npm - @oxyhq/core - Versions diffs - 1.11.19 → 1.11.20 - Mend

@oxyhq/core 1.11.19 → 1.11.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +17 -2
package/dist/cjs/.tsbuildinfo +1 -1
package/dist/cjs/mixins/OxyServices.fedcm.js +22 -9
package/dist/esm/.tsbuildinfo +1 -1
package/dist/esm/mixins/OxyServices.fedcm.js +22 -9
package/dist/types/.tsbuildinfo +1 -1
package/dist/types/mixins/OxyServices.fedcm.d.ts +9 -4
package/package.json +1 -1
package/src/mixins/OxyServices.fedcm.ts +52 -14

package/dist/esm/mixins/OxyServices.fedcm.js CHANGED Viewed

@@ -140,9 +140,11 @@ export function OxyServicesFedCMMixin(Base) {
                     debug.log('Interactive sign-in: Got credential, exchanging for session');
                     // Exchange FedCM ID token for Oxy session
                     const session = await this.exchangeIdTokenForSession(credential.token);
-                    // Store access token in HttpService (extract from response or get from session)
-                    if (session && session.accessToken) {
-                        this.httpService.setTokens(session.accessToken);
+                    // Store access token in HttpService. `accessToken`/`refreshToken` are
+                    // declared optional on SessionLoginResponse; default the refresh token to
+                    // an empty string when the exchange did not return one.
+                    if (session?.accessToken) {
+                        this.httpService.setTokens(session.accessToken, session.refreshToken ?? '');
                     }
                     // Store the user ID as loginHint for future FedCM requests
                     if (session?.user?.id) {
@@ -154,10 +156,13 @@ export function OxyServicesFedCMMixin(Base) {
                 catch (error) {
                     debug.log('Interactive sign-in failed:', error);
                     const errorMessage = error instanceof Error ? error.message : String(error);
-                    if (error.name === 'AbortError') {
+                    // FedCM aborts/network failures surface as DOMException/Error instances,
+                    // both of which carry a `name`. Anything else has no meaningful name.
+                    const errorName = error instanceof Error ? error.name : '';
+                    if (errorName === 'AbortError') {
                         throw new OxyAuthenticationError('Sign-in was cancelled by user');
                     }
-                    if (error.name === 'NetworkError') {
+                    if (errorName === 'NetworkError') {
                         throw new OxyAuthenticationError('Network error during sign-in. Please check your connection.');
                     }
                     if (errorMessage.includes('multiple accounts')) {
@@ -269,9 +274,11 @@ export function OxyServicesFedCMMixin(Base) {
                     debug.error('Silent SSO: Exchange returned session without user:', session);
                     return null;
                 }
-                // Set the access token
+                // Set the access token. `accessToken`/`refreshToken` are declared optional
+                // on SessionLoginResponse; default the refresh token to an empty string when
+                // the exchange did not return one.
                 if (session.accessToken) {
-                    this.httpService.setTokens(session.accessToken);
+                    this.httpService.setTokens(session.accessToken, session.refreshToken ?? '');
                     debug.log('Silent SSO: Access token set');
                 }
                 else {
@@ -457,9 +464,15 @@ export function OxyServicesFedCMMixin(Base) {
                     return;
                 }
                 try {
-                    if ('IdentityCredential' in window && 'disconnect' in window.IdentityCredential) {
+                    // The DOM lib does not declare the global `IdentityCredential` interface
+                    // object (with its static `disconnect`) in every TypeScript version we
+                    // build against. Read it off `window` through the minimal structural type
+                    // (not `any`), guarding that `disconnect` is actually present at runtime.
+                    const fedCMWindow = window;
+                    const identityCredential = fedCMWindow.IdentityCredential;
+                    if (identityCredential && typeof identityCredential.disconnect === 'function') {
                         const clientId = this.getClientId();
-                        await window.IdentityCredential.disconnect({
+                        await identityCredential.disconnect({
                             configURL: this.resolveFedcmConfigUrl(),
                             clientId,
                             accountHint: accountHint || '*',