@blimu/react 0.6.0

package/dist/client/auth.service.d.ts

@@ -0,0 +1,50 @@
+import { Blimu } from '@blimu/client';
+import type { AuthState, User } from '../types';
+import { ExternalStore } from './external-store';
+export declare const SESSION_COOKIE_NAME = "__bli_session";
+export declare const LOCALHOST_JWT_URL_PARAM_NAME = "__lh_jwt";
+export declare const LOCALHOST_JWT_COOKIE_NAME = "__lh_jwt";
+export declare const SESSION_EXPIRATION_BUFFER = 10;
+/**
+ * Check if a JWT expiration time (in seconds) is expired or will expire within the buffer
+ * @param expiration - JWT exp claim in seconds (Unix timestamp)
+ * @param buffer - Buffer time in seconds before expiration to consider it expired
+ * @returns true if expired or will expire within buffer
+ */
+export declare const isExpiredIn: (expiration: number, buffer: number) => boolean;
+export declare class AuthSessionService {
+    private readonly isLive;
+    private readonly client;
+    private readonly store;
+    private pendingRefresher;
+    private refreshPromise;
+    private refreshingSignals;
+    private refreshingSignalAbortController;
+    private localClient;
+    constructor(isLive: boolean, client: Blimu, store: ExternalStore<AuthState>, baseURL: string, publishableKey: string);
+    /**
+     * Set cookie with appropriate security settings based on environment
+     */
+    private setCookie;
+    getSessionPayload(): {
+        sub: string;
+        environmentId: string;
+        type: string;
+        iat: number;
+        exp: number;
+    } | null;
+    getSessionToken(): Promise<string | undefined>;
+    handleRequestError(error: unknown): Promise<{
+        error: string;
+        user: null;
+    }>;
+    initialize({ signal }?: {
+        signal?: AbortSignal;
+    }): Promise<{
+        error: string | null;
+        user: User | null;
+    }>;
+    scheduleRefresh(): () => void;
+    private refreshSession;
+}
+//# sourceMappingURL=auth.service.d.ts.map

package/dist/client/auth.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/client/auth.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAc,MAAM,eAAe,CAAC;AAKlD,OAAO,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,eAAO,MAAM,mBAAmB,kBAAkB,CAAC;AACnD,eAAO,MAAM,4BAA4B,aAAa,CAAC;AACvD,eAAO,MAAM,yBAAyB,aAAa,CAAC;AACpD,eAAO,MAAM,yBAAyB,KAAK,CAAC;AAyC5C;;;;;GAKG;AACH,eAAO,MAAM,WAAW,GAAI,YAAY,MAAM,EAAE,QAAQ,MAAM,KAAG,OAGhE,CAAC;AAEF,qBAAa,kBAAkB;IAS3B,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,KAAK;IAVxB,OAAO,CAAC,gBAAgB,CAA6B;IACrD,OAAO,CAAC,cAAc,CAAyE;IAC/F,OAAO,CAAC,iBAAiB,CAA+B;IACxD,OAAO,CAAC,+BAA+B,CAAgC;IAEvE,OAAO,CAAC,WAAW,CAAQ;gBAGR,MAAM,EAAE,OAAO,EACf,MAAM,EAAE,KAAK,EACb,KAAK,EAAE,aAAa,CAAC,SAAS,CAAC,EAChD,OAAO,EAAE,MAAM,EACf,cAAc,EAAE,MAAM;IAUxB;;OAEG;IACH,OAAO,CAAC,SAAS;IAcjB,iBAAiB,IAAI;QACnB,GAAG,EAAE,MAAM,CAAC;QACZ,aAAa,EAAE,MAAM,CAAC;QACtB,IAAI,EAAE,MAAM,CAAC;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;KACb,GAAG,IAAI;IAkBF,eAAe,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAuB9C,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,IAAI,CAAA;KAAE,CAAC;IA8B1E,UAAU,CAAC,EAAE,MAAM,EAAE,GAAE;QAAE,MAAM,CAAC,EAAE,WAAW,CAAA;KAAO,GAAG,OAAO,CAAC;QACnE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;QACrB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;KACnB,CAAC;IAgDF,eAAe;YAwFD,cAAc;CA6D7B"}

package/dist/client/auth.service.js

@@ -0,0 +1,153 @@
+import { Blimu as _, BlimuError as A } from "@blimu/client";
+import o from "../node_modules/js-cookie/dist/js.cookie.js";
+import { jwtDecode as C } from "../node_modules/jwt-decode/build/esm/index.js";
+const h = "__bli_session", S = "__lh_jwt", u = "__lh_jwt", w = 10, m = 1e3, E = (t) => Math.floor(t * m), b = (t) => Math.floor(t / m), p = () => b(Date.now()), P = (t) => E(t), T = (t, e) => {
+  const s = P(t), r = E(e), n = Date.now();
+  return Math.max(s - r - n, 0);
+}, f = (t, e) => {
+  const s = p();
+  return t - e < s;
+};
+class v {
+  constructor(e, s, r, n, l) {
+    this.isLive = e, this.client = s, this.store = r, this.pendingRefresher = null, this.refreshPromise = null, this.refreshingSignals = /* @__PURE__ */ new Set(), this.refreshingSignalAbortController = null, this.localClient = new _({
+      baseURL: n,
+      credentials: "include",
+      headers: { "x-blimu-publishable-key": l }
+    }), this.handleRequestError = this.handleRequestError.bind(this);
+  }
+  /**
+   * Set cookie with appropriate security settings based on environment
+   */
+  setCookie(e, s, r = {}) {
+    const n = {
+      secure: this.isLive,
+      // true for live environments, false for localhost
+      sameSite: "lax",
+      path: "/"
+    };
+    r.maxAge !== void 0 && (n.expires = r.maxAge / (1440 * 60)), o.set(e, s, n);
+  }
+  getSessionPayload() {
+    const e = o.get(h);
+    return e ? C(e) : null;
+  }
+  async getSessionToken() {
+    const e = this.getSessionPayload();
+    if (e)
+      return this.refreshPromise ? (await this.refreshPromise, o.get(h)) : (f(e.exp, 0) && await this.refreshSession(), o.get(h));
+  }
+  async handleRequestError(e) {
+    return e instanceof A && [401, 500].includes(e.status) ? (o.remove(h), o.remove(u), {
+      error: e.message,
+      user: null
+    }) : e instanceof DOMException ? {
+      error: e.message,
+      user: null
+    } : e instanceof Error ? {
+      error: e.message,
+      user: null
+    } : {
+      error: "unknown error",
+      user: null
+    };
+  }
+  async initialize({ signal: e } = {}) {
+    const s = new URL(window.location.href), r = s.searchParams.get(S) ?? void 0;
+    if (r && (s.searchParams.delete(S), window.history.replaceState({}, "", s.toString())), r && this.setCookie(u, r, {
+      maxAge: 720 * 60 * 60
+      // 30 days
+    }), o.get(u) && !o.get(h)) {
+      const i = await this.refreshSession({ signal: e }).catch(this.handleRequestError);
+      if ("error" in i) return i;
+    }
+    const l = this.getSessionPayload();
+    if (!l)
+      return {
+        error: null,
+        user: null
+      };
+    if (f(l.exp, w)) {
+      const i = await this.refreshSession().catch(this.handleRequestError);
+      if ("error" in i) return i;
+    }
+    const a = await this.client.auth.getSession().catch(this.handleRequestError);
+    return "error" in a ? a : {
+      error: null,
+      user: a.user
+    };
+  }
+  scheduleRefresh() {
+    const e = new AbortController();
+    let s = !0, r = null;
+    const n = () => {
+      s = !0, this.pendingRefresher && (this.pendingRefresher(), this.pendingRefresher = null);
+    }, l = () => {
+      s = !1;
+    };
+    window.addEventListener("online", n), window.addEventListener("offline", l);
+    const a = () => {
+      r !== null && (window.clearTimeout(r), r = null);
+      const i = this.getSessionPayload();
+      if (!i || f(i.exp, 0)) return;
+      const d = T(i.exp, w);
+      if (d < 0)
+        return;
+      const g = async () => {
+        if (r = null, !s) {
+          this.pendingRefresher = g;
+          return;
+        }
+        const c = await this.refreshSession({ signal: e.signal });
+        if ("error" in c) {
+          if (c.error === "aborted")
+            return;
+          this.store.setState({
+            status: "error",
+            user: null,
+            error: c.error
+          });
+          return;
+        } else
+          a();
+      };
+      r = window.setTimeout(g, d);
+    };
+    return a(), () => {
+      r && window.clearTimeout(r), e.abort(), window.removeEventListener("online", n), window.removeEventListener("offline", l);
+    };
+  }
+  async refreshSession({ signal: e } = {}) {
+    if (e && (this.refreshingSignals.add(e), e.addEventListener("abort", () => {
+      this.refreshingSignals.delete(e), this.refreshingSignals.size === 0 && this.refreshingSignalAbortController?.abort();
+    })), this.refreshPromise)
+      return this.refreshPromise;
+    this.refreshingSignalAbortController = new AbortController(), this.refreshingSignalAbortController.signal.addEventListener("abort", () => {
+      this.refreshPromise = null, this.refreshingSignalAbortController = null, this.refreshingSignals.clear();
+    });
+    const s = o.get(u);
+    this.refreshPromise = this.localClient.auth.refresh(
+      { __lh_jwt: s },
+      {
+        signal: this.refreshingSignalAbortController.signal
+      }
+    ).then((r) => (r.sessionToken && this.setCookie(h, r.sessionToken, {
+      maxAge: 720 * 60 * 60
+      // 30 days
+    }), r)).catch(this.handleRequestError);
+    try {
+      return await this.refreshPromise;
+    } finally {
+      this.refreshPromise = null, this.refreshingSignalAbortController = null, this.refreshingSignals.clear();
+    }
+  }
+}
+export {
+  v as AuthSessionService,
+  u as LOCALHOST_JWT_COOKIE_NAME,
+  S as LOCALHOST_JWT_URL_PARAM_NAME,
+  h as SESSION_COOKIE_NAME,
+  w as SESSION_EXPIRATION_BUFFER,
+  f as isExpiredIn
+};
+//# sourceMappingURL=auth.service.js.map

package/dist/client/auth.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.service.js","sources":["../../src/client/auth.service.ts"],"sourcesContent":["import { Blimu, BlimuError } from '@blimu/client';\nimport type { RefreshResponse } from '@blimu/client/schema';\nimport Cookies from 'js-cookie';\nimport { jwtDecode } from 'jwt-decode';\n\nimport type { AuthState, User } from '../types';\nimport { ExternalStore } from './external-store';\n\nexport const SESSION_COOKIE_NAME = '__bli_session';\nexport const LOCALHOST_JWT_URL_PARAM_NAME = '__lh_jwt';\nexport const LOCALHOST_JWT_COOKIE_NAME = '__lh_jwt';\nexport const SESSION_EXPIRATION_BUFFER = 10;\n\n/**\n * Time conversion utilities\n * JWT tokens use seconds (Unix timestamp), JavaScript Date uses milliseconds\n */\nconst SECONDS_TO_MS = 1000;\n\n/**\n * Convert seconds to milliseconds\n */\nconst secondsToMilliseconds = (seconds: number): number => Math.floor(seconds * SECONDS_TO_MS);\n\n/**\n * Convert milliseconds to seconds\n */\nconst millisecondsToSeconds = (ms: number): number => Math.floor(ms / SECONDS_TO_MS);\n\n/**\n * Get current time in seconds (Unix timestamp)\n */\nconst nowInSeconds = (): number => millisecondsToSeconds(Date.now());\n\n/**\n * Convert JWT expiration time (seconds) to milliseconds\n */\nconst jwtExpToMilliseconds = (exp: number): number => secondsToMilliseconds(exp);\n\n/**\n * Calculate timeout delay in milliseconds for refreshing before expiration\n * @param expirationSeconds - JWT exp claim in seconds\n * @param bufferSeconds - Buffer time in seconds before expiration\n * @returns Timeout delay in milliseconds\n */\nconst calculateTimeoutDelay = (expirationSeconds: number, bufferSeconds: number): number => {\n  const expirationMS = jwtExpToMilliseconds(expirationSeconds);\n  const bufferMS = secondsToMilliseconds(bufferSeconds);\n  const nowMS = Date.now();\n  return Math.max(expirationMS - bufferMS - nowMS, 0);\n};\n\n/**\n * Check if a JWT expiration time (in seconds) is expired or will expire within the buffer\n * @param expiration - JWT exp claim in seconds (Unix timestamp)\n * @param buffer - Buffer time in seconds before expiration to consider it expired\n * @returns true if expired or will expire within buffer\n */\nexport const isExpiredIn = (expiration: number, buffer: number): boolean => {\n  const now = nowInSeconds();\n  return expiration - buffer < now;\n};\n\nexport class AuthSessionService {\n  private pendingRefresher: (() => void) | null = null;\n  private refreshPromise: Promise<RefreshResponse | { error: string; user: null }> | null = null;\n  private refreshingSignals: Set<AbortSignal> = new Set();\n  private refreshingSignalAbortController: AbortController | null = null;\n  // A local client that doesn't call getSessionToken() which calls refreshSession().\n  private localClient: Blimu;\n\n  constructor(\n    private readonly isLive: boolean,\n    private readonly client: Blimu,\n    private readonly store: ExternalStore<AuthState>,\n    baseURL: string,\n    publishableKey: string,\n  ) {\n    this.localClient = new Blimu({\n      baseURL,\n      credentials: 'include',\n      headers: { 'x-blimu-publishable-key': publishableKey },\n    });\n    this.handleRequestError = this.handleRequestError.bind(this);\n  }\n\n  /**\n   * Set cookie with appropriate security settings based on environment\n   */\n  private setCookie(name: string, value: string, options: { maxAge?: number } = {}): void {\n    const cookieOptions: Cookies.CookieAttributes = {\n      secure: this.isLive, // true for live environments, false for localhost\n      sameSite: 'lax',\n      path: '/',\n    };\n\n    if (options.maxAge !== undefined) {\n      cookieOptions.expires = options.maxAge / (24 * 60 * 60); // Convert seconds to days\n    }\n\n    Cookies.set(name, value, cookieOptions);\n  }\n\n  getSessionPayload(): {\n    sub: string;\n    environmentId: string;\n    type: string;\n    iat: number;\n    exp: number;\n  } | null {\n    const token = Cookies.get(SESSION_COOKIE_NAME);\n\n    if (!token) {\n      return null;\n    }\n\n    const decoded = jwtDecode<{\n      sub: string;\n      environmentId: string;\n      type: string;\n      iat: number;\n      exp: number;\n    }>(token);\n\n    return decoded;\n  }\n\n  async getSessionToken(): Promise<string | undefined> {\n    const sessionPayload = this.getSessionPayload();\n\n    if (!sessionPayload) {\n      return undefined;\n    }\n\n    // If a refresh is already in progress, wait for it to complete\n    // This prevents infinite recursion when refreshSession() calls client.auth.refresh()\n    // which triggers accessToken() which calls getSessionToken()\n    if (this.refreshPromise) {\n      await this.refreshPromise;\n      // After refresh completes, return the updated token from cookie\n      return Cookies.get(SESSION_COOKIE_NAME);\n    }\n\n    if (isExpiredIn(sessionPayload.exp, 0)) {\n      await this.refreshSession();\n    }\n\n    return Cookies.get(SESSION_COOKIE_NAME);\n  }\n\n  async handleRequestError(error: unknown): Promise<{ error: string; user: null }> {\n    if (error instanceof BlimuError && [401, 500].includes(error.status)) {\n      Cookies.remove(SESSION_COOKIE_NAME);\n      Cookies.remove(LOCALHOST_JWT_COOKIE_NAME);\n\n      return {\n        error: error.message,\n        user: null,\n      };\n    }\n\n    if (error instanceof DOMException)\n      return {\n        error: error.message,\n        user: null,\n      };\n\n    if (error instanceof Error) {\n      return {\n        error: error.message,\n        user: null,\n      };\n    }\n\n    return {\n      error: 'unknown error',\n      user: null,\n    };\n  }\n\n  async initialize({ signal }: { signal?: AbortSignal } = {}): Promise<{\n    error: string | null;\n    user: User | null;\n  }> {\n    const url = new URL(window.location.href);\n    const localhostJWT = url.searchParams.get(LOCALHOST_JWT_URL_PARAM_NAME) ?? undefined;\n\n    // Clean up URL parameters immediately to prevent re-processing on re-renders\n    if (localhostJWT) {\n      url.searchParams.delete(LOCALHOST_JWT_URL_PARAM_NAME);\n      window.history.replaceState({}, '', url.toString());\n    }\n\n    // Handle localhost JWT from URL parameter\n    if (localhostJWT) {\n      // Set localhost JWT cookie on customer app domain\n      this.setCookie(LOCALHOST_JWT_COOKIE_NAME, localhostJWT, {\n        maxAge: 30 * 24 * 60 * 60, // 30 days\n      });\n    }\n\n    const localhostJWTCookie = Cookies.get(LOCALHOST_JWT_COOKIE_NAME);\n\n    if (localhostJWTCookie && !Cookies.get(SESSION_COOKIE_NAME)) {\n      const result = await this.refreshSession({ signal }).catch(this.handleRequestError);\n      if ('error' in result) return result;\n    }\n\n    const sessionPayload = this.getSessionPayload();\n\n    if (!sessionPayload) {\n      return {\n        error: null,\n        user: null,\n      };\n    }\n\n    if (isExpiredIn(sessionPayload.exp, SESSION_EXPIRATION_BUFFER)) {\n      const result = await this.refreshSession().catch(this.handleRequestError);\n      if ('error' in result) return result;\n    }\n\n    const result = await this.client.auth.getSession().catch(this.handleRequestError);\n    if ('error' in result) return result;\n\n    return {\n      error: null,\n      user: result.user,\n    };\n  }\n\n  scheduleRefresh() {\n    const abortController = new AbortController();\n    let isOnline = true;\n    let timeoutId: number | null = null;\n\n    const onlineHandler = () => {\n      isOnline = true;\n      if (this.pendingRefresher) {\n        this.pendingRefresher();\n        this.pendingRefresher = null;\n      }\n    };\n    const offlineHandler = () => {\n      isOnline = false;\n    };\n\n    window.addEventListener('online', onlineHandler);\n    window.addEventListener('offline', offlineHandler);\n\n    const refresh = () => {\n      // Clear any existing timeout before scheduling a new one\n      // This prevents infinite loops when refresh() is called recursively\n      if (timeoutId !== null) {\n        window.clearTimeout(timeoutId);\n        timeoutId = null;\n      }\n\n      const sessionPayload = this.getSessionPayload();\n\n      if (!sessionPayload || isExpiredIn(sessionPayload.exp, 0)) return;\n\n      // Calculate timeout delay: refresh SESSION_EXPIRATION_BUFFER seconds before expiration\n      const timeoutDelayMS = calculateTimeoutDelay(sessionPayload.exp, SESSION_EXPIRATION_BUFFER);\n\n      // Prevent scheduling if timeout is negative (token already expired)\n      // Allow 0ms delays to handle edge cases where we're exactly at the refresh point\n      // This prevents immediate re-scheduling that could cause infinite loops\n      if (timeoutDelayMS < 0) {\n        return;\n      }\n\n      // Having this function outside timeout, allows us to call refresh immediately when back online\n      const refresher = async () => {\n        // Clear timeoutId since we're executing now\n        timeoutId = null;\n\n        if (!isOnline) {\n          // Keep closure of refresh function alive\n          this.pendingRefresher = refresher;\n          return;\n        }\n\n        const result = await this.refreshSession({ signal: abortController.signal });\n\n        if ('error' in result) {\n          // If the refresh was aborted (e.g., due to React strict mode unmounting),\n          // don't treat it as an error - just return and let the component remount handle it\n          if (result.error === 'aborted') {\n            return;\n          }\n          // For real errors, update the store\n          this.store.setState({\n            status: 'error',\n            user: null,\n            error: result.error,\n          });\n          return;\n        } else {\n          // After successful refresh, schedule the next refresh with the new token\n          refresh();\n        }\n      };\n\n      timeoutId = window.setTimeout(refresher, timeoutDelayMS);\n    };\n\n    refresh();\n\n    return () => {\n      if (timeoutId) {\n        window.clearTimeout(timeoutId);\n      }\n      abortController.abort();\n      window.removeEventListener('online', onlineHandler);\n      window.removeEventListener('offline', offlineHandler);\n    };\n  }\n\n  private async refreshSession({ signal }: { signal?: AbortSignal } = {}) {\n    if (signal) {\n      // Add signal to tracking set (was using .has() instead of .add() - bug fix)\n      this.refreshingSignals.add(signal);\n\n      signal.addEventListener('abort', () => {\n        this.refreshingSignals.delete(signal);\n\n        if (this.refreshingSignals.size === 0) {\n          this.refreshingSignalAbortController?.abort();\n        }\n      });\n    }\n\n    if (this.refreshPromise) {\n      return this.refreshPromise;\n    }\n\n    this.refreshingSignalAbortController = new AbortController();\n\n    this.refreshingSignalAbortController.signal.addEventListener('abort', () => {\n      this.refreshPromise = null;\n      this.refreshingSignalAbortController = null;\n      this.refreshingSignals.clear();\n    });\n\n    // Get localhost_jwt from cookie to send as query parameter\n    const localhostJWT = Cookies.get(LOCALHOST_JWT_COOKIE_NAME);\n\n    // Use local client to avoid infinite recursion. Regular client calls getSessionToken() which calls refreshSession().\n    // There are hacks to avoid infinite recursion, but they are not reliable.\n    // The localhost_jwt is sent as a query parameter\n    // Note: Type assertion needed because the generated SDK type doesn't include 'query' in RequestInit,\n    // but the underlying CoreClient.request() method does support it\n    this.refreshPromise = this.localClient.auth\n      .refresh(\n        { __lh_jwt: localhostJWT },\n        {\n          signal: this.refreshingSignalAbortController.signal,\n        },\n      )\n      .then((response) => {\n        // Update cookie with new session token from response body\n        // Server also sets it via Set-Cookie header on auth domain, but we set it manually on customer domain\n        if (response.sessionToken) {\n          this.setCookie(SESSION_COOKIE_NAME, response.sessionToken, {\n            maxAge: 30 * 24 * 60 * 60, // 30 days\n          });\n        }\n        return response;\n      })\n      .catch(this.handleRequestError);\n\n    try {\n      return await this.refreshPromise;\n    } finally {\n      this.refreshPromise = null;\n      this.refreshingSignalAbortController = null;\n      this.refreshingSignals.clear();\n    }\n  }\n}\n"],"names":["SESSION_COOKIE_NAME","LOCALHOST_JWT_URL_PARAM_NAME","LOCALHOST_JWT_COOKIE_NAME","SESSION_EXPIRATION_BUFFER","SECONDS_TO_MS","secondsToMilliseconds","seconds","millisecondsToSeconds","ms","nowInSeconds","jwtExpToMilliseconds","exp","calculateTimeoutDelay","expirationSeconds","bufferSeconds","expirationMS","bufferMS","nowMS","isExpiredIn","expiration","buffer","now","AuthSessionService","isLive","client","store","baseURL","publishableKey","Blimu","name","value","options","cookieOptions","Cookies","token","jwtDecode","sessionPayload","error","BlimuError","signal","url","localhostJWT","result","abortController","isOnline","timeoutId","onlineHandler","offlineHandler","refresh","timeoutDelayMS","refresher","response"],"mappings":";;;AAQO,MAAMA,IAAsB,iBACtBC,IAA+B,YAC/BC,IAA4B,YAC5BC,IAA4B,IAMnCC,IAAgB,KAKhBC,IAAwB,CAACC,MAA4B,KAAK,MAAMA,IAAUF,CAAa,GAKvFG,IAAwB,CAACC,MAAuB,KAAK,MAAMA,IAAKJ,CAAa,GAK7EK,IAAe,MAAcF,EAAsB,KAAK,KAAK,GAK7DG,IAAuB,CAACC,MAAwBN,EAAsBM,CAAG,GAQzEC,IAAwB,CAACC,GAA2BC,MAAkC;AAC1F,QAAMC,IAAeL,EAAqBG,CAAiB,GACrDG,IAAWX,EAAsBS,CAAa,GAC9CG,IAAQ,KAAK,IAAA;AACnB,SAAO,KAAK,IAAIF,IAAeC,IAAWC,GAAO,CAAC;AACpD,GAQaC,IAAc,CAACC,GAAoBC,MAA4B;AAC1E,QAAMC,IAAMZ,EAAA;AACZ,SAAOU,IAAaC,IAASC;AAC/B;AAEO,MAAMC,EAAmB;AAAA,EAQ9B,YACmBC,GACAC,GACAC,GACjBC,GACAC,GACA;AALiB,SAAA,SAAAJ,GACA,KAAA,SAAAC,GACA,KAAA,QAAAC,GAVnB,KAAQ,mBAAwC,MAChD,KAAQ,iBAAkF,MAC1F,KAAQ,wCAA0C,IAAA,GAClD,KAAQ,kCAA0D,MAWhE,KAAK,cAAc,IAAIG,EAAM;AAAA,MAC3B,SAAAF;AAAA,MACA,aAAa;AAAA,MACb,SAAS,EAAE,2BAA2BC,EAAA;AAAA,IAAe,CACtD,GACD,KAAK,qBAAqB,KAAK,mBAAmB,KAAK,IAAI;AAAA,EAC7D;AAAA;AAAA;AAAA;AAAA,EAKQ,UAAUE,GAAcC,GAAeC,IAA+B,CAAA,GAAU;AACtF,UAAMC,IAA0C;AAAA,MAC9C,QAAQ,KAAK;AAAA;AAAA,MACb,UAAU;AAAA,MACV,MAAM;AAAA,IAAA;AAGR,IAAID,EAAQ,WAAW,WACrBC,EAAc,UAAUD,EAAQ,UAAU,OAAU,MAGtDE,EAAQ,IAAIJ,GAAMC,GAAOE,CAAa;AAAA,EACxC;AAAA,EAEA,oBAMS;AACP,UAAME,IAAQD,EAAQ,IAAIjC,CAAmB;AAE7C,WAAKkC,IAIWC,EAMbD,CAAK,IATC;AAAA,EAYX;AAAA,EAEA,MAAM,kBAA+C;AACnD,UAAME,IAAiB,KAAK,kBAAA;AAE5B,QAAKA;AAOL,aAAI,KAAK,kBACP,MAAM,KAAK,gBAEJH,EAAQ,IAAIjC,CAAmB,MAGpCkB,EAAYkB,EAAe,KAAK,CAAC,KACnC,MAAM,KAAK,eAAA,GAGNH,EAAQ,IAAIjC,CAAmB;AAAA,EACxC;AAAA,EAEA,MAAM,mBAAmBqC,GAAwD;AAC/E,WAAIA,aAAiBC,KAAc,CAAC,KAAK,GAAG,EAAE,SAASD,EAAM,MAAM,KACjEJ,EAAQ,OAAOjC,CAAmB,GAClCiC,EAAQ,OAAO/B,CAAyB,GAEjC;AAAA,MACL,OAAOmC,EAAM;AAAA,MACb,MAAM;AAAA,IAAA,KAINA,aAAiB,eACZ;AAAA,MACL,OAAOA,EAAM;AAAA,MACb,MAAM;AAAA,IAAA,IAGNA,aAAiB,QACZ;AAAA,MACL,OAAOA,EAAM;AAAA,MACb,MAAM;AAAA,IAAA,IAIH;AAAA,MACL,OAAO;AAAA,MACP,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA,EAEA,MAAM,WAAW,EAAE,QAAAE,EAAA,IAAqC,IAGrD;AACD,UAAMC,IAAM,IAAI,IAAI,OAAO,SAAS,IAAI,GAClCC,IAAeD,EAAI,aAAa,IAAIvC,CAA4B,KAAK;AAkB3E,QAfIwC,MACFD,EAAI,aAAa,OAAOvC,CAA4B,GACpD,OAAO,QAAQ,aAAa,CAAA,GAAI,IAAIuC,EAAI,UAAU,IAIhDC,KAEF,KAAK,UAAUvC,GAA2BuC,GAAc;AAAA,MACtD,QAAQ,MAAU,KAAK;AAAA;AAAA,IAAA,CACxB,GAGwBR,EAAQ,IAAI/B,CAAyB,KAEtC,CAAC+B,EAAQ,IAAIjC,CAAmB,GAAG;AAC3D,YAAM0C,IAAS,MAAM,KAAK,eAAe,EAAE,QAAAH,GAAQ,EAAE,MAAM,KAAK,kBAAkB;AAClF,UAAI,WAAWG,EAAQ,QAAOA;AAAAA,IAChC;AAEA,UAAMN,IAAiB,KAAK,kBAAA;AAE5B,QAAI,CAACA;AACH,aAAO;AAAA,QACL,OAAO;AAAA,QACP,MAAM;AAAA,MAAA;AAIV,QAAIlB,EAAYkB,EAAe,KAAKjC,CAAyB,GAAG;AAC9D,YAAMuC,IAAS,MAAM,KAAK,iBAAiB,MAAM,KAAK,kBAAkB;AACxE,UAAI,WAAWA,EAAQ,QAAOA;AAAAA,IAChC;AAEA,UAAMA,IAAS,MAAM,KAAK,OAAO,KAAK,aAAa,MAAM,KAAK,kBAAkB;AAChF,WAAI,WAAWA,IAAeA,IAEvB;AAAA,MACL,OAAO;AAAA,MACP,MAAMA,EAAO;AAAA,IAAA;AAAA,EAEjB;AAAA,EAEA,kBAAkB;AAChB,UAAMC,IAAkB,IAAI,gBAAA;AAC5B,QAAIC,IAAW,IACXC,IAA2B;AAE/B,UAAMC,IAAgB,MAAM;AAC1B,MAAAF,IAAW,IACP,KAAK,qBACP,KAAK,iBAAA,GACL,KAAK,mBAAmB;AAAA,IAE5B,GACMG,IAAiB,MAAM;AAC3B,MAAAH,IAAW;AAAA,IACb;AAEA,WAAO,iBAAiB,UAAUE,CAAa,GAC/C,OAAO,iBAAiB,WAAWC,CAAc;AAEjD,UAAMC,IAAU,MAAM;AAGpB,MAAIH,MAAc,SAChB,OAAO,aAAaA,CAAS,GAC7BA,IAAY;AAGd,YAAMT,IAAiB,KAAK,kBAAA;AAE5B,UAAI,CAACA,KAAkBlB,EAAYkB,EAAe,KAAK,CAAC,EAAG;AAG3D,YAAMa,IAAiBrC,EAAsBwB,EAAe,KAAKjC,CAAyB;AAK1F,UAAI8C,IAAiB;AACnB;AAIF,YAAMC,IAAY,YAAY;AAI5B,YAFAL,IAAY,MAER,CAACD,GAAU;AAEb,eAAK,mBAAmBM;AACxB;AAAA,QACF;AAEA,cAAMR,IAAS,MAAM,KAAK,eAAe,EAAE,QAAQC,EAAgB,QAAQ;AAE3E,YAAI,WAAWD,GAAQ;AAGrB,cAAIA,EAAO,UAAU;AACnB;AAGF,eAAK,MAAM,SAAS;AAAA,YAClB,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,OAAOA,EAAO;AAAA,UAAA,CACf;AACD;AAAA,QACF;AAEE,UAAAM,EAAA;AAAA,MAEJ;AAEA,MAAAH,IAAY,OAAO,WAAWK,GAAWD,CAAc;AAAA,IACzD;AAEA,WAAAD,EAAA,GAEO,MAAM;AACX,MAAIH,KACF,OAAO,aAAaA,CAAS,GAE/BF,EAAgB,MAAA,GAChB,OAAO,oBAAoB,UAAUG,CAAa,GAClD,OAAO,oBAAoB,WAAWC,CAAc;AAAA,IACtD;AAAA,EACF;AAAA,EAEA,MAAc,eAAe,EAAE,QAAAR,EAAA,IAAqC,IAAI;AActE,QAbIA,MAEF,KAAK,kBAAkB,IAAIA,CAAM,GAEjCA,EAAO,iBAAiB,SAAS,MAAM;AACrC,WAAK,kBAAkB,OAAOA,CAAM,GAEhC,KAAK,kBAAkB,SAAS,KAClC,KAAK,iCAAiC,MAAA;AAAA,IAE1C,CAAC,IAGC,KAAK;AACP,aAAO,KAAK;AAGd,SAAK,kCAAkC,IAAI,gBAAA,GAE3C,KAAK,gCAAgC,OAAO,iBAAiB,SAAS,MAAM;AAC1E,WAAK,iBAAiB,MACtB,KAAK,kCAAkC,MACvC,KAAK,kBAAkB,MAAA;AAAA,IACzB,CAAC;AAGD,UAAME,IAAeR,EAAQ,IAAI/B,CAAyB;AAO1D,SAAK,iBAAiB,KAAK,YAAY,KACpC;AAAA,MACC,EAAE,UAAUuC,EAAA;AAAA,MACZ;AAAA,QACE,QAAQ,KAAK,gCAAgC;AAAA,MAAA;AAAA,IAC/C,EAED,KAAK,CAACU,OAGDA,EAAS,gBACX,KAAK,UAAUnD,GAAqBmD,EAAS,cAAc;AAAA,MACzD,QAAQ,MAAU,KAAK;AAAA;AAAA,IAAA,CACxB,GAEIA,EACR,EACA,MAAM,KAAK,kBAAkB;AAEhC,QAAI;AACF,aAAO,MAAM,KAAK;AAAA,IACpB,UAAA;AACE,WAAK,iBAAiB,MACtB,KAAK,kCAAkC,MACvC,KAAK,kBAAkB,MAAA;AAAA,IACzB;AAAA,EACF;AACF;"}

package/dist/client/auth.service.test-service.d.ts

@@ -0,0 +1,39 @@
+import type { AuthState } from '../types';
+import { Blimu } from '@blimu/client';
+import { ExternalStore } from './external-store';
+import { BaseAuthSessionService } from './auth.service.base';
+export declare const LOCALHOST_JWT_URL_PARAM_NAME = "__lh_jwt";
+export declare const LOCALHOST_JWT_COOKIE_NAME = "__lh_jwt";
+/**
+ * Test/development authentication session service.
+ * Handles non-secure cookies and supports localhost JWT handling for development.
+ */
+export declare class TestAuthSessionService extends BaseAuthSessionService {
+    constructor(client: Blimu, store: ExternalStore<AuthState>, baseURL: string, publishableKey: string);
+    /**
+     * Set cookie with secure flag disabled for localhost development.
+     */
+    protected setCookie(name: string, value: string, options?: {
+        maxAge?: number;
+    }): void;
+    /**
+     * Get localhost JWT from cookie.
+     * This method only exists in TestAuthSessionService - not in base class or live service.
+     * Note: URL parameter handling is done in initialize() and stored in cookie.
+     */
+    private getLocalhostJWT;
+    /**
+     * Build refresh request parameters.
+     * Test services include localhost JWT if available.
+     */
+    protected buildRefreshParams(): Record<string, string | undefined>;
+    /**
+     * Test services handle localhost JWT.
+     */
+    protected shouldHandleLocalhostJWT(): boolean;
+    /**
+     * Remove localhost JWT cookie on errors.
+     */
+    protected cleanupLocalhostJWT(): void;
+}
+//# sourceMappingURL=auth.service.test-service.d.ts.map

package/dist/client/auth.service.test-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.service.test-service.d.ts","sourceRoot":"","sources":["../../src/client/auth.service.test-service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAC1C,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAE7D,eAAO,MAAM,4BAA4B,aAAa,CAAC;AACvD,eAAO,MAAM,yBAAyB,aAAa,CAAC;AAEpD;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,sBAAsB;gBAE9D,MAAM,EAAE,KAAK,EACb,KAAK,EAAE,aAAa,CAAC,SAAS,CAAC,EAC/B,OAAO,EAAE,MAAM,EACf,cAAc,EAAE,MAAM;IAKxB;;OAEG;IACH,SAAS,CAAC,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,GAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,IAAI;IAczF;;;;OAIG;IACH,OAAO,CAAC,eAAe;IAIvB;;;OAGG;IACH,SAAS,CAAC,kBAAkB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;IAKlE;;OAEG;IACH,SAAS,CAAC,wBAAwB,IAAI,OAAO;IAI7C;;OAEG;IACH,SAAS,CAAC,mBAAmB,IAAI,IAAI;CAGtC"}

package/dist/client/external-store.cjs

@@ -0,0 +1,2 @@
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});class i{constructor(e){this.listeners=new Set,this.subscribe=t=>(this.listeners.add(t),()=>{this.listeners.delete(t)}),this.setState=t=>{typeof t=="function"?this.state=t(this.state):this.state=t,this.listeners.forEach(s=>s(this.state))},this.getSnapshot=()=>this.state,this.state=e}}exports.ExternalStore=i;
+//# sourceMappingURL=external-store.cjs.map

package/dist/client/external-store.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"external-store.cjs","sources":["../../src/client/external-store.ts"],"sourcesContent":["export class ExternalStore<T> {\n  private state: T;\n  private listeners: Set<(state: T) => void> = new Set();\n\n  constructor(initialState: T) {\n    this.state = initialState;\n  }\n\n  /**\n   * Subscribe to state changes\n   * Returns an unsubscribe function\n   */\n  subscribe = (listener: (state: T) => void): (() => void) => {\n    this.listeners.add(listener);\n    // Return unsubscribe function\n    return () => {\n      this.listeners.delete(listener);\n    };\n  };\n\n  /**\n   * Update state and notify all listeners\n   * Accepts either a new state value or a function updater\n   */\n  setState = (state: T | ((state: T) => T)) => {\n    if (typeof state === 'function') {\n      this.state = (state as (prev: T) => T)(this.state);\n    } else {\n      this.state = state;\n    }\n    // Notify all listeners\n    this.listeners.forEach((listener) => listener(this.state));\n  };\n\n  /**\n   * Get current state without subscribing\n   */\n  getSnapshot = (): T => {\n    return this.state;\n  };\n}\n"],"names":["ExternalStore","initialState","listener","state"],"mappings":"gFAAO,MAAMA,CAAiB,CAI5B,YAAYC,EAAiB,CAF7B,KAAQ,cAAyC,IAUjD,KAAA,UAAaC,IACX,KAAK,UAAU,IAAIA,CAAQ,EAEpB,IAAM,CACX,KAAK,UAAU,OAAOA,CAAQ,CAChC,GAOF,KAAA,SAAYC,GAAiC,CACvC,OAAOA,GAAU,WACnB,KAAK,MAASA,EAAyB,KAAK,KAAK,EAEjD,KAAK,MAAQA,EAGf,KAAK,UAAU,QAASD,GAAaA,EAAS,KAAK,KAAK,CAAC,CAC3D,EAKA,KAAA,YAAc,IACL,KAAK,MAjCZ,KAAK,MAAQD,CACf,CAkCF"}

package/dist/client/external-store.d.ts

@@ -0,0 +1,20 @@
+export declare class ExternalStore<T> {
+    private state;
+    private listeners;
+    constructor(initialState: T);
+    /**
+     * Subscribe to state changes
+     * Returns an unsubscribe function
+     */
+    subscribe: (listener: (state: T) => void) => (() => void);
+    /**
+     * Update state and notify all listeners
+     * Accepts either a new state value or a function updater
+     */
+    setState: (state: T | ((state: T) => T)) => void;
+    /**
+     * Get current state without subscribing
+     */
+    getSnapshot: () => T;
+}
+//# sourceMappingURL=external-store.d.ts.map

package/dist/client/external-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"external-store.d.ts","sourceRoot":"","sources":["../../src/client/external-store.ts"],"names":[],"mappings":"AAAA,qBAAa,aAAa,CAAC,CAAC;IAC1B,OAAO,CAAC,KAAK,CAAI;IACjB,OAAO,CAAC,SAAS,CAAsC;gBAE3C,YAAY,EAAE,CAAC;IAI3B;;;OAGG;IACH,SAAS,GAAI,UAAU,CAAC,KAAK,EAAE,CAAC,KAAK,IAAI,KAAG,CAAC,MAAM,IAAI,CAAC,CAMtD;IAEF;;;OAGG;IACH,QAAQ,GAAI,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,UAQtC;IAEF;;OAEG;IACH,WAAW,QAAO,CAAC,CAEjB;CACH"}

package/dist/client/external-store.js

@@ -0,0 +1,13 @@
+class h {
+  constructor(s) {
+    this.listeners = /* @__PURE__ */ new Set(), this.subscribe = (t) => (this.listeners.add(t), () => {
+      this.listeners.delete(t);
+    }), this.setState = (t) => {
+      typeof t == "function" ? this.state = t(this.state) : this.state = t, this.listeners.forEach((e) => e(this.state));
+    }, this.getSnapshot = () => this.state, this.state = s;
+  }
+}
+export {
+  h as ExternalStore
+};
+//# sourceMappingURL=external-store.js.map

package/dist/client/external-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"external-store.js","sources":["../../src/client/external-store.ts"],"sourcesContent":["export class ExternalStore<T> {\n  private state: T;\n  private listeners: Set<(state: T) => void> = new Set();\n\n  constructor(initialState: T) {\n    this.state = initialState;\n  }\n\n  /**\n   * Subscribe to state changes\n   * Returns an unsubscribe function\n   */\n  subscribe = (listener: (state: T) => void): (() => void) => {\n    this.listeners.add(listener);\n    // Return unsubscribe function\n    return () => {\n      this.listeners.delete(listener);\n    };\n  };\n\n  /**\n   * Update state and notify all listeners\n   * Accepts either a new state value or a function updater\n   */\n  setState = (state: T | ((state: T) => T)) => {\n    if (typeof state === 'function') {\n      this.state = (state as (prev: T) => T)(this.state);\n    } else {\n      this.state = state;\n    }\n    // Notify all listeners\n    this.listeners.forEach((listener) => listener(this.state));\n  };\n\n  /**\n   * Get current state without subscribing\n   */\n  getSnapshot = (): T => {\n    return this.state;\n  };\n}\n"],"names":["ExternalStore","initialState","listener","state"],"mappings":"AAAO,MAAMA,EAAiB;AAAA,EAI5B,YAAYC,GAAiB;AAF7B,SAAQ,gCAAyC,IAAA,GAUjD,KAAA,YAAY,CAACC,OACX,KAAK,UAAU,IAAIA,CAAQ,GAEpB,MAAM;AACX,WAAK,UAAU,OAAOA,CAAQ;AAAA,IAChC,IAOF,KAAA,WAAW,CAACC,MAAiC;AAC3C,MAAI,OAAOA,KAAU,aACnB,KAAK,QAASA,EAAyB,KAAK,KAAK,IAEjD,KAAK,QAAQA,GAGf,KAAK,UAAU,QAAQ,CAACD,MAAaA,EAAS,KAAK,KAAK,CAAC;AAAA,IAC3D,GAKA,KAAA,cAAc,MACL,KAAK,OAjCZ,KAAK,QAAQD;AAAA,EACf;AAkCF;"}

package/dist/client/runtime-client.cjs

@@ -0,0 +1,2 @@
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const l=require("@blimu/client"),r=require("../utils/publishable-key.cjs"),o=require("./auth.service.cjs"),a=require("./external-store.cjs");class u{constructor(e){if(this.authDomain=null,this.initialized=!1,this.initializePromise=null,this.initializeAbortController=null,this.redirectToAuth=i=>{const n=i||window.location.href,s=new URL(`${this.authDomain}/login`);s.searchParams.set("redirect_url",encodeURIComponent(n)),window.location.href=s.toString()},this.logout=async()=>{try{const i=this.session.getSessionToken();i&&await this.client.auth.logout({headers:{"x-blimu-publishable-key":this.config.publishableKey,Authorization:`Bearer ${i}`}})}catch(i){console.error("Logout error:",i)}finally{this.store.setState({user:null,error:null,status:"unauthenticated"})}},this.getAccessToken=async i=>await this.session.getSessionToken()??null,this.config=e,this.store=new a.ExternalStore({user:null,error:null,status:"idle"}),this.isLive=e.publishableKey.includes("live"),this.authDomain=r.getAuthDomainFromPublishableKey(e.publishableKey),!this.authDomain)throw new Error("Failed to determine auth domain from publishable key");const t=r.getAuthApiUrl(e.publishableKey);if(!t)throw new Error("Failed to determine auth API URL from publishable key");this.client=new l.Blimu({baseURL:t,accessToken:()=>this.session.getSessionToken(),headers:{"x-blimu-publishable-key":e.publishableKey}}),this.session=new o.AuthSessionService(this.isLive,this.client,this.store,t,e.publishableKey),this.initialize=this.initialize.bind(this)}initialize(){if(!this.initialized&&!this.initializePromise)return this.initializeAbortController=new AbortController,this.initializePromise=this.session.initialize({signal:this.initializeAbortController.signal}).then(e=>{e.error?this.store.setState({user:null,error:e.error,status:"error"}):e.user?this.store.setState({user:e.user,error:null,status:"authenticated"}):this.store.setState({user:null,error:null,status:"unauthenticated"})}).catch(e=>{console.error("Initialize error:",e),this.store.setState({user:null,error:e instanceof Error?e.message:"Initialization failed",status:"error"})}).finally(()=>{this.initialized=!0,this.initializePromise=null}),()=>{console.log("aborting initialize"),this.initializeAbortController?.abort("unmounting"),this.initializePromise=null}}scheduleRefresh(){return this.session.scheduleRefresh()}getClient(){return this.client}}exports.BlimuRuntimeClientWrapper=u;
+//# sourceMappingURL=runtime-client.cjs.map

package/dist/client/runtime-client.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"runtime-client.cjs","sources":["../../src/client/runtime-client.ts"],"sourcesContent":["import { Blimu } from '@blimu/client';\n\nimport type { AuthState, BlimuConfig, User } from '../types';\nimport { getAuthApiUrl, getAuthDomainFromPublishableKey } from '../utils/publishable-key';\nimport { AuthSessionService, LOCALHOST_JWT_URL_PARAM_NAME } from './auth.service';\nimport { ExternalStore } from './external-store';\n\nexport class BlimuRuntimeClientWrapper {\n  private client: Blimu;\n  private authDomain: string | null = null;\n  private initialized: boolean = false;\n  private readonly session: AuthSessionService;\n\n  public config: BlimuConfig;\n  public isLive: boolean;\n  private initializePromise: Promise<void> | null = null;\n  private initializeAbortController: AbortController | null = null;\n\n  public readonly store: ExternalStore<AuthState>;\n\n  constructor(config: BlimuConfig) {\n    this.config = config;\n    this.store = new ExternalStore<AuthState>({\n      user: null,\n      error: null,\n      status: 'idle',\n    });\n    this.isLive = config.publishableKey.includes('live');\n\n    // Get auth UI domain from publishable key\n    this.authDomain = getAuthDomainFromPublishableKey(config.publishableKey);\n    if (!this.authDomain) {\n      throw new Error('Failed to determine auth domain from publishable key');\n    }\n\n    // Get auth API URL from publishable key\n    const authApiUrl = getAuthApiUrl(config.publishableKey);\n\n    if (!authApiUrl) {\n      throw new Error('Failed to determine auth API URL from publishable key');\n    }\n\n    this.client = new Blimu({\n      baseURL: authApiUrl,\n      accessToken: () => this.session.getSessionToken(),\n      headers: { 'x-blimu-publishable-key': config.publishableKey },\n    });\n\n    this.session = new AuthSessionService(\n      this.isLive,\n      this.client,\n      this.store,\n      authApiUrl,\n      config.publishableKey,\n    );\n\n    this.initialize = this.initialize.bind(this);\n  }\n\n  /**\n   * Initialize authentication by checking for existing session\n   * Reads session token from cookie and validates it\n   * This method is idempotent - if initialization is already in progress, it will wait for that to complete\n   */\n  initialize(): (() => void) | void {\n    // If already initialized, return early\n    if (this.initialized) return;\n\n    // If initialization is in progress, return early (prevents concurrent calls)\n    if (this.initializePromise) return;\n\n    this.initializeAbortController = new AbortController();\n\n    this.initializePromise = this.session\n      .initialize({\n        signal: this.initializeAbortController.signal,\n      })\n      .then((result) => {\n        if (result.error) {\n          this.store.setState({\n            user: null,\n            error: result.error,\n            status: 'error',\n          });\n        } else if (result.user) {\n          this.store.setState({\n            user: result.user,\n            error: null,\n            status: 'authenticated',\n          });\n        } else {\n          this.store.setState({\n            user: null,\n            error: null,\n            status: 'unauthenticated',\n          });\n        }\n      })\n      .catch((error) => {\n        console.error('Initialize error:', error);\n        this.store.setState({\n          user: null,\n          error: error instanceof Error ? error.message : 'Initialization failed',\n          status: 'error',\n        });\n      })\n      .finally(() => {\n        // Mark as initialized after completion (success or failure)\n        // This prevents infinite loops from re-renders\n        this.initialized = true;\n        this.initializePromise = null;\n      });\n\n    return () => {\n      console.log('aborting initialize');\n      this.initializeAbortController?.abort('unmounting');\n      this.initializePromise = null;\n      // Don't reset initialized flag here - let the promise handle it\n    };\n  }\n\n  /**\n   * Refresh session token using the client token from httpOnly cookie\n   * The client token is stored in an httpOnly cookie and sent automatically\n   * Note: The auth worker should extract the __bli_client cookie and include it in the request body\n   * This method is idempotent - if a refresh is already in progress, it will wait for that refresh to complete\n   */\n  public scheduleRefresh() {\n    return this.session.scheduleRefresh();\n  }\n\n  /**\n   * Redirect user to auth domain for authentication\n   * Uses the auth domain derived from the publishable key\n   */\n  public redirectToAuth = (returnUrl?: string): void => {\n    const redirectUrl = returnUrl || window.location.href;\n\n    // Build auth URL on the auth domain\n    const authUrl = new URL(`${this.authDomain}/login`);\n    authUrl.searchParams.set('redirect_url', encodeURIComponent(redirectUrl));\n\n    // Redirect to auth domain\n    window.location.href = authUrl.toString();\n  };\n\n  /**\n   * Logout user\n   * Calls the logout endpoint on the API domain using this.client\n   */\n  public logout = async (): Promise<void> => {\n    try {\n      const sessionToken = this.session.getSessionToken();\n\n      if (sessionToken) {\n        await this.client.auth.logout({\n          headers: {\n            'x-blimu-publishable-key': this.config.publishableKey,\n            Authorization: `Bearer ${sessionToken}`,\n          },\n        });\n      }\n    } catch (error) {\n      console.error('Logout error:', error);\n    } finally {\n      this.store.setState({\n        user: null,\n        error: null,\n        status: 'unauthenticated',\n      });\n    }\n  };\n\n  /**\n   * Get the current session token\n   */\n  // eslint-disable-next-line @typescript-eslint/no-unused-vars\n  getAccessToken = async (_options: { template: 'web' }): Promise<string | null> => {\n    return (await this.session.getSessionToken()) ?? null;\n  };\n\n  /**\n   * Get the runtime client for direct API calls\n   */\n  getClient(): Blimu {\n    return this.client;\n  }\n}\n"],"names":["BlimuRuntimeClientWrapper","config","returnUrl","redirectUrl","authUrl","sessionToken","error","_options","ExternalStore","getAuthDomainFromPublishableKey","authApiUrl","getAuthApiUrl","Blimu","AuthSessionService","result"],"mappings":"6NAOO,MAAMA,CAA0B,CAarC,YAAYC,EAAqB,CAW/B,GAtBF,KAAQ,WAA4B,KACpC,KAAQ,YAAuB,GAK/B,KAAQ,kBAA0C,KAClD,KAAQ,0BAAoD,KAuH5D,KAAO,eAAkBC,GAA6B,CACpD,MAAMC,EAAcD,GAAa,OAAO,SAAS,KAG3CE,EAAU,IAAI,IAAI,GAAG,KAAK,UAAU,QAAQ,EAClDA,EAAQ,aAAa,IAAI,eAAgB,mBAAmBD,CAAW,CAAC,EAGxE,OAAO,SAAS,KAAOC,EAAQ,SAAA,CACjC,EAMA,KAAO,OAAS,SAA2B,CACzC,GAAI,CACF,MAAMC,EAAe,KAAK,QAAQ,gBAAA,EAE9BA,GACF,MAAM,KAAK,OAAO,KAAK,OAAO,CAC5B,QAAS,CACP,0BAA2B,KAAK,OAAO,eACvC,cAAe,UAAUA,CAAY,EAAA,CACvC,CACD,CAEL,OAASC,EAAO,CACd,QAAQ,MAAM,gBAAiBA,CAAK,CACtC,QAAA,CACE,KAAK,MAAM,SAAS,CAClB,KAAM,KACN,MAAO,KACP,OAAQ,iBAAA,CACT,CACH,CACF,EAMA,KAAA,eAAiB,MAAOC,GACd,MAAM,KAAK,QAAQ,gBAAA,GAAsB,KA7JjD,KAAK,OAASN,EACd,KAAK,MAAQ,IAAIO,gBAAyB,CACxC,KAAM,KACN,MAAO,KACP,OAAQ,MAAA,CACT,EACD,KAAK,OAASP,EAAO,eAAe,SAAS,MAAM,EAGnD,KAAK,WAAaQ,kCAAgCR,EAAO,cAAc,EACnE,CAAC,KAAK,WACR,MAAM,IAAI,MAAM,sDAAsD,EAIxE,MAAMS,EAAaC,EAAAA,cAAcV,EAAO,cAAc,EAEtD,GAAI,CAACS,EACH,MAAM,IAAI,MAAM,uDAAuD,EAGzE,KAAK,OAAS,IAAIE,QAAM,CACtB,QAASF,EACT,YAAa,IAAM,KAAK,QAAQ,gBAAA,EAChC,QAAS,CAAE,0BAA2BT,EAAO,cAAA,CAAe,CAC7D,EAED,KAAK,QAAU,IAAIY,EAAAA,mBACjB,KAAK,OACL,KAAK,OACL,KAAK,MACLH,EACAT,EAAO,cAAA,EAGT,KAAK,WAAa,KAAK,WAAW,KAAK,IAAI,CAC7C,CAOA,YAAkC,CAEhC,GAAI,MAAK,aAGL,MAAK,kBAET,YAAK,0BAA4B,IAAI,gBAErC,KAAK,kBAAoB,KAAK,QAC3B,WAAW,CACV,OAAQ,KAAK,0BAA0B,MAAA,CACxC,EACA,KAAMa,GAAW,CACZA,EAAO,MACT,KAAK,MAAM,SAAS,CAClB,KAAM,KACN,MAAOA,EAAO,MACd,OAAQ,OAAA,CACT,EACQA,EAAO,KAChB,KAAK,MAAM,SAAS,CAClB,KAAMA,EAAO,KACb,MAAO,KACP,OAAQ,eAAA,CACT,EAED,KAAK,MAAM,SAAS,CAClB,KAAM,KACN,MAAO,KACP,OAAQ,iBAAA,CACT,CAEL,CAAC,EACA,MAAOR,GAAU,CAChB,QAAQ,MAAM,oBAAqBA,CAAK,EACxC,KAAK,MAAM,SAAS,CAClB,KAAM,KACN,MAAOA,aAAiB,MAAQA,EAAM,QAAU,wBAChD,OAAQ,OAAA,CACT,CACH,CAAC,EACA,QAAQ,IAAM,CAGb,KAAK,YAAc,GACnB,KAAK,kBAAoB,IAC3B,CAAC,EAEI,IAAM,CACX,QAAQ,IAAI,qBAAqB,EACjC,KAAK,2BAA2B,MAAM,YAAY,EAClD,KAAK,kBAAoB,IAE3B,CACF,CAQO,iBAAkB,CACvB,OAAO,KAAK,QAAQ,gBAAA,CACtB,CAuDA,WAAmB,CACjB,OAAO,KAAK,MACd,CACF"}

package/dist/client/runtime-client.d.ts

@@ -0,0 +1,49 @@
+import { Blimu } from '@blimu/client';
+import type { AuthState, BlimuConfig } from '../types';
+import { ExternalStore } from './external-store';
+export declare class BlimuRuntimeClientWrapper {
+    private client;
+    private authDomain;
+    private initialized;
+    private readonly session;
+    config: BlimuConfig;
+    isLive: boolean;
+    private initializePromise;
+    private initializeAbortController;
+    readonly store: ExternalStore<AuthState>;
+    constructor(config: BlimuConfig);
+    /**
+     * Initialize authentication by checking for existing session
+     * Reads session token from cookie and validates it
+     * This method is idempotent - if initialization is already in progress, it will wait for that to complete
+     */
+    initialize(): (() => void) | void;
+    /**
+     * Refresh session token using the client token from httpOnly cookie
+     * The client token is stored in an httpOnly cookie and sent automatically
+     * Note: The auth worker should extract the __bli_client cookie and include it in the request body
+     * This method is idempotent - if a refresh is already in progress, it will wait for that refresh to complete
+     */
+    scheduleRefresh(): () => void;
+    /**
+     * Redirect user to auth domain for authentication
+     * Uses the auth domain derived from the publishable key
+     */
+    redirectToAuth: (returnUrl?: string) => void;
+    /**
+     * Logout user
+     * Calls the logout endpoint on the API domain using this.client
+     */
+    logout: () => Promise<void>;
+    /**
+     * Get the current session token
+     */
+    getAccessToken: (_options: {
+        template: "web";
+    }) => Promise<string | null>;
+    /**
+     * Get the runtime client for direct API calls
+     */
+    getClient(): Blimu;
+}
+//# sourceMappingURL=runtime-client.d.ts.map

package/dist/client/runtime-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"runtime-client.d.ts","sourceRoot":"","sources":["../../src/client/runtime-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAEtC,OAAO,KAAK,EAAE,SAAS,EAAE,WAAW,EAAQ,MAAM,UAAU,CAAC;AAG7D,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,qBAAa,yBAAyB;IACpC,OAAO,CAAC,MAAM,CAAQ;IACtB,OAAO,CAAC,UAAU,CAAuB;IACzC,OAAO,CAAC,WAAW,CAAkB;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAEtC,MAAM,EAAE,WAAW,CAAC;IACpB,MAAM,EAAE,OAAO,CAAC;IACvB,OAAO,CAAC,iBAAiB,CAA8B;IACvD,OAAO,CAAC,yBAAyB,CAAgC;IAEjE,SAAgB,KAAK,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;gBAEpC,MAAM,EAAE,WAAW;IAuC/B;;;;OAIG;IACH,UAAU,IAAI,CAAC,MAAM,IAAI,CAAC,GAAG,IAAI;IAyDjC;;;;;OAKG;IACI,eAAe;IAItB;;;OAGG;IACI,cAAc,GAAI,YAAY,MAAM,KAAG,IAAI,CAShD;IAEF;;;OAGG;IACI,MAAM,QAAa,OAAO,CAAC,IAAI,CAAC,CAqBrC;IAEF;;OAEG;IAEH,cAAc,GAAU,UAAU;QAAE,QAAQ,EAAE,KAAK,CAAA;KAAE,KAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAE5E;IAEF;;OAEG;IACH,SAAS,IAAI,KAAK;CAGnB"}

package/dist/client/runtime-client.js

@@ -0,0 +1,103 @@
+import { Blimu as n } from "@blimu/client";
+import { getAuthDomainFromPublishableKey as l, getAuthApiUrl as o } from "../utils/publishable-key.js";
+import { AuthSessionService as a } from "./auth.service.js";
+import { ExternalStore as h } from "./external-store.js";
+class p {
+  constructor(i) {
+    if (this.authDomain = null, this.initialized = !1, this.initializePromise = null, this.initializeAbortController = null, this.redirectToAuth = (e) => {
+      const r = e || window.location.href, s = new URL(`${this.authDomain}/login`);
+      s.searchParams.set("redirect_url", encodeURIComponent(r)), window.location.href = s.toString();
+    }, this.logout = async () => {
+      try {
+        const e = this.session.getSessionToken();
+        e && await this.client.auth.logout({
+          headers: {
+            "x-blimu-publishable-key": this.config.publishableKey,
+            Authorization: `Bearer ${e}`
+          }
+        });
+      } catch (e) {
+        console.error("Logout error:", e);
+      } finally {
+        this.store.setState({
+          user: null,
+          error: null,
+          status: "unauthenticated"
+        });
+      }
+    }, this.getAccessToken = async (e) => await this.session.getSessionToken() ?? null, this.config = i, this.store = new h({
+      user: null,
+      error: null,
+      status: "idle"
+    }), this.isLive = i.publishableKey.includes("live"), this.authDomain = l(i.publishableKey), !this.authDomain)
+      throw new Error("Failed to determine auth domain from publishable key");
+    const t = o(i.publishableKey);
+    if (!t)
+      throw new Error("Failed to determine auth API URL from publishable key");
+    this.client = new n({
+      baseURL: t,
+      accessToken: () => this.session.getSessionToken(),
+      headers: { "x-blimu-publishable-key": i.publishableKey }
+    }), this.session = new a(
+      this.isLive,
+      this.client,
+      this.store,
+      t,
+      i.publishableKey
+    ), this.initialize = this.initialize.bind(this);
+  }
+  /**
+   * Initialize authentication by checking for existing session
+   * Reads session token from cookie and validates it
+   * This method is idempotent - if initialization is already in progress, it will wait for that to complete
+   */
+  initialize() {
+    if (!this.initialized && !this.initializePromise)
+      return this.initializeAbortController = new AbortController(), this.initializePromise = this.session.initialize({
+        signal: this.initializeAbortController.signal
+      }).then((i) => {
+        i.error ? this.store.setState({
+          user: null,
+          error: i.error,
+          status: "error"
+        }) : i.user ? this.store.setState({
+          user: i.user,
+          error: null,
+          status: "authenticated"
+        }) : this.store.setState({
+          user: null,
+          error: null,
+          status: "unauthenticated"
+        });
+      }).catch((i) => {
+        console.error("Initialize error:", i), this.store.setState({
+          user: null,
+          error: i instanceof Error ? i.message : "Initialization failed",
+          status: "error"
+        });
+      }).finally(() => {
+        this.initialized = !0, this.initializePromise = null;
+      }), () => {
+        console.log("aborting initialize"), this.initializeAbortController?.abort("unmounting"), this.initializePromise = null;
+      };
+  }
+  /**
+   * Refresh session token using the client token from httpOnly cookie
+   * The client token is stored in an httpOnly cookie and sent automatically
+   * Note: The auth worker should extract the __bli_client cookie and include it in the request body
+   * This method is idempotent - if a refresh is already in progress, it will wait for that refresh to complete
+   */
+  scheduleRefresh() {
+    return this.session.scheduleRefresh();
+  }
+  /**
+   * Get the runtime client for direct API calls
+   */
+  getClient() {
+    return this.client;
+  }
+}
+export {
+  p as BlimuRuntimeClientWrapper
+};
+//# sourceMappingURL=runtime-client.js.map

package/dist/client/runtime-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"runtime-client.js","sources":["../../src/client/runtime-client.ts"],"sourcesContent":["import { Blimu } from '@blimu/client';\n\nimport type { AuthState, BlimuConfig, User } from '../types';\nimport { getAuthApiUrl, getAuthDomainFromPublishableKey } from '../utils/publishable-key';\nimport { AuthSessionService, LOCALHOST_JWT_URL_PARAM_NAME } from './auth.service';\nimport { ExternalStore } from './external-store';\n\nexport class BlimuRuntimeClientWrapper {\n  private client: Blimu;\n  private authDomain: string | null = null;\n  private initialized: boolean = false;\n  private readonly session: AuthSessionService;\n\n  public config: BlimuConfig;\n  public isLive: boolean;\n  private initializePromise: Promise<void> | null = null;\n  private initializeAbortController: AbortController | null = null;\n\n  public readonly store: ExternalStore<AuthState>;\n\n  constructor(config: BlimuConfig) {\n    this.config = config;\n    this.store = new ExternalStore<AuthState>({\n      user: null,\n      error: null,\n      status: 'idle',\n    });\n    this.isLive = config.publishableKey.includes('live');\n\n    // Get auth UI domain from publishable key\n    this.authDomain = getAuthDomainFromPublishableKey(config.publishableKey);\n    if (!this.authDomain) {\n      throw new Error('Failed to determine auth domain from publishable key');\n    }\n\n    // Get auth API URL from publishable key\n    const authApiUrl = getAuthApiUrl(config.publishableKey);\n\n    if (!authApiUrl) {\n      throw new Error('Failed to determine auth API URL from publishable key');\n    }\n\n    this.client = new Blimu({\n      baseURL: authApiUrl,\n      accessToken: () => this.session.getSessionToken(),\n      headers: { 'x-blimu-publishable-key': config.publishableKey },\n    });\n\n    this.session = new AuthSessionService(\n      this.isLive,\n      this.client,\n      this.store,\n      authApiUrl,\n      config.publishableKey,\n    );\n\n    this.initialize = this.initialize.bind(this);\n  }\n\n  /**\n   * Initialize authentication by checking for existing session\n   * Reads session token from cookie and validates it\n   * This method is idempotent - if initialization is already in progress, it will wait for that to complete\n   */\n  initialize(): (() => void) | void {\n    // If already initialized, return early\n    if (this.initialized) return;\n\n    // If initialization is in progress, return early (prevents concurrent calls)\n    if (this.initializePromise) return;\n\n    this.initializeAbortController = new AbortController();\n\n    this.initializePromise = this.session\n      .initialize({\n        signal: this.initializeAbortController.signal,\n      })\n      .then((result) => {\n        if (result.error) {\n          this.store.setState({\n            user: null,\n            error: result.error,\n            status: 'error',\n          });\n        } else if (result.user) {\n          this.store.setState({\n            user: result.user,\n            error: null,\n            status: 'authenticated',\n          });\n        } else {\n          this.store.setState({\n            user: null,\n            error: null,\n            status: 'unauthenticated',\n          });\n        }\n      })\n      .catch((error) => {\n        console.error('Initialize error:', error);\n        this.store.setState({\n          user: null,\n          error: error instanceof Error ? error.message : 'Initialization failed',\n          status: 'error',\n        });\n      })\n      .finally(() => {\n        // Mark as initialized after completion (success or failure)\n        // This prevents infinite loops from re-renders\n        this.initialized = true;\n        this.initializePromise = null;\n      });\n\n    return () => {\n      console.log('aborting initialize');\n      this.initializeAbortController?.abort('unmounting');\n      this.initializePromise = null;\n      // Don't reset initialized flag here - let the promise handle it\n    };\n  }\n\n  /**\n   * Refresh session token using the client token from httpOnly cookie\n   * The client token is stored in an httpOnly cookie and sent automatically\n   * Note: The auth worker should extract the __bli_client cookie and include it in the request body\n   * This method is idempotent - if a refresh is already in progress, it will wait for that refresh to complete\n   */\n  public scheduleRefresh() {\n    return this.session.scheduleRefresh();\n  }\n\n  /**\n   * Redirect user to auth domain for authentication\n   * Uses the auth domain derived from the publishable key\n   */\n  public redirectToAuth = (returnUrl?: string): void => {\n    const redirectUrl = returnUrl || window.location.href;\n\n    // Build auth URL on the auth domain\n    const authUrl = new URL(`${this.authDomain}/login`);\n    authUrl.searchParams.set('redirect_url', encodeURIComponent(redirectUrl));\n\n    // Redirect to auth domain\n    window.location.href = authUrl.toString();\n  };\n\n  /**\n   * Logout user\n   * Calls the logout endpoint on the API domain using this.client\n   */\n  public logout = async (): Promise<void> => {\n    try {\n      const sessionToken = this.session.getSessionToken();\n\n      if (sessionToken) {\n        await this.client.auth.logout({\n          headers: {\n            'x-blimu-publishable-key': this.config.publishableKey,\n            Authorization: `Bearer ${sessionToken}`,\n          },\n        });\n      }\n    } catch (error) {\n      console.error('Logout error:', error);\n    } finally {\n      this.store.setState({\n        user: null,\n        error: null,\n        status: 'unauthenticated',\n      });\n    }\n  };\n\n  /**\n   * Get the current session token\n   */\n  // eslint-disable-next-line @typescript-eslint/no-unused-vars\n  getAccessToken = async (_options: { template: 'web' }): Promise<string | null> => {\n    return (await this.session.getSessionToken()) ?? null;\n  };\n\n  /**\n   * Get the runtime client for direct API calls\n   */\n  getClient(): Blimu {\n    return this.client;\n  }\n}\n"],"names":["BlimuRuntimeClientWrapper","config","returnUrl","redirectUrl","authUrl","sessionToken","error","_options","ExternalStore","getAuthDomainFromPublishableKey","authApiUrl","getAuthApiUrl","Blimu","AuthSessionService","result"],"mappings":";;;;AAOO,MAAMA,EAA0B;AAAA,EAarC,YAAYC,GAAqB;AAW/B,QAtBF,KAAQ,aAA4B,MACpC,KAAQ,cAAuB,IAK/B,KAAQ,oBAA0C,MAClD,KAAQ,4BAAoD,MAuH5D,KAAO,iBAAiB,CAACC,MAA6B;AACpD,YAAMC,IAAcD,KAAa,OAAO,SAAS,MAG3CE,IAAU,IAAI,IAAI,GAAG,KAAK,UAAU,QAAQ;AAClD,MAAAA,EAAQ,aAAa,IAAI,gBAAgB,mBAAmBD,CAAW,CAAC,GAGxE,OAAO,SAAS,OAAOC,EAAQ,SAAA;AAAA,IACjC,GAMA,KAAO,SAAS,YAA2B;AACzC,UAAI;AACF,cAAMC,IAAe,KAAK,QAAQ,gBAAA;AAElC,QAAIA,KACF,MAAM,KAAK,OAAO,KAAK,OAAO;AAAA,UAC5B,SAAS;AAAA,YACP,2BAA2B,KAAK,OAAO;AAAA,YACvC,eAAe,UAAUA,CAAY;AAAA,UAAA;AAAA,QACvC,CACD;AAAA,MAEL,SAASC,GAAO;AACd,gBAAQ,MAAM,iBAAiBA,CAAK;AAAA,MACtC,UAAA;AACE,aAAK,MAAM,SAAS;AAAA,UAClB,MAAM;AAAA,UACN,OAAO;AAAA,UACP,QAAQ;AAAA,QAAA,CACT;AAAA,MACH;AAAA,IACF,GAMA,KAAA,iBAAiB,OAAOC,MACd,MAAM,KAAK,QAAQ,gBAAA,KAAsB,MA7JjD,KAAK,SAASN,GACd,KAAK,QAAQ,IAAIO,EAAyB;AAAA,MACxC,MAAM;AAAA,MACN,OAAO;AAAA,MACP,QAAQ;AAAA,IAAA,CACT,GACD,KAAK,SAASP,EAAO,eAAe,SAAS,MAAM,GAGnD,KAAK,aAAaQ,EAAgCR,EAAO,cAAc,GACnE,CAAC,KAAK;AACR,YAAM,IAAI,MAAM,sDAAsD;AAIxE,UAAMS,IAAaC,EAAcV,EAAO,cAAc;AAEtD,QAAI,CAACS;AACH,YAAM,IAAI,MAAM,uDAAuD;AAGzE,SAAK,SAAS,IAAIE,EAAM;AAAA,MACtB,SAASF;AAAA,MACT,aAAa,MAAM,KAAK,QAAQ,gBAAA;AAAA,MAChC,SAAS,EAAE,2BAA2BT,EAAO,eAAA;AAAA,IAAe,CAC7D,GAED,KAAK,UAAU,IAAIY;AAAA,MACjB,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACLH;AAAA,MACAT,EAAO;AAAA,IAAA,GAGT,KAAK,aAAa,KAAK,WAAW,KAAK,IAAI;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAkC;AAEhC,QAAI,MAAK,eAGL,MAAK;AAET,kBAAK,4BAA4B,IAAI,gBAAA,GAErC,KAAK,oBAAoB,KAAK,QAC3B,WAAW;AAAA,QACV,QAAQ,KAAK,0BAA0B;AAAA,MAAA,CACxC,EACA,KAAK,CAACa,MAAW;AAChB,QAAIA,EAAO,QACT,KAAK,MAAM,SAAS;AAAA,UAClB,MAAM;AAAA,UACN,OAAOA,EAAO;AAAA,UACd,QAAQ;AAAA,QAAA,CACT,IACQA,EAAO,OAChB,KAAK,MAAM,SAAS;AAAA,UAClB,MAAMA,EAAO;AAAA,UACb,OAAO;AAAA,UACP,QAAQ;AAAA,QAAA,CACT,IAED,KAAK,MAAM,SAAS;AAAA,UAClB,MAAM;AAAA,UACN,OAAO;AAAA,UACP,QAAQ;AAAA,QAAA,CACT;AAAA,MAEL,CAAC,EACA,MAAM,CAACR,MAAU;AAChB,gBAAQ,MAAM,qBAAqBA,CAAK,GACxC,KAAK,MAAM,SAAS;AAAA,UAClB,MAAM;AAAA,UACN,OAAOA,aAAiB,QAAQA,EAAM,UAAU;AAAA,UAChD,QAAQ;AAAA,QAAA,CACT;AAAA,MACH,CAAC,EACA,QAAQ,MAAM;AAGb,aAAK,cAAc,IACnB,KAAK,oBAAoB;AAAA,MAC3B,CAAC,GAEI,MAAM;AACX,gBAAQ,IAAI,qBAAqB,GACjC,KAAK,2BAA2B,MAAM,YAAY,GAClD,KAAK,oBAAoB;AAAA,MAE3B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQO,kBAAkB;AACvB,WAAO,KAAK,QAAQ,gBAAA;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA,EAuDA,YAAmB;AACjB,WAAO,KAAK;AAAA,EACd;AACF;"}

package/dist/components/index.d.ts

@@ -0,0 +1,11 @@
+export type { RedirectToSignInProps } from './redirect-to-sign-in';
+export { RedirectToSignIn } from './redirect-to-sign-in';
+export type { UserButtonProps } from './user-button/user-button';
+export { UserButton } from './user-button/user-button';
+export type { UserAvatarProps } from './user-avatar';
+export { UserAvatar } from './user-avatar';
+export type { SignInButtonProps } from './sign-in-button';
+export { SignInButton } from './sign-in-button';
+export type { MembersListProps } from './members-list';
+export { MembersList } from './members-list';
+//# sourceMappingURL=index.d.ts.map

package/dist/components/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/components/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,YAAY,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,YAAY,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,YAAY,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,YAAY,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/components/members-list.cjs

@@ -0,0 +1,2 @@
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("react/jsx-runtime"),M=require("react"),P=require("./user-avatar.cjs"),d=require("../lib/utils.cjs"),k=require("../hooks/use-members.cjs");function w(s){const l=Object.create(null,{[Symbol.toStringTag]:{value:"Module"}});if(s){for(const i in s)if(i!=="default"){const r=Object.getOwnPropertyDescriptor(s,i);Object.defineProperty(l,i,r.get?r:{enumerable:!0,get:()=>s[i]})}}return l.default=s,Object.freeze(l)}const O=w(M);function q({resourceType:s,resourceId:l,initialPage:i=1,pageSize:r=20,search:g,renderMember:x,className:n,showPagination:p=!0}){const[a,b]=O.useState(i),{members:c,total:u,isLoading:o,error:f,hasNextPage:j,hasPreviousPage:N,refetch:v}=k.useMembers({resourceType:s,resourceId:l,page:a,limit:r,search:g}),y=t=>{const h=t.user.firstName&&t.user.lastName?`${t.user.firstName} ${t.user.lastName}`:t.user.firstName||t.user.email?.split("@")[0]||"User";return e.jsxs("div",{className:"flex items-center justify-between p-3 rounded-blimu hover:bg-blimu-accent transition-colors",children:[e.jsxs("div",{className:"flex items-center gap-3",children:[e.jsx(P.UserAvatar,{src:t.user.avatarUrl||void 0,alt:t.user.email,fallback:h,size:"default"}),e.jsxs("div",{className:"flex flex-col",children:[e.jsx("p",{className:"text-sm font-medium text-blimu-foreground",children:h}),e.jsx("p",{className:"text-xs text-blimu-muted-foreground",children:t.user.email})]})]}),e.jsxs("div",{className:"flex items-center gap-2",children:[t.inherited&&e.jsx("span",{className:"text-xs text-blimu-muted-foreground",children:"(inherited)"}),e.jsx("span",{className:"text-xs font-medium text-blimu-foreground bg-blimu-muted px-2 py-1 rounded-blimu-sm",children:t.role})]})]})};if(f)return e.jsxs("div",{className:d.cn("p-4 text-center",n),children:[e.jsxs("p",{className:"text-sm text-blimu-destructive",children:["Error loading members: ",f.message]}),e.jsx("button",{onClick:()=>v(),className:"mt-2 text-sm text-blimu-primary hover:underline",children:"Retry"})]});if(o&&c.length===0)return e.jsx("div",{className:d.cn("p-4 text-center",n),children:e.jsx("p",{className:"text-sm text-blimu-muted-foreground",children:"Loading members..."})});if(c.length===0)return e.jsx("div",{className:d.cn("p-4 text-center",n),children:e.jsx("p",{className:"text-sm text-blimu-muted-foreground",children:"No members found"})});const m=Math.ceil(u/r);return e.jsxs("div",{className:d.cn("flex flex-col",n),children:[e.jsx("div",{className:"flex flex-col divide-y divide-blimu-border",children:c.map(t=>e.jsx("div",{children:x?x(t):y(t)},t.userId))}),p&&m>1&&e.jsxs("div",{className:"flex items-center justify-between mt-4 pt-4 border-t border-blimu-border",children:[e.jsxs("div",{className:"text-sm text-blimu-muted-foreground",children:["Showing ",(a-1)*r+1," to ",Math.min(a*r,u)," of ",u," ","members"]}),e.jsxs("div",{className:"flex items-center gap-2",children:[e.jsx("button",{onClick:()=>b(t=>Math.max(1,t-1)),disabled:!N||o,className:"px-3 py-1 text-sm rounded-blimu border border-blimu-input bg-blimu-background hover:bg-blimu-accent disabled:opacity-50 disabled:cursor-not-allowed",children:"Previous"}),e.jsxs("span",{className:"text-sm text-blimu-foreground",children:["Page ",a," of ",m]}),e.jsx("button",{onClick:()=>b(t=>Math.min(m,t+1)),disabled:!j||o,className:"px-3 py-1 text-sm rounded-blimu border border-blimu-input bg-blimu-background hover:bg-blimu-accent disabled:opacity-50 disabled:cursor-not-allowed",children:"Next"})]})]})]})}exports.MembersList=q;
+//# sourceMappingURL=members-list.cjs.map

package/dist/components/members-list.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"members-list.cjs","sources":["../../src/components/members-list.tsx"],"sourcesContent":["import * as React from 'react';\n\nimport { UserAvatar } from './user-avatar';\nimport { cn } from '../lib/utils';\n\nimport { useMembers, type ResourceMember } from '../hooks/use-members';\n\nexport interface MembersListProps {\n  /**\n   * Resource type (e.g., 'organization', 'workspace')\n   */\n  resourceType: string;\n\n  /**\n   * Resource ID\n   */\n  resourceId: string;\n\n  /**\n   * Initial page number\n   * @default 1\n   */\n  initialPage?: number;\n\n  /**\n   * Items per page\n   * @default 20\n   */\n  pageSize?: number;\n\n  /**\n   * Search query\n   */\n  search?: string;\n\n  /**\n   * Custom render function for each member\n   */\n  renderMember?: (member: ResourceMember) => React.ReactNode;\n\n  /**\n   * Custom className\n   */\n  className?: string;\n\n  /**\n   * Show pagination controls\n   * @default true\n   */\n  showPagination?: boolean;\n}\n\n/**\n * Paginated list of organization/resource members\n *\n * @example\n * ```tsx\n * <MembersList\n *   resourceType=\"organization\"\n *   resourceId=\"org_123\"\n * />\n * ```\n *\n * @example With custom rendering\n * ```tsx\n * <MembersList\n *   resourceType=\"workspace\"\n *   resourceId=\"ws_456\"\n *   renderMember={(member) => (\n *     <div className=\"flex items-center gap-2\">\n *       <UserAvatar src={member.user.avatarUrl} alt={member.user.email} />\n *       <div>\n *         <p>{member.user.firstName} {member.user.lastName}</p>\n *         <p className=\"text-sm text-muted-foreground\">{member.user.email}</p>\n *       </div>\n *       <Badge>{member.role}</Badge>\n *     </div>\n *   )}\n * />\n * ```\n */\nexport function MembersList({\n  resourceType,\n  resourceId,\n  initialPage = 1,\n  pageSize = 20,\n  search,\n  renderMember,\n  className,\n  showPagination = true,\n}: MembersListProps) {\n  const [page, setPage] = React.useState(initialPage);\n  const { members, total, isLoading, error, hasNextPage, hasPreviousPage, refetch } = useMembers({\n    resourceType,\n    resourceId,\n    page,\n    limit: pageSize,\n    search,\n  });\n\n  const defaultRenderMember = (member: ResourceMember) => {\n    const displayName =\n      member.user.firstName && member.user.lastName\n        ? `${member.user.firstName} ${member.user.lastName}`\n        : member.user.firstName || member.user.email?.split('@')[0] || 'User';\n\n    return (\n      <div className=\"flex items-center justify-between p-3 rounded-blimu hover:bg-blimu-accent transition-colors\">\n        <div className=\"flex items-center gap-3\">\n          <UserAvatar\n            src={member.user.avatarUrl || undefined}\n            alt={member.user.email}\n            fallback={displayName}\n            size=\"default\"\n          />\n          <div className=\"flex flex-col\">\n            <p className=\"text-sm font-medium text-blimu-foreground\">{displayName}</p>\n            <p className=\"text-xs text-blimu-muted-foreground\">{member.user.email}</p>\n          </div>\n        </div>\n        <div className=\"flex items-center gap-2\">\n          {member.inherited && (\n            <span className=\"text-xs text-blimu-muted-foreground\">(inherited)</span>\n          )}\n          <span className=\"text-xs font-medium text-blimu-foreground bg-blimu-muted px-2 py-1 rounded-blimu-sm\">\n            {member.role}\n          </span>\n        </div>\n      </div>\n    );\n  };\n\n  if (error) {\n    return (\n      <div className={cn('p-4 text-center', className)}>\n        <p className=\"text-sm text-blimu-destructive\">Error loading members: {error.message}</p>\n        <button\n          onClick={() => refetch()}\n          className=\"mt-2 text-sm text-blimu-primary hover:underline\"\n        >\n          Retry\n        </button>\n      </div>\n    );\n  }\n\n  if (isLoading && members.length === 0) {\n    return (\n      <div className={cn('p-4 text-center', className)}>\n        <p className=\"text-sm text-blimu-muted-foreground\">Loading members...</p>\n      </div>\n    );\n  }\n\n  if (members.length === 0) {\n    return (\n      <div className={cn('p-4 text-center', className)}>\n        <p className=\"text-sm text-blimu-muted-foreground\">No members found</p>\n      </div>\n    );\n  }\n\n  const totalPages = Math.ceil(total / pageSize);\n\n  return (\n    <div className={cn('flex flex-col', className)}>\n      <div className=\"flex flex-col divide-y divide-blimu-border\">\n        {members.map((member) => (\n          <div key={member.userId}>\n            {renderMember ? renderMember(member) : defaultRenderMember(member)}\n          </div>\n        ))}\n      </div>\n\n      {showPagination && totalPages > 1 && (\n        <div className=\"flex items-center justify-between mt-4 pt-4 border-t border-blimu-border\">\n          <div className=\"text-sm text-blimu-muted-foreground\">\n            Showing {(page - 1) * pageSize + 1} to {Math.min(page * pageSize, total)} of {total}{' '}\n            members\n          </div>\n          <div className=\"flex items-center gap-2\">\n            <button\n              onClick={() => setPage((p) => Math.max(1, p - 1))}\n              disabled={!hasPreviousPage || isLoading}\n              className=\"px-3 py-1 text-sm rounded-blimu border border-blimu-input bg-blimu-background hover:bg-blimu-accent disabled:opacity-50 disabled:cursor-not-allowed\"\n            >\n              Previous\n            </button>\n            <span className=\"text-sm text-blimu-foreground\">\n              Page {page} of {totalPages}\n            </span>\n            <button\n              onClick={() => setPage((p) => Math.min(totalPages, p + 1))}\n              disabled={!hasNextPage || isLoading}\n              className=\"px-3 py-1 text-sm rounded-blimu border border-blimu-input bg-blimu-background hover:bg-blimu-accent disabled:opacity-50 disabled:cursor-not-allowed\"\n            >\n              Next\n            </button>\n          </div>\n        </div>\n      )}\n    </div>\n  );\n}\n"],"names":["MembersList","resourceType","resourceId","initialPage","pageSize","search","renderMember","className","showPagination","page","setPage","React","members","total","isLoading","error","hasNextPage","hasPreviousPage","refetch","useMembers","defaultRenderMember","member","displayName","jsxs","jsx","UserAvatar","cn","totalPages","p"],"mappings":"qgBAiFO,SAASA,EAAY,CAC1B,aAAAC,EACA,WAAAC,EACA,YAAAC,EAAc,EACd,SAAAC,EAAW,GACX,OAAAC,EACA,aAAAC,EACA,UAAAC,EACA,eAAAC,EAAiB,EACnB,EAAqB,CACnB,KAAM,CAACC,EAAMC,CAAO,EAAIC,EAAM,SAASR,CAAW,EAC5C,CAAE,QAAAS,EAAS,MAAAC,EAAO,UAAAC,EAAW,MAAAC,EAAO,YAAAC,EAAa,gBAAAC,EAAiB,QAAAC,CAAA,EAAYC,aAAW,CAC7F,aAAAlB,EACA,WAAAC,EACA,KAAAO,EACA,MAAOL,EACP,OAAAC,CAAA,CACD,EAEKe,EAAuBC,GAA2B,CACtD,MAAMC,EACJD,EAAO,KAAK,WAAaA,EAAO,KAAK,SACjC,GAAGA,EAAO,KAAK,SAAS,IAAIA,EAAO,KAAK,QAAQ,GAChDA,EAAO,KAAK,WAAaA,EAAO,KAAK,OAAO,MAAM,GAAG,EAAE,CAAC,GAAK,OAEnE,OACEE,EAAAA,KAAC,MAAA,CAAI,UAAU,8FACb,SAAA,CAAAA,EAAAA,KAAC,MAAA,CAAI,UAAU,0BACb,SAAA,CAAAC,EAAAA,IAACC,EAAAA,WAAA,CACC,IAAKJ,EAAO,KAAK,WAAa,OAC9B,IAAKA,EAAO,KAAK,MACjB,SAAUC,EACV,KAAK,SAAA,CAAA,EAEPC,EAAAA,KAAC,MAAA,CAAI,UAAU,gBACb,SAAA,CAAAC,EAAAA,IAAC,IAAA,CAAE,UAAU,4CAA6C,SAAAF,EAAY,QACrE,IAAA,CAAE,UAAU,sCAAuC,SAAAD,EAAO,KAAK,KAAA,CAAM,CAAA,CAAA,CACxE,CAAA,EACF,EACAE,EAAAA,KAAC,MAAA,CAAI,UAAU,0BACZ,SAAA,CAAAF,EAAO,WACNG,EAAAA,IAAC,OAAA,CAAK,UAAU,sCAAsC,SAAA,cAAW,EAEnEA,EAAAA,IAAC,OAAA,CAAK,UAAU,sFACb,WAAO,IAAA,CACV,CAAA,CAAA,CACF,CAAA,EACF,CAEJ,EAEA,GAAIT,EACF,cACG,MAAA,CAAI,UAAWW,EAAAA,GAAG,kBAAmBnB,CAAS,EAC7C,SAAA,CAAAgB,EAAAA,KAAC,IAAA,CAAE,UAAU,iCAAiC,SAAA,CAAA,0BAAwBR,EAAM,OAAA,EAAQ,EACpFS,EAAAA,IAAC,SAAA,CACC,QAAS,IAAMN,EAAA,EACf,UAAU,kDACX,SAAA,OAAA,CAAA,CAED,EACF,EAIJ,GAAIJ,GAAaF,EAAQ,SAAW,EAClC,OACEY,EAAAA,IAAC,MAAA,CAAI,UAAWE,EAAAA,GAAG,kBAAmBnB,CAAS,EAC7C,SAAAiB,EAAAA,IAAC,IAAA,CAAE,UAAU,sCAAsC,SAAA,oBAAA,CAAkB,EACvE,EAIJ,GAAIZ,EAAQ,SAAW,EACrB,OACEY,EAAAA,IAAC,MAAA,CAAI,UAAWE,EAAAA,GAAG,kBAAmBnB,CAAS,EAC7C,SAAAiB,EAAAA,IAAC,IAAA,CAAE,UAAU,sCAAsC,SAAA,kBAAA,CAAgB,EACrE,EAIJ,MAAMG,EAAa,KAAK,KAAKd,EAAQT,CAAQ,EAE7C,cACG,MAAA,CAAI,UAAWsB,EAAAA,GAAG,gBAAiBnB,CAAS,EAC3C,SAAA,CAAAiB,EAAAA,IAAC,OAAI,UAAU,6CACZ,WAAQ,IAAKH,GACZG,EAAAA,IAAC,MAAA,CACE,WAAelB,EAAae,CAAM,EAAID,EAAoBC,CAAM,GADzDA,EAAO,MAEjB,CACD,EACH,EAECb,GAAkBmB,EAAa,GAC9BJ,EAAAA,KAAC,MAAA,CAAI,UAAU,2EACb,SAAA,CAAAA,EAAAA,KAAC,MAAA,CAAI,UAAU,sCAAsC,SAAA,CAAA,YACzCd,EAAO,GAAKL,EAAW,EAAE,OAAK,KAAK,IAAIK,EAAOL,EAAUS,CAAK,EAAE,OAAKA,EAAO,IAAI,SAAA,EAE3F,EACAU,EAAAA,KAAC,MAAA,CAAI,UAAU,0BACb,SAAA,CAAAC,EAAAA,IAAC,SAAA,CACC,QAAS,IAAMd,EAASkB,GAAM,KAAK,IAAI,EAAGA,EAAI,CAAC,CAAC,EAChD,SAAU,CAACX,GAAmBH,EAC9B,UAAU,sJACX,SAAA,UAAA,CAAA,EAGDS,EAAAA,KAAC,OAAA,CAAK,UAAU,gCAAgC,SAAA,CAAA,QACxCd,EAAK,OAAKkB,CAAA,EAClB,EACAH,EAAAA,IAAC,SAAA,CACC,QAAS,IAAMd,EAASkB,GAAM,KAAK,IAAID,EAAYC,EAAI,CAAC,CAAC,EACzD,SAAU,CAACZ,GAAeF,EAC1B,UAAU,sJACX,SAAA,MAAA,CAAA,CAED,CAAA,CACF,CAAA,CAAA,CACF,CAAA,EAEJ,CAEJ"}