- Confirm npm scope access for
@thoughtbotand reserve the package name (@thoughtbot/react-native-social-auth@0.1.0published) - Scaffold the library with
create-react-native-libraryusing theturbo-moduletemplate with backward compatibility enabled - Set up monorepo structure with
/src,/android,/ios,/example,/docs - Configure TypeScript (strict mode), ESLint, Prettier — align with thoughtbot's existing JS/TS style guide
- Set up
react-native-builder-bobfor building the package - Configure Jest + React Native Testing Library
- Set up GitHub Actions CI (lint, typecheck, test, build, example app build)
- Add MIT license, CONTRIBUTING.md, CODE_OF_CONDUCT.md, issue/PR templates
- Set up release-it + conventional-changelog for versioning
- Add
Releaseworkflow with npm Trusted Publishing (OIDC) — no long-livedNPM_TOKEN - Create example app demonstrating the package
- Draft the public JS API (provider-agnostic from day one, even if only Google ships first)
- Define core types:
AuthCredential,AuthUser,AuthError,SignInOptions - Write the Turbo Module codegen spec in TypeScript for the Google module
- Define methods:
configure(),signIn(),signOut(),getCurrentUser(),revokeAccess(),isSignedIn() - Design error handling strategy (typed errors, platform-specific error codes mapped to common codes)
- Document the provider interface so future providers (Apple, GitHub) follow the same shape
- Review API design with thoughtbot team / gather feedback before implementation
- Add Credential Manager dependencies (
androidx.credentials:credentials,androidx.credentials:credentials-play-services-auth,com.google.android.libraries.identity.googleid:googleid) - Set minimum SDK version (Credential Manager requires API 19+, but Google ID helper needs higher)
- Implement
configure()— store web client ID, nonce settings, auto-select preferences - Implement
signIn()usingCredentialManager.getCredential()withGetSignInWithGoogleOption(button flow) andGetGoogleIdOption(bottom sheet flow) - Handle
GoogleIdTokenCredentialparsing and return ID token + profile info to JS - Implement
signOut()viaCredentialManager.clearCredentialState() - Implement nonce generation and validation helpers
- Map Android exceptions (
GetCredentialException,NoCredentialException, user cancellation) to typed JS errors - Handle both bottom-sheet (One Tap replacement) and button-triggered flows
- Test on physical Android device with and without Google account configured
- Add
GoogleSignInvia CocoaPods in the podspec - Configure
Info.plistURL schemes (documented in README under iOS setup) - Implement
configure()— store iOS client ID, server client ID (for ID token audience) - Implement
signIn()usingGIDSignIn.sharedInstance.signIn(withPresenting:)— get the root view controller from RN - Return ID token, access token, and user profile to JS in the same shape as Android
- Implement
signOut()anddisconnect()(revoke) - Implement
getCurrentUser()viaGIDSignIn.sharedInstance.currentUser - Handle
restorePreviousSignInfor silent re-authentication - Map
GIDSignInErrorcodes to typed JS errors matching Android's error shape - Handle the URL callback in AppDelegate (document the required
application(_:open:options:)integration) - Test on physical iOS device and simulator
- Implement the provider abstraction layer that dispatches to platform modules
- Build
GoogleSignInButtonas a styled React component (not native) per Google's 2025 branding guidelines - Support light/dark/neutral theme variants
- Support icon-only and standard button shapes (rounded + square)
- Support localization (button text in multiple languages per Google's assets)
- Ensure accessibility labels and roles are correct (covered by RNTL tests)
- Build generic
<SignInButton provider="google" />wrapper for future extensibility - Export all types from the package root
- Write an Expo config plugin that handles
Info.plistURL schemes andAppDelegateURL forwarding (iOS). Android is a no-op — Credential Manager needs no manifest changes. - Test in Expo prebuild / development build workflow (covered by
plugin/src/__tests__/withSocialAuth.test.ts+ the example app) - Document Expo managed workflow limitations (Expo Go not supported; dev client / EAS Build required) and the install flow
- Add the config plugin to the package's
app.plugin.jsentry
- Write comprehensive README: install, platform setup, quickstart, API reference
- Document Google Cloud Console setup (creating OAuth client IDs for Android, iOS, web)
- Document SHA-1 fingerprint setup for Android (including Play App Signing for release builds)
- Document
Info.plistconfiguration for iOS (URL schemes + AppDelegate forwarding) - Add TSDoc comments to every public-API symbol so consumers get hover-docs in their IDE
- Provide migration guide from
@react-native-google-signin/google-signin - Document ID token verification on the backend (link to Google's guides)
- Add troubleshooting context (the
28444developer-console error, simulator limitations, Play Services requirement) inline in setup sections - Build a docs site (Docusaurus, or thoughtbot's preferred tool) if scope warrants it
- Unit tests for JS layer with mocked native modules (Jest, 16 tests in
GoogleSignIn.test.ts) - Component tests for the button (React Native Testing Library, 13 tests in
GoogleSignInButton.test.tsx) - Error / type-guard tests (11 tests in
errors.test.ts) - Integration tests in the example app (Detox or Maestro)
- Manual test matrix: Android (Play Services present/absent, multiple accounts, no accounts, cancelled flow), iOS (signed in/out, cancelled, restore previous)
- Test on new architecture (Fabric/Turbo) — verified on iOS simulator + iPhone 12 Pro and Android emulator
- Test with RN 0.83 (current as of 2026)
- Verify bundle size impact is minimal
- Run on low-end devices to catch performance issues
- Publish
0.1.0to npm under@thoughtbotscope - Gather feedback from internal thoughtbot projects using the package
- Iterate based on real-world usage
- Publish
1.0.0stable release - Announce via thoughtbot blog post, social, and relevant RN community channels (Reactiflux, r/reactnative)
- Submit to awesome-react-native lists
- Monitor GitHub issues and respond to community feedback
- Add Apple Sign-In provider (required for App Store if offering Google on iOS)
- Add Facebook, GitHub, and other providers behind the same interface
- Keep Credential Manager and GoogleSignIn-iOS SDK versions up to date
- Plan for passkey support (Credential Manager already exposes this on Android)