@proveanything/smartlinks-auth-ui 0.3.12 → 0.3.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/components/SmartlinksAuthUI.d.ts.map +1 -1
- package/dist/index.esm.js +8 -4
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +8 -4
- package/dist/index.js.map +1 -1
- package/dist/types.d.ts +7 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +4 -4
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SmartlinksAuthUI.d.ts","sourceRoot":"","sources":["../../src/components/SmartlinksAuthUI.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAuC,MAAM,OAAO,CAAC;AAY5D,OAAO,KAAK,EAAE,qBAAqB,EAAyF,MAAM,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"SmartlinksAuthUI.d.ts","sourceRoot":"","sources":["../../src/components/SmartlinksAuthUI.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAuC,MAAM,OAAO,CAAC;AAY5D,OAAO,KAAK,EAAE,qBAAqB,EAAyF,MAAM,UAAU,CAAC;AA8I7I,QAAA,MAAM,mBAAmB,QAAa,OAAO,CAAC,IAAI,CAmCjD,CAAC;AAwEF,OAAO,EAAE,mBAAmB,EAAE,CAAC;AAK/B,eAAO,MAAM,gBAAgB,EAAE,KAAK,CAAC,EAAE,CAAC,qBAAqB,CA0mD5D,CAAC"}
|
package/dist/index.esm.js
CHANGED
|
@@ -12321,7 +12321,7 @@ const getExpirationFromResponse = (response) => {
|
|
|
12321
12321
|
// Default Smartlinks Google OAuth Client ID (public - safe to expose)
|
|
12322
12322
|
const DEFAULT_GOOGLE_CLIENT_ID = '696509063554-jdlbjl8vsjt7cr0vgkjkjf3ffnvi3a70.apps.googleusercontent.com';
|
|
12323
12323
|
// Default Google OAuth proxy URL (hosted on our whitelisted domain)
|
|
12324
|
-
const DEFAULT_GOOGLE_PROXY_URL = 'https://smartlinks
|
|
12324
|
+
const DEFAULT_GOOGLE_PROXY_URL = 'https://smartlinks.app/apps/account/stable/google-proxy.html';
|
|
12325
12325
|
// Exact hostnames where Google OAuth is registered and inline/OneTap flow works directly.
|
|
12326
12326
|
// Only specific registered origins — NOT broad wildcards like *.lovable.app
|
|
12327
12327
|
const WHITELISTED_GOOGLE_OAUTH_HOSTS = [
|
|
@@ -12333,11 +12333,15 @@ const WHITELISTED_GOOGLE_OAUTH_HOSTS = [
|
|
|
12333
12333
|
/**
|
|
12334
12334
|
* Check if the current domain is whitelisted for direct Google OAuth.
|
|
12335
12335
|
* Uses exact hostname match (plus subdomain match for smartlinks.app production).
|
|
12336
|
+
* Merges the hardcoded list with any additional domains from auth kit config.
|
|
12336
12337
|
* Returns true if OneTap/inline flow can work without a proxy.
|
|
12337
12338
|
*/
|
|
12338
|
-
const isWhitelistedGoogleDomain = () => {
|
|
12339
|
+
const isWhitelistedGoogleDomain = (additionalDomains) => {
|
|
12339
12340
|
const hostname = window.location.hostname;
|
|
12340
|
-
|
|
12341
|
+
const allDomains = additionalDomains?.length
|
|
12342
|
+
? [...WHITELISTED_GOOGLE_OAUTH_HOSTS, ...additionalDomains]
|
|
12343
|
+
: WHITELISTED_GOOGLE_OAUTH_HOSTS;
|
|
12344
|
+
return allDomains.some(domain => hostname === domain || hostname.endsWith(`.${domain}`));
|
|
12341
12345
|
};
|
|
12342
12346
|
// Default auth UI configuration when no clientId is provided
|
|
12343
12347
|
const DEFAULT_AUTH_CONFIG = {
|
|
@@ -13118,7 +13122,7 @@ const SmartlinksAuthUI = ({ apiEndpoint, clientId, clientName, accountData, onAu
|
|
|
13118
13122
|
// - If user has their own Google Client ID, they've registered their domains — no proxy needed
|
|
13119
13123
|
// - If on a whitelisted SmartLinks domain, inline flow works directly
|
|
13120
13124
|
// - Otherwise, auto-use the default proxy URL
|
|
13121
|
-
const isWhitelisted = isWhitelistedGoogleDomain();
|
|
13125
|
+
const isWhitelisted = isWhitelistedGoogleDomain(config?.whitelistedGoogleDomains);
|
|
13122
13126
|
const googleProxyUrl = config?.googleOAuthProxyUrl
|
|
13123
13127
|
|| (!hasCustomGoogleClientId && !isWhitelisted ? DEFAULT_GOOGLE_PROXY_URL : undefined);
|
|
13124
13128
|
log.log('Google Auth initiated:', {
|