@bodhiapp/bodhi-js 0.0.1

package/dist/bodhi-web.esm.js

@@ -0,0 +1,749 @@
+import { DirectClientBase, STORAGE_PREFIXES, generateCodeVerifier, generateCodeChallenge, isApiResultOperationError, isApiResultSuccess, createStorageKeys, EXTENSION_STATE_NOT_INITIALIZED, Logger, createOAuthEndpoints, NOOP_STATE_CALLBACK, EXTENSION_STATE_NOT_FOUND, PENDING_EXTENSION_READY, BACKEND_SERVER_NOT_REACHABLE, extractUserInfo, refreshAccessToken, createOperationError, backendServerNotReady, SERVER_ERROR_CODES, createApiError, BaseFacadeClient } from "@bodhiapp/bodhi-js-core";
+class DirectWebClient extends DirectClientBase {
+  constructor(config, onStateChange) {
+    super({ ...config, storagePrefix: STORAGE_PREFIXES.DIRECT }, "DirectWebClient", onStateChange);
+    this.redirectUri = config.redirectUri;
+  }
+  // ============================================================================
+  // Authentication (Browser Redirect OAuth)
+  // ============================================================================
+  async login() {
+    const existingAuth = await this.getAuthState();
+    if (existingAuth.isLoggedIn) {
+      return existingAuth;
+    }
+    const resourceScope = await this.requestResourceAccess();
+    const fullScope = `openid profile email roles ${this.userScope} ${resourceScope}`;
+    const codeVerifier = generateCodeVerifier();
+    const codeChallenge = await generateCodeChallenge(codeVerifier);
+    const state = generateCodeVerifier();
+    localStorage.setItem(this.storageKeys.CODE_VERIFIER, codeVerifier);
+    localStorage.setItem(this.storageKeys.STATE, state);
+    const authUrl = new URL(this.authEndpoints.authorize);
+    authUrl.searchParams.set("client_id", this.authClientId);
+    authUrl.searchParams.set("response_type", "code");
+    authUrl.searchParams.set("redirect_uri", this.redirectUri);
+    authUrl.searchParams.set("scope", fullScope);
+    authUrl.searchParams.set("code_challenge", codeChallenge);
+    authUrl.searchParams.set("code_challenge_method", "S256");
+    authUrl.searchParams.set("state", state);
+    window.location.href = authUrl.toString();
+    throw new Error("Redirect initiated");
+  }
+  async handleOAuthCallback(code, state) {
+    const storedState = localStorage.getItem(this.storageKeys.STATE);
+    if (!storedState || storedState !== state) {
+      throw new Error("Invalid state parameter - possible CSRF attack");
+    }
+    await this.exchangeCodeForTokens(code);
+    localStorage.removeItem(this.storageKeys.CODE_VERIFIER);
+    localStorage.removeItem(this.storageKeys.STATE);
+    const authState = await this.getAuthState();
+    if (!authState.isLoggedIn) {
+      throw new Error("Login failed");
+    }
+    const result = authState;
+    this.setAuthState(result);
+    return result;
+  }
+  async logout() {
+    const refreshToken = localStorage.getItem(this.storageKeys.REFRESH_TOKEN);
+    if (refreshToken) {
+      try {
+        const params = new URLSearchParams({
+          token: refreshToken,
+          client_id: this.authClientId,
+          token_type_hint: "refresh_token"
+        });
+        await fetch(this.authEndpoints.revoke, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/x-www-form-urlencoded"
+          },
+          body: params
+        });
+      } catch (error) {
+        this.logger.warn("Token revocation failed:", error);
+      }
+    }
+    localStorage.removeItem(this.storageKeys.ACCESS_TOKEN);
+    localStorage.removeItem(this.storageKeys.REFRESH_TOKEN);
+    localStorage.removeItem(this.storageKeys.EXPIRES_AT);
+    localStorage.removeItem(this.storageKeys.RESOURCE_SCOPE);
+    const result = {
+      isLoggedIn: false
+    };
+    this.setAuthState(result);
+    return result;
+  }
+  // ============================================================================
+  // OAuth Helper Methods
+  // ============================================================================
+  async requestResourceAccess() {
+    const response = await this.sendApiRequest(
+      "POST",
+      "/bodhi/v1/apps/request-access",
+      { app_client_id: this.authClientId },
+      {},
+      false
+    );
+    if (isApiResultOperationError(response)) {
+      throw new Error("Failed to get resource access scope from server");
+    }
+    if (!isApiResultSuccess(response)) {
+      throw new Error("Failed to get resource access scope from server: API error");
+    }
+    const scope = response.body.scope;
+    localStorage.setItem(this.storageKeys.RESOURCE_SCOPE, scope);
+    return scope;
+  }
+  async exchangeCodeForTokens(code) {
+    const codeVerifier = localStorage.getItem(this.storageKeys.CODE_VERIFIER);
+    if (!codeVerifier) {
+      throw new Error("Code verifier not found");
+    }
+    const response = await fetch(this.authEndpoints.token, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: new URLSearchParams({
+        grant_type: "authorization_code",
+        code,
+        redirect_uri: this.redirectUri,
+        client_id: this.authClientId,
+        code_verifier: codeVerifier
+      })
+    });
+    if (!response.ok) {
+      const errorText = await response.text();
+      throw new Error(`Token exchange failed: ${response.status} ${errorText}`);
+    }
+    const tokens = await response.json();
+    localStorage.setItem(this.storageKeys.ACCESS_TOKEN, tokens.access_token);
+    if (tokens.refresh_token) {
+      localStorage.setItem(this.storageKeys.REFRESH_TOKEN, tokens.refresh_token);
+    }
+    if (tokens.expires_in) {
+      const expiresAt = Date.now() + tokens.expires_in * 1e3;
+      localStorage.setItem(this.storageKeys.EXPIRES_AT, expiresAt.toString());
+    }
+  }
+  // ============================================================================
+  // Storage Implementation (localStorage)
+  // ============================================================================
+  async _storageGet(key) {
+    return localStorage.getItem(key);
+  }
+  async _storageSet(items) {
+    Object.entries(items).forEach(([key, value]) => {
+      localStorage.setItem(key, String(value));
+    });
+  }
+  async _storageRemove(keys) {
+    keys.forEach((key) => localStorage.removeItem(key));
+  }
+  _getRedirectUri() {
+    return this.redirectUri;
+  }
+}
+const POLL_INTERVAL = 500;
+const POLL_TIMEOUT = 5e3;
+const STORAGE_KEYS = createStorageKeys(STORAGE_PREFIXES.WEB);
+class WindowBodhiextClient {
+  constructor(authClientId, config, onStateChange) {
+    this.state = EXTENSION_STATE_NOT_INITIALIZED;
+    this.bodhiext = null;
+    this.refreshPromise = null;
+    this.logger = new Logger("WindowBodhiextClient", config.logLevel);
+    this.authClientId = authClientId;
+    this.config = config;
+    this.authEndpoints = createOAuthEndpoints(this.config.authServerUrl);
+    this.onStateChange = onStateChange ?? NOOP_STATE_CALLBACK;
+  }
+  /**
+   * Set client state and notify callback
+   */
+  setState(newState) {
+    this.state = newState;
+    this.logger.info(`{state: ${JSON.stringify(newState)}} - Setting client state`);
+    this.onStateChange({ type: "client-state", state: newState });
+  }
+  /**
+   * Set auth state and notify callback
+   */
+  setAuthState(authState) {
+    this.onStateChange({ type: "auth-state", state: authState });
+  }
+  /**
+   * Set or update the state change callback
+   */
+  setStateCallback(callback) {
+    this.onStateChange = callback;
+  }
+  // ============================================================================
+  // Extension Communication
+  // ============================================================================
+  /**
+   * Ensure bodhiext is available, attempting to acquire it if not already set
+   * @throws Error if client not initialized
+   */
+  ensureBodhiext() {
+    if (!this.bodhiext && window.bodhiext) {
+      this.logger.info("Acquiring window.bodhiext reference");
+      this.bodhiext = window.bodhiext;
+    }
+    if (!this.bodhiext) {
+      throw new Error("Client not initialized");
+    }
+  }
+  /**
+   * Send extension request via window.bodhiext.sendExtRequest
+   */
+  async sendExtRequest(action, params) {
+    this.ensureBodhiext();
+    return this.bodhiext.sendExtRequest(action, params);
+  }
+  /**
+   * Send API message via window.bodhiext.sendApiRequest
+   * Converts ApiResponse to ApiResponseResult
+   */
+  async sendApiRequest(method, endpoint, body, headers, authenticated) {
+    try {
+      this.ensureBodhiext();
+    } catch (err) {
+      return {
+        error: {
+          message: err instanceof Error ? err.message : String(err),
+          type: "extension_error"
+        }
+      };
+    }
+    try {
+      let requestHeaders = headers || {};
+      if (authenticated) {
+        const accessToken = await this._getAccessTokenRaw();
+        if (!accessToken) {
+          return {
+            error: {
+              message: "Not authenticated. Please log in first.",
+              type: "extension_error"
+            }
+          };
+        }
+        requestHeaders = {
+          ...requestHeaders,
+          Authorization: `Bearer ${accessToken}`
+        };
+      }
+      const response = await this.bodhiext.sendApiRequest(
+        method,
+        endpoint,
+        body,
+        requestHeaders
+      );
+      return response;
+    } catch (e) {
+      const errorObj = e == null ? void 0 : e.error;
+      const message = (errorObj == null ? void 0 : errorObj.message) ?? (e instanceof Error ? e.message : String(e));
+      const errorType = (errorObj == null ? void 0 : errorObj.type) || "extension_error";
+      return {
+        error: {
+          message,
+          type: errorType
+        }
+      };
+    }
+  }
+  /**
+   * Get current client state
+   */
+  getState() {
+    return this.state;
+  }
+  isClientInitialized() {
+    return this.state.extension === "ready";
+  }
+  isServerReady() {
+    return this.isClientInitialized() && this.state.server.status === "ready";
+  }
+  /**
+   * Initialize extension discovery with optional timeout
+   * Returns ExtensionState with extension and server status
+   *
+   * Note: Web mode uses stateless discovery (always polls for window.bodhiext)
+   * No extensionId storage/restoration needed - window.bodhiext handle is ephemeral
+   */
+  async init(params = {}) {
+    var _a, _b, _c, _d;
+    if (!params.testConnection && !params.selectedConnection) {
+      this.logger.info("No testConnection or selectedConnection, returning not-initialized state");
+      return EXTENSION_STATE_NOT_INITIALIZED;
+    }
+    if (this.bodhiext && !params.testConnection) {
+      this.logger.debug("Already have bodhiext handle, skipping polling");
+      return this.state;
+    }
+    if (!this.bodhiext) {
+      const timeoutMs = params.timeoutMs ?? ((_b = (_a = this.config.initParams) == null ? void 0 : _a.extension) == null ? void 0 : _b.timeoutMs) ?? POLL_TIMEOUT;
+      const intervalMs = params.intervalMs ?? ((_d = (_c = this.config.initParams) == null ? void 0 : _c.extension) == null ? void 0 : _d.intervalMs) ?? POLL_INTERVAL;
+      const startTime = Date.now();
+      const found = await new Promise((resolve) => {
+        const check = () => {
+          if (window.bodhiext) {
+            this.bodhiext = window.bodhiext;
+            resolve(true);
+            return;
+          }
+          if (Date.now() - startTime >= timeoutMs) {
+            resolve(false);
+            return;
+          }
+          setTimeout(check, intervalMs);
+        };
+        check();
+      });
+      if (!found) {
+        this.logger.warn(`Extension discovery timed out`);
+        this.setState(EXTENSION_STATE_NOT_FOUND);
+        return this.state;
+      }
+    }
+    const extensionId = await this.bodhiext.getExtensionId();
+    this.logger.info(`Extension discovered: ${extensionId}`);
+    const state = {
+      type: "extension",
+      extension: "ready",
+      extensionId,
+      server: PENDING_EXTENSION_READY
+    };
+    if (params.testConnection) {
+      try {
+        const serverState = await this.getServerState();
+        this.setState({ ...state, server: serverState });
+        this.logger.info(`Server connectivity tested: ${serverState.status}`);
+      } catch (error) {
+        this.logger.error(`Failed to get server state:`, error);
+        this.setState({ ...state, server: BACKEND_SERVER_NOT_REACHABLE });
+      }
+    } else {
+      this.setState(state);
+    }
+    return this.state;
+  }
+  // ============================================================================
+  // OAuth Methods
+  // ============================================================================
+  /**
+   * Request resource access scope from backend
+   * Required for authenticated API access
+   */
+  async requestResourceAccess() {
+    this.ensureBodhiext();
+    const response = await this.bodhiext.sendApiRequest("POST", "/bodhi/v1/apps/request-access", {
+      app_client_id: this.authClientId
+    });
+    if (!isApiResultSuccess(response)) {
+      throw new Error("Failed to get resource access scope: API error");
+    }
+    const scope = response.body.scope;
+    localStorage.setItem(STORAGE_KEYS.RESOURCE_SCOPE, scope);
+    return scope;
+  }
+  /**
+   * Login via browser redirect OAuth2 + PKCE flow
+   * @returns AuthLoggedIn (though in practice, this redirects and never returns)
+   */
+  async login() {
+    const existingAuth = await this.getAuthState();
+    if (existingAuth.isLoggedIn) {
+      return existingAuth;
+    }
+    this.ensureBodhiext();
+    const resourceScope = await this.requestResourceAccess();
+    const codeVerifier = generateCodeVerifier();
+    const codeChallenge = await generateCodeChallenge(codeVerifier);
+    const state = generateCodeVerifier();
+    localStorage.setItem(STORAGE_KEYS.CODE_VERIFIER, codeVerifier);
+    localStorage.setItem(STORAGE_KEYS.STATE, state);
+    const scopes = ["openid", "profile", "email", "roles", this.config.userScope, resourceScope];
+    const params = new URLSearchParams({
+      response_type: "code",
+      client_id: this.authClientId,
+      redirect_uri: this.config.redirectUri,
+      scope: scopes.join(" "),
+      state,
+      code_challenge: codeChallenge,
+      code_challenge_method: "S256"
+    });
+    const authUrl = `${this.authEndpoints.authorize}?${params}`;
+    window.location.href = authUrl;
+    return new Promise(() => {
+    });
+  }
+  /**
+   * Handle OAuth callback with authorization code
+   * Should be called from callback page with extracted URL params
+   * @returns AuthLoggedIn with login state and user info
+   */
+  async handleOAuthCallback(code, state) {
+    const storedState = localStorage.getItem(STORAGE_KEYS.STATE);
+    if (!storedState || storedState !== state) {
+      throw new Error("Invalid state parameter - possible CSRF attack");
+    }
+    await this.exchangeCodeForTokens(code);
+    localStorage.removeItem(STORAGE_KEYS.CODE_VERIFIER);
+    localStorage.removeItem(STORAGE_KEYS.STATE);
+    const authState = await this.getAuthState();
+    if (!authState.isLoggedIn) {
+      throw new Error("Login failed");
+    }
+    this.setAuthState(authState);
+    return authState;
+  }
+  /**
+   * Exchange authorization code for tokens
+   */
+  async exchangeCodeForTokens(code) {
+    const codeVerifier = localStorage.getItem(STORAGE_KEYS.CODE_VERIFIER);
+    if (!codeVerifier) {
+      throw new Error("Code verifier not found");
+    }
+    const params = new URLSearchParams({
+      grant_type: "authorization_code",
+      client_id: this.authClientId,
+      code,
+      redirect_uri: this.config.redirectUri,
+      code_verifier: codeVerifier
+    });
+    const response = await fetch(this.authEndpoints.token, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: params
+    });
+    if (!response.ok) {
+      const errorText = await response.text();
+      throw new Error(`Token exchange failed: ${response.status} ${errorText}`);
+    }
+    const tokenData = await response.json();
+    if (!tokenData.access_token) {
+      throw new Error("No access token received");
+    }
+    localStorage.setItem(STORAGE_KEYS.ACCESS_TOKEN, tokenData.access_token);
+    if (tokenData.refresh_token) {
+      localStorage.setItem(STORAGE_KEYS.REFRESH_TOKEN, tokenData.refresh_token);
+    }
+    if (tokenData.expires_in) {
+      const expiresAt = Date.now() + tokenData.expires_in * 1e3;
+      localStorage.setItem(STORAGE_KEYS.EXPIRES_AT, expiresAt.toString());
+    }
+  }
+  /**
+   * Logout user and revoke tokens
+   * @returns AuthLoggedOut with logged out state
+   */
+  async logout() {
+    const refreshToken = localStorage.getItem(STORAGE_KEYS.REFRESH_TOKEN);
+    if (refreshToken) {
+      try {
+        const params = new URLSearchParams({
+          token: refreshToken,
+          client_id: this.authClientId,
+          token_type_hint: "refresh_token"
+        });
+        await fetch(this.authEndpoints.revoke, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/x-www-form-urlencoded"
+          },
+          body: params
+        });
+      } catch (error) {
+        this.logger.warn("Token revocation failed:", error);
+      }
+    }
+    localStorage.removeItem(STORAGE_KEYS.ACCESS_TOKEN);
+    localStorage.removeItem(STORAGE_KEYS.REFRESH_TOKEN);
+    localStorage.removeItem(STORAGE_KEYS.EXPIRES_AT);
+    localStorage.removeItem(STORAGE_KEYS.CODE_VERIFIER);
+    localStorage.removeItem(STORAGE_KEYS.STATE);
+    localStorage.removeItem(STORAGE_KEYS.RESOURCE_SCOPE);
+    const result = {
+      isLoggedIn: false
+    };
+    this.setAuthState(result);
+    return result;
+  }
+  /**
+   * Get current authentication state
+   */
+  async getAuthState() {
+    const accessToken = await this._getAccessTokenRaw();
+    if (!accessToken) {
+      return { isLoggedIn: false };
+    }
+    try {
+      const userInfo = extractUserInfo(accessToken);
+      return { isLoggedIn: true, userInfo, accessToken };
+    } catch (error) {
+      this.logger.error("Failed to parse token:", error);
+      return { isLoggedIn: false };
+    }
+  }
+  /**
+   * Get current access token
+   * Returns null if not logged in or token expired
+   */
+  async _getAccessTokenRaw() {
+    const accessToken = localStorage.getItem(STORAGE_KEYS.ACCESS_TOKEN);
+    const expiresAt = localStorage.getItem(STORAGE_KEYS.EXPIRES_AT);
+    if (!accessToken) {
+      return null;
+    }
+    if (expiresAt) {
+      const expirationTime = parseInt(expiresAt, 10);
+      if (Date.now() >= expirationTime - 5 * 1e3) {
+        const refreshToken = localStorage.getItem(STORAGE_KEYS.REFRESH_TOKEN);
+        if (refreshToken) {
+          return this._tryRefreshToken(refreshToken);
+        }
+        return null;
+      }
+    }
+    return accessToken;
+  }
+  /**
+   * Try to refresh access token using refresh token
+   * Race condition prevention: Returns existing promise if refresh already in progress
+   */
+  async _tryRefreshToken(refreshToken) {
+    if (this.refreshPromise) {
+      this.logger.debug("Refresh already in progress, returning existing promise");
+      return this.refreshPromise;
+    }
+    this.refreshPromise = this._doRefreshToken(refreshToken);
+    try {
+      return await this.refreshPromise;
+    } finally {
+      this.refreshPromise = null;
+    }
+  }
+  /**
+   * Perform the actual token refresh
+   */
+  async _doRefreshToken(refreshToken) {
+    this.logger.debug("Refreshing access token");
+    try {
+      const tokens = await refreshAccessToken(
+        this.authEndpoints.token,
+        refreshToken,
+        this.authClientId
+      );
+      if (tokens) {
+        this._storeRefreshedTokens(tokens);
+        const userInfo = extractUserInfo(tokens.access_token);
+        this.setAuthState({
+          isLoggedIn: true,
+          userInfo,
+          accessToken: tokens.access_token
+        });
+        this.logger.info("Token refreshed successfully");
+        return tokens.access_token;
+      }
+    } catch (error) {
+      this.logger.warn("Token refresh failed:", error);
+    }
+    this.logger.warn("Token refresh failed, keeping tokens for manual retry");
+    throw createOperationError(
+      "Access token expired and unable to refresh. Try logging out and logging in again.",
+      "token_refresh_failed"
+    );
+  }
+  /**
+   * Store refreshed tokens
+   */
+  _storeRefreshedTokens(tokens) {
+    const expiresAt = Date.now() + tokens.expires_in * 1e3;
+    localStorage.setItem(STORAGE_KEYS.ACCESS_TOKEN, tokens.access_token);
+    localStorage.setItem(STORAGE_KEYS.EXPIRES_AT, String(expiresAt));
+    if (tokens.refresh_token) {
+      localStorage.setItem(STORAGE_KEYS.REFRESH_TOKEN, tokens.refresh_token);
+    }
+  }
+  /**
+   * Ping API
+   */
+  async pingApi() {
+    return this.sendApiRequest("GET", "/ping");
+  }
+  /**
+   * Fetch models
+   */
+  async fetchModels() {
+    return this.sendApiRequest(
+      "GET",
+      "/v1/models",
+      void 0,
+      void 0,
+      true
+    );
+  }
+  /**
+   * Get backend server state
+   * Calls /bodhi/v1/info and returns structured server state
+   */
+  async getServerState() {
+    const result = await this.sendApiRequest("GET", "/bodhi/v1/info");
+    if (isApiResultOperationError(result)) {
+      return BACKEND_SERVER_NOT_REACHABLE;
+    }
+    if (!isApiResultSuccess(result)) {
+      return BACKEND_SERVER_NOT_REACHABLE;
+    }
+    const body = result.body;
+    switch (body.status) {
+      case "ready":
+        return { status: "ready", version: body.version || "unknown" };
+      case "setup":
+        return backendServerNotReady("setup", body.version || "unknown");
+      case "resource-admin":
+        return backendServerNotReady("resource-admin", body.version || "unknown");
+      case "error":
+        return backendServerNotReady(
+          "error",
+          body.version || "unknown",
+          body.error ? { message: body.error.message, type: body.error.type } : SERVER_ERROR_CODES.SERVER_NOT_READY
+        );
+      default:
+        return BACKEND_SERVER_NOT_REACHABLE;
+    }
+  }
+  /**
+   * Generic streaming via window.bodhiext.sendStreamRequest
+   * Wraps ReadableStream as AsyncGenerator
+   */
+  async *stream(method, endpoint, body, headers, authenticated = true) {
+    this.ensureBodhiext();
+    let requestHeaders = headers || {};
+    if (authenticated) {
+      const accessToken = await this._getAccessTokenRaw();
+      if (!accessToken) {
+        throw new Error("Not authenticated. Please log in first.");
+      }
+      requestHeaders = {
+        ...requestHeaders,
+        Authorization: `Bearer ${accessToken}`
+      };
+    }
+    const stream = this.bodhiext.sendStreamRequest(method, endpoint, body, requestHeaders);
+    const reader = stream.getReader();
+    try {
+      while (true) {
+        const { value, done } = await reader.read();
+        if (done || (value == null ? void 0 : value.done)) {
+          break;
+        }
+        yield value.body;
+      }
+    } catch (err) {
+      if (err instanceof Error) {
+        if ("response" in err) {
+          const apiErr = err;
+          throw createApiError(err.message, apiErr.response.status, apiErr.response.body);
+        }
+        if ("error" in err) {
+          throw createOperationError(err.message, "extension_error");
+        }
+        throw createOperationError(err.message, "extension_error");
+      }
+      throw err;
+    } finally {
+      reader.releaseLock();
+    }
+  }
+  /**
+   * Chat streaming
+   */
+  async *streamChat(model, prompt, authenticated = true) {
+    yield* this.stream(
+      "POST",
+      "/v1/chat/completions",
+      {
+        model,
+        messages: [{ role: "user", content: prompt }],
+        stream: true
+      },
+      void 0,
+      authenticated
+    );
+  }
+  /**
+   * Serialize web extension client state (all transient, nothing to persist)
+   */
+  serialize() {
+    return {
+      extensionId: this.state.type === "extension" && this.state.extension === "ready" ? this.state.extensionId : void 0
+    };
+  }
+  /**
+   * Debug dump of WindowBodhiextClient internal state
+   */
+  async debug() {
+    return {
+      type: "WindowBodhiextClient",
+      state: this.state,
+      authState: await this.getAuthState(),
+      bodhiextAvailable: this.bodhiext !== null,
+      authClientId: this.authClientId,
+      authServerUrl: this.config.authServerUrl,
+      redirectUri: this.config.redirectUri,
+      userScope: this.config.userScope
+    };
+  }
+}
+class WebUIClient extends BaseFacadeClient {
+  constructor(authClientId, config, onStateChange, storagePrefix) {
+    const normalizedConfig = {
+      redirectUri: config.redirectUri,
+      authServerUrl: config.authServerUrl || "https://id.getbodhi.app/realms/bodhi",
+      userScope: config.userScope || "scope_user_user",
+      logLevel: config.logLevel || "warn",
+      initParams: config.initParams
+    };
+    super(authClientId, normalizedConfig, onStateChange, storagePrefix);
+  }
+  createLogger(config) {
+    return new Logger("WebUIClient", config.logLevel);
+  }
+  createExtClient(config, onStateChange) {
+    return new WindowBodhiextClient(this.authClientId, config, onStateChange);
+  }
+  createDirectClient(authClientId, config, onStateChange) {
+    return new DirectWebClient(
+      {
+        authClientId,
+        authServerUrl: config.authServerUrl,
+        redirectUri: config.redirectUri,
+        userScope: config.userScope,
+        logLevel: config.logLevel,
+        storagePrefix: STORAGE_PREFIXES.WEB
+      },
+      onStateChange
+    );
+  }
+  // ============================================================================
+  // Web-specific OAuth Callback
+  // ============================================================================
+  async handleOAuthCallback(code, state) {
+    if (this.connectionMode === "direct") {
+      return this.directClient.handleOAuthCallback(code, state);
+    }
+    return this.extClient.handleOAuthCallback(code, state);
+  }
+}
+export {
+  WebUIClient
+};
+//# sourceMappingURL=bodhi-web.esm.js.map