godgpt-web-auth 0.1.11 → 0.1.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.cjs +156 -36
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.js +156 -36
  4. package/dist/index.js.map +1 -1
  5. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -632,46 +632,166 @@ function initializeApple(config) {
632
632
  });
633
633
  appleInitialized = true;
634
634
  }
635
- async function testAppleCodeValidity(code, config) {
636
- console.log("[Auth Apple Debug] Testing code validity with Apple...");
637
- console.log("[Auth Apple Debug] Code:", code);
638
- console.log("[Auth Apple Debug] Client ID:", config.apple?.clientId);
639
- console.log("[Auth Apple Debug] Redirect URI:", window.location.origin);
640
- try {
641
- const params = new URLSearchParams({
642
- client_id: config.apple?.clientId || "",
643
- code,
644
- grant_type: "authorization_code",
645
- redirect_uri: window.location.origin
646
- });
647
- const response = await fetch("https://appleid.apple.com/auth/token", {
648
- method: "POST",
649
- headers: {
650
- "Content-Type": "application/x-www-form-urlencoded"
651
- },
652
- body: params.toString()
653
- });
654
- const data = await response.json();
635
+ async function debugAppleAuth(code, idToken, config) {
636
+ const timestamp = (/* @__PURE__ */ new Date()).toISOString();
637
+ console.log("\n" + "=".repeat(70));
638
+ console.log("\u{1F34E} APPLE AUTH DEBUG - COMPREHENSIVE ANALYSIS");
639
+ console.log("=".repeat(70));
640
+ console.log("\n\u{1F4C5} TIMING INFO:");
641
+ console.log(" Current time:", timestamp);
642
+ console.log(
643
+ " Note: Apple codes expire in 5 minutes and can only be used ONCE!"
644
+ );
645
+ console.log("\n\u{1F4E6} APPLE SDK RESPONSE:");
646
+ console.log(" Authorization code:", code);
647
+ console.log(" Code length:", code.length, "chars");
648
+ console.log(" Has id_token:", idToken ? "YES" : "NO");
649
+ if (idToken) {
655
650
  console.log(
656
- "[Auth Apple Debug] Apple token endpoint response status:",
657
- response.status
651
+ " id_token (first 50 chars):",
652
+ idToken.substring(0, 50) + "..."
658
653
  );
659
- console.log("[Auth Apple Debug] Apple token endpoint response:", data);
660
- if (data.error === "invalid_grant") {
661
- console.error("[Auth Apple Debug] \u274C Code is INVALID or EXPIRED");
662
- } else if (data.error === "invalid_client") {
663
- console.log(
664
- "[Auth Apple Debug] \u2713 Code appears valid (client_secret needed for full validation)"
665
- );
654
+ }
655
+ console.log("\n\u2699\uFE0F YOUR CONFIG:");
656
+ console.log(" config.apple.clientId:", config.apple?.clientId || "NOT SET");
657
+ console.log(
658
+ " config.apple.appId:",
659
+ config.apple?.appId || "NOT SET (will use clientId)"
660
+ );
661
+ console.log(
662
+ " config.apple.redirectUri:",
663
+ config.apple?.redirectUri || "NOT SET (will use origin)"
664
+ );
665
+ console.log(" config.backendUrl:", config.backendUrl);
666
+ console.log("\n\u{1F310} ENVIRONMENT:");
667
+ console.log(" window.location.origin:", window.location.origin);
668
+ console.log(" window.location.hostname:", window.location.hostname);
669
+ console.log(" window.location.href:", window.location.href);
670
+ const backendPayload = {
671
+ grant_type: "apple",
672
+ client_id: "AevatarAuthServer",
673
+ scope: "Aevatar offline_access",
674
+ source: "web",
675
+ apple_app_id: config.apple?.appId || config.apple?.clientId || "NOT SET",
676
+ code
677
+ };
678
+ console.log("\n\u{1F4E4} WHAT WILL BE SENT TO BACKEND:");
679
+ console.log(" Endpoint:", `${config.backendUrl}/connect/token`);
680
+ console.log(" Method: POST");
681
+ console.log(" Content-Type: application/x-www-form-urlencoded");
682
+ console.log(" Body parameters:");
683
+ Object.entries(backendPayload).forEach(([key, value]) => {
684
+ if (key === "code") {
685
+ console.log(` ${key}: ${value.substring(0, 30)}...`);
666
686
  } else {
667
- console.log(
668
- "[Auth Apple Debug] Response:",
669
- JSON.stringify(data, null, 2)
670
- );
687
+ console.log(` ${key}: ${value}`);
671
688
  }
672
- } catch (error) {
673
- console.error("[Auth Apple Debug] Error testing code:", error);
689
+ });
690
+ const curlBody = Object.entries(backendPayload).map(([k, v]) => `${k}=${encodeURIComponent(v)}`).join("&");
691
+ console.log("\n\u{1F527} EQUIVALENT CURL COMMAND:");
692
+ console.log(`curl '${config.backendUrl}/connect/token' \\`);
693
+ console.log(" -H 'accept: application/json' \\");
694
+ console.log(" -H 'content-type: application/x-www-form-urlencoded' \\");
695
+ console.log(` -H 'origin: ${window.location.origin}' \\`);
696
+ console.log(` --data-raw '${curlBody}'`);
697
+ if (idToken) {
698
+ console.log("\n\u{1F510} ID TOKEN ANALYSIS:");
699
+ try {
700
+ const parts = idToken.split(".");
701
+ if (parts.length === 3) {
702
+ const header = JSON.parse(atob(parts[0]));
703
+ console.log(" Header:", JSON.stringify(header));
704
+ const payload = JSON.parse(atob(parts[1]));
705
+ console.log(" Payload (full):", JSON.stringify(payload, null, 4));
706
+ console.log("\n Key claims:");
707
+ console.log(" iss (issuer):", payload.iss);
708
+ console.log(" aud (audience/client_id):", payload.aud);
709
+ console.log(" sub (user ID):", payload.sub);
710
+ console.log(" email:", payload.email || "not provided");
711
+ console.log(" email_verified:", payload.email_verified);
712
+ console.log(" is_private_email:", payload.is_private_email);
713
+ console.log(
714
+ " auth_time:",
715
+ payload.auth_time ? new Date(payload.auth_time * 1e3).toISOString() : "N/A"
716
+ );
717
+ console.log(
718
+ " iat (issued at):",
719
+ new Date(payload.iat * 1e3).toISOString()
720
+ );
721
+ console.log(
722
+ " exp (expires):",
723
+ new Date(payload.exp * 1e3).toISOString()
724
+ );
725
+ console.log(" nonce:", payload.nonce || "not set");
726
+ console.log(" nonce_supported:", payload.nonce_supported);
727
+ const now = Date.now() / 1e3;
728
+ const timeLeft = payload.exp - now;
729
+ if (timeLeft < 0) {
730
+ console.log(
731
+ "\n \u274C TOKEN STATUS: EXPIRED by",
732
+ Math.abs(Math.round(timeLeft)),
733
+ "seconds"
734
+ );
735
+ } else {
736
+ console.log(
737
+ "\n \u2705 TOKEN STATUS: Valid for",
738
+ Math.round(timeLeft),
739
+ "more seconds"
740
+ );
741
+ }
742
+ if (payload.aud === config.apple?.clientId) {
743
+ console.log(
744
+ " \u2705 AUDIENCE MATCH: id_token.aud matches config.apple.clientId"
745
+ );
746
+ } else {
747
+ console.log(" \u26A0\uFE0F AUDIENCE MISMATCH:");
748
+ console.log(" id_token.aud:", payload.aud);
749
+ console.log(" config.apple.clientId:", config.apple?.clientId);
750
+ }
751
+ const appIdToSend = config.apple?.appId || config.apple?.clientId;
752
+ if (payload.aud === appIdToSend) {
753
+ console.log(
754
+ " \u2705 BACKEND APP_ID MATCH: id_token.aud matches apple_app_id being sent"
755
+ );
756
+ } else {
757
+ console.log(
758
+ " \u274C BACKEND APP_ID MISMATCH (THIS IS LIKELY YOUR ISSUE!):"
759
+ );
760
+ console.log(" id_token.aud (code was issued for):", payload.aud);
761
+ console.log(" apple_app_id (sending to backend):", appIdToSend);
762
+ console.log(
763
+ " FIX: Set config.apple.appId to match the clientId, or don't set appId at all"
764
+ );
765
+ }
766
+ }
767
+ } catch (e) {
768
+ console.error(" Failed to decode id_token:", e);
769
+ }
770
+ } else {
771
+ console.log(
772
+ "\n\u{1F510} ID TOKEN: Not provided by Apple (this is normal for some flows)"
773
+ );
774
+ }
775
+ console.log("\n\u{1F4CB} COMMON ISSUES CHECKLIST:");
776
+ console.log(" 1. source value: 'web' \u2705 (hardcoded correctly)");
777
+ if (config.apple?.appId && config.apple?.appId !== config.apple?.clientId) {
778
+ console.log(" 2. apple_app_id mismatch: \u274C appId differs from clientId!");
779
+ console.log(" - SDK uses clientId:", config.apple?.clientId);
780
+ console.log(" - Backend gets appId:", config.apple?.appId);
781
+ console.log(" - These MUST match for code validation!");
782
+ } else {
783
+ console.log(
784
+ " 2. apple_app_id: \u2705 Using clientId for both SDK and backend"
785
+ );
786
+ }
787
+ if (!config.apple?.clientId) {
788
+ console.log(" 3. clientId: \u274C NOT CONFIGURED!");
789
+ } else {
790
+ console.log(" 3. clientId: \u2705 Set to", config.apple.clientId);
674
791
  }
792
+ console.log("\n" + "=".repeat(70));
793
+ console.log("\u{1F34E} END APPLE AUTH DEBUG");
794
+ console.log("=".repeat(70) + "\n");
675
795
  }
676
796
  async function signInWithApple(config) {
677
797
  console.log("[Auth Apple] Starting Apple sign-in");
@@ -710,7 +830,7 @@ async function signInWithApple(config) {
710
830
  const idToken = response.authorization?.id_token;
711
831
  if (code) {
712
832
  console.log("[Auth Apple] Exchanging authorization code", code);
713
- await testAppleCodeValidity(code, config);
833
+ await debugAppleAuth(code, idToken, config);
714
834
  return await exchangeToken({ code }, "apple", config);
715
835
  } else if (idToken) {
716
836
  console.log("[Auth Apple] Exchanging id_token");