@proveanything/smartlinks-auth-ui 0.5.21 → 0.6.0

package/ANDROID_NATIVE_BRIDGE.md

@@ -0,0 +1,775 @@
+# Native Bridge for Google Sign-In (AuthKit)
+
+This guide explains how to implement the native bridge in your app to enable Google Sign-In within a WebView. The bridge allows the web-based auth UI to delegate Google authentication to the native SDK, which provides a better user experience and avoids WebView restrictions.
+
+## Overview
+
+The native bridge is exposed via `window.AuthKit` and provides three methods:
+
+| Method | Purpose |
+|--------|---------|
+| `signInWithGoogle` | Initiates Google Sign-In flow |
+| `signOutGoogle` | Clears cached Google session (enables account picker on next login) |
+| `checkGoogleSignIn` | Silently checks for existing Google session (auto-login) |
+
+> **Note:** The bridge uses `AuthKit` as the interface name (registered via `addJavascriptInterface(bridge, "AuthKit")`). This allows multiple app features to share a single bridge object, avoiding the WebView limitation where registering the same name twice overwrites the previous object.
+
+```
++------------------+                                     +------------------+
+|                  |     AuthKit.signInWithGoogle(...)    |                  |
+|                  | ----------------------------------> |                  |
+|     WebView      |     AuthKit.signOutGoogle(...)       |   Native App     |
+|  (Auth UI)       | ----------------------------------> |   (Android/iOS)  |
+|                  |     AuthKit.checkGoogleSignIn(...)   |                  |
+|                  | ----------------------------------> |                  |
+|                  |                                     |                  |
+|                  | <---------------------------------- |                  |
+|                  |    smartlinksNativeCallback(result) |                  |
++------------------+                                     +------------------+
+```
+```
+
+---
+
+## Prerequisites
+
+### 1. Google Cloud Console Setup
+
+You need **two** OAuth Client IDs:
+
+1. **Android Client ID** - For your Android app
+   - Application type: Android
+   - Package name: Your app's `applicationId` from `build.gradle`
+   - SHA-1 fingerprint: From your signing key (debug or release)
+
+2. **Web Client ID** - For requesting ID tokens
+   - Application type: Web application
+   - This is the `serverClientId` passed from the web app
+
+### 2. Get SHA-1 Fingerprint
+
+```bash
+# In your Android project directory
+./gradlew signingReport
+```
+
+Or in Android Studio: **Gradle Panel → app → Tasks → android → signingReport**
+
+### 3. Add Dependencies
+
+```groovy
+// app/build.gradle
+dependencies {
+    implementation 'com.google.android.gms:play-services-auth:20.7.0'
+}
+```
+
+---
+
+## Implementation
+
+### SmartlinksNativeBridge.kt (Kotlin)
+
+```kotlin
+package com.yourapp.bridge
+
+import android.content.Context
+import android.content.Intent
+import android.util.Log
+import android.webkit.JavascriptInterface
+import android.webkit.WebView
+import androidx.activity.result.ActivityResultLauncher
+import com.google.android.gms.auth.api.signin.GoogleSignIn
+import com.google.android.gms.auth.api.signin.GoogleSignInAccount
+import com.google.android.gms.auth.api.signin.GoogleSignInClient
+import com.google.android.gms.auth.api.signin.GoogleSignInOptions
+import com.google.android.gms.common.api.ApiException
+import org.json.JSONObject
+
+class AndroidBridge(
+    private val context: Context,
+    private val webView: WebView,
+    private val signInLauncher: ActivityResultLauncher<Intent>
+) {
+    companion object {
+        private const val TAG = "AndroidBridge"
+    }
+
+    // Store pending callback ID for sign-in flow
+    private var pendingSignInCallbackId: String? = null
+    private var pendingServerClientId: String? = null
+
+    // ==================== SIGN IN ====================
+
+    @JavascriptInterface
+    fun signInWithGoogle(payload: String) {
+        Log.d(TAG, "signInWithGoogle called with payload: $payload")
+        
+        try {
+            val json = JSONObject(payload)
+            val callbackId = json.getString("callbackId")
+            val serverClientId = json.getString("serverClientId")
+            
+            // Store for use in onActivityResult
+            pendingSignInCallbackId = callbackId
+            pendingServerClientId = serverClientId
+            
+            Log.d(TAG, "Initiating Google Sign-In with serverClientId: $serverClientId")
+            
+            // Configure Google Sign-In
+            val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
+                .requestIdToken(serverClientId) // This is the Web Client ID!
+                .requestEmail()
+                .requestProfile()
+                .build()
+            
+            val googleSignInClient = GoogleSignIn.getClient(context, gso)
+            
+            // Sign out first to ensure account picker is shown
+            googleSignInClient.signOut().addOnCompleteListener {
+                // Launch sign-in intent
+                val signInIntent = googleSignInClient.signInIntent
+                signInLauncher.launch(signInIntent)
+            }
+            
+        } catch (e: Exception) {
+            Log.e(TAG, "Error parsing sign-in payload", e)
+            sendCallback(JSONObject().apply {
+                put("callbackId", "unknown")
+                put("success", false)
+                put("error", e.message ?: "Failed to parse payload")
+                put("errorCode", "PARSE_ERROR")
+            })
+        }
+    }
+
+    /**
+     * Call this from your Activity's ActivityResultCallback
+     */
+    fun handleSignInResult(data: Intent?) {
+        val callbackId = pendingSignInCallbackId ?: run {
+            Log.w(TAG, "No pending callback ID for sign-in result")
+            return
+        }
+        
+        try {
+            val task = GoogleSignIn.getSignedInAccountFromIntent(data)
+            val account = task.getResult(ApiException::class.java)
+            
+            Log.d(TAG, "Sign-in successful: ${account.email}")
+            
+            sendCallback(JSONObject().apply {
+                put("callbackId", callbackId)
+                put("success", true)
+                put("idToken", account.idToken)
+                put("email", account.email)
+                put("name", account.displayName)
+                put("picture", account.photoUrl?.toString())
+            })
+            
+        } catch (e: ApiException) {
+            Log.e(TAG, "Sign-in failed with status code: ${e.statusCode}", e)
+            
+            val errorMessage = when (e.statusCode) {
+                12501 -> "Sign-in cancelled by user"
+                12502 -> "Sign-in currently in progress"
+                10 -> "Developer error: Check your SHA-1 and package name configuration"
+                7 -> "Network error: Please check your internet connection"
+                else -> "Sign-in failed (code: ${e.statusCode})"
+            }
+            
+            sendCallback(JSONObject().apply {
+                put("callbackId", callbackId)
+                put("success", false)
+                put("error", errorMessage)
+                put("errorCode", "STATUS_${e.statusCode}")
+            })
+        } finally {
+            pendingSignInCallbackId = null
+            pendingServerClientId = null
+        }
+    }
+
+    // ==================== SIGN OUT ====================
+
+    @JavascriptInterface
+    fun signOutGoogle(payload: String) {
+        Log.d(TAG, "signOutGoogle called with payload: $payload")
+        
+        try {
+            val json = JSONObject(payload)
+            val callbackId = json.getString("callbackId")
+            
+            // Get Google Sign-In client with minimal config (no serverClientId needed)
+            val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
+                .requestEmail()
+                .build()
+            
+            val googleSignInClient = GoogleSignIn.getClient(context, gso)
+            
+            // Sign out and revoke access to ensure account picker shows next time
+            googleSignInClient.signOut().addOnCompleteListener { signOutTask ->
+                googleSignInClient.revokeAccess().addOnCompleteListener { revokeTask ->
+                    Log.d(TAG, "Sign-out complete: signOut=${signOutTask.isSuccessful}, revoke=${revokeTask.isSuccessful}")
+                    
+                    sendCallback(JSONObject().apply {
+                        put("callbackId", callbackId)
+                        put("success", true)
+                    })
+                }
+            }
+            
+        } catch (e: Exception) {
+            Log.e(TAG, "Error in signOutGoogle", e)
+            
+            try {
+                val json = JSONObject(payload)
+                val callbackId = json.optString("callbackId", "unknown")
+                sendCallback(JSONObject().apply {
+                    put("callbackId", callbackId)
+                    put("success", false)
+                    put("error", e.message ?: "Sign-out failed")
+                })
+            } catch (parseError: Exception) {
+                Log.e(TAG, "Failed to send error callback", parseError)
+            }
+        }
+    }
+
+    // ==================== SILENT SIGN-IN CHECK ====================
+
+    @JavascriptInterface
+    fun checkGoogleSignIn(payload: String) {
+        Log.d(TAG, "checkGoogleSignIn called with payload: $payload")
+        
+        try {
+            val json = JSONObject(payload)
+            val callbackId = json.getString("callbackId")
+            val serverClientId = json.getString("serverClientId")
+            
+            // Check for existing signed-in account
+            val lastAccount = GoogleSignIn.getLastSignedInAccount(context)
+            
+            if (lastAccount != null && !lastAccount.isExpired) {
+                Log.d(TAG, "Found existing account: ${lastAccount.email}, attempting silent sign-in")
+                
+                // Try silent sign-in to get fresh ID token
+                val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
+                    .requestIdToken(serverClientId)
+                    .requestEmail()
+                    .build()
+                
+                val googleSignInClient = GoogleSignIn.getClient(context, gso)
+                
+                googleSignInClient.silentSignIn().addOnCompleteListener { task ->
+                    if (task.isSuccessful) {
+                        val account = task.result
+                        Log.d(TAG, "Silent sign-in successful: ${account?.email}")
+                        
+                        sendCallback(JSONObject().apply {
+                            put("callbackId", callbackId)
+                            put("success", true)
+                            put("isSignedIn", true)
+                            put("idToken", account?.idToken)
+                            put("email", account?.email)
+                            put("name", account?.displayName)
+                            put("picture", account?.photoUrl?.toString())
+                        })
+                    } else {
+                        Log.d(TAG, "Silent sign-in failed, user needs interactive sign-in")
+                        
+                        sendCallback(JSONObject().apply {
+                            put("callbackId", callbackId)
+                            put("success", true)
+                            put("isSignedIn", false)
+                        })
+                    }
+                }
+            } else {
+                Log.d(TAG, "No existing account or account expired")
+                
+                sendCallback(JSONObject().apply {
+                    put("callbackId", callbackId)
+                    put("success", true)
+                    put("isSignedIn", false)
+                })
+            }
+            
+        } catch (e: Exception) {
+            Log.e(TAG, "Error in checkGoogleSignIn", e)
+            
+            try {
+                val json = JSONObject(payload)
+                val callbackId = json.optString("callbackId", "unknown")
+                sendCallback(JSONObject().apply {
+                    put("callbackId", callbackId)
+                    put("success", false)
+                    put("error", e.message ?: "Check sign-in failed")
+                })
+            } catch (parseError: Exception) {
+                Log.e(TAG, "Failed to send error callback", parseError)
+            }
+        }
+    }
+
+    // ==================== HELPER ====================
+
+    private fun sendCallback(result: JSONObject) {
+        val script = "window.smartlinksNativeCallback(${result})"
+        Log.d(TAG, "Sending callback: $script")
+        
+        webView.post {
+            webView.evaluateJavascript(script, null)
+        }
+    }
+}
+```
+
+### Activity Integration (Kotlin)
+
+```kotlin
+package com.yourapp
+
+import android.os.Bundle
+import android.webkit.WebView
+import android.webkit.WebViewClient
+import androidx.activity.result.contract.ActivityResultContracts
+import androidx.appcompat.app.AppCompatActivity
+import com.yourapp.bridge.AndroidBridge
+
+class WebViewActivity : AppCompatActivity() {
+    
+    private lateinit var webView: WebView
+    private lateinit var androidBridge: AndroidBridge
+    
+    // Register for sign-in result
+    private val signInLauncher = registerForActivityResult(
+        ActivityResultContracts.StartActivityForResult()
+    ) { result ->
+        androidBridge.handleSignInResult(result.data)
+    }
+    
+    override fun onCreate(savedInstanceState: Bundle?) {
+        super.onCreate(savedInstanceState)
+        
+        webView = WebView(this).apply {
+            settings.javaScriptEnabled = true
+            settings.domStorageEnabled = true
+            webViewClient = WebViewClient()
+        }
+        setContentView(webView)
+        
+        // Create and attach the native bridge
+        // IMPORTANT: Use "AuthKit" as the interface name - this allows combining
+        // auth features with other app features in a single bridge object
+        androidBridge = AndroidBridge(this, webView, signInLauncher)
+        webView.addJavascriptInterface(androidBridge, "AuthKit")
+        
+        // Load your auth URL
+        webView.loadUrl("https://your-app.lovable.app")
+    }
+}
+```
+
+---
+
+## Java Implementation
+
+<details>
+<summary>Click to expand Java version</summary>
+
+### AndroidBridge.java
+
+```java
+package com.yourapp.bridge;
+
+import android.content.Context;
+import android.content.Intent;
+import android.util.Log;
+import android.webkit.JavascriptInterface;
+import android.webkit.WebView;
+
+import androidx.activity.result.ActivityResultLauncher;
+
+import com.google.android.gms.auth.api.signin.GoogleSignIn;
+import com.google.android.gms.auth.api.signin.GoogleSignInAccount;
+import com.google.android.gms.auth.api.signin.GoogleSignInClient;
+import com.google.android.gms.auth.api.signin.GoogleSignInOptions;
+import com.google.android.gms.common.api.ApiException;
+import com.google.android.gms.tasks.Task;
+
+import org.json.JSONException;
+import org.json.JSONObject;
+
+public class AndroidBridge {
+    private static final String TAG = "AndroidBridge";
+    
+    private final Context context;
+    private final WebView webView;
+    private final ActivityResultLauncher<Intent> signInLauncher;
+    
+    private String pendingSignInCallbackId;
+    private String pendingServerClientId;
+    
+    public AndroidBridge(
+            Context context, 
+            WebView webView, 
+            ActivityResultLauncher<Intent> signInLauncher
+    ) {
+        this.context = context;
+        this.webView = webView;
+        this.signInLauncher = signInLauncher;
+    }
+    
+    // ==================== SIGN IN ====================
+    
+    @JavascriptInterface
+    public void signInWithGoogle(String payload) {
+        Log.d(TAG, "signInWithGoogle called with payload: " + payload);
+        
+        try {
+            JSONObject json = new JSONObject(payload);
+            String callbackId = json.getString("callbackId");
+            String serverClientId = json.getString("serverClientId");
+            
+            pendingSignInCallbackId = callbackId;
+            pendingServerClientId = serverClientId;
+            
+            GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
+                    .requestIdToken(serverClientId)
+                    .requestEmail()
+                    .requestProfile()
+                    .build();
+            
+            GoogleSignInClient googleSignInClient = GoogleSignIn.getClient(context, gso);
+            
+            googleSignInClient.signOut().addOnCompleteListener(task -> {
+                Intent signInIntent = googleSignInClient.getSignInIntent();
+                signInLauncher.launch(signInIntent);
+            });
+            
+        } catch (JSONException e) {
+            Log.e(TAG, "Error parsing sign-in payload", e);
+            sendErrorCallback("unknown", "Failed to parse payload", "PARSE_ERROR");
+        }
+    }
+    
+    public void handleSignInResult(Intent data) {
+        if (pendingSignInCallbackId == null) {
+            Log.w(TAG, "No pending callback ID for sign-in result");
+            return;
+        }
+        
+        String callbackId = pendingSignInCallbackId;
+        
+        try {
+            Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
+            GoogleSignInAccount account = task.getResult(ApiException.class);
+            
+            Log.d(TAG, "Sign-in successful: " + account.getEmail());
+            
+            JSONObject result = new JSONObject();
+            result.put("callbackId", callbackId);
+            result.put("success", true);
+            result.put("idToken", account.getIdToken());
+            result.put("email", account.getEmail());
+            result.put("name", account.getDisplayName());
+            result.put("picture", account.getPhotoUrl() != null ? account.getPhotoUrl().toString() : null);
+            
+            sendCallback(result);
+            
+        } catch (ApiException e) {
+            Log.e(TAG, "Sign-in failed with status code: " + e.getStatusCode(), e);
+            
+            String errorMessage;
+            switch (e.getStatusCode()) {
+                case 12501:
+                    errorMessage = "Sign-in cancelled by user";
+                    break;
+                case 12502:
+                    errorMessage = "Sign-in currently in progress";
+                    break;
+                case 10:
+                    errorMessage = "Developer error: Check your SHA-1 and package name configuration";
+                    break;
+                case 7:
+                    errorMessage = "Network error: Please check your internet connection";
+                    break;
+                default:
+                    errorMessage = "Sign-in failed (code: " + e.getStatusCode() + ")";
+            }
+            
+            sendErrorCallback(callbackId, errorMessage, "STATUS_" + e.getStatusCode());
+            
+        } catch (JSONException e) {
+            Log.e(TAG, "Error building result JSON", e);
+            sendErrorCallback(callbackId, "Internal error", "JSON_ERROR");
+        } finally {
+            pendingSignInCallbackId = null;
+            pendingServerClientId = null;
+        }
+    }
+    
+    // ==================== SIGN OUT ====================
+    
+    @JavascriptInterface
+    public void signOutGoogle(String payload) {
+        Log.d(TAG, "signOutGoogle called with payload: " + payload);
+        
+        try {
+            JSONObject json = new JSONObject(payload);
+            String callbackId = json.getString("callbackId");
+            
+            GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
+                    .requestEmail()
+                    .build();
+            
+            GoogleSignInClient googleSignInClient = GoogleSignIn.getClient(context, gso);
+            
+            googleSignInClient.signOut().addOnCompleteListener(signOutTask -> {
+                googleSignInClient.revokeAccess().addOnCompleteListener(revokeTask -> {
+                    try {
+                        JSONObject result = new JSONObject();
+                        result.put("callbackId", callbackId);
+                        result.put("success", true);
+                        sendCallback(result);
+                    } catch (JSONException e) {
+                        Log.e(TAG, "Error building result", e);
+                    }
+                });
+            });
+            
+        } catch (JSONException e) {
+            Log.e(TAG, "Error in signOutGoogle", e);
+        }
+    }
+    
+    // ==================== SILENT SIGN-IN CHECK ====================
+    
+    @JavascriptInterface
+    public void checkGoogleSignIn(String payload) {
+        Log.d(TAG, "checkGoogleSignIn called with payload: " + payload);
+        
+        try {
+            JSONObject json = new JSONObject(payload);
+            String callbackId = json.getString("callbackId");
+            String serverClientId = json.getString("serverClientId");
+            
+            GoogleSignInAccount lastAccount = GoogleSignIn.getLastSignedInAccount(context);
+            
+            if (lastAccount != null && !lastAccount.isExpired()) {
+                GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
+                        .requestIdToken(serverClientId)
+                        .requestEmail()
+                        .build();
+                
+                GoogleSignInClient googleSignInClient = GoogleSignIn.getClient(context, gso);
+                
+                googleSignInClient.silentSignIn().addOnCompleteListener(task -> {
+                    try {
+                        JSONObject result = new JSONObject();
+                        result.put("callbackId", callbackId);
+                        result.put("success", true);
+                        
+                        if (task.isSuccessful() && task.getResult() != null) {
+                            GoogleSignInAccount account = task.getResult();
+                            result.put("isSignedIn", true);
+                            result.put("idToken", account.getIdToken());
+                            result.put("email", account.getEmail());
+                            result.put("name", account.getDisplayName());
+                            result.put("picture", account.getPhotoUrl() != null ? 
+                                    account.getPhotoUrl().toString() : null);
+                        } else {
+                            result.put("isSignedIn", false);
+                        }
+                        
+                        sendCallback(result);
+                    } catch (JSONException e) {
+                        Log.e(TAG, "Error building result", e);
+                    }
+                });
+            } else {
+                JSONObject result = new JSONObject();
+                result.put("callbackId", callbackId);
+                result.put("success", true);
+                result.put("isSignedIn", false);
+                sendCallback(result);
+            }
+            
+        } catch (JSONException e) {
+            Log.e(TAG, "Error in checkGoogleSignIn", e);
+        }
+    }
+    
+    // ==================== HELPERS ====================
+    
+    private void sendCallback(JSONObject result) {
+        String script = "window.smartlinksNativeCallback(" + result.toString() + ")";
+        Log.d(TAG, "Sending callback: " + script);
+        
+        webView.post(() -> webView.evaluateJavascript(script, null));
+    }
+    
+    private void sendErrorCallback(String callbackId, String error, String errorCode) {
+        try {
+            JSONObject result = new JSONObject();
+            result.put("callbackId", callbackId);
+            result.put("success", false);
+            result.put("error", error);
+            result.put("errorCode", errorCode);
+            sendCallback(result);
+        } catch (JSONException e) {
+            Log.e(TAG, "Failed to send error callback", e);
+        }
+    }
+}
+```
+
+</details>
+
+---
+
+## Payload Reference
+
+### signInWithGoogle
+
+**Request:**
+```json
+{
+  "type": "GOOGLE_SIGN_IN",
+  "clientId": "smartlinks-client-id",
+  "googleClientId": "696509063554-xxx.apps.googleusercontent.com",
+  "serverClientId": "696509063554-xxx.apps.googleusercontent.com",
+  "callbackId": "google_auth_1706104800000",
+  "scopes": ["email", "profile"],
+  "requestIdToken": true,
+  "requestServerAuthCode": false
+}
+```
+
+**Success Response:**
+```json
+{
+  "callbackId": "google_auth_1706104800000",
+  "success": true,
+  "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6...",
+  "email": "user@example.com",
+  "name": "John Doe",
+  "picture": "https://lh3.googleusercontent.com/..."
+}
+```
+
+**Error Response:**
+```json
+{
+  "callbackId": "google_auth_1706104800000",
+  "success": false,
+  "error": "Sign-in cancelled by user",
+  "errorCode": "STATUS_12501"
+}
+```
+
+### signOutGoogle
+
+**Request:**
+```json
+{
+  "type": "GOOGLE_SIGN_OUT",
+  "callbackId": "google_signout_1706104800000"
+}
+```
+
+**Response:**
+```json
+{
+  "callbackId": "google_signout_1706104800000",
+  "success": true
+}
+```
+
+### checkGoogleSignIn
+
+**Request:**
+```json
+{
+  "type": "GOOGLE_CHECK_SIGN_IN",
+  "clientId": "smartlinks-client-id",
+  "googleClientId": "696509063554-xxx.apps.googleusercontent.com",
+  "serverClientId": "696509063554-xxx.apps.googleusercontent.com",
+  "callbackId": "google_check_1706104800000"
+}
+```
+
+**Response (Signed In):**
+```json
+{
+  "callbackId": "google_check_1706104800000",
+  "success": true,
+  "isSignedIn": true,
+  "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6...",
+  "email": "user@example.com",
+  "name": "John Doe",
+  "picture": "https://lh3.googleusercontent.com/..."
+}
+```
+
+**Response (Not Signed In):**
+```json
+{
+  "callbackId": "google_check_1706104800000",
+  "success": true,
+  "isSignedIn": false
+}
+```
+
+---
+
+## Common Error Codes
+
+| Code | Meaning | Solution |
+|------|---------|----------|
+| 10 | Developer error | Check SHA-1 fingerprint and package name match Google Cloud Console |
+| 12501 | User cancelled | Normal - user closed the account picker |
+| 12502 | Sign-in in progress | Wait for current sign-in to complete |
+| 7 | Network error | Check internet connectivity |
+
+---
+
+## Troubleshooting
+
+### "Developer error" (code 10)
+
+This means your Android credentials don't match. Verify:
+
+1. **Package name** in Google Cloud Console matches `applicationId` in `build.gradle`
+2. **SHA-1 fingerprint** matches your signing key:
+   - Debug key: `~/.android/debug.keystore`
+   - Release key: Your production keystore
+3. You're using the **Web Client ID** (not Android Client ID) for `requestIdToken()`
+
+### ID Token is null
+
+Make sure you're calling `requestIdToken(serverClientId)` with the **Web Client ID**, not the Android Client ID.
+
+### Account picker not showing
+
+The `signInWithGoogle` implementation calls `signOut()` before launching the sign-in intent. If you want to skip the picker for returning users, remove that call.
+
+---
+
+## Web Library Props
+
+Enable silent sign-in in your SmartlinksAuthUI component:
+
+```tsx
+<SmartlinksAuthUI
+  apiEndpoint="https://api.smartlinks.app"
+  clientId="your-client-id"
+  enableSilentGoogleSignIn={true}  // Check for existing Google session on mount
+  onAuthSuccess={(token, user) => {
+    console.log('Authenticated:', user.email);
+  }}
+/>
+```
+
+This will automatically authenticate users who already have a Google session in the native app.