@sudobility/building_blocks_rn 0.0.8 → 0.0.11

package/macos/WebAuthModule.m

@@ -0,0 +1,104 @@
+#import "WebAuthModule.h"
+#import <AuthenticationServices/AuthenticationServices.h>
+#import <CommonCrypto/CommonDigest.h>
+#import <Security/Security.h>
+
+@interface WebAuthModule () <ASWebAuthenticationPresentationContextProviding>
+@property (nonatomic, strong) ASWebAuthenticationSession *authSession;
+@end
+
+@implementation WebAuthModule
+
+RCT_EXPORT_MODULE();
+
++ (BOOL)requiresMainQueueSetup {
+  return YES;
+}
+
+RCT_EXPORT_METHOD(authenticate:(NSString *)urlString
+                  callbackURLScheme:(NSString *)callbackURLScheme
+                  resolver:(RCTPromiseResolveBlock)resolve
+                  rejecter:(RCTPromiseRejectBlock)reject) {
+  dispatch_async(dispatch_get_main_queue(), ^{
+    NSURL *authURL = [NSURL URLWithString:urlString];
+    if (!authURL) {
+      reject(@"INVALID_URL", @"Invalid authentication URL", nil);
+      return;
+    }
+
+    self.authSession =
+      [[ASWebAuthenticationSession alloc]
+        initWithURL:authURL
+        callbackURLScheme:callbackURLScheme
+        completionHandler:^(NSURL * _Nullable callbackURL,
+                            NSError * _Nullable error) {
+          self.authSession = nil;
+          if (error) {
+            if (error.code == ASWebAuthenticationSessionErrorCodeCanceledLogin) {
+              resolve([NSNull null]);
+            } else {
+              reject(@"AUTH_ERROR", error.localizedDescription, error);
+            }
+            return;
+          }
+          if (callbackURL) {
+            resolve(callbackURL.absoluteString);
+          } else {
+            resolve([NSNull null]);
+          }
+        }];
+
+    self.authSession.presentationContextProvider = self;
+    self.authSession.prefersEphemeralWebBrowserSession = NO;
+
+    if (![self.authSession start]) {
+      self.authSession = nil;
+      reject(@"SESSION_ERROR",
+             @"Failed to start authentication session", nil);
+    }
+  });
+}
+
+RCT_EXPORT_METHOD(generateCodeVerifier:(RCTPromiseResolveBlock)resolve
+                  rejecter:(RCTPromiseRejectBlock)reject) {
+  uint8_t randomBytes[32];
+  OSStatus status = SecRandomCopyBytes(kSecRandomDefault, 32, randomBytes);
+  if (status != errSecSuccess) {
+    reject(@"RANDOM_ERROR", @"Failed to generate random bytes", nil);
+    return;
+  }
+
+  NSData *data = [NSData dataWithBytes:randomBytes length:32];
+  NSString *base64 = [data base64EncodedStringWithOptions:0];
+  NSString *base64url = base64;
+  base64url = [base64url stringByReplacingOccurrencesOfString:@"+" withString:@"-"];
+  base64url = [base64url stringByReplacingOccurrencesOfString:@"/" withString:@"_"];
+  base64url = [base64url stringByReplacingOccurrencesOfString:@"=" withString:@""];
+  resolve(base64url);
+}
+
+RCT_EXPORT_METHOD(sha256:(NSString *)input
+                  resolver:(RCTPromiseResolveBlock)resolve
+                  rejecter:(RCTPromiseRejectBlock)reject) {
+  NSData *data = [input dataUsingEncoding:NSUTF8StringEncoding];
+  uint8_t digest[CC_SHA256_DIGEST_LENGTH];
+  CC_SHA256(data.bytes, (CC_LONG)data.length, digest);
+
+  // Base64url encode
+  NSData *hashData = [NSData dataWithBytes:digest length:CC_SHA256_DIGEST_LENGTH];
+  NSString *base64 = [hashData base64EncodedStringWithOptions:0];
+  NSString *base64url = base64;
+  base64url = [base64url stringByReplacingOccurrencesOfString:@"+" withString:@"-"];
+  base64url = [base64url stringByReplacingOccurrencesOfString:@"/" withString:@"_"];
+  base64url = [base64url stringByReplacingOccurrencesOfString:@"=" withString:@""];
+  resolve(base64url);
+}
+
+#pragma mark - ASWebAuthenticationPresentationContextProviding
+
+- (ASPresentationAnchor)presentationAnchorForWebAuthenticationSession:
+    (ASWebAuthenticationSession *)session {
+  return NSApp.keyWindow ?: NSApp.windows.firstObject;
+}
+
+@end

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sudobility/building_blocks_rn",
-  "version": "0.0.8",
+  "version": "0.0.11",
   "description": "Higher-level shared UI building blocks for Sudobility React Native apps",
   "type": "module",
   "main": "./dist/index.js",
@@ -20,6 +20,10 @@
   },
   "files": [
     "dist",
+    "macos",
+    "windows",
+    "react-native.config.js",
+    "building-blocks-rn-macos.podspec",
     "README.md"
   ],
   "scripts": {
@@ -27,7 +31,7 @@
     "dev": "tsc -p tsconfig.build.json --watch",
     "clean": "rm -rf dist",
     "typecheck": "tsc --noEmit",
-    "test": "echo 'No tests configured yet'",
+    "test": "vitest run",
     "lint": "eslint . --ext ts,tsx --ignore-pattern 'dist' --ignore-pattern 'node_modules' --report-unused-disable-directives --max-warnings 0",
     "lint:fix": "eslint . --ext ts,tsx --ignore-pattern 'dist' --ignore-pattern 'node_modules' --fix",
     "format": "prettier --write \"src/**/*.{ts,tsx,js,jsx,json}\"",
@@ -66,6 +70,13 @@
   },
   "devDependencies": {
     "@eslint/js": "^9.38.0",
+    "@react-native-async-storage/async-storage": "2.2.0",
+    "@react-navigation/native": "^7.1.28",
+    "@react-navigation/native-stack": "^7.10.1",
+    "@sudobility/types": "^1.9.54",
+    "@tanstack/react-query": "^5.90.19",
+    "@types/react": "~19.1.0",
+    "@types/react-dom": "^19.2.3",
     "@typescript-eslint/eslint-plugin": "^8.44.1",
     "@typescript-eslint/parser": "^8.44.1",
     "eslint": "^9.38.0",
@@ -73,19 +84,16 @@
     "eslint-plugin-prettier": "^5.5.4",
     "eslint-plugin-react-hooks": "^7.0.0",
     "eslint-plugin-react-refresh": "^0.4.0",
+    "i18next": "^25.8.0",
+    "jsdom": "^28.1.0",
     "prettier": "^3.6.2",
-    "@types/react": "~19.1.0",
-    "typescript": "~5.9.2",
     "react": "19.1.0",
+    "react-dom": "19.1.0",
+    "react-i18next": "^16.5.3",
     "react-native": "0.81.5",
     "react-native-safe-area-context": "~5.6.0",
-    "@react-navigation/native": "^7.1.28",
-    "@react-navigation/native-stack": "^7.10.1",
-    "@react-native-async-storage/async-storage": "2.2.0",
-    "i18next": "^25.8.0",
-    "react-i18next": "^16.5.3",
-    "@tanstack/react-query": "^5.90.19",
-    "@sudobility/types": "^1.9.53"
+    "typescript": "~5.9.2",
+    "vitest": "^4.0.18"
   },
   "publishConfig": {
     "access": "public"

package/react-native.config.js

@@ -0,0 +1,11 @@
+module.exports = {
+  dependency: {
+    platforms: {
+      ios: null,
+      android: null,
+      macos: {
+        podspecPath: __dirname + '/building-blocks-rn-macos.podspec',
+      },
+    },
+  },
+};

package/windows/WebAuthModule.cpp

@@ -0,0 +1,245 @@
+#include "pch.h"
+#include "WebAuthModule.h"
+
+#include <bcrypt.h>
+#include <wincrypt.h>
+#include <shellapi.h>
+#include <winsock2.h>
+#include <ws2tcpip.h>
+
+#include <string>
+#include <vector>
+#include <thread>
+#include <regex>
+
+#pragma comment(lib, "bcrypt.lib")
+#pragma comment(lib, "crypt32.lib")
+#pragma comment(lib, "ws2_32.lib")
+
+namespace BuildingBlocksRN {
+
+void WebAuthModule::Initialize(
+    winrt::Microsoft::ReactNative::ReactContext const &reactContext) noexcept {
+  m_reactContext = reactContext;
+}
+
+std::string WebAuthModule::Base64UrlEncode(const std::vector<uint8_t> &data) {
+  DWORD base64Len = 0;
+  CryptBinaryToStringA(data.data(), static_cast<DWORD>(data.size()),
+                       CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, nullptr,
+                       &base64Len);
+
+  std::string base64(base64Len, '\0');
+  CryptBinaryToStringA(data.data(), static_cast<DWORD>(data.size()),
+                       CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF,
+                       base64.data(), &base64Len);
+  base64.resize(base64Len);
+
+  // Convert base64 to base64url
+  std::string result;
+  result.reserve(base64.size());
+  for (char c : base64) {
+    if (c == '+')
+      result += '-';
+    else if (c == '/')
+      result += '_';
+    else if (c == '=')
+      continue; // strip padding
+    else
+      result += c;
+  }
+  return result;
+}
+
+void WebAuthModule::generateCodeVerifier(
+    React::ReactPromise<std::string> result) noexcept {
+  std::vector<uint8_t> randomBytes(32);
+  NTSTATUS status =
+      BCryptGenRandom(nullptr, randomBytes.data(),
+                      static_cast<ULONG>(randomBytes.size()),
+                      BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+  if (!BCRYPT_SUCCESS(status)) {
+    result.Reject(React::ReactError{
+        "RANDOM_ERROR", "Failed to generate random bytes"});
+    return;
+  }
+
+  result.Resolve(Base64UrlEncode(randomBytes));
+}
+
+void WebAuthModule::sha256(std::string input,
+                           React::ReactPromise<std::string> result) noexcept {
+  BCRYPT_ALG_HANDLE hAlg = nullptr;
+  BCRYPT_HASH_HANDLE hHash = nullptr;
+  NTSTATUS status;
+
+  status = BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA256_ALGORITHM, nullptr,
+                                       0);
+  if (!BCRYPT_SUCCESS(status)) {
+    result.Reject(
+        React::ReactError{"HASH_ERROR", "Failed to open algorithm provider"});
+    return;
+  }
+
+  status = BCryptCreateHash(hAlg, &hHash, nullptr, 0, nullptr, 0, 0);
+  if (!BCRYPT_SUCCESS(status)) {
+    BCryptCloseAlgorithmProvider(hAlg, 0);
+    result.Reject(
+        React::ReactError{"HASH_ERROR", "Failed to create hash"});
+    return;
+  }
+
+  status = BCryptHashData(hHash,
+                          reinterpret_cast<PUCHAR>(
+                              const_cast<char *>(input.data())),
+                          static_cast<ULONG>(input.size()), 0);
+  if (!BCRYPT_SUCCESS(status)) {
+    BCryptDestroyHash(hHash);
+    BCryptCloseAlgorithmProvider(hAlg, 0);
+    result.Reject(
+        React::ReactError{"HASH_ERROR", "Failed to hash data"});
+    return;
+  }
+
+  std::vector<uint8_t> hashValue(32); // SHA-256 = 32 bytes
+  status = BCryptFinishHash(hHash, hashValue.data(),
+                            static_cast<ULONG>(hashValue.size()), 0);
+  BCryptDestroyHash(hHash);
+  BCryptCloseAlgorithmProvider(hAlg, 0);
+
+  if (!BCRYPT_SUCCESS(status)) {
+    result.Reject(
+        React::ReactError{"HASH_ERROR", "Failed to finish hash"});
+    return;
+  }
+
+  result.Resolve(Base64UrlEncode(hashValue));
+}
+
+void WebAuthModule::authenticate(
+    std::string url, std::string callbackScheme,
+    React::ReactPromise<React::JSValue> result) noexcept {
+  // Launch authentication on a background thread to avoid blocking UI
+  std::thread([url = std::move(url), callbackScheme = std::move(callbackScheme),
+               result = std::move(result)]() mutable {
+    // Initialize Winsock for this thread
+    WSADATA wsaData;
+    if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
+      result.Reject(
+          React::ReactError{"SOCKET_ERROR", "Failed to initialize Winsock"});
+      return;
+    }
+
+    // Create a TCP listener on a random port
+    SOCKET listenSock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (listenSock == INVALID_SOCKET) {
+      WSACleanup();
+      result.Reject(
+          React::ReactError{"SOCKET_ERROR", "Failed to create socket"});
+      return;
+    }
+
+    sockaddr_in addr{};
+    addr.sin_family = AF_INET;
+    addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+    addr.sin_port = 0; // OS picks a free port
+
+    if (bind(listenSock, reinterpret_cast<sockaddr *>(&addr), sizeof(addr)) ==
+        SOCKET_ERROR) {
+      closesocket(listenSock);
+      WSACleanup();
+      result.Reject(
+          React::ReactError{"SOCKET_ERROR", "Failed to bind socket"});
+      return;
+    }
+
+    // Get the assigned port
+    int addrLen = sizeof(addr);
+    getsockname(listenSock, reinterpret_cast<sockaddr *>(&addr), &addrLen);
+    int port = ntohs(addr.sin_port);
+
+    if (listen(listenSock, 1) == SOCKET_ERROR) {
+      closesocket(listenSock);
+      WSACleanup();
+      result.Reject(
+          React::ReactError{"SOCKET_ERROR", "Failed to listen on socket"});
+      return;
+    }
+
+    // Build the redirect URI and full auth URL
+    std::string redirectUri =
+        "http://127.0.0.1:" + std::to_string(port) + "/callback";
+
+    // Append redirect_uri to the auth URL
+    std::string fullUrl = url;
+    if (fullUrl.find('?') != std::string::npos)
+      fullUrl += "&redirect_uri=" + redirectUri;
+    else
+      fullUrl += "?redirect_uri=" + redirectUri;
+
+    // Open browser
+    std::wstring wUrl(fullUrl.begin(), fullUrl.end());
+    ShellExecuteW(nullptr, L"open", wUrl.c_str(), nullptr, nullptr,
+                  SW_SHOWNORMAL);
+
+    // Set a timeout on the listen socket (60 seconds)
+    DWORD timeout = 60000;
+    setsockopt(listenSock, SOL_SOCKET, SO_RCVTIMEO,
+               reinterpret_cast<const char *>(&timeout), sizeof(timeout));
+
+    // Accept the redirect connection
+    SOCKET clientSock = accept(listenSock, nullptr, nullptr);
+    if (clientSock == INVALID_SOCKET) {
+      closesocket(listenSock);
+      WSACleanup();
+      result.Resolve(React::JSValue{nullptr}); // timeout / cancelled
+      return;
+    }
+
+    // Read the HTTP request
+    char buf[4096];
+    int bytesRead = recv(clientSock, buf, sizeof(buf) - 1, 0);
+    if (bytesRead <= 0) {
+      closesocket(clientSock);
+      closesocket(listenSock);
+      WSACleanup();
+      result.Resolve(React::JSValue{nullptr});
+      return;
+    }
+    buf[bytesRead] = '\0';
+
+    // Send a simple HTML response to close the browser tab
+    const char *response =
+        "HTTP/1.1 200 OK\r\n"
+        "Content-Type: text/html\r\n"
+        "Connection: close\r\n\r\n"
+        "<html><body><p>Authentication complete. You may close this "
+        "tab.</p><script>window.close()</script></body></html>";
+    send(clientSock, response, static_cast<int>(strlen(response)), 0);
+    closesocket(clientSock);
+    closesocket(listenSock);
+    WSACleanup();
+
+    // Parse the request line to extract the callback URL
+    std::string request(buf);
+    // Extract GET /callback?... HTTP/1.1
+    std::regex requestLineRegex(R"(GET\s+(/\S+)\s+HTTP)");
+    std::smatch match;
+    if (std::regex_search(request, match, requestLineRegex)) {
+      std::string path = match[1].str();
+      auto qPos = path.find('?');
+      if (qPos == std::string::npos) {
+        result.Resolve(React::JSValue{nullptr});
+        return;
+      }
+      // Reconstruct the full callback URL
+      std::string callbackUrl =
+          callbackScheme + "://callback" + path.substr(qPos);
+      result.Resolve(React::JSValue{callbackUrl});
+    } else {
+      result.Resolve(React::JSValue{nullptr});
+    }
+  }).detach();
+}
+
+} // namespace BuildingBlocksRN

package/windows/WebAuthModule.h

@@ -0,0 +1,29 @@
+#pragma once
+
+#include "pch.h"
+#include "NativeModules.h"
+#include <winrt/Microsoft.ReactNative.h>
+
+namespace BuildingBlocksRN {
+
+REACT_MODULE(WebAuthModule)
+struct WebAuthModule {
+  REACT_INIT(Initialize)
+  void Initialize(winrt::Microsoft::ReactNative::ReactContext const &reactContext) noexcept;
+
+  REACT_METHOD(generateCodeVerifier)
+  void generateCodeVerifier(React::ReactPromise<std::string> result) noexcept;
+
+  REACT_METHOD(sha256)
+  void sha256(std::string input, React::ReactPromise<std::string> result) noexcept;
+
+  REACT_METHOD(authenticate)
+  void authenticate(std::string url, std::string callbackScheme,
+                    React::ReactPromise<React::JSValue> result) noexcept;
+
+ private:
+  static std::string Base64UrlEncode(const std::vector<uint8_t> &data);
+  winrt::Microsoft::ReactNative::ReactContext m_reactContext;
+};
+
+} // namespace BuildingBlocksRN