@oxyhq/core 1.11.19 → 1.11.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +17 -2
- package/dist/cjs/.tsbuildinfo +1 -1
- package/dist/cjs/mixins/OxyServices.auth.js +14 -1
- package/dist/cjs/mixins/OxyServices.fedcm.js +102 -9
- package/dist/esm/.tsbuildinfo +1 -1
- package/dist/esm/mixins/OxyServices.auth.js +14 -1
- package/dist/esm/mixins/OxyServices.fedcm.js +101 -9
- package/dist/types/.tsbuildinfo +1 -1
- package/dist/types/mixins/OxyServices.fedcm.d.ts +33 -4
- package/package.json +1 -1
- package/src/mixins/OxyServices.auth.ts +16 -1
- package/src/mixins/OxyServices.fedcm.ts +135 -14
- package/src/mixins/__tests__/fedcm.test.ts +182 -0
- package/src/mixins/__tests__/verifyChallenge.test.ts +135 -0
package/README.md
CHANGED
|
@@ -2,10 +2,12 @@
|
|
|
2
2
|
|
|
3
3
|
OxyHQ SDK Foundation. Platform-agnostic core library that works in Node.js, browser, and React Native environments. No React dependency.
|
|
4
4
|
|
|
5
|
+
**Current published version: 1.11.20**
|
|
6
|
+
|
|
5
7
|
## Installation
|
|
6
8
|
|
|
7
9
|
```bash
|
|
8
|
-
|
|
10
|
+
bun add @oxyhq/core
|
|
9
11
|
```
|
|
10
12
|
|
|
11
13
|
## Contents
|
|
@@ -44,7 +46,20 @@ const keyManager = new KeyManager();
|
|
|
44
46
|
## Build
|
|
45
47
|
|
|
46
48
|
```bash
|
|
47
|
-
|
|
49
|
+
bun run build
|
|
48
50
|
```
|
|
49
51
|
|
|
50
52
|
Compiles with TypeScript, producing CJS, ESM, and type declaration outputs.
|
|
53
|
+
|
|
54
|
+
## KeyManager Safety
|
|
55
|
+
|
|
56
|
+
- `_persistIdentityAtomic` backs up the EXISTING identity before any overwrite, writes the new primary, runs a sign/verify probe, then refreshes the backup. A failed `createIdentity({overwrite:true})` rolls the primary back to the exact prior bytes — prior identity is never destroyed.
|
|
57
|
+
- `restoreIdentityFromBackup()` treats keychain-read exceptions as transient — never clobbers a healthy-but-locked primary. Rejects mismatched backups (dual mismatch guards).
|
|
58
|
+
- `deleteIdentity(skipBackup=false, force=false, userConfirmed=false)` — `force=true` also deletes the backup slot.
|
|
59
|
+
|
|
60
|
+
## FedCM (`OxyServices.fedcm.ts`)
|
|
61
|
+
|
|
62
|
+
- Use W3C-spec `mode` enum: `'active'` / `'passive'`. Do NOT use legacy `'button'` / `'widget'` (Chrome throws TypeError).
|
|
63
|
+
- Client sends `'active'` first, transparently retries with legacy value for Chrome 125–131 backwards compat.
|
|
64
|
+
- Token exchange requires a server-minted nonce from `POST /fedcm/nonce` — local UUID nonces are rejected.
|
|
65
|
+
- Silent SSO: module-level `silentSSOAttempted` Set keyed on `origin+baseURL` ensures the silent attempt fires exactly once per page load, surviving StrictMode double-invoke.
|