@oxyhq/core 2.1.0 → 2.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/.tsbuildinfo +1 -1
- package/dist/cjs/CrossDomainAuth.js +6 -5
- package/dist/cjs/OxyServices.base.js +16 -3
- package/dist/esm/.tsbuildinfo +1 -1
- package/dist/esm/CrossDomainAuth.js +6 -5
- package/dist/esm/OxyServices.base.js +16 -3
- package/dist/types/.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/src/CrossDomainAuth.ts +6 -5
- package/src/OxyServices.base.ts +18 -3
- package/src/mixins/__tests__/constructorAuthWebUrl.test.ts +108 -0
|
@@ -25,6 +25,7 @@
|
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
26
|
exports.CrossDomainAuth = void 0;
|
|
27
27
|
exports.createCrossDomainAuth = createCrossDomainAuth;
|
|
28
|
+
const loggerUtils_1 = require("./utils/loggerUtils");
|
|
28
29
|
class CrossDomainAuth {
|
|
29
30
|
constructor(oxyServices) {
|
|
30
31
|
this.oxyServices = oxyServices;
|
|
@@ -98,7 +99,7 @@ class CrossDomainAuth {
|
|
|
98
99
|
return session;
|
|
99
100
|
}
|
|
100
101
|
catch (error) {
|
|
101
|
-
|
|
102
|
+
loggerUtils_1.logger.warn('FedCM failed, trying popup', { component: 'CrossDomainAuth', method: 'autoSignIn' }, error);
|
|
102
103
|
}
|
|
103
104
|
}
|
|
104
105
|
// 2. Try popup (good UX, widely supported)
|
|
@@ -107,7 +108,7 @@ class CrossDomainAuth {
|
|
|
107
108
|
return await this.signInWithPopup(options);
|
|
108
109
|
}
|
|
109
110
|
catch (error) {
|
|
110
|
-
|
|
111
|
+
loggerUtils_1.logger.warn('Popup failed, falling back to redirect', { component: 'CrossDomainAuth', method: 'autoSignIn' }, error);
|
|
111
112
|
// Popup path failed — close the pre-opened popup before redirecting.
|
|
112
113
|
this.closeOrphanPopup(options.popup);
|
|
113
114
|
}
|
|
@@ -176,7 +177,7 @@ class CrossDomainAuth {
|
|
|
176
177
|
}
|
|
177
178
|
}
|
|
178
179
|
catch (error) {
|
|
179
|
-
|
|
180
|
+
loggerUtils_1.logger.debug('FedCM silent sign-in did not resolve', { component: 'CrossDomainAuth', method: 'silentSignIn' }, error);
|
|
180
181
|
}
|
|
181
182
|
}
|
|
182
183
|
// Fallback to iframe-based silent auth
|
|
@@ -184,7 +185,7 @@ class CrossDomainAuth {
|
|
|
184
185
|
return await this.oxyServices.silentSignIn();
|
|
185
186
|
}
|
|
186
187
|
catch (error) {
|
|
187
|
-
|
|
188
|
+
loggerUtils_1.logger.debug('iframe silent sign-in did not resolve', { component: 'CrossDomainAuth', method: 'silentSignIn' }, error);
|
|
188
189
|
return null;
|
|
189
190
|
}
|
|
190
191
|
}
|
|
@@ -269,7 +270,7 @@ class CrossDomainAuth {
|
|
|
269
270
|
}
|
|
270
271
|
}
|
|
271
272
|
catch (error) {
|
|
272
|
-
|
|
273
|
+
loggerUtils_1.logger.debug('stored session invalid', { component: 'CrossDomainAuth', method: 'initialize' }, error);
|
|
273
274
|
}
|
|
274
275
|
}
|
|
275
276
|
// 3. Try silent sign-in (check for SSO session at auth.oxy.so)
|
|
@@ -10,6 +10,7 @@ const jwt_decode_1 = require("jwt-decode");
|
|
|
10
10
|
const errorUtils_1 = require("./utils/errorUtils");
|
|
11
11
|
const HttpService_1 = require("./HttpService");
|
|
12
12
|
const OxyServices_errors_1 = require("./OxyServices.errors");
|
|
13
|
+
const fapiAutoDetect_1 = require("./utils/fapiAutoDetect");
|
|
13
14
|
/**
|
|
14
15
|
* Base class for OxyServices with core infrastructure
|
|
15
16
|
*/
|
|
@@ -21,10 +22,22 @@ class OxyServicesBase {
|
|
|
21
22
|
if (!config || typeof config !== 'object') {
|
|
22
23
|
throw new Error('OxyConfig is required');
|
|
23
24
|
}
|
|
24
|
-
|
|
25
|
-
|
|
25
|
+
// Auto-detect the first-party IdP (`auth.<rp-apex>`) when the caller did not
|
|
26
|
+
// pin `authWebUrl` explicitly. This mirrors the provider-`baseURL` path in
|
|
27
|
+
// `@oxyhq/services` (OxyContext), so apps that construct their OWN
|
|
28
|
+
// `OxyServices` instance and pass it to `<OxyProvider oxyServices={...} />`
|
|
29
|
+
// get the same same-site IdP resolution. On web at `https://mention.earth`
|
|
30
|
+
// this yields `https://auth.mention.earth`; on native/SSR (no `window`)
|
|
31
|
+
// `autoDetectAuthWebUrl()` returns `undefined`, leaving the auth mixins'
|
|
32
|
+
// `DEFAULT_AUTH_URL` fallback in effect — native behavior is unchanged.
|
|
33
|
+
// An explicit `authWebUrl` always wins (we only fill it when absent).
|
|
34
|
+
const resolvedConfig = config.authWebUrl
|
|
35
|
+
? config
|
|
36
|
+
: { ...config, authWebUrl: (0, fapiAutoDetect_1.autoDetectAuthWebUrl)() };
|
|
37
|
+
this.config = resolvedConfig;
|
|
38
|
+
this.cloudURL = resolvedConfig.cloudURL || 'https://cloud.oxy.so';
|
|
26
39
|
// Initialize unified HTTP service (handles auth, caching, deduplication, queuing, retry)
|
|
27
|
-
this.httpService = new HttpService_1.HttpService(
|
|
40
|
+
this.httpService = new HttpService_1.HttpService(resolvedConfig);
|
|
28
41
|
}
|
|
29
42
|
// Test-only utility to reset tokens on this instance between jest tests
|
|
30
43
|
// Note: tokens are now per-instance, so create new instances in tests for isolation
|