@opensecret/react 1.3.0 → 1.3.1

package/dist/index.d.ts

@@ -129,6 +129,7 @@ declare type AppleAuthResponse = {
  * @property email - Optional email address (only provided on first sign-in)
  * @property given_name - Optional user's first name (only provided on first sign-in)
  * @property family_name - Optional user's last name (only provided on first sign-in)
+ * @property nonce - Optional nonce for preventing replay attacks
  */
 declare type AppleUser = {
     user_identifier: string;
@@ -136,6 +137,7 @@ declare type AppleUser = {
     email?: string;
     given_name?: string;
     family_name?: string;
+    nonce?: string;
 };
 
 declare interface Attestation {
@@ -518,6 +520,11 @@ declare function handleAppleCallback(code: string, state: string, inviteCode: st
  *
  * Note: Email and name information are only provided by Apple on the first
  * authentication. Your backend should store this information for future use.
+ *
+ * The nonce parameter (optional) can be provided as part of the appleUser object.
+ * When using Sign in with Apple, you can generate a nonce on your client and pass
+ * it both to Apple during authentication initiation and to this function for validation.
+ * The backend will verify that the nonce in the JWT matches what was provided.
  */
 declare function handleAppleNativeSignIn(appleUser: AppleUser, client_id: string, inviteCode?: string): Promise<LoginResponse>;
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opensecret/react",
-  "version": "1.3.0",
+  "version": "1.3.1",
   "license": "MIT",
   "type": "module",
   "files": [