godgpt-web-auth 0.1.8 → 0.1.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.cjs +162 -0
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.js +162 -0
  4. package/dist/index.js.map +1 -1
  5. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -632,6 +632,167 @@ function initializeApple(config) {
632
632
  });
633
633
  appleInitialized = true;
634
634
  }
635
+ async function debugAppleAuth(code, idToken, config) {
636
+ const timestamp = (/* @__PURE__ */ new Date()).toISOString();
637
+ console.log("\n" + "=".repeat(70));
638
+ console.log("\u{1F34E} APPLE AUTH DEBUG - COMPREHENSIVE ANALYSIS");
639
+ console.log("=".repeat(70));
640
+ console.log("\n\u{1F4C5} TIMING INFO:");
641
+ console.log(" Current time:", timestamp);
642
+ console.log(
643
+ " Note: Apple codes expire in 5 minutes and can only be used ONCE!"
644
+ );
645
+ console.log("\n\u{1F4E6} APPLE SDK RESPONSE:");
646
+ console.log(" Authorization code:", code);
647
+ console.log(" Code length:", code.length, "chars");
648
+ console.log(" Has id_token:", idToken ? "YES" : "NO");
649
+ if (idToken) {
650
+ console.log(
651
+ " id_token (first 50 chars):",
652
+ idToken.substring(0, 50) + "..."
653
+ );
654
+ }
655
+ console.log("\n\u2699\uFE0F YOUR CONFIG:");
656
+ console.log(" config.apple.clientId:", config.apple?.clientId || "NOT SET");
657
+ console.log(
658
+ " config.apple.appId:",
659
+ config.apple?.appId || "NOT SET (will use clientId)"
660
+ );
661
+ console.log(
662
+ " config.apple.redirectUri:",
663
+ config.apple?.redirectUri || "NOT SET (will use origin)"
664
+ );
665
+ console.log(" config.backendUrl:", config.backendUrl);
666
+ console.log("\n\u{1F310} ENVIRONMENT:");
667
+ console.log(" window.location.origin:", window.location.origin);
668
+ console.log(" window.location.hostname:", window.location.hostname);
669
+ console.log(" window.location.href:", window.location.href);
670
+ const backendPayload = {
671
+ grant_type: "apple",
672
+ client_id: "AevatarAuthServer",
673
+ scope: "Aevatar offline_access",
674
+ source: "web",
675
+ apple_app_id: config.apple?.appId || config.apple?.clientId || "NOT SET",
676
+ code
677
+ };
678
+ console.log("\n\u{1F4E4} WHAT WILL BE SENT TO BACKEND:");
679
+ console.log(" Endpoint:", `${config.backendUrl}/connect/token`);
680
+ console.log(" Method: POST");
681
+ console.log(" Content-Type: application/x-www-form-urlencoded");
682
+ console.log(" Body parameters:");
683
+ Object.entries(backendPayload).forEach(([key, value]) => {
684
+ if (key === "code") {
685
+ console.log(` ${key}: ${value.substring(0, 30)}...`);
686
+ } else {
687
+ console.log(` ${key}: ${value}`);
688
+ }
689
+ });
690
+ const curlBody = Object.entries(backendPayload).map(([k, v]) => `${k}=${encodeURIComponent(v)}`).join("&");
691
+ console.log("\n\u{1F527} EQUIVALENT CURL COMMAND:");
692
+ console.log(`curl '${config.backendUrl}/connect/token' \\`);
693
+ console.log(" -H 'accept: application/json' \\");
694
+ console.log(" -H 'content-type: application/x-www-form-urlencoded' \\");
695
+ console.log(` -H 'origin: ${window.location.origin}' \\`);
696
+ console.log(` --data-raw '${curlBody}'`);
697
+ if (idToken) {
698
+ console.log("\n\u{1F510} ID TOKEN ANALYSIS:");
699
+ try {
700
+ const parts = idToken.split(".");
701
+ if (parts.length === 3) {
702
+ const header = JSON.parse(atob(parts[0]));
703
+ console.log(" Header:", JSON.stringify(header));
704
+ const payload = JSON.parse(atob(parts[1]));
705
+ console.log(" Payload (full):", JSON.stringify(payload, null, 4));
706
+ console.log("\n Key claims:");
707
+ console.log(" iss (issuer):", payload.iss);
708
+ console.log(" aud (audience/client_id):", payload.aud);
709
+ console.log(" sub (user ID):", payload.sub);
710
+ console.log(" email:", payload.email || "not provided");
711
+ console.log(" email_verified:", payload.email_verified);
712
+ console.log(" is_private_email:", payload.is_private_email);
713
+ console.log(
714
+ " auth_time:",
715
+ payload.auth_time ? new Date(payload.auth_time * 1e3).toISOString() : "N/A"
716
+ );
717
+ console.log(
718
+ " iat (issued at):",
719
+ new Date(payload.iat * 1e3).toISOString()
720
+ );
721
+ console.log(
722
+ " exp (expires):",
723
+ new Date(payload.exp * 1e3).toISOString()
724
+ );
725
+ console.log(" nonce:", payload.nonce || "not set");
726
+ console.log(" nonce_supported:", payload.nonce_supported);
727
+ const now = Date.now() / 1e3;
728
+ const timeLeft = payload.exp - now;
729
+ if (timeLeft < 0) {
730
+ console.log(
731
+ "\n \u274C TOKEN STATUS: EXPIRED by",
732
+ Math.abs(Math.round(timeLeft)),
733
+ "seconds"
734
+ );
735
+ } else {
736
+ console.log(
737
+ "\n \u2705 TOKEN STATUS: Valid for",
738
+ Math.round(timeLeft),
739
+ "more seconds"
740
+ );
741
+ }
742
+ if (payload.aud === config.apple?.clientId) {
743
+ console.log(
744
+ " \u2705 AUDIENCE MATCH: id_token.aud matches config.apple.clientId"
745
+ );
746
+ } else {
747
+ console.log(" \u26A0\uFE0F AUDIENCE MISMATCH:");
748
+ console.log(" id_token.aud:", payload.aud);
749
+ console.log(" config.apple.clientId:", config.apple?.clientId);
750
+ }
751
+ const appIdToSend = config.apple?.appId || config.apple?.clientId;
752
+ if (payload.aud === appIdToSend) {
753
+ console.log(
754
+ " \u2705 BACKEND APP_ID MATCH: id_token.aud matches apple_app_id being sent"
755
+ );
756
+ } else {
757
+ console.log(
758
+ " \u274C BACKEND APP_ID MISMATCH (THIS IS LIKELY YOUR ISSUE!):"
759
+ );
760
+ console.log(" id_token.aud (code was issued for):", payload.aud);
761
+ console.log(" apple_app_id (sending to backend):", appIdToSend);
762
+ console.log(
763
+ " FIX: Set config.apple.appId to match the clientId, or don't set appId at all"
764
+ );
765
+ }
766
+ }
767
+ } catch (e) {
768
+ console.error(" Failed to decode id_token:", e);
769
+ }
770
+ } else {
771
+ console.log(
772
+ "\n\u{1F510} ID TOKEN: Not provided by Apple (this is normal for some flows)"
773
+ );
774
+ }
775
+ console.log("\n\u{1F4CB} COMMON ISSUES CHECKLIST:");
776
+ console.log(" 1. source value: 'web' \u2705 (hardcoded correctly)");
777
+ if (config.apple?.appId && config.apple?.appId !== config.apple?.clientId) {
778
+ console.log(" 2. apple_app_id mismatch: \u274C appId differs from clientId!");
779
+ console.log(" - SDK uses clientId:", config.apple?.clientId);
780
+ console.log(" - Backend gets appId:", config.apple?.appId);
781
+ console.log(" - These MUST match for code validation!");
782
+ } else {
783
+ console.log(
784
+ " 2. apple_app_id: \u2705 Using clientId for both SDK and backend"
785
+ );
786
+ }
787
+ if (!config.apple?.clientId) {
788
+ console.log(" 3. clientId: \u274C NOT CONFIGURED!");
789
+ } else {
790
+ console.log(" 3. clientId: \u2705 Set to", config.apple.clientId);
791
+ }
792
+ console.log("\n" + "=".repeat(70));
793
+ console.log("\u{1F34E} END APPLE AUTH DEBUG");
794
+ console.log("=".repeat(70) + "\n");
795
+ }
635
796
  async function signInWithApple(config) {
636
797
  console.log("[Auth Apple] Starting Apple sign-in");
637
798
  if (!config.apple?.clientId) {
@@ -669,6 +830,7 @@ async function signInWithApple(config) {
669
830
  const idToken = response.authorization?.id_token;
670
831
  if (code) {
671
832
  console.log("[Auth Apple] Exchanging authorization code", code);
833
+ await debugAppleAuth(code, idToken, config);
672
834
  return await exchangeToken({ code }, "apple", config);
673
835
  } else if (idToken) {
674
836
  console.log("[Auth Apple] Exchanging id_token");