godgpt-web-auth 0.1.8 → 0.1.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.cjs +162 -0
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.js +162 -0
  4. package/dist/index.js.map +1 -1
  5. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -630,6 +630,167 @@ function initializeApple(config) {
630
630
  });
631
631
  appleInitialized = true;
632
632
  }
633
+ async function debugAppleAuth(code, idToken, config) {
634
+ const timestamp = (/* @__PURE__ */ new Date()).toISOString();
635
+ console.log("\n" + "=".repeat(70));
636
+ console.log("\u{1F34E} APPLE AUTH DEBUG - COMPREHENSIVE ANALYSIS");
637
+ console.log("=".repeat(70));
638
+ console.log("\n\u{1F4C5} TIMING INFO:");
639
+ console.log(" Current time:", timestamp);
640
+ console.log(
641
+ " Note: Apple codes expire in 5 minutes and can only be used ONCE!"
642
+ );
643
+ console.log("\n\u{1F4E6} APPLE SDK RESPONSE:");
644
+ console.log(" Authorization code:", code);
645
+ console.log(" Code length:", code.length, "chars");
646
+ console.log(" Has id_token:", idToken ? "YES" : "NO");
647
+ if (idToken) {
648
+ console.log(
649
+ " id_token (first 50 chars):",
650
+ idToken.substring(0, 50) + "..."
651
+ );
652
+ }
653
+ console.log("\n\u2699\uFE0F YOUR CONFIG:");
654
+ console.log(" config.apple.clientId:", config.apple?.clientId || "NOT SET");
655
+ console.log(
656
+ " config.apple.appId:",
657
+ config.apple?.appId || "NOT SET (will use clientId)"
658
+ );
659
+ console.log(
660
+ " config.apple.redirectUri:",
661
+ config.apple?.redirectUri || "NOT SET (will use origin)"
662
+ );
663
+ console.log(" config.backendUrl:", config.backendUrl);
664
+ console.log("\n\u{1F310} ENVIRONMENT:");
665
+ console.log(" window.location.origin:", window.location.origin);
666
+ console.log(" window.location.hostname:", window.location.hostname);
667
+ console.log(" window.location.href:", window.location.href);
668
+ const backendPayload = {
669
+ grant_type: "apple",
670
+ client_id: "AevatarAuthServer",
671
+ scope: "Aevatar offline_access",
672
+ source: "web",
673
+ apple_app_id: config.apple?.appId || config.apple?.clientId || "NOT SET",
674
+ code
675
+ };
676
+ console.log("\n\u{1F4E4} WHAT WILL BE SENT TO BACKEND:");
677
+ console.log(" Endpoint:", `${config.backendUrl}/connect/token`);
678
+ console.log(" Method: POST");
679
+ console.log(" Content-Type: application/x-www-form-urlencoded");
680
+ console.log(" Body parameters:");
681
+ Object.entries(backendPayload).forEach(([key, value]) => {
682
+ if (key === "code") {
683
+ console.log(` ${key}: ${value.substring(0, 30)}...`);
684
+ } else {
685
+ console.log(` ${key}: ${value}`);
686
+ }
687
+ });
688
+ const curlBody = Object.entries(backendPayload).map(([k, v]) => `${k}=${encodeURIComponent(v)}`).join("&");
689
+ console.log("\n\u{1F527} EQUIVALENT CURL COMMAND:");
690
+ console.log(`curl '${config.backendUrl}/connect/token' \\`);
691
+ console.log(" -H 'accept: application/json' \\");
692
+ console.log(" -H 'content-type: application/x-www-form-urlencoded' \\");
693
+ console.log(` -H 'origin: ${window.location.origin}' \\`);
694
+ console.log(` --data-raw '${curlBody}'`);
695
+ if (idToken) {
696
+ console.log("\n\u{1F510} ID TOKEN ANALYSIS:");
697
+ try {
698
+ const parts = idToken.split(".");
699
+ if (parts.length === 3) {
700
+ const header = JSON.parse(atob(parts[0]));
701
+ console.log(" Header:", JSON.stringify(header));
702
+ const payload = JSON.parse(atob(parts[1]));
703
+ console.log(" Payload (full):", JSON.stringify(payload, null, 4));
704
+ console.log("\n Key claims:");
705
+ console.log(" iss (issuer):", payload.iss);
706
+ console.log(" aud (audience/client_id):", payload.aud);
707
+ console.log(" sub (user ID):", payload.sub);
708
+ console.log(" email:", payload.email || "not provided");
709
+ console.log(" email_verified:", payload.email_verified);
710
+ console.log(" is_private_email:", payload.is_private_email);
711
+ console.log(
712
+ " auth_time:",
713
+ payload.auth_time ? new Date(payload.auth_time * 1e3).toISOString() : "N/A"
714
+ );
715
+ console.log(
716
+ " iat (issued at):",
717
+ new Date(payload.iat * 1e3).toISOString()
718
+ );
719
+ console.log(
720
+ " exp (expires):",
721
+ new Date(payload.exp * 1e3).toISOString()
722
+ );
723
+ console.log(" nonce:", payload.nonce || "not set");
724
+ console.log(" nonce_supported:", payload.nonce_supported);
725
+ const now = Date.now() / 1e3;
726
+ const timeLeft = payload.exp - now;
727
+ if (timeLeft < 0) {
728
+ console.log(
729
+ "\n \u274C TOKEN STATUS: EXPIRED by",
730
+ Math.abs(Math.round(timeLeft)),
731
+ "seconds"
732
+ );
733
+ } else {
734
+ console.log(
735
+ "\n \u2705 TOKEN STATUS: Valid for",
736
+ Math.round(timeLeft),
737
+ "more seconds"
738
+ );
739
+ }
740
+ if (payload.aud === config.apple?.clientId) {
741
+ console.log(
742
+ " \u2705 AUDIENCE MATCH: id_token.aud matches config.apple.clientId"
743
+ );
744
+ } else {
745
+ console.log(" \u26A0\uFE0F AUDIENCE MISMATCH:");
746
+ console.log(" id_token.aud:", payload.aud);
747
+ console.log(" config.apple.clientId:", config.apple?.clientId);
748
+ }
749
+ const appIdToSend = config.apple?.appId || config.apple?.clientId;
750
+ if (payload.aud === appIdToSend) {
751
+ console.log(
752
+ " \u2705 BACKEND APP_ID MATCH: id_token.aud matches apple_app_id being sent"
753
+ );
754
+ } else {
755
+ console.log(
756
+ " \u274C BACKEND APP_ID MISMATCH (THIS IS LIKELY YOUR ISSUE!):"
757
+ );
758
+ console.log(" id_token.aud (code was issued for):", payload.aud);
759
+ console.log(" apple_app_id (sending to backend):", appIdToSend);
760
+ console.log(
761
+ " FIX: Set config.apple.appId to match the clientId, or don't set appId at all"
762
+ );
763
+ }
764
+ }
765
+ } catch (e) {
766
+ console.error(" Failed to decode id_token:", e);
767
+ }
768
+ } else {
769
+ console.log(
770
+ "\n\u{1F510} ID TOKEN: Not provided by Apple (this is normal for some flows)"
771
+ );
772
+ }
773
+ console.log("\n\u{1F4CB} COMMON ISSUES CHECKLIST:");
774
+ console.log(" 1. source value: 'web' \u2705 (hardcoded correctly)");
775
+ if (config.apple?.appId && config.apple?.appId !== config.apple?.clientId) {
776
+ console.log(" 2. apple_app_id mismatch: \u274C appId differs from clientId!");
777
+ console.log(" - SDK uses clientId:", config.apple?.clientId);
778
+ console.log(" - Backend gets appId:", config.apple?.appId);
779
+ console.log(" - These MUST match for code validation!");
780
+ } else {
781
+ console.log(
782
+ " 2. apple_app_id: \u2705 Using clientId for both SDK and backend"
783
+ );
784
+ }
785
+ if (!config.apple?.clientId) {
786
+ console.log(" 3. clientId: \u274C NOT CONFIGURED!");
787
+ } else {
788
+ console.log(" 3. clientId: \u2705 Set to", config.apple.clientId);
789
+ }
790
+ console.log("\n" + "=".repeat(70));
791
+ console.log("\u{1F34E} END APPLE AUTH DEBUG");
792
+ console.log("=".repeat(70) + "\n");
793
+ }
633
794
  async function signInWithApple(config) {
634
795
  console.log("[Auth Apple] Starting Apple sign-in");
635
796
  if (!config.apple?.clientId) {
@@ -667,6 +828,7 @@ async function signInWithApple(config) {
667
828
  const idToken = response.authorization?.id_token;
668
829
  if (code) {
669
830
  console.log("[Auth Apple] Exchanging authorization code", code);
831
+ await debugAppleAuth(code, idToken, config);
670
832
  return await exchangeToken({ code }, "apple", config);
671
833
  } else if (idToken) {
672
834
  console.log("[Auth Apple] Exchanging id_token");