@oxyhq/services 5.20.3 → 5.21.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/core/mixins/OxyServices.fedcm.js +158 -19
- package/lib/commonjs/core/mixins/OxyServices.fedcm.js.map +1 -1
- package/lib/commonjs/ui/context/OxyContext.js +30 -20
- package/lib/commonjs/ui/context/OxyContext.js.map +1 -1
- package/lib/commonjs/ui/hooks/useAuth.js +3 -4
- package/lib/commonjs/ui/hooks/useAuth.js.map +1 -1
- package/lib/commonjs/ui/hooks/useWebSSO.js +72 -0
- package/lib/commonjs/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/module/core/mixins/OxyServices.fedcm.js +158 -19
- package/lib/module/core/mixins/OxyServices.fedcm.js.map +1 -1
- package/lib/module/ui/context/OxyContext.js +30 -20
- package/lib/module/ui/context/OxyContext.js.map +1 -1
- package/lib/module/ui/hooks/useAuth.js +3 -4
- package/lib/module/ui/hooks/useAuth.js.map +1 -1
- package/lib/module/ui/hooks/useWebSSO.js +72 -0
- package/lib/module/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/typescript/commonjs/core/mixins/OxyServices.fedcm.d.ts +1 -0
- package/lib/typescript/commonjs/core/mixins/OxyServices.fedcm.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts +2 -0
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/lib/typescript/module/core/mixins/OxyServices.fedcm.d.ts +1 -0
- package/lib/typescript/module/core/mixins/OxyServices.fedcm.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts +2 -0
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/core/mixins/OxyServices.fedcm.ts +160 -20
- package/src/ui/context/OxyContext.tsx +32 -9
- package/src/ui/hooks/useAuth.ts +3 -4
- package/src/ui/hooks/useWebSSO.ts +84 -0
package/src/ui/hooks/useAuth.ts
CHANGED
|
@@ -108,10 +108,9 @@ export function useAuth(): UseAuthReturn {
|
|
|
108
108
|
window.location.hostname === 'auth.oxy.so';
|
|
109
109
|
|
|
110
110
|
// Web (not on IdP): Use popup-based authentication
|
|
111
|
-
// We
|
|
112
|
-
//
|
|
113
|
-
//
|
|
114
|
-
// 3. Doing FedCM first loses the "user gesture" needed for popups
|
|
111
|
+
// We go straight to popup to preserve the "user gesture" (click event)
|
|
112
|
+
// FedCM silent SSO already runs on page load via useWebSSO
|
|
113
|
+
// If user is clicking "Sign In", they need interactive auth NOW
|
|
115
114
|
if (isWebBrowser() && !publicKey && !isIdentityProvider) {
|
|
116
115
|
try {
|
|
117
116
|
const popupSession = await (oxyServices as any).signInWithPopup?.();
|
|
@@ -30,6 +30,8 @@ interface UseWebSSOOptions {
|
|
|
30
30
|
interface UseWebSSOResult {
|
|
31
31
|
/** Manually trigger SSO check */
|
|
32
32
|
checkSSO: () => Promise<SessionLoginResponse | null>;
|
|
33
|
+
/** Trigger interactive FedCM sign-in (shows browser UI) */
|
|
34
|
+
signInWithFedCM: () => Promise<SessionLoginResponse | null>;
|
|
33
35
|
/** Whether SSO check is in progress */
|
|
34
36
|
isChecking: boolean;
|
|
35
37
|
/** Whether FedCM is supported in this browser */
|
|
@@ -85,12 +87,20 @@ export function useWebSSO({
|
|
|
85
87
|
const fedCMSupported = isWebBrowser() && (oxyServices as any).isFedCMSupported?.();
|
|
86
88
|
|
|
87
89
|
const checkSSO = useCallback(async (): Promise<SessionLoginResponse | null> => {
|
|
90
|
+
console.log('[useWebSSO] checkSSO called', {
|
|
91
|
+
isWebBrowser: isWebBrowser(),
|
|
92
|
+
isChecking: isCheckingRef.current,
|
|
93
|
+
isIdP: isIdentityProvider(),
|
|
94
|
+
fedCMSupported,
|
|
95
|
+
});
|
|
96
|
+
|
|
88
97
|
if (!isWebBrowser() || isCheckingRef.current) {
|
|
89
98
|
return null;
|
|
90
99
|
}
|
|
91
100
|
|
|
92
101
|
// Don't use FedCM on the auth domain itself - it would authenticate against itself
|
|
93
102
|
if (isIdentityProvider()) {
|
|
103
|
+
console.log('[useWebSSO] Skipping - on identity provider domain');
|
|
94
104
|
onSSOUnavailable?.();
|
|
95
105
|
return null;
|
|
96
106
|
}
|
|
@@ -98,27 +108,39 @@ export function useWebSSO({
|
|
|
98
108
|
// FedCM is the only reliable cross-domain SSO mechanism
|
|
99
109
|
// Third-party cookies are deprecated and unreliable
|
|
100
110
|
if (!fedCMSupported) {
|
|
111
|
+
console.log('[useWebSSO] Skipping - FedCM not supported');
|
|
101
112
|
onSSOUnavailable?.();
|
|
102
113
|
return null;
|
|
103
114
|
}
|
|
104
115
|
|
|
105
116
|
isCheckingRef.current = true;
|
|
117
|
+
console.log('[useWebSSO] Starting FedCM silent sign-in...');
|
|
106
118
|
|
|
107
119
|
try {
|
|
108
120
|
// Use FedCM for cross-domain SSO
|
|
109
121
|
// This works because browser treats IdP requests as first-party
|
|
110
122
|
const session = await (oxyServices as any).silentSignInWithFedCM?.();
|
|
111
123
|
|
|
124
|
+
console.log('[useWebSSO] FedCM result:', {
|
|
125
|
+
hasSession: !!session,
|
|
126
|
+
hasUser: !!session?.user,
|
|
127
|
+
hasSessionId: !!session?.sessionId,
|
|
128
|
+
});
|
|
129
|
+
|
|
112
130
|
if (session) {
|
|
131
|
+
console.log('[useWebSSO] Session found, calling onSessionFound...');
|
|
113
132
|
await onSessionFound(session);
|
|
133
|
+
console.log('[useWebSSO] onSessionFound completed');
|
|
114
134
|
return session;
|
|
115
135
|
}
|
|
116
136
|
|
|
117
137
|
// No session found - user needs to sign in
|
|
138
|
+
console.log('[useWebSSO] No session returned from FedCM');
|
|
118
139
|
onSSOUnavailable?.();
|
|
119
140
|
return null;
|
|
120
141
|
} catch (error) {
|
|
121
142
|
// FedCM failed - could be network error, user not signed in, etc.
|
|
143
|
+
console.error('[useWebSSO] FedCM error:', error);
|
|
122
144
|
onSSOUnavailable?.();
|
|
123
145
|
onError?.(error instanceof Error ? error : new Error(String(error)));
|
|
124
146
|
return null;
|
|
@@ -127,9 +149,69 @@ export function useWebSSO({
|
|
|
127
149
|
}
|
|
128
150
|
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported]);
|
|
129
151
|
|
|
152
|
+
/**
|
|
153
|
+
* Trigger interactive FedCM sign-in
|
|
154
|
+
* This shows the browser's native "Sign in with Oxy" prompt.
|
|
155
|
+
* Use this when silent mediation fails (user hasn't previously consented).
|
|
156
|
+
*/
|
|
157
|
+
const signInWithFedCM = useCallback(async (): Promise<SessionLoginResponse | null> => {
|
|
158
|
+
console.log('[useWebSSO] signInWithFedCM called');
|
|
159
|
+
|
|
160
|
+
if (!isWebBrowser() || isCheckingRef.current) {
|
|
161
|
+
return null;
|
|
162
|
+
}
|
|
163
|
+
|
|
164
|
+
if (!fedCMSupported) {
|
|
165
|
+
console.log('[useWebSSO] FedCM not supported for interactive sign-in');
|
|
166
|
+
onError?.(new Error('FedCM is not supported in this browser'));
|
|
167
|
+
return null;
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
isCheckingRef.current = true;
|
|
171
|
+
console.log('[useWebSSO] Starting interactive FedCM sign-in...');
|
|
172
|
+
|
|
173
|
+
try {
|
|
174
|
+
// Use interactive sign-in (shows browser UI)
|
|
175
|
+
const session = await (oxyServices as any).signInWithFedCM?.();
|
|
176
|
+
|
|
177
|
+
console.log('[useWebSSO] Interactive FedCM result:', {
|
|
178
|
+
hasSession: !!session,
|
|
179
|
+
hasUser: !!session?.user,
|
|
180
|
+
hasSessionId: !!session?.sessionId,
|
|
181
|
+
});
|
|
182
|
+
|
|
183
|
+
if (session) {
|
|
184
|
+
console.log('[useWebSSO] Interactive session found, calling onSessionFound...');
|
|
185
|
+
await onSessionFound(session);
|
|
186
|
+
console.log('[useWebSSO] onSessionFound completed');
|
|
187
|
+
return session;
|
|
188
|
+
}
|
|
189
|
+
|
|
190
|
+
return null;
|
|
191
|
+
} catch (error) {
|
|
192
|
+
console.error('[useWebSSO] Interactive FedCM error:', error);
|
|
193
|
+
onError?.(error instanceof Error ? error : new Error(String(error)));
|
|
194
|
+
return null;
|
|
195
|
+
} finally {
|
|
196
|
+
isCheckingRef.current = false;
|
|
197
|
+
}
|
|
198
|
+
}, [oxyServices, onSessionFound, onError, fedCMSupported]);
|
|
199
|
+
|
|
130
200
|
// Auto-check SSO on mount (web only, FedCM only, not on auth domain)
|
|
131
201
|
useEffect(() => {
|
|
202
|
+
console.log('[useWebSSO] Effect running:', {
|
|
203
|
+
enabled,
|
|
204
|
+
isWeb: isWebBrowser(),
|
|
205
|
+
hasChecked: hasCheckedRef.current,
|
|
206
|
+
isIdP: isIdentityProvider(),
|
|
207
|
+
fedCMSupported,
|
|
208
|
+
hostname: typeof window !== 'undefined' ? window.location.hostname : 'unknown',
|
|
209
|
+
});
|
|
210
|
+
|
|
132
211
|
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider()) {
|
|
212
|
+
console.log('[useWebSSO] Skipping SSO check:', {
|
|
213
|
+
reason: !enabled ? 'not enabled' : !isWebBrowser() ? 'not web' : hasCheckedRef.current ? 'already checked' : 'is IdP',
|
|
214
|
+
});
|
|
133
215
|
if (isIdentityProvider()) {
|
|
134
216
|
onSSOUnavailable?.();
|
|
135
217
|
}
|
|
@@ -142,12 +224,14 @@ export function useWebSSO({
|
|
|
142
224
|
checkSSO();
|
|
143
225
|
} else {
|
|
144
226
|
// Browser doesn't support FedCM - notify caller
|
|
227
|
+
console.log('[useWebSSO] FedCM not supported');
|
|
145
228
|
onSSOUnavailable?.();
|
|
146
229
|
}
|
|
147
230
|
}, [enabled, checkSSO, fedCMSupported, onSSOUnavailable]);
|
|
148
231
|
|
|
149
232
|
return {
|
|
150
233
|
checkSSO,
|
|
234
|
+
signInWithFedCM,
|
|
151
235
|
isChecking: isCheckingRef.current,
|
|
152
236
|
isFedCMSupported: fedCMSupported,
|
|
153
237
|
};
|