@authaz/next 0.0.1 → 1.0.1

package/dist/index.js

@@ -1,30 +1,442 @@
-import { authaz, validateToken } from "@authaz/sdk";
-import { cookies } from "next/headers";
+import { AuthazError, COOKIE_NAMES, createAuthazClient, fetchUserinfo, getSecureCookieOptions, isOk, mapUserinfoToUser, timingSafeCompare } from "@authaz/sdk";
+import { NextResponse } from "next/server";
 
 //#region src/index.tsx
-const authazNext = (config, args) => {
-	const sdk = authaz(config);
-	const isDebug = args?.debug || false;
-	const getUserSession = (args$1) => {
-		const accessTokenCookie = args$1?.cookies?.accessToken || "accessToken";
-		return async () => {
-			try {
-				const accessToken = (await cookies()).get(accessTokenCookie)?.value;
-				if (!accessToken || !validateToken(accessToken)) return null;
-				const response = await sdk.getMe(accessToken);
-				if (response.status !== "success") return null;
-				return response.user;
-			} catch (error) {
-				if (isDebug) console.error("[authaz-sdk] Error on get user session", error);
-				return null;
-			}
-		};
+/**
+* Lazy load next/headers at runtime to avoid MODULE_NOT_FOUND on Vercel/serverless
+* when the package is resolved from a different node_modules context (e.g. pnpm).
+*/
+const getCookieStore = async () => {
+	const { cookies } = await import("next/headers");
+	return cookies();
+};
+const isRequestHttps = (request) => {
+	if (request.headers.get("x-forwarded-proto") === "https") return true;
+	return new URL(request.url).protocol === "https:";
+};
+const toNextCookieOptions = (options) => {
+	return {
+		httpOnly: options.httpOnly,
+		secure: options.secure,
+		sameSite: options.sameSite,
+		path: options.path,
+		maxAge: options.maxAge
+	};
+};
+/**
+* Creates the Authaz Next.js authentication handler.
+*
+* This creates a route handler that manages the complete OAuth flow:
+* - GET /api/auth/login - Redirects to Universal Login
+* - POST /api/auth/callback - Handles OAuth callback (receives code via form POST)
+* - POST /api/auth/logout - Clears session and redirects to logout (POST-only for CSRF protection)
+* - GET /api/auth/me - Returns current user info (requires valid session)
+* - POST /api/auth/refresh - Refreshes the access token
+*
+* IMPORTANT: The OAuth callback from the identity provider arrives as GET.
+* You need a callback page that POSTs to /api/auth/callback:
+*
+* ```tsx
+* // app/auth/callback/page.tsx
+* 'use client';
+* import { useEffect } from 'react';
+* import { useSearchParams } from 'next/navigation';
+*
+* export default function CallbackPage() {
+*   const searchParams = useSearchParams();
+*
+*   useEffect(() => {
+*     const form = document.createElement('form');
+*     form.method = 'POST';
+*     form.action = '/api/auth/callback';
+*
+*     const code = searchParams.get('code');
+*     const state = searchParams.get('state');
+*     const error = searchParams.get('error');
+*
+*     ['code', 'state', 'error', 'error_description'].forEach(param => {
+*       const value = searchParams.get(param);
+*       if (value) {
+*         const input = document.createElement('input');
+*         input.type = 'hidden';
+*         input.name = param;
+*         input.value = value;
+*         form.appendChild(input);
+*       }
+*     });
+*
+*     document.body.appendChild(form);
+*     form.submit();
+*   }, [searchParams]);
+*
+*   return <div>Completing login...</div>;
+* }
+* ```
+*
+* @example
+* ```typescript
+* // app/api/auth/[...authaz]/route.ts
+* import { createAuthazHandler } from '@authaz/next';
+*
+* export const { GET, POST } = createAuthazHandler({
+*   clientId: process.env.AUTHAZ_CLIENT_ID!,
+*   clientSecret: process.env.AUTHAZ_CLIENT_SECRET!,
+*   tenantId: process.env.AUTHAZ_TENANT_ID!,
+*   organizationId: process.env.AUTHAZ_ORGANIZATION_ID!,
+* });
+* ```
+*/
+const createAuthazHandler = (config) => {
+	let _client = null;
+	const getClient = () => {
+		if (!_client) _client = createAuthazClient(config);
+		return _client;
+	};
+	const afterLoginUrl = config.afterLoginUrl || "/";
+	const afterLogoutUrl = config.afterLogoutUrl || "/";
+	const authazDomain = config.authazDomain || "https://authaz.com";
+	const fixedRedirectUri = config.redirectUri;
+	const isDebug = config.debug || false;
+	const apiKey = config.apiKey || config.clientSecret;
+	const log = (message, data) => {
+		if (isDebug) console.log(`[authaz-next] ${message}`, data || "");
+	};
+	const logError = (message, error) => {
+		if (isDebug) console.error(`[authaz-next] ${message}`, error || "");
+	};
+	const getAction = (request) => {
+		const url = new URL(request.url);
+		const pathParts = url.pathname.split("/");
+		const action = pathParts[pathParts.length - 1];
+		log(`getAction: pathname=${url.pathname}, action=${action}`);
+		return action;
+	};
+	const getBaseUrl = (request) => {
+		const url = new URL(request.url);
+		return `${url.protocol}//${url.host}`;
+	};
+	const handleLogin = async (request) => {
+		log("Starting login flow");
+		let redirectUri;
+		if (fixedRedirectUri) {
+			redirectUri = fixedRedirectUri;
+			log("Using fixed redirectUri from config", { redirectUri });
+		} else {
+			const baseUrl = getBaseUrl(request);
+			const callbackPage = new URL(request.url).searchParams.get("callbackUrl") || "/auth/callback";
+			redirectUri = callbackPage.startsWith("http") ? callbackPage : `${baseUrl}${callbackPage}`;
+			log("Using dynamic redirectUri", { redirectUri });
+		}
+		const result = await getClient().auth.getLoginUrl(redirectUri);
+		if (!isOk(result)) {
+			logError("Failed to generate login URL", result.error);
+			return NextResponse.json({ error: "Failed to generate login URL" }, { status: 500 });
+		}
+		const loginResult = result.data;
+		const response = NextResponse.redirect(loginResult.url);
+		const oauthCookieOptions = toNextCookieOptions(getSecureCookieOptions(600, isRequestHttps(request)));
+		response.cookies.set(COOKIE_NAMES.CODE_VERIFIER, loginResult.codeVerifier, oauthCookieOptions);
+		response.cookies.set(COOKIE_NAMES.STATE, loginResult.state, oauthCookieOptions);
+		response.cookies.set(COOKIE_NAMES.NONCE, loginResult.nonce, oauthCookieOptions);
+		log("Redirecting to Universal Login", { url: loginResult.url });
+		return response;
+	};
+	const handleCallback = async (request) => {
+		log("Handling OAuth callback");
+		const formData = await request.formData();
+		const code = formData.get("code");
+		const state = formData.get("state");
+		const error = formData.get("error");
+		const errorDescription = formData.get("error_description");
+		log("Callback params", {
+			code: code?.substring(0, 10),
+			state: state?.substring(0, 10),
+			error
+		});
+		const baseUrl = getBaseUrl(request);
+		if (error) {
+			logError("OAuth error", {
+				error,
+				errorDescription
+			});
+			return NextResponse.redirect(`${baseUrl}${afterLoginUrl}?error=${encodeURIComponent(error)}`);
+		}
+		if (!code) {
+			logError("Missing authorization code");
+			return NextResponse.redirect(`${baseUrl}${afterLoginUrl}?error=missing_code`);
+		}
+		const cookieStore = await getCookieStore();
+		const codeVerifier = cookieStore.get(COOKIE_NAMES.CODE_VERIFIER)?.value;
+		const storedState = cookieStore.get(COOKIE_NAMES.STATE)?.value;
+		log("All cookies", cookieStore.getAll().map((c) => c.name));
+		if (!codeVerifier) {
+			logError("Missing code verifier cookie");
+			return NextResponse.redirect(`${baseUrl}${afterLoginUrl}?error=missing_verifier`);
+		}
+		if (!storedState || !state || !timingSafeCompare(state, storedState)) {
+			logError("State mismatch", {
+				received: state,
+				stored: storedState
+			});
+			return NextResponse.redirect(`${baseUrl}${afterLoginUrl}?error=state_mismatch`);
+		}
+		const redirectUri = fixedRedirectUri || `${baseUrl}/auth/redirect`;
+		log("Using redirectUri for token exchange", { redirectUri });
+		const result = await getClient().auth.exchangeCode(code, codeVerifier, redirectUri);
+		if (!isOk(result)) {
+			logError("Token exchange failed", result.error);
+			return NextResponse.redirect(`${baseUrl}${afterLoginUrl}?error=token_exchange_failed`);
+		}
+		const tokens = result.data;
+		log("Token exchange successful");
+		const redirectUrl = `${baseUrl}${afterLoginUrl}`;
+		const response = NextResponse.redirect(redirectUrl, { status: 303 });
+		const isHttps = isRequestHttps(request);
+		const accessTokenOptions = toNextCookieOptions(getSecureCookieOptions(tokens.expiresIn || 3600, isHttps));
+		const refreshTokenOptions = toNextCookieOptions(getSecureCookieOptions(3600 * 24 * 30, isHttps));
+		log("Setting cookies", {
+			isHttps,
+			secure: accessTokenOptions.secure,
+			sameSite: accessTokenOptions.sameSite,
+			accessTokenLength: tokens.accessToken?.length,
+			redirectUrl: `${baseUrl}${afterLoginUrl}`
+		});
+		response.cookies.set(COOKIE_NAMES.ACCESS_TOKEN, tokens.accessToken, accessTokenOptions);
+		if (tokens.refreshToken) response.cookies.set(COOKIE_NAMES.REFRESH_TOKEN, tokens.refreshToken, refreshTokenOptions);
+		response.cookies.delete(COOKIE_NAMES.CODE_VERIFIER);
+		response.cookies.delete(COOKIE_NAMES.STATE);
+		response.cookies.delete(COOKIE_NAMES.NONCE);
+		return response;
+	};
+	const handleLogout = async (request) => {
+		log("Handling logout");
+		const baseUrl = getBaseUrl(request);
+		const postLogoutRedirectUri = `${baseUrl}${afterLogoutUrl}`;
+		const result = getClient().auth.getLogoutUrl(postLogoutRedirectUri);
+		if (!isOk(result)) {
+			logError("Failed to generate logout URL", result.error);
+			const response$1 = NextResponse.redirect(`${baseUrl}${afterLogoutUrl}`);
+			response$1.cookies.delete(COOKIE_NAMES.ACCESS_TOKEN);
+			response$1.cookies.delete(COOKIE_NAMES.REFRESH_TOKEN);
+			return response$1;
+		}
+		const response = NextResponse.redirect(result.data);
+		response.cookies.delete(COOKIE_NAMES.ACCESS_TOKEN);
+		response.cookies.delete(COOKIE_NAMES.REFRESH_TOKEN);
+		response.cookies.delete(COOKIE_NAMES.CODE_VERIFIER);
+		response.cookies.delete(COOKIE_NAMES.STATE);
+		response.cookies.delete(COOKIE_NAMES.NONCE);
+		return response;
+	};
+	const handleMe = async () => {
+		log("Getting current user");
+		const accessToken = (await getCookieStore()).get(COOKIE_NAMES.ACCESS_TOKEN)?.value;
+		if (!accessToken) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+		const userinfo = await fetchUserinfo(authazDomain, accessToken, apiKey);
+		if (!userinfo) {
+			logError("Failed to fetch userinfo");
+			return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+		}
+		const user = mapUserinfoToUser(userinfo);
+		return NextResponse.json({
+			authenticated: true,
+			user
+		});
+	};
+	const handleRefresh = async (request) => {
+		log("Handling token refresh");
+		const refreshToken = (await getCookieStore()).get(COOKIE_NAMES.REFRESH_TOKEN)?.value;
+		if (!refreshToken) return NextResponse.json({ error: "No refresh token" }, { status: 401 });
+		const result = await getClient().auth.refreshTokens(refreshToken);
+		if (!isOk(result)) {
+			logError("Token refresh failed", result.error);
+			const response$1 = NextResponse.json({ error: "Refresh failed" }, { status: 401 });
+			response$1.cookies.delete(COOKIE_NAMES.ACCESS_TOKEN);
+			response$1.cookies.delete(COOKIE_NAMES.REFRESH_TOKEN);
+			return response$1;
+		}
+		const tokens = result.data;
+		log("Token refresh successful");
+		const response = NextResponse.json({ success: true });
+		const isHttps = isRequestHttps(request);
+		const accessTokenOptions = toNextCookieOptions(getSecureCookieOptions(tokens.expiresIn || 3600, isHttps));
+		const refreshTokenOptions = toNextCookieOptions(getSecureCookieOptions(3600 * 24 * 30, isHttps));
+		response.cookies.set(COOKIE_NAMES.ACCESS_TOKEN, tokens.accessToken, accessTokenOptions);
+		if (tokens.refreshToken) response.cookies.set(COOKIE_NAMES.REFRESH_TOKEN, tokens.refreshToken, refreshTokenOptions);
+		return response;
+	};
+	const GET = async (request) => {
+		const action = getAction(request);
+		switch (action) {
+			case "login": return handleLogin(request);
+			case "me": return handleMe();
+			case "callback":
+			case "logout":
+			case "refresh": return NextResponse.json({ error: "Method not allowed. Use POST." }, { status: 405 });
+			default: return NextResponse.json({ error: `Unknown action: ${action}` }, { status: 404 });
+		}
+	};
+	const POST = async (request) => {
+		const action = getAction(request);
+		switch (action) {
+			case "callback": return handleCallback(request);
+			case "logout": return handleLogout(request);
+			case "refresh": return handleRefresh(request);
+			case "login":
+			case "me": return NextResponse.json({ error: "Method not allowed. Use GET." }, { status: 405 });
+			default: return NextResponse.json({ error: `Unknown action: ${action}` }, { status: 404 });
+		}
 	};
 	return {
-		getUserSession: getUserSession(args),
-		sdk
+		GET,
+		POST
+	};
+};
+/**
+* Gets the current access token from cookies.
+*/
+const getAccessToken = async () => {
+	return (await getCookieStore()).get(COOKIE_NAMES.ACCESS_TOKEN)?.value || null;
+};
+/**
+* Gets the current refresh token from cookies.
+*/
+const getRefreshToken = async () => {
+	return (await getCookieStore()).get(COOKIE_NAMES.REFRESH_TOKEN)?.value || null;
+};
+/**
+* Checks if the user is authenticated (has an access token).
+*/
+const isAuthenticated = async () => {
+	return await getAccessToken() !== null;
+};
+/**
+* Creates helper functions that require the authazDomain for API calls.
+*/
+const createAuthazHelpers = (config) => {
+	const authazDomain = config.authazDomain || "https://authaz.com";
+	const apiKey = config.apiKey || config.clientSecret;
+	const getUser = async () => {
+		const accessToken = (await getCookieStore()).get(COOKIE_NAMES.ACCESS_TOKEN)?.value;
+		if (!accessToken) return null;
+		const userinfo = await fetchUserinfo(authazDomain, accessToken, apiKey);
+		if (!userinfo) return null;
+		return mapUserinfoToUser(userinfo);
+	};
+	return { getUser };
+};
+/**
+* Creates middleware config for protecting routes in Next.js middleware.ts
+*
+* @example
+* ```typescript
+* // middleware.ts
+* import { createAuthMiddleware } from '@authaz/next';
+*
+* export const middleware = createAuthMiddleware({
+*   publicPaths: ['/', '/login', '/api/auth'],
+*   loginPath: '/api/auth/login',
+* });
+*
+* export const config = {
+*   matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
+* };
+* ```
+*/
+const createAuthMiddleware = (options) => {
+	const publicPaths = options.publicPaths || [];
+	const loginPath = options.loginPath || "/api/auth/login";
+	const isPublicPath = (pathname) => {
+		return publicPaths.some((pattern) => {
+			if (pattern.endsWith("*")) return pathname.startsWith(pattern.slice(0, -1));
+			return pathname === pattern;
+		});
+	};
+	return async (request) => {
+		const pathname = request.nextUrl.pathname;
+		if (isPublicPath(pathname)) return NextResponse.next();
+		if (!request.cookies.get(COOKIE_NAMES.ACCESS_TOKEN)?.value) {
+			const loginUrl = new URL(loginPath, request.url);
+			loginUrl.searchParams.set("returnTo", pathname);
+			return NextResponse.redirect(loginUrl);
+		}
+		return NextResponse.next();
+	};
+};
+/**
+* Wrapper for API route handlers that require authentication.
+* Returns 401 if not authenticated.
+*
+* @example
+* ```typescript
+* // app/api/protected/route.ts
+* import { withAuth } from '@authaz/next';
+*
+* export const GET = withAuth(async (request) => {
+*   // User is authenticated
+*   return Response.json({ message: 'Protected data' });
+* });
+* ```
+*/
+const withAuth = (handler) => {
+	return async (request) => {
+		if (!request.cookies.get(COOKIE_NAMES.ACCESS_TOKEN)?.value) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+		return handler(request);
+	};
+};
+/**
+* Server Component helper that throws redirect if not authenticated.
+* Use in Server Components to protect pages.
+*
+* @example
+* ```typescript
+* // app/dashboard/page.tsx
+* import { requireAuth } from '@authaz/next';
+*
+* export default async function DashboardPage() {
+*   await requireAuth(); // Redirects to login if not authenticated
+*
+*   return <div>Dashboard</div>;
+* }
+* ```
+*/
+const requireAuth = async (loginPath = "/api/auth/login") => {
+	const navigation = await import("next/navigation");
+	if (!await getAccessToken()) navigation.redirect(loginPath);
+};
+/**
+* Server Component helper that returns user or redirects if not authenticated.
+*
+* @example
+* ```typescript
+* // app/profile/page.tsx
+* import { requireUser } from '@authaz/next';
+*
+* const helpers = requireUser({
+*   authazDomain: 'https://authaz.com',
+*   apiKey: process.env.AUTHAZ_API_KEY!,
+* });
+*
+* export default async function ProfilePage() {
+*   const user = await helpers.getOrRedirect();
+*   return <div>Hello {user.name}</div>;
+* }
+* ```
+*/
+const requireUser = (config) => {
+	const authazDomain = config.authazDomain || "https://authaz.com";
+	const apiKey = config.apiKey || config.clientSecret;
+	const loginPath = config.loginPath || "/api/auth/login";
+	const getOrRedirect = async () => {
+		const navigation = await import("next/navigation");
+		const accessToken = (await getCookieStore()).get(COOKIE_NAMES.ACCESS_TOKEN)?.value;
+		if (!accessToken) navigation.redirect(loginPath);
+		const userinfo = await fetchUserinfo(authazDomain, accessToken, apiKey);
+		if (!userinfo) navigation.redirect(loginPath);
+		return mapUserinfoToUser(userinfo);
 	};
+	return { getOrRedirect };
 };
 
 //#endregion
-export { authazNext };
+export { AuthazError, createAuthMiddleware, createAuthazHandler, createAuthazHelpers, getAccessToken, getRefreshToken, isAuthenticated, requireAuth, requireUser, withAuth };

package/package.json

@@ -1,52 +1,68 @@
 {
-    "author": "@authaz",
-    "name": "@authaz/next",
-    "version": "0.0.1",
-    "type": "module",
-    "description": "NextJS authaz SDK",
-    "license": "MIT",
-    "main": "dist/index.js",
-    "module": "dist/index.js",
-    "types": "dist/index.d.ts",
-    "exports": {
-        "./*": "./dist/*",
-        "./src/*": "./src/*",
-        ".": {
-            "import": "./dist/index.js",
-            "require": "./dist/index.js",
-            "types": "./dist/index.d.ts",
-            "development": "./src/index.ts"
-        }
+  "author": "@authaz",
+  "name": "@authaz/next",
+  "version": "1.0.1",
+  "type": "module",
+  "description": "NextJS authaz SDK",
+  "license": "MIT",
+  "main": "dist/index.js",
+  "module": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
     },
-    "repository": {
-        "type": "git",
-        "url": "git+https://github.com/Authaz/authaz-sdk-js.git"
-    },
-    "scripts": {
-        "build": "tsdown",
-        "prepare": "npm run build",
-        "release:patch": "pnpm version patch && git push origin main --follow-tags",
-        "release:minor": "pnpm version minor && git push origin main --follow-tags",
-        "release:major": "pnpm version major && git push origin main --follow-tags",
-        "release": "pnpm build && pnpm run release:patch"
-    },
-    "keywords": [
-        "auth",
-        "authentication",
-        "authaz",
-        "sdk",
-        "react",
-        "nextjs",
-        "next"
-    ],
-    "peerDependencies": {
-        "react": ">=17",
-        "next": ">=15",
-        "@authaz/sdk": "workspace:*"
-    },
-    "devDependencies": {
-        "@types/node": "24.10.0",
-        "tsdown": "0.15.12",
-        "typescript": "5.9.3"
-    }
-}
+    "./*": "./dist/*"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Authaz/authaz-sdk-js.git"
+  },
+  "keywords": [
+    "auth",
+    "authentication",
+    "authaz",
+    "sdk",
+    "react",
+    "nextjs",
+    "next"
+  ],
+  "peerDependencies": {
+    "next": ">=15",
+    "react": ">=17",
+    "@authaz/sdk": "^1.2.1"
+  },
+  "devDependencies": {
+    "@jest/globals": "30.2.0",
+    "@types/jest": "30.0.0",
+    "@types/node": "24.10.0",
+    "@types/react": "19.2.10",
+    "@types/react-dom": "19.2.3",
+    "jest": "30.2.0",
+    "next": "^15.5.11",
+    "react": "19.2.4",
+    "react-dom": "19.2.4",
+    "ts-jest": "29.4.5",
+    "tsdown": "0.15.12",
+    "typescript": "5.9.3"
+  },
+  "scripts": {
+    "build": "tsdown",
+    "test": "jest --config jest.config.cjs",
+    "test:watch": "jest --config jest.config.cjs --watch",
+    "test:coverage": "jest --config jest.config.cjs --coverage",
+    "release:patch": "pnpm version patch && git push origin main --follow-tags",
+    "release:minor": "pnpm version minor && git push origin main --follow-tags",
+    "release:major": "pnpm version major && git push origin main --follow-tags",
+    "release": "pnpm build && pnpm run release:patch"
+  }
+}

package/CHANGELOG.md

@@ -1,64 +0,0 @@
-# Changelog
-
-Todas as mudanças notáveis deste projeto serão documentadas neste arquivo.
-
-## [1.1.0] - 2024-01-XX
-
-### ✨ Adicionado
-- **Nova API de Configuração**: Introduzida configuração baseada em objeto para melhor organização
-- **Validação de Configuração**: Validação automática de campos obrigatórios
-- **Status Específicos**: Cada fluxo agora tem status específicos para diferentes cenários
-- **Arquivo de Configuração**: Novo módulo `config.ts` para centralizar configurações
-
-### 🔧 Melhorado
-- **Nomenclatura Padronizada**: 
-  - `SignupConfigureMfa` → `signupConfigureMfa`
-  - `SignupVerifyMfa` → `signupVerifyMfa`
-  - `acessTokenMfa` → `accessTokenMfa`
-- **Estrutura de Respostas**: Status específicos para cada tipo de operação com cenários detalhados
-- **Tipos de Usuário**: Unificação dos tipos de usuário com interface base `User`
-- **URLs Dinâmicas**: Remoção de URLs hardcoded, agora configuráveis
-
-### 🏗️ Refatorado
-- **Construtor da ApiService**: Suporte para objeto de configuração + compatibilidade legacy
-- **Tipos de Token**: Melhor organização e reutilização de tipos de token
-- **Tipos de Erro**: Padronização de tipos de erro comuns
-
-### 📚 Documentação
-- **README Atualizado**: Exemplos de configuração moderna e legacy
-- **Tipos Documentados**: Melhor documentação dos tipos disponíveis
-- **Exemplos de Uso**: Adicionados exemplos com nova API de configuração
-
-### ⚡ Compatibilidade
-- **Backward Compatible**: Mantida compatibilidade com API legacy
-- **Migração Suave**: Possibilidade de migrar gradualmente para nova API
-
-## Exemplo de Migração
-
-### Antes (Legacy)
-```typescript
-const client = new ApiService(
-  'https://api.authaz.com',
-  'client-id',
-  'client-secret',
-  'auth-pool-id',
-  'org-id',
-  'redirect-uri'
-)
-```
-
-### Depois (Moderno)
-```typescript
-const client = new ApiService({
-  baseUrl: 'https://api.authaz.com',
-  clientId: 'client-id',
-  clientSecret: 'client-secret',
-  authPoolId: 'auth-pool-id',
-  organizationId: 'org-id',
-  redirectUri: 'redirect-uri'
-})
-```
-
-## Breaking Changes
-
-Nenhuma breaking change nesta versão. Todas as mudanças mantêm compatibilidade com versões anteriores.