@techfinityedge/koolbase-react-native 1.10.0 → 1.11.0

package/README.md

@@ -12,15 +12,13 @@ Auth, database, storage, realtime, functions, feature flags, remote config, vers
 ## Get started in 2 minutes
 
 1. Create a free account at [app.koolbase.com](https://app.koolbase.com)
-
 2. Create a project and copy your public key from Environments
-
 3. Add the SDK:
 
 ```bash
-npm install @techfinityedge/koolbase-react-native@^1.8.0
+npm install @techfinityedge/koolbase-react-native@^1.10.0
 # or
-yarn add @techfinityedge/koolbase-react-native@^1.8.0
+yarn add @techfinityedge/koolbase-react-native@^1.10.0
 ```
 
 **4. Initialize at app startup:**
@@ -40,7 +38,7 @@ That's it. Every feature below is now available via `Koolbase.*`.
 
 ## Authentication
 
-Email + password, Google, Apple, and phone + OTP — out of the box.
+Email + password, Apple Sign-In, Google Sign-In, and phone + OTP — out of the box.
 
 ```typescript
 // Register
@@ -57,30 +55,60 @@ await Koolbase.auth.logout();
 
 // Password reset
 await Koolbase.auth.forgotPassword('user@example.com');
+
+// Listen to auth state changes (fires immediately with current state)
+const unsubscribe = Koolbase.auth.onAuthStateChange((user) => {
+  console.log(user ? 'signed in' : 'signed out');
+});
 ```
 
-### OAuth — Google & Apple
+### OAuth — Apple
+
+Apple Sign-In uses the native authentication flow via `@invertase/react-native-apple-authentication` as a peer dependency:
 
 ```typescript
-// Google
-await Koolbase.auth.signInWithGoogle({ idToken: googleIdToken });
+import appleAuth from '@invertase/react-native-apple-authentication';
+import { Koolbase } from '@techfinityedge/koolbase-react-native';
+
+const response = await appleAuth.performRequest({
+  requestedOperation: appleAuth.Operation.LOGIN,
+  requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME],
+});
+
+const session = await Koolbase.auth.signInWithApple({
+  identityToken: response.identityToken!,
+  nonce: response.nonce,
+  fullName: response.fullName
+    ? {
+        givenName: response.fullName.givenName ?? undefined,
+        familyName: response.fullName.familyName ?? undefined,
+      }
+    : undefined,
+});
 ```
 
-Apple uses the native authentication flow via `@invertase/react-native-apple-authentication` as a peer dependency:
+Configure Apple Sign-In for your environment with your iOS app's Bundle ID. Full setup guide at [docs.koolbase.com/auth/oauth](https://docs.koolbase.com/auth/oauth).
+
+### OAuth — Google
+
+Google Sign-In uses the native authentication flow via `@react-native-google-signin/google-signin` as a peer dependency:
 
 ```typescript
-import { KoolbaseAppleAuth } from '@techfinityedge/koolbase-react-native';
-import { appleAuth } from '@invertase/react-native-apple-authentication';
-
-const session = await KoolbaseAppleAuth.signIn(async () => {
-  return await appleAuth.performRequest({
-    requestedOperation: appleAuth.Operation.LOGIN,
-    requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME],
-  });
+import { GoogleSignin } from '@react-native-google-signin/google-signin';
+import { Koolbase } from '@techfinityedge/koolbase-react-native';
+
+GoogleSignin.configure({
+  webClientId: '<your-web-client-id>.apps.googleusercontent.com',
+});
+
+const userInfo = await GoogleSignin.signIn();
+
+const session = await Koolbase.auth.signInWithGoogle({
+  idToken: userInfo.idToken!,
 });
 ```
 
-Full setup guide at [docs.koolbase.com/auth/oauth](https://docs.koolbase.com/auth/oauth).
+Configure Google Sign-In for your environment with the OAuth client IDs from Google Cloud Console (typically one each for iOS, Android, and web). Full setup guide at [docs.koolbase.com/auth/oauth](https://docs.koolbase.com/auth/oauth).
 
 ### Phone + OTP
 
@@ -150,6 +178,7 @@ const { url } = await Koolbase.storage.upload({
 });
 
 const downloadUrl = await Koolbase.storage.getDownloadUrl('avatars', `user-${userId}.jpg`);
+
 await Koolbase.storage.delete('avatars', `user-${userId}.jpg`);
 ```
 
@@ -177,11 +206,10 @@ Invoke deployed serverless functions. When a user is signed in via `Koolbase.aut
 const result = await Koolbase.functions.invoke('send-welcome-email', {
   userId: '123',
 });
-
 if (result.success) console.log(result.data);
 ```
 
-Inside the function (Deno runtime), read the caller:
+Inside the function, read the caller:
 
 ```typescript
 export async function handler(ctx) {
@@ -325,20 +353,18 @@ await Koolbase.messaging.send({
 
 ## What's included
 
-| Feature | Koolbase | Firebase | Supabase |
-| --- | --- | --- | --- |
-| TypeScript SDK | Yes | Yes | Yes |
-| Feature flags | Yes | — | — |
-| Remote config | Yes | Yes | — |
-| Version enforcement | Yes | — | — |
-| Offline-first database | Yes | Yes | — |
-| Code push | Yes | — | — |
-| Logic engine (flows OTA) | Yes | — | — |
-| Analytics | Yes | Yes | — |
-| Cloud Messaging | Yes | Yes | — |
-| Sign in with Apple | Yes | Yes | Yes |
-| Phone + OTP | Yes | Yes | Yes |
-| Authenticated functions (`ctx.auth`) | Yes | Yes | Yes |
+- Authentication: email + password, Apple Sign-In, phone + OTP
+- Database with offline-first cache, realtime subscriptions, and populate
+- Storage with download URLs
+- Realtime subscriptions over WebSocket
+- Authenticated functions (`ctx.auth` exposes the caller automatically)
+- Feature flags and remote config
+- Version enforcement
+- Code push (config + flag overrides + directives, no store release)
+- Logic engine (conditional flows as data, updatable OTA)
+- Analytics (DAU/WAU/MAU, funnels, retention)
+- Cloud Messaging (FCM token registration, targeted send, broadcast)
+- TypeScript-native with full type definitions
 
 ---
 

package/dist/auth-errors.d.ts

@@ -106,3 +106,12 @@ export declare class AppleEmailRequiredError extends KoolbaseAuthError {
 export declare class OAuthEmailConflictError extends KoolbaseAuthError {
     constructor();
 }
+export declare class GoogleSignInNotConfiguredError extends KoolbaseAuthError {
+    constructor();
+}
+export declare class InvalidGoogleTokenError extends KoolbaseAuthError {
+    constructor();
+}
+export declare class GoogleEmailRequiredError extends KoolbaseAuthError {
+    constructor();
+}

package/dist/auth-errors.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.OAuthEmailConflictError = exports.AppleEmailRequiredError = exports.InvalidAppleTokenError = exports.AppleSignInNotConfiguredError = exports.SmsConfigMissingError = exports.PhoneAlreadyLinkedError = exports.OtpRateLimitError = exports.OtpMaxAttemptsError = exports.OtpInvalidError = exports.OtpExpiredError = exports.InvalidPhoneNumberError = exports.NetworkError = exports.RateLimitError = exports.UnlockTokenInvalidError = exports.AccountLockedError = exports.TokenRevokedError = exports.SessionExpiredError = exports.WeakPasswordError = exports.UserDisabledError = exports.EmailAlreadyInUseError = exports.InvalidCredentialsError = exports.KoolbaseAuthError = void 0;
+exports.GoogleEmailRequiredError = exports.InvalidGoogleTokenError = exports.GoogleSignInNotConfiguredError = exports.OAuthEmailConflictError = exports.AppleEmailRequiredError = exports.InvalidAppleTokenError = exports.AppleSignInNotConfiguredError = exports.SmsConfigMissingError = exports.PhoneAlreadyLinkedError = exports.OtpRateLimitError = exports.OtpMaxAttemptsError = exports.OtpInvalidError = exports.OtpExpiredError = exports.InvalidPhoneNumberError = exports.NetworkError = exports.RateLimitError = exports.UnlockTokenInvalidError = exports.AccountLockedError = exports.TokenRevokedError = exports.SessionExpiredError = exports.WeakPasswordError = exports.UserDisabledError = exports.EmailAlreadyInUseError = exports.InvalidCredentialsError = exports.KoolbaseAuthError = void 0;
 /**
  * Base error type for all Koolbase auth errors. Catchable via
  * `instanceof KoolbaseAuthError` to handle any auth-related failure
@@ -224,3 +224,27 @@ class OAuthEmailConflictError extends KoolbaseAuthError {
     }
 }
 exports.OAuthEmailConflictError = OAuthEmailConflictError;
+class GoogleSignInNotConfiguredError extends KoolbaseAuthError {
+    constructor() {
+        super('Google Sign-In is not configured for this environment', 'google_not_configured');
+        this.name = 'GoogleSignInNotConfiguredError';
+        Object.setPrototypeOf(this, GoogleSignInNotConfiguredError.prototype);
+    }
+}
+exports.GoogleSignInNotConfiguredError = GoogleSignInNotConfiguredError;
+class InvalidGoogleTokenError extends KoolbaseAuthError {
+    constructor() {
+        super('Invalid Google identity token', 'invalid_google_token');
+        this.name = 'InvalidGoogleTokenError';
+        Object.setPrototypeOf(this, InvalidGoogleTokenError.prototype);
+    }
+}
+exports.InvalidGoogleTokenError = InvalidGoogleTokenError;
+class GoogleEmailRequiredError extends KoolbaseAuthError {
+    constructor() {
+        super('Google did not return email for this sign-in. Ensure the email scope is requested in the native flow.', 'google_email_required');
+        this.name = 'GoogleEmailRequiredError';
+        Object.setPrototypeOf(this, GoogleEmailRequiredError.prototype);
+    }
+}
+exports.GoogleEmailRequiredError = GoogleEmailRequiredError;

package/dist/auth.d.ts

@@ -1,4 +1,5 @@
 import { AuthStateListener, KoolbaseConfig, KoolbaseSession, KoolbaseUser, LinkPhoneParams, LoginParams, OtpSendResult, PhoneVerifyResult, RegisterParams, RestoreResult, SendOtpParams, SignInWithAppleParams, VerifyOtpParams } from './types';
+import type { SignInWithGoogleParams } from './types';
 export declare class KoolbaseAuth {
     private config;
     private storage;
@@ -85,6 +86,35 @@ export declare class KoolbaseAuth {
    *   but auto-link rule blocked (409).
    */
     signInWithApple(params: SignInWithAppleParams): Promise<KoolbaseSession>;
+    /**
+     * Sign in with Google using an idToken from a native Google Sign-In SDK.
+     *
+     * The SDK is library-agnostic — use any native Google Sign-In package
+     * (`@react-native-google-signin/google-signin`, etc.) and pass the
+     * resulting `idToken`. Google embeds the user's name and email in the
+     * idToken itself, so this method does not take a `fullName` parameter
+     * (unlike `signInWithApple`).
+     *
+     * On success the session is persisted via the configured storage and
+     * `onAuthStateChange` fires with the resolved user.
+     *
+     * @throws GoogleSignInNotConfiguredError when Google is not enabled
+     *   in the OAuth config for this environment (400).
+     * @throws InvalidGoogleTokenError when the token signature, audience,
+     *   expiry, replay, or nonce check failed server-side (401).
+     * @throws UserDisabledError when the account flag is set to disabled (403).
+     * @throws GoogleEmailRequiredError when Google did not return email
+     *   for a new-account sign-in (400).
+     * @throws OAuthEmailConflictError when email matches existing user
+     *   but auto-link rule blocked (409).
+     */
+    signInWithGoogle(params: SignInWithGoogleParams): Promise<KoolbaseSession>;
+    /**
+     * Parses a /v1/sdk/auth/oauth/google response. Distinct from
+     * parseSessionResponse and parseAppleSessionResponse because OAuth
+     * error semantics differ per-provider.
+     */
+    private parseGoogleSessionResponse;
     /**
      * Parses a /v1/sdk/auth/oauth/apple response. Distinct from
      * parseSessionResponse because OAuth error semantics differ from

package/dist/auth.js

@@ -259,6 +259,85 @@ class KoolbaseAuth {
         await this.setSessionInternal(session);
         return session;
     }
+    /**
+     * Sign in with Google using an idToken from a native Google Sign-In SDK.
+     *
+     * The SDK is library-agnostic — use any native Google Sign-In package
+     * (`@react-native-google-signin/google-signin`, etc.) and pass the
+     * resulting `idToken`. Google embeds the user's name and email in the
+     * idToken itself, so this method does not take a `fullName` parameter
+     * (unlike `signInWithApple`).
+     *
+     * On success the session is persisted via the configured storage and
+     * `onAuthStateChange` fires with the resolved user.
+     *
+     * @throws GoogleSignInNotConfiguredError when Google is not enabled
+     *   in the OAuth config for this environment (400).
+     * @throws InvalidGoogleTokenError when the token signature, audience,
+     *   expiry, replay, or nonce check failed server-side (401).
+     * @throws UserDisabledError when the account flag is set to disabled (403).
+     * @throws GoogleEmailRequiredError when Google did not return email
+     *   for a new-account sign-in (400).
+     * @throws OAuthEmailConflictError when email matches existing user
+     *   but auto-link rule blocked (409).
+     */
+    async signInWithGoogle(params) {
+        const body = {
+            identity_token: params.idToken,
+        };
+        if (params.nonce && params.nonce.length > 0) {
+            body.nonce = params.nonce;
+        }
+        const res = await this.authRequest('/v1/sdk/auth/oauth/google', {
+            method: 'POST',
+            body,
+        });
+        const session = await this.parseGoogleSessionResponse(res);
+        await this.setSessionInternal(session);
+        return session;
+    }
+    /**
+     * Parses a /v1/sdk/auth/oauth/google response. Distinct from
+     * parseSessionResponse and parseAppleSessionResponse because OAuth
+     * error semantics differ per-provider.
+     */
+    async parseGoogleSessionResponse(res) {
+        if (res.status === 200) {
+            const data = await res.json();
+            return {
+                accessToken: data.access_token,
+                refreshToken: data.refresh_token,
+                expiresAt: data.expires_at,
+                user: this.mapUser(data.user),
+            };
+        }
+        let errorMessage = '';
+        try {
+            const data = await res.json();
+            errorMessage = data?.error ?? '';
+        }
+        catch {
+            // best-effort error message extraction
+        }
+        if (res.status === 400) {
+            if (errorMessage.includes('not configured')) {
+                throw new auth_errors_1.GoogleSignInNotConfiguredError();
+            }
+            if (errorMessage.includes('did not return email')) {
+                throw new auth_errors_1.GoogleEmailRequiredError();
+            }
+            throw new auth_errors_1.KoolbaseAuthError(`google sign-in failed: ${errorMessage}`, 'google_signin_failed');
+        }
+        if (res.status === 401)
+            throw new auth_errors_1.InvalidGoogleTokenError();
+        if (res.status === 403)
+            throw new auth_errors_1.UserDisabledError();
+        if (res.status === 409)
+            throw new auth_errors_1.OAuthEmailConflictError();
+        if (res.status === 429)
+            throw new auth_errors_1.RateLimitError(errorMessage);
+        throw new auth_errors_1.KoolbaseAuthError(`google sign-in failed: ${res.status} ${errorMessage}`, `google_signin_http_${res.status}`);
+    }
     /**
      * Parses a /v1/sdk/auth/oauth/apple response. Distinct from
      * parseSessionResponse because OAuth error semantics differ from

package/dist/device-metadata.d.ts

@@ -4,7 +4,7 @@
  * version-conditional logic (deprecation warnings, schema migrations,
  * feature flags). Must match the `version` field in package.json.
  */
-export declare const koolbaseSdkVersion = "1.10.0";
+export declare const koolbaseSdkVersion = "1.11.0";
 /**
  * Builds device-identifying headers attached to every Koolbase auth
  * request. Mirrors the Flutter SDK's `DeviceMetadata` for parity. Apps

package/dist/device-metadata.js

@@ -9,7 +9,7 @@ const auth_storage_1 = require("./auth-storage");
  * version-conditional logic (deprecation warnings, schema migrations,
  * feature flags). Must match the `version` field in package.json.
  */
-exports.koolbaseSdkVersion = '1.10.0';
+exports.koolbaseSdkVersion = '1.11.0';
 /**
  * Generate a UUIDv4-shaped string for use as a stable per-install
  * device label. Not cryptographically secure — this is a label, not a

package/dist/types.d.ts

@@ -224,3 +224,15 @@ export interface SignInWithAppleParams {
     nonce?: string;
     fullName?: AppleFullName;
 }
+/**
+ * Parameters for `KoolbaseAuth.signInWithGoogle`. The SDK is
+ * library-agnostic — `idToken` should come from any native Google
+ * Sign-In package (e.g. `@react-native-google-signin/google-signin`).
+ *
+ * Unlike Apple, Google embeds the user's name and email in the idToken
+ * itself, so no separate `fullName` parameter is needed.
+ */
+export interface SignInWithGoogleParams {
+    idToken: string;
+    nonce?: string;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@techfinityedge/koolbase-react-native",
-  "version": "1.10.0",
+  "version": "1.11.0",
   "description": "React Native SDK for Koolbase \u2014 auth, database, storage, realtime, feature flags, and functions in one package.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",