@stytch/react 19.6.1 → 19.7.0

package/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @stytch/react
 
+## 19.7.0
+
+### Minor Changes
+
+- 14f8002: Add in Hook and HOC for accessing user roles
+
 ## 19.6.1
 
 ### Patch Changes

package/dist/index.d.ts

@@ -1,7 +1,7 @@
 /// <reference types="react" />
 import React from "react";
 import { ReactNode } from "react";
-import { StytchProjectConfigurationInput, StytchUIClient, Callbacks, StringsOptions, StytchLoginConfig, StyleConfig } from "@stytch/vanilla-js";
+import { StytchProjectConfigurationInput, StytchUIClient, Callbacks, StringsOptions, StytchLoginConfig, StyleConfig, IDPConsentScreenManifest } from "@stytch/vanilla-js";
 import { StytchHeadlessClient } from "@stytch/vanilla-js/headless";
 import { Session as Session$0 } from "@stytch/vanilla-js/headless";
 import { User as User$0 } from "@stytch/vanilla-js/headless";
@@ -123,7 +123,16 @@ interface StytchResetPasswordProps<TProjectConfiguration extends StytchProjectCo
      */
     passwordResetToken: string;
 }
-type IdentityProviderProps = Omit<StytchProps, "config">;
+type IDPConsentScreenManifestGenerator = (input: {
+    scopes: string[];
+    clientName: string;
+}) => IDPConsentScreenManifest;
+type IdentityProviderProps = Omit<StytchProps, "config"> & {
+    /**
+     * Optional {@link IDPConsentScreenManifestGenerator} to customize the consent screen.
+     */
+    getIDPConsentManifest?: IDPConsentScreenManifestGenerator;
+};
 /**
  * The Stytch Reset Password component.
  * This component can only be used with a Stytch UI Client
@@ -208,7 +217,7 @@ declare const StytchPasskeyRegistration: <TProjectConfiguration extends Partial<
  *   }}
  * />
  */
-declare const IdentityProvider: ({ styles, callbacks, strings }: IdentityProviderProps) => React.JSX.Element;
+declare const IdentityProvider: ({ styles, callbacks, strings, getIDPConsentManifest }: IdentityProviderProps) => React.JSX.Element;
 /**
  * Returns the active User.
  * The Stytch SDKs are used for client-side authentication and session management.
@@ -273,6 +282,22 @@ declare const withStytchSession$0: <T extends object, TAssumeHydrated extends bo
     stytchSessionIsInitialized: boolean;
     stytchSessionIsFromCache: boolean;
 }>) => React.ComponentType<T>;
+declare const useStytchIsAuthorized$0: <TAssumeHydrated extends boolean = true>(resourceId: string, action: string) => TAssumeHydrated extends true ? {
+    isAuthorized: boolean;
+    fromCache: boolean;
+    isInitialized: boolean;
+} : {
+    isAuthorized: false;
+    fromCache: false;
+    isInitialized: false;
+} | {
+    isAuthorized: boolean;
+    fromCache: boolean;
+    isInitialized: boolean;
+};
+declare const withStytchPermissions$0: <Permissions_1 extends Record<string, string>, T extends object>(Component: React.ComponentType<T & {
+    stytchPermissions: Record<string, Record<string, boolean>>;
+}>) => React.ComponentType<T>;
 /**
  * The Stytch Client object passed in to <StytchProvider /> in your application root.
  * Either a StytchUIClient or StytchHeadlessClient.
@@ -316,5 +341,5 @@ interface StytchProviderProps$0<TProjectConfiguration extends StytchProjectConfi
  * )
  */
 declare const StytchProvider$0: <TProjectConfiguration extends Partial<import("@stytch/core/public").StytchProjectConfiguration> = Stytch.DefaultProjectConfiguration>({ stytch, children, assumeHydrated }: StytchProviderProps$0<TProjectConfiguration>) => JSX.Element;
-export { StytchLogin, StytchPasswordReset, StytchPasskeyRegistration, IdentityProvider, StytchProvider$0 as StytchProvider, useStytch, useStytchSession$0 as useStytchSession, useStytchUser$0 as useStytchUser, withStytch, withStytchSession$0 as withStytchSession, withStytchUser$0 as withStytchUser };
+export { StytchLogin, StytchPasswordReset, StytchPasskeyRegistration, IdentityProvider, StytchProvider$0 as StytchProvider, useStytch, useStytchSession$0 as useStytchSession, useStytchUser$0 as useStytchUser, withStytch, withStytchSession$0 as withStytchSession, withStytchUser$0 as withStytchUser, useStytchIsAuthorized$0 as useStytchIsAuthorized, withStytchPermissions$0 as withStytchPermissions };
 export type { StytchProviderProps$0 as StytchProviderProps, StytchProps, StytchResetPasswordProps, IdentityProviderProps };

package/dist/index.esm.d.ts

@@ -1,7 +1,7 @@
 /// <reference types="react" />
 import React from "react";
 import { ReactNode } from "react";
-import { StytchProjectConfigurationInput, StytchUIClient, Callbacks, StringsOptions, StytchLoginConfig, StyleConfig } from "@stytch/vanilla-js";
+import { StytchProjectConfigurationInput, StytchUIClient, Callbacks, StringsOptions, StytchLoginConfig, StyleConfig, IDPConsentScreenManifest } from "@stytch/vanilla-js";
 import { StytchHeadlessClient } from "@stytch/vanilla-js/headless";
 import { Session as Session$0 } from "@stytch/vanilla-js/headless";
 import { User as User$0 } from "@stytch/vanilla-js/headless";
@@ -123,7 +123,16 @@ interface StytchResetPasswordProps<TProjectConfiguration extends StytchProjectCo
      */
     passwordResetToken: string;
 }
-type IdentityProviderProps = Omit<StytchProps, "config">;
+type IDPConsentScreenManifestGenerator = (input: {
+    scopes: string[];
+    clientName: string;
+}) => IDPConsentScreenManifest;
+type IdentityProviderProps = Omit<StytchProps, "config"> & {
+    /**
+     * Optional {@link IDPConsentScreenManifestGenerator} to customize the consent screen.
+     */
+    getIDPConsentManifest?: IDPConsentScreenManifestGenerator;
+};
 /**
  * The Stytch Reset Password component.
  * This component can only be used with a Stytch UI Client
@@ -208,7 +217,7 @@ declare const StytchPasskeyRegistration: <TProjectConfiguration extends Partial<
  *   }}
  * />
  */
-declare const IdentityProvider: ({ styles, callbacks, strings }: IdentityProviderProps) => React.JSX.Element;
+declare const IdentityProvider: ({ styles, callbacks, strings, getIDPConsentManifest }: IdentityProviderProps) => React.JSX.Element;
 /**
  * Returns the active User.
  * The Stytch SDKs are used for client-side authentication and session management.
@@ -273,6 +282,22 @@ declare const withStytchSession$0: <T extends object, TAssumeHydrated extends bo
     stytchSessionIsInitialized: boolean;
     stytchSessionIsFromCache: boolean;
 }>) => React.ComponentType<T>;
+declare const useStytchIsAuthorized$0: <TAssumeHydrated extends boolean = true>(resourceId: string, action: string) => TAssumeHydrated extends true ? {
+    isAuthorized: boolean;
+    fromCache: boolean;
+    isInitialized: boolean;
+} : {
+    isAuthorized: false;
+    fromCache: false;
+    isInitialized: false;
+} | {
+    isAuthorized: boolean;
+    fromCache: boolean;
+    isInitialized: boolean;
+};
+declare const withStytchPermissions$0: <Permissions_1 extends Record<string, string>, T extends object>(Component: React.ComponentType<T & {
+    stytchPermissions: Record<string, Record<string, boolean>>;
+}>) => React.ComponentType<T>;
 /**
  * The Stytch Client object passed in to <StytchProvider /> in your application root.
  * Either a StytchUIClient or StytchHeadlessClient.
@@ -316,5 +341,5 @@ interface StytchProviderProps$0<TProjectConfiguration extends StytchProjectConfi
  * )
  */
 declare const StytchProvider$0: <TProjectConfiguration extends Partial<import("@stytch/core/public").StytchProjectConfiguration> = Stytch.DefaultProjectConfiguration>({ stytch, children, assumeHydrated }: StytchProviderProps$0<TProjectConfiguration>) => JSX.Element;
-export { StytchLogin, StytchPasswordReset, StytchPasskeyRegistration, IdentityProvider, StytchProvider$0 as StytchProvider, useStytch, useStytchSession$0 as useStytchSession, useStytchUser$0 as useStytchUser, withStytch, withStytchSession$0 as withStytchSession, withStytchUser$0 as withStytchUser };
+export { StytchLogin, StytchPasswordReset, StytchPasskeyRegistration, IdentityProvider, StytchProvider$0 as StytchProvider, useStytch, useStytchSession$0 as useStytchSession, useStytchUser$0 as useStytchUser, withStytch, withStytchSession$0 as withStytchSession, withStytchUser$0 as withStytchUser, useStytchIsAuthorized$0 as useStytchIsAuthorized, withStytchPermissions$0 as withStytchPermissions };
 export type { StytchProviderProps$0 as StytchProviderProps, StytchProps, StytchResetPasswordProps, IdentityProviderProps };

package/dist/index.esm.js

@@ -1,6 +1,6 @@
-import React, { createContext, useContext, useMemo, useCallback, useRef, useEffect } from 'react';
+import React, { createContext, useContext, useEffect, useMemo, useCallback, useRef } from 'react';
 import { i as invariant, u as useAsyncState, m as mergeWithStableProps, a as useIsomorphicLayoutEffect } from './useIsomorphicLayoutEffect-681e2138.js';
-import { n as noProviderError, p as providerMustBeUniqueError, i as isStytchSSRProxy, a as noHeadlessClientError } from './StytchSSRProxy-34c789b5.js';
+import { n as noProviderError, i as isStytchSSRProxy, p as providerMustBeUniqueError, a as noHeadlessClientError } from './StytchSSRProxy-34c789b5.js';
 
 const initialUser = {
     user: null,
@@ -95,6 +95,87 @@ const withStytchSession$1 = (Component) => {
     WithStytchSession.displayName = `withStytchSession(${Component.displayName || Component.name || 'Component'})`;
     return WithStytchSession;
 };
+/**
+ * Determines whether the logged-in user is allowed to perform the specified action on the specified resource.
+ * Returns `true` if the user can perform the action, `false` otherwise.
+ *
+ * If the user is not logged in, this method will always return false.
+ * If the resource or action provided are not valid for the configured RBAC policy, this method will return false.
+ *
+ * Remember - authorization checks for sensitive actions should always occur on the backend as well.
+ * @example
+ * const { isAuthorized } = useStytchIsAuthorized<Permissions>('documents', 'edit');
+ * return <button disabled={!isAuthorized}>Edit</button>
+ */
+const useStytchIsAuthorized$1 = (resourceId, action) => {
+    invariant(useIsMounted__INTERNAL(), noProviderError('useStytchIsAuthorized', 'StytchProvider'));
+    const client = useStytch();
+    const { user } = useStytchUser$1();
+    const [isAuthorized, setIsAuthorized] = useAsyncState({
+        isInitialized: false,
+        fromCache: false,
+        isAuthorized: false,
+    });
+    useEffect(() => {
+        if (isStytchSSRProxy(client)) {
+            return;
+        }
+        setIsAuthorized({
+            isInitialized: true,
+            fromCache: true,
+            isAuthorized: client.rbac.isAuthorizedSync(resourceId, action),
+        });
+    }, [action, client, resourceId, setIsAuthorized]);
+    useEffect(() => {
+        if (isStytchSSRProxy(client)) {
+            return;
+        }
+        client.rbac.isAuthorized(resourceId, action).then((isAuthorized) => {
+            setIsAuthorized({ isAuthorized, fromCache: false, isInitialized: true });
+        });
+    }, [client, user === null || user === void 0 ? void 0 : user.roles, resourceId, action, setIsAuthorized]);
+    return isAuthorized;
+};
+/**
+ * Wrap your component with this HOC in order to receive the permissions for the logged-in user.
+ * Evaluates all permissions granted to the logged-in user.
+ * Returns a Record<RoleId, Record<Action, boolean>> response indicating the user's permissions.
+ * Each boolean will be `true` if the user can perform the action, `false` otherwise.
+ *
+ * If the user is not logged in, all values will be false.
+ *
+ * Remember - authorization checks for sensitive actions should always occur on the backend as well.
+ * @example
+ * type Permissions = {
+ *   document: 'create' | 'read' | 'write
+ *   image: 'create' | 'read'
+ * }
+ *
+ * const MyComponent = (props) => {
+ *   const canEditDocuments = props.stytchPermissions.document.edit;
+ *   const canReadImages = props.stytchPermissions.image.read;
+ * }
+ * return withStytchPermissions<Permissions>(MyComponent)
+ */
+const withStytchPermissions$1 = (Component) => {
+    const WithStytchPermissions = (props) => {
+        invariant(useIsMounted__INTERNAL(), noProviderError('useRBACPermissions', 'StytchProvider'));
+        const client = useStytch();
+        const { user } = useStytchUser$1();
+        const [permissions, setPermissions] = useAsyncState({ loaded: false, value: null });
+        useEffect(() => {
+            client.rbac.allPermissions().then((permissions) => {
+                setPermissions({ loaded: true, value: permissions });
+            });
+        }, [client, user === null || user === void 0 ? void 0 : user.roles, setPermissions]);
+        if (!permissions.loaded) {
+            return null;
+        }
+        return React.createElement(Component, Object.assign({}, props, { stytchPermissions: permissions.value }));
+    };
+    WithStytchPermissions.displayName = `withStytchPermissions(${Component.displayName || Component.name || 'Component'})`;
+    return WithStytchPermissions;
+};
 /**
  * The Stytch Context Provider.
  * Wrap your application with this component in order to use Stytch everywhere in your app.
@@ -334,7 +415,7 @@ const StytchPasskeyRegistration = ({ config, styles, callbacks, strings, }) => {
  *   }}
  * />
  */
-const IdentityProvider = ({ styles, callbacks, strings }) => {
+const IdentityProvider = ({ styles, callbacks, strings, getIDPConsentManifest }) => {
     invariant(useIsMounted__INTERNAL(), noProviderError('<IdentityProvider />'));
     const stytchClient = useStytch();
     const user = useStytchUser$1();
@@ -355,8 +436,9 @@ const IdentityProvider = ({ styles, callbacks, strings }) => {
             elementId: `#${containerEl.current.id}`,
             styles,
             strings,
+            getIDPConsentManifest,
         });
-    }, [stytchClient, styles, callbacks, user, strings]);
+    }, [stytchClient, styles, callbacks, user, strings, getIDPConsentManifest]);
     return React.createElement("div", { ref: containerEl });
 };
 
@@ -392,6 +474,8 @@ const useStytchUser = useStytchUser$1;
 const useStytchSession = useStytchSession$1;
 const withStytchUser = withStytchUser$1;
 const withStytchSession = withStytchSession$1;
+const useStytchIsAuthorized = useStytchIsAuthorized$1;
+const withStytchPermissions = withStytchPermissions$1;
 /**
  * The Stytch Context Provider.
  * Wrap your application with this component in order to use Stytch everywhere in your app.
@@ -409,4 +493,4 @@ const StytchProvider = ({ stytch, children, assumeHydrated = true, }) => {
     return (React.createElement(StytchProvider$1, { stytch: stytch, assumeHydrated: assumeHydrated }, children));
 };
 
-export { IdentityProvider, StytchLogin, StytchPasskeyRegistration, StytchPasswordReset, StytchProvider, useStytch, useStytchSession, useStytchUser, withStytch, withStytchSession, withStytchUser };
+export { IdentityProvider, StytchLogin, StytchPasskeyRegistration, StytchPasswordReset, StytchProvider, useStytch, useStytchIsAuthorized, useStytchSession, useStytchUser, withStytch, withStytchPermissions, withStytchSession, withStytchUser };

package/dist/index.js

@@ -103,6 +103,87 @@ const withStytchSession$1 = (Component) => {
     WithStytchSession.displayName = `withStytchSession(${Component.displayName || Component.name || 'Component'})`;
     return WithStytchSession;
 };
+/**
+ * Determines whether the logged-in user is allowed to perform the specified action on the specified resource.
+ * Returns `true` if the user can perform the action, `false` otherwise.
+ *
+ * If the user is not logged in, this method will always return false.
+ * If the resource or action provided are not valid for the configured RBAC policy, this method will return false.
+ *
+ * Remember - authorization checks for sensitive actions should always occur on the backend as well.
+ * @example
+ * const { isAuthorized } = useStytchIsAuthorized<Permissions>('documents', 'edit');
+ * return <button disabled={!isAuthorized}>Edit</button>
+ */
+const useStytchIsAuthorized$1 = (resourceId, action) => {
+    useIsomorphicLayoutEffect.invariant(useIsMounted__INTERNAL(), StytchSSRProxy.noProviderError('useStytchIsAuthorized', 'StytchProvider'));
+    const client = useStytch();
+    const { user } = useStytchUser$1();
+    const [isAuthorized, setIsAuthorized] = useIsomorphicLayoutEffect.useAsyncState({
+        isInitialized: false,
+        fromCache: false,
+        isAuthorized: false,
+    });
+    React.useEffect(() => {
+        if (StytchSSRProxy.isStytchSSRProxy(client)) {
+            return;
+        }
+        setIsAuthorized({
+            isInitialized: true,
+            fromCache: true,
+            isAuthorized: client.rbac.isAuthorizedSync(resourceId, action),
+        });
+    }, [action, client, resourceId, setIsAuthorized]);
+    React.useEffect(() => {
+        if (StytchSSRProxy.isStytchSSRProxy(client)) {
+            return;
+        }
+        client.rbac.isAuthorized(resourceId, action).then((isAuthorized) => {
+            setIsAuthorized({ isAuthorized, fromCache: false, isInitialized: true });
+        });
+    }, [client, user === null || user === void 0 ? void 0 : user.roles, resourceId, action, setIsAuthorized]);
+    return isAuthorized;
+};
+/**
+ * Wrap your component with this HOC in order to receive the permissions for the logged-in user.
+ * Evaluates all permissions granted to the logged-in user.
+ * Returns a Record<RoleId, Record<Action, boolean>> response indicating the user's permissions.
+ * Each boolean will be `true` if the user can perform the action, `false` otherwise.
+ *
+ * If the user is not logged in, all values will be false.
+ *
+ * Remember - authorization checks for sensitive actions should always occur on the backend as well.
+ * @example
+ * type Permissions = {
+ *   document: 'create' | 'read' | 'write
+ *   image: 'create' | 'read'
+ * }
+ *
+ * const MyComponent = (props) => {
+ *   const canEditDocuments = props.stytchPermissions.document.edit;
+ *   const canReadImages = props.stytchPermissions.image.read;
+ * }
+ * return withStytchPermissions<Permissions>(MyComponent)
+ */
+const withStytchPermissions$1 = (Component) => {
+    const WithStytchPermissions = (props) => {
+        useIsomorphicLayoutEffect.invariant(useIsMounted__INTERNAL(), StytchSSRProxy.noProviderError('useRBACPermissions', 'StytchProvider'));
+        const client = useStytch();
+        const { user } = useStytchUser$1();
+        const [permissions, setPermissions] = useIsomorphicLayoutEffect.useAsyncState({ loaded: false, value: null });
+        React.useEffect(() => {
+            client.rbac.allPermissions().then((permissions) => {
+                setPermissions({ loaded: true, value: permissions });
+            });
+        }, [client, user === null || user === void 0 ? void 0 : user.roles, setPermissions]);
+        if (!permissions.loaded) {
+            return null;
+        }
+        return React__default["default"].createElement(Component, Object.assign({}, props, { stytchPermissions: permissions.value }));
+    };
+    WithStytchPermissions.displayName = `withStytchPermissions(${Component.displayName || Component.name || 'Component'})`;
+    return WithStytchPermissions;
+};
 /**
  * The Stytch Context Provider.
  * Wrap your application with this component in order to use Stytch everywhere in your app.
@@ -342,7 +423,7 @@ const StytchPasskeyRegistration = ({ config, styles, callbacks, strings, }) => {
  *   }}
  * />
  */
-const IdentityProvider = ({ styles, callbacks, strings }) => {
+const IdentityProvider = ({ styles, callbacks, strings, getIDPConsentManifest }) => {
     useIsomorphicLayoutEffect.invariant(useIsMounted__INTERNAL(), StytchSSRProxy.noProviderError('<IdentityProvider />'));
     const stytchClient = useStytch();
     const user = useStytchUser$1();
@@ -363,8 +444,9 @@ const IdentityProvider = ({ styles, callbacks, strings }) => {
             elementId: `#${containerEl.current.id}`,
             styles,
             strings,
+            getIDPConsentManifest,
         });
-    }, [stytchClient, styles, callbacks, user, strings]);
+    }, [stytchClient, styles, callbacks, user, strings, getIDPConsentManifest]);
     return React__default["default"].createElement("div", { ref: containerEl });
 };
 
@@ -400,6 +482,8 @@ const useStytchUser = useStytchUser$1;
 const useStytchSession = useStytchSession$1;
 const withStytchUser = withStytchUser$1;
 const withStytchSession = withStytchSession$1;
+const useStytchIsAuthorized = useStytchIsAuthorized$1;
+const withStytchPermissions = withStytchPermissions$1;
 /**
  * The Stytch Context Provider.
  * Wrap your application with this component in order to use Stytch everywhere in your app.
@@ -423,8 +507,10 @@ exports.StytchPasskeyRegistration = StytchPasskeyRegistration;
 exports.StytchPasswordReset = StytchPasswordReset;
 exports.StytchProvider = StytchProvider;
 exports.useStytch = useStytch;
+exports.useStytchIsAuthorized = useStytchIsAuthorized;
 exports.useStytchSession = useStytchSession;
 exports.useStytchUser = useStytchUser;
 exports.withStytch = withStytch;
+exports.withStytchPermissions = withStytchPermissions;
 exports.withStytchSession = withStytchSession;
 exports.withStytchUser = withStytchUser;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stytch/react",
-  "version": "19.6.1",
+  "version": "19.7.0",
   "description": "Stytch's official React Library",
   "main": "./dist/index.js",
   "module": "./dist/index.esm.js",
@@ -39,7 +39,7 @@
     "@stytch/internal-test-utils": "0.0.0",
     "@stytch/internal-tsconfigs": "0.0.0",
     "@stytch/js-utils": "0.0.1",
-    "@stytch/vanilla-js": "5.25.2",
+    "@stytch/vanilla-js": "5.29.0",
     "@testing-library/react": "14.0.0",
     "@types/jest": "29.5.14",
     "eslint-config-custom": "0.0.1",