react-native-nitro-auth 0.5.12 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +23 -0
- package/README.md +88 -13
- package/android/build.gradle +4 -4
- package/android/gradle.properties +2 -2
- package/android/src/main/cpp/PlatformAuth+Android.cpp +87 -4
- package/android/src/main/java/com/auth/AuthAdapter.kt +85 -48
- package/android/src/main/java/com/auth/GoogleSignInActivity.kt +12 -2
- package/cpp/HybridAuth.cpp +168 -18
- package/cpp/HybridAuth.hpp +7 -0
- package/cpp/PlatformAuth.hpp +1 -0
- package/ios/AuthAdapter.swift +98 -24
- package/ios/PlatformAuth+iOS.mm +37 -1
- package/lib/commonjs/Auth.web.js +74 -21
- package/lib/commonjs/Auth.web.js.map +1 -1
- package/lib/commonjs/create-auth-service.js +10 -0
- package/lib/commonjs/create-auth-service.js.map +1 -1
- package/lib/commonjs/index.js +12 -0
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/index.web.js +12 -0
- package/lib/commonjs/index.web.js.map +1 -1
- package/lib/commonjs/provider-options.js +6 -0
- package/lib/commonjs/provider-options.js.map +1 -0
- package/lib/commonjs/service.js.map +1 -1
- package/lib/commonjs/service.web.js.map +1 -1
- package/lib/commonjs/use-auth.js +21 -1
- package/lib/commonjs/use-auth.js.map +1 -1
- package/lib/module/Auth.web.js +74 -21
- package/lib/module/Auth.web.js.map +1 -1
- package/lib/module/create-auth-service.js +10 -0
- package/lib/module/create-auth-service.js.map +1 -1
- package/lib/module/global.d.js.map +1 -1
- package/lib/module/index.js +1 -0
- package/lib/module/index.js.map +1 -1
- package/lib/module/index.web.js +1 -0
- package/lib/module/index.web.js.map +1 -1
- package/lib/module/provider-options.js +4 -0
- package/lib/module/provider-options.js.map +1 -0
- package/lib/module/service.js.map +1 -1
- package/lib/module/service.web.js.map +1 -1
- package/lib/module/use-auth.js +21 -1
- package/lib/module/use-auth.js.map +1 -1
- package/lib/typescript/commonjs/Auth.nitro.d.ts +11 -0
- package/lib/typescript/commonjs/Auth.nitro.d.ts.map +1 -1
- package/lib/typescript/commonjs/Auth.web.d.ts +4 -0
- package/lib/typescript/commonjs/Auth.web.d.ts.map +1 -1
- package/lib/typescript/commonjs/create-auth-service.d.ts +2 -1
- package/lib/typescript/commonjs/create-auth-service.d.ts.map +1 -1
- package/lib/typescript/commonjs/index.d.ts +1 -0
- package/lib/typescript/commonjs/index.d.ts.map +1 -1
- package/lib/typescript/commonjs/index.web.d.ts +1 -0
- package/lib/typescript/commonjs/index.web.d.ts.map +1 -1
- package/lib/typescript/commonjs/provider-options.d.ts +23 -0
- package/lib/typescript/commonjs/provider-options.d.ts.map +1 -0
- package/lib/typescript/commonjs/service.d.ts +2 -2
- package/lib/typescript/commonjs/service.d.ts.map +1 -1
- package/lib/typescript/commonjs/service.web.d.ts +2 -2
- package/lib/typescript/commonjs/service.web.d.ts.map +1 -1
- package/lib/typescript/commonjs/use-auth.d.ts +4 -2
- package/lib/typescript/commonjs/use-auth.d.ts.map +1 -1
- package/lib/typescript/module/Auth.nitro.d.ts +11 -0
- package/lib/typescript/module/Auth.nitro.d.ts.map +1 -1
- package/lib/typescript/module/Auth.web.d.ts +4 -0
- package/lib/typescript/module/Auth.web.d.ts.map +1 -1
- package/lib/typescript/module/create-auth-service.d.ts +2 -1
- package/lib/typescript/module/create-auth-service.d.ts.map +1 -1
- package/lib/typescript/module/index.d.ts +1 -0
- package/lib/typescript/module/index.d.ts.map +1 -1
- package/lib/typescript/module/index.web.d.ts +1 -0
- package/lib/typescript/module/index.web.d.ts.map +1 -1
- package/lib/typescript/module/provider-options.d.ts +23 -0
- package/lib/typescript/module/provider-options.d.ts.map +1 -0
- package/lib/typescript/module/service.d.ts +2 -2
- package/lib/typescript/module/service.d.ts.map +1 -1
- package/lib/typescript/module/service.web.d.ts +2 -2
- package/lib/typescript/module/service.web.d.ts.map +1 -1
- package/lib/typescript/module/use-auth.d.ts +4 -2
- package/lib/typescript/module/use-auth.d.ts.map +1 -1
- package/nitrogen/generated/shared/c++/AuthUser.hpp +17 -1
- package/nitrogen/generated/shared/c++/HybridAuthSpec.cpp +1 -0
- package/nitrogen/generated/shared/c++/HybridAuthSpec.hpp +1 -0
- package/nitrogen/generated/shared/c++/LoginOptions.hpp +25 -1
- package/package.json +2 -2
- package/src/Auth.nitro.ts +11 -0
- package/src/Auth.web.ts +99 -16
- package/src/create-auth-service.ts +19 -9
- package/src/global.d.ts +2 -1
- package/src/index.ts +1 -0
- package/src/index.web.ts +1 -0
- package/src/provider-options.ts +62 -0
- package/src/service.ts +2 -1
- package/src/service.web.ts +2 -2
- package/src/use-auth.ts +22 -8
package/lib/commonjs/index.js
CHANGED
|
@@ -52,6 +52,18 @@ Object.keys(_AuthNitro).forEach(function (key) {
|
|
|
52
52
|
}
|
|
53
53
|
});
|
|
54
54
|
});
|
|
55
|
+
var _providerOptions = require("./provider-options.js");
|
|
56
|
+
Object.keys(_providerOptions).forEach(function (key) {
|
|
57
|
+
if (key === "default" || key === "__esModule") return;
|
|
58
|
+
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
59
|
+
if (key in exports && exports[key] === _providerOptions[key]) return;
|
|
60
|
+
Object.defineProperty(exports, key, {
|
|
61
|
+
enumerable: true,
|
|
62
|
+
get: function () {
|
|
63
|
+
return _providerOptions[key];
|
|
64
|
+
}
|
|
65
|
+
});
|
|
66
|
+
});
|
|
55
67
|
var _socialButton = require("./ui/social-button");
|
|
56
68
|
Object.keys(_socialButton).forEach(function (key) {
|
|
57
69
|
if (key === "default" || key === "__esModule") return;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_AuthNitro","require","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_socialButton","_useAuth","_service","_authError"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAH,UAAA,EAAAI,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAL,UAAA,CAAAK,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAb,UAAA,CAAAK,GAAA;IAAA;EAAA;AAAA;AACA,IAAAS,
|
|
1
|
+
{"version":3,"names":["_AuthNitro","require","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_providerOptions","_socialButton","_useAuth","_service","_authError"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAH,UAAA,EAAAI,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAL,UAAA,CAAAK,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAb,UAAA,CAAAK,GAAA;IAAA;EAAA;AAAA;AACA,IAAAS,gBAAA,GAAAb,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAW,gBAAA,EAAAV,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAS,gBAAA,CAAAT,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAC,gBAAA,CAAAT,GAAA;IAAA;EAAA;AAAA;AACA,IAAAU,aAAA,GAAAd,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAY,aAAA,EAAAX,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAU,aAAA,CAAAV,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAE,aAAA,CAAAV,GAAA;IAAA;EAAA;AAAA;AACA,IAAAW,QAAA,GAAAf,OAAA;AACA,IAAAgB,QAAA,GAAAhB,OAAA;AACA,IAAAiB,UAAA,GAAAjB,OAAA","ignoreList":[]}
|
|
@@ -52,6 +52,18 @@ Object.keys(_AuthNitro).forEach(function (key) {
|
|
|
52
52
|
}
|
|
53
53
|
});
|
|
54
54
|
});
|
|
55
|
+
var _providerOptions = require("./provider-options.js");
|
|
56
|
+
Object.keys(_providerOptions).forEach(function (key) {
|
|
57
|
+
if (key === "default" || key === "__esModule") return;
|
|
58
|
+
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
59
|
+
if (key in exports && exports[key] === _providerOptions[key]) return;
|
|
60
|
+
Object.defineProperty(exports, key, {
|
|
61
|
+
enumerable: true,
|
|
62
|
+
get: function () {
|
|
63
|
+
return _providerOptions[key];
|
|
64
|
+
}
|
|
65
|
+
});
|
|
66
|
+
});
|
|
55
67
|
var _socialButtonWeb = require("./ui/social-button.web.js");
|
|
56
68
|
Object.keys(_socialButtonWeb).forEach(function (key) {
|
|
57
69
|
if (key === "default" || key === "__esModule") return;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_AuthNitro","require","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_socialButtonWeb","_useAuth","_serviceWeb","_authError"],"sourceRoot":"../../src","sources":["index.web.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAH,UAAA,EAAAI,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAL,UAAA,CAAAK,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAb,UAAA,CAAAK,GAAA;IAAA;EAAA;AAAA;AACA,IAAAS,gBAAA,GAAAb,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAW,gBAAA,EAAAV,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAS,gBAAA,CAAAT,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAC,gBAAA,CAAAT,GAAA;IAAA;EAAA;AAAA;AACA,IAAAU,
|
|
1
|
+
{"version":3,"names":["_AuthNitro","require","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_providerOptions","_socialButtonWeb","_useAuth","_serviceWeb","_authError"],"sourceRoot":"../../src","sources":["index.web.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAH,UAAA,EAAAI,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAL,UAAA,CAAAK,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAb,UAAA,CAAAK,GAAA;IAAA;EAAA;AAAA;AACA,IAAAS,gBAAA,GAAAb,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAW,gBAAA,EAAAV,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAS,gBAAA,CAAAT,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAC,gBAAA,CAAAT,GAAA;IAAA;EAAA;AAAA;AACA,IAAAU,gBAAA,GAAAd,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAY,gBAAA,EAAAX,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAU,gBAAA,CAAAV,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAE,gBAAA,CAAAV,GAAA;IAAA;EAAA;AAAA;AACA,IAAAW,QAAA,GAAAf,OAAA;AACA,IAAAgB,WAAA,GAAAhB,OAAA;AACA,IAAAiB,UAAA,GAAAjB,OAAA","ignoreList":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":[],"sourceRoot":"../../src","sources":["provider-options.ts"],"mappings":"","ignoreList":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_reactNativeNitroModules","require","_createAuthService","nitroAuth","getNitroAuth","NitroModules","createHybridObject","AuthService","exports","createAuthService"],"sourceRoot":"../../src","sources":["service.ts"],"mappings":";;;;;;AAAA,IAAAA,wBAAA,GAAAC,OAAA;AAEA,IAAAC,kBAAA,GAAAD,OAAA;
|
|
1
|
+
{"version":3,"names":["_reactNativeNitroModules","require","_createAuthService","nitroAuth","getNitroAuth","NitroModules","createHybridObject","AuthService","exports","createAuthService"],"sourceRoot":"../../src","sources":["service.ts"],"mappings":";;;;;;AAAA,IAAAA,wBAAA,GAAAC,OAAA;AAEA,IAAAC,kBAAA,GAAAD,OAAA;AAGA,IAAIE,SAA2B;AAE/B,SAASC,YAAYA,CAAA,EAAS;EAC5BD,SAAS,KAAKE,qCAAY,CAACC,kBAAkB,CAAO,MAAM,CAAC;EAC3D,OAAOH,SAAS;AAClB;AAEO,MAAMI,WAAsB,GAAAC,OAAA,CAAAD,WAAA,GAAG,IAAAE,oCAAiB,EAACL,YAAY,CAAC","ignoreList":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_AuthWeb","require","_createAuthService","AuthService","exports","createAuthService","AuthModule"],"sourceRoot":"../../src","sources":["service.web.ts"],"mappings":";;;;;;
|
|
1
|
+
{"version":3,"names":["_AuthWeb","require","_createAuthService","AuthService","exports","createAuthService","AuthModule"],"sourceRoot":"../../src","sources":["service.web.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AAGO,MAAME,WAAsB,GAAAC,OAAA,CAAAD,WAAA,GAAG,IAAAE,oCAAiB,EAAC,MAAMC,mBAAU,CAAC","ignoreList":[]}
|
package/lib/commonjs/use-auth.js
CHANGED
|
@@ -123,6 +123,25 @@ function useAuth() {
|
|
|
123
123
|
throw error;
|
|
124
124
|
}
|
|
125
125
|
}, [syncStateFromService]);
|
|
126
|
+
const revokeAccess = (0, _react.useCallback)(async () => {
|
|
127
|
+
setState(prev => ({
|
|
128
|
+
...prev,
|
|
129
|
+
loading: true,
|
|
130
|
+
error: undefined
|
|
131
|
+
}));
|
|
132
|
+
try {
|
|
133
|
+
await _service.AuthService.revokeAccess();
|
|
134
|
+
syncStateFromService(false, undefined);
|
|
135
|
+
} catch (e) {
|
|
136
|
+
const error = _authError.AuthError.from(e);
|
|
137
|
+
setState(prev => ({
|
|
138
|
+
...prev,
|
|
139
|
+
loading: false,
|
|
140
|
+
error
|
|
141
|
+
}));
|
|
142
|
+
throw error;
|
|
143
|
+
}
|
|
144
|
+
}, [syncStateFromService]);
|
|
126
145
|
const getAccessToken = (0, _react.useCallback)(() => _service.AuthService.getAccessToken(), []);
|
|
127
146
|
const refreshToken = (0, _react.useCallback)(async () => {
|
|
128
147
|
setState(prev => ({
|
|
@@ -193,9 +212,10 @@ function useAuth() {
|
|
|
193
212
|
logout,
|
|
194
213
|
requestScopes,
|
|
195
214
|
revokeScopes,
|
|
215
|
+
revokeAccess,
|
|
196
216
|
getAccessToken,
|
|
197
217
|
refreshToken,
|
|
198
218
|
silentRestore
|
|
199
|
-
}), [state, login, logout, requestScopes, revokeScopes, getAccessToken, refreshToken, silentRestore]);
|
|
219
|
+
}), [state, login, logout, requestScopes, revokeScopes, revokeAccess, getAccessToken, refreshToken, silentRestore]);
|
|
200
220
|
}
|
|
201
221
|
//# sourceMappingURL=use-auth.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_react","require","_service","_authError","EMPTY_SCOPES","normalizeScopes","scopes","Array","isArray","areScopesEqual","left","right","length","matchesInOrder","i","remaining","Set","scope","delete","size","useAuth","state","setState","useState","user","AuthService","currentUser","grantedScopes","loading","error","undefined","syncStateFromService","useCallback","nextLoading","nextError","nextUser","nextScopes","prev","login","provider","options","e","AuthError","from","logout","requestScopes","newScopes","revokeScopes","scopesToRevoke","getAccessToken","refreshToken","tokens","silentRestore","useEffect","unsubscribeAuth","onAuthStateChanged","unsubscribeTokens","onTokensRefreshed","useMemo","hasPlayServices"],"sourceRoot":"../../src","sources":["use-auth.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;
|
|
1
|
+
{"version":3,"names":["_react","require","_service","_authError","EMPTY_SCOPES","normalizeScopes","scopes","Array","isArray","areScopesEqual","left","right","length","matchesInOrder","i","remaining","Set","scope","delete","size","useAuth","state","setState","useState","user","AuthService","currentUser","grantedScopes","loading","error","undefined","syncStateFromService","useCallback","nextLoading","nextError","nextUser","nextScopes","prev","login","provider","options","e","AuthError","from","logout","requestScopes","newScopes","revokeScopes","scopesToRevoke","revokeAccess","getAccessToken","refreshToken","tokens","silentRestore","useEffect","unsubscribeAuth","onAuthStateChanged","unsubscribeTokens","onTokensRefreshed","useMemo","hasPlayServices"],"sourceRoot":"../../src","sources":["use-auth.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAGA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,UAAA,GAAAF,OAAA;AAEA,MAAMG,YAAsB,GAAG,EAAE;AAEjC,SAASC,eAAeA,CAACC,MAA4B,EAAY;EAC/D,OAAOC,KAAK,CAACC,OAAO,CAACF,MAAM,CAAC,GAAGA,MAAM,GAAGF,YAAY;AACtD;AASA,MAAMK,cAAc,GAAGA,CAACC,IAAc,EAAEC,KAAe,KAAc;EACnE,IAAID,IAAI,KAAKC,KAAK,EAAE,OAAO,IAAI;EAC/B,IAAID,IAAI,CAACE,MAAM,KAAKD,KAAK,CAACC,MAAM,EAAE,OAAO,KAAK;EAE9C,IAAIC,cAAc,GAAG,IAAI;EACzB,KAAK,IAAIC,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGJ,IAAI,CAACE,MAAM,EAAEE,CAAC,IAAI,CAAC,EAAE;IACvC,IAAIJ,IAAI,CAACI,CAAC,CAAC,KAAKH,KAAK,CAACG,CAAC,CAAC,EAAE;MACxBD,cAAc,GAAG,KAAK;MACtB;IACF;EACF;EACA,IAAIA,cAAc,EAAE,OAAO,IAAI;EAE/B,MAAME,SAAS,GAAG,IAAIC,GAAG,CAACN,IAAI,CAAC;EAC/B,KAAK,MAAMO,KAAK,IAAIN,KAAK,EAAE;IACzB,IAAI,CAACI,SAAS,CAACG,MAAM,CAACD,KAAK,CAAC,EAAE;MAC5B,OAAO,KAAK;IACd;EACF;EACA,OAAOF,SAAS,CAACI,IAAI,KAAK,CAAC;AAC7B,CAAC;AAcM,SAASC,OAAOA,CAAA,EAAkB;EACvC,MAAM,CAACC,KAAK,EAAEC,QAAQ,CAAC,GAAG,IAAAC,eAAQ,EAAY;IAC5CC,IAAI,EAAEC,oBAAW,CAACC,WAAW;IAC7BpB,MAAM,EAAED,eAAe,CAACoB,oBAAW,CAACE,aAAa,CAAC;IAClDC,OAAO,EAAE,KAAK;IACdC,KAAK,EAAEC;EACT,CAAC,CAAC;EAEF,MAAMC,oBAAoB,GAAG,IAAAC,kBAAW,EACtC,CAACC,WAAoB,EAAEC,SAAgC,KAAK;IAC1D,MAAMC,QAAQ,GAAGV,oBAAW,CAACC,WAAW;IACxC,MAAMU,UAAU,GAAG/B,eAAe,CAACoB,oBAAW,CAACE,aAAa,CAAC;IAC7DL,QAAQ,CAAEe,IAAI,IAAK;MACjB,IACEA,IAAI,CAACT,OAAO,KAAKK,WAAW,IAC5BI,IAAI,CAACR,KAAK,KAAKK,SAAS,IACxBG,IAAI,CAACb,IAAI,KAAKW,QAAQ,IACtB1B,cAAc,CAAC4B,IAAI,CAAC/B,MAAM,EAAE8B,UAAU,CAAC,EACvC;QACA,OAAOC,IAAI;MACb;MACA,OAAO;QACLb,IAAI,EAAEW,QAAQ;QACd7B,MAAM,EAAE8B,UAAU;QAClBR,OAAO,EAAEK,WAAW;QACpBJ,KAAK,EAAEK;MACT,CAAC;IACH,CAAC,CAAC;EACJ,CAAC,EACD,EACF,CAAC;EAED,MAAMI,KAAK,GAAG,IAAAN,kBAAW,EACvB,OACEO,QAAkB,EAClBC,OAAwC,KACrC;IACHlB,QAAQ,CAAEe,IAAI,KAAM;MAAE,GAAGA,IAAI;MAAET,OAAO,EAAE,IAAI;MAAEC,KAAK,EAAEC;IAAU,CAAC,CAAC,CAAC;IAClE,IAAI;MACF,MAAML,oBAAW,CAACa,KAAK,CAACC,QAAQ,EAAEC,OAAO,CAAC;MAC1CT,oBAAoB,CAAC,KAAK,EAAED,SAAS,CAAC;IACxC,CAAC,CAAC,OAAOW,CAAC,EAAE;MACV,MAAMZ,KAAK,GAAGa,oBAAS,CAACC,IAAI,CAACF,CAAC,CAAC;MAC/BnB,QAAQ,CAAEe,IAAI,KAAM;QAAE,GAAGA,IAAI;QAAET,OAAO,EAAE,KAAK;QAAEC;MAAM,CAAC,CAAC,CAAC;MACxD,MAAMA,KAAK;IACb;EACF,CAAC,EACD,CAACE,oBAAoB,CACvB,CAAC;EAED,MAAMa,MAAM,GAAG,IAAAZ,kBAAW,EAAC,MAAM;IAC/BP,oBAAW,CAACmB,MAAM,CAAC,CAAC;IACpBtB,QAAQ,CAAEe,IAAI,IAAK;MACjB,IACEA,IAAI,CAACb,IAAI,KAAKM,SAAS,IACvBO,IAAI,CAAC/B,MAAM,CAACM,MAAM,KAAK,CAAC,IACxByB,IAAI,CAACT,OAAO,KAAK,KAAK,IACtBS,IAAI,CAACR,KAAK,KAAKC,SAAS,EACxB;QACA,OAAOO,IAAI;MACb;MACA,OAAO;QACLb,IAAI,EAAEM,SAAS;QACfxB,MAAM,EAAEF,YAAY;QACpBwB,OAAO,EAAE,KAAK;QACdC,KAAK,EAAEC;MACT,CAAC;IACH,CAAC,CAAC;EACJ,CAAC,EAAE,EAAE,CAAC;EAEN,MAAMe,aAAa,GAAG,IAAAb,kBAAW,EAC/B,MAAOc,SAAmB,IAAK;IAC7BxB,QAAQ,CAAEe,IAAI,KAAM;MAAE,GAAGA,IAAI;MAAET,OAAO,EAAE,IAAI;MAAEC,KAAK,EAAEC;IAAU,CAAC,CAAC,CAAC;IAClE,IAAI;MACF,MAAML,oBAAW,CAACoB,aAAa,CAACC,SAAS,CAAC;MAC1Cf,oBAAoB,CAAC,KAAK,EAAED,SAAS,CAAC;IACxC,CAAC,CAAC,OAAOW,CAAC,EAAE;MACV,MAAMZ,KAAK,GAAGa,oBAAS,CAACC,IAAI,CAACF,CAAC,CAAC;MAC/BnB,QAAQ,CAAEe,IAAI,KAAM;QAAE,GAAGA,IAAI;QAAET,OAAO,EAAE,KAAK;QAAEC;MAAM,CAAC,CAAC,CAAC;MACxD,MAAMA,KAAK;IACb;EACF,CAAC,EACD,CAACE,oBAAoB,CACvB,CAAC;EAED,MAAMgB,YAAY,GAAG,IAAAf,kBAAW,EAC9B,MAAOgB,cAAwB,IAAK;IAClC1B,QAAQ,CAAEe,IAAI,KAAM;MAAE,GAAGA,IAAI;MAAET,OAAO,EAAE,IAAI;MAAEC,KAAK,EAAEC;IAAU,CAAC,CAAC,CAAC;IAClE,IAAI;MACF,MAAML,oBAAW,CAACsB,YAAY,CAACC,cAAc,CAAC;MAC9CjB,oBAAoB,CAAC,KAAK,EAAED,SAAS,CAAC;IACxC,CAAC,CAAC,OAAOW,CAAC,EAAE;MACV,MAAMZ,KAAK,GAAGa,oBAAS,CAACC,IAAI,CAACF,CAAC,CAAC;MAC/BnB,QAAQ,CAAEe,IAAI,KAAM;QAAE,GAAGA,IAAI;QAAET,OAAO,EAAE,KAAK;QAAEC;MAAM,CAAC,CAAC,CAAC;MACxD,MAAMA,KAAK;IACb;EACF,CAAC,EACD,CAACE,oBAAoB,CACvB,CAAC;EAED,MAAMkB,YAAY,GAAG,IAAAjB,kBAAW,EAAC,YAAY;IAC3CV,QAAQ,CAAEe,IAAI,KAAM;MAAE,GAAGA,IAAI;MAAET,OAAO,EAAE,IAAI;MAAEC,KAAK,EAAEC;IAAU,CAAC,CAAC,CAAC;IAClE,IAAI;MACF,MAAML,oBAAW,CAACwB,YAAY,CAAC,CAAC;MAChClB,oBAAoB,CAAC,KAAK,EAAED,SAAS,CAAC;IACxC,CAAC,CAAC,OAAOW,CAAC,EAAE;MACV,MAAMZ,KAAK,GAAGa,oBAAS,CAACC,IAAI,CAACF,CAAC,CAAC;MAC/BnB,QAAQ,CAAEe,IAAI,KAAM;QAAE,GAAGA,IAAI;QAAET,OAAO,EAAE,KAAK;QAAEC;MAAM,CAAC,CAAC,CAAC;MACxD,MAAMA,KAAK;IACb;EACF,CAAC,EAAE,CAACE,oBAAoB,CAAC,CAAC;EAE1B,MAAMmB,cAAc,GAAG,IAAAlB,kBAAW,EAAC,MAAMP,oBAAW,CAACyB,cAAc,CAAC,CAAC,EAAE,EAAE,CAAC;EAE1E,MAAMC,YAAY,GAAG,IAAAnB,kBAAW,EAAC,YAAY;IAC3CV,QAAQ,CAAEe,IAAI,KAAM;MAAE,GAAGA,IAAI;MAAET,OAAO,EAAE,IAAI;MAAEC,KAAK,EAAEC;IAAU,CAAC,CAAC,CAAC;IAClE,IAAI;MACF,MAAMsB,MAAM,GAAG,MAAM3B,oBAAW,CAAC0B,YAAY,CAAC,CAAC;MAC/CpB,oBAAoB,CAAC,KAAK,EAAED,SAAS,CAAC;MACtC,OAAOsB,MAAM;IACf,CAAC,CAAC,OAAOX,CAAC,EAAE;MACV,MAAMZ,KAAK,GAAGa,oBAAS,CAACC,IAAI,CAACF,CAAC,CAAC;MAC/BnB,QAAQ,CAAEe,IAAI,KAAM;QAAE,GAAGA,IAAI;QAAET,OAAO,EAAE,KAAK;QAAEC;MAAM,CAAC,CAAC,CAAC;MACxD,MAAMA,KAAK;IACb;EACF,CAAC,EAAE,CAACE,oBAAoB,CAAC,CAAC;EAE1B,MAAMsB,aAAa,GAAG,IAAArB,kBAAW,EAAC,YAAY;IAC5CV,QAAQ,CAAEe,IAAI,KAAM;MAAE,GAAGA,IAAI;MAAET,OAAO,EAAE,IAAI;MAAEC,KAAK,EAAEC;IAAU,CAAC,CAAC,CAAC;IAClE,IAAI;MACF,MAAML,oBAAW,CAAC4B,aAAa,CAAC,CAAC;MACjCtB,oBAAoB,CAAC,KAAK,EAAED,SAAS,CAAC;IACxC,CAAC,CAAC,OAAOW,CAAC,EAAE;MACV,MAAMZ,KAAK,GAAGa,oBAAS,CAACC,IAAI,CAACF,CAAC,CAAC;MAC/BnB,QAAQ,CAAEe,IAAI,KAAM;QAAE,GAAGA,IAAI;QAAET,OAAO,EAAE,KAAK;QAAEC;MAAM,CAAC,CAAC,CAAC;MACxD,MAAMA,KAAK;IACb;EACF,CAAC,EAAE,CAACE,oBAAoB,CAAC,CAAC;EAE1B,IAAAuB,gBAAS,EAAC,MAAM;IACd,MAAMC,eAAe,GAAG9B,oBAAW,CAAC+B,kBAAkB,CAAE9B,WAAW,IAAK;MACtE,MAAMU,UAAU,GAAG/B,eAAe,CAACoB,oBAAW,CAACE,aAAa,CAAC;MAC7DL,QAAQ,CAAEe,IAAI,IAAK;QACjB,IACEA,IAAI,CAACb,IAAI,KAAKE,WAAW,IACzBjB,cAAc,CAAC4B,IAAI,CAAC/B,MAAM,EAAE8B,UAAU,CAAC,IACvCC,IAAI,CAACT,OAAO,KAAK,KAAK,EACtB;UACA,OAAOS,IAAI;QACb;QACA,OAAO;UACL,GAAGA,IAAI;UACPb,IAAI,EAAEE,WAAW;UACjBpB,MAAM,EAAE8B,UAAU;UAClBR,OAAO,EAAE;QACX,CAAC;MACH,CAAC,CAAC;IACJ,CAAC,CAAC;IACF,MAAM6B,iBAAiB,GAAGhC,oBAAW,CAACiC,iBAAiB,GAAG,MAAM;MAC9D3B,oBAAoB,CAAC,KAAK,EAAED,SAAS,CAAC;IACxC,CAAC,CAAC;IACF,OAAO,MAAM;MACXyB,eAAe,CAAC,CAAC;MACjBE,iBAAiB,GAAG,CAAC;IACvB,CAAC;EACH,CAAC,EAAE,CAAC1B,oBAAoB,CAAC,CAAC;EAE1B,OAAO,IAAA4B,cAAO,EACZ,OAAO;IACL,GAAGtC,KAAK;IACRuC,eAAe,EAAEnC,oBAAW,CAACmC,eAAe;IAC5CtB,KAAK;IACLM,MAAM;IACNC,aAAa;IACbE,YAAY;IACZE,YAAY;IACZC,cAAc;IACdC,YAAY;IACZE;EACF,CAAC,CAAC,EACF,CACEhC,KAAK,EACLiB,KAAK,EACLM,MAAM,EACNC,aAAa,EACbE,YAAY,EACZE,YAAY,EACZC,cAAc,EACdC,YAAY,EACZE,aAAa,CAEjB,CAAC;AACH","ignoreList":[]}
|
package/lib/module/Auth.web.js
CHANGED
|
@@ -101,6 +101,8 @@ class AuthWeb {
|
|
|
101
101
|
_tokenListeners = [];
|
|
102
102
|
_browserStorageResolved = false;
|
|
103
103
|
_loginInFlight = false;
|
|
104
|
+
_sessionGeneration = 0;
|
|
105
|
+
_disposed = false;
|
|
104
106
|
constructor() {
|
|
105
107
|
this._config = getConfig();
|
|
106
108
|
this.loadFromCache();
|
|
@@ -235,6 +237,7 @@ class AuthWeb {
|
|
|
235
237
|
delete safeUser.accessToken;
|
|
236
238
|
delete safeUser.idToken;
|
|
237
239
|
delete safeUser.serverAuthCode;
|
|
240
|
+
delete safeUser.authorizationCode;
|
|
238
241
|
return safeUser;
|
|
239
242
|
}
|
|
240
243
|
saveRefreshToken(refreshToken) {
|
|
@@ -269,6 +272,7 @@ class AuthWeb {
|
|
|
269
272
|
delete safeUser.accessToken;
|
|
270
273
|
delete safeUser.idToken;
|
|
271
274
|
delete safeUser.serverAuthCode;
|
|
275
|
+
delete safeUser.authorizationCode;
|
|
272
276
|
this._currentUser = safeUser;
|
|
273
277
|
}
|
|
274
278
|
} catch (error) {
|
|
@@ -333,6 +337,9 @@ class AuthWeb {
|
|
|
333
337
|
}
|
|
334
338
|
}
|
|
335
339
|
async runLoginOperation(operation) {
|
|
340
|
+
if (this._disposed) {
|
|
341
|
+
throw new AuthWebError("cancelled", "Auth module disposed");
|
|
342
|
+
}
|
|
336
343
|
if (this._loginInFlight) {
|
|
337
344
|
throw new AuthWebError("operation_in_progress", "Another login is already in progress");
|
|
338
345
|
}
|
|
@@ -343,8 +350,14 @@ class AuthWeb {
|
|
|
343
350
|
this._loginInFlight = false;
|
|
344
351
|
}
|
|
345
352
|
}
|
|
353
|
+
assertActiveGeneration(generation) {
|
|
354
|
+
if (this._disposed || this._sessionGeneration !== generation) {
|
|
355
|
+
throw new AuthWebError("cancelled", "Auth operation was cancelled");
|
|
356
|
+
}
|
|
357
|
+
}
|
|
346
358
|
async login(provider, options) {
|
|
347
359
|
const loginHint = options?.loginHint;
|
|
360
|
+
const generation = this._sessionGeneration;
|
|
348
361
|
logger.log(`Starting login with ${provider}`, {
|
|
349
362
|
scopes: options?.scopes
|
|
350
363
|
});
|
|
@@ -352,16 +365,16 @@ class AuthWeb {
|
|
|
352
365
|
await this.runLoginOperation(async () => {
|
|
353
366
|
if (provider === "google") {
|
|
354
367
|
const scopes = options?.scopes ?? DEFAULT_SCOPES;
|
|
355
|
-
await this.loginGoogle(scopes, loginHint);
|
|
368
|
+
await this.loginGoogle(scopes, loginHint, options, generation);
|
|
356
369
|
return;
|
|
357
370
|
}
|
|
358
371
|
if (provider === "microsoft") {
|
|
359
372
|
const scopes = options?.scopes ?? MS_DEFAULT_SCOPES;
|
|
360
|
-
await this.loginMicrosoft(scopes, loginHint, options?.tenant, options?.prompt);
|
|
373
|
+
await this.loginMicrosoft(scopes, loginHint, options?.tenant, options?.prompt, generation);
|
|
361
374
|
return;
|
|
362
375
|
}
|
|
363
376
|
if (provider === "apple") {
|
|
364
|
-
await this.loginApple();
|
|
377
|
+
await this.loginApple(options, generation);
|
|
365
378
|
return;
|
|
366
379
|
}
|
|
367
380
|
throw new AuthWebError("unsupported_provider", `Unsupported auth provider: ${provider}`);
|
|
@@ -384,12 +397,13 @@ class AuthWeb {
|
|
|
384
397
|
logger.log("Requesting additional scopes:", scopes);
|
|
385
398
|
const newScopes = [...new Set([...this._grantedScopes, ...scopes])];
|
|
386
399
|
try {
|
|
400
|
+
const generation = this._sessionGeneration;
|
|
387
401
|
await this.runLoginOperation(async () => {
|
|
388
402
|
if (provider === "google") {
|
|
389
|
-
await this.loginGoogle(newScopes);
|
|
403
|
+
await this.loginGoogle(newScopes, undefined, undefined, generation);
|
|
390
404
|
return;
|
|
391
405
|
}
|
|
392
|
-
await this.loginMicrosoft(newScopes);
|
|
406
|
+
await this.loginMicrosoft(newScopes, undefined, undefined, undefined, generation);
|
|
393
407
|
});
|
|
394
408
|
} catch (e) {
|
|
395
409
|
const error = this.mapError(e);
|
|
@@ -406,6 +420,9 @@ class AuthWeb {
|
|
|
406
420
|
this.updateUser(this._currentUser);
|
|
407
421
|
}
|
|
408
422
|
}
|
|
423
|
+
async revokeAccess() {
|
|
424
|
+
this.logout();
|
|
425
|
+
}
|
|
409
426
|
async getAccessToken() {
|
|
410
427
|
if (this._currentUser?.expirationTime) {
|
|
411
428
|
const now = Date.now();
|
|
@@ -420,7 +437,7 @@ class AuthWeb {
|
|
|
420
437
|
if (this._refreshPromise) {
|
|
421
438
|
return this._refreshPromise;
|
|
422
439
|
}
|
|
423
|
-
const refreshPromise = this.performRefreshToken();
|
|
440
|
+
const refreshPromise = this.performRefreshToken(this._sessionGeneration);
|
|
424
441
|
this._refreshPromise = refreshPromise;
|
|
425
442
|
try {
|
|
426
443
|
return await refreshPromise;
|
|
@@ -430,7 +447,7 @@ class AuthWeb {
|
|
|
430
447
|
}
|
|
431
448
|
}
|
|
432
449
|
}
|
|
433
|
-
async performRefreshToken() {
|
|
450
|
+
async performRefreshToken(generation) {
|
|
434
451
|
if (!this._currentUser) {
|
|
435
452
|
throw new Error("No user logged in");
|
|
436
453
|
}
|
|
@@ -461,6 +478,7 @@ class AuthWeb {
|
|
|
461
478
|
body: body.toString()
|
|
462
479
|
});
|
|
463
480
|
const json = await this.parseResponseObject(response);
|
|
481
|
+
this.assertActiveGeneration(generation);
|
|
464
482
|
if (!response.ok) {
|
|
465
483
|
throw new AuthWebError("refresh_failed", getOptionalString(json, "error_description") ?? getOptionalString(json, "error") ?? "Token refresh failed");
|
|
466
484
|
}
|
|
@@ -471,13 +489,17 @@ class AuthWeb {
|
|
|
471
489
|
this.saveRefreshToken(newRefreshToken);
|
|
472
490
|
}
|
|
473
491
|
const expirationTime = this.getExpirationTime(json["expires_in"]);
|
|
474
|
-
const
|
|
492
|
+
const currentUser = this._currentUser;
|
|
493
|
+
if (!currentUser) {
|
|
494
|
+
throw new AuthWebError("cancelled", "Auth operation was cancelled");
|
|
495
|
+
}
|
|
496
|
+
const effectiveIdToken = idToken ?? currentUser.idToken;
|
|
475
497
|
const claims = effectiveIdToken ? this.decodeMicrosoftJwt(effectiveIdToken) : {};
|
|
476
498
|
const user = {
|
|
477
|
-
...
|
|
499
|
+
...currentUser,
|
|
478
500
|
idToken: effectiveIdToken,
|
|
479
501
|
accessToken: accessToken ?? undefined,
|
|
480
|
-
refreshToken: newRefreshToken ??
|
|
502
|
+
refreshToken: newRefreshToken ?? currentUser.refreshToken,
|
|
481
503
|
expirationTime,
|
|
482
504
|
...claims
|
|
483
505
|
};
|
|
@@ -495,7 +517,8 @@ class AuthWeb {
|
|
|
495
517
|
throw new Error(`Token refresh not supported for ${this._currentUser.provider}`);
|
|
496
518
|
}
|
|
497
519
|
logger.log("Refreshing tokens...");
|
|
498
|
-
await this.loginGoogle(this._grantedScopes.length > 0 ? this._grantedScopes : DEFAULT_SCOPES);
|
|
520
|
+
await this.runLoginOperation(() => this.loginGoogle(this._grantedScopes.length > 0 ? this._grantedScopes : DEFAULT_SCOPES, undefined, undefined, generation));
|
|
521
|
+
this.assertActiveGeneration(generation);
|
|
499
522
|
const tokens = {
|
|
500
523
|
accessToken: this._currentUser.accessToken,
|
|
501
524
|
idToken: this._currentUser.idToken,
|
|
@@ -645,12 +668,12 @@ class AuthWeb {
|
|
|
645
668
|
}, POPUP_POLL_INTERVAL_MS);
|
|
646
669
|
});
|
|
647
670
|
}
|
|
648
|
-
async loginGoogle(scopes, loginHint) {
|
|
671
|
+
async loginGoogle(scopes, loginHint, options, generation) {
|
|
649
672
|
const clientId = this._config.googleWebClientId;
|
|
650
673
|
if (!clientId) {
|
|
651
674
|
throw new Error("Google Web Client ID not configured. Add 'GOOGLE_WEB_CLIENT_ID' to your .env file.");
|
|
652
675
|
}
|
|
653
|
-
const nonce = crypto.randomUUID();
|
|
676
|
+
const nonce = options?.nonce ?? crypto.randomUUID();
|
|
654
677
|
this._pendingGoogleNonce = nonce;
|
|
655
678
|
return new Promise((resolve, reject) => {
|
|
656
679
|
const redirectUri = window.location.origin;
|
|
@@ -661,10 +684,16 @@ class AuthWeb {
|
|
|
661
684
|
authUrl.searchParams.set("scope", scopes.join(" "));
|
|
662
685
|
authUrl.searchParams.set("nonce", nonce);
|
|
663
686
|
authUrl.searchParams.set("access_type", "offline");
|
|
664
|
-
authUrl.searchParams.set("prompt", "consent");
|
|
687
|
+
authUrl.searchParams.set("prompt", options?.forceAccountPicker ? "select_account consent" : "consent");
|
|
665
688
|
if (loginHint) {
|
|
666
689
|
authUrl.searchParams.set("login_hint", loginHint);
|
|
667
690
|
}
|
|
691
|
+
if (options?.hostedDomain) {
|
|
692
|
+
authUrl.searchParams.set("hd", options.hostedDomain);
|
|
693
|
+
}
|
|
694
|
+
if (options?.openIDRealm) {
|
|
695
|
+
authUrl.searchParams.set("openid.realm", options.openIDRealm);
|
|
696
|
+
}
|
|
668
697
|
const width = 500;
|
|
669
698
|
const height = 600;
|
|
670
699
|
const left = window.screenX + (window.outerWidth - width) / 2;
|
|
@@ -695,6 +724,9 @@ class AuthWeb {
|
|
|
695
724
|
throw new AuthWebError("invalid_nonce", "Nonce mismatch - possible replay attack");
|
|
696
725
|
}
|
|
697
726
|
this._pendingGoogleNonce = undefined;
|
|
727
|
+
if (generation !== undefined) {
|
|
728
|
+
this.assertActiveGeneration(generation);
|
|
729
|
+
}
|
|
698
730
|
this._grantedScopes = scopes;
|
|
699
731
|
this.saveValue(SCOPES_KEY, JSON.stringify(scopes));
|
|
700
732
|
const user = {
|
|
@@ -702,6 +734,8 @@ class AuthWeb {
|
|
|
702
734
|
idToken,
|
|
703
735
|
accessToken: accessToken ?? undefined,
|
|
704
736
|
serverAuthCode: code ?? undefined,
|
|
737
|
+
userId: getOptionalString(decoded, "sub"),
|
|
738
|
+
hostedDomain: getOptionalString(decoded, "hd"),
|
|
705
739
|
scopes,
|
|
706
740
|
expirationTime: this.getExpirationTime(expiresIn),
|
|
707
741
|
...this.decodeGoogleJwt(idToken)
|
|
@@ -720,7 +754,9 @@ class AuthWeb {
|
|
|
720
754
|
return {
|
|
721
755
|
email: getOptionalString(decoded, "email"),
|
|
722
756
|
name: getOptionalString(decoded, "name"),
|
|
723
|
-
photo: getOptionalString(decoded, "picture")
|
|
757
|
+
photo: getOptionalString(decoded, "picture"),
|
|
758
|
+
userId: getOptionalString(decoded, "sub"),
|
|
759
|
+
hostedDomain: getOptionalString(decoded, "hd")
|
|
724
760
|
};
|
|
725
761
|
} catch (error) {
|
|
726
762
|
logger.warn("Failed to decode Google ID token", {
|
|
@@ -729,7 +765,7 @@ class AuthWeb {
|
|
|
729
765
|
return {};
|
|
730
766
|
}
|
|
731
767
|
}
|
|
732
|
-
async loginMicrosoft(scopes, loginHint, tenant, prompt) {
|
|
768
|
+
async loginMicrosoft(scopes, loginHint, tenant, prompt, generation) {
|
|
733
769
|
const clientId = this._config.microsoftClientId;
|
|
734
770
|
if (!clientId) {
|
|
735
771
|
throw new Error("Microsoft Client ID not configured. Add 'microsoftClientId' to expo.extra in your app.config.js");
|
|
@@ -782,7 +818,7 @@ class AuthWeb {
|
|
|
782
818
|
if (!code) {
|
|
783
819
|
throw new AuthWebError("token_error", "No authorization code in response");
|
|
784
820
|
}
|
|
785
|
-
await this.exchangeMicrosoftCodeForTokens(code, codeVerifier, clientId, redirectUri, effectiveTenant, nonce, effectiveScopes);
|
|
821
|
+
await this.exchangeMicrosoftCodeForTokens(code, codeVerifier, clientId, redirectUri, effectiveTenant, nonce, effectiveScopes, generation);
|
|
786
822
|
}).then(() => {
|
|
787
823
|
resolve();
|
|
788
824
|
}).catch(error => {
|
|
@@ -805,7 +841,7 @@ class AuthWeb {
|
|
|
805
841
|
const base64 = btoa(String.fromCharCode(...bytes));
|
|
806
842
|
return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
807
843
|
}
|
|
808
|
-
async exchangeMicrosoftCodeForTokens(code, codeVerifier, clientId, redirectUri, tenant, expectedNonce, scopes) {
|
|
844
|
+
async exchangeMicrosoftCodeForTokens(code, codeVerifier, clientId, redirectUri, tenant, expectedNonce, scopes, generation) {
|
|
809
845
|
const authBaseUrl = this.getMicrosoftAuthBaseUrl(tenant, this._config.microsoftB2cDomain);
|
|
810
846
|
const tokenUrl = `${authBaseUrl}oauth2/v2.0/token`;
|
|
811
847
|
const body = new URLSearchParams({
|
|
@@ -823,6 +859,9 @@ class AuthWeb {
|
|
|
823
859
|
body: body.toString()
|
|
824
860
|
});
|
|
825
861
|
const json = await this.parseResponseObject(response);
|
|
862
|
+
if (generation !== undefined) {
|
|
863
|
+
this.assertActiveGeneration(generation);
|
|
864
|
+
}
|
|
826
865
|
if (!response.ok) {
|
|
827
866
|
throw new AuthWebError("token_error", getOptionalString(json, "error_description") ?? getOptionalString(json, "error") ?? "Token exchange failed");
|
|
828
867
|
}
|
|
@@ -920,7 +959,7 @@ class AuthWeb {
|
|
|
920
959
|
});
|
|
921
960
|
return _appleSdkLoadPromise;
|
|
922
961
|
}
|
|
923
|
-
async loginApple() {
|
|
962
|
+
async loginApple(options, generation) {
|
|
924
963
|
const clientId = this._config.appleWebClientId;
|
|
925
964
|
if (!clientId) {
|
|
926
965
|
throw new Error("Apple Web Client ID not configured. Add 'APPLE_WEB_CLIENT_ID' to your .env file.");
|
|
@@ -931,15 +970,20 @@ class AuthWeb {
|
|
|
931
970
|
}
|
|
932
971
|
window.AppleID.auth.init({
|
|
933
972
|
clientId,
|
|
934
|
-
scope: "name email",
|
|
973
|
+
scope: (options?.scopes?.length ? options.scopes : ["name", "email"]).join(" "),
|
|
935
974
|
redirectURI: window.location.origin,
|
|
975
|
+
nonce: options?.nonce,
|
|
936
976
|
usePopup: true
|
|
937
977
|
});
|
|
938
978
|
try {
|
|
939
979
|
const response = await window.AppleID.auth.signIn();
|
|
980
|
+
if (generation !== undefined) {
|
|
981
|
+
this.assertActiveGeneration(generation);
|
|
982
|
+
}
|
|
940
983
|
const user = {
|
|
941
984
|
provider: "apple",
|
|
942
985
|
idToken: response.authorization.id_token,
|
|
986
|
+
authorizationCode: response.authorization.code,
|
|
943
987
|
email: response.user?.email,
|
|
944
988
|
name: response.user?.name ? `${response.user.name.firstName} ${response.user.name.lastName}`.trim() : undefined
|
|
945
989
|
};
|
|
@@ -962,8 +1006,12 @@ class AuthWeb {
|
|
|
962
1006
|
this.notify();
|
|
963
1007
|
}
|
|
964
1008
|
logout() {
|
|
1009
|
+
this._sessionGeneration++;
|
|
965
1010
|
this._currentUser = undefined;
|
|
966
1011
|
this._grantedScopes = [];
|
|
1012
|
+
this._refreshPromise = undefined;
|
|
1013
|
+
this._pendingGoogleNonce = undefined;
|
|
1014
|
+
this._loginInFlight = false;
|
|
967
1015
|
this.removeFromCache(CACHE_KEY);
|
|
968
1016
|
this.removeFromCache(SCOPES_KEY);
|
|
969
1017
|
this.removeFromCache(MS_REFRESH_TOKEN_KEY);
|
|
@@ -986,7 +1034,12 @@ class AuthWeb {
|
|
|
986
1034
|
this.notify();
|
|
987
1035
|
}
|
|
988
1036
|
name = "Auth";
|
|
989
|
-
dispose() {
|
|
1037
|
+
dispose() {
|
|
1038
|
+
this._disposed = true;
|
|
1039
|
+
this.logout();
|
|
1040
|
+
this._listeners = [];
|
|
1041
|
+
this._tokenListeners = [];
|
|
1042
|
+
}
|
|
990
1043
|
equals(other) {
|
|
991
1044
|
return other === this;
|
|
992
1045
|
}
|