@oxyhq/services 14.0.1 → 15.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/index.js +0 -17
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/ui/components/SignInAccountChooser.js +189 -0
- package/lib/commonjs/ui/components/SignInAccountChooser.js.map +1 -0
- package/lib/commonjs/ui/components/SignInModal.js +350 -131
- package/lib/commonjs/ui/components/SignInModal.js.map +1 -1
- package/lib/commonjs/ui/context/OxyContext.js +340 -1547
- package/lib/commonjs/ui/context/OxyContext.js.map +1 -1
- package/lib/commonjs/ui/context/hooks/useAuthOperations.js +61 -64
- package/lib/commonjs/ui/context/hooks/useAuthOperations.js.map +1 -1
- package/lib/commonjs/ui/hooks/useAuth.js +14 -33
- package/lib/commonjs/ui/hooks/useAuth.js.map +1 -1
- package/lib/commonjs/ui/hooks/usePasswordSignIn.js +170 -0
- package/lib/commonjs/ui/hooks/usePasswordSignIn.js.map +1 -0
- package/lib/commonjs/ui/hooks/useProfileEditing.js +2 -5
- package/lib/commonjs/ui/hooks/useProfileEditing.js.map +1 -1
- package/lib/commonjs/ui/hooks/useSessionManagement.js +2 -2
- package/lib/commonjs/ui/hooks/useSessionManagement.js.map +1 -1
- package/lib/commonjs/ui/navigation/routes.js +1 -0
- package/lib/commonjs/ui/navigation/routes.js.map +1 -1
- package/lib/commonjs/ui/screens/EditProfileFieldScreen.js +93 -68
- package/lib/commonjs/ui/screens/EditProfileFieldScreen.js.map +1 -1
- package/lib/commonjs/ui/screens/EditProfileScreen.js +187 -0
- package/lib/commonjs/ui/screens/EditProfileScreen.js.map +1 -0
- package/lib/commonjs/ui/screens/ManageAccountScreen.js +3 -7
- package/lib/commonjs/ui/screens/ManageAccountScreen.js.map +1 -1
- package/lib/commonjs/ui/screens/OxyAuthScreen.js +231 -95
- package/lib/commonjs/ui/screens/OxyAuthScreen.js.map +1 -1
- package/lib/commonjs/ui/screens/ProfileScreen.js +15 -2
- package/lib/commonjs/ui/screens/ProfileScreen.js.map +1 -1
- package/lib/commonjs/ui/screens/linkFormat.js +38 -0
- package/lib/commonjs/ui/screens/linkFormat.js.map +1 -0
- package/lib/commonjs/ui/session/authStore.js +146 -0
- package/lib/commonjs/ui/session/authStore.js.map +1 -0
- package/lib/commonjs/ui/session/createSessionClient.js +25 -10
- package/lib/commonjs/ui/session/createSessionClient.js.map +1 -1
- package/lib/commonjs/ui/session/index.js +13 -7
- package/lib/commonjs/ui/session/index.js.map +1 -1
- package/lib/commonjs/ui/session/tokenTransport.js +19 -31
- package/lib/commonjs/ui/session/tokenTransport.js.map +1 -1
- package/lib/commonjs/ui/utils/isWebBrowser.js +13 -0
- package/lib/commonjs/ui/utils/isWebBrowser.js.map +1 -0
- package/lib/commonjs/utils/deviceFlowSignIn.js +13 -16
- package/lib/commonjs/utils/deviceFlowSignIn.js.map +1 -1
- package/lib/module/index.js +0 -5
- package/lib/module/index.js.map +1 -1
- package/lib/module/ui/components/SignInAccountChooser.js +183 -0
- package/lib/module/ui/components/SignInAccountChooser.js.map +1 -0
- package/lib/module/ui/components/SignInModal.js +352 -134
- package/lib/module/ui/components/SignInModal.js.map +1 -1
- package/lib/module/ui/context/OxyContext.js +342 -1551
- package/lib/module/ui/context/OxyContext.js.map +1 -1
- package/lib/module/ui/context/hooks/useAuthOperations.js +60 -63
- package/lib/module/ui/context/hooks/useAuthOperations.js.map +1 -1
- package/lib/module/ui/hooks/useAuth.js +14 -33
- package/lib/module/ui/hooks/useAuth.js.map +1 -1
- package/lib/module/ui/hooks/usePasswordSignIn.js +165 -0
- package/lib/module/ui/hooks/usePasswordSignIn.js.map +1 -0
- package/lib/module/ui/hooks/useProfileEditing.js +2 -5
- package/lib/module/ui/hooks/useProfileEditing.js.map +1 -1
- package/lib/module/ui/hooks/useSessionManagement.js +1 -1
- package/lib/module/ui/hooks/useSessionManagement.js.map +1 -1
- package/lib/module/ui/navigation/routes.js +1 -0
- package/lib/module/ui/navigation/routes.js.map +1 -1
- package/lib/module/ui/screens/EditProfileFieldScreen.js +91 -66
- package/lib/module/ui/screens/EditProfileFieldScreen.js.map +1 -1
- package/lib/module/ui/screens/EditProfileScreen.js +182 -0
- package/lib/module/ui/screens/EditProfileScreen.js.map +1 -0
- package/lib/module/ui/screens/ManageAccountScreen.js +3 -7
- package/lib/module/ui/screens/ManageAccountScreen.js.map +1 -1
- package/lib/module/ui/screens/OxyAuthScreen.js +233 -97
- package/lib/module/ui/screens/OxyAuthScreen.js.map +1 -1
- package/lib/module/ui/screens/ProfileScreen.js +15 -2
- package/lib/module/ui/screens/ProfileScreen.js.map +1 -1
- package/lib/module/ui/screens/linkFormat.js +31 -0
- package/lib/module/ui/screens/linkFormat.js.map +1 -0
- package/lib/module/ui/session/authStore.js +143 -0
- package/lib/module/ui/session/authStore.js.map +1 -0
- package/lib/module/ui/session/createSessionClient.js +25 -10
- package/lib/module/ui/session/createSessionClient.js.map +1 -1
- package/lib/module/ui/session/index.js +9 -9
- package/lib/module/ui/session/index.js.map +1 -1
- package/lib/module/ui/session/tokenTransport.js +20 -33
- package/lib/module/ui/session/tokenTransport.js.map +1 -1
- package/lib/module/ui/utils/isWebBrowser.js +11 -0
- package/lib/module/ui/utils/isWebBrowser.js.map +1 -0
- package/lib/module/utils/deviceFlowSignIn.js +14 -17
- package/lib/module/utils/deviceFlowSignIn.js.map +1 -1
- package/lib/typescript/commonjs/index.d.ts +0 -1
- package/lib/typescript/commonjs/index.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/components/SignInAccountChooser.d.ts +29 -0
- package/lib/typescript/commonjs/ui/components/SignInAccountChooser.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/components/SignInModal.d.ts +15 -10
- package/lib/typescript/commonjs/ui/components/SignInModal.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/OxyContext.d.ts +36 -42
- package/lib/typescript/commonjs/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/hooks/useAuthOperations.d.ts +18 -23
- package/lib/typescript/commonjs/ui/context/hooks/useAuthOperations.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/mutations/useAccountMutations.d.ts +0 -2
- package/lib/typescript/commonjs/ui/hooks/mutations/useAccountMutations.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/usePasswordSignIn.d.ts +31 -0
- package/lib/typescript/commonjs/ui/hooks/usePasswordSignIn.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/hooks/useProfileEditing.d.ts +0 -1
- package/lib/typescript/commonjs/ui/hooks/useProfileEditing.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/navigation/routes.d.ts +1 -1
- package/lib/typescript/commonjs/ui/navigation/routes.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/screens/EditProfileFieldScreen.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/screens/EditProfileScreen.d.ts +14 -0
- package/lib/typescript/commonjs/ui/screens/EditProfileScreen.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/screens/ManageAccountScreen.d.ts +1 -1
- package/lib/typescript/commonjs/ui/screens/ManageAccountScreen.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/screens/OxyAuthScreen.d.ts +13 -12
- package/lib/typescript/commonjs/ui/screens/OxyAuthScreen.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/screens/ProfileScreen.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/screens/linkFormat.d.ts +23 -0
- package/lib/typescript/commonjs/ui/screens/linkFormat.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/session/authStore.d.ts +33 -0
- package/lib/typescript/commonjs/ui/session/authStore.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/session/createSessionClient.d.ts +20 -9
- package/lib/typescript/commonjs/ui/session/createSessionClient.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/session/index.d.ts +9 -9
- package/lib/typescript/commonjs/ui/session/index.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/session/tokenTransport.d.ts +13 -19
- package/lib/typescript/commonjs/ui/session/tokenTransport.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/utils/isWebBrowser.d.ts +9 -0
- package/lib/typescript/commonjs/ui/utils/isWebBrowser.d.ts.map +1 -0
- package/lib/typescript/commonjs/utils/deviceFlowSignIn.d.ts +15 -13
- package/lib/typescript/commonjs/utils/deviceFlowSignIn.d.ts.map +1 -1
- package/lib/typescript/module/index.d.ts +0 -1
- package/lib/typescript/module/index.d.ts.map +1 -1
- package/lib/typescript/module/ui/components/SignInAccountChooser.d.ts +29 -0
- package/lib/typescript/module/ui/components/SignInAccountChooser.d.ts.map +1 -0
- package/lib/typescript/module/ui/components/SignInModal.d.ts +15 -10
- package/lib/typescript/module/ui/components/SignInModal.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/OxyContext.d.ts +36 -42
- package/lib/typescript/module/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/hooks/useAuthOperations.d.ts +18 -23
- package/lib/typescript/module/ui/context/hooks/useAuthOperations.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/mutations/useAccountMutations.d.ts +0 -2
- package/lib/typescript/module/ui/hooks/mutations/useAccountMutations.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/usePasswordSignIn.d.ts +31 -0
- package/lib/typescript/module/ui/hooks/usePasswordSignIn.d.ts.map +1 -0
- package/lib/typescript/module/ui/hooks/useProfileEditing.d.ts +0 -1
- package/lib/typescript/module/ui/hooks/useProfileEditing.d.ts.map +1 -1
- package/lib/typescript/module/ui/navigation/routes.d.ts +1 -1
- package/lib/typescript/module/ui/navigation/routes.d.ts.map +1 -1
- package/lib/typescript/module/ui/screens/EditProfileFieldScreen.d.ts.map +1 -1
- package/lib/typescript/module/ui/screens/EditProfileScreen.d.ts +14 -0
- package/lib/typescript/module/ui/screens/EditProfileScreen.d.ts.map +1 -0
- package/lib/typescript/module/ui/screens/ManageAccountScreen.d.ts +1 -1
- package/lib/typescript/module/ui/screens/ManageAccountScreen.d.ts.map +1 -1
- package/lib/typescript/module/ui/screens/OxyAuthScreen.d.ts +13 -12
- package/lib/typescript/module/ui/screens/OxyAuthScreen.d.ts.map +1 -1
- package/lib/typescript/module/ui/screens/ProfileScreen.d.ts.map +1 -1
- package/lib/typescript/module/ui/screens/linkFormat.d.ts +23 -0
- package/lib/typescript/module/ui/screens/linkFormat.d.ts.map +1 -0
- package/lib/typescript/module/ui/session/authStore.d.ts +33 -0
- package/lib/typescript/module/ui/session/authStore.d.ts.map +1 -0
- package/lib/typescript/module/ui/session/createSessionClient.d.ts +20 -9
- package/lib/typescript/module/ui/session/createSessionClient.d.ts.map +1 -1
- package/lib/typescript/module/ui/session/index.d.ts +9 -9
- package/lib/typescript/module/ui/session/index.d.ts.map +1 -1
- package/lib/typescript/module/ui/session/tokenTransport.d.ts +13 -19
- package/lib/typescript/module/ui/session/tokenTransport.d.ts.map +1 -1
- package/lib/typescript/module/ui/utils/isWebBrowser.d.ts +9 -0
- package/lib/typescript/module/ui/utils/isWebBrowser.d.ts.map +1 -0
- package/lib/typescript/module/utils/deviceFlowSignIn.d.ts +15 -13
- package/lib/typescript/module/utils/deviceFlowSignIn.d.ts.map +1 -1
- package/package.json +4 -4
- package/src/index.ts +0 -4
- package/src/ui/components/SignInAccountChooser.tsx +162 -0
- package/src/ui/components/SignInModal.tsx +309 -139
- package/src/ui/context/OxyContext.tsx +532 -1785
- package/src/ui/context/hooks/useAuthOperations.ts +65 -76
- package/src/ui/hooks/useAuth.ts +14 -35
- package/src/ui/hooks/usePasswordSignIn.ts +207 -0
- package/src/ui/hooks/useProfileEditing.ts +2 -8
- package/src/ui/hooks/useSessionManagement.ts +1 -1
- package/src/ui/navigation/routes.ts +2 -0
- package/src/ui/screens/EditProfileFieldScreen.tsx +102 -66
- package/src/ui/screens/EditProfileScreen.tsx +155 -0
- package/src/ui/screens/ManageAccountScreen.tsx +3 -7
- package/src/ui/screens/OxyAuthScreen.tsx +259 -112
- package/src/ui/screens/ProfileScreen.tsx +15 -2
- package/src/ui/screens/__tests__/linkFormat.test.ts +73 -0
- package/src/ui/screens/linkFormat.ts +37 -0
- package/src/ui/session/__tests__/createSessionClient.test.ts +49 -6
- package/src/ui/session/__tests__/tokenTransport.test.ts +37 -49
- package/src/ui/session/authStore.ts +164 -0
- package/src/ui/session/createSessionClient.ts +32 -11
- package/src/ui/session/index.ts +10 -9
- package/src/ui/session/tokenTransport.ts +26 -36
- package/src/ui/utils/isWebBrowser.ts +8 -0
- package/src/utils/__tests__/deviceFlowSignIn.test.ts +50 -131
- package/src/utils/deviceFlowSignIn.ts +19 -26
- package/lib/commonjs/ui/context/inSessionTokenRefresh.js +0 -243
- package/lib/commonjs/ui/context/inSessionTokenRefresh.js.map +0 -1
- package/lib/commonjs/ui/context/silentSessionRestore.js +0 -56
- package/lib/commonjs/ui/context/silentSessionRestore.js.map +0 -1
- package/lib/commonjs/ui/hooks/useWebSSO.js +0 -28
- package/lib/commonjs/ui/hooks/useWebSSO.js.map +0 -1
- package/lib/commonjs/ui/session/projectSessionState.js +0 -86
- package/lib/commonjs/ui/session/projectSessionState.js.map +0 -1
- package/lib/commonjs/ui/session/sessionClientHost.js +0 -30
- package/lib/commonjs/ui/session/sessionClientHost.js.map +0 -1
- package/lib/commonjs/ui/utils/activeAuthuser.js +0 -142
- package/lib/commonjs/ui/utils/activeAuthuser.js.map +0 -1
- package/lib/commonjs/utils/crossApex.js +0 -74
- package/lib/commonjs/utils/crossApex.js.map +0 -1
- package/lib/module/ui/context/inSessionTokenRefresh.js +0 -238
- package/lib/module/ui/context/inSessionTokenRefresh.js.map +0 -1
- package/lib/module/ui/context/silentSessionRestore.js +0 -53
- package/lib/module/ui/context/silentSessionRestore.js.map +0 -1
- package/lib/module/ui/hooks/useWebSSO.js +0 -24
- package/lib/module/ui/hooks/useWebSSO.js.map +0 -1
- package/lib/module/ui/session/projectSessionState.js +0 -79
- package/lib/module/ui/session/projectSessionState.js.map +0 -1
- package/lib/module/ui/session/sessionClientHost.js +0 -26
- package/lib/module/ui/session/sessionClientHost.js.map +0 -1
- package/lib/module/ui/utils/activeAuthuser.js +0 -134
- package/lib/module/ui/utils/activeAuthuser.js.map +0 -1
- package/lib/module/utils/crossApex.js +0 -69
- package/lib/module/utils/crossApex.js.map +0 -1
- package/lib/typescript/commonjs/ui/context/inSessionTokenRefresh.d.ts +0 -106
- package/lib/typescript/commonjs/ui/context/inSessionTokenRefresh.d.ts.map +0 -1
- package/lib/typescript/commonjs/ui/context/silentSessionRestore.d.ts +0 -36
- package/lib/typescript/commonjs/ui/context/silentSessionRestore.d.ts.map +0 -1
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts +0 -19
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts.map +0 -1
- package/lib/typescript/commonjs/ui/session/projectSessionState.d.ts +0 -45
- package/lib/typescript/commonjs/ui/session/projectSessionState.d.ts.map +0 -1
- package/lib/typescript/commonjs/ui/session/sessionClientHost.d.ts +0 -14
- package/lib/typescript/commonjs/ui/session/sessionClientHost.d.ts.map +0 -1
- package/lib/typescript/commonjs/ui/utils/activeAuthuser.d.ts +0 -67
- package/lib/typescript/commonjs/ui/utils/activeAuthuser.d.ts.map +0 -1
- package/lib/typescript/commonjs/utils/crossApex.d.ts +0 -55
- package/lib/typescript/commonjs/utils/crossApex.d.ts.map +0 -1
- package/lib/typescript/module/ui/context/inSessionTokenRefresh.d.ts +0 -106
- package/lib/typescript/module/ui/context/inSessionTokenRefresh.d.ts.map +0 -1
- package/lib/typescript/module/ui/context/silentSessionRestore.d.ts +0 -36
- package/lib/typescript/module/ui/context/silentSessionRestore.d.ts.map +0 -1
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts +0 -19
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts.map +0 -1
- package/lib/typescript/module/ui/session/projectSessionState.d.ts +0 -45
- package/lib/typescript/module/ui/session/projectSessionState.d.ts.map +0 -1
- package/lib/typescript/module/ui/session/sessionClientHost.d.ts +0 -14
- package/lib/typescript/module/ui/session/sessionClientHost.d.ts.map +0 -1
- package/lib/typescript/module/ui/utils/activeAuthuser.d.ts +0 -67
- package/lib/typescript/module/ui/utils/activeAuthuser.d.ts.map +0 -1
- package/lib/typescript/module/utils/crossApex.d.ts +0 -55
- package/lib/typescript/module/utils/crossApex.d.ts.map +0 -1
- package/src/ui/context/inSessionTokenRefresh.ts +0 -264
- package/src/ui/context/silentSessionRestore.ts +0 -53
- package/src/ui/hooks/useWebSSO.ts +0 -23
- package/src/ui/session/__tests__/projectSessionState.test.ts +0 -114
- package/src/ui/session/__tests__/sessionClientHost.test.ts +0 -43
- package/src/ui/session/projectSessionState.ts +0 -85
- package/src/ui/session/sessionClientHost.ts +0 -27
- package/src/ui/utils/activeAuthuser.ts +0 -142
- package/src/utils/crossApex.ts +0 -75
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Platform `AuthStateStore` for `@oxyhq/services`.
|
|
5
|
+
*
|
|
6
|
+
* The device-first session model persists the rotating refresh-token family
|
|
7
|
+
* head per origin (web) / per device (native). `@oxyhq/core` owns the store
|
|
8
|
+
* shape + logic (`createWebAuthStateStore` / `createNativeAuthStateStore`); this
|
|
9
|
+
* module only supplies the platform storage seam and wires the native device
|
|
10
|
+
* token to the SHARED keychain so every native Oxy app joins one DeviceSession:
|
|
11
|
+
*
|
|
12
|
+
* - web → `createWebAuthStateStore()` (localStorage, in-memory fallback).
|
|
13
|
+
* - native → `createNativeAuthStateStore(secureKV)` for the SESSION blob
|
|
14
|
+
* (refresh token) over `expo-secure-store` (AsyncStorage fallback), with the
|
|
15
|
+
* long-lived DEVICE token delegated to `KeyManager`'s shared keychain
|
|
16
|
+
* (`group.so.oxy.shared`) instead of per-app storage — so an in-app login on
|
|
17
|
+
* any native Oxy app attributes to the SAME server-side DeviceSession.
|
|
18
|
+
*
|
|
19
|
+
* `expo-secure-store` is loaded via a runtime-computed dynamic import (the same
|
|
20
|
+
* optional-native-module pattern `OxyProvider` uses for netinfo / keyboard
|
|
21
|
+
* controller), so the web bundle never pulls it and a device without it falls
|
|
22
|
+
* back to AsyncStorage rather than crashing.
|
|
23
|
+
*/
|
|
24
|
+
import { KeyManager, createWebAuthStateStore, createNativeAuthStateStore, logger } from '@oxyhq/core';
|
|
25
|
+
import { createPlatformStorage, isReactNative } from "../utils/storageHelpers.js";
|
|
26
|
+
|
|
27
|
+
// Variable indirection so Metro's static analyzer never traces expo-secure-store
|
|
28
|
+
// into the web bundle; the module is native-only and optional.
|
|
29
|
+
const SECURE_STORE_MODULE = 'expo-secure-store';
|
|
30
|
+
let secureStorePromise = null;
|
|
31
|
+
|
|
32
|
+
/**
|
|
33
|
+
* Resolve the `expo-secure-store` module once (memoised), or `null` when it is
|
|
34
|
+
* unavailable — callers then fall back to AsyncStorage. Never throws.
|
|
35
|
+
*/
|
|
36
|
+
function loadSecureStore() {
|
|
37
|
+
if (!secureStorePromise) {
|
|
38
|
+
const moduleName = SECURE_STORE_MODULE;
|
|
39
|
+
secureStorePromise = import(moduleName).then(mod => {
|
|
40
|
+
if (typeof mod.getItemAsync === 'function' && typeof mod.setItemAsync === 'function' && typeof mod.deleteItemAsync === 'function') {
|
|
41
|
+
return {
|
|
42
|
+
getItemAsync: mod.getItemAsync.bind(mod),
|
|
43
|
+
setItemAsync: mod.setItemAsync.bind(mod),
|
|
44
|
+
deleteItemAsync: mod.deleteItemAsync.bind(mod)
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
return null;
|
|
48
|
+
}).catch(() => null);
|
|
49
|
+
}
|
|
50
|
+
return secureStorePromise;
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
/**
|
|
54
|
+
* A native `NativeKeyValueStorage` that prefers `expo-secure-store` (encrypted
|
|
55
|
+
* at rest) and falls back to AsyncStorage when SecureStore is not installed.
|
|
56
|
+
* The SecureStore module is resolved lazily on first access so construction
|
|
57
|
+
* stays synchronous.
|
|
58
|
+
*/
|
|
59
|
+
function createNativeSecureKeyValueStorage() {
|
|
60
|
+
let asyncStorage = null;
|
|
61
|
+
const getAsyncStorage = async () => {
|
|
62
|
+
if (!asyncStorage) {
|
|
63
|
+
asyncStorage = await createPlatformStorage();
|
|
64
|
+
}
|
|
65
|
+
return asyncStorage;
|
|
66
|
+
};
|
|
67
|
+
return {
|
|
68
|
+
getItem: async key => {
|
|
69
|
+
const secure = await loadSecureStore();
|
|
70
|
+
if (secure) {
|
|
71
|
+
return secure.getItemAsync(key);
|
|
72
|
+
}
|
|
73
|
+
return (await getAsyncStorage()).getItem(key);
|
|
74
|
+
},
|
|
75
|
+
setItem: async (key, value) => {
|
|
76
|
+
const secure = await loadSecureStore();
|
|
77
|
+
if (secure) {
|
|
78
|
+
await secure.setItemAsync(key, value);
|
|
79
|
+
return;
|
|
80
|
+
}
|
|
81
|
+
await (await getAsyncStorage()).setItem(key, value);
|
|
82
|
+
},
|
|
83
|
+
removeItem: async key => {
|
|
84
|
+
const secure = await loadSecureStore();
|
|
85
|
+
if (secure) {
|
|
86
|
+
await secure.deleteItemAsync(key);
|
|
87
|
+
return;
|
|
88
|
+
}
|
|
89
|
+
await (await getAsyncStorage()).removeItem(key);
|
|
90
|
+
}
|
|
91
|
+
};
|
|
92
|
+
}
|
|
93
|
+
|
|
94
|
+
/**
|
|
95
|
+
* Build the platform {@link AuthStateStore} for this runtime.
|
|
96
|
+
*
|
|
97
|
+
* Native additionally routes the device token through the shared keychain so
|
|
98
|
+
* every native Oxy app shares one server-side DeviceSession; the session blob
|
|
99
|
+
* (refresh token) stays per-app in SecureStore. Best-effort keychain access —
|
|
100
|
+
* a locked/failed shared-keychain read degrades to "no device token" rather
|
|
101
|
+
* than throwing out of cold boot / refresh.
|
|
102
|
+
*/
|
|
103
|
+
export function createPlatformAuthStateStore() {
|
|
104
|
+
if (!isReactNative()) {
|
|
105
|
+
return createWebAuthStateStore();
|
|
106
|
+
}
|
|
107
|
+
const base = createNativeAuthStateStore(createNativeSecureKeyValueStorage());
|
|
108
|
+
return {
|
|
109
|
+
...base,
|
|
110
|
+
loadDeviceToken: async () => {
|
|
111
|
+
try {
|
|
112
|
+
return await KeyManager.getSharedDeviceToken();
|
|
113
|
+
} catch (error) {
|
|
114
|
+
logger.debug('Shared device-token read failed (treating as none)', {
|
|
115
|
+
component: 'authStore',
|
|
116
|
+
method: 'loadDeviceToken'
|
|
117
|
+
}, error);
|
|
118
|
+
return null;
|
|
119
|
+
}
|
|
120
|
+
},
|
|
121
|
+
saveDeviceToken: async token => {
|
|
122
|
+
try {
|
|
123
|
+
await KeyManager.setSharedDeviceToken(token);
|
|
124
|
+
} catch (error) {
|
|
125
|
+
logger.debug('Shared device-token write failed (non-fatal)', {
|
|
126
|
+
component: 'authStore',
|
|
127
|
+
method: 'saveDeviceToken'
|
|
128
|
+
}, error);
|
|
129
|
+
}
|
|
130
|
+
},
|
|
131
|
+
clearDeviceToken: async () => {
|
|
132
|
+
try {
|
|
133
|
+
await KeyManager.clearSharedDeviceToken();
|
|
134
|
+
} catch (error) {
|
|
135
|
+
logger.debug('Shared device-token clear failed (non-fatal)', {
|
|
136
|
+
component: 'authStore',
|
|
137
|
+
method: 'clearDeviceToken'
|
|
138
|
+
}, error);
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
};
|
|
142
|
+
}
|
|
143
|
+
//# sourceMappingURL=authStore.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["KeyManager","createWebAuthStateStore","createNativeAuthStateStore","logger","createPlatformStorage","isReactNative","SECURE_STORE_MODULE","secureStorePromise","loadSecureStore","moduleName","then","mod","getItemAsync","setItemAsync","deleteItemAsync","bind","catch","createNativeSecureKeyValueStorage","asyncStorage","getAsyncStorage","getItem","key","secure","setItem","value","removeItem","createPlatformAuthStateStore","base","loadDeviceToken","getSharedDeviceToken","error","debug","component","method","saveDeviceToken","token","setSharedDeviceToken","clearDeviceToken","clearSharedDeviceToken"],"sourceRoot":"../../../../src","sources":["ui/session/authStore.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SACEA,UAAU,EACVC,uBAAuB,EACvBC,0BAA0B,EAG1BC,MAAM,QACD,aAAa;AACpB,SAASC,qBAAqB,EAAEC,aAAa,QAAQ,4BAAyB;;AAE9E;AACA;AACA,MAAMC,mBAAmB,GAAG,mBAAmB;AAQ/C,IAAIC,kBAA0D,GAAG,IAAI;;AAErE;AACA;AACA;AACA;AACA,SAASC,eAAeA,CAAA,EAAoC;EAC1D,IAAI,CAACD,kBAAkB,EAAE;IACvB,MAAME,UAAU,GAAGH,mBAAmB;IACtCC,kBAAkB,GAAG,MAAM,CAACE,UAAU,CAAC,CACpCC,IAAI,CAAEC,GAA6B,IAAK;MACvC,IACE,OAAOA,GAAG,CAACC,YAAY,KAAK,UAAU,IACtC,OAAOD,GAAG,CAACE,YAAY,KAAK,UAAU,IACtC,OAAOF,GAAG,CAACG,eAAe,KAAK,UAAU,EACzC;QACA,OAAO;UACLF,YAAY,EAAED,GAAG,CAACC,YAAY,CAACG,IAAI,CAACJ,GAAG,CAAC;UACxCE,YAAY,EAAEF,GAAG,CAACE,YAAY,CAACE,IAAI,CAACJ,GAAG,CAAC;UACxCG,eAAe,EAAEH,GAAG,CAACG,eAAe,CAACC,IAAI,CAACJ,GAAG;QAC/C,CAAC;MACH;MACA,OAAO,IAAI;IACb,CAAC,CAAC,CACDK,KAAK,CAAC,MAAM,IAAI,CAAC;EACtB;EACA,OAAOT,kBAAkB;AAC3B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASU,iCAAiCA,CAAA,EAA0B;EAClE,IAAIC,YAAsE,GAAG,IAAI;EACjF,MAAMC,eAAe,GAAG,MAAAA,CAAA,KAAY;IAClC,IAAI,CAACD,YAAY,EAAE;MACjBA,YAAY,GAAG,MAAMd,qBAAqB,CAAC,CAAC;IAC9C;IACA,OAAOc,YAAY;EACrB,CAAC;EACD,OAAO;IACLE,OAAO,EAAE,MAAOC,GAAG,IAAK;MACtB,MAAMC,MAAM,GAAG,MAAMd,eAAe,CAAC,CAAC;MACtC,IAAIc,MAAM,EAAE;QACV,OAAOA,MAAM,CAACV,YAAY,CAACS,GAAG,CAAC;MACjC;MACA,OAAO,CAAC,MAAMF,eAAe,CAAC,CAAC,EAAEC,OAAO,CAACC,GAAG,CAAC;IAC/C,CAAC;IACDE,OAAO,EAAE,MAAAA,CAAOF,GAAG,EAAEG,KAAK,KAAK;MAC7B,MAAMF,MAAM,GAAG,MAAMd,eAAe,CAAC,CAAC;MACtC,IAAIc,MAAM,EAAE;QACV,MAAMA,MAAM,CAACT,YAAY,CAACQ,GAAG,EAAEG,KAAK,CAAC;QACrC;MACF;MACA,MAAM,CAAC,MAAML,eAAe,CAAC,CAAC,EAAEI,OAAO,CAACF,GAAG,EAAEG,KAAK,CAAC;IACrD,CAAC;IACDC,UAAU,EAAE,MAAOJ,GAAG,IAAK;MACzB,MAAMC,MAAM,GAAG,MAAMd,eAAe,CAAC,CAAC;MACtC,IAAIc,MAAM,EAAE;QACV,MAAMA,MAAM,CAACR,eAAe,CAACO,GAAG,CAAC;QACjC;MACF;MACA,MAAM,CAAC,MAAMF,eAAe,CAAC,CAAC,EAAEM,UAAU,CAACJ,GAAG,CAAC;IACjD;EACF,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASK,4BAA4BA,CAAA,EAAmB;EAC7D,IAAI,CAACrB,aAAa,CAAC,CAAC,EAAE;IACpB,OAAOJ,uBAAuB,CAAC,CAAC;EAClC;EAEA,MAAM0B,IAAI,GAAGzB,0BAA0B,CAACe,iCAAiC,CAAC,CAAC,CAAC;EAC5E,OAAO;IACL,GAAGU,IAAI;IACPC,eAAe,EAAE,MAAAA,CAAA,KAAY;MAC3B,IAAI;QACF,OAAO,MAAM5B,UAAU,CAAC6B,oBAAoB,CAAC,CAAC;MAChD,CAAC,CAAC,OAAOC,KAAK,EAAE;QACd3B,MAAM,CAAC4B,KAAK,CACV,oDAAoD,EACpD;UAAEC,SAAS,EAAE,WAAW;UAAEC,MAAM,EAAE;QAAkB,CAAC,EACrDH,KACF,CAAC;QACD,OAAO,IAAI;MACb;IACF,CAAC;IACDI,eAAe,EAAE,MAAOC,KAAK,IAAK;MAChC,IAAI;QACF,MAAMnC,UAAU,CAACoC,oBAAoB,CAACD,KAAK,CAAC;MAC9C,CAAC,CAAC,OAAOL,KAAK,EAAE;QACd3B,MAAM,CAAC4B,KAAK,CACV,8CAA8C,EAC9C;UAAEC,SAAS,EAAE,WAAW;UAAEC,MAAM,EAAE;QAAkB,CAAC,EACrDH,KACF,CAAC;MACH;IACF,CAAC;IACDO,gBAAgB,EAAE,MAAAA,CAAA,KAAY;MAC5B,IAAI;QACF,MAAMrC,UAAU,CAACsC,sBAAsB,CAAC,CAAC;MAC3C,CAAC,CAAC,OAAOR,KAAK,EAAE;QACd3B,MAAM,CAAC4B,KAAK,CACV,8CAA8C,EAC9C;UAAEC,SAAS,EAAE,WAAW;UAAEC,MAAM,EAAE;QAAmB,CAAC,EACtDH,KACF,CAAC;MACH;IACF;EACF,CAAC;AACH","ignoreList":[]}
|
|
@@ -1,21 +1,36 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
import {
|
|
4
|
-
import { createSessionClientHost } from
|
|
3
|
+
import { io } from 'socket.io-client';
|
|
4
|
+
import { SessionClient, createSessionClientHost } from '@oxyhq/core';
|
|
5
5
|
import { createTokenTransport } from "./tokenTransport.js";
|
|
6
6
|
|
|
7
7
|
/**
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
12
|
-
*
|
|
8
|
+
* Wire a `SessionClient` for `@oxyhq/services`.
|
|
9
|
+
*
|
|
10
|
+
* The platform-agnostic parts (host adapter, client, projection helpers) live
|
|
11
|
+
* ONCE in `@oxyhq/core`; this thin factory only injects the pieces specific to
|
|
12
|
+
* the RN/Expo SDK:
|
|
13
|
+
*
|
|
14
|
+
* - `socket.io-client`'s `io`, STATICALLY imported (socket.io-client is a real
|
|
15
|
+
* dependency of `@oxyhq/services`) so realtime session sync never relies on
|
|
16
|
+
* core's lazy dynamic import of a bare specifier — bundler-fragile in
|
|
17
|
+
* Metro/Expo-web against the published core dist.
|
|
18
|
+
* - the device-first {@link createTokenTransport}, which mints a fallback token
|
|
19
|
+
* by rotating the persisted refresh family (`store`).
|
|
20
|
+
*
|
|
21
|
+
* `onUnauthenticated` fires when an applied device state has zero accounts (a
|
|
22
|
+
* device signout-all): the provider clears the persisted store + local state so
|
|
23
|
+
* a reload does not try to restore a dead session. The host is returned
|
|
24
|
+
* alongside the client so the caller can call `host.setCurrentAccountId(...)`
|
|
25
|
+
* as the active account changes.
|
|
13
26
|
*/
|
|
14
|
-
export function createSessionClient(oxyServices) {
|
|
27
|
+
export function createSessionClient(oxyServices, store, onUnauthenticated) {
|
|
15
28
|
const host = createSessionClientHost(oxyServices);
|
|
16
|
-
const transport = createTokenTransport(oxyServices);
|
|
29
|
+
const transport = createTokenTransport(oxyServices, store);
|
|
17
30
|
const client = new SessionClient(host, {
|
|
18
|
-
transport
|
|
31
|
+
transport,
|
|
32
|
+
socketFactory: io,
|
|
33
|
+
onUnauthenticated
|
|
19
34
|
});
|
|
20
35
|
return {
|
|
21
36
|
client,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["SessionClient","createSessionClientHost","createTokenTransport","createSessionClient","oxyServices","host","transport","client"],"sourceRoot":"../../../../src","sources":["ui/session/createSessionClient.ts"],"mappings":";;
|
|
1
|
+
{"version":3,"names":["io","SessionClient","createSessionClientHost","createTokenTransport","createSessionClient","oxyServices","store","onUnauthenticated","host","transport","client","socketFactory"],"sourceRoot":"../../../../src","sources":["ui/session/createSessionClient.ts"],"mappings":";;AAAA,SAASA,EAAE,QAAQ,kBAAkB;AACrC,SACEC,aAAa,EACbC,uBAAuB,QAGlB,aAAa;AACpB,SAASC,oBAAoB,QAAQ,qBAAkB;;AAEvD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,mBAAmBA,CACjCC,WAAwB,EACxBC,KAAqB,EACrBC,iBAA8B,EAI9B;EACA,MAAMC,IAAI,GAAGN,uBAAuB,CAACG,WAAW,CAAC;EACjD,MAAMI,SAAS,GAAGN,oBAAoB,CAACE,WAAW,EAAEC,KAAK,CAAC;EAC1D,MAAMI,MAAM,GAAG,IAAIT,aAAa,CAACO,IAAI,EAAE;IAAEC,SAAS;IAAEE,aAAa,EAAEX,EAAE;IAAEO;EAAkB,CAAC,CAAC;EAC3F,OAAO;IAAEG,MAAM;IAAEF;EAAK,CAAC;AACzB","ignoreList":[]}
|
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
|
-
* Session-sync integration layer
|
|
4
|
+
* Session-sync integration layer — intra-package use only.
|
|
5
5
|
*
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
6
|
+
* `@oxyhq/core` owns the platform-agnostic `SessionClient`, its host adapter,
|
|
7
|
+
* and the pure `DeviceSessionState → services` projection helpers; those are
|
|
8
|
+
* re-exported straight from core here so `OxyContext` has one import site.
|
|
9
|
+
* `@oxyhq/services` supplies only the two platform pieces: the thin
|
|
10
|
+
* `createSessionClient` factory (injects socket.io-client `io` + the
|
|
11
|
+
* device-first token transport) and the `AuthStateStore` factory.
|
|
12
12
|
*/
|
|
13
13
|
export { createSessionClient } from "./createSessionClient.js";
|
|
14
|
-
export { createSessionClientHost } from "./sessionClientHost.js";
|
|
15
14
|
export { createTokenTransport } from "./tokenTransport.js";
|
|
16
|
-
export {
|
|
15
|
+
export { createPlatformAuthStateStore } from "./authStore.js";
|
|
16
|
+
export { createSessionClientHost, accountIdsOf, activeSessionIdOf, activeUserOf, deviceStateToClientSessions } from '@oxyhq/core';
|
|
17
17
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["createSessionClient","
|
|
1
|
+
{"version":3,"names":["createSessionClient","createTokenTransport","createPlatformAuthStateStore","createSessionClientHost","accountIdsOf","activeSessionIdOf","activeUserOf","deviceStateToClientSessions"],"sourceRoot":"../../../../src","sources":["ui/session/index.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,mBAAmB,QAAQ,0BAAuB;AAC3D,SAASC,oBAAoB,QAAQ,qBAAkB;AACvD,SAASC,4BAA4B,QAAQ,gBAAa;AAC1D,SACEC,uBAAuB,EACvBC,YAAY,EACZC,iBAAiB,EACjBC,YAAY,EACZC,2BAA2B,QACtB,aAAa","ignoreList":[]}
|
|
@@ -1,41 +1,25 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
import { logger } from '@oxyhq/core';
|
|
4
|
-
import { isWebBrowser } from "../hooks/useWebSSO.js";
|
|
5
|
-
|
|
3
|
+
import { refreshPersistedSession, logger } from '@oxyhq/core';
|
|
6
4
|
/**
|
|
7
|
-
* Platform `TokenTransport` for `SessionClient
|
|
8
|
-
* none is currently held, reusing the SAME primitives `OxyContext`'s cold
|
|
9
|
-
* boot already relies on (never re-implemented here):
|
|
10
|
-
*
|
|
11
|
-
* - web: `oxyServices.silentSignIn()` (per-apex `/auth/silent` iframe).
|
|
12
|
-
* - native: `oxyServices.signInWithSharedIdentity()` (app-group keychain).
|
|
13
|
-
*
|
|
14
|
-
* Both primitives plant the token internally on success (the "Sign-In Token
|
|
15
|
-
* Planting" rule) — `ensureActiveToken` never calls `setTokens` itself.
|
|
5
|
+
* Platform `TokenTransport` for `SessionClient` (device-first model).
|
|
16
6
|
*
|
|
17
|
-
* `ensureActiveToken`
|
|
18
|
-
*
|
|
19
|
-
*
|
|
20
|
-
*
|
|
21
|
-
*
|
|
7
|
+
* `ensureActiveToken` is the fallback the client uses when a `session_state`
|
|
8
|
+
* push arrived WITHOUT an embedded `activeToken` and the app currently holds no
|
|
9
|
+
* bearer. It mints one through the ONE unified refresh path
|
|
10
|
+
* (`refreshPersistedSession`): rotate the persisted refresh-token family
|
|
11
|
+
* (`POST /auth/refresh-token`) and, on native, fall back to the shared-keychain
|
|
12
|
+
* re-mint. There is no FedCM/silent-iframe arm anymore — the per-origin
|
|
13
|
+
* persisted refresh token is the durable web credential.
|
|
22
14
|
*
|
|
23
|
-
*
|
|
24
|
-
*
|
|
25
|
-
*
|
|
15
|
+
* Concurrent pushes coalesce onto one in-flight mint. A failure is logged and
|
|
16
|
+
* swallowed: this method must never throw out (it runs inside the socket state
|
|
17
|
+
* handler).
|
|
26
18
|
*/
|
|
27
|
-
export function createTokenTransport(oxyServices) {
|
|
28
|
-
// Coalesces concurrent mints: `SessionClient.applyState` can fire
|
|
29
|
-
// `ensureActiveToken` on rapid successive state pushes; a second call while a
|
|
30
|
-
// mint is already in flight must reuse it, not spawn a second silent iframe /
|
|
31
|
-
// shared-key challenge round-trip.
|
|
19
|
+
export function createTokenTransport(oxyServices, store) {
|
|
32
20
|
let inFlightMint = null;
|
|
33
21
|
return {
|
|
34
22
|
async ensureActiveToken(state) {
|
|
35
|
-
// Read the current token defensively: it is an in-memory getter that
|
|
36
|
-
// should never throw, but the documented contract is that this method
|
|
37
|
-
// never throws out — so a surprising throw is logged and treated as "no
|
|
38
|
-
// token" (fall through to mint) rather than rejecting the promise.
|
|
39
23
|
try {
|
|
40
24
|
if (oxyServices.getAccessToken()) {
|
|
41
25
|
return;
|
|
@@ -50,15 +34,18 @@ export function createTokenTransport(oxyServices) {
|
|
|
50
34
|
}
|
|
51
35
|
inFlightMint = (async () => {
|
|
52
36
|
try {
|
|
53
|
-
const
|
|
54
|
-
|
|
55
|
-
|
|
37
|
+
const token = await refreshPersistedSession({
|
|
38
|
+
oxy: oxyServices,
|
|
39
|
+
store
|
|
40
|
+
});
|
|
41
|
+
if (!token) {
|
|
42
|
+
logger.debug('ensureActiveToken: refresh produced no session', {
|
|
56
43
|
component: 'TokenTransport',
|
|
57
44
|
deviceId: state.deviceId
|
|
58
45
|
});
|
|
59
46
|
}
|
|
60
47
|
} catch (error) {
|
|
61
|
-
logger.warn('ensureActiveToken:
|
|
48
|
+
logger.warn('ensureActiveToken: refresh failed', {
|
|
62
49
|
component: 'TokenTransport'
|
|
63
50
|
}, error);
|
|
64
51
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["refreshPersistedSession","logger","createTokenTransport","oxyServices","store","inFlightMint","ensureActiveToken","state","getAccessToken","error","warn","component","token","oxy","debug","deviceId"],"sourceRoot":"../../../../src","sources":["ui/session/tokenTransport.ts"],"mappings":";;AAAA,SACEA,uBAAuB,EACvBC,MAAM,QAID,aAAa;AAGpB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,oBAAoBA,CAClCC,WAAwB,EACxBC,KAAqB,EACL;EAChB,IAAIC,YAAkC,GAAG,IAAI;EAE7C,OAAO;IACL,MAAMC,iBAAiBA,CAACC,KAAyB,EAAiB;MAChE,IAAI;QACF,IAAIJ,WAAW,CAACK,cAAc,CAAC,CAAC,EAAE;UAChC;QACF;MACF,CAAC,CAAC,OAAOC,KAAK,EAAE;QACdR,MAAM,CAACS,IAAI,CAAC,yCAAyC,EAAE;UAAEC,SAAS,EAAE;QAAiB,CAAC,EAAEF,KAAK,CAAC;MAChG;MAEA,IAAIJ,YAAY,EAAE;QAChB,OAAOA,YAAY;MACrB;MAEAA,YAAY,GAAG,CAAC,YAAY;QAC1B,IAAI;UACF,MAAMO,KAAK,GAAG,MAAMZ,uBAAuB,CAAC;YAAEa,GAAG,EAAEV,WAAW;YAAEC;UAAM,CAAC,CAAC;UACxE,IAAI,CAACQ,KAAK,EAAE;YACVX,MAAM,CAACa,KAAK,CAAC,gDAAgD,EAAE;cAC7DH,SAAS,EAAE,gBAAgB;cAC3BI,QAAQ,EAAER,KAAK,CAACQ;YAClB,CAAC,CAAC;UACJ;QACF,CAAC,CAAC,OAAON,KAAK,EAAE;UACdR,MAAM,CAACS,IAAI,CAAC,mCAAmC,EAAE;YAAEC,SAAS,EAAE;UAAiB,CAAC,EAAEF,KAAK,CAAC;QAC1F;MACF,CAAC,EAAE,CAAC;MAEJ,IAAI;QACF,MAAMJ,YAAY;MACpB,CAAC,SAAS;QACRA,YAAY,GAAG,IAAI;MACrB;IACF;EACF,CAAC;AACH","ignoreList":[]}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Web-browser detection for `@oxyhq/services`.
|
|
5
|
+
*
|
|
6
|
+
* The predicate now lives ONCE in `@oxyhq/core` (`isWebBrowser`) so services and
|
|
7
|
+
* auth-sdk share the exact same DOM probe. This module re-exposes it under the
|
|
8
|
+
* existing internal import path so consumers stay unchanged.
|
|
9
|
+
*/
|
|
10
|
+
export { isWebBrowser } from '@oxyhq/core';
|
|
11
|
+
//# sourceMappingURL=isWebBrowser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["isWebBrowser"],"sourceRoot":"../../../../src","sources":["ui/utils/isWebBrowser.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAY,QAAQ,aAAa","ignoreList":[]}
|
|
@@ -33,7 +33,7 @@
|
|
|
33
33
|
* unit-testable.
|
|
34
34
|
*/
|
|
35
35
|
|
|
36
|
-
import { KeyManager
|
|
36
|
+
import { KeyManager } from '@oxyhq/core';
|
|
37
37
|
|
|
38
38
|
/**
|
|
39
39
|
* The minimal `OxyServices` surface this orchestration needs. Kept as a
|
|
@@ -41,8 +41,6 @@ import { KeyManager, establishIdpSessionAfterClaim } from '@oxyhq/core';
|
|
|
41
41
|
* trivially unit-testable with a stub and never pulls the RN/Expo runtime into
|
|
42
42
|
* a test bundle.
|
|
43
43
|
*
|
|
44
|
-
* Extends {@link SsoEstablishClient} (`requestSsoEstablishUrl`) so the WEB
|
|
45
|
-
* post-claim durable-session hop can be driven off the same client.
|
|
46
44
|
*/
|
|
47
45
|
|
|
48
46
|
/**
|
|
@@ -58,8 +56,7 @@ export async function completeDeviceFlowSignIn({
|
|
|
58
56
|
oxyServices,
|
|
59
57
|
sessionId,
|
|
60
58
|
sessionToken,
|
|
61
|
-
commitSession
|
|
62
|
-
establishDeps
|
|
59
|
+
commitSession
|
|
63
60
|
}) {
|
|
64
61
|
// 1) Plant the bearer + refresh tokens. The claim response is also persisted
|
|
65
62
|
// to native shared secure storage so a later cold boot has a bearer before
|
|
@@ -85,25 +82,25 @@ export async function completeDeviceFlowSignIn({
|
|
|
85
82
|
|
|
86
83
|
// 2) Bearer is now planted — commit the session through the same path a
|
|
87
84
|
// fresh sign-in uses so it is registered into the device's
|
|
88
|
-
// server-authoritative session set instead of an account switch.
|
|
85
|
+
// server-authoritative session set instead of an account switch. Thread
|
|
86
|
+
// the rotating refresh token so the commit funnel persists a durable
|
|
87
|
+
// session that survives a reload.
|
|
89
88
|
await commitSession({
|
|
90
89
|
sessionId: claimed.sessionId || sessionId,
|
|
91
90
|
deviceId: claimed.deviceId ?? '',
|
|
92
91
|
expiresAt: claimed.expiresAt ?? '',
|
|
93
92
|
user: minimalUser,
|
|
94
|
-
accessToken: claimed.accessToken
|
|
93
|
+
accessToken: claimed.accessToken,
|
|
94
|
+
...(claimed.refreshToken ? {
|
|
95
|
+
refreshToken: claimed.refreshToken
|
|
96
|
+
} : {})
|
|
95
97
|
});
|
|
96
98
|
|
|
97
|
-
//
|
|
98
|
-
//
|
|
99
|
-
//
|
|
100
|
-
//
|
|
101
|
-
|
|
102
|
-
// throws) — an establish failure leaves the committed session as-is. On web
|
|
103
|
-
// success it navigates away, so it is the LAST step: the browser tears the
|
|
104
|
-
// page down on the next tick, after `claimed.user` is returned to the
|
|
105
|
-
// caller's `onSignedIn`.
|
|
106
|
-
await establishIdpSessionAfterClaim(oxyServices, establishDeps ?? {});
|
|
99
|
+
// The commit funnel persisted the rotating refresh family and registered the
|
|
100
|
+
// account into the device set, so a reload restores the session locally (web:
|
|
101
|
+
// stored-tokens / same-apex web-session; native: shared keychain) WITHOUT any
|
|
102
|
+
// IdP `fedcm_session` cookie or top-level establish hop.
|
|
103
|
+
|
|
107
104
|
return claimed.user;
|
|
108
105
|
}
|
|
109
106
|
//# sourceMappingURL=deviceFlowSignIn.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["KeyManager","
|
|
1
|
+
{"version":3,"names":["KeyManager","completeDeviceFlowSignIn","oxyServices","sessionId","sessionToken","commitSession","claimed","claimSessionByToken","accessToken","storeSharedSession","user","Error","minimalUser","id","username","name","avatar","undefined","deviceId","expiresAt","refreshToken"],"sourceRoot":"../../../src","sources":["utils/deviceFlowSignIn.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SACEA,UAAU,QAIL,aAAa;;AAepB;AACA;AACA;AACA;AACA;AACA;AACA;;AAkCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeC,wBAAwBA,CAAC;EAC7CC,WAAW;EACXC,SAAS;EACTC,YAAY;EACZC;AAC+B,CAAC,EAAiB;EACjD;EACA;EACA;EACA,MAAMC,OAAO,GAAG,MAAMJ,WAAW,CAACK,mBAAmB,CAACH,YAAY,CAAC;EACnE,IAAIE,OAAO,EAAEE,WAAW,EAAE;IACxB,MAAMR,UAAU,CAACS,kBAAkB,CAACH,OAAO,CAACH,SAAS,IAAIA,SAAS,EAAEG,OAAO,CAACE,WAAW,CAAC;EAC1F;EAEA,IAAI,CAACF,OAAO,EAAEE,WAAW,IAAI,CAACF,OAAO,CAACI,IAAI,EAAE;IAC1C,MAAM,IAAIC,KAAK,CAAC,mDAAmD,CAAC;EACtE;;EAEA;EACA;EACA;EACA;EACA,MAAMC,WAA4B,GAAG;IACnCC,EAAE,EAAEP,OAAO,CAACI,IAAI,CAACG,EAAE;IACnBC,QAAQ,EAAER,OAAO,CAACI,IAAI,CAACI,QAAQ;IAC/BC,IAAI,EAAET,OAAO,CAACI,IAAI,CAACK,IAAI;IACvBC,MAAM,EAAEV,OAAO,CAACI,IAAI,CAACM,MAAM,IAAIC;EACjC,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA,MAAMZ,aAAa,CAAC;IAClBF,SAAS,EAAEG,OAAO,CAACH,SAAS,IAAIA,SAAS;IACzCe,QAAQ,EAAEZ,OAAO,CAACY,QAAQ,IAAI,EAAE;IAChCC,SAAS,EAAEb,OAAO,CAACa,SAAS,IAAI,EAAE;IAClCT,IAAI,EAAEE,WAAW;IACjBJ,WAAW,EAAEF,OAAO,CAACE,WAAW;IAChC,IAAIF,OAAO,CAACc,YAAY,GAAG;MAAEA,YAAY,EAAEd,OAAO,CAACc;IAAa,CAAC,GAAG,CAAC,CAAC;EACxE,CAAC,CAAC;;EAEF;EACA;EACA;EACA;;EAEA,OAAOd,OAAO,CAACI,IAAI;AACrB","ignoreList":[]}
|
|
@@ -47,7 +47,6 @@ export type { MutationStatus } from './ui/hooks/useMutationStatus';
|
|
|
47
47
|
export { useOnlineStatus } from './ui/hooks/useOnlineStatus';
|
|
48
48
|
export { handleAuthError, isInvalidSessionError, isTimeoutOrNetworkError, extractErrorMessage, } from './ui/utils/errorHandlers';
|
|
49
49
|
export type { HandleAuthErrorOptions } from './ui/utils/errorHandlers';
|
|
50
|
-
export { CrossApexDirectSignInError, isCrossApexWeb } from './utils/crossApex';
|
|
51
50
|
export { useFileFiltering } from './ui/hooks/useFileFiltering';
|
|
52
51
|
export type { ViewMode, SortBy, SortOrder } from './ui/hooks/useFileFiltering';
|
|
53
52
|
export { default as Avatar } from './ui/components/Avatar';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAYH,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,YAAY,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AACrF,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,YAAY,EAAE,SAAS,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAKhF,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAKxD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EACH,aAAa,EACb,SAAS,IAAI,cAAc,EAC3B,QAAQ,EACR,iBAAiB,EACjB,eAAe,EACf,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,GACnB,MAAM,wBAAwB,CAAC;AAKhC,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAKpE,OAAO,EACH,cAAc,EACd,eAAe,EACf,cAAc,EACd,WAAW,EACX,iBAAiB,EACjB,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,GACpB,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EACH,WAAW,EACX,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,eAAe,EACf,sBAAsB,GACzB,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EACH,mBAAmB,EACnB,yBAAyB,EACzB,2BAA2B,GAC9B,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EACH,mBAAmB,EACnB,eAAe,EACf,aAAa,EACb,yBAAyB,GAC5B,MAAM,sCAAsC,CAAC;AAG9C,YAAY,EACR,YAAY,EACZ,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,OAAO,EACP,MAAM,EACN,iBAAiB,EACjB,qBAAqB,EACrB,uBAAuB,EACvB,gBAAgB,EAChB,0BAA0B,GAC7B,MAAM,iCAAiC,CAAC;AAKzC,OAAO,EACH,gBAAgB,EAChB,eAAe,EACf,wBAAwB,EACxB,wBAAwB,EACxB,gCAAgC,EAChC,wBAAwB,EACxB,sBAAsB,EACtB,aAAa,GAChB,MAAM,0CAA0C,CAAC;AAClD,OAAO,EACH,gBAAgB,EAChB,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,EACnB,eAAe,GAClB,MAAM,2CAA2C,CAAC;AACnD,OAAO,EACH,qBAAqB,EACrB,qBAAqB,GACxB,MAAM,sCAAsC,CAAC;AAC9C,YAAY,EACR,qBAAqB,EACrB,qBAAqB,GACxB,MAAM,sCAAsC,CAAC;AAG9C,OAAO,EAAE,YAAY,EAAE,MAAM,mCAAmC,CAAC;AAQjE,OAAO,EACH,SAAS,EACT,wBAAwB,EACxB,qBAAqB,EACrB,wBAAwB,EACxB,uBAAuB,EACvB,wBAAwB,EACxB,yBAAyB,EACzB,wBAAwB,EACxB,yBAAyB,EACzB,8BAA8B,GACjC,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,YAAY,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAK7D,OAAO,EACH,eAAe,EACf,qBAAqB,EACrB,uBAAuB,EACvB,mBAAmB,GACtB,MAAM,0BAA0B,CAAC;AAClC,YAAY,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAYH,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,YAAY,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AACrF,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,YAAY,EAAE,SAAS,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAKhF,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAKxD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EACH,aAAa,EACb,SAAS,IAAI,cAAc,EAC3B,QAAQ,EACR,iBAAiB,EACjB,eAAe,EACf,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,GACnB,MAAM,wBAAwB,CAAC;AAKhC,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAKpE,OAAO,EACH,cAAc,EACd,eAAe,EACf,cAAc,EACd,WAAW,EACX,iBAAiB,EACjB,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,GACpB,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EACH,WAAW,EACX,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,eAAe,EACf,sBAAsB,GACzB,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EACH,mBAAmB,EACnB,yBAAyB,EACzB,2BAA2B,GAC9B,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EACH,mBAAmB,EACnB,eAAe,EACf,aAAa,EACb,yBAAyB,GAC5B,MAAM,sCAAsC,CAAC;AAG9C,YAAY,EACR,YAAY,EACZ,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,OAAO,EACP,MAAM,EACN,iBAAiB,EACjB,qBAAqB,EACrB,uBAAuB,EACvB,gBAAgB,EAChB,0BAA0B,GAC7B,MAAM,iCAAiC,CAAC;AAKzC,OAAO,EACH,gBAAgB,EAChB,eAAe,EACf,wBAAwB,EACxB,wBAAwB,EACxB,gCAAgC,EAChC,wBAAwB,EACxB,sBAAsB,EACtB,aAAa,GAChB,MAAM,0CAA0C,CAAC;AAClD,OAAO,EACH,gBAAgB,EAChB,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,EACnB,eAAe,GAClB,MAAM,2CAA2C,CAAC;AACnD,OAAO,EACH,qBAAqB,EACrB,qBAAqB,GACxB,MAAM,sCAAsC,CAAC;AAC9C,YAAY,EACR,qBAAqB,EACrB,qBAAqB,GACxB,MAAM,sCAAsC,CAAC;AAG9C,OAAO,EAAE,YAAY,EAAE,MAAM,mCAAmC,CAAC;AAQjE,OAAO,EACH,SAAS,EACT,wBAAwB,EACxB,qBAAqB,EACrB,wBAAwB,EACxB,uBAAuB,EACvB,wBAAwB,EACxB,yBAAyB,EACzB,wBAAwB,EACxB,yBAAyB,EACzB,8BAA8B,GACjC,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,YAAY,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAK7D,OAAO,EACH,eAAe,EACf,qBAAqB,EACrB,uBAAuB,EACvB,mBAAmB,GACtB,MAAM,0BAA0B,CAAC;AAClC,YAAY,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAKvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAK/E,OAAO,EAAE,OAAO,IAAI,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAC3D,YAAY,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAC9D,YAAY,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACxE,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,OAAO,IAAI,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACvE,YAAY,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AACvH,OAAO,EAAE,QAAQ,EAAE,MAAM,+BAA+B,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,MAAM,+BAA+B,CAAC;AAGzD,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AACrE,YAAY,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AACvF,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACjF,YAAY,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAKhF,OAAO,EAAE,OAAO,IAAI,aAAa,EAAE,MAAM,+BAA+B,CAAC;AACzE,YAAY,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACxE,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AACrE,YAAY,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAKvF,OAAO,EAAE,OAAO,IAAI,eAAe,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AAClG,YAAY,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AAMpG,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AACzE,YAAY,EACR,iBAAiB,EACjB,qBAAqB,EACrB,2BAA2B,GAC9B,MAAM,kCAAkC,CAAC;AAG1C,OAAO,EAAE,OAAO,IAAI,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAClF,OAAO,EAAE,OAAO,IAAI,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAClF,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AAC9E,OAAO,EAAE,OAAO,IAAI,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAGlF,OAAO,EAAE,OAAO,IAAI,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AACtF,OAAO,EAAE,OAAO,IAAI,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAClF,OAAO,EAAE,OAAO,IAAI,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AACpF,OAAO,EAAE,OAAO,IAAI,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAKtF,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACvF,YAAY,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAKxD,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import type React from 'react';
|
|
2
|
+
import type { SwitchableAccount } from '../hooks/useSwitchableAccounts';
|
|
3
|
+
export interface SignInAccountChooserProps {
|
|
4
|
+
/** Accounts available on this device / in the caller's graph, current first. */
|
|
5
|
+
accounts: SwitchableAccount[];
|
|
6
|
+
/** Selecting a row — the active account continues, others switch into. */
|
|
7
|
+
onSelectAccount: (account: SwitchableAccount) => void;
|
|
8
|
+
/** "Use another account" → reveal the sign-in options (password / QR / add). */
|
|
9
|
+
onUseAnother: () => void;
|
|
10
|
+
/** The account id currently being switched into (shows a per-row spinner). */
|
|
11
|
+
pendingAccountId?: string | null;
|
|
12
|
+
/** Disables every row while a selection is in flight. */
|
|
13
|
+
disabled?: boolean;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Google-style account chooser (React Native). Lists every account the user can
|
|
17
|
+
* continue as — device sign-ins + linked graph accounts, from
|
|
18
|
+
* {@link SwitchableAccount} — plus a "Use another account" affordance. Rendered
|
|
19
|
+
* as the FRONT screen of the sign-in surfaces (`SignInModal` web,
|
|
20
|
+
* `OxyAuthScreen` native) whenever accounts exist; selecting a row funnels into
|
|
21
|
+
* the SAME `switchToAccount` path the account switcher uses. When no accounts
|
|
22
|
+
* exist the surfaces skip this and show the sign-in options directly.
|
|
23
|
+
*
|
|
24
|
+
* Presentational + chrome-agnostic (no modal/sheet wrapper, no data fetching) so
|
|
25
|
+
* both containers reuse it and it is unit-testable in isolation.
|
|
26
|
+
*/
|
|
27
|
+
export declare const SignInAccountChooser: React.FC<SignInAccountChooserProps>;
|
|
28
|
+
export default SignInAccountChooser;
|
|
29
|
+
//# sourceMappingURL=SignInAccountChooser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SignInAccountChooser.d.ts","sourceRoot":"","sources":["../../../../../src/ui/components/SignInAccountChooser.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAM/B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AAExE,MAAM,WAAW,yBAAyB;IACtC,gFAAgF;IAChF,QAAQ,EAAE,iBAAiB,EAAE,CAAC;IAC9B,0EAA0E;IAC1E,eAAe,EAAE,CAAC,OAAO,EAAE,iBAAiB,KAAK,IAAI,CAAC;IACtD,gFAAgF;IAChF,YAAY,EAAE,MAAM,IAAI,CAAC;IACzB,8EAA8E;IAC9E,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,yDAAyD;IACzD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,oBAAoB,EAAE,KAAK,CAAC,EAAE,CAAC,yBAAyB,CA4EpE,CAAC;AAoDF,eAAe,oBAAoB,CAAC"}
|
|
@@ -1,16 +1,21 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* SignInModal
|
|
2
|
+
* SignInModal — web-first centered sign-in modal.
|
|
3
3
|
*
|
|
4
|
-
*
|
|
5
|
-
*
|
|
6
|
-
*
|
|
4
|
+
* Two phases, Google-style:
|
|
5
|
+
* 1. Account chooser (FRONT screen, shown when the device/user already has
|
|
6
|
+
* accounts): pick an account to continue as — one tap switches through the
|
|
7
|
+
* SAME `switchToAccount` path the account switcher uses — or "Use another
|
|
8
|
+
* account" to reveal the sign-in options.
|
|
9
|
+
* 2. Sign-in options: the first-party password flow (identifier → password →
|
|
10
|
+
* optional 2FA, `usePasswordSignIn`) as the PRIMARY action, with the
|
|
11
|
+
* cross-app device flow (same-device deep-link + "sign in on another device"
|
|
12
|
+
* QR) as a SECONDARY option below an "or" divider.
|
|
7
13
|
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
12
|
-
*
|
|
13
|
-
* Animates with a fade + scale effect.
|
|
14
|
+
* When there are no accounts the modal opens straight on the sign-in options.
|
|
15
|
+
* The device-flow machinery lives in the shared `useOxyAuthSession` hook (the
|
|
16
|
+
* native `OxyAuthScreen` consumes it too — neither container re-implements the
|
|
17
|
+
* transport). Animates with a fade + scale; per-phase content cross-fades and
|
|
18
|
+
* respects reduced motion.
|
|
14
19
|
*/
|
|
15
20
|
import type React from 'react';
|
|
16
21
|
export declare const showSignInModal: () => void;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SignInModal.d.ts","sourceRoot":"","sources":["../../../../../src/ui/components/SignInModal.tsx"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"SignInModal.d.ts","sourceRoot":"","sources":["../../../../../src/ui/components/SignInModal.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AA8B/B,eAAO,MAAM,eAAe,YAI3B,CAAC;AAEF,eAAO,MAAM,eAAe,YAI3B,CAAC;AAEF,eAAO,MAAM,oBAAoB,eAAqB,CAAC;AAEvD,4CAA4C;AAC5C,eAAO,MAAM,sBAAsB,GAAI,UAAU,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,KAAG,CAAC,MAAM,IAAI,CAGxF,CAAC;AAEF,QAAA,MAAM,WAAW,EAAE,KAAK,CAAC,EAkBxB,CAAC;AAybF,eAAe,WAAW,CAAC"}
|