@oxyhq/services 9.0.0 → 10.1.0

package/src/utils/__tests__/deviceFlowSignIn.test.ts

@@ -0,0 +1,104 @@
+/**
+ * @jest-environment node
+ *
+ * Regression coverage for the NATIVE device-flow sign-in bug:
+ *
+ *   On native, tapping "Sign In with Oxy" opens `OxyAuthScreen`, which creates
+ *   a device-flow AuthSession and opens auth.oxy.so/authorize. The user signs
+ *   in successfully, the API authorizes the session and notifies the client via
+ *   the auth-session socket — but the screen then called `switchSession`
+ *   DIRECTLY without first claiming the bearer with the secret `sessionToken`.
+ *   `switchSession` -> `getTokenBySession` (`GET /session/token/:id`) requires a
+ *   bearer the client did not yet hold, so it 401'd: the session was authorized
+ *   server-side but the app never became authenticated ("nothing happens").
+ *
+ *   The web `SignInModal` already claimed first; the native screen did not.
+ *   `completeDeviceFlowSignIn` consolidates the claim->switch sequence so both
+ *   paths are identical. These tests pin the ORDER (claim before switch) and the
+ *   fail-fast behaviour.
+ */
+
+import type { User } from '@oxyhq/core';
+import {
+  completeDeviceFlowSignIn,
+  type DeviceFlowClient,
+} from '../deviceFlowSignIn';
+
+const SESSION_ID = 'session-id-123';
+const SESSION_TOKEN = 'a'.repeat(32);
+const USER = { id: 'user-1', username: 'nate', privacySettings: {} } as User;
+
+describe('completeDeviceFlowSignIn', () => {
+  it('claims the sessionToken BEFORE switching the session', async () => {
+    const order: string[] = [];
+
+    const oxyServices: DeviceFlowClient = {
+      claimSessionByToken: jest.fn(async (token: string) => {
+        expect(token).toBe(SESSION_TOKEN);
+        order.push('claim');
+      }),
+    };
+    const switchSession = jest.fn(async (sessionId: string): Promise<User> => {
+      expect(sessionId).toBe(SESSION_ID);
+      order.push('switch');
+      return USER;
+    });
+
+    const user = await completeDeviceFlowSignIn({
+      oxyServices,
+      sessionId: SESSION_ID,
+      sessionToken: SESSION_TOKEN,
+      switchSession,
+    });
+
+    expect(order).toEqual(['claim', 'switch']);
+    expect(oxyServices.claimSessionByToken).toHaveBeenCalledWith(SESSION_TOKEN);
+    expect(switchSession).toHaveBeenCalledWith(SESSION_ID);
+    expect(user).toBe(USER);
+  });
+
+  it('does NOT switch the session when the claim fails (the native regression)', async () => {
+    const claimError = new Error('claim failed (401)');
+    const oxyServices: DeviceFlowClient = {
+      claimSessionByToken: jest.fn(async () => {
+        throw claimError;
+      }),
+    };
+    const switchSession = jest.fn(async (): Promise<User> => USER);
+
+    await expect(
+      completeDeviceFlowSignIn({
+        oxyServices,
+        sessionId: SESSION_ID,
+        sessionToken: SESSION_TOKEN,
+        switchSession,
+      }),
+    ).rejects.toThrow('claim failed (401)');
+
+    // The bearer was never planted, so we must not attempt the bearer-protected
+    // switch — surfacing the failure to the caller instead.
+    expect(switchSession).not.toHaveBeenCalled();
+  });
+
+  it('propagates a switchSession failure after a successful claim', async () => {
+    const switchError = new Error('session invalid');
+    const oxyServices: DeviceFlowClient = {
+      claimSessionByToken: jest.fn(async () => undefined),
+    };
+    const switchSession = jest.fn(async (): Promise<User> => {
+      throw switchError;
+    });
+
+    await expect(
+      completeDeviceFlowSignIn({
+        oxyServices,
+        sessionId: SESSION_ID,
+        sessionToken: SESSION_TOKEN,
+        switchSession,
+      }),
+    ).rejects.toThrow('session invalid');
+
+    expect(oxyServices.claimSessionByToken).toHaveBeenCalledTimes(1);
+    expect(switchSession).toHaveBeenCalledTimes(1);
+  });
+});

package/src/utils/__tests__/silentGuardKey.test.ts

@@ -0,0 +1,82 @@
+/**
+ * @jest-environment node
+ *
+ * Regression coverage for the native session-restore crash:
+ *
+ *   W [component:OxyContext]: Failed to restore sessions from storage
+ *   [TypeError: Cannot read property 'origin' of undefined]
+ *
+ * `silentColdBootKey` (OxyContext) and `ssoSignature` (useWebSSO) both build an
+ * `origin|baseURL` guard signature UNCONDITIONALLY at the top of the cold-boot
+ * path, on every platform. React Native aliases a global `window` (so
+ * `typeof window !== 'undefined'` is `true`) but provides NO `window.location`.
+ * The previous `typeof window`-only guard then read `window.location.origin`
+ * and threw `Cannot read property 'origin' of undefined`, escaping session
+ * restore entirely. Both call sites now delegate to the shared, guarded
+ * `buildSilentGuardKey`, verified here under all three platform shapes.
+ *
+ * Runs in the `node` environment so `window` is genuinely controllable — under
+ * jsdom `window.location` is non-configurable and cannot be removed, so the
+ * native shape (window present, location absent) is not reproducible there.
+ */
+
+import { buildSilentGuardKey, safeWindowOrigin } from '../silentGuardKey';
+
+describe('silentGuardKey native safety', () => {
+  const globalRef = globalThis as { window?: unknown };
+
+  afterEach(() => {
+    delete globalRef.window;
+  });
+
+  describe('safeWindowOrigin', () => {
+    it('returns "no-origin" when there is no window (Node / SSR)', () => {
+      delete globalRef.window;
+      expect(safeWindowOrigin()).toBe('no-origin');
+    });
+
+    it('returns "no-origin" on React Native (window present, no location)', () => {
+      // EXACT native shape: RN aliases a global `window` to the JS global, but
+      // there is no `window.location`. The old `typeof window`-only guard threw
+      // here; the new guard must return the sentinel without throwing.
+      globalRef.window = {};
+      expect(() => safeWindowOrigin()).not.toThrow();
+      expect(safeWindowOrigin()).toBe('no-origin');
+    });
+
+    it('returns the browser origin on web', () => {
+      globalRef.window = { location: { origin: 'https://app.mention.earth' } };
+      expect(safeWindowOrigin()).toBe('https://app.mention.earth');
+    });
+  });
+
+  describe('buildSilentGuardKey', () => {
+    it('does not throw and composes "no-origin|" on React Native', () => {
+      globalRef.window = {};
+      const getBaseURL = () => 'https://api.mention.earth';
+      expect(() => buildSilentGuardKey(getBaseURL)).not.toThrow();
+      expect(buildSilentGuardKey(getBaseURL)).toBe('no-origin|https://api.mention.earth');
+    });
+
+    it('composes "origin|baseURL" on web', () => {
+      globalRef.window = { location: { origin: 'https://app.mention.earth' } };
+      expect(buildSilentGuardKey(() => 'https://api.mention.earth')).toBe(
+        'https://app.mention.earth|https://api.mention.earth',
+      );
+    });
+
+    it('degrades baseURL to empty when getBaseURL is absent', () => {
+      globalRef.window = {};
+      expect(buildSilentGuardKey()).toBe('no-origin|');
+    });
+
+    it('degrades baseURL to empty when getBaseURL throws', () => {
+      globalRef.window = {};
+      const throwing = (): string => {
+        throw new Error('client not initialised');
+      };
+      expect(() => buildSilentGuardKey(throwing)).not.toThrow();
+      expect(buildSilentGuardKey(throwing)).toBe('no-origin|');
+    });
+  });
+});

package/src/utils/deviceFlowSignIn.ts

@@ -0,0 +1,76 @@
+/**
+ * Shared, pure orchestration for completing the cross-app device-flow sign-in
+ * (the QR-code / "Open Oxy Auth" path used on native and web).
+ *
+ * THE BUG THIS FIXES (native): once another authenticated device approves the
+ * pending AuthSession, the originating client is notified (socket / poll /
+ * deep-link) with the authorized `sessionId`. Before any session-management
+ * code can use it, the client MUST exchange the secret 128-bit `sessionToken`
+ * (held only by this client, generated for THIS flow) for the first access
+ * token via `claimSessionByToken` — the device-flow equivalent of OAuth's
+ * code-for-token exchange (RFC 8628 §3.4).
+ *
+ * Skipping the claim leaves the SDK with NO bearer token, so the subsequent
+ * `switchSession` -> `getTokenBySession` (`GET /session/token/:id`) call 401s
+ * against the C1-hardened API: the session is authorized server-side but the
+ * app never becomes authenticated and the UI sits "Waiting for
+ * authorization..." forever. The web `SignInModal` already claimed first; the
+ * native `OxyAuthScreen` did not. Consolidating the claim→switch sequence here
+ * keeps both paths identical and unit-testable, and prevents future drift.
+ */
+
+import type { User } from '@oxyhq/core';
+
+/**
+ * The minimal `OxyServices` surface this orchestration needs. Kept as a
+ * structural type (rather than importing the full client) so the helper is
+ * trivially unit-testable with a stub and never pulls the RN/Expo runtime into
+ * a test bundle.
+ */
+export interface DeviceFlowClient {
+  /**
+   * Exchange the device-flow `sessionToken` for the first access + refresh
+   * token, planting them on the client. Single-use; replay is rejected by the
+   * API. No bearer required — the high-entropy `sessionToken` IS the credential.
+   */
+  claimSessionByToken: (sessionToken: string) => Promise<unknown>;
+}
+
+export interface CompleteDeviceFlowSignInOptions {
+  /** The OxyServices client (or any object exposing `claimSessionByToken`). */
+  oxyServices: DeviceFlowClient;
+  /** The authorized device session id, delivered by the socket / poll / link. */
+  sessionId: string;
+  /**
+   * The secret `sessionToken` generated for THIS flow and registered via
+   * `POST /auth/session/create`. Required to claim the first access token.
+   */
+  sessionToken: string;
+  /**
+   * The session-management `switchSession` from `useOxy()`. Hydrates the
+   * activated session (validates, fetches the user, persists, updates state).
+   * Runs AFTER the bearer is planted so its bearer-protected calls succeed.
+   */
+  switchSession: (sessionId: string) => Promise<User>;
+}
+
+/**
+ * Complete a device-flow sign-in: claim the first access token with the secret
+ * `sessionToken` (planting the bearer), then hydrate the session via
+ * `switchSession`. Returns the authenticated user.
+ *
+ * Throws if either the claim or the switch fails; callers surface a retry UI.
+ */
+export async function completeDeviceFlowSignIn({
+  oxyServices,
+  sessionId,
+  sessionToken,
+  switchSession,
+}: CompleteDeviceFlowSignInOptions): Promise<User> {
+  // 1) Plant the bearer + refresh tokens. Without this the bearer-protected
+  //    `getTokenBySession` inside `switchSession` 401s (the native regression).
+  await oxyServices.claimSessionByToken(sessionToken);
+
+  // 2) Bearer is now planted — hydrate the session through the normal path.
+  return switchSession(sessionId);
+}

package/src/utils/silentGuardKey.ts

@@ -0,0 +1,46 @@
+/**
+ * Shared, pure helpers for building the `origin|baseURL` signature used as the
+ * module-level run-once guard key for cold-boot silent-SSO probes
+ * (`silentColdBootKey` in `OxyContext`, `ssoSignature` in `useWebSSO`).
+ *
+ * NATIVE SAFETY (the bug this fixes): React Native aliases a global `window`
+ * (it points at the JS global object), so `typeof window !== 'undefined'` is
+ * `true` on native — but `window.location` is `undefined`. Reading
+ * `window.location.origin` after only a `typeof window` check therefore throws
+ * `TypeError: Cannot read property 'origin' of undefined` on native. Because
+ * the key is built UNCONDITIONALLY at the top of the cold-boot path (before its
+ * try/catch), that throw escaped session restore entirely and broke
+ * cross-session restore on native. Both prior copies of the guard had the same
+ * insufficient `typeof window` check and were prone to drift, so the read is
+ * consolidated here behind a guard that also verifies `window.location`.
+ */
+
+/**
+ * Read `window.location.origin` safely on every platform.
+ *
+ * Returns the browser origin on web, and the sentinel `'no-origin'` anywhere
+ * `window.location` is absent (React Native, SSR/Node). Never throws.
+ */
+export function safeWindowOrigin(): string {
+  if (typeof window !== 'undefined' && typeof window.location !== 'undefined') {
+    return window.location.origin;
+  }
+  return 'no-origin';
+}
+
+/**
+ * Build the stable `origin|baseURL` signature for the silent-SSO run-once
+ * guard. Two providers pointed at the same API from the same origin share one
+ * attempt. `getBaseURL` is invoked defensively (it may be absent or throw on a
+ * partially-initialised client); any failure degrades to an empty baseURL.
+ */
+export function buildSilentGuardKey(getBaseURL?: () => string | undefined): string {
+  const origin = safeWindowOrigin();
+  let baseURL = '';
+  try {
+    baseURL = getBaseURL?.() ?? '';
+  } catch {
+    baseURL = '';
+  }
+  return `${origin}|${baseURL}`;
+}

package/lib/commonjs/ui/utils/appName.js

@@ -1,62 +0,0 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.resolveAppDisplayName = resolveAppDisplayName;
-var _reactNative = require("react-native");
-/**
- * The `storageKeyPrefix` default applied by `OxyContextProvider`. When the
- * consumer never overrides it, the prefix carries no app-identity signal and
- * must NOT be used to derive a display name (it would surface "Oxy_session").
- */
-const DEFAULT_STORAGE_KEY_PREFIX = 'oxy_session';
-
-/**
- * Capitalize the first character of a non-empty string. Used to turn a lower
- * case `storageKeyPrefix` (e.g. `"mention"`) into a presentable label
- * (`"Mention"`). Pure; leaves the remainder untouched so multi-word or already
- * capitalized values are preserved.
- */
-function capitalizeFirst(value) {
-  return value.charAt(0).toUpperCase() + value.slice(1);
-}
-
-/**
- * Resolve a human-readable application display name for the consent / sign-in
- * UI shown by the central Oxy auth experience (e.g. "Mention wants to access
- * your Oxy account"). This is sent as the `appId` field on
- * `POST /auth/session/create` and rendered verbatim by the auth consent page.
- *
- * Resolution order (first non-empty wins):
- *   1. An explicit `appName` declared by the consumer on `OxyProvider`.
- *   2. The capitalized `storageKeyPrefix` — but only when the consumer actually
- *      overrode the default. Apps already pass a brand-shaped prefix
- *      (`"mention"`, `"homiio"`, …) so this gives most apps a correct name with
- *      zero extra config.
- *   3. On web only, a meaningful `document.title` (trimmed). This rescues
- *      zero-config web apps that set a page title but no prefix.
- *   4. `Platform.OS` as the terminal fallback. On web this yields the historical
- *      `"web"` value — now reached ONLY when an app supplies neither an explicit
- *      name, a custom prefix, nor a document title.
- *
- * The result is never empty.
- */
-function resolveAppDisplayName(appName, storageKeyPrefix) {
-  const explicit = appName?.trim();
-  if (explicit) {
-    return explicit;
-  }
-  const prefix = storageKeyPrefix?.trim();
-  if (prefix && prefix !== DEFAULT_STORAGE_KEY_PREFIX) {
-    return capitalizeFirst(prefix);
-  }
-  if (_reactNative.Platform.OS === 'web' && typeof document !== 'undefined') {
-    const title = document.title?.trim();
-    if (title) {
-      return title;
-    }
-  }
-  return _reactNative.Platform.OS;
-}
-//# sourceMappingURL=appName.js.map

package/lib/commonjs/ui/utils/appName.js.map

@@ -1 +0,0 @@
-{"version":3,"names":["_reactNative","require","DEFAULT_STORAGE_KEY_PREFIX","capitalizeFirst","value","charAt","toUpperCase","slice","resolveAppDisplayName","appName","storageKeyPrefix","explicit","trim","prefix","Platform","OS","document","title"],"sourceRoot":"../../../../src","sources":["ui/utils/appName.ts"],"mappings":";;;;;;AAAA,IAAAA,YAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA,MAAMC,0BAA0B,GAAG,aAAa;;AAEhD;AACA;AACA;AACA;AACA;AACA;AACA,SAASC,eAAeA,CAACC,KAAa,EAAU;EAC9C,OAAOA,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC,GAAGF,KAAK,CAACG,KAAK,CAAC,CAAC,CAAC;AACvD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,qBAAqBA,CACnCC,OAA2B,EAC3BC,gBAAoC,EAC5B;EACR,MAAMC,QAAQ,GAAGF,OAAO,EAAEG,IAAI,CAAC,CAAC;EAChC,IAAID,QAAQ,EAAE;IACZ,OAAOA,QAAQ;EACjB;EAEA,MAAME,MAAM,GAAGH,gBAAgB,EAAEE,IAAI,CAAC,CAAC;EACvC,IAAIC,MAAM,IAAIA,MAAM,KAAKX,0BAA0B,EAAE;IACnD,OAAOC,eAAe,CAACU,MAAM,CAAC;EAChC;EAEA,IAAIC,qBAAQ,CAACC,EAAE,KAAK,KAAK,IAAI,OAAOC,QAAQ,KAAK,WAAW,EAAE;IAC5D,MAAMC,KAAK,GAAGD,QAAQ,CAACC,KAAK,EAAEL,IAAI,CAAC,CAAC;IACpC,IAAIK,KAAK,EAAE;MACT,OAAOA,KAAK;IACd;EACF;EAEA,OAAOH,qBAAQ,CAACC,EAAE;AACpB","ignoreList":[]}

package/lib/module/ui/utils/appName.js

@@ -1,59 +0,0 @@
-"use strict";
-
-import { Platform } from 'react-native';
-
-/**
- * The `storageKeyPrefix` default applied by `OxyContextProvider`. When the
- * consumer never overrides it, the prefix carries no app-identity signal and
- * must NOT be used to derive a display name (it would surface "Oxy_session").
- */
-const DEFAULT_STORAGE_KEY_PREFIX = 'oxy_session';
-
-/**
- * Capitalize the first character of a non-empty string. Used to turn a lower
- * case `storageKeyPrefix` (e.g. `"mention"`) into a presentable label
- * (`"Mention"`). Pure; leaves the remainder untouched so multi-word or already
- * capitalized values are preserved.
- */
-function capitalizeFirst(value) {
-  return value.charAt(0).toUpperCase() + value.slice(1);
-}
-
-/**
- * Resolve a human-readable application display name for the consent / sign-in
- * UI shown by the central Oxy auth experience (e.g. "Mention wants to access
- * your Oxy account"). This is sent as the `appId` field on
- * `POST /auth/session/create` and rendered verbatim by the auth consent page.
- *
- * Resolution order (first non-empty wins):
- *   1. An explicit `appName` declared by the consumer on `OxyProvider`.
- *   2. The capitalized `storageKeyPrefix` — but only when the consumer actually
- *      overrode the default. Apps already pass a brand-shaped prefix
- *      (`"mention"`, `"homiio"`, …) so this gives most apps a correct name with
- *      zero extra config.
- *   3. On web only, a meaningful `document.title` (trimmed). This rescues
- *      zero-config web apps that set a page title but no prefix.
- *   4. `Platform.OS` as the terminal fallback. On web this yields the historical
- *      `"web"` value — now reached ONLY when an app supplies neither an explicit
- *      name, a custom prefix, nor a document title.
- *
- * The result is never empty.
- */
-export function resolveAppDisplayName(appName, storageKeyPrefix) {
-  const explicit = appName?.trim();
-  if (explicit) {
-    return explicit;
-  }
-  const prefix = storageKeyPrefix?.trim();
-  if (prefix && prefix !== DEFAULT_STORAGE_KEY_PREFIX) {
-    return capitalizeFirst(prefix);
-  }
-  if (Platform.OS === 'web' && typeof document !== 'undefined') {
-    const title = document.title?.trim();
-    if (title) {
-      return title;
-    }
-  }
-  return Platform.OS;
-}
-//# sourceMappingURL=appName.js.map

package/lib/module/ui/utils/appName.js.map

@@ -1 +0,0 @@
-{"version":3,"names":["Platform","DEFAULT_STORAGE_KEY_PREFIX","capitalizeFirst","value","charAt","toUpperCase","slice","resolveAppDisplayName","appName","storageKeyPrefix","explicit","trim","prefix","OS","document","title"],"sourceRoot":"../../../../src","sources":["ui/utils/appName.ts"],"mappings":";;AAAA,SAASA,QAAQ,QAAQ,cAAc;;AAEvC;AACA;AACA;AACA;AACA;AACA,MAAMC,0BAA0B,GAAG,aAAa;;AAEhD;AACA;AACA;AACA;AACA;AACA;AACA,SAASC,eAAeA,CAACC,KAAa,EAAU;EAC9C,OAAOA,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC,GAAGF,KAAK,CAACG,KAAK,CAAC,CAAC,CAAC;AACvD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,qBAAqBA,CACnCC,OAA2B,EAC3BC,gBAAoC,EAC5B;EACR,MAAMC,QAAQ,GAAGF,OAAO,EAAEG,IAAI,CAAC,CAAC;EAChC,IAAID,QAAQ,EAAE;IACZ,OAAOA,QAAQ;EACjB;EAEA,MAAME,MAAM,GAAGH,gBAAgB,EAAEE,IAAI,CAAC,CAAC;EACvC,IAAIC,MAAM,IAAIA,MAAM,KAAKX,0BAA0B,EAAE;IACnD,OAAOC,eAAe,CAACU,MAAM,CAAC;EAChC;EAEA,IAAIZ,QAAQ,CAACa,EAAE,KAAK,KAAK,IAAI,OAAOC,QAAQ,KAAK,WAAW,EAAE;IAC5D,MAAMC,KAAK,GAAGD,QAAQ,CAACC,KAAK,EAAEJ,IAAI,CAAC,CAAC;IACpC,IAAII,KAAK,EAAE;MACT,OAAOA,KAAK;IACd;EACF;EAEA,OAAOf,QAAQ,CAACa,EAAE;AACpB","ignoreList":[]}

package/lib/typescript/commonjs/ui/utils/appName.d.ts

@@ -1,22 +0,0 @@
-/**
- * Resolve a human-readable application display name for the consent / sign-in
- * UI shown by the central Oxy auth experience (e.g. "Mention wants to access
- * your Oxy account"). This is sent as the `appId` field on
- * `POST /auth/session/create` and rendered verbatim by the auth consent page.
- *
- * Resolution order (first non-empty wins):
- *   1. An explicit `appName` declared by the consumer on `OxyProvider`.
- *   2. The capitalized `storageKeyPrefix` — but only when the consumer actually
- *      overrode the default. Apps already pass a brand-shaped prefix
- *      (`"mention"`, `"homiio"`, …) so this gives most apps a correct name with
- *      zero extra config.
- *   3. On web only, a meaningful `document.title` (trimmed). This rescues
- *      zero-config web apps that set a page title but no prefix.
- *   4. `Platform.OS` as the terminal fallback. On web this yields the historical
- *      `"web"` value — now reached ONLY when an app supplies neither an explicit
- *      name, a custom prefix, nor a document title.
- *
- * The result is never empty.
- */
-export declare function resolveAppDisplayName(appName: string | undefined, storageKeyPrefix: string | undefined): string;
-//# sourceMappingURL=appName.d.ts.map

package/lib/typescript/commonjs/ui/utils/appName.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"appName.d.ts","sourceRoot":"","sources":["../../../../../src/ui/utils/appName.ts"],"names":[],"mappings":"AAmBA;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,gBAAgB,EAAE,MAAM,GAAG,SAAS,GACnC,MAAM,CAmBR"}

package/lib/typescript/module/ui/utils/appName.d.ts

@@ -1,22 +0,0 @@
-/**
- * Resolve a human-readable application display name for the consent / sign-in
- * UI shown by the central Oxy auth experience (e.g. "Mention wants to access
- * your Oxy account"). This is sent as the `appId` field on
- * `POST /auth/session/create` and rendered verbatim by the auth consent page.
- *
- * Resolution order (first non-empty wins):
- *   1. An explicit `appName` declared by the consumer on `OxyProvider`.
- *   2. The capitalized `storageKeyPrefix` — but only when the consumer actually
- *      overrode the default. Apps already pass a brand-shaped prefix
- *      (`"mention"`, `"homiio"`, …) so this gives most apps a correct name with
- *      zero extra config.
- *   3. On web only, a meaningful `document.title` (trimmed). This rescues
- *      zero-config web apps that set a page title but no prefix.
- *   4. `Platform.OS` as the terminal fallback. On web this yields the historical
- *      `"web"` value — now reached ONLY when an app supplies neither an explicit
- *      name, a custom prefix, nor a document title.
- *
- * The result is never empty.
- */
-export declare function resolveAppDisplayName(appName: string | undefined, storageKeyPrefix: string | undefined): string;
-//# sourceMappingURL=appName.d.ts.map

package/lib/typescript/module/ui/utils/appName.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"appName.d.ts","sourceRoot":"","sources":["../../../../../src/ui/utils/appName.ts"],"names":[],"mappings":"AAmBA;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,gBAAgB,EAAE,MAAM,GAAG,SAAS,GACnC,MAAM,CAmBR"}

package/src/ui/utils/__tests__/appName.test.ts

@@ -1,52 +0,0 @@
-import { resolveAppDisplayName } from '../appName';
-
-// The shared react-native mock pins `Platform.OS` to 'web', which is exactly
-// the platform on which the historical "web wants to access your Oxy account"
-// regression occurred. These tests assert the resolution order that prevents it.
-
-describe('resolveAppDisplayName', () => {
-  const originalTitle = typeof document !== 'undefined' ? document.title : '';
-
-  afterEach(() => {
-    if (typeof document !== 'undefined') {
-      document.title = originalTitle;
-    }
-  });
-
-  it('prefers an explicit appName, trimmed', () => {
-    expect(resolveAppDisplayName('  Mention  ', 'oxy_session')).toBe('Mention');
-  });
-
-  it('explicit appName wins over a custom storageKeyPrefix', () => {
-    expect(resolveAppDisplayName('Mention', 'homiio')).toBe('Mention');
-  });
-
-  it('capitalizes a custom storageKeyPrefix when no appName is given', () => {
-    expect(resolveAppDisplayName(undefined, 'mention')).toBe('Mention');
-  });
-
-  it('ignores the default storageKeyPrefix (never surfaces "Oxy_session")', () => {
-    if (typeof document !== 'undefined') {
-      document.title = '';
-    }
-    expect(resolveAppDisplayName(undefined, 'oxy_session')).toBe('web');
-  });
-
-  it('falls back to document.title on web when no name or custom prefix is set', () => {
-    if (typeof document !== 'undefined') {
-      document.title = 'Homiio';
-    }
-    expect(resolveAppDisplayName(undefined, 'oxy_session')).toBe('Homiio');
-  });
-
-  it('falls back to the platform only when nothing else is available', () => {
-    if (typeof document !== 'undefined') {
-      document.title = '';
-    }
-    expect(resolveAppDisplayName(undefined, undefined)).toBe('web');
-  });
-
-  it('treats a whitespace-only appName as absent', () => {
-    expect(resolveAppDisplayName('   ', 'mention')).toBe('Mention');
-  });
-});

package/src/ui/utils/appName.ts

@@ -1,62 +0,0 @@
-import { Platform } from 'react-native';
-
-/**
- * The `storageKeyPrefix` default applied by `OxyContextProvider`. When the
- * consumer never overrides it, the prefix carries no app-identity signal and
- * must NOT be used to derive a display name (it would surface "Oxy_session").
- */
-const DEFAULT_STORAGE_KEY_PREFIX = 'oxy_session';
-
-/**
- * Capitalize the first character of a non-empty string. Used to turn a lower
- * case `storageKeyPrefix` (e.g. `"mention"`) into a presentable label
- * (`"Mention"`). Pure; leaves the remainder untouched so multi-word or already
- * capitalized values are preserved.
- */
-function capitalizeFirst(value: string): string {
-  return value.charAt(0).toUpperCase() + value.slice(1);
-}
-
-/**
- * Resolve a human-readable application display name for the consent / sign-in
- * UI shown by the central Oxy auth experience (e.g. "Mention wants to access
- * your Oxy account"). This is sent as the `appId` field on
- * `POST /auth/session/create` and rendered verbatim by the auth consent page.
- *
- * Resolution order (first non-empty wins):
- *   1. An explicit `appName` declared by the consumer on `OxyProvider`.
- *   2. The capitalized `storageKeyPrefix` — but only when the consumer actually
- *      overrode the default. Apps already pass a brand-shaped prefix
- *      (`"mention"`, `"homiio"`, …) so this gives most apps a correct name with
- *      zero extra config.
- *   3. On web only, a meaningful `document.title` (trimmed). This rescues
- *      zero-config web apps that set a page title but no prefix.
- *   4. `Platform.OS` as the terminal fallback. On web this yields the historical
- *      `"web"` value — now reached ONLY when an app supplies neither an explicit
- *      name, a custom prefix, nor a document title.
- *
- * The result is never empty.
- */
-export function resolveAppDisplayName(
-  appName: string | undefined,
-  storageKeyPrefix: string | undefined,
-): string {
-  const explicit = appName?.trim();
-  if (explicit) {
-    return explicit;
-  }
-
-  const prefix = storageKeyPrefix?.trim();
-  if (prefix && prefix !== DEFAULT_STORAGE_KEY_PREFIX) {
-    return capitalizeFirst(prefix);
-  }
-
-  if (Platform.OS === 'web' && typeof document !== 'undefined') {
-    const title = document.title?.trim();
-    if (title) {
-      return title;
-    }
-  }
-
-  return Platform.OS;
-}