@quiltt/capacitor 5.1.2

package/dist/react.cjs

@@ -0,0 +1,296 @@
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var react = require('@quiltt/react');
+var jsxRuntime = require('react/jsx-runtime');
+var react$1 = require('react');
+var core = require('@capacitor/core');
+
+/**
+ * Native Capacitor plugin for deep link handling and URL opening
+ * Used internally by QuilttConnector component for OAuth flows
+ */ const QuilttConnector$1 = core.registerPlugin('QuilttConnector', {
+    web: ()=>Promise.resolve().then(function () { return require('./web-BgcuNl8a.cjs'); }).then((m)=>new m.QuilttConnectorWeb())
+});
+
+const trustedQuilttHostSuffixes = [
+    'quiltt.io',
+    'quiltt.dev',
+    'quiltt.app'
+];
+const isTrustedQuilttOrigin = (origin)=>{
+    try {
+        const originUrl = new URL(origin);
+        if (originUrl.protocol !== 'https:') {
+            return false;
+        }
+        const hostname = originUrl.hostname.toLowerCase();
+        return trustedQuilttHostSuffixes.some((suffix)=>hostname === suffix || hostname.endsWith(`.${suffix}`));
+    } catch  {
+        return false;
+    }
+};
+const decodeIfEncoded = (value)=>{
+    try {
+        const decoded = decodeURIComponent(value);
+        return decoded === value ? value : decoded;
+    } catch  {
+        return value;
+    }
+};
+const normalizeUrlValue = (value)=>decodeIfEncoded(value.trim());
+/**
+ * QuilttConnector component for Capacitor apps
+ * Embeds the Quiltt Connector in an iframe and handles OAuth flows via native plugins
+ */ const QuilttConnector = /*#__PURE__*/ react$1.forwardRef(({ connectorId, connectionId, institution, appLauncherUrl, style, className, onEvent, onLoad, onExit, onExitSuccess, onExitAbort, onExitError }, ref)=>{
+    const iframeRef = react$1.useRef(null);
+    const { session } = react.useQuilttSession();
+    const [isLoaded, setIsLoaded] = react$1.useState(false);
+    const [loadError, setLoadError] = react$1.useState(null);
+    // Connector origin for secure postMessage targeting
+    const connectorOrigin = react$1.useMemo(()=>`https://${connectorId}.quiltt.app`, [
+        connectorId
+    ]);
+    // Build connector URL
+    const connectorUrl = react$1.useMemo(()=>{
+        const url = new URL(connectorOrigin);
+        if (session?.token) {
+            url.searchParams.set('token', session.token);
+        }
+        if (connectionId) {
+            url.searchParams.set('connectionId', connectionId);
+        }
+        if (institution) {
+            url.searchParams.set('institution', institution);
+        }
+        if (appLauncherUrl) {
+            url.searchParams.set('app_launcher_url', normalizeUrlValue(appLauncherUrl));
+        }
+        if (typeof window !== 'undefined') {
+            url.searchParams.set('embed_location', window.location.href);
+        }
+        // Set mode for inline iframe embedding
+        url.searchParams.set('mode', 'INLINE');
+        return url.toString();
+    }, [
+        connectorOrigin,
+        session?.token,
+        connectionId,
+        institution,
+        appLauncherUrl
+    ]);
+    react$1.useEffect(()=>{
+        setIsLoaded(false);
+        setLoadError(null);
+        const abortController = new AbortController();
+        const runPreflight = async ()=>{
+            try {
+                await fetch(connectorUrl, {
+                    method: 'GET',
+                    mode: 'no-cors',
+                    credentials: 'omit',
+                    signal: abortController.signal
+                });
+            } catch  {
+                setLoadError('Unable to reach Quiltt Connector. Check network and connector settings.');
+            }
+        };
+        void runPreflight();
+        return ()=>{
+            abortController.abort();
+        };
+    }, [
+        connectorUrl
+    ]);
+    react$1.useEffect(()=>{
+        if (isLoaded || loadError) {
+            return;
+        }
+        const timeoutId = window.setTimeout(()=>{
+            setLoadError('Connector took too long to load. Please retry.');
+        }, 15000);
+        return ()=>{
+            window.clearTimeout(timeoutId);
+        };
+    }, [
+        isLoaded,
+        loadError
+    ]);
+    const postOAuthCallbackToIframe = react$1.useCallback((callbackUrl)=>{
+        if (!iframeRef.current?.contentWindow) {
+            return;
+        }
+        const normalizedCallbackUrl = normalizeUrlValue(callbackUrl);
+        try {
+            const callback = new URL(normalizedCallbackUrl);
+            const params = {};
+            callback.searchParams.forEach((value, key)=>{
+                params[key] = value;
+            });
+            iframeRef.current.contentWindow.postMessage({
+                source: 'quiltt',
+                type: 'OAuthCallback',
+                data: {
+                    url: normalizedCallbackUrl,
+                    params
+                }
+            }, connectorOrigin);
+        } catch  {
+            iframeRef.current.contentWindow.postMessage({
+                source: 'quiltt',
+                type: 'OAuthCallback',
+                data: {
+                    url: normalizedCallbackUrl,
+                    params: {}
+                }
+            }, connectorOrigin);
+        }
+    }, [
+        connectorOrigin
+    ]);
+    // Handle messages from the iframe
+    // The platform MessageBus sends: { source: 'quiltt', type: 'Load'|'ExitSuccess'|..., ...metadata }
+    const handleMessage = react$1.useCallback((event)=>{
+        // Validate origin
+        if (!isTrustedQuilttOrigin(event.origin)) {
+            return;
+        }
+        const data = event.data || {};
+        // Validate message is from Quiltt MessageBus
+        if (data.source !== 'quiltt' || !data.type) return;
+        const { type, connectionId: msgConnectionId, profileId, connectorSession, url } = data;
+        // Build metadata from message fields
+        const metadata = {
+            connectorId,
+            ...profileId && {
+                profileId
+            },
+            ...msgConnectionId && {
+                connectionId: msgConnectionId
+            },
+            ...connectorSession && {
+                connectorSession
+            }
+        };
+        switch(type){
+            case 'Load':
+                setIsLoaded(true);
+                setLoadError(null);
+                onEvent?.(react.ConnectorSDKEventType.Load, metadata);
+                onLoad?.(metadata);
+                break;
+            case 'ExitSuccess':
+                onEvent?.(react.ConnectorSDKEventType.ExitSuccess, metadata);
+                onExit?.(react.ConnectorSDKEventType.ExitSuccess, metadata);
+                onExitSuccess?.(metadata);
+                break;
+            case 'ExitAbort':
+                onEvent?.(react.ConnectorSDKEventType.ExitAbort, metadata);
+                onExit?.(react.ConnectorSDKEventType.ExitAbort, metadata);
+                onExitAbort?.(metadata);
+                break;
+            case 'ExitError':
+                onEvent?.(react.ConnectorSDKEventType.ExitError, metadata);
+                onExit?.(react.ConnectorSDKEventType.ExitError, metadata);
+                onExitError?.(metadata);
+                break;
+            case 'Navigate':
+                // OAuth URL - open in system browser
+                if (url) {
+                    QuilttConnector$1.openUrl({
+                        url
+                    });
+                }
+                break;
+        }
+    }, [
+        connectorId,
+        onEvent,
+        onLoad,
+        onExit,
+        onExitSuccess,
+        onExitAbort,
+        onExitError
+    ]);
+    // Set up message listener
+    react$1.useEffect(()=>{
+        window.addEventListener('message', handleMessage);
+        return ()=>window.removeEventListener('message', handleMessage);
+    }, [
+        handleMessage
+    ]);
+    // Listen for OAuth callbacks via deep links
+    react$1.useEffect(()=>{
+        const listener = QuilttConnector$1.addListener('deepLink', (event)=>{
+            if (event.url) {
+                postOAuthCallbackToIframe(event.url);
+            }
+        });
+        // Check if app was launched with a URL
+        QuilttConnector$1.getLaunchUrl().then((result)=>{
+            if (result?.url) {
+                postOAuthCallbackToIframe(result.url);
+            }
+        });
+        return ()=>{
+            listener.then((l)=>l.remove());
+        };
+    }, [
+        postOAuthCallbackToIframe
+    ]);
+    // Expose method to handle OAuth callbacks from parent component
+    react$1.useImperativeHandle(ref, ()=>({
+            handleOAuthCallback: (callbackUrl)=>{
+                postOAuthCallbackToIframe(callbackUrl);
+            }
+        }), [
+        postOAuthCallbackToIframe
+    ]);
+    return /*#__PURE__*/ jsxRuntime.jsxs("div", {
+        className: className,
+        style: {
+            width: '100%',
+            height: '100%',
+            position: 'relative',
+            ...style
+        },
+        children: [
+            /*#__PURE__*/ jsxRuntime.jsx("iframe", {
+                ref: iframeRef,
+                src: connectorUrl,
+                title: "Quiltt Connector",
+                allow: "publickey-credentials-get *",
+                style: {
+                    border: 'none',
+                    width: '100%',
+                    height: '100%'
+                },
+                onError: ()=>{
+                    setLoadError('Unable to load Quiltt Connector iframe.');
+                }
+            }),
+            loadError ? /*#__PURE__*/ jsxRuntime.jsx("div", {
+                style: {
+                    position: 'absolute',
+                    inset: 0,
+                    display: 'flex',
+                    alignItems: 'center',
+                    justifyContent: 'center',
+                    padding: '16px',
+                    textAlign: 'center',
+                    backgroundColor: '#fff'
+                },
+                children: loadError
+            }) : null
+        ]
+    });
+});
+QuilttConnector.displayName = 'QuilttConnector';
+
+exports.QuilttConnector = QuilttConnector;
+exports.QuilttConnectorPlugin = QuilttConnector$1;
+Object.keys(react).forEach(function (k) {
+  if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
+    enumerable: true,
+    get: function () { return react[k]; }
+  });
+});

package/dist/react.d.ts

@@ -0,0 +1,109 @@
+import { ConnectorSDKCallbacks } from '@quiltt/react';
+export * from '@quiltt/react';
+import * as react$1 from 'react';
+import { PluginListenerHandle } from '@capacitor/core';
+
+type QuilttConnectorHandle = {
+    handleOAuthCallback: (url: string) => void;
+};
+/**
+ * QuilttConnector component for Capacitor apps
+ * Embeds the Quiltt Connector in an iframe and handles OAuth flows via native plugins
+ */
+declare const QuilttConnector$1: react$1.ForwardRefExoticComponent<{
+    connectorId: string;
+    connectionId?: string;
+    institution?: string;
+    /**
+     * The app launcher URL for mobile OAuth flows.
+     * This URL should be a Universal Link (iOS) or App Link (Android) that redirects back to your app.
+     */
+    appLauncherUrl?: string;
+    style?: React.CSSProperties;
+    className?: string;
+} & ConnectorSDKCallbacks & react$1.RefAttributes<QuilttConnectorHandle>>;
+
+/**
+ * Options for opening a URL in the system browser
+ */
+interface OpenUrlOptions {
+    /**
+     * The URL to open in the system browser
+     */
+    url: string;
+}
+/**
+ * Event data when a deep link is received
+ */
+interface DeepLinkEvent {
+    /**
+     * The full URL that was used to open the app, or null if no URL was present
+     */
+    url: string | null;
+}
+/**
+ * Listener function for deep link events
+ */
+type DeepLinkListener = (event: DeepLinkEvent) => void;
+/**
+ * The Quiltt Connector Capacitor plugin interface.
+ *
+ * This plugin handles native functionality required for the Quiltt Connector:
+ * - Opening OAuth URLs in the system browser
+ * - Handling deep links / App Links / Universal Links for OAuth callbacks
+ */
+interface QuilttConnectorPlugin {
+    /**
+     * Open a URL in the system browser.
+     *
+     * This is used for OAuth flows where the user needs to authenticate
+     * with their financial institution in an external browser.
+     *
+     * @param options - The options containing the URL to open
+     * @returns A promise that resolves when the browser is opened
+     *
+     * @since 5.0.3
+     */
+    openUrl(options: OpenUrlOptions): Promise<{
+        completed: boolean;
+    }>;
+    /**
+     * Get the URL that was used to launch the app, if any.
+     *
+     * This is useful for handling OAuth callbacks when the app is opened
+     * from a Universal Link (iOS) or App Link (Android).
+     *
+     * @returns A promise that resolves with the launch URL, or undefined if none
+     *
+     * @since 5.0.3
+     */
+    getLaunchUrl(): Promise<DeepLinkEvent>;
+    /**
+     * Listen for deep link events.
+     *
+     * This is called when the app is opened via a Universal Link (iOS)
+     * or App Link (Android), typically during OAuth callback flows.
+     *
+     * @param eventName - The event name ('deepLink')
+     * @param listenerFunc - The callback function to handle the event
+     * @returns A promise that resolves with a handle to remove the listener
+     *
+     * @since 5.0.3
+     */
+    addListener(eventName: 'deepLink', listenerFunc: DeepLinkListener): Promise<PluginListenerHandle>;
+    /**
+     * Remove all listeners for this plugin.
+     *
+     * @since 5.0.3
+     */
+    removeAllListeners(): Promise<void>;
+}
+
+/**
+ * Native Capacitor plugin for deep link handling and URL opening
+ * Used internally by QuilttConnector component for OAuth flows
+ */
+declare const QuilttConnector: QuilttConnectorPlugin;
+
+export { QuilttConnector$1 as QuilttConnector, QuilttConnector as QuilttConnectorPlugin };
+export type { DeepLinkEvent, DeepLinkListener, OpenUrlOptions, QuilttConnectorHandle };

package/dist/react.js

@@ -0,0 +1,288 @@
+import { useQuilttSession, ConnectorSDKEventType } from '@quiltt/react';
+export * from '@quiltt/react';
+import { jsxs, jsx } from 'react/jsx-runtime';
+import { forwardRef, useRef, useState, useMemo, useEffect, useCallback, useImperativeHandle } from 'react';
+import { registerPlugin } from '@capacitor/core';
+
+/**
+ * Native Capacitor plugin for deep link handling and URL opening
+ * Used internally by QuilttConnector component for OAuth flows
+ */ const QuilttConnector$1 = registerPlugin('QuilttConnector', {
+    web: ()=>import('./web-CUWsqcUV.js').then((m)=>new m.QuilttConnectorWeb())
+});
+
+const trustedQuilttHostSuffixes = [
+    'quiltt.io',
+    'quiltt.dev',
+    'quiltt.app'
+];
+const isTrustedQuilttOrigin = (origin)=>{
+    try {
+        const originUrl = new URL(origin);
+        if (originUrl.protocol !== 'https:') {
+            return false;
+        }
+        const hostname = originUrl.hostname.toLowerCase();
+        return trustedQuilttHostSuffixes.some((suffix)=>hostname === suffix || hostname.endsWith(`.${suffix}`));
+    } catch  {
+        return false;
+    }
+};
+const decodeIfEncoded = (value)=>{
+    try {
+        const decoded = decodeURIComponent(value);
+        return decoded === value ? value : decoded;
+    } catch  {
+        return value;
+    }
+};
+const normalizeUrlValue = (value)=>decodeIfEncoded(value.trim());
+/**
+ * QuilttConnector component for Capacitor apps
+ * Embeds the Quiltt Connector in an iframe and handles OAuth flows via native plugins
+ */ const QuilttConnector = /*#__PURE__*/ forwardRef(({ connectorId, connectionId, institution, appLauncherUrl, style, className, onEvent, onLoad, onExit, onExitSuccess, onExitAbort, onExitError }, ref)=>{
+    const iframeRef = useRef(null);
+    const { session } = useQuilttSession();
+    const [isLoaded, setIsLoaded] = useState(false);
+    const [loadError, setLoadError] = useState(null);
+    // Connector origin for secure postMessage targeting
+    const connectorOrigin = useMemo(()=>`https://${connectorId}.quiltt.app`, [
+        connectorId
+    ]);
+    // Build connector URL
+    const connectorUrl = useMemo(()=>{
+        const url = new URL(connectorOrigin);
+        if (session?.token) {
+            url.searchParams.set('token', session.token);
+        }
+        if (connectionId) {
+            url.searchParams.set('connectionId', connectionId);
+        }
+        if (institution) {
+            url.searchParams.set('institution', institution);
+        }
+        if (appLauncherUrl) {
+            url.searchParams.set('app_launcher_url', normalizeUrlValue(appLauncherUrl));
+        }
+        if (typeof window !== 'undefined') {
+            url.searchParams.set('embed_location', window.location.href);
+        }
+        // Set mode for inline iframe embedding
+        url.searchParams.set('mode', 'INLINE');
+        return url.toString();
+    }, [
+        connectorOrigin,
+        session?.token,
+        connectionId,
+        institution,
+        appLauncherUrl
+    ]);
+    useEffect(()=>{
+        setIsLoaded(false);
+        setLoadError(null);
+        const abortController = new AbortController();
+        const runPreflight = async ()=>{
+            try {
+                await fetch(connectorUrl, {
+                    method: 'GET',
+                    mode: 'no-cors',
+                    credentials: 'omit',
+                    signal: abortController.signal
+                });
+            } catch  {
+                setLoadError('Unable to reach Quiltt Connector. Check network and connector settings.');
+            }
+        };
+        void runPreflight();
+        return ()=>{
+            abortController.abort();
+        };
+    }, [
+        connectorUrl
+    ]);
+    useEffect(()=>{
+        if (isLoaded || loadError) {
+            return;
+        }
+        const timeoutId = window.setTimeout(()=>{
+            setLoadError('Connector took too long to load. Please retry.');
+        }, 15000);
+        return ()=>{
+            window.clearTimeout(timeoutId);
+        };
+    }, [
+        isLoaded,
+        loadError
+    ]);
+    const postOAuthCallbackToIframe = useCallback((callbackUrl)=>{
+        if (!iframeRef.current?.contentWindow) {
+            return;
+        }
+        const normalizedCallbackUrl = normalizeUrlValue(callbackUrl);
+        try {
+            const callback = new URL(normalizedCallbackUrl);
+            const params = {};
+            callback.searchParams.forEach((value, key)=>{
+                params[key] = value;
+            });
+            iframeRef.current.contentWindow.postMessage({
+                source: 'quiltt',
+                type: 'OAuthCallback',
+                data: {
+                    url: normalizedCallbackUrl,
+                    params
+                }
+            }, connectorOrigin);
+        } catch  {
+            iframeRef.current.contentWindow.postMessage({
+                source: 'quiltt',
+                type: 'OAuthCallback',
+                data: {
+                    url: normalizedCallbackUrl,
+                    params: {}
+                }
+            }, connectorOrigin);
+        }
+    }, [
+        connectorOrigin
+    ]);
+    // Handle messages from the iframe
+    // The platform MessageBus sends: { source: 'quiltt', type: 'Load'|'ExitSuccess'|..., ...metadata }
+    const handleMessage = useCallback((event)=>{
+        // Validate origin
+        if (!isTrustedQuilttOrigin(event.origin)) {
+            return;
+        }
+        const data = event.data || {};
+        // Validate message is from Quiltt MessageBus
+        if (data.source !== 'quiltt' || !data.type) return;
+        const { type, connectionId: msgConnectionId, profileId, connectorSession, url } = data;
+        // Build metadata from message fields
+        const metadata = {
+            connectorId,
+            ...profileId && {
+                profileId
+            },
+            ...msgConnectionId && {
+                connectionId: msgConnectionId
+            },
+            ...connectorSession && {
+                connectorSession
+            }
+        };
+        switch(type){
+            case 'Load':
+                setIsLoaded(true);
+                setLoadError(null);
+                onEvent?.(ConnectorSDKEventType.Load, metadata);
+                onLoad?.(metadata);
+                break;
+            case 'ExitSuccess':
+                onEvent?.(ConnectorSDKEventType.ExitSuccess, metadata);
+                onExit?.(ConnectorSDKEventType.ExitSuccess, metadata);
+                onExitSuccess?.(metadata);
+                break;
+            case 'ExitAbort':
+                onEvent?.(ConnectorSDKEventType.ExitAbort, metadata);
+                onExit?.(ConnectorSDKEventType.ExitAbort, metadata);
+                onExitAbort?.(metadata);
+                break;
+            case 'ExitError':
+                onEvent?.(ConnectorSDKEventType.ExitError, metadata);
+                onExit?.(ConnectorSDKEventType.ExitError, metadata);
+                onExitError?.(metadata);
+                break;
+            case 'Navigate':
+                // OAuth URL - open in system browser
+                if (url) {
+                    QuilttConnector$1.openUrl({
+                        url
+                    });
+                }
+                break;
+        }
+    }, [
+        connectorId,
+        onEvent,
+        onLoad,
+        onExit,
+        onExitSuccess,
+        onExitAbort,
+        onExitError
+    ]);
+    // Set up message listener
+    useEffect(()=>{
+        window.addEventListener('message', handleMessage);
+        return ()=>window.removeEventListener('message', handleMessage);
+    }, [
+        handleMessage
+    ]);
+    // Listen for OAuth callbacks via deep links
+    useEffect(()=>{
+        const listener = QuilttConnector$1.addListener('deepLink', (event)=>{
+            if (event.url) {
+                postOAuthCallbackToIframe(event.url);
+            }
+        });
+        // Check if app was launched with a URL
+        QuilttConnector$1.getLaunchUrl().then((result)=>{
+            if (result?.url) {
+                postOAuthCallbackToIframe(result.url);
+            }
+        });
+        return ()=>{
+            listener.then((l)=>l.remove());
+        };
+    }, [
+        postOAuthCallbackToIframe
+    ]);
+    // Expose method to handle OAuth callbacks from parent component
+    useImperativeHandle(ref, ()=>({
+            handleOAuthCallback: (callbackUrl)=>{
+                postOAuthCallbackToIframe(callbackUrl);
+            }
+        }), [
+        postOAuthCallbackToIframe
+    ]);
+    return /*#__PURE__*/ jsxs("div", {
+        className: className,
+        style: {
+            width: '100%',
+            height: '100%',
+            position: 'relative',
+            ...style
+        },
+        children: [
+            /*#__PURE__*/ jsx("iframe", {
+                ref: iframeRef,
+                src: connectorUrl,
+                title: "Quiltt Connector",
+                allow: "publickey-credentials-get *",
+                style: {
+                    border: 'none',
+                    width: '100%',
+                    height: '100%'
+                },
+                onError: ()=>{
+                    setLoadError('Unable to load Quiltt Connector iframe.');
+                }
+            }),
+            loadError ? /*#__PURE__*/ jsx("div", {
+                style: {
+                    position: 'absolute',
+                    inset: 0,
+                    display: 'flex',
+                    alignItems: 'center',
+                    justifyContent: 'center',
+                    padding: '16px',
+                    textAlign: 'center',
+                    backgroundColor: '#fff'
+                },
+                children: loadError
+            }) : null
+        ]
+    });
+});
+QuilttConnector.displayName = 'QuilttConnector';
+
+export { QuilttConnector, QuilttConnector$1 as QuilttConnectorPlugin };