feat: add support for use_fedcm_for_prompt for fedcm migration (#316)

MomenSherif · web-flow · commit 9c23c442d9a3 · 2023-11-18T13:27:31.000+02:00
diff --git a/.changeset/brown-actors-return.md b/.changeset/brown-actors-return.md
@@ -0,0 +1,6 @@
+---
+'@react-oauth/google': minor
+---
+
+- add support for use_fedcm_for_prompt for fedcm migration
+- export `useGoogleOAuth` returns { scriptLoadedSuccessfully: boolean; clientId: string }
diff --git a/README.md b/README.md
@@ -140,9 +140,7 @@ const login = useGoogleLogin({
   onSuccess: tokenResponse => console.log(tokenResponse),
 });
 
-<MyCustomButton onClick={() => login()}>
-  Sign in with Google 🚀{' '}
-</MyCustomButton>;
+<MyCustomButton onClick={() => login()}>Sign in with Google 🚀</MyCustomButton>;
 ```
 
 #### Authorization code flow
@@ -157,9 +155,7 @@ const login = useGoogleLogin({
   flow: 'auth-code',
 });
 
-<MyCustomButton onClick={() => login()}>
-  Sign in with Google 🚀{' '}
-</MyCustomButton>;
+<MyCustomButton onClick={() => login()}>Sign in with Google 🚀</MyCustomButton>;
 ```
 
 #### Checks if the user granted all the specified scope or scopes
@@ -186,6 +182,8 @@ const hasAccess = hasGrantedAnyScopeGoogle(
 );
 ```
 
+#### [Content Security Policy (if needed)](https://developers.google.com/identity/gsi/web/guides/get-google-api-clientid#content_security_policy)
+
 ## API
 
 ### GoogleOAuthProvider
@@ -227,6 +225,7 @@ const hasAccess = hasGrantedAnyScopeGoogle(
 |          | intermediate_iframe_close_callback | `function`                                                    | Overrides the default intermediate iframe behavior when users manually close One Tap                                                                                                                                                                                              |
 |          | itp_support                        | `boolean`                                                     | Enables upgraded One Tap UX on ITP browsers                                                                                                                                                                                                                                       |
 |          | hosted_domain                      | `string`                                                      | If your application knows the Workspace domain the user belongs to, use this to provide a hint to Google. For more information, see the [hd](https://developers.google.com/identity/protocols/oauth2/openid-connect#authenticationuriparameters) field in the OpenID Connect docs |
+|          | use_fedcm_for_prompt               | `boolean`                                                     | Allow the browser to control user sign-in prompts and mediate the sign-in flow between your website and Google.                                                                                                                                                                   |
 
 ### useGoogleLogin (Both implicit & authorization code flow)
 
@@ -267,3 +266,4 @@ const hasAccess = hasGrantedAnyScopeGoogle(
 |          | cancel_on_tap_outside    | `boolean`                                          | Controls whether to cancel the prompt if the user clicks outside of the prompt                                                                                                                                                                                                    |
 |          | hosted_domain            | `string`                                           | If your application knows the Workspace domain the user belongs to, use this to provide a hint to Google. For more information, see the [hd](https://developers.google.com/identity/protocols/oauth2/openid-connect#authenticationuriparameters) field in the OpenID Connect docs |
 |          | disabled                 | `boolean`                                          | Controls whether to cancel the popup in cases such as when the user is already logged in                                                                                                                                                                                          |
+|          | use_fedcm_for_prompt     | `boolean`                                          | Allow the browser to control user sign-in prompts and mediate the sign-in flow between your website and Google.                                                                                                                                                                   |
diff --git a/packages/@react-oauth/google/README.md b/packages/@react-oauth/google/README.md
@@ -12,7 +12,7 @@ $ npm install @react-oauth/google@latest
 $ yarn add @react-oauth/google@latest
 ```
 
-## Demo
+## Demo & How to use to fetch user details
 
 https://react-oauth.vercel.app/
 
@@ -140,9 +140,7 @@ const login = useGoogleLogin({
   onSuccess: tokenResponse => console.log(tokenResponse),
 });
 
-<MyCustomButton onClick={() => login()}>
-  Sign in with Google 🚀{' '}
-</MyCustomButton>;
+<MyCustomButton onClick={() => login()}>Sign in with Google 🚀</MyCustomButton>;
 ```
 
 #### Authorization code flow
@@ -157,9 +155,7 @@ const login = useGoogleLogin({
   flow: 'auth-code',
 });
 
-<MyCustomButton onClick={() => login()}>
-  Sign in with Google 🚀{' '}
-</MyCustomButton>;
+<MyCustomButton onClick={() => login()}>Sign in with Google 🚀</MyCustomButton>;
 ```
 
 #### Checks if the user granted all the specified scope or scopes
@@ -186,13 +182,16 @@ const hasAccess = hasGrantedAnyScopeGoogle(
 );
 ```
 
+#### [Content Security Policy (if needed)](https://developers.google.com/identity/gsi/web/guides/get-google-api-clientid#content_security_policy)
+
 ## API
 
 ### GoogleOAuthProvider
 
 | Required | Prop                | Type       | Description                                                                 |
 | :------: | ------------------- | ---------- | --------------------------------------------------------------------------- |
 |    ✓     | clientId            | `string`   | [**Google API client ID**](https://console.cloud.google.com/apis/dashboard) |
+|          | nonce               | `string`   | Nonce applied to GSI script tag. Propagates to GSI's inline style tag       |
 |          | onScriptLoadSuccess | `function` | Callback fires on load gsi script success                                   |
 |          | onScriptLoadError   | `function` | Callback fires on load gsi script failure                                   |
 
@@ -226,6 +225,7 @@ const hasAccess = hasGrantedAnyScopeGoogle(
 |          | intermediate_iframe_close_callback | `function`                                                    | Overrides the default intermediate iframe behavior when users manually close One Tap                                                                                                                                                                                              |
 |          | itp_support                        | `boolean`                                                     | Enables upgraded One Tap UX on ITP browsers                                                                                                                                                                                                                                       |
 |          | hosted_domain                      | `string`                                                      | If your application knows the Workspace domain the user belongs to, use this to provide a hint to Google. For more information, see the [hd](https://developers.google.com/identity/protocols/oauth2/openid-connect#authenticationuriparameters) field in the OpenID Connect docs |
+|          | use_fedcm_for_prompt               | `boolean`                                                     | Allow the browser to control user sign-in prompts and mediate the sign-in flow between your website and Google.                                                                                                                                                                   |
 
 ### useGoogleLogin (Both implicit & authorization code flow)
 
@@ -265,3 +265,5 @@ const hasAccess = hasGrantedAnyScopeGoogle(
 |          | promptMomentNotification | `(notification: PromptMomentNotification) => void` | [PromptMomentNotification](https://developers.google.com/identity/gsi/web/reference/js-reference) methods and description                                                                                                                                                         |
 |          | cancel_on_tap_outside    | `boolean`                                          | Controls whether to cancel the prompt if the user clicks outside of the prompt                                                                                                                                                                                                    |
 |          | hosted_domain            | `string`                                           | If your application knows the Workspace domain the user belongs to, use this to provide a hint to Google. For more information, see the [hd](https://developers.google.com/identity/protocols/oauth2/openid-connect#authenticationuriparameters) field in the OpenID Connect docs |
+|          | disabled                 | `boolean`                                          | Controls whether to cancel the popup in cases such as when the user is already logged in                                                                                                                                                                                          |
+|          | use_fedcm_for_prompt     | `boolean`                                          | Allow the browser to control user sign-in prompts and mediate the sign-in flow between your website and Google.                                                                                                                                                                   |
diff --git a/packages/@react-oauth/google/src/hooks/useGoogleLogin.ts b/packages/@react-oauth/google/src/hooks/useGoogleLogin.ts
@@ -96,7 +96,7 @@ export default function useGoogleLogin({
     const clientMethod =
       flow === 'implicit' ? 'initTokenClient' : 'initCodeClient';
 
-    const client = window?.google?.accounts.oauth2[clientMethod]({
+    const client = window?.google?.accounts?.oauth2[clientMethod]({
       client_id: clientId,
       scope: overrideScope ? scope : `openid profile email ${scope}`,
       callback: (response: TokenResponse | CodeResponse) => {
diff --git a/packages/@react-oauth/google/src/hooks/useGoogleOneTapLogin.ts b/packages/@react-oauth/google/src/hooks/useGoogleOneTapLogin.ts
@@ -2,9 +2,10 @@ import { useEffect, useRef } from 'react';
 
 import { useGoogleOAuth } from '../GoogleOAuthProvider';
 import { extractClientId } from '../utils';
-import {
+import type {
   CredentialResponse,
   GoogleCredentialResponse,
+  IdConfiguration,
   MomentListener,
 } from '../types';
 
@@ -17,6 +18,8 @@ interface UseGoogleOneTapLoginOptions {
   state_cookie_domain?: string;
   hosted_domain?: string;
   disabled?: boolean;
+  use_fedcm_for_prompt?: IdConfiguration['use_fedcm_for_prompt'];
+  auto_select?: boolean;
 }
 
 export default function useGoogleOneTapLogin({
@@ -27,7 +30,9 @@ export default function useGoogleOneTapLogin({
   prompt_parent_id,
   state_cookie_domain,
   hosted_domain,
+  use_fedcm_for_prompt = false,
   disabled,
+  auto_select,
 }: UseGoogleOneTapLoginOptions): void {
   const { clientId, scriptLoadedSuccessfully } = useGoogleOAuth();
 
@@ -66,6 +71,8 @@ export default function useGoogleOneTapLogin({
       cancel_on_tap_outside,
       prompt_parent_id,
       state_cookie_domain,
+      use_fedcm_for_prompt,
+      auto_select,
     });
 
     window?.google?.accounts?.id?.prompt(promptMomentNotificationRef.current);
@@ -80,6 +87,8 @@ export default function useGoogleOneTapLogin({
     prompt_parent_id,
     state_cookie_domain,
     hosted_domain,
+    use_fedcm_for_prompt,
     disabled,
+    auto_select,
   ]);
 }
diff --git a/packages/@react-oauth/google/src/index.ts b/packages/@react-oauth/google/src/index.ts
@@ -1,4 +1,7 @@
-export { default as GoogleOAuthProvider } from './GoogleOAuthProvider';
+export {
+  default as GoogleOAuthProvider,
+  useGoogleOAuth,
+} from './GoogleOAuthProvider';
 export { default as GoogleLogin } from './GoogleLogin';
 export type { GoogleLoginProps } from './GoogleLogin';
 export { default as googleLogout } from './googleLogout';
diff --git a/packages/@react-oauth/google/src/types/index.ts b/packages/@react-oauth/google/src/types/index.ts
@@ -49,6 +49,11 @@ export interface IdConfiguration {
    * field in the OpenID Connect docs.
    */
   hosted_domain?: string;
+  /**
+   * Allow the browser to control user sign-in prompts and mediate the sign-in flow between your website and Google.
+   * @default false
+   */
+  use_fedcm_for_prompt?: boolean;
 }
 
 export interface CredentialResponse {
@@ -99,7 +104,11 @@ export interface PromptMomentNotification {
   isDisplayed: () => boolean;
   /** Is this notification for a display moment, and the UI isn't displayed? */
   isNotDisplayed: () => boolean;
-  /** The detailed reason why the UI isn't displayed */
+  /**
+   * The detailed reason why the UI isn't displayed
+   * Avoid using `opt_out_or_no_session`. When FedCM is enabled,
+   * this value is not supported. See Migrate to FedCM page for more information.
+   * */
   getNotDisplayedReason: () =>
     | 'browser_not_supported'
     | 'invalid_client'
