feat: add support for Native to Web SSO #1386

subhankarmaiti · 2025-11-21T06:23:59Z

Implements Native to Web SSO functionality enabling seamless authentication between native contexts and WebViews. Applications can obtain session transfer credentials from native SDKs to establish authenticated web sessions without re-authentication.

Usage

const { getSSOCredentials } = useAuth0();

const credentials = await getSSOCredentials();
// { sessionTransferToken, tokenType, expiresIn, idToken?, refreshToken? }

// With parameters
await getSSOCredentials(
  { audience: 'https://api.example.com' },
  { 'X-Custom-Header': 'value' }
);

…into feat/native-to-web-sso

pmathew92 · 2025-11-21T06:47:16Z

@claude

github-actions · 2025-11-21T06:47:36Z

Claude finished @pmathew92's task —— View job

Code Review Complete

Read PR diff and understand changes
Read AGENTS.md for project context (not found, proceeding with review)
Perform code quality review
Perform security review
Perform performance review
Provide inline feedback on specific issues
Post overall assessment

Overall Assessment

❌ This pull request requires fixes before it can be merged. A critical compilation error was identified in the Android implementation that will prevent the code from building, along with several type safety issues that could cause runtime failures.

Critical Issues:

Compilation Error: The Android implementation calls a non-existent method handleCredentialsManagerError (line 415)
Type Safety: Unsafe type casting in the Android implementation that will fail with ClassCastException if non-String values are passed in parameters or headers

Additional Issues:

Type definitions use overly permissive any types that bypass TypeScript's type safety
Test code contains empty catch blocks without explanatory comments
Unnecessary default value assignments that change function semantics
Minor code quality issues with unused parameters

The TypeScript/React implementation, iOS native implementation, and test coverage are well-structured. Once the critical Android issues are resolved, this will be a solid addition to the library.

android/src/main/java/com/auth0/react/A0Auth0Module.kt

src/platforms/web/adapters/WebCredentialsManager.ts

src/core/interfaces/ICredentialsManager.ts

src/hooks/__tests__/Auth0Provider.spec.tsx

src/platforms/native/bridge/NativeBridgeManager.ts

…into feat/native-to-web-sso

Copilot

Pull request overview

This PR adds Native to Web SSO functionality, enabling seamless authentication between native mobile apps and web contexts. The implementation allows applications to obtain session transfer credentials from native SDKs to establish authenticated web sessions without requiring user re-authentication.

Introduces SessionTransferCredentials type with session transfer tokens for web SSO
Adds getSSOCredentials method across all platform-specific implementations (iOS, Android, Web)
Integrates the feature into React hooks (useAuth0) with comprehensive test coverage for native platforms

Reviewed changes

Copilot reviewed 15 out of 15 changed files in this pull request and generated 10 comments.

Show a summary per file

File	Description
`src/types/common.ts`	Defines `SessionTransferCredentials` type with session transfer token, expiration, and optional rotated tokens
`src/specs/NativeA0Auth0.ts`	Adds TurboModule spec for `getSSOCredentials` native method signature
`src/platforms/web/adapters/WebCredentialsManager.ts`	Implements web adapter that throws appropriate error since SSO is native-only
`src/platforms/native/bridge/NativeBridgeManager.ts`	Implements native bridge to call native module with parameters and headers
`src/platforms/native/bridge/INativeBridge.ts`	Defines native bridge interface with comprehensive documentation
`src/platforms/native/adapters/NativeCredentialsManager.ts`	Implements credentials manager method with error handling
`src/platforms/native/adapters/__tests__/NativeCredentialsManager.spec.ts`	Adds comprehensive test coverage for all parameter combinations and error cases
`src/hooks/Auth0Provider.tsx`	Integrates `getSSOCredentials` into Auth0 context with error handling
`src/hooks/__tests__/Auth0Provider.spec.tsx`	Adds comprehensive test coverage for hook integration
`src/hooks/Auth0Context.ts`	Defines context interface with detailed documentation and usage examples
`src/core/interfaces/ICredentialsManager.ts`	Defines credentials manager interface with documentation
`ios/NativeBridge.swift`	Implements iOS native bridge calling credentials manager with parameters and headers
`ios/A0Auth0.mm`	Exports iOS React Native method bridging to Swift implementation
`android/src/main/oldarch/com/auth0/react/A0Auth0Spec.kt`	Adds method signature to Android old architecture spec
`android/src/main/java/com/auth0/react/A0Auth0Module.kt`	Implements Android native module with credentials manager integration

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

android/src/main/java/com/auth0/react/A0Auth0Module.kt

src/types/common.ts

src/hooks/Auth0Context.ts

src/core/interfaces/ICredentialsManager.ts

src/platforms/web/adapters/WebCredentialsManager.ts

src/types/common.ts

src/platforms/native/bridge/INativeBridge.ts

src/core/interfaces/ICredentialsManager.ts

src/hooks/Auth0Context.ts

src/platforms/native/bridge/NativeBridgeManager.ts

pmathew92 · 2025-12-02T05:04:31Z

@subhankarmaiti , show an example in the Examples.md file for this flow E2E

…into feat/native-to-web-sso

…r description for iOS

feat: add getSSOCredentials method for Native to Web SSO support

9962e19

subhankarmaiti requested a review from a team as a code owner November 21, 2025 06:24

subhankarmaiti changed the title ~~feat: add getSSOCredentials method for Native to Web SSO support~~ feat: add support for Native to Web SSO support Nov 21, 2025

subhankarmaiti changed the title ~~feat: add support for Native to Web SSO support~~ feat: add support for Native to Web SSO Nov 21, 2025

Merge branch 'master' of https://github.com/auth0/react-native-auth0 …

c09b00a

…into feat/native-to-web-sso