@oxyhq/services 6.9.21 → 6.9.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/ui/hooks/useAuth.js +7 -4
- package/lib/commonjs/ui/hooks/useAuth.js.map +1 -1
- package/lib/commonjs/ui/hooks/useWebSSO.js +9 -7
- package/lib/commonjs/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/module/ui/hooks/useAuth.js +7 -4
- package/lib/module/ui/hooks/useAuth.js.map +1 -1
- package/lib/module/ui/hooks/useWebSSO.js +9 -7
- package/lib/module/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/ui/hooks/useAuth.ts +7 -4
- package/src/ui/hooks/useWebSSO.ts +9 -7
|
@@ -66,9 +66,11 @@ function useAuth() {
|
|
|
66
66
|
openAvatarPicker
|
|
67
67
|
} = (0, _OxyContext.useOxy)();
|
|
68
68
|
const signIn = (0, _react.useCallback)(async publicKey => {
|
|
69
|
-
// Check if we're on the identity provider itself
|
|
70
|
-
// Only
|
|
71
|
-
const
|
|
69
|
+
// Check if we're on the identity provider itself
|
|
70
|
+
// Only the IdP has local login forms - other apps are client apps
|
|
71
|
+
const authWebUrl = oxyServices.config?.authWebUrl;
|
|
72
|
+
const idpHostname = authWebUrl ? new URL(authWebUrl).hostname : 'auth.oxy.so';
|
|
73
|
+
const isIdentityProvider = (0, _useWebSSO.isWebBrowser)() && window.location.hostname === idpHostname;
|
|
72
74
|
|
|
73
75
|
// Web (not on IdP): Use popup-based authentication
|
|
74
76
|
// We go straight to popup to preserve the "user gesture" (click event)
|
|
@@ -123,7 +125,8 @@ function useAuth() {
|
|
|
123
125
|
|
|
124
126
|
// Web fallback: navigate to login page on auth domain
|
|
125
127
|
if ((0, _useWebSSO.isWebBrowser)()) {
|
|
126
|
-
const
|
|
128
|
+
const authBase = authWebUrl || 'https://accounts.oxy.so';
|
|
129
|
+
const loginUrl = window.location.hostname.includes('oxy.so') ? '/login' : `${authBase}/login`;
|
|
127
130
|
window.location.href = loginUrl;
|
|
128
131
|
return new Promise(() => {}); // Never resolves, page will redirect
|
|
129
132
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_react","require","_OxyContext","_useWebSSO","useAuth","user","isAuthenticated","isLoading","isTokenReady","error","signIn","oxySignIn","handlePopupSession","logout","logoutAll","refreshSessions","oxyServices","hasIdentity","getPublicKey","showBottomSheet","openAvatarPicker","useOxy","useCallback","publicKey","isIdentityProvider","isWebBrowser","window","location","
|
|
1
|
+
{"version":3,"names":["_react","require","_OxyContext","_useWebSSO","useAuth","user","isAuthenticated","isLoading","isTokenReady","error","signIn","oxySignIn","handlePopupSession","logout","logoutAll","refreshSessions","oxyServices","hasIdentity","getPublicKey","showBottomSheet","openAvatarPicker","useOxy","useCallback","publicKey","authWebUrl","config","idpHostname","URL","hostname","isIdentityProvider","isWebBrowser","window","location","popupSession","signInWithPopup","sessionWithUser","Error","popupError","message","includes","hasExisting","existingKey","Promise","_","reject","authBase","loginUrl","href","signOut","signOutAll","refresh","isReady"],"sourceRoot":"../../../../src","sources":["ui/hooks/useAuth.ts"],"mappings":";;;;;;;;;;;;AAyBA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAEA,IAAAE,UAAA,GAAAF,OAAA;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAyDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASG,OAAOA,CAAA,EAAkB;EACvC,MAAM;IACJC,IAAI;IACJC,eAAe;IACfC,SAAS;IACTC,YAAY;IACZC,KAAK;IACLC,MAAM,EAAEC,SAAS;IACjBC,kBAAkB;IAClBC,MAAM;IACNC,SAAS;IACTC,eAAe;IACfC,WAAW;IACXC,WAAW;IACXC,YAAY;IACZC,eAAe;IACfC;EACF,CAAC,GAAG,IAAAC,kBAAM,EAAC,CAAC;EAEZ,MAAMX,MAAM,GAAG,IAAAY,kBAAW,EAAC,MAAOC,SAAkB,IAAoB;IACtE;IACA;IACA,MAAMC,UAAU,GAAGR,WAAW,CAACS,MAAM,EAAED,UAAU;IACjD,MAAME,WAAW,GAAGF,UAAU,GAAG,IAAIG,GAAG,CAACH,UAAU,CAAC,CAACI,QAAQ,GAAG,aAAa;IAC7E,MAAMC,kBAAkB,GAAG,IAAAC,uBAAY,EAAC,CAAC,IACvCC,MAAM,CAACC,QAAQ,CAACJ,QAAQ,KAAKF,WAAW;;IAE1C;IACA;IACA;IACA;IACA,IAAI,IAAAI,uBAAY,EAAC,CAAC,IAAI,CAACP,SAAS,IAAI,CAACM,kBAAkB,EAAE;MACvD,IAAI;QACF,MAAMI,YAAY,GAAG,MAAMjB,WAAW,CAACkB,eAAe,GAAG,CAAC;QAC1D,IAAID,YAAY,EAAE5B,IAAI,EAAE;UACtB;UACA;UACA;UACA,MAAM8B,eAAe,GAAG;YACtB,GAAGF,YAAY;YACf5B,IAAI,EAAE4B,YAAY,CAAC5B;UACrB,CAAC;UACD,MAAMO,kBAAkB,CAACuB,eAAe,CAAC;UACzC,OAAOA,eAAe,CAAC9B,IAAI;QAC7B;QACA,MAAM,IAAI+B,KAAK,CAAC,mCAAmC,CAAC;MACtD,CAAC,CAAC,OAAOC,UAAU,EAAE;QACnB,IAAIA,UAAU,YAAYD,KAAK,IAAIC,UAAU,CAACC,OAAO,CAACC,QAAQ,CAAC,SAAS,CAAC,EAAE;UACzE,MAAM,IAAIH,KAAK,CAAC,mDAAmD,CAAC;QACtE;QACA,MAAMC,UAAU;MAClB;IACF;;IAEA;IACA;IACA,IAAId,SAAS,EAAE;MACb,OAAOZ,SAAS,CAACY,SAAS,CAAC;IAC7B;;IAEA;IACA,MAAMiB,WAAW,GAAG,MAAMvB,WAAW,CAAC,CAAC;IAEvC,IAAIuB,WAAW,EAAE;MACf,MAAMC,WAAW,GAAG,MAAMvB,YAAY,CAAC,CAAC;MACxC,IAAIuB,WAAW,EAAE;QACf,OAAO9B,SAAS,CAAC8B,WAAW,CAAC;MAC/B;IACF;;IAEA;IACA,IAAItB,eAAe,EAAE;MACnBA,eAAe,CAAC,SAAS,CAAC;MAC1B;MACA,OAAO,IAAIuB,OAAO,CAAC,CAACC,CAAC,EAAEC,MAAM,KAAK;QAChCA,MAAM,CAAC,IAAIR,KAAK,CAAC,2CAA2C,CAAC,CAAC;MAChE,CAAC,CAAC;IACJ;;IAEA;IACA,IAAI,IAAAN,uBAAY,EAAC,CAAC,EAAE;MAClB,MAAMe,QAAQ,GAAGrB,UAAU,IAAI,yBAAyB;MACxD,MAAMsB,QAAQ,GAAGf,MAAM,CAACC,QAAQ,CAACJ,QAAQ,CAACW,QAAQ,CAAC,QAAQ,CAAC,GACxD,QAAQ,GACR,GAAGM,QAAQ,QAAQ;MACvBd,MAAM,CAACC,QAAQ,CAACe,IAAI,GAAGD,QAAQ;MAC/B,OAAO,IAAIJ,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAChC;IAEA,MAAM,IAAIN,KAAK,CAAC,oCAAoC,CAAC;EACvD,CAAC,EAAE,CAACzB,SAAS,EAAEM,WAAW,EAAEC,YAAY,EAAEC,eAAe,EAAEH,WAAW,EAAEJ,kBAAkB,CAAC,CAAC;EAE5F,MAAMoC,OAAO,GAAG,IAAA1B,kBAAW,EAAC,YAA2B;IACrD,MAAMT,MAAM,CAAC,CAAC;EAChB,CAAC,EAAE,CAACA,MAAM,CAAC,CAAC;EAEZ,MAAMoC,UAAU,GAAG,IAAA3B,kBAAW,EAAC,YAA2B;IACxD,MAAMR,SAAS,CAAC,CAAC;EACnB,CAAC,EAAE,CAACA,SAAS,CAAC,CAAC;EAEf,MAAMoC,OAAO,GAAG,IAAA5B,kBAAW,EAAC,YAA2B;IACrD,MAAMP,eAAe,CAAC,CAAC;EACzB,CAAC,EAAE,CAACA,eAAe,CAAC,CAAC;EAErB,OAAO;IACL;IACAV,IAAI;IACJC,eAAe;IACfC,SAAS;IACT4C,OAAO,EAAE3C,YAAY;IACrBC,KAAK;IAEL;IACAC,MAAM;IACNsC,OAAO;IACPC,UAAU;IACVC,OAAO;IAEP;IACAlC,WAAW;IACXG,eAAe;IACfC;EACF,CAAC;AACH;;AAEA","ignoreList":[]}
|
|
@@ -32,12 +32,13 @@ function isWebBrowser() {
|
|
|
32
32
|
|
|
33
33
|
/**
|
|
34
34
|
* Check if we're on the identity provider domain (where FedCM would authenticate against itself)
|
|
35
|
-
*
|
|
35
|
+
* Compares against config.authWebUrl if set, otherwise defaults to auth.oxy.so
|
|
36
36
|
*/
|
|
37
|
-
function isIdentityProvider() {
|
|
37
|
+
function isIdentityProvider(authWebUrl) {
|
|
38
38
|
if (!isWebBrowser()) return false;
|
|
39
39
|
const hostname = window.location.hostname;
|
|
40
|
-
|
|
40
|
+
const idpHostname = authWebUrl ? new URL(authWebUrl).hostname : 'auth.oxy.so';
|
|
41
|
+
return hostname === idpHostname;
|
|
41
42
|
}
|
|
42
43
|
|
|
43
44
|
/**
|
|
@@ -68,13 +69,14 @@ function useWebSSO({
|
|
|
68
69
|
|
|
69
70
|
// Check FedCM support once
|
|
70
71
|
const fedCMSupported = isWebBrowser() && oxyServices.isFedCMSupported?.();
|
|
72
|
+
const authWebUrl = oxyServices.config?.authWebUrl;
|
|
71
73
|
const checkSSO = (0, _react.useCallback)(async () => {
|
|
72
74
|
if (!isWebBrowser() || isCheckingRef.current) {
|
|
73
75
|
return null;
|
|
74
76
|
}
|
|
75
77
|
|
|
76
78
|
// Don't use FedCM on the auth domain itself - it would authenticate against itself
|
|
77
|
-
if (isIdentityProvider()) {
|
|
79
|
+
if (isIdentityProvider(authWebUrl)) {
|
|
78
80
|
onSSOUnavailable?.();
|
|
79
81
|
return null;
|
|
80
82
|
}
|
|
@@ -100,7 +102,7 @@ function useWebSSO({
|
|
|
100
102
|
} finally {
|
|
101
103
|
isCheckingRef.current = false;
|
|
102
104
|
}
|
|
103
|
-
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported]);
|
|
105
|
+
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported, authWebUrl]);
|
|
104
106
|
|
|
105
107
|
/**
|
|
106
108
|
* Trigger interactive FedCM sign-in
|
|
@@ -133,8 +135,8 @@ function useWebSSO({
|
|
|
133
135
|
|
|
134
136
|
// Auto-check SSO on mount (web only, FedCM only, not on auth domain)
|
|
135
137
|
(0, _react.useEffect)(() => {
|
|
136
|
-
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider()) {
|
|
137
|
-
if (isIdentityProvider()) {
|
|
138
|
+
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider(authWebUrl)) {
|
|
139
|
+
if (isIdentityProvider(authWebUrl)) {
|
|
138
140
|
onSSOUnavailable?.();
|
|
139
141
|
}
|
|
140
142
|
return;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_react","require","isWebBrowser","window","document","documentElement","isIdentityProvider","hostname","location","useWebSSO","oxyServices","onSessionFound","onSSOUnavailable","onError","enabled","isCheckingRef","useRef","hasCheckedRef","fedCMSupported","isFedCMSupported","checkSSO","useCallback","current","session","silentSignInWithFedCM","error","Error","String","signInWithFedCM","useEffect","isChecking"],"sourceRoot":"../../../../src","sources":["ui/hooks/useWebSSO.ts"],"mappings":";;;;;;;AAiBA,IAAAA,MAAA,GAAAC,OAAA;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAyBA;AACA;AACA;AACA,SAASC,YAAYA,CAAA,EAAY;EAC/B,OAAO,OAAOC,MAAM,KAAK,WAAW,IAC7B,OAAOC,QAAQ,KAAK,WAAW,IAC/B,OAAOA,QAAQ,CAACC,eAAe,KAAK,WAAW;AACxD;;AAEA;AACA;AACA;AACA;AACA,SAASC,kBAAkBA,
|
|
1
|
+
{"version":3,"names":["_react","require","isWebBrowser","window","document","documentElement","isIdentityProvider","authWebUrl","hostname","location","idpHostname","URL","useWebSSO","oxyServices","onSessionFound","onSSOUnavailable","onError","enabled","isCheckingRef","useRef","hasCheckedRef","fedCMSupported","isFedCMSupported","config","checkSSO","useCallback","current","session","silentSignInWithFedCM","error","Error","String","signInWithFedCM","useEffect","isChecking"],"sourceRoot":"../../../../src","sources":["ui/hooks/useWebSSO.ts"],"mappings":";;;;;;;AAiBA,IAAAA,MAAA,GAAAC,OAAA;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAyBA;AACA;AACA;AACA,SAASC,YAAYA,CAAA,EAAY;EAC/B,OAAO,OAAOC,MAAM,KAAK,WAAW,IAC7B,OAAOC,QAAQ,KAAK,WAAW,IAC/B,OAAOA,QAAQ,CAACC,eAAe,KAAK,WAAW;AACxD;;AAEA;AACA;AACA;AACA;AACA,SAASC,kBAAkBA,CAACC,UAAmB,EAAW;EACxD,IAAI,CAACL,YAAY,CAAC,CAAC,EAAE,OAAO,KAAK;EACjC,MAAMM,QAAQ,GAAGL,MAAM,CAACM,QAAQ,CAACD,QAAQ;EACzC,MAAME,WAAW,GAAGH,UAAU,GAAG,IAAII,GAAG,CAACJ,UAAU,CAAC,CAACC,QAAQ,GAAG,aAAa;EAC7E,OAAOA,QAAQ,KAAKE,WAAW;AACjC;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASE,SAASA,CAAC;EACxBC,WAAW;EACXC,cAAc;EACdC,gBAAgB;EAChBC,OAAO;EACPC,OAAO,GAAG;AACM,CAAC,EAAmB;EACpC,MAAMC,aAAa,GAAG,IAAAC,aAAM,EAAC,KAAK,CAAC;EACnC,MAAMC,aAAa,GAAG,IAAAD,aAAM,EAAC,KAAK,CAAC;;EAEnC;EACA,MAAME,cAAc,GAAGnB,YAAY,CAAC,CAAC,IAAIW,WAAW,CAACS,gBAAgB,GAAG,CAAC;EACzE,MAAMf,UAAU,GAAGM,WAAW,CAACU,MAAM,EAAEhB,UAAU;EAEjD,MAAMiB,QAAQ,GAAG,IAAAC,kBAAW,EAAC,YAAkD;IAC7E,IAAI,CAACvB,YAAY,CAAC,CAAC,IAAIgB,aAAa,CAACQ,OAAO,EAAE;MAC5C,OAAO,IAAI;IACb;;IAEA;IACA,IAAIpB,kBAAkB,CAACC,UAAU,CAAC,EAAE;MAClCQ,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb;;IAEA;IACA,IAAI,CAACM,cAAc,EAAE;MACnBN,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb;IAEAG,aAAa,CAACQ,OAAO,GAAG,IAAI;IAE5B,IAAI;MACF,MAAMC,OAAO,GAAG,MAAMd,WAAW,CAACe,qBAAqB,GAAG,CAAC;MAE3D,IAAID,OAAO,EAAE;QACX,MAAMb,cAAc,CAACa,OAAO,CAAC;QAC7B,OAAOA,OAAO;MAChB;MAEAZ,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb,CAAC,CAAC,OAAOc,KAAK,EAAE;MACdd,gBAAgB,GAAG,CAAC;MACpBC,OAAO,GAAGa,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACC,MAAM,CAACF,KAAK,CAAC,CAAC,CAAC;MACpE,OAAO,IAAI;IACb,CAAC,SAAS;MACRX,aAAa,CAACQ,OAAO,GAAG,KAAK;IAC/B;EACF,CAAC,EAAE,CAACb,WAAW,EAAEC,cAAc,EAAEC,gBAAgB,EAAEC,OAAO,EAAEK,cAAc,EAAEd,UAAU,CAAC,CAAC;;EAExF;AACF;AACA;AACA;AACA;EACE,MAAMyB,eAAe,GAAG,IAAAP,kBAAW,EAAC,YAAkD;IACpF,IAAI,CAACvB,YAAY,CAAC,CAAC,IAAIgB,aAAa,CAACQ,OAAO,EAAE;MAC5C,OAAO,IAAI;IACb;IAEA,IAAI,CAACL,cAAc,EAAE;MACnBL,OAAO,GAAG,IAAIc,KAAK,CAAC,wCAAwC,CAAC,CAAC;MAC9D,OAAO,IAAI;IACb;IAEAZ,aAAa,CAACQ,OAAO,GAAG,IAAI;IAE5B,IAAI;MACF,MAAMC,OAAO,GAAG,MAAMd,WAAW,CAACmB,eAAe,GAAG,CAAC;MAErD,IAAIL,OAAO,EAAE;QACX,MAAMb,cAAc,CAACa,OAAO,CAAC;QAC7B,OAAOA,OAAO;MAChB;MAEA,OAAO,IAAI;IACb,CAAC,CAAC,OAAOE,KAAK,EAAE;MACdb,OAAO,GAAGa,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACC,MAAM,CAACF,KAAK,CAAC,CAAC,CAAC;MACpE,OAAO,IAAI;IACb,CAAC,SAAS;MACRX,aAAa,CAACQ,OAAO,GAAG,KAAK;IAC/B;EACF,CAAC,EAAE,CAACb,WAAW,EAAEC,cAAc,EAAEE,OAAO,EAAEK,cAAc,CAAC,CAAC;;EAE1D;EACA,IAAAY,gBAAS,EAAC,MAAM;IACd,IAAI,CAAChB,OAAO,IAAI,CAACf,YAAY,CAAC,CAAC,IAAIkB,aAAa,CAACM,OAAO,IAAIpB,kBAAkB,CAACC,UAAU,CAAC,EAAE;MAC1F,IAAID,kBAAkB,CAACC,UAAU,CAAC,EAAE;QAClCQ,gBAAgB,GAAG,CAAC;MACtB;MACA;IACF;IAEAK,aAAa,CAACM,OAAO,GAAG,IAAI;IAE5B,IAAIL,cAAc,EAAE;MAClBG,QAAQ,CAAC,CAAC;IACZ,CAAC,MAAM;MACLT,gBAAgB,GAAG,CAAC;IACtB;EACF,CAAC,EAAE,CAACE,OAAO,EAAEO,QAAQ,EAAEH,cAAc,EAAEN,gBAAgB,CAAC,CAAC;EAEzD,OAAO;IACLS,QAAQ;IACRQ,eAAe;IACfE,UAAU,EAAEhB,aAAa,CAACQ,OAAO;IACjCJ,gBAAgB,EAAED;EACpB,CAAC;AACH","ignoreList":[]}
|
|
@@ -56,9 +56,11 @@ export function useAuth() {
|
|
|
56
56
|
openAvatarPicker
|
|
57
57
|
} = useOxy();
|
|
58
58
|
const signIn = useCallback(async publicKey => {
|
|
59
|
-
// Check if we're on the identity provider itself
|
|
60
|
-
// Only
|
|
61
|
-
const
|
|
59
|
+
// Check if we're on the identity provider itself
|
|
60
|
+
// Only the IdP has local login forms - other apps are client apps
|
|
61
|
+
const authWebUrl = oxyServices.config?.authWebUrl;
|
|
62
|
+
const idpHostname = authWebUrl ? new URL(authWebUrl).hostname : 'auth.oxy.so';
|
|
63
|
+
const isIdentityProvider = isWebBrowser() && window.location.hostname === idpHostname;
|
|
62
64
|
|
|
63
65
|
// Web (not on IdP): Use popup-based authentication
|
|
64
66
|
// We go straight to popup to preserve the "user gesture" (click event)
|
|
@@ -113,7 +115,8 @@ export function useAuth() {
|
|
|
113
115
|
|
|
114
116
|
// Web fallback: navigate to login page on auth domain
|
|
115
117
|
if (isWebBrowser()) {
|
|
116
|
-
const
|
|
118
|
+
const authBase = authWebUrl || 'https://accounts.oxy.so';
|
|
119
|
+
const loginUrl = window.location.hostname.includes('oxy.so') ? '/login' : `${authBase}/login`;
|
|
117
120
|
window.location.href = loginUrl;
|
|
118
121
|
return new Promise(() => {}); // Never resolves, page will redirect
|
|
119
122
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["useCallback","useOxy","isWebBrowser","useAuth","user","isAuthenticated","isLoading","isTokenReady","error","signIn","oxySignIn","handlePopupSession","logout","logoutAll","refreshSessions","oxyServices","hasIdentity","getPublicKey","showBottomSheet","openAvatarPicker","publicKey","
|
|
1
|
+
{"version":3,"names":["useCallback","useOxy","isWebBrowser","useAuth","user","isAuthenticated","isLoading","isTokenReady","error","signIn","oxySignIn","handlePopupSession","logout","logoutAll","refreshSessions","oxyServices","hasIdentity","getPublicKey","showBottomSheet","openAvatarPicker","publicKey","authWebUrl","config","idpHostname","URL","hostname","isIdentityProvider","window","location","popupSession","signInWithPopup","sessionWithUser","Error","popupError","message","includes","hasExisting","existingKey","Promise","_","reject","authBase","loginUrl","href","signOut","signOutAll","refresh","isReady"],"sourceRoot":"../../../../src","sources":["ui/hooks/useAuth.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,WAAW,QAAkB,OAAO;AAC7C,SAASC,MAAM,QAAQ,0BAAuB;AAE9C,SAASC,YAAY,QAAQ,gBAAa;AAoD1C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,OAAOA,CAAA,EAAkB;EACvC,MAAM;IACJC,IAAI;IACJC,eAAe;IACfC,SAAS;IACTC,YAAY;IACZC,KAAK;IACLC,MAAM,EAAEC,SAAS;IACjBC,kBAAkB;IAClBC,MAAM;IACNC,SAAS;IACTC,eAAe;IACfC,WAAW;IACXC,WAAW;IACXC,YAAY;IACZC,eAAe;IACfC;EACF,CAAC,GAAGlB,MAAM,CAAC,CAAC;EAEZ,MAAMQ,MAAM,GAAGT,WAAW,CAAC,MAAOoB,SAAkB,IAAoB;IACtE;IACA;IACA,MAAMC,UAAU,GAAGN,WAAW,CAACO,MAAM,EAAED,UAAU;IACjD,MAAME,WAAW,GAAGF,UAAU,GAAG,IAAIG,GAAG,CAACH,UAAU,CAAC,CAACI,QAAQ,GAAG,aAAa;IAC7E,MAAMC,kBAAkB,GAAGxB,YAAY,CAAC,CAAC,IACvCyB,MAAM,CAACC,QAAQ,CAACH,QAAQ,KAAKF,WAAW;;IAE1C;IACA;IACA;IACA;IACA,IAAIrB,YAAY,CAAC,CAAC,IAAI,CAACkB,SAAS,IAAI,CAACM,kBAAkB,EAAE;MACvD,IAAI;QACF,MAAMG,YAAY,GAAG,MAAMd,WAAW,CAACe,eAAe,GAAG,CAAC;QAC1D,IAAID,YAAY,EAAEzB,IAAI,EAAE;UACtB;UACA;UACA;UACA,MAAM2B,eAAe,GAAG;YACtB,GAAGF,YAAY;YACfzB,IAAI,EAAEyB,YAAY,CAACzB;UACrB,CAAC;UACD,MAAMO,kBAAkB,CAACoB,eAAe,CAAC;UACzC,OAAOA,eAAe,CAAC3B,IAAI;QAC7B;QACA,MAAM,IAAI4B,KAAK,CAAC,mCAAmC,CAAC;MACtD,CAAC,CAAC,OAAOC,UAAU,EAAE;QACnB,IAAIA,UAAU,YAAYD,KAAK,IAAIC,UAAU,CAACC,OAAO,CAACC,QAAQ,CAAC,SAAS,CAAC,EAAE;UACzE,MAAM,IAAIH,KAAK,CAAC,mDAAmD,CAAC;QACtE;QACA,MAAMC,UAAU;MAClB;IACF;;IAEA;IACA;IACA,IAAIb,SAAS,EAAE;MACb,OAAOV,SAAS,CAACU,SAAS,CAAC;IAC7B;;IAEA;IACA,MAAMgB,WAAW,GAAG,MAAMpB,WAAW,CAAC,CAAC;IAEvC,IAAIoB,WAAW,EAAE;MACf,MAAMC,WAAW,GAAG,MAAMpB,YAAY,CAAC,CAAC;MACxC,IAAIoB,WAAW,EAAE;QACf,OAAO3B,SAAS,CAAC2B,WAAW,CAAC;MAC/B;IACF;;IAEA;IACA,IAAInB,eAAe,EAAE;MACnBA,eAAe,CAAC,SAAS,CAAC;MAC1B;MACA,OAAO,IAAIoB,OAAO,CAAC,CAACC,CAAC,EAAEC,MAAM,KAAK;QAChCA,MAAM,CAAC,IAAIR,KAAK,CAAC,2CAA2C,CAAC,CAAC;MAChE,CAAC,CAAC;IACJ;;IAEA;IACA,IAAI9B,YAAY,CAAC,CAAC,EAAE;MAClB,MAAMuC,QAAQ,GAAGpB,UAAU,IAAI,yBAAyB;MACxD,MAAMqB,QAAQ,GAAGf,MAAM,CAACC,QAAQ,CAACH,QAAQ,CAACU,QAAQ,CAAC,QAAQ,CAAC,GACxD,QAAQ,GACR,GAAGM,QAAQ,QAAQ;MACvBd,MAAM,CAACC,QAAQ,CAACe,IAAI,GAAGD,QAAQ;MAC/B,OAAO,IAAIJ,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAChC;IAEA,MAAM,IAAIN,KAAK,CAAC,oCAAoC,CAAC;EACvD,CAAC,EAAE,CAACtB,SAAS,EAAEM,WAAW,EAAEC,YAAY,EAAEC,eAAe,EAAEH,WAAW,EAAEJ,kBAAkB,CAAC,CAAC;EAE5F,MAAMiC,OAAO,GAAG5C,WAAW,CAAC,YAA2B;IACrD,MAAMY,MAAM,CAAC,CAAC;EAChB,CAAC,EAAE,CAACA,MAAM,CAAC,CAAC;EAEZ,MAAMiC,UAAU,GAAG7C,WAAW,CAAC,YAA2B;IACxD,MAAMa,SAAS,CAAC,CAAC;EACnB,CAAC,EAAE,CAACA,SAAS,CAAC,CAAC;EAEf,MAAMiC,OAAO,GAAG9C,WAAW,CAAC,YAA2B;IACrD,MAAMc,eAAe,CAAC,CAAC;EACzB,CAAC,EAAE,CAACA,eAAe,CAAC,CAAC;EAErB,OAAO;IACL;IACAV,IAAI;IACJC,eAAe;IACfC,SAAS;IACTyC,OAAO,EAAExC,YAAY;IACrBC,KAAK;IAEL;IACAC,MAAM;IACNmC,OAAO;IACPC,UAAU;IACVC,OAAO;IAEP;IACA/B,WAAW;IACXG,eAAe;IACfC;EACF,CAAC;AACH;;AAEA;AACA,SAASlB,MAAM,QAAQ,0BAAuB","ignoreList":[]}
|
|
@@ -27,12 +27,13 @@ function isWebBrowser() {
|
|
|
27
27
|
|
|
28
28
|
/**
|
|
29
29
|
* Check if we're on the identity provider domain (where FedCM would authenticate against itself)
|
|
30
|
-
*
|
|
30
|
+
* Compares against config.authWebUrl if set, otherwise defaults to auth.oxy.so
|
|
31
31
|
*/
|
|
32
|
-
function isIdentityProvider() {
|
|
32
|
+
function isIdentityProvider(authWebUrl) {
|
|
33
33
|
if (!isWebBrowser()) return false;
|
|
34
34
|
const hostname = window.location.hostname;
|
|
35
|
-
|
|
35
|
+
const idpHostname = authWebUrl ? new URL(authWebUrl).hostname : 'auth.oxy.so';
|
|
36
|
+
return hostname === idpHostname;
|
|
36
37
|
}
|
|
37
38
|
|
|
38
39
|
/**
|
|
@@ -63,13 +64,14 @@ export function useWebSSO({
|
|
|
63
64
|
|
|
64
65
|
// Check FedCM support once
|
|
65
66
|
const fedCMSupported = isWebBrowser() && oxyServices.isFedCMSupported?.();
|
|
67
|
+
const authWebUrl = oxyServices.config?.authWebUrl;
|
|
66
68
|
const checkSSO = useCallback(async () => {
|
|
67
69
|
if (!isWebBrowser() || isCheckingRef.current) {
|
|
68
70
|
return null;
|
|
69
71
|
}
|
|
70
72
|
|
|
71
73
|
// Don't use FedCM on the auth domain itself - it would authenticate against itself
|
|
72
|
-
if (isIdentityProvider()) {
|
|
74
|
+
if (isIdentityProvider(authWebUrl)) {
|
|
73
75
|
onSSOUnavailable?.();
|
|
74
76
|
return null;
|
|
75
77
|
}
|
|
@@ -95,7 +97,7 @@ export function useWebSSO({
|
|
|
95
97
|
} finally {
|
|
96
98
|
isCheckingRef.current = false;
|
|
97
99
|
}
|
|
98
|
-
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported]);
|
|
100
|
+
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported, authWebUrl]);
|
|
99
101
|
|
|
100
102
|
/**
|
|
101
103
|
* Trigger interactive FedCM sign-in
|
|
@@ -128,8 +130,8 @@ export function useWebSSO({
|
|
|
128
130
|
|
|
129
131
|
// Auto-check SSO on mount (web only, FedCM only, not on auth domain)
|
|
130
132
|
useEffect(() => {
|
|
131
|
-
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider()) {
|
|
132
|
-
if (isIdentityProvider()) {
|
|
133
|
+
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider(authWebUrl)) {
|
|
134
|
+
if (isIdentityProvider(authWebUrl)) {
|
|
133
135
|
onSSOUnavailable?.();
|
|
134
136
|
}
|
|
135
137
|
return;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["useEffect","useRef","useCallback","isWebBrowser","window","document","documentElement","isIdentityProvider","hostname","location","useWebSSO","oxyServices","onSessionFound","onSSOUnavailable","onError","enabled","isCheckingRef","hasCheckedRef","fedCMSupported","isFedCMSupported","checkSSO","current","session","silentSignInWithFedCM","error","Error","String","signInWithFedCM","isChecking"],"sourceRoot":"../../../../src","sources":["ui/hooks/useWebSSO.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,SAAS,EAAEC,MAAM,EAAEC,WAAW,QAAQ,OAAO;AAuBtD;AACA;AACA;AACA,SAASC,YAAYA,CAAA,EAAY;EAC/B,OAAO,OAAOC,MAAM,KAAK,WAAW,IAC7B,OAAOC,QAAQ,KAAK,WAAW,IAC/B,OAAOA,QAAQ,CAACC,eAAe,KAAK,WAAW;AACxD;;AAEA;AACA;AACA;AACA;AACA,SAASC,kBAAkBA,
|
|
1
|
+
{"version":3,"names":["useEffect","useRef","useCallback","isWebBrowser","window","document","documentElement","isIdentityProvider","authWebUrl","hostname","location","idpHostname","URL","useWebSSO","oxyServices","onSessionFound","onSSOUnavailable","onError","enabled","isCheckingRef","hasCheckedRef","fedCMSupported","isFedCMSupported","config","checkSSO","current","session","silentSignInWithFedCM","error","Error","String","signInWithFedCM","isChecking"],"sourceRoot":"../../../../src","sources":["ui/hooks/useWebSSO.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,SAAS,EAAEC,MAAM,EAAEC,WAAW,QAAQ,OAAO;AAuBtD;AACA;AACA;AACA,SAASC,YAAYA,CAAA,EAAY;EAC/B,OAAO,OAAOC,MAAM,KAAK,WAAW,IAC7B,OAAOC,QAAQ,KAAK,WAAW,IAC/B,OAAOA,QAAQ,CAACC,eAAe,KAAK,WAAW;AACxD;;AAEA;AACA;AACA;AACA;AACA,SAASC,kBAAkBA,CAACC,UAAmB,EAAW;EACxD,IAAI,CAACL,YAAY,CAAC,CAAC,EAAE,OAAO,KAAK;EACjC,MAAMM,QAAQ,GAAGL,MAAM,CAACM,QAAQ,CAACD,QAAQ;EACzC,MAAME,WAAW,GAAGH,UAAU,GAAG,IAAII,GAAG,CAACJ,UAAU,CAAC,CAACC,QAAQ,GAAG,aAAa;EAC7E,OAAOA,QAAQ,KAAKE,WAAW;AACjC;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASE,SAASA,CAAC;EACxBC,WAAW;EACXC,cAAc;EACdC,gBAAgB;EAChBC,OAAO;EACPC,OAAO,GAAG;AACM,CAAC,EAAmB;EACpC,MAAMC,aAAa,GAAGlB,MAAM,CAAC,KAAK,CAAC;EACnC,MAAMmB,aAAa,GAAGnB,MAAM,CAAC,KAAK,CAAC;;EAEnC;EACA,MAAMoB,cAAc,GAAGlB,YAAY,CAAC,CAAC,IAAIW,WAAW,CAACQ,gBAAgB,GAAG,CAAC;EACzE,MAAMd,UAAU,GAAGM,WAAW,CAACS,MAAM,EAAEf,UAAU;EAEjD,MAAMgB,QAAQ,GAAGtB,WAAW,CAAC,YAAkD;IAC7E,IAAI,CAACC,YAAY,CAAC,CAAC,IAAIgB,aAAa,CAACM,OAAO,EAAE;MAC5C,OAAO,IAAI;IACb;;IAEA;IACA,IAAIlB,kBAAkB,CAACC,UAAU,CAAC,EAAE;MAClCQ,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb;;IAEA;IACA,IAAI,CAACK,cAAc,EAAE;MACnBL,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb;IAEAG,aAAa,CAACM,OAAO,GAAG,IAAI;IAE5B,IAAI;MACF,MAAMC,OAAO,GAAG,MAAMZ,WAAW,CAACa,qBAAqB,GAAG,CAAC;MAE3D,IAAID,OAAO,EAAE;QACX,MAAMX,cAAc,CAACW,OAAO,CAAC;QAC7B,OAAOA,OAAO;MAChB;MAEAV,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb,CAAC,CAAC,OAAOY,KAAK,EAAE;MACdZ,gBAAgB,GAAG,CAAC;MACpBC,OAAO,GAAGW,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACC,MAAM,CAACF,KAAK,CAAC,CAAC,CAAC;MACpE,OAAO,IAAI;IACb,CAAC,SAAS;MACRT,aAAa,CAACM,OAAO,GAAG,KAAK;IAC/B;EACF,CAAC,EAAE,CAACX,WAAW,EAAEC,cAAc,EAAEC,gBAAgB,EAAEC,OAAO,EAAEI,cAAc,EAAEb,UAAU,CAAC,CAAC;;EAExF;AACF;AACA;AACA;AACA;EACE,MAAMuB,eAAe,GAAG7B,WAAW,CAAC,YAAkD;IACpF,IAAI,CAACC,YAAY,CAAC,CAAC,IAAIgB,aAAa,CAACM,OAAO,EAAE;MAC5C,OAAO,IAAI;IACb;IAEA,IAAI,CAACJ,cAAc,EAAE;MACnBJ,OAAO,GAAG,IAAIY,KAAK,CAAC,wCAAwC,CAAC,CAAC;MAC9D,OAAO,IAAI;IACb;IAEAV,aAAa,CAACM,OAAO,GAAG,IAAI;IAE5B,IAAI;MACF,MAAMC,OAAO,GAAG,MAAMZ,WAAW,CAACiB,eAAe,GAAG,CAAC;MAErD,IAAIL,OAAO,EAAE;QACX,MAAMX,cAAc,CAACW,OAAO,CAAC;QAC7B,OAAOA,OAAO;MAChB;MAEA,OAAO,IAAI;IACb,CAAC,CAAC,OAAOE,KAAK,EAAE;MACdX,OAAO,GAAGW,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACC,MAAM,CAACF,KAAK,CAAC,CAAC,CAAC;MACpE,OAAO,IAAI;IACb,CAAC,SAAS;MACRT,aAAa,CAACM,OAAO,GAAG,KAAK;IAC/B;EACF,CAAC,EAAE,CAACX,WAAW,EAAEC,cAAc,EAAEE,OAAO,EAAEI,cAAc,CAAC,CAAC;;EAE1D;EACArB,SAAS,CAAC,MAAM;IACd,IAAI,CAACkB,OAAO,IAAI,CAACf,YAAY,CAAC,CAAC,IAAIiB,aAAa,CAACK,OAAO,IAAIlB,kBAAkB,CAACC,UAAU,CAAC,EAAE;MAC1F,IAAID,kBAAkB,CAACC,UAAU,CAAC,EAAE;QAClCQ,gBAAgB,GAAG,CAAC;MACtB;MACA;IACF;IAEAI,aAAa,CAACK,OAAO,GAAG,IAAI;IAE5B,IAAIJ,cAAc,EAAE;MAClBG,QAAQ,CAAC,CAAC;IACZ,CAAC,MAAM;MACLR,gBAAgB,GAAG,CAAC;IACtB;EACF,CAAC,EAAE,CAACE,OAAO,EAAEM,QAAQ,EAAEH,cAAc,EAAEL,gBAAgB,CAAC,CAAC;EAEzD,OAAO;IACLQ,QAAQ;IACRO,eAAe;IACfC,UAAU,EAAEb,aAAa,CAACM,OAAO;IACjCH,gBAAgB,EAAED;EACpB,CAAC;AACH;AAEA,SAASlB,YAAY","ignoreList":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useAuth.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useAuth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AAGxC,MAAM,WAAW,SAAS;IACxB,4DAA4D;IAC5D,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAElB,oCAAoC;IACpC,eAAe,EAAE,OAAO,CAAC;IAEzB,4DAA4D;IAC5D,SAAS,EAAE,OAAO,CAAC;IAEnB,oDAAoD;IACpD,OAAO,EAAE,OAAO,CAAC;IAEjB,oCAAoC;IACpC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B;;;;OAIG;IACH,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9C;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7B;;OAEG;IACH,UAAU,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhC;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,aAAc,SAAQ,SAAS,EAAE,WAAW;IAC3D,6DAA6D;IAC7D,WAAW,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,aAAa,CAAC,CAAC;IACtD,4EAA4E;IAC5E,eAAe,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,0CAA0C;IAC1C,gBAAgB,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,kBAAkB,CAAC,CAAC;CACjE;AAED;;;;;;;;GAQG;AACH,wBAAgB,OAAO,IAAI,aAAa,
|
|
1
|
+
{"version":3,"file":"useAuth.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useAuth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AAGxC,MAAM,WAAW,SAAS;IACxB,4DAA4D;IAC5D,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAElB,oCAAoC;IACpC,eAAe,EAAE,OAAO,CAAC;IAEzB,4DAA4D;IAC5D,SAAS,EAAE,OAAO,CAAC;IAEnB,oDAAoD;IACpD,OAAO,EAAE,OAAO,CAAC;IAEjB,oCAAoC;IACpC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B;;;;OAIG;IACH,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9C;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7B;;OAEG;IACH,UAAU,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhC;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,aAAc,SAAQ,SAAS,EAAE,WAAW;IAC3D,6DAA6D;IAC7D,WAAW,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,aAAa,CAAC,CAAC;IACtD,4EAA4E;IAC5E,eAAe,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,0CAA0C;IAC1C,gBAAgB,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,kBAAkB,CAAC,CAAC;CACjE;AAED;;;;;;;;GAQG;AACH,wBAAgB,OAAO,IAAI,aAAa,CA2HvC;AAGD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useWebSSO.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useWebSSO.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,UAAU,gBAAgB;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,cAAc,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACjE,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,UAAU,eAAe;IACvB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IACrD,2DAA2D;IAC3D,eAAe,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IAC5D,uCAAuC;IACvC,UAAU,EAAE,OAAO,CAAC;IACpB,iDAAiD;IACjD,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,iBAAS,YAAY,IAAI,OAAO,CAI/B;
|
|
1
|
+
{"version":3,"file":"useWebSSO.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useWebSSO.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,UAAU,gBAAgB;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,cAAc,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACjE,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,UAAU,eAAe;IACvB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IACrD,2DAA2D;IAC3D,eAAe,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IAC5D,uCAAuC;IACvC,UAAU,EAAE,OAAO,CAAC;IACpB,iDAAiD;IACjD,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,iBAAS,YAAY,IAAI,OAAO,CAI/B;AAaD;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,SAAS,CAAC,EACxB,WAAW,EACX,cAAc,EACd,gBAAgB,EAChB,OAAO,EACP,OAAc,GACf,EAAE,gBAAgB,GAAG,eAAe,CAwGpC;AAED,OAAO,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useAuth.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useAuth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AAGxC,MAAM,WAAW,SAAS;IACxB,4DAA4D;IAC5D,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAElB,oCAAoC;IACpC,eAAe,EAAE,OAAO,CAAC;IAEzB,4DAA4D;IAC5D,SAAS,EAAE,OAAO,CAAC;IAEnB,oDAAoD;IACpD,OAAO,EAAE,OAAO,CAAC;IAEjB,oCAAoC;IACpC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B;;;;OAIG;IACH,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9C;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7B;;OAEG;IACH,UAAU,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhC;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,aAAc,SAAQ,SAAS,EAAE,WAAW;IAC3D,6DAA6D;IAC7D,WAAW,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,aAAa,CAAC,CAAC;IACtD,4EAA4E;IAC5E,eAAe,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,0CAA0C;IAC1C,gBAAgB,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,kBAAkB,CAAC,CAAC;CACjE;AAED;;;;;;;;GAQG;AACH,wBAAgB,OAAO,IAAI,aAAa,
|
|
1
|
+
{"version":3,"file":"useAuth.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useAuth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AAGxC,MAAM,WAAW,SAAS;IACxB,4DAA4D;IAC5D,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAElB,oCAAoC;IACpC,eAAe,EAAE,OAAO,CAAC;IAEzB,4DAA4D;IAC5D,SAAS,EAAE,OAAO,CAAC;IAEnB,oDAAoD;IACpD,OAAO,EAAE,OAAO,CAAC;IAEjB,oCAAoC;IACpC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B;;;;OAIG;IACH,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9C;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7B;;OAEG;IACH,UAAU,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhC;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,aAAc,SAAQ,SAAS,EAAE,WAAW;IAC3D,6DAA6D;IAC7D,WAAW,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,aAAa,CAAC,CAAC;IACtD,4EAA4E;IAC5E,eAAe,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,0CAA0C;IAC1C,gBAAgB,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC,kBAAkB,CAAC,CAAC;CACjE;AAED;;;;;;;;GAQG;AACH,wBAAgB,OAAO,IAAI,aAAa,CA2HvC;AAGD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useWebSSO.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useWebSSO.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,UAAU,gBAAgB;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,cAAc,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACjE,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,UAAU,eAAe;IACvB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IACrD,2DAA2D;IAC3D,eAAe,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IAC5D,uCAAuC;IACvC,UAAU,EAAE,OAAO,CAAC;IACpB,iDAAiD;IACjD,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,iBAAS,YAAY,IAAI,OAAO,CAI/B;
|
|
1
|
+
{"version":3,"file":"useWebSSO.d.ts","sourceRoot":"","sources":["../../../../../src/ui/hooks/useWebSSO.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,UAAU,gBAAgB;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,cAAc,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACjE,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,UAAU,eAAe;IACvB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IACrD,2DAA2D;IAC3D,eAAe,EAAE,MAAM,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IAC5D,uCAAuC;IACvC,UAAU,EAAE,OAAO,CAAC;IACpB,iDAAiD;IACjD,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,iBAAS,YAAY,IAAI,OAAO,CAI/B;AAaD;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,SAAS,CAAC,EACxB,WAAW,EACX,cAAc,EACd,gBAAgB,EAChB,OAAO,EACP,OAAc,GACf,EAAE,gBAAgB,GAAG,eAAe,CAwGpC;AAED,OAAO,EAAE,YAAY,EAAE,CAAC"}
|
package/package.json
CHANGED
package/src/ui/hooks/useAuth.ts
CHANGED
|
@@ -107,10 +107,12 @@ export function useAuth(): UseAuthReturn {
|
|
|
107
107
|
} = useOxy();
|
|
108
108
|
|
|
109
109
|
const signIn = useCallback(async (publicKey?: string): Promise<User> => {
|
|
110
|
-
// Check if we're on the identity provider itself
|
|
111
|
-
// Only
|
|
110
|
+
// Check if we're on the identity provider itself
|
|
111
|
+
// Only the IdP has local login forms - other apps are client apps
|
|
112
|
+
const authWebUrl = oxyServices.config?.authWebUrl;
|
|
113
|
+
const idpHostname = authWebUrl ? new URL(authWebUrl).hostname : 'auth.oxy.so';
|
|
112
114
|
const isIdentityProvider = isWebBrowser() &&
|
|
113
|
-
window.location.hostname ===
|
|
115
|
+
window.location.hostname === idpHostname;
|
|
114
116
|
|
|
115
117
|
// Web (not on IdP): Use popup-based authentication
|
|
116
118
|
// We go straight to popup to preserve the "user gesture" (click event)
|
|
@@ -166,9 +168,10 @@ export function useAuth(): UseAuthReturn {
|
|
|
166
168
|
|
|
167
169
|
// Web fallback: navigate to login page on auth domain
|
|
168
170
|
if (isWebBrowser()) {
|
|
171
|
+
const authBase = authWebUrl || 'https://accounts.oxy.so';
|
|
169
172
|
const loginUrl = window.location.hostname.includes('oxy.so')
|
|
170
173
|
? '/login'
|
|
171
|
-
:
|
|
174
|
+
: `${authBase}/login`;
|
|
172
175
|
window.location.href = loginUrl;
|
|
173
176
|
return new Promise(() => {}); // Never resolves, page will redirect
|
|
174
177
|
}
|
|
@@ -49,12 +49,13 @@ function isWebBrowser(): boolean {
|
|
|
49
49
|
|
|
50
50
|
/**
|
|
51
51
|
* Check if we're on the identity provider domain (where FedCM would authenticate against itself)
|
|
52
|
-
*
|
|
52
|
+
* Compares against config.authWebUrl if set, otherwise defaults to auth.oxy.so
|
|
53
53
|
*/
|
|
54
|
-
function isIdentityProvider(): boolean {
|
|
54
|
+
function isIdentityProvider(authWebUrl?: string): boolean {
|
|
55
55
|
if (!isWebBrowser()) return false;
|
|
56
56
|
const hostname = window.location.hostname;
|
|
57
|
-
|
|
57
|
+
const idpHostname = authWebUrl ? new URL(authWebUrl).hostname : 'auth.oxy.so';
|
|
58
|
+
return hostname === idpHostname;
|
|
58
59
|
}
|
|
59
60
|
|
|
60
61
|
/**
|
|
@@ -85,6 +86,7 @@ export function useWebSSO({
|
|
|
85
86
|
|
|
86
87
|
// Check FedCM support once
|
|
87
88
|
const fedCMSupported = isWebBrowser() && oxyServices.isFedCMSupported?.();
|
|
89
|
+
const authWebUrl = oxyServices.config?.authWebUrl;
|
|
88
90
|
|
|
89
91
|
const checkSSO = useCallback(async (): Promise<SessionLoginResponse | null> => {
|
|
90
92
|
if (!isWebBrowser() || isCheckingRef.current) {
|
|
@@ -92,7 +94,7 @@ export function useWebSSO({
|
|
|
92
94
|
}
|
|
93
95
|
|
|
94
96
|
// Don't use FedCM on the auth domain itself - it would authenticate against itself
|
|
95
|
-
if (isIdentityProvider()) {
|
|
97
|
+
if (isIdentityProvider(authWebUrl)) {
|
|
96
98
|
onSSOUnavailable?.();
|
|
97
99
|
return null;
|
|
98
100
|
}
|
|
@@ -122,7 +124,7 @@ export function useWebSSO({
|
|
|
122
124
|
} finally {
|
|
123
125
|
isCheckingRef.current = false;
|
|
124
126
|
}
|
|
125
|
-
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported]);
|
|
127
|
+
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported, authWebUrl]);
|
|
126
128
|
|
|
127
129
|
/**
|
|
128
130
|
* Trigger interactive FedCM sign-in
|
|
@@ -160,8 +162,8 @@ export function useWebSSO({
|
|
|
160
162
|
|
|
161
163
|
// Auto-check SSO on mount (web only, FedCM only, not on auth domain)
|
|
162
164
|
useEffect(() => {
|
|
163
|
-
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider()) {
|
|
164
|
-
if (isIdentityProvider()) {
|
|
165
|
+
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider(authWebUrl)) {
|
|
166
|
+
if (isIdentityProvider(authWebUrl)) {
|
|
165
167
|
onSSOUnavailable?.();
|
|
166
168
|
}
|
|
167
169
|
return;
|