@authly/sdk 1.1.1 → 1.2.0

package/dist/models/globals/clients/interfaces/ITokenResponse.d.ts

@@ -0,0 +1,29 @@
+/**
+ * @summary Interface for the token response.
+ */
+export interface ITokenResponse {
+    /**
+     * @summary The access token.
+     */
+    access_token: string;
+    /**
+     * @summary The token type.
+     */
+    token_type: string;
+    /**
+     * @summary The expiration time in seconds.
+     */
+    expires_in: number;
+    /**
+     * @summary The refresh token.
+     */
+    refresh_token?: string;
+    /**
+     * @summary The ID token.
+     */
+    id_token?: string;
+    /**
+     * @summary The scope of the token.
+     */
+    scope?: string;
+}

package/dist/models/globals/clients/interfaces/ITokenResponse.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/models/globals/clients/interfaces/IUserProfile.d.ts

@@ -0,0 +1,42 @@
+/**
+ * @summary Represents the user profile information returned by Authly.
+ */
+export interface IUserProfile {
+    /**
+     * @summary The unique identifier for the user.
+     */
+    sub: string;
+    /**
+     * @summary The user's email address.
+     */
+    email?: string;
+    /**
+     * @summary Whether the user's email address has been verified.
+     */
+    email_verified?: boolean;
+    /**
+     * @summary The user's full name.
+     */
+    name?: string;
+    /**
+     * @summary The user's given (first) name.
+     */
+    given_name?: string;
+    /**
+     * @summary The user's family (last) name.
+     */
+    family_name?: string;
+    /**
+     * @summary The user's preferred username.
+     */
+    preferred_username?: string;
+    /**
+     * @summary The user's permissions in Authly.
+     * @description A record where keys are resource names and values are bitmask integers.
+     */
+    permissions?: Record<string, number>;
+    /**
+     * @summary Additional custom claims.
+     */
+    [key: string]: unknown;
+}

package/dist/models/globals/clients/interfaces/IUserProfile.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/models/globals/clients/internal/interfaces/IJWTVerifierOptions.d.ts

@@ -0,0 +1,33 @@
+import type { JWTVerifyGetKey } from "jose";
+/**
+ * @summary Options for the JWTVerifier class.
+ */
+interface IJWTVerifierOptions {
+    /**
+     * @summary The issuer of the token.
+     * @example "https://auth.example.com"
+     */
+    readonly issuer: string;
+    /**
+     * @summary The audience of the token.
+     * @example "https://app.example.com"
+     */
+    readonly audience: string;
+    /**
+     * @summary The URL of the JWKS endpoint.
+     * @example "https://auth.example.com/.well-known/jwks.json"
+     */
+    readonly jwksUrl: string;
+    /**
+     * @summary The algorithms to use for the token.
+     * @example ["RS256", "ES256"]
+     * @default ["RS256"]
+     */
+    readonly algorithms?: string[];
+    /**
+     * @summary The JWKS to use for the token.
+     * @example async () => publicKey
+     */
+    readonly jwks?: JWTVerifyGetKey;
+}
+export type { IJWTVerifierOptions };

package/dist/models/globals/clients/internal/interfaces/IJWTVerifierOptions.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/react/AuthlyCallback.d.ts

@@ -0,0 +1,20 @@
+import React from "react";
+interface AuthlyCallbackProps {
+    /**
+     * @summary The URL to redirect to after successful login.
+     * @default "/"
+     */
+    onSuccess?: string;
+    /**
+     * @summary The URL to redirect to after failed login.
+     * @default "/login"
+     */
+    onFailure?: string;
+    /**
+     * @summary Optional custom navigation function (e.g. router.push from Next.js or navigate from React Router).
+     * @description If not provided, window.location.href will be used.
+     */
+    navigate?: (path: string) => void;
+}
+export declare const AuthlyCallback: React.FC<AuthlyCallbackProps>;
+export {};

package/dist/react/AuthlyCallback.js

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthlyCallback = void 0;
+const jsx_runtime_1 = require("react/jsx-runtime");
+const react_1 = require("react");
+const AuthlyContext_1 = require("./AuthlyContext");
+const AuthlyCallback = ({ onSuccess = "/", onFailure = "/login", navigate }) => {
+    const { client, refresh } = (0, AuthlyContext_1.useAuthly)();
+    const processedRef = (0, react_1.useRef)(false);
+    (0, react_1.useEffect)(() => {
+        const handleCallback = async () => {
+            if (processedRef.current)
+                return;
+            processedRef.current = true;
+            const params = new URLSearchParams(window.location.search);
+            const code = params.get("code");
+            const state = params.get("state");
+            if (!code || !state) {
+                return;
+            }
+            try {
+                await client.exchangeToken(params);
+                await refresh();
+                if (navigate) {
+                    navigate(onSuccess);
+                }
+                else {
+                    window.location.href = onSuccess;
+                }
+            }
+            catch (error) {
+                console.error("Authly callback failed:", error);
+                if (navigate) {
+                    navigate(onFailure);
+                }
+                else {
+                    window.location.href = onFailure;
+                }
+            }
+        };
+        handleCallback();
+    }, [client, onSuccess, onFailure, navigate, refresh]);
+    return ((0, jsx_runtime_1.jsx)("div", { style: { display: "flex", justifyContent: "center", alignItems: "center", height: "100vh" }, children: (0, jsx_runtime_1.jsx)("p", { children: "Authenticating..." }) }));
+};
+exports.AuthlyCallback = AuthlyCallback;

package/dist/react/AuthlyContext.d.ts

@@ -0,0 +1,16 @@
+import type { AuthlyClient } from "../globals/clients/AuthlyClient";
+import type { IUserProfile } from "../models/globals/clients/interfaces/IUserProfile";
+export interface IAuthlyContext {
+    isAuthenticated: boolean;
+    isLoading: boolean;
+    user: IUserProfile | null;
+    login: (options?: Parameters<AuthlyClient["authorize"]>[0]) => Promise<void>;
+    logout: () => Promise<void>;
+    /**
+     * @summary Manually refresh the session state (e.g. after callback).
+     */
+    refresh: () => Promise<void>;
+    client: AuthlyClient;
+}
+export declare const AuthlyContext: import("react").Context<IAuthlyContext | undefined>;
+export declare const useAuthly: () => IAuthlyContext;

package/dist/react/AuthlyContext.js

@@ -0,0 +1,14 @@
+"use strict";
+"use client";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.useAuthly = exports.AuthlyContext = void 0;
+const react_1 = require("react");
+exports.AuthlyContext = (0, react_1.createContext)(undefined);
+const useAuthly = () => {
+    const context = (0, react_1.useContext)(exports.AuthlyContext);
+    if (!context) {
+        throw new Error("useAuthly must be used within an AuthlyProvider");
+    }
+    return context;
+};
+exports.useAuthly = useAuthly;

package/dist/react/AuthlyProvider.d.ts

@@ -0,0 +1,8 @@
+import React, { ReactNode } from "react";
+import type { AuthlyClient } from "../globals/clients/AuthlyClient";
+interface AuthlyProviderProps {
+    client: AuthlyClient;
+    children: ReactNode;
+}
+export declare const AuthlyProvider: React.FC<AuthlyProviderProps>;
+export {};

package/dist/react/AuthlyProvider.js

@@ -0,0 +1,54 @@
+"use strict";
+"use client";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthlyProvider = void 0;
+const jsx_runtime_1 = require("react/jsx-runtime");
+const react_1 = require("react");
+const AuthlyContext_1 = require("./AuthlyContext");
+const AuthlyProvider = ({ client, children }) => {
+    const [isAuthenticated, setIsAuthenticated] = (0, react_1.useState)(false);
+    const [isLoading, setIsLoading] = (0, react_1.useState)(true);
+    const [user, setUser] = (0, react_1.useState)(null);
+    const checkSession = (0, react_1.useCallback)(async () => {
+        try {
+            const authenticated = await client.isAuthenticated();
+            setIsAuthenticated(authenticated);
+            if (authenticated) {
+                const profile = await client.getUser();
+                setUser(profile);
+                if (!profile) {
+                    setIsAuthenticated(false);
+                }
+            }
+            else {
+                setUser(null);
+            }
+        }
+        catch (error) {
+            console.error("Authly session check failed:", error);
+            setIsAuthenticated(false);
+            setUser(null);
+        }
+        finally {
+            setIsLoading(false);
+        }
+    }, [client]);
+    (0, react_1.useEffect)(() => {
+        checkSession();
+    }, [checkSession]);
+    const login = (0, react_1.useCallback)(async (options) => {
+        const url = await client.authorize(options);
+        if (typeof window !== "undefined") {
+            window.location.href = url;
+        }
+    }, [client]);
+    const logout = (0, react_1.useCallback)(async () => {
+        await client.logout();
+        setIsAuthenticated(false);
+        setUser(null);
+        if (typeof window !== "undefined") {
+        }
+    }, [client]);
+    return ((0, jsx_runtime_1.jsx)(AuthlyContext_1.AuthlyContext.Provider, { value: { isAuthenticated, isLoading, user, login, logout, refresh: checkSession, client }, children: children }));
+};
+exports.AuthlyProvider = AuthlyProvider;

package/dist/react/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./AuthlyContext";
+export * from "./AuthlyProvider";
+export * from "./AuthlyCallback";

package/dist/react/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./AuthlyContext"), exports);
+__exportStar(require("./AuthlyProvider"), exports);
+__exportStar(require("./AuthlyCallback"), exports);

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@authly/sdk",
     "description": "A library for building authentication systems using Authly.",
-    "version": "1.1.1",
+    "version": "1.2.0",
     "author": {
         "name": "Anvoria",
         "url": "https://github.com/Anvoria"
@@ -27,6 +27,16 @@
     },
     "main": "dist/index.js",
     "types": "dist/index.d.ts",
+    "exports": {
+        ".": {
+            "types": "./dist/index.d.ts",
+            "default": "./dist/index.js"
+        },
+        "./react": {
+            "types": "./dist/react/index.d.ts",
+            "default": "./dist/react/index.js"
+        }
+    },
     "files": [
         "dist"
     ],
@@ -57,18 +67,31 @@
         "@eslint/json": "^0.14.0",
         "@eslint/markdown": "^7.5.1",
         "@types/bun": "^1.3.4",
-        "@types/node": "^25.0.3",
+        "@types/node": "^25.0.9",
+        "@types/react": "^19.2.8",
         "eslint": "^9.39.2",
-        "globals": "^16.5.0",
+        "globals": "^17.0.0",
         "husky": "^9.1.7",
         "jiti": "^2.6.1",
         "lint-staged": "^16.2.7",
         "prettier": "^3.7.4",
+        "react-dom": "^19.2.3",
         "tsx": "^4.21.0",
         "typescript": "^5.9.3",
         "typescript-eslint": "^8.50.0"
     },
     "dependencies": {
         "jose": "^6.1.3"
+    },
+    "peerDependencies": {
+        "react": ""
+    },
+    "peerDependenciesMeta": {
+        "react": {
+            "optional": true
+        },
+        "next": {
+            "optional": true
+        }
     }
-}
+}

package/dist/config.d.ts

@@ -1,3 +0,0 @@
-export declare const DEFAULT_JWKS_PATH = "/.well-known/jwks.json";
-export declare const DEFAULT_AUTHORIZE_PATH = "/authorize";
-export declare const DEFAULT_ALGORITHMS: string[];

package/dist/config.js

@@ -1,6 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DEFAULT_ALGORITHMS = exports.DEFAULT_AUTHORIZE_PATH = exports.DEFAULT_JWKS_PATH = void 0;
-exports.DEFAULT_JWKS_PATH = "/.well-known/jwks.json";
-exports.DEFAULT_AUTHORIZE_PATH = "/authorize";
-exports.DEFAULT_ALGORITHMS = ["RS256"];

package/dist/exceptions/index.d.ts

@@ -1,27 +0,0 @@
-/**
- * Base exception for all Authly errors.
- */
-export declare class AuthlyError extends Error {
-    constructor(message: string);
-}
-/**
- * Base exception for all token errors.
- */
-export declare class TokenError extends AuthlyError {
-    constructor(message: string);
-}
-/**
- * Exception raised when a token is invalid:
- * - bad signature
- * - bad format
- * - bad iss / aud
- */
-export declare class TokenInvalidError extends TokenError {
-    constructor(message: string);
-}
-/**
- * Exception raised when a token is expired.
- */
-export declare class TokenExpiredError extends TokenError {
-    constructor(message: string);
-}

package/dist/exceptions/index.js

@@ -1,46 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TokenExpiredError = exports.TokenInvalidError = exports.TokenError = exports.AuthlyError = void 0;
-/**
- * Base exception for all Authly errors.
- */
-class AuthlyError extends Error {
-    constructor(message) {
-        super(message);
-        this.name = "AuthlyError";
-    }
-}
-exports.AuthlyError = AuthlyError;
-/**
- * Base exception for all token errors.
- */
-class TokenError extends AuthlyError {
-    constructor(message) {
-        super(message);
-        this.name = "TokenError";
-    }
-}
-exports.TokenError = TokenError;
-/**
- * Exception raised when a token is invalid:
- * - bad signature
- * - bad format
- * - bad iss / aud
- */
-class TokenInvalidError extends TokenError {
-    constructor(message) {
-        super(message);
-        this.name = "TokenInvalidError";
-    }
-}
-exports.TokenInvalidError = TokenInvalidError;
-/**
- * Exception raised when a token is expired.
- */
-class TokenExpiredError extends TokenError {
-    constructor(message) {
-        super(message);
-        this.name = "TokenExpiredError";
-    }
-}
-exports.TokenExpiredError = TokenExpiredError;

package/dist/globals/clients/internal/JWTVerifier.d.ts

@@ -1,26 +0,0 @@
-import type { JWTVerifyGetKey } from "jose";
-import type { Claims } from "../../../models/Claims";
-/**
- * Internal class for verifying JWT tokens using jose.
- */
-export declare class JWTVerifier {
-    private readonly issuer;
-    private readonly audience;
-    private readonly algorithms;
-    private readonly JWKS;
-    constructor(params: {
-        issuer: string;
-        audience: string;
-        jwksUrl: string;
-        algorithms?: string[];
-        jwks?: JWTVerifyGetKey;
-    });
-    /**
-     * Verify the JWT token and return its claims.
-     * @param token - The encoded JWT token string.
-     * @returns The decoded claims from the token.
-     * @throws {TokenExpiredError} If the token's exp claim is in the past.
-     * @throws {TokenInvalidError} If the token is otherwise invalid.
-     */
-    verify(token: string): Promise<Claims>;
-}

package/dist/globals/clients/internal/JWTVerifier.js

@@ -1,55 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.JWTVerifier = void 0;
-const jose_1 = require("jose");
-const config_1 = require("../../../config");
-const exceptions_1 = require("../../../exceptions");
-/**
- * Internal class for verifying JWT tokens using jose.
- */
-class JWTVerifier {
-    issuer;
-    audience;
-    algorithms;
-    JWKS;
-    constructor(params) {
-        this.issuer = params.issuer;
-        this.audience = params.audience;
-        this.algorithms = params.algorithms || config_1.DEFAULT_ALGORITHMS;
-        this.JWKS = params.jwks || (0, jose_1.createRemoteJWKSet)(new URL(params.jwksUrl));
-    }
-    /**
-     * Verify the JWT token and return its claims.
-     * @param token - The encoded JWT token string.
-     * @returns The decoded claims from the token.
-     * @throws {TokenExpiredError} If the token's exp claim is in the past.
-     * @throws {TokenInvalidError} If the token is otherwise invalid.
-     */
-    async verify(token) {
-        try {
-            const options = {
-                issuer: this.issuer,
-                audience: this.audience,
-                algorithms: this.algorithms,
-            };
-            const { payload } = await (0, jose_1.jwtVerify)(token, this.JWKS, options);
-            return payload;
-        }
-        catch (error) {
-            if (error instanceof Error) {
-                const code = error.code;
-                if (code === "ERR_JWT_EXPIRED") {
-                    throw new exceptions_1.TokenExpiredError("Token has expired");
-                }
-                if (code === "ERR_JWT_CLAIM_VALIDATION_FAILED" ||
-                    code === "ERR_JWS_SIGNATURE_VERIFICATION_FAILED" ||
-                    code === "ERR_JWS_INVALID" ||
-                    code === "ERR_JWT_INVALID") {
-                    throw new exceptions_1.TokenInvalidError(error.message || "Token validation failed");
-                }
-            }
-            throw new exceptions_1.TokenInvalidError("Invalid token");
-        }
-    }
-}
-exports.JWTVerifier = JWTVerifier;

package/dist/models/Claims.d.ts

@@ -1,48 +0,0 @@
-/**
- * Decoded JWT claims found in an Authly token.
- *
- * This interface contains both standard OIDC claims and Authly-specific claims
- * like session ID (sid) and permissions.
- */
-export interface Claims {
-    /**
-     * Subject identifier - the unique ID of the user.
-     */
-    sub: string;
-    /**
-     * Issuer identifier - the URL of the identity provider.
-     */
-    iss: string;
-    /**
-     * Audience(s) for which the token is intended.
-     */
-    aud: string | string[];
-    /**
-     * Expiration time (Unix timestamp).
-     */
-    exp: number;
-    /**
-     * Issued at time (Unix timestamp).
-     */
-    iat: number;
-    /**
-     * Session ID identifier.
-     */
-    sid: string;
-    /**
-     * Dictionary of permissions granted to the user, where keys are resource names and values are permission levels.
-     */
-    permissions: Record<string, number>;
-    /**
-     * Permission version.
-     */
-    pver?: number;
-    /**
-     * Space-separated list of scopes.
-     */
-    scope?: string;
-    /**
-     * Allow additional claims.
-     */
-    [key: string]: unknown;
-}