@tiquo/dom-package 1.3.1 → 1.3.3

package/README.md

@@ -174,7 +174,7 @@ const completedOrders = await auth.getOrders({ status: 'completed' });
 **Options:**
 - `limit` - Number of orders to return (max 100, default 50)
 - `cursor` - Order ID to start after (for pagination)
-- `status` - Filter by status: `draft`, `pending`, `confirmed`, `processing`, `completed`, `cancelled`, `refunded`, `open_tab`
+- `status` - Filter by status: `draft`, `pending`, `processing`, `completed`, `cancelled`, `refunded`, `open_tab`
 
 **Returns:**
 - `orders` - Array of order objects with items, totals, and status

package/dist/index.d.mts

@@ -231,6 +231,9 @@ declare global {
             accessToken: string;
             refreshToken?: string;
         };
+        __tiquo_get_iframe_token?: () => Promise<{
+            token: string;
+        }>;
     }
 }
 interface TiquoUser {
@@ -325,7 +328,7 @@ interface TiquoOrderItem {
 interface TiquoOrder {
     id: string;
     orderNumber: string;
-    status: 'draft' | 'pending' | 'confirmed' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
+    status: 'draft' | 'pending' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
     paymentStatus: 'pending' | 'paid' | 'partial' | 'refunded' | 'partially_refunded' | 'failed' | 'cancelled';
     total: number;
     subtotal: number;
@@ -418,6 +421,8 @@ declare class TiquoAuth {
     private refreshTimer;
     private isRefreshing;
     private visibilityHandler;
+    private iframeObserver;
+    private injectedIframes;
     private broadcastChannel;
     private tabId;
     private isProcessingTabSync;
@@ -490,6 +495,17 @@ declare class TiquoAuth {
         onLoad?: () => void;
         onError?: (error: Error) => void;
     }): Promise<HTMLIFrameElement>;
+    /**
+     * Automatically find and inject auth tokens into existing Tiquo booking
+     * iframes on the page. Also watches for iframes added later via
+     * MutationObserver. This enables token injection even when the site uses
+     * a static <iframe> embed snippet rather than embedCustomerFlow().
+     */
+    private autoInjectIframeTokens;
+    private scanAndInjectIframes;
+    private injectTokenIntoIframe;
+    private isTiquoEmbedUrl;
+    private observeNewIframes;
     /**
      * Get the current access token (for advanced use cases)
      */

package/dist/index.d.ts

@@ -231,6 +231,9 @@ declare global {
             accessToken: string;
             refreshToken?: string;
         };
+        __tiquo_get_iframe_token?: () => Promise<{
+            token: string;
+        }>;
     }
 }
 interface TiquoUser {
@@ -325,7 +328,7 @@ interface TiquoOrderItem {
 interface TiquoOrder {
     id: string;
     orderNumber: string;
-    status: 'draft' | 'pending' | 'confirmed' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
+    status: 'draft' | 'pending' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
     paymentStatus: 'pending' | 'paid' | 'partial' | 'refunded' | 'partially_refunded' | 'failed' | 'cancelled';
     total: number;
     subtotal: number;
@@ -418,6 +421,8 @@ declare class TiquoAuth {
     private refreshTimer;
     private isRefreshing;
     private visibilityHandler;
+    private iframeObserver;
+    private injectedIframes;
     private broadcastChannel;
     private tabId;
     private isProcessingTabSync;
@@ -490,6 +495,17 @@ declare class TiquoAuth {
         onLoad?: () => void;
         onError?: (error: Error) => void;
     }): Promise<HTMLIFrameElement>;
+    /**
+     * Automatically find and inject auth tokens into existing Tiquo booking
+     * iframes on the page. Also watches for iframes added later via
+     * MutationObserver. This enables token injection even when the site uses
+     * a static <iframe> embed snippet rather than embedCustomerFlow().
+     */
+    private autoInjectIframeTokens;
+    private scanAndInjectIframes;
+    private injectTokenIntoIframe;
+    private isTiquoEmbedUrl;
+    private observeNewIframes;
     /**
      * Get the current access token (for advanced use cases)
      */

package/dist/index.js

@@ -650,6 +650,33 @@ function buildPhone(countryCode, nationalNumber) {
 }
 
 // src/index.ts
+var _brandingPrinted = false;
+function printTiquoBranding() {
+  if (_brandingPrinted) return;
+  if (typeof window === "undefined" || typeof console === "undefined") return;
+  _brandingPrinted = true;
+  try {
+    const art = [
+      " _   _                   ",
+      "| |_(_) __ _ _   _  ___  ",
+      "| __| |/ _` | | | |/ _ \\ ",
+      "| |_| | (_| | |_| | (_) |",
+      " \\__|_|\\__, |\\__,_|\\___/ ",
+      "          |_|            "
+    ].join("\n");
+    console.log(
+      `%c${art}`,
+      "color:#6d28d9;font-weight:bold;font-size:12px;font-family:monospace"
+    );
+    console.log(
+      "%cLearn more at %chttps://tiquo.co",
+      "color:#6d28d9;font-size:11px",
+      "color:#6d28d9;font-size:11px;text-decoration:underline"
+    );
+  } catch {
+  }
+}
+printTiquoBranding();
 var TiquoAuthError = class extends Error {
   constructor(message, code, statusCode) {
     super(message);
@@ -685,9 +712,12 @@ var TiquoAuth = class {
     this.refreshTimer = null;
     this.isRefreshing = false;
     this.visibilityHandler = null;
+    this.iframeObserver = null;
+    this.injectedIframes = /* @__PURE__ */ new WeakSet();
     // Multi-tab sync
     this.broadcastChannel = null;
     this.isProcessingTabSync = false;
+    printTiquoBranding();
     if (!config.publicKey) {
       throw new TiquoAuthError("publicKey is required", "MISSING_PUBLIC_KEY");
     }
@@ -714,6 +744,7 @@ var TiquoAuth = class {
     this.checkForInjectedTokens();
     this.restoreTokens();
     this.initVisibilityHandler();
+    this.autoInjectIframeTokens();
   }
   // ============================================
   // PUBLIC METHODS
@@ -1045,6 +1076,77 @@ var TiquoAuth = class {
     containerEl.appendChild(iframe);
     return iframe;
   }
+  /**
+   * Automatically find and inject auth tokens into existing Tiquo booking
+   * iframes on the page. Also watches for iframes added later via
+   * MutationObserver. This enables token injection even when the site uses
+   * a static <iframe> embed snippet rather than embedCustomerFlow().
+   */
+  autoInjectIframeTokens() {
+    if (typeof document === "undefined") return;
+    if (!this.accessToken) return;
+    if (typeof window !== "undefined") {
+      window.__tiquo_get_iframe_token = () => this.getIframeToken();
+    }
+    Promise.resolve().then(() => this.scanAndInjectIframes());
+    this.observeNewIframes();
+  }
+  async scanAndInjectIframes() {
+    if (!this.accessToken) return;
+    const iframes = document.querySelectorAll("iframe");
+    for (const iframe of iframes) {
+      await this.injectTokenIntoIframe(iframe);
+    }
+  }
+  async injectTokenIntoIframe(iframe) {
+    if (this.injectedIframes.has(iframe)) return;
+    const src = iframe.src || iframe.getAttribute("src") || "";
+    if (!src) return;
+    try {
+      const url = new URL(src, window.location.origin);
+      if (!this.isTiquoEmbedUrl(url)) return;
+      if (url.searchParams.has("_auth_token")) {
+        this.injectedIframes.add(iframe);
+        return;
+      }
+      const { token } = await this.getIframeToken();
+      url.searchParams.set("_auth_token", token);
+      this.injectedIframes.add(iframe);
+      iframe.src = url.toString();
+      this.log("Injected auth token into existing iframe:", url.pathname);
+    } catch (error) {
+      this.log("Failed to inject token into iframe:", error);
+    }
+  }
+  isTiquoEmbedUrl(url) {
+    const hostname = url.hostname;
+    const isTiquoHost = hostname === "book.tiquo.app" || hostname.endsWith(".tiquo.app") || hostname === "localhost";
+    return isTiquoHost && url.pathname.startsWith("/embed/");
+  }
+  observeNewIframes() {
+    if (typeof MutationObserver === "undefined") return;
+    if (this.iframeObserver) return;
+    this.iframeObserver = new MutationObserver((mutations) => {
+      if (!this.accessToken) return;
+      for (const mutation of mutations) {
+        for (const node of mutation.addedNodes) {
+          if (node instanceof HTMLIFrameElement) {
+            this.injectTokenIntoIframe(node);
+          }
+          if (node instanceof HTMLElement) {
+            const nested = node.querySelectorAll("iframe");
+            for (const iframe of nested) {
+              this.injectTokenIntoIframe(iframe);
+            }
+          }
+        }
+      }
+    });
+    this.iframeObserver.observe(document.body || document.documentElement, {
+      childList: true,
+      subtree: true
+    });
+  }
   /**
    * Get the current access token (for advanced use cases)
    */
@@ -1441,6 +1543,13 @@ var TiquoAuth = class {
       this.broadcastChannel.close();
       this.broadcastChannel = null;
     }
+    if (this.iframeObserver) {
+      this.iframeObserver.disconnect();
+      this.iframeObserver = null;
+    }
+    if (typeof window !== "undefined") {
+      delete window.__tiquo_get_iframe_token;
+    }
     this.listeners.clear();
   }
 };

package/dist/index.mjs

@@ -614,6 +614,33 @@ function buildPhone(countryCode, nationalNumber) {
 }
 
 // src/index.ts
+var _brandingPrinted = false;
+function printTiquoBranding() {
+  if (_brandingPrinted) return;
+  if (typeof window === "undefined" || typeof console === "undefined") return;
+  _brandingPrinted = true;
+  try {
+    const art = [
+      " _   _                   ",
+      "| |_(_) __ _ _   _  ___  ",
+      "| __| |/ _` | | | |/ _ \\ ",
+      "| |_| | (_| | |_| | (_) |",
+      " \\__|_|\\__, |\\__,_|\\___/ ",
+      "          |_|            "
+    ].join("\n");
+    console.log(
+      `%c${art}`,
+      "color:#6d28d9;font-weight:bold;font-size:12px;font-family:monospace"
+    );
+    console.log(
+      "%cLearn more at %chttps://tiquo.co",
+      "color:#6d28d9;font-size:11px",
+      "color:#6d28d9;font-size:11px;text-decoration:underline"
+    );
+  } catch {
+  }
+}
+printTiquoBranding();
 var TiquoAuthError = class extends Error {
   constructor(message, code, statusCode) {
     super(message);
@@ -649,9 +676,12 @@ var TiquoAuth = class {
     this.refreshTimer = null;
     this.isRefreshing = false;
     this.visibilityHandler = null;
+    this.iframeObserver = null;
+    this.injectedIframes = /* @__PURE__ */ new WeakSet();
     // Multi-tab sync
     this.broadcastChannel = null;
     this.isProcessingTabSync = false;
+    printTiquoBranding();
     if (!config.publicKey) {
       throw new TiquoAuthError("publicKey is required", "MISSING_PUBLIC_KEY");
     }
@@ -678,6 +708,7 @@ var TiquoAuth = class {
     this.checkForInjectedTokens();
     this.restoreTokens();
     this.initVisibilityHandler();
+    this.autoInjectIframeTokens();
   }
   // ============================================
   // PUBLIC METHODS
@@ -1009,6 +1040,77 @@ var TiquoAuth = class {
     containerEl.appendChild(iframe);
     return iframe;
   }
+  /**
+   * Automatically find and inject auth tokens into existing Tiquo booking
+   * iframes on the page. Also watches for iframes added later via
+   * MutationObserver. This enables token injection even when the site uses
+   * a static <iframe> embed snippet rather than embedCustomerFlow().
+   */
+  autoInjectIframeTokens() {
+    if (typeof document === "undefined") return;
+    if (!this.accessToken) return;
+    if (typeof window !== "undefined") {
+      window.__tiquo_get_iframe_token = () => this.getIframeToken();
+    }
+    Promise.resolve().then(() => this.scanAndInjectIframes());
+    this.observeNewIframes();
+  }
+  async scanAndInjectIframes() {
+    if (!this.accessToken) return;
+    const iframes = document.querySelectorAll("iframe");
+    for (const iframe of iframes) {
+      await this.injectTokenIntoIframe(iframe);
+    }
+  }
+  async injectTokenIntoIframe(iframe) {
+    if (this.injectedIframes.has(iframe)) return;
+    const src = iframe.src || iframe.getAttribute("src") || "";
+    if (!src) return;
+    try {
+      const url = new URL(src, window.location.origin);
+      if (!this.isTiquoEmbedUrl(url)) return;
+      if (url.searchParams.has("_auth_token")) {
+        this.injectedIframes.add(iframe);
+        return;
+      }
+      const { token } = await this.getIframeToken();
+      url.searchParams.set("_auth_token", token);
+      this.injectedIframes.add(iframe);
+      iframe.src = url.toString();
+      this.log("Injected auth token into existing iframe:", url.pathname);
+    } catch (error) {
+      this.log("Failed to inject token into iframe:", error);
+    }
+  }
+  isTiquoEmbedUrl(url) {
+    const hostname = url.hostname;
+    const isTiquoHost = hostname === "book.tiquo.app" || hostname.endsWith(".tiquo.app") || hostname === "localhost";
+    return isTiquoHost && url.pathname.startsWith("/embed/");
+  }
+  observeNewIframes() {
+    if (typeof MutationObserver === "undefined") return;
+    if (this.iframeObserver) return;
+    this.iframeObserver = new MutationObserver((mutations) => {
+      if (!this.accessToken) return;
+      for (const mutation of mutations) {
+        for (const node of mutation.addedNodes) {
+          if (node instanceof HTMLIFrameElement) {
+            this.injectTokenIntoIframe(node);
+          }
+          if (node instanceof HTMLElement) {
+            const nested = node.querySelectorAll("iframe");
+            for (const iframe of nested) {
+              this.injectTokenIntoIframe(iframe);
+            }
+          }
+        }
+      }
+    });
+    this.iframeObserver.observe(document.body || document.documentElement, {
+      childList: true,
+      subtree: true
+    });
+  }
   /**
    * Get the current access token (for advanced use cases)
    */
@@ -1405,6 +1507,13 @@ var TiquoAuth = class {
       this.broadcastChannel.close();
       this.broadcastChannel = null;
     }
+    if (this.iframeObserver) {
+      this.iframeObserver.disconnect();
+      this.iframeObserver = null;
+    }
+    if (typeof window !== "undefined") {
+      delete window.__tiquo_get_iframe_token;
+    }
     this.listeners.clear();
   }
 };

package/package.json

@@ -1,7 +1,8 @@
 {
   "name": "@tiquo/dom-package",
-  "version": "1.3.1",
+  "version": "1.3.3",
   "description": "Tiquo SDK for third-party websites - authentication, customer profiles, orders, bookings, and enquiries",
+  "sideEffects": true,
   "publishConfig": {
     "access": "restricted"
   },