npm - authscape - Versions diffs - 1.0.776 → 1.0.780 - Mend

authscape 1.0.776 → 1.0.780

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/index.js +6 -27
package/package.json +1 -1
package/src/components/AuthScapeApp.js +4 -28
package/src/scripts/postinstall.js +91 -0

package/index.js CHANGED Viewed

@@ -42,9 +42,10 @@ exports.useNotifications = useNotifications;
 var _react = _interopRequireWildcard(require("react"));
 var _reactToastify = require("react-toastify");
 var _head = _interopRequireDefault(require("next/head"));
-var _router = _interopRequireWildcard(require("next/router"));
+var _navigation = require("next/navigation");
 var _axios = _interopRequireDefault(require("axios"));
 var _queryString = _interopRequireDefault(require("query-string"));
+var _router = _interopRequireDefault(require("next/router"));
 var _ga4React = _interopRequireDefault(require("ga-4-react"));
 var _zustand = require("zustand");
 var _reactMicrosoftClarity = require("react-microsoft-clarity");
@@ -726,6 +727,7 @@ function ensureUserHelpers(u) {
 // AuthScapeApp Component
 // ============================================================================
 function AuthScapeApp(_ref0) {
+  var _searchParams$get;
   var Component = _ref0.Component,
     layout = _ref0.layout,
     loadingLayout = _ref0.loadingLayout,
@@ -769,32 +771,9 @@ function AuthScapeApp(_ref0) {
   var ga4React = (0, _react.useRef)(null);
   var errorTrackingInitializedRef = (0, _react.useRef)(false);
   var loginRedirectPending = (0, _react.useRef)(false);
-  // Use Pages Router's `useRouter` instead of `useSearchParams`/`usePathname`
-  // from `next/navigation`. The `next/navigation` hooks don't hydrate query
-  // params reliably on the 404 page in Webkit/Safari — when the IDP redirects
-  // back to /signin-oidc (a URL with no Next.js page in the consumer project),
-  // useSearchParams() returns null and the PKCE code is never picked up.
-  // The Pages Router router parses query from `asPath` and works on 404 too.
-  //
-  // SSR safety: accessing `router.isReady`, `router.query`, `router.asPath`
-  // throws "NextRouter was not mounted" on server-side renders where the
-  // router singleton hasn't been initialized (Static Generation, _error
-  // pages, some edge-runtime paths). We only do the work on the client.
-  var router = (0, _router.useRouter)();
-  var queryCode = null;
-  var pathname = "";
-  if (typeof window !== "undefined") {
-    try {
-      if (router && router.isReady) {
-        var raw = router.query && router.query.code;
-        queryCode = typeof raw === "string" ? raw : Array.isArray(raw) ? raw[0] : null;
-      }
-      pathname = (router && router.asPath || "").split("?")[0].split("#")[0];
-    } catch (_) {
-      // router not mounted (SSR / static render) — leave defaults
-    }
-  }
+  var searchParams = (0, _navigation.useSearchParams)();
+  var queryCode = (_searchParams$get = searchParams === null || searchParams === void 0 ? void 0 : searchParams.get("code")) !== null && _searchParams$get !== void 0 ? _searchParams$get : null;
+  var pathname = (0, _navigation.usePathname)();
   var signInValidator = /*#__PURE__*/function () {
     var _ref1 = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime().mark(function _callee8(codeFromQuery) {
       var codeVerifier, headers, body, response, domainHost, redirectUri, usr, enrichedUser;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "authscape",
-  "version": "1.0.776",
+  "version": "1.0.780",
   "description": "",
   "main": "index.js",
   "files": [

package/src/components/AuthScapeApp.js CHANGED Viewed

@@ -4,7 +4,7 @@ import Head from "next/head";
 // Re-export toast and transitions so pages can import from authscape
 export { toast, Bounce, Slide, Zoom, Flip };
-import { useRouter } from "next/router";
+import { useSearchParams, usePathname } from "next/navigation";
 import axios from "axios";
 import querystring from "query-string";
 import Router from "next/router";
@@ -501,33 +501,9 @@ export function AuthScapeApp({
   const errorTrackingInitializedRef = useRef(false);
   const loginRedirectPending = useRef(false);
-  // Use Pages Router's `useRouter` instead of `useSearchParams`/`usePathname`
-  // from `next/navigation`. The `next/navigation` hooks don't hydrate query
-  // params reliably on the 404 page in Webkit/Safari — when the IDP redirects
-  // back to /signin-oidc (a URL with no Next.js page in the consumer project),
-  // useSearchParams() returns null and the PKCE code is never picked up.
-  // The Pages Router router parses query from `asPath` and works on 404 too.
-  //
-  // SSR safety: accessing `router.isReady`, `router.query`, `router.asPath`
-  // throws "NextRouter was not mounted" on server-side renders where the
-  // router singleton hasn't been initialized (Static Generation, _error
-  // pages, some edge-runtime paths). We only do the work on the client.
-  const router = useRouter();
-  let queryCode = null;
-  let pathname = "";
-  if (typeof window !== "undefined") {
-    try {
-      if (router && router.isReady) {
-        const raw = router.query && router.query.code;
-        queryCode = typeof raw === "string"
-          ? raw
-          : (Array.isArray(raw) ? raw[0] : null);
-      }
-      pathname = ((router && router.asPath) || "").split("?")[0].split("#")[0];
-    } catch (_) {
-      // router not mounted (SSR / static render) — leave defaults
-    }
-  }
+  const searchParams = useSearchParams();
+  const queryCode = searchParams?.get("code") ?? null;
+  const pathname = usePathname();
   const signInValidator = async (codeFromQuery) => {
     if (queryCodeUsed.current === codeFromQuery) return;

package/src/scripts/postinstall.js CHANGED Viewed

@@ -41,6 +41,64 @@ import { createSitemapRoute } from 'authscape/src/lib/sitemap-route';
 export const GET = createSitemapRoute(process.env.apiUri);
 `;
+// ---------------------------------------------------------------------------
+// /signin-oidc page templates
+// ---------------------------------------------------------------------------
+// AuthScapeApp reads the PKCE `code` query param from `useSearchParams()`
+// (next/navigation). If the consumer doesn't have a `/signin-oidc` page, the
+// IDP's redirect back lands on Next.js's 404 page — and Webkit/Safari
+// doesn't reliably hydrate `useSearchParams()` on the 404 page. The code is
+// never read, the user is stuck.
+//
+// Making /signin-oidc a real Next.js page (200 status) fixes this in every
+// browser. The page itself is a placeholder; AuthScapeApp's signInValidator
+// does the actual token exchange.
+const SIGNIN_OIDC_PAGES_ROUTER_TEMPLATE = `// Auto-generated by AuthScape - Do not edit manually.
+// Exists so /signin-oidc returns HTTP 200 (not the Next.js 404 page).
+// Required for Webkit/Safari: useSearchParams() doesn't hydrate on the 404
+// page in Webkit, so the PKCE 'code' query param is never read and sign-in
+// silently stalls. With this real page in place, AuthScapeApp's
+// signInValidator picks up the code and completes the exchange normally.
+export default function SignInOidc() {
+  return (
+    <div
+      style={{
+        display: "flex",
+        alignItems: "center",
+        justifyContent: "center",
+        minHeight: "60vh",
+        fontFamily: "system-ui, -apple-system, Segoe UI, sans-serif",
+        color: "#666",
+      }}
+    >
+      Signing you in…
+    </div>
+  );
+}
+`;
+const SIGNIN_OIDC_APP_ROUTER_TEMPLATE = `// Auto-generated by AuthScape - Do not edit manually.
+// Exists so /signin-oidc returns HTTP 200 (not the Next.js 404 page).
+// Required for Webkit/Safari to pick up the PKCE 'code' query param.
+export default function SignInOidc() {
+  return (
+    <div
+      style={{
+        display: "flex",
+        alignItems: "center",
+        justifyContent: "center",
+        minHeight: "60vh",
+        fontFamily: "system-ui, -apple-system, Segoe UI, sans-serif",
+        color: "#666",
+      }}
+    >
+      Signing you in…
+    </div>
+  );
+}
+`;
 function detectProjectStructure() {
   // Get the parent directory where the user ran npm install
   // This goes up from node_modules/authscape to the project root
@@ -118,9 +176,42 @@ function setupSitemap() {
   }
 }
+function setupSigninOidc() {
+  const structure = detectProjectStructure();
+  if (!structure) return;
+  const targetFile =
+    structure.type === 'app'
+      ? path.join(structure.baseDir, 'signin-oidc', 'page.js')
+      : path.join(structure.baseDir, 'signin-oidc.js');
+  if (fs.existsSync(targetFile)) {
+    // File exists, don't overwrite — consumer may have their own handler
+    return;
+  }
+  try {
+    fs.mkdirSync(path.dirname(targetFile), { recursive: true });
+    fs.writeFileSync(
+      targetFile,
+      structure.type === 'app' ? SIGNIN_OIDC_APP_ROUTER_TEMPLATE : SIGNIN_OIDC_PAGES_ROUTER_TEMPLATE,
+      'utf8'
+    );
+    console.log(
+      '✅ AuthScape signin-oidc page configured at /signin-oidc (' +
+        (structure.type === 'app' ? 'App Router' : 'Pages Router') +
+        ')'
+    );
+  } catch (error) {
+    console.log('⚠️  Could not auto-configure /signin-oidc:', error.message);
+    console.log('   Without this page, Safari users will fail to sign in.');
+  }
+}
 // Run the setup
 try {
   setupSitemap();
+  setupSigninOidc();
 } catch (error) {
   // Completely silent failure to avoid breaking npm install
   // Only log if there's an unexpected error