strokeWidth: 2,
+  strokeLinecap: "round",
+  strokeLinejoin: "round"
+};
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+const Icon = react.forwardRef(
+  ({
+    color = "currentColor",
+    size = 24,
+    strokeWidth = 2,
+    absoluteStrokeWidth,
+    className = "",
+    children,
+    iconNode,
+    ...rest
+  }, ref) => {
+    return react.createElement(
+      "svg",
+      {
+        ref,
+        ...defaultAttributes,
+        width: size,
+        height: size,
+        stroke: color,
+        strokeWidth: absoluteStrokeWidth ? Number(strokeWidth) * 24 / Number(size) : strokeWidth,
+        className: mergeClasses("lucide", className),
+        ...rest
+      },
+      [
+        ...iconNode.map(([tag, attrs]) => react.createElement(tag, attrs)),
+        ...Array.isArray(children) ? children : [children]
+      ]
+    );
+  }
+);
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+const createLucideIcon = (iconName, iconNode) => {
+  const Component = react.forwardRef(
+    ({ className, ...props }, ref) => react.createElement(Icon, {
+      ref,
+      iconNode,
+      className: mergeClasses(`lucide-${toKebabCase(iconName)}`, className),
+      ...props
+    })
+  );
+  Component.displayName = `${iconName}`;
+  return Component;
+};
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+const ExternalLink = createLucideIcon("ExternalLink", [
+  ["path", { d: "M15 3h6v6", key: "1q9fwt" }],
+  ["path", { d: "M10 14 21 3", key: "gplh6r" }],
+  ["path", { d: "M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6", key: "a6xqqp" }]
+]);
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+const LoaderCircle = createLucideIcon("LoaderCircle", [
+  ["path", { d: "M21 12a9 9 0 1 1-6.219-8.56", key: "13zald" }]
+]);
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+const LockKeyhole = createLucideIcon("LockKeyhole", [
+  ["circle", { cx: "12", cy: "16", r: "1", key: "1au0dj" }],
+  ["rect", { x: "3", y: "10", width: "18", height: "12", rx: "2", key: "6s8ecr" }],
+  ["path", { d: "M7 10V7a5 5 0 0 1 10 0v3", key: "1pqi11" }]
+]);
+/**
+ * @license lucide-react v0.462.0 - ISC
+ *
+ * This source code is licensed under the ISC license.
+ * See the LICENSE file in the root directory of this source tree.
+ */
+const ShieldCheck = createLucideIcon("ShieldCheck", [
+  [
+    "path",
+    {
+      d: "M20 13c0 5-3.5 7.5-7.66 8.95a1 1 0 0 1-.67-.01C7.5 20.5 4 18 4 13V6a1 1 0 0 1 1-1c2 0 4.5-1.2 6.24-2.72a1.17 1.17 0 0 1 1.52 0C14.51 3.81 17 5 19 5a1 1 0 0 1 1 1z",
+      key: "oel41y"
+    }
+  ],
+  ["path", { d: "m9 12 2 2 4-4", key: "dzmm74" }]
+]);
+const PasswordRedirectModal = ({ open, onOpenChange, saasApiUrl, iamApiUrl }) => {
+  const [confirmOpen, setConfirmOpen] = react.useState(false);
+  const [loading, setLoading] = react.useState(false);
+  const [errorMessage, setErrorMessage] = react.useState(null);
+  const apiBaseUrl = react.useMemo(() => {
+    const source = saasApiUrl || iamApiUrl;
+    if (!source) {
+      return "";
+    }
+    const normalized = source.replace(/\/$/, "");
+    return normalized.endsWith("/api") ? normalized : `${normalized}/api`;
+  }, [saasApiUrl, iamApiUrl]);
+  const buildUrl = (redirectUrl, magicToken) => {
+    if (redirectUrl) {
+      return redirectUrl;
+    }
+    if (magicToken) {
+      const fallbackUrl = new URL("/auth/auto-connect", "https://iam.ollaid.com");
+      fallbackUrl.searchParams.set("magic_token", magicToken);
+      return fallbackUrl.toString();
+    }
+    return "";
+  };
+  const handleRedirect = async () => {
+    if (loading) return;
+    setLoading(true);
+    setErrorMessage(null);
+    try {
+      const authToken = getAuthToken();
+      const appAccessTokenRef = getNativeStorage().getItem(STORAGE.APP_ACCESS_TOKEN_REF);
+      if (!authToken && !appAccessTokenRef) {
+        throw new Error("Session Native SSO introuvable");
+      }
+      if (!apiBaseUrl) {
+        throw new Error("saasApiUrl non configurée");
+      }
+      const result = await fetchWithTimeout(
+        `${apiBaseUrl}/native/password-link`,
+        {
+          method: "POST",
+          headers: getHeaders(authToken || void 0, true)
+        },
+        2e4
+      );
+      if (!result.success) {
+        throw new Error(result.message || "Impossible de générer le lien");
+      }
+      const redirectUrl = buildUrl(
+        typeof result.redirect_url === "string" && result.redirect_url.length > 0 ? result.redirect_url : typeof result.sso_url === "string" && result.sso_url.length > 0 ? result.sso_url : "",
+        result.magic_token
+      );
+      if (!redirectUrl) {
+        throw new Error("URL de redirection manquante");
+      }
+      window.open(redirectUrl, "_blank", "noopener,noreferrer");
+      onOpenChange(false);
+      setConfirmOpen(false);
+    } catch (error) {
+      const message = error instanceof ApiError ? error.message : (error == null ? void 0 : error.message) || "Impossible de lancer le flux de mot de passe";
+      setErrorMessage(message);
+    } finally {
+      setLoading(false);
+    }
+  };
+  return /* @__PURE__ */ jsxRuntime.jsxs(jsxRuntime.Fragment, { children: [
+    /* @__PURE__ */ jsxRuntime.jsx(Dialog, { open, onOpenChange, children: /* @__PURE__ */ jsxRuntime.jsxs(DialogContent, { style: { maxWidth: "28rem", borderRadius: "16px", background: "#fff" }, children: [
+      /* @__PURE__ */ jsxRuntime.jsxs(DialogHeader, { children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { style: { margin: "0 auto 12px", width: 56, height: 56, borderRadius: "50%", background: "rgba(232, 67, 10, 0.1)", display: "flex", alignItems: "center", justifyContent: "center", color: "#e8430a" }, children: /* @__PURE__ */ jsxRuntime.jsx(LockKeyhole, { size: 28 }) }),
+        /* @__PURE__ */ jsxRuntime.jsx(DialogTitle, { style: { textAlign: "center" }, children: "Mot de passe géré par OLLAID SSO" }),
+        /* @__PURE__ */ jsxRuntime.jsx(DialogDescription, { style: { textAlign: "center" }, children: "Ce bouton sert à tester la redirection vers IAM et l'ouverture du modal de changement de mot de passe." })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { border: "1px solid #e5e7eb", borderRadius: 12, padding: 16, background: "#f8fafc", color: "#475569", fontSize: 13, display: "grid", gap: 8 }, children: [
+        /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { display: "flex", gap: 8, alignItems: "flex-start" }, children: [
+          /* @__PURE__ */ jsxRuntime.jsx(ShieldCheck, { size: 16, color: "#e8430a" }),
+          /* @__PURE__ */ jsxRuntime.jsx("span", { children: "Le SaaS agit comme relais. Le backend SaaS appelle IAM côté serveur, puis renvoie l'URL de redirection." })
+        ] }),
+        /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { display: "flex", gap: 8, alignItems: "flex-start" }, children: [
+          /* @__PURE__ */ jsxRuntime.jsx(ExternalLink, { size: 16, color: "#e8430a" }),
+          /* @__PURE__ */ jsxRuntime.jsx("span", { children: "Une fenêtre IAM va s'ouvrir avec auto-connexion temporaire, sans appel direct du navigateur vers IAM." })
+        ] })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs(DialogFooter, { style: { gap: 12 }, children: [
+        /* @__PURE__ */ jsxRuntime.jsx(Button, { variant: "outline", onClick: () => onOpenChange(false), style: { flex: 1 }, disabled: loading, children: "Fermer" }),
+        /* @__PURE__ */ jsxRuntime.jsx(Button, { onClick: () => setConfirmOpen(true), disabled: loading, style: { flex: 1 }, children: loading ? /* @__PURE__ */ jsxRuntime.jsxs(jsxRuntime.Fragment, { children: [
+          /* @__PURE__ */ jsxRuntime.jsx(LoaderCircle, { size: 16, style: { marginRight: 8, animation: "spin 1s linear infinite" } }),
+          "Préparation..."
+        ] }) : "Changer mon mot de passe" })
+      ] })
+    ] }) }),
+    /* @__PURE__ */ jsxRuntime.jsx(Dialog, { open: confirmOpen, onOpenChange: (nextOpen) => {
+      if (!loading) {
+        setConfirmOpen(nextOpen);
+      }
+    }, children: /* @__PURE__ */ jsxRuntime.jsxs(DialogContent, { style: { maxWidth: "26rem", borderRadius: "16px", background: "#fff" }, children: [
+      /* @__PURE__ */ jsxRuntime.jsxs(DialogHeader, { children: [
+        /* @__PURE__ */ jsxRuntime.jsx(DialogTitle, { children: "Êtes-vous sûr de rediriger vers le SSO ?" }),
+        /* @__PURE__ */ jsxRuntime.jsx(DialogDescription, { children: "Cette action ouvre IAM dans un nouvel onglet et prépare l'auto-connexion pour tester le changement de mot de passe." })
+      ] }),
+      errorMessage && /* @__PURE__ */ jsxRuntime.jsx("div", { style: { border: "1px solid #fecaca", background: "#fef2f2", color: "#b91c1c", borderRadius: 12, padding: 12, fontSize: 13 }, children: errorMessage }),
+      loading && /* @__PURE__ */ jsxRuntime.jsxs("div", { style: { display: "flex", flexDirection: "column", alignItems: "center", gap: 10, padding: "8px 0 4px" }, children: [
+        /* @__PURE__ */ jsxRuntime.jsx(LoaderCircle, { size: 26, style: { animation: "spin 1s linear infinite", color: "#e8430a" } }),
+        /* @__PURE__ */ jsxRuntime.jsx("div", { style: { fontSize: 13, color: "#475569", textAlign: "center" }, children: "Création de la session en cours..." })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs(DialogFooter, { style: { gap: 12 }, children: [
+        /* @__PURE__ */ jsxRuntime.jsx(Button, { variant: "outline", onClick: () => setConfirmOpen(false), style: { flex: 1 }, disabled: loading, children: "Annuler" }),
+        /* @__PURE__ */ jsxRuntime.jsx(Button, { onClick: handleRedirect, style: { flex: 1 }, disabled: loading, children: loading ? /* @__PURE__ */ jsxRuntime.jsxs(jsxRuntime.Fragment, { children: [
+          /* @__PURE__ */ jsxRuntime.jsx(LoaderCircle, { size: 16, style: { marginRight: 8, animation: "spin 1s linear infinite" } }),
+          "Confirmer..."
+        ] }) : "Confirmer" })
+      ] })
+    ] }) })
+  ] });
+};
+function DebugPanel({ saasApiUrl, iamApiUrl, onOpenLogin, onOpenSignup, onOpenOnboarding, onOpenPassword, onResetProfilePrompt }) {
   const [logs, setLogs] = react.useState([]);
   const [expanded, setExpanded] = react.useState(true);
   const [selectedLog, setSelectedLog] = react.useState(null);
@@ -13440,6 +13681,18 @@ function DebugPanel({ saasApiUrl, iamApiUrl, onOpenLogin, onOpenSignup, onOpenOn
               children: "Infos profile"
             }
           ),
+          /* @__PURE__ */ jsxRuntime.jsx(
+            "button",
+            {
+              onClick: (e) => {
+                e.stopPropagation();
+                onOpenPassword == null ? void 0 : onOpenPassword();
+              },
+              disabled: !onOpenPassword,
+              style: { background: "#334155", color: "#e2e8f0", border: "none", borderRadius: "4px", padding: "2px 8px", cursor: onOpenPassword ? "pointer" : "not-allowed", fontSize: "11px", opacity: onOpenPassword ? 1 : 0.5 },
+              children: "Mot de passe"
+            }
+          ),
           /* @__PURE__ */ jsxRuntime.jsx(
             "button",
             {
@@ -13633,6 +13886,7 @@ function NativeSSOPage({
   const [showOnboarding, setShowOnboarding] = react.useState(false);
   const [pendingSession, setPendingSession] = react.useState(null);
   const [debugOnboardingState, setDebugOnboardingState] = react.useState(null);
+  const [passwordRedirectOpen, setPasswordRedirectOpen] = react.useState(false);
   const [redirectingTarget, setRedirectingTarget] = react.useState(null);
   const [redirectingReason, setRedirectingReason] = react.useState(null);
   const [session, setSession] = react.useState(() => {
@@ -14005,6 +14259,9 @@ function NativeSSOPage({
       setShowOnboarding(true);
     }
   }, [session, clearOnboardingTimers]);
+  const openDebugPassword = react.useCallback(() => {
+    setPasswordRedirectOpen(true);
+  }, []);
   react.useEffect(() => {
     syncProfilePrompt(session);
     return () => {
@@ -14152,8 +14409,18 @@ function NativeSSOPage({
           onOpenLogin: openDebugLogin,
           onOpenSignup: openDebugSignup,
           onOpenOnboarding: openDebugOnboarding,
+          onOpenPassword: openDebugPassword,
           onResetProfilePrompt: resetDebugProfilePrompt
         }
+      ),
+      /* @__PURE__ */ jsxRuntime.jsx(
+        PasswordRedirectModal,
+        {
+          open: passwordRedirectOpen,
+          onOpenChange: setPasswordRedirectOpen,
+          saasApiUrl,
+          iamApiUrl
+        }
       )
     ] });
   }
@@ -14233,8 +14500,18 @@ function NativeSSOPage({
         onOpenLogin: openDebugLogin,
         onOpenSignup: openDebugSignup,
         onOpenOnboarding: openDebugOnboarding,
+        onOpenPassword: openDebugPassword,
         onResetProfilePrompt: resetDebugProfilePrompt
       }
+    ),
+    /* @__PURE__ */ jsxRuntime.jsx(
+      PasswordRedirectModal,
+      {
+        open: passwordRedirectOpen,
+        onOpenChange: setPasswordRedirectOpen,
+        saasApiUrl,
+        iamApiUrl
+      }
     )
   ] });
 }