@civic/auth 0.0.1--.tsc.alpha.1

package/dist/cjs/src/shared/AuthProvider.js

@@ -0,0 +1,276 @@
+"use strict";
+"use client";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthProvider = void 0;
+const react_1 = __importStar(require("react"));
+const react_query_1 = require("@tanstack/react-query");
+const CivicAuthIframeContainer_jsx_1 = require("@/shared/components/CivicAuthIframeContainer.jsx");
+const TokenProvider_js_1 = require("../shared/providers/TokenProvider.js");
+const SessionProvider_js_1 = require("../shared/providers/SessionProvider.js");
+const constants_js_1 = require("../constants.js");
+const config_js_1 = require("../config.js");
+const LoadingIcon_js_1 = require("../shared/components/LoadingIcon.js");
+const windowUtil_js_1 = require("../lib/windowUtil.js");
+const AuthContext_jsx_1 = require("@/shared/AuthContext.jsx");
+const AuthenticationService_js_1 = require("../services/AuthenticationService.js");
+const types_js_1 = require("../services/types.js");
+const PKCE_js_1 = require("../services/PKCE.js");
+const oauth_js_1 = require("../lib/oauth.js");
+const storage_js_1 = require("../browser/storage.js");
+const ConfigProvider_jsx_1 = require("@/shared/providers/ConfigProvider.jsx");
+const session_js_1 = require("./session.js");
+const UserSession_js_1 = require("./UserSession.js");
+const IframeProvider_js_1 = require("../shared/providers/IframeProvider.js");
+// Global this object setup
+let globalThisObject;
+if (typeof window !== "undefined") {
+    globalThisObject = window;
+}
+else if (typeof global !== "undefined") {
+    globalThisObject = global;
+}
+else {
+    globalThisObject = Function("return this")();
+}
+globalThisObject.globalThis = globalThisObject;
+function BlockDisplay({ children }) {
+    return (react_1.default.createElement("div", { className: "cac-relative cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white" },
+        react_1.default.createElement("div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white" }, children)));
+}
+const AuthProvider = ({ children, clientId, redirectUrl: inputRedirectUrl, config = config_js_1.authConfig, onSignIn, onSignOut, pkceConsumer, nonce, modalIframe = true, sessionData: inputSessionData, }) => {
+    const [iframeUrl, setIframeUrl] = (0, react_1.useState)(null);
+    const [currentUrl, setCurrentUrl] = (0, react_1.useState)(null);
+    const [isInIframe, setIsInIframe] = (0, react_1.useState)(false);
+    const [authResponseUrl, setAuthResponseUrl] = (0, react_1.useState)(null);
+    const [tokenExchangeError, setTokenExchangeError] = (0, react_1.useState)();
+    const [displayMode, setDisplayMode] = (0, react_1.useState)("iframe");
+    const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] = (0, react_1.useState)();
+    const [showIFrame, setShowIFrame] = (0, react_1.useState)(false);
+    const [isRedirecting, setIsRedirecting] = (0, react_1.useState)(false);
+    const queryClient = (0, react_query_1.useQueryClient)();
+    const iframeRef = (0, react_1.useRef)(null);
+    // TODO maybe we want to support or derive serverTokenExchange another way?
+    const serverTokenExchange = pkceConsumer instanceof PKCE_js_1.ConfidentialClientPKCEConsumer;
+    // check if the current window is in an iframe with the iframe id, and set an isInIframe state
+    (0, react_1.useEffect)(() => {
+        if (typeof globalThis.window !== "undefined") {
+            setCurrentUrl(globalThis.window.location.href);
+            const isInIframeVal = (0, windowUtil_js_1.isWindowInIframe)(globalThis.window);
+            setIsInIframe(isInIframeVal);
+        }
+    }, []);
+    const redirectUrl = (0, react_1.useMemo)(() => (inputRedirectUrl || currentUrl || "").split("?")[0], [currentUrl, inputRedirectUrl]);
+    const [authService, setAuthService] = (0, react_1.useState)();
+    (0, react_1.useEffect)(() => {
+        if (!currentUrl || !redirectUrl)
+            return;
+        AuthenticationService_js_1.BrowserAuthenticationService.build({
+            clientId,
+            redirectUrl,
+            oauthServer: config.oauthServer,
+            scopes: constants_js_1.DEFAULT_SCOPES,
+            displayMode,
+        }).then(setAuthService);
+    }, [currentUrl, clientId, redirectUrl, config, displayMode]);
+    const { data: session, isLoading, error, } = (0, react_query_1.useQuery)({
+        queryKey: [
+            "session",
+            authResponseUrl,
+            iframeUrl,
+            currentUrl,
+            isInIframe,
+            authService,
+        ],
+        queryFn: async () => {
+            if (!authService) {
+                return { authenticated: false };
+            }
+            if (inputSessionData) {
+                return inputSessionData;
+            }
+            const url = new URL(authResponseUrl
+                ? authResponseUrl
+                : globalThis.window.location.href || "");
+            // if we have existing tokens, then validate them and return the session data
+            // otherwise check if we have a code in the url and exchange it for tokens
+            // if we have neither, return undefined
+            const existingSessionData = await authService.validateExistingSession();
+            if (existingSessionData.authenticated) {
+                return existingSessionData;
+            }
+            const code = url.searchParams.get("code");
+            const state = url.searchParams.get("state");
+            if (!serverTokenExchange && code && state && !isInIframe) {
+                try {
+                    console.log("AuthProvider useQuery code", {
+                        isInIframe,
+                        code,
+                        state,
+                    });
+                    await authService.tokenExchange(code, state);
+                    const clientStorage = new storage_js_1.LocalStorageAdapter();
+                    const user = await (0, session_js_1.getUser)(clientStorage);
+                    if (!user) {
+                        throw new Error("Failed to get user info");
+                    }
+                    const userSession = new UserSession_js_1.GenericUserSession(clientStorage);
+                    userSession.set(user);
+                    onSignIn?.(); // Call onSignIn without an error if successful
+                    return authService.getSessionData();
+                }
+                catch (error) {
+                    setTokenExchangeError(error);
+                    onSignIn?.(error instanceof Error ? error : new Error("Failed to sign in")); // Pass the error to onSignIn
+                    return { authenticated: false };
+                }
+            }
+            return existingSessionData;
+        },
+    });
+    const signOutMutation = (0, react_query_1.useMutation)({
+        mutationFn: async () => {
+            // Implement signOut logic here
+            const authInitiator = getAuthInitiator();
+            authInitiator?.signOut();
+            setIframeUrl(null);
+            setShowIFrame(false);
+            setAuthResponseUrl(null);
+            onSignOut?.();
+        },
+        onSuccess: () => {
+            queryClient.setQueryData([
+                "session",
+                authResponseUrl,
+                iframeUrl,
+                currentUrl,
+                isInIframe,
+                authService,
+            ], null);
+        },
+    });
+    const getAuthInitiator = (0, react_1.useCallback)((overrideDisplayMode) => {
+        const useDisplayMode = overrideDisplayMode || displayMode;
+        if (!pkceConsumer || !redirectUrl) {
+            return null;
+        }
+        return (browserAuthenticationInitiator ||
+            new AuthenticationService_js_1.BrowserAuthenticationInitiator({
+                pkceConsumer, // generate and retrieve the challenge client-side
+                clientId,
+                redirectUrl,
+                state: (0, oauth_js_1.generateState)(useDisplayMode, serverTokenExchange),
+                scopes: constants_js_1.DEFAULT_SCOPES,
+                displayMode: useDisplayMode,
+                oauthServer: config.oauthServer,
+                // the endpoints to use for the login (if not obtained from the auth server
+                endpointOverrides: config.endpoints,
+                nonce,
+            }));
+    }, [
+        serverTokenExchange,
+        displayMode,
+        browserAuthenticationInitiator,
+        clientId,
+        redirectUrl,
+        config.oauthServer,
+        config.endpoints,
+        pkceConsumer,
+        nonce,
+    ]);
+    const signIn = (0, react_1.useCallback)(async (overrideDisplayMode = "iframe") => {
+        setDisplayMode(overrideDisplayMode);
+        const authInitiator = getAuthInitiator(overrideDisplayMode);
+        setBrowserAuthenticationInitiator(authInitiator);
+        if (overrideDisplayMode === "iframe") {
+            setShowIFrame(true);
+        }
+        else if (overrideDisplayMode === "redirect") {
+            setIsRedirecting(true);
+        }
+        authInitiator?.signIn(iframeRef.current).catch((error) => {
+            console.log("signIn error", {
+                error,
+                isPopupError: error instanceof types_js_1.PopupError,
+            });
+            // if we've tried to open a popup and it has failed, then fallback to redirect mode
+            if (error instanceof types_js_1.PopupError) {
+                signIn("redirect");
+            }
+        });
+    }, [getAuthInitiator]);
+    // remove event listeners when the component unmounts
+    (0, react_1.useEffect)(() => {
+        return () => {
+            if (browserAuthenticationInitiator) {
+                browserAuthenticationInitiator.cleanup();
+            }
+        };
+    }, [browserAuthenticationInitiator]);
+    const isAuthenticated = (0, react_1.useMemo)(() => (session ? session.authenticated : false), [session]);
+    (0, react_query_1.useQuery)({
+        queryKey: ["autoSignIn", modalIframe, redirectUrl, isAuthenticated],
+        queryFn: async () => {
+            if (!modalIframe &&
+                redirectUrl &&
+                !isAuthenticated &&
+                iframeRef.current) {
+                signIn("iframe");
+            }
+            return true;
+        },
+        refetchOnWindowFocus: false,
+    });
+    const value = (0, react_1.useMemo)(() => ({
+        isLoading,
+        error: error,
+        signOut: async () => {
+            await signOutMutation.mutateAsync();
+        },
+        isAuthenticated,
+        signIn,
+    }), [isLoading, error, signOutMutation, isAuthenticated, signIn]);
+    if (!redirectUrl)
+        return null;
+    return (react_1.default.createElement(AuthContext_jsx_1.AuthContext.Provider, { value: value },
+        react_1.default.createElement(ConfigProvider_jsx_1.ConfigProvider, { config: config, redirectUrl: redirectUrl, modalIframe: modalIframe, serverTokenExchange: serverTokenExchange },
+            react_1.default.createElement(IframeProvider_js_1.IframeProvider, { setAuthResponseUrl: setAuthResponseUrl, iframeRef: iframeRef },
+                react_1.default.createElement(SessionProvider_js_1.SessionProvider, { session: session },
+                    react_1.default.createElement(TokenProvider_js_1.TokenProvider, null,
+                        modalIframe && !isInIframe && !session?.authenticated && (react_1.default.createElement("div", { style: showIFrame ? { display: "block" } : { display: "none" } },
+                            react_1.default.createElement(CivicAuthIframeContainer_jsx_1.CivicAuthIframeContainer, { onClose: () => setShowIFrame(false) }))),
+                        modalIframe &&
+                            (isInIframe ||
+                                isRedirecting ||
+                                (isLoading && !serverTokenExchange)) && (react_1.default.createElement(BlockDisplay, null,
+                            react_1.default.createElement(LoadingIcon_js_1.LoadingIcon, null))),
+                        (tokenExchangeError || error) && (react_1.default.createElement(BlockDisplay, null,
+                            react_1.default.createElement("div", null,
+                                "Error: ",
+                                (tokenExchangeError || error).message))),
+                        children))))));
+};
+exports.AuthProvider = AuthProvider;
+//# sourceMappingURL=AuthProvider.js.map

package/dist/cjs/src/shared/AuthProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthProvider.js","sourceRoot":"","sources":["../../../../src/shared/AuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;AACb,+CAOe;AACf,uDAA8E;AAE9E,mGAA4F;AAC5F,0EAAoE;AACpE,8EAAwE;AACxE,iDAAgD;AAChD,2CAAyC;AACzC,uEAAiE;AACjE,uDAAuD;AACvD,8DAAuD;AACvD,kFAG6C;AAE7C,kDAAkD;AAClD,gDAAoE;AACpE,6CAA+C;AAC/C,qDAA2D;AAC3D,8EAAuE;AACvE,6CAAuC;AACvC,qDAAsD;AACtD,4EAAsE;AAEtE,2BAA2B;AAC3B,IAAI,gBAAgB,CAAC;AACrB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IAClC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IACzC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,CAAC;IACN,gBAAgB,GAAG,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;AAC/C,CAAC;AACD,gBAAgB,CAAC,UAAU,GAAG,gBAAgB,CAAC;AAe/C,SAAS,YAAY,CAAC,EAAE,QAAQ,EAA2B;IACzD,OAAO,CACL,uCAAK,SAAS,EAAC,gIAAgI;QAC7I,uCAAK,SAAS,EAAC,oFAAoF,IAChG,QAAQ,CACL,CACF,CACP,CAAC;AACJ,CAAC;AAED,MAAM,YAAY,GAAG,CAAC,EACpB,QAAQ,EACR,QAAQ,EACR,WAAW,EAAE,gBAAgB,EAC7B,MAAM,GAAG,sBAAU,EACnB,QAAQ,EACR,SAAS,EACT,YAAY,EACZ,KAAK,EACL,WAAW,GAAG,IAAI,EAClB,WAAW,EAAE,gBAAgB,GACX,EAAE,EAAE;IACtB,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IAChE,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IAClE,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IACpD,MAAM,CAAC,eAAe,EAAE,kBAAkB,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IAC5E,MAAM,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,GAAG,IAAA,gBAAQ,GAAS,CAAC;IACtE,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAc,QAAQ,CAAC,CAAC;IACtE,MAAM,CAAC,8BAA8B,EAAE,iCAAiC,CAAC,GACvE,IAAA,gBAAQ,GAAyC,CAAC;IACpD,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IACpD,MAAM,CAAC,aAAa,EAAE,gBAAgB,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IAC1D,MAAM,WAAW,GAAG,IAAA,4BAAc,GAAE,CAAC;IACrC,MAAM,SAAS,GAAG,IAAA,cAAM,EAAoB,IAAI,CAAC,CAAC;IAElD,2EAA2E;IAC3E,MAAM,mBAAmB,GACvB,YAAY,YAAY,wCAA8B,CAAC;IACzD,8FAA8F;IAC9F,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,aAAa,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC/C,MAAM,aAAa,GAAG,IAAA,gCAAgB,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC1D,aAAa,CAAC,aAAa,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,WAAW,GAAG,IAAA,eAAO,EACzB,GAAG,EAAE,CAAC,CAAC,gBAAgB,IAAI,UAAU,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAC1D,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAC/B,CAAC;IAEF,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,GAA0B,CAAC;IAEzE,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW;YAAE,OAAO;QACxC,uDAA4B,CAAC,KAAK,CAAC;YACjC,QAAQ;YACR,WAAW;YACX,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,MAAM,EAAE,6BAAc;YACtB,WAAW;SACZ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1B,CAAC,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;IAE7D,MAAM,EACJ,IAAI,EAAE,OAAO,EACb,SAAS,EACT,KAAK,GACN,GAAG,IAAA,sBAAQ,EAAC;QACX,QAAQ,EAAE;YACR,SAAS;YACT,eAAe;YACf,SAAS;YACT,UAAU;YACV,UAAU;YACV,WAAW;SACZ;QACD,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;YAClC,CAAC;YACD,IAAI,gBAAgB,EAAE,CAAC;gBACrB,OAAO,gBAAgB,CAAC;YAC1B,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,GAAG,CACjB,eAAe;gBACb,CAAC,CAAC,eAAe;gBACjB,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAC1C,CAAC;YACF,6EAA6E;YAC7E,0EAA0E;YAC1E,uCAAuC;YACvC,MAAM,mBAAmB,GAAG,MAAM,WAAW,CAAC,uBAAuB,EAAE,CAAC;YACxE,IAAI,mBAAmB,CAAC,aAAa,EAAE,CAAC;gBACtC,OAAO,mBAAmB,CAAC;YAC7B,CAAC;YACD,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,CAAC,mBAAmB,IAAI,IAAI,IAAI,KAAK,IAAI,CAAC,UAAU,EAAE,CAAC;gBACzD,IAAI,CAAC;oBACH,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE;wBACxC,UAAU;wBACV,IAAI;wBACJ,KAAK;qBACN,CAAC,CAAC;oBACH,MAAM,WAAW,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;oBAC7C,MAAM,aAAa,GAAG,IAAI,gCAAmB,EAAE,CAAC;oBAChD,MAAM,IAAI,GAAG,MAAM,IAAA,oBAAO,EAAC,aAAa,CAAC,CAAC;oBAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;wBACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;oBAC7C,CAAC;oBAED,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,aAAa,CAAC,CAAC;oBAC1D,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAEtB,QAAQ,EAAE,EAAE,CAAC,CAAC,+CAA+C;oBAC7D,OAAO,WAAW,CAAC,cAAc,EAAE,CAAC;gBACtC,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,qBAAqB,CAAC,KAAc,CAAC,CAAC;oBACtC,QAAQ,EAAE,CACR,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAChE,CAAC,CAAC,6BAA6B;oBAChC,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;gBAClC,CAAC;YACH,CAAC;YAED,OAAO,mBAAmB,CAAC;QAC7B,CAAC;KACF,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,IAAA,yBAAW,EAAC;QAClC,UAAU,EAAE,KAAK,IAAI,EAAE;YACrB,+BAA+B;YAC/B,MAAM,aAAa,GAAG,gBAAgB,EAAE,CAAC;YACzC,aAAa,EAAE,OAAO,EAAE,CAAC;YACzB,YAAY,CAAC,IAAI,CAAC,CAAC;YACnB,aAAa,CAAC,KAAK,CAAC,CAAC;YACrB,kBAAkB,CAAC,IAAI,CAAC,CAAC;YACzB,SAAS,EAAE,EAAE,CAAC;QAChB,CAAC;QACD,SAAS,EAAE,GAAG,EAAE;YACd,WAAW,CAAC,YAAY,CACtB;gBACE,SAAS;gBACT,eAAe;gBACf,SAAS;gBACT,UAAU;gBACV,UAAU;gBACV,WAAW;aACZ,EACD,IAAI,CACL,CAAC;QACJ,CAAC;KACF,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,IAAA,mBAAW,EAClC,CAAC,mBAAiC,EAAE,EAAE;QACpC,MAAM,cAAc,GAAG,mBAAmB,IAAI,WAAW,CAAC;QAC1D,IAAI,CAAC,YAAY,IAAI,CAAC,WAAW,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,CACL,8BAA8B;YAC9B,IAAI,yDAA8B,CAAC;gBACjC,YAAY,EAAE,kDAAkD;gBAChE,QAAQ;gBACR,WAAW;gBACX,KAAK,EAAE,IAAA,wBAAa,EAAC,cAAc,EAAE,mBAAmB,CAAC;gBACzD,MAAM,EAAE,6BAAc;gBACtB,WAAW,EAAE,cAAc;gBAC3B,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,2EAA2E;gBAC3E,iBAAiB,EAAE,MAAM,CAAC,SAAS;gBACnC,KAAK;aACN,CAAC,CACH,CAAC;IACJ,CAAC,EACD;QACE,mBAAmB;QACnB,WAAW;QACX,8BAA8B;QAC9B,QAAQ;QACR,WAAW;QACX,MAAM,CAAC,WAAW;QAClB,MAAM,CAAC,SAAS;QAChB,YAAY;QACZ,KAAK;KACN,CACF,CAAC;IAEF,MAAM,MAAM,GAAG,IAAA,mBAAW,EACxB,KAAK,EAAE,sBAAmC,QAAQ,EAAE,EAAE;QACpD,cAAc,CAAC,mBAAmB,CAAC,CAAC;QACpC,MAAM,aAAa,GAAG,gBAAgB,CAAC,mBAAmB,CAAC,CAAC;QAC5D,iCAAiC,CAAC,aAAa,CAAC,CAAC;QACjD,IAAI,mBAAmB,KAAK,QAAQ,EAAE,CAAC;YACrC,aAAa,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;aAAM,IAAI,mBAAmB,KAAK,UAAU,EAAE,CAAC;YAC9C,gBAAgB,CAAC,IAAI,CAAC,CAAC;QACzB,CAAC;QACD,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACvD,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE;gBAC1B,KAAK;gBACL,YAAY,EAAE,KAAK,YAAY,qBAAU;aAC1C,CAAC,CAAC;YACH,mFAAmF;YACnF,IAAI,KAAK,YAAY,qBAAU,EAAE,CAAC;gBAChC,MAAM,CAAC,UAAU,CAAC,CAAC;YACrB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EACD,CAAC,gBAAgB,CAAC,CACnB,CAAC;IAEF,qDAAqD;IACrD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,8BAA8B,EAAE,CAAC;gBACnC,8BAA8B,CAAC,OAAO,EAAE,CAAC;YAC3C,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,8BAA8B,CAAC,CAAC,CAAC;IAErC,MAAM,eAAe,GAAG,IAAA,eAAO,EAC7B,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,EAC/C,CAAC,OAAO,CAAC,CACV,CAAC;IAEF,IAAA,sBAAQ,EAAC;QACP,QAAQ,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,eAAe,CAAC;QACnE,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,IACE,CAAC,WAAW;gBACZ,WAAW;gBACX,CAAC,eAAe;gBAChB,SAAS,CAAC,OAAO,EACjB,CAAC;gBACD,MAAM,CAAC,QAAQ,CAAC,CAAC;YACnB,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,oBAAoB,EAAE,KAAK;KAC5B,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CAAC,CAAC;QACL,SAAS;QACT,KAAK,EAAE,KAAqB;QAC5B,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,MAAM,eAAe,CAAC,WAAW,EAAE,CAAC;QACtC,CAAC;QACD,eAAe;QACf,MAAM;KACP,CAAC,EACF,CAAC,SAAS,EAAE,KAAK,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,CAAC,CAC7D,CAAC;IAEF,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE9B,OAAO,CACL,8BAAC,6BAAW,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK;QAChC,8BAAC,mCAAc,IACb,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,WAAW,EAAE,WAAW,EACxB,mBAAmB,EAAE,mBAAmB;YAExC,8BAAC,kCAAc,IACb,kBAAkB,EAAE,kBAAkB,EACtC,SAAS,EAAE,SAAS;gBAEpB,8BAAC,oCAAe,IAAC,OAAO,EAAE,OAAO;oBAC/B,8BAAC,gCAAa;wBACX,WAAW,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO,EAAE,aAAa,IAAI,CACxD,uCACE,KAAK,EACH,UAAU,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE;4BAGzD,8BAAC,uDAAwB,IACvB,OAAO,EAAE,GAAG,EAAE,CAAC,aAAa,CAAC,KAAK,CAAC,GACnC,CACE,CACP;wBAEA,WAAW;4BACV,CAAC,UAAU;gCACT,aAAa;gCACb,CAAC,SAAS,IAAI,CAAC,mBAAmB,CAAC,CAAC,IAAI,CACxC,8BAAC,YAAY;4BACX,8BAAC,4BAAW,OAAG,CACF,CAChB;wBAEF,CAAC,kBAAkB,IAAI,KAAK,CAAC,IAAI,CAChC,8BAAC,YAAY;4BACX;;gCACU,CAAC,kBAAkB,IAAK,KAAe,CAAC,CAAC,OAAO,CACpD,CACO,CAChB;wBACA,QAAQ,CACK,CACA,CACH,CACF,CACI,CACxB,CAAC;AACJ,CAAC,CAAC;AAEO,oCAAY","sourcesContent":["\"use client\";\nimport React, {\n  type ReactNode,\n  useCallback,\n  useEffect,\n  useMemo,\n  useRef,\n  useState,\n} from \"react\";\nimport { useMutation, useQuery, useQueryClient } from \"@tanstack/react-query\";\nimport type { Config, DisplayMode, SessionData } from \"@/types.js\";\nimport { CivicAuthIframeContainer } from \"@/shared/components/CivicAuthIframeContainer.jsx\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider.js\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider.js\";\nimport { DEFAULT_SCOPES } from \"@/constants.js\";\nimport { authConfig } from \"@/config.js\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\nimport { isWindowInIframe } from \"@/lib/windowUtil.js\";\nimport { AuthContext } from \"@/shared/AuthContext.jsx\";\nimport {\n  BrowserAuthenticationInitiator,\n  BrowserAuthenticationService,\n} from \"@/services/AuthenticationService.js\";\nimport type { AuthenticationResolver, PKCEConsumer } from \"@/services/types.js\";\nimport { PopupError } from  \"@/services/types.js\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { generateState } from \"@/lib/oauth.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { ConfigProvider } from \"@/shared/providers/ConfigProvider.jsx\";\nimport { getUser } from \"./session.js\";\nimport { GenericUserSession } from \"./UserSession.js\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider.js\";\n\n// Global this object setup\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n  globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n  globalThisObject = global;\n} else {\n  globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nexport type AuthProviderProps = {\n  children: ReactNode;\n  clientId: string;\n  redirectUrl?: string;\n  nonce?: string;\n  config?: Config;\n  onSignIn?: (error?: Error) => void;\n  onSignOut?: () => Promise<void>;\n  pkceConsumer?: PKCEConsumer;\n  modalIframe?: boolean;\n  sessionData?: SessionData;\n};\n\nfunction BlockDisplay({ children }: { children: ReactNode }) {\n  return (\n    <div className=\"cac-relative cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white\">\n      <div className=\"cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white\">\n        {children}\n      </div>\n    </div>\n  );\n}\n\nconst AuthProvider = ({\n  children,\n  clientId,\n  redirectUrl: inputRedirectUrl,\n  config = authConfig,\n  onSignIn,\n  onSignOut,\n  pkceConsumer,\n  nonce,\n  modalIframe = true,\n  sessionData: inputSessionData,\n}: AuthProviderProps) => {\n  const [iframeUrl, setIframeUrl] = useState<string | null>(null);\n  const [currentUrl, setCurrentUrl] = useState<string | null>(null);\n  const [isInIframe, setIsInIframe] = useState(false);\n  const [authResponseUrl, setAuthResponseUrl] = useState<string | null>(null);\n  const [tokenExchangeError, setTokenExchangeError] = useState<Error>();\n  const [displayMode, setDisplayMode] = useState<DisplayMode>(\"iframe\");\n  const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] =\n    useState<BrowserAuthenticationInitiator | null>();\n  const [showIFrame, setShowIFrame] = useState(false);\n  const [isRedirecting, setIsRedirecting] = useState(false);\n  const queryClient = useQueryClient();\n  const iframeRef = useRef<HTMLIFrameElement>(null);\n\n  // TODO maybe we want to support or derive serverTokenExchange another way?\n  const serverTokenExchange =\n    pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n  // check if the current window is in an iframe with the iframe id, and set an isInIframe state\n  useEffect(() => {\n    if (typeof globalThis.window !== \"undefined\") {\n      setCurrentUrl(globalThis.window.location.href);\n      const isInIframeVal = isWindowInIframe(globalThis.window);\n      setIsInIframe(isInIframeVal);\n    }\n  }, []);\n\n  const redirectUrl = useMemo(\n    () => (inputRedirectUrl || currentUrl || \"\").split(\"?\")[0],\n    [currentUrl, inputRedirectUrl],\n  );\n\n  const [authService, setAuthService] = useState<AuthenticationResolver>();\n\n  useEffect(() => {\n    if (!currentUrl || !redirectUrl) return;\n    BrowserAuthenticationService.build({\n      clientId,\n      redirectUrl,\n      oauthServer: config.oauthServer,\n      scopes: DEFAULT_SCOPES,\n      displayMode,\n    }).then(setAuthService);\n  }, [currentUrl, clientId, redirectUrl, config, displayMode]);\n\n  const {\n    data: session,\n    isLoading,\n    error,\n  } = useQuery({\n    queryKey: [\n      \"session\",\n      authResponseUrl,\n      iframeUrl,\n      currentUrl,\n      isInIframe,\n      authService,\n    ],\n    queryFn: async () => {\n      if (!authService) {\n        return { authenticated: false };\n      }\n      if (inputSessionData) {\n        return inputSessionData;\n      }\n      const url = new URL(\n        authResponseUrl\n          ? authResponseUrl\n          : globalThis.window.location.href || \"\",\n      );\n      // if we have existing tokens, then validate them and return the session data\n      // otherwise check if we have a code in the url and exchange it for tokens\n      // if we have neither, return undefined\n      const existingSessionData = await authService.validateExistingSession();\n      if (existingSessionData.authenticated) {\n        return existingSessionData;\n      }\n      const code = url.searchParams.get(\"code\");\n      const state = url.searchParams.get(\"state\");\n      if (!serverTokenExchange && code && state && !isInIframe) {\n        try {\n          console.log(\"AuthProvider useQuery code\", {\n            isInIframe,\n            code,\n            state,\n          });\n          await authService.tokenExchange(code, state);\n          const clientStorage = new LocalStorageAdapter();\n          const user = await getUser(clientStorage);\n          if (!user) {\n            throw new Error(\"Failed to get user info\");\n          }\n\n          const userSession = new GenericUserSession(clientStorage);\n          userSession.set(user);\n\n          onSignIn?.(); // Call onSignIn without an error if successful\n          return authService.getSessionData();\n        } catch (error) {\n          setTokenExchangeError(error as Error);\n          onSignIn?.(\n            error instanceof Error ? error : new Error(\"Failed to sign in\"),\n          ); // Pass the error to onSignIn\n          return { authenticated: false };\n        }\n      }\n\n      return existingSessionData;\n    },\n  });\n\n  const signOutMutation = useMutation({\n    mutationFn: async () => {\n      // Implement signOut logic here\n      const authInitiator = getAuthInitiator();\n      authInitiator?.signOut();\n      setIframeUrl(null);\n      setShowIFrame(false);\n      setAuthResponseUrl(null);\n      onSignOut?.();\n    },\n    onSuccess: () => {\n      queryClient.setQueryData(\n        [\n          \"session\",\n          authResponseUrl,\n          iframeUrl,\n          currentUrl,\n          isInIframe,\n          authService,\n        ],\n        null,\n      );\n    },\n  });\n\n  const getAuthInitiator = useCallback(\n    (overrideDisplayMode?: DisplayMode) => {\n      const useDisplayMode = overrideDisplayMode || displayMode;\n      if (!pkceConsumer || !redirectUrl) {\n        return null;\n      }\n      return (\n        browserAuthenticationInitiator ||\n        new BrowserAuthenticationInitiator({\n          pkceConsumer, // generate and retrieve the challenge client-side\n          clientId,\n          redirectUrl,\n          state: generateState(useDisplayMode, serverTokenExchange),\n          scopes: DEFAULT_SCOPES,\n          displayMode: useDisplayMode,\n          oauthServer: config.oauthServer,\n          // the endpoints to use for the login (if not obtained from the auth server\n          endpointOverrides: config.endpoints,\n          nonce,\n        })\n      );\n    },\n    [\n      serverTokenExchange,\n      displayMode,\n      browserAuthenticationInitiator,\n      clientId,\n      redirectUrl,\n      config.oauthServer,\n      config.endpoints,\n      pkceConsumer,\n      nonce,\n    ],\n  );\n\n  const signIn = useCallback(\n    async (overrideDisplayMode: DisplayMode = \"iframe\") => {\n      setDisplayMode(overrideDisplayMode);\n      const authInitiator = getAuthInitiator(overrideDisplayMode);\n      setBrowserAuthenticationInitiator(authInitiator);\n      if (overrideDisplayMode === \"iframe\") {\n        setShowIFrame(true);\n      } else if (overrideDisplayMode === \"redirect\") {\n        setIsRedirecting(true);\n      }\n      authInitiator?.signIn(iframeRef.current).catch((error) => {\n        console.log(\"signIn error\", {\n          error,\n          isPopupError: error instanceof PopupError,\n        });\n        // if we've tried to open a popup and it has failed, then fallback to redirect mode\n        if (error instanceof PopupError) {\n          signIn(\"redirect\");\n        }\n      });\n    },\n    [getAuthInitiator],\n  );\n\n  // remove event listeners when the component unmounts\n  useEffect(() => {\n    return () => {\n      if (browserAuthenticationInitiator) {\n        browserAuthenticationInitiator.cleanup();\n      }\n    };\n  }, [browserAuthenticationInitiator]);\n\n  const isAuthenticated = useMemo(\n    () => (session ? session.authenticated : false),\n    [session],\n  );\n\n  useQuery({\n    queryKey: [\"autoSignIn\", modalIframe, redirectUrl, isAuthenticated],\n    queryFn: async () => {\n      if (\n        !modalIframe &&\n        redirectUrl &&\n        !isAuthenticated &&\n        iframeRef.current\n      ) {\n        signIn(\"iframe\");\n      }\n      return true;\n    },\n    refetchOnWindowFocus: false,\n  });\n\n  const value = useMemo(\n    () => ({\n      isLoading,\n      error: error as Error | null,\n      signOut: async () => {\n        await signOutMutation.mutateAsync();\n      },\n      isAuthenticated,\n      signIn,\n    }),\n    [isLoading, error, signOutMutation, isAuthenticated, signIn],\n  );\n\n  if (!redirectUrl) return null;\n\n  return (\n    <AuthContext.Provider value={value}>\n      <ConfigProvider\n        config={config}\n        redirectUrl={redirectUrl}\n        modalIframe={modalIframe}\n        serverTokenExchange={serverTokenExchange}\n      >\n        <IframeProvider\n          setAuthResponseUrl={setAuthResponseUrl}\n          iframeRef={iframeRef}\n        >\n          <SessionProvider session={session}>\n            <TokenProvider>\n              {modalIframe && !isInIframe && !session?.authenticated && (\n                <div\n                  style={\n                    showIFrame ? { display: \"block\" } : { display: \"none\" }\n                  }\n                >\n                  <CivicAuthIframeContainer\n                    onClose={() => setShowIFrame(false)}\n                  />\n                </div>\n              )}\n\n              {modalIframe &&\n                (isInIframe ||\n                  isRedirecting ||\n                  (isLoading && !serverTokenExchange)) && (\n                  <BlockDisplay>\n                    <LoadingIcon />\n                  </BlockDisplay>\n                )}\n\n              {(tokenExchangeError || error) && (\n                <BlockDisplay>\n                  <div>\n                    Error: {(tokenExchangeError || (error as Error)).message}\n                  </div>\n                </BlockDisplay>\n              )}\n              {children}\n            </TokenProvider>\n          </SessionProvider>\n        </IframeProvider>\n      </ConfigProvider>\n    </AuthContext.Provider>\n  );\n};\n\nexport { AuthProvider };\n"]}

package/dist/cjs/src/shared/CivicAuthProvider.d.ts

@@ -0,0 +1,7 @@
+import React from "react";
+import { type AuthProviderProps } from "../shared/AuthProvider.js";
+import "@civic/auth/styles.css";
+type CivicAuthProviderProps = Omit<AuthProviderProps, "pkceConsumer">;
+declare const CivicAuthProvider: ({ children, ...props }: CivicAuthProviderProps) => React.JSX.Element;
+export { CivicAuthProvider, type CivicAuthProviderProps };
+//# sourceMappingURL=CivicAuthProvider.d.ts.map

package/dist/cjs/src/shared/CivicAuthProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CivicAuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/CivicAuthProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAgB,KAAK,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAOhF,OAAO,wBAAwB,CAAC;AAIhC,KAAK,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC;AAEtE,QAAA,MAAM,iBAAiB,2BAA4B,sBAAsB,sBAaxE,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,KAAK,sBAAsB,EAAE,CAAC"}

package/dist/cjs/src/shared/CivicAuthProvider.js

@@ -0,0 +1,23 @@
+"use strict";
+"use client";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CivicAuthProvider = void 0;
+const react_1 = __importDefault(require("react"));
+const AuthProvider_js_1 = require("../shared/AuthProvider.js");
+const react_query_1 = require("@tanstack/react-query");
+const PKCE_js_1 = require("../services/PKCE.js");
+const UserProvider_js_1 = require("./UserProvider.js");
+const storage_js_1 = require("../browser/storage.js");
+// adding the styles import here to be added to the bundle
+require("@civic/auth/styles.css");
+const queryClient = new react_query_1.QueryClient();
+const CivicAuthProvider = ({ children, ...props }) => {
+    return (react_1.default.createElement(react_query_1.QueryClientProvider, { client: queryClient },
+        react_1.default.createElement(AuthProvider_js_1.AuthProvider, { ...props, pkceConsumer: new PKCE_js_1.BrowserPublicClientPKCEProducer() },
+            react_1.default.createElement(UserProvider_js_1.UserProvider, { storage: new storage_js_1.LocalStorageAdapter() }, children))));
+};
+exports.CivicAuthProvider = CivicAuthProvider;
+//# sourceMappingURL=CivicAuthProvider.js.map

package/dist/cjs/src/shared/CivicAuthProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CivicAuthProvider.js","sourceRoot":"","sources":["../../../../src/shared/CivicAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;AACb,kDAA0B;AAC1B,8DAAgF;AAChF,uDAAyE;AACzE,gDAAqE;AACrE,uDAAiD;AACjD,qDAA2D;AAE3D,0DAA0D;AAC1D,kCAAgC;AAEhC,MAAM,WAAW,GAAG,IAAI,yBAAW,EAAE,CAAC;AAItC,MAAM,iBAAiB,GAAG,CAAC,EAAE,QAAQ,EAAE,GAAG,KAAK,EAA0B,EAAE,EAAE;IAC3E,OAAO,CACL,8BAAC,iCAAmB,IAAC,MAAM,EAAE,WAAW;QACtC,8BAAC,8BAAY,OACP,KAAK,EACT,YAAY,EAAE,IAAI,yCAA+B,EAAE;YAEnD,8BAAC,8BAAY,IAAC,OAAO,EAAE,IAAI,gCAAmB,EAAE,IAC7C,QAAQ,CACI,CACF,CACK,CACvB,CAAC;AACJ,CAAC,CAAC;AAEO,8CAAiB","sourcesContent":["\"use client\";\nimport React from \"react\";\nimport { AuthProvider, type AuthProviderProps } from \"@/shared/AuthProvider.js\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { UserProvider } from \"./UserProvider.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\n\n// adding the styles import here to be added to the bundle\nimport \"@civic/auth/styles.css\";\n\nconst queryClient = new QueryClient();\n\ntype CivicAuthProviderProps = Omit<AuthProviderProps, \"pkceConsumer\">;\n\nconst CivicAuthProvider = ({ children, ...props }: CivicAuthProviderProps) => {\n  return (\n    <QueryClientProvider client={queryClient}>\n      <AuthProvider\n        {...props}\n        pkceConsumer={new BrowserPublicClientPKCEProducer()}\n      >\n        <UserProvider storage={new LocalStorageAdapter()}>\n          {children}\n        </UserProvider>\n      </AuthProvider>\n    </QueryClientProvider>\n  );\n};\n\nexport { CivicAuthProvider, type CivicAuthProviderProps };\n"]}

package/dist/cjs/src/shared/GenericAuthenticationRefresher.d.ts

@@ -0,0 +1,15 @@
+import type { AuthenticationRefresher } from "../services/types.js";
+import type { AuthStorage, Endpoints, OIDCTokenResponseBody } from "../types.js";
+import type { AuthConfig } from "../server/config.js";
+export declare class GenericAuthenticationRefresher implements AuthenticationRefresher {
+    private authConfig;
+    private storage;
+    private endpointOverrides?;
+    private oauth2client;
+    private endpoints;
+    private constructor();
+    init(): Promise<this>;
+    static build(authConfig: AuthConfig, storage: AuthStorage, endpointOverrides?: Partial<Endpoints>): Promise<GenericAuthenticationRefresher>;
+    refreshTokens(): Promise<OIDCTokenResponseBody>;
+}
+//# sourceMappingURL=GenericAuthenticationRefresher.d.ts.map

package/dist/cjs/src/shared/GenericAuthenticationRefresher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GenericAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../../src/shared/GenericAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAMhF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD,qBAAa,8BAA+B,YAAW,uBAAuB;IAK1E,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,iBAAiB,CAAC;IAN5B,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;IAEzC,OAAO;IAWD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAkBd,KAAK,CAChB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GACrC,OAAO,CAAC,8BAA8B,CAAC;IAWpC,aAAa;CAgBpB"}

package/dist/cjs/src/shared/GenericAuthenticationRefresher.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GenericAuthenticationRefresher = void 0;
+const util_js_1 = require("../shared/util.js");
+const oauth2_1 = require("oslo/oauth2");
+class GenericAuthenticationRefresher {
+    authConfig;
+    storage;
+    endpointOverrides;
+    oauth2client;
+    endpoints;
+    constructor(authConfig, storage, endpointOverrides) {
+        this.authConfig = authConfig;
+        this.storage = storage;
+        this.endpointOverrides = endpointOverrides;
+        console.log("GenericAuthenticationRefresher constructor", {
+            authConfig,
+            endpointOverrides,
+        });
+    }
+    async init() {
+        // resolve oauth config
+        this.endpoints = await (0, util_js_1.getEndpointsWithOverrides)(this.authConfig.oauthServer, this.endpointOverrides);
+        this.oauth2client = new oauth2_1.OAuth2Client(this.authConfig.clientId, this.endpoints.auth, this.endpoints.token, {
+            redirectURI: this.authConfig.redirectUrl,
+        });
+        return this;
+    }
+    static async build(authConfig, storage, endpointOverrides) {
+        const refresher = new GenericAuthenticationRefresher(authConfig, storage, endpointOverrides);
+        await refresher.init();
+        return refresher;
+    }
+    async refreshTokens() {
+        if (!this.oauth2client)
+            await this.init();
+        const tokens = (0, util_js_1.retrieveTokens)(this.storage);
+        if (!tokens?.refresh_token)
+            throw new Error("No refresh token available");
+        const oauth2Client = this.oauth2client;
+        const refreshedTokens = await oauth2Client.refreshAccessToken(tokens.refresh_token);
+        (0, util_js_1.storeTokens)(this.storage, refreshedTokens);
+        return tokens;
+    }
+}
+exports.GenericAuthenticationRefresher = GenericAuthenticationRefresher;
+//# sourceMappingURL=GenericAuthenticationRefresher.js.map

package/dist/cjs/src/shared/GenericAuthenticationRefresher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"GenericAuthenticationRefresher.js","sourceRoot":"","sources":["../../../../src/shared/GenericAuthenticationRefresher.ts"],"names":[],"mappings":";;;AAEA,8CAI0B;AAE1B,wCAA2C;AAE3C,MAAa,8BAA8B;IAK/B;IACA;IACA;IANF,YAAY,CAA2B;IACvC,SAAS,CAAwB;IAEzC,YACU,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAFtC,eAAU,GAAV,UAAU,CAAY;QACtB,YAAO,GAAP,OAAO,CAAa;QACpB,sBAAiB,GAAjB,iBAAiB,CAAqB;QAE9C,OAAO,CAAC,GAAG,CAAC,4CAA4C,EAAE;YACxD,UAAU;YACV,iBAAiB;SAClB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,IAAA,mCAAyB,EAC9C,IAAI,CAAC,UAAU,CAAC,WAAW,EAC3B,IAAI,CAAC,iBAAiB,CACvB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,qBAAY,CAClC,IAAI,CAAC,UAAU,CAAC,QAAQ,EACxB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW;SACzC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAEtC,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAClD,UAAU,EACV,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QAEvB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAE1C,MAAM,MAAM,GAAG,IAAA,wBAAc,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,EAAE,aAAa;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAE1E,MAAM,YAAY,GAAG,IAAI,CAAC,YAAa,CAAC;QACxC,MAAM,eAAe,GACnB,MAAM,YAAY,CAAC,kBAAkB,CACnC,MAAM,CAAC,aAAa,CACrB,CAAC;QAEJ,IAAA,qBAAW,EAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3C,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAhED,wEAgEC","sourcesContent":["import type { AuthenticationRefresher } from \"@/services/types.js\";\nimport type { AuthStorage, Endpoints, OIDCTokenResponseBody } from \"@/types.js\";\nimport {\n  getEndpointsWithOverrides,\n  retrieveTokens,\n  storeTokens,\n} from \"@/shared/util.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\n\nexport class GenericAuthenticationRefresher implements AuthenticationRefresher {\n  private oauth2client: OAuth2Client | undefined;\n  private endpoints: Endpoints | undefined;\n\n  private constructor(\n    private authConfig: AuthConfig,\n    private storage: AuthStorage,\n    private endpointOverrides?: Partial<Endpoints>,\n  ) {\n    console.log(\"GenericAuthenticationRefresher constructor\", {\n      authConfig,\n      endpointOverrides,\n    });\n  }\n\n  async init(): Promise<this> {\n    // resolve oauth config\n    this.endpoints = await getEndpointsWithOverrides(\n      this.authConfig.oauthServer,\n      this.endpointOverrides,\n    );\n    this.oauth2client = new OAuth2Client(\n      this.authConfig.clientId,\n      this.endpoints.auth,\n      this.endpoints.token,\n      {\n        redirectURI: this.authConfig.redirectUrl,\n      },\n    );\n\n    return this;\n  }\n\n  static async build(\n    authConfig: AuthConfig,\n    storage: AuthStorage,\n    endpointOverrides?: Partial<Endpoints>,\n  ): Promise<GenericAuthenticationRefresher> {\n    const refresher = new GenericAuthenticationRefresher(\n      authConfig,\n      storage,\n      endpointOverrides,\n    );\n    await refresher.init();\n\n    return refresher;\n  }\n\n  async refreshTokens() {\n    if (!this.oauth2client) await this.init();\n\n    const tokens = retrieveTokens(this.storage);\n    if (!tokens?.refresh_token) throw new Error(\"No refresh token available\");\n\n    const oauth2Client = this.oauth2client!;\n    const refreshedTokens =\n      await oauth2Client.refreshAccessToken<OIDCTokenResponseBody>(\n        tokens.refresh_token,\n      );\n\n    storeTokens(this.storage, refreshedTokens);\n\n    return tokens;\n  }\n}\n"]}

package/dist/cjs/src/shared/UserProvider.d.ts

@@ -0,0 +1,18 @@
+import React from "react";
+import type { ReactNode } from "react";
+import type { JWT } from "oslo/jwt";
+import type { AuthStorage, EmptyObject, User } from "../types.js";
+import type { AuthContextType } from "../shared/AuthContext.js";
+type UserContextType<T extends Record<string, unknown> & JWT["payload"] = Record<string, unknown> & JWT["payload"]> = {
+    user: User<T> | null;
+} & Omit<AuthContextType, "isAuthenticated">;
+declare const UserContext: React.Context<UserContextType<Record<string, unknown> & object> | null>;
+declare const UserProvider: <T extends EmptyObject>({ children, storage, user: inputUser, signOut: inputSignOut, }: {
+    children: ReactNode;
+    storage: AuthStorage;
+    user?: User<T> | null;
+    signOut?: () => Promise<void>;
+}) => React.JSX.Element;
+export type { UserContextType };
+export { UserProvider, UserContext };
+//# sourceMappingURL=UserProvider.d.ts.map

package/dist/cjs/src/shared/UserProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/UserProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAwB,MAAM,OAAO,CAAC;AAC7C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAGvC,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAIjE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAG/D,KAAK,eAAe,CAClB,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC1E,GAAG,CAAC,SAAS,CAAC,IACd;IACF,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;CACtB,GAAG,IAAI,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;AAE7C,QAAA,MAAM,WAAW,yEAA8C,CAAC;AAEhE,QAAA,MAAM,YAAY,GAAI,CAAC,SAAS,WAAW,kEAKxC;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,WAAW,CAAC;IACrB,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/B,sBA0CA,CAAC;AAEF,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC"}

package/dist/cjs/src/shared/UserProvider.js

@@ -0,0 +1,65 @@
+"use strict";
+"use client";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UserContext = exports.UserProvider = void 0;
+const react_1 = __importStar(require("react"));
+const react_query_1 = require("@tanstack/react-query");
+const useAuth_js_1 = require("../shared/hooks/useAuth.js");
+const useToken_js_1 = require("../shared/hooks/useToken.js");
+const useSession_js_1 = require("../shared/hooks/useSession.js");
+const UserSession_js_1 = require("../shared/UserSession.js");
+const UserContext = (0, react_1.createContext)(null);
+exports.UserContext = UserContext;
+const UserProvider = ({ children, storage, user: inputUser, signOut: inputSignOut, }) => {
+    const { isLoading: authLoading, error: authError } = (0, useAuth_js_1.useAuth)();
+    const session = (0, useSession_js_1.useSession)();
+    const { accessToken, idToken } = (0, useToken_js_1.useToken)();
+    const { signIn, signOut } = (0, useAuth_js_1.useAuth)();
+    const fetchUser = async () => {
+        if (!accessToken) {
+            return null;
+        }
+        const userSession = new UserSession_js_1.GenericUserSession(storage);
+        return userSession.get();
+    };
+    const { data: user, isLoading: userLoading, error: userError, } = (0, react_query_1.useQuery)({
+        queryKey: ["user", session?.idToken],
+        queryFn: fetchUser,
+        enabled: !!session?.idToken, // Only run the query if we have an access token
+    });
+    const isLoading = authLoading || userLoading;
+    const error = authError || userError;
+    const userWithIdToken = user ? { ...user, idToken } : null;
+    return (react_1.default.createElement(UserContext.Provider, { value: {
+            user: (inputUser || userWithIdToken) ?? null,
+            isLoading,
+            error,
+            signIn,
+            signOut: inputSignOut || signOut,
+        } }, children));
+};
+exports.UserProvider = UserProvider;
+//# sourceMappingURL=UserProvider.js.map

package/dist/cjs/src/shared/UserProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../../src/shared/UserProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;AAEb,+CAA6C;AAG7C,uDAAiD;AAGjD,0DAAoD;AACpD,4DAAsD;AACtD,gEAA0D;AAE1D,4DAA6D;AAS7D,MAAM,WAAW,GAAG,IAAA,qBAAa,EAAyB,IAAI,CAAC,CAAC;AA0DzC,kCAAW;AAxDlC,MAAM,YAAY,GAAG,CAAwB,EAC3C,QAAQ,EACR,OAAO,EACP,IAAI,EAAE,SAAS,EACf,OAAO,EAAE,YAAY,GAMtB,EAAE,EAAE;IACH,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAA,oBAAO,GAAE,CAAC;IAC/D,MAAM,OAAO,GAAG,IAAA,0BAAU,GAAE,CAAC;IAC7B,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,IAAA,sBAAQ,GAAE,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,oBAAO,GAAE,CAAC;IAEtC,MAAM,SAAS,GAAG,KAAK,IAA0B,EAAE;QACjD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,OAAO,CAAC,CAAC;QACpD,OAAO,WAAW,CAAC,GAAG,EAAE,CAAC;IAC3B,CAAC,CAAC;IAEF,MAAM,EACJ,IAAI,EAAE,IAAI,EACV,SAAS,EAAE,WAAW,EACtB,KAAK,EAAE,SAAS,GACjB,GAA0C,IAAA,sBAAQ,EAAC;QAClD,QAAQ,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC;QACpC,OAAO,EAAE,SAAS;QAClB,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,gDAAgD;KAC9E,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC;IAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;IAErC,MAAM,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAE3D,OAAO,CACL,8BAAC,WAAW,CAAC,QAAQ,IACnB,KAAK,EAAE;YACL,IAAI,EAAE,CAAC,SAAS,IAAI,eAAe,CAAC,IAAI,IAAI;YAC5C,SAAS;YACT,KAAK;YACL,MAAM;YACN,OAAO,EAAE,YAAY,IAAI,OAAO;SACjC,IAEA,QAAQ,CACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAIO,oCAAY","sourcesContent":["\"use client\";\n\nimport React, { createContext } from \"react\";\nimport type { ReactNode } from \"react\";\nimport type { UseQueryResult } from \"@tanstack/react-query\";\nimport { useQuery } from \"@tanstack/react-query\";\nimport type { JWT } from \"oslo/jwt\";\nimport type { AuthStorage, EmptyObject, User } from \"@/types.js\";\nimport { useAuth } from \"@/shared/hooks/useAuth.js\";\nimport { useToken } from \"@/shared/hooks/useToken.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { AuthContextType } from \"@/shared/AuthContext.js\";\nimport { GenericUserSession } from \"@/shared/UserSession.js\";\n\ntype UserContextType<\n  T extends Record<string, unknown> & JWT[\"payload\"] = Record<string, unknown> &\n    JWT[\"payload\"],\n> = {\n  user: User<T> | null;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends EmptyObject>({\n  children,\n  storage,\n  user: inputUser,\n  signOut: inputSignOut,\n}: {\n  children: ReactNode;\n  storage: AuthStorage;\n  user?: User<T> | null;\n  signOut?: () => Promise<void>;\n}) => {\n  const { isLoading: authLoading, error: authError } = useAuth();\n  const session = useSession();\n  const { accessToken, idToken } = useToken();\n  const { signIn, signOut } = useAuth();\n\n  const fetchUser = async (): Promise<User | null> => {\n    if (!accessToken) {\n      return null;\n    }\n    const userSession = new GenericUserSession(storage);\n    return userSession.get();\n  };\n\n  const {\n    data: user,\n    isLoading: userLoading,\n    error: userError,\n  }: UseQueryResult<User<T> | null, Error> = useQuery({\n    queryKey: [\"user\", session?.idToken],\n    queryFn: fetchUser,\n    enabled: !!session?.idToken, // Only run the query if we have an access token\n  });\n\n  const isLoading = authLoading || userLoading;\n  const error = authError || userError;\n\n  const userWithIdToken = user ? { ...user, idToken } : null;\n\n  return (\n    <UserContext.Provider\n      value={{\n        user: (inputUser || userWithIdToken) ?? null,\n        isLoading,\n        error,\n        signIn,\n        signOut: inputSignOut || signOut,\n      }}\n    >\n      {children}\n    </UserContext.Provider>\n  );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n"]}

package/dist/cjs/src/shared/UserSession.d.ts

@@ -0,0 +1,12 @@
+import type { AuthStorage, User } from "../types.js";
+export interface UserSession {
+    get(): User | null;
+    set(user: User): void;
+}
+export declare class GenericUserSession implements UserSession {
+    readonly storage: AuthStorage;
+    constructor(storage: AuthStorage);
+    get(): User | null;
+    set(user: User | null): void;
+}
+//# sourceMappingURL=UserSession.d.ts.map

package/dist/cjs/src/shared/UserSession.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserSession.d.ts","sourceRoot":"","sources":["../../../../src/shared/UserSession.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAsB,IAAI,EAAE,MAAM,YAAY,CAAC;AAIxE,MAAM,WAAW,WAAW;IAC1B,GAAG,IAAI,IAAI,GAAG,IAAI,CAAC;IACnB,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;CACvB;AAED,qBAAa,kBAAmB,YAAW,WAAW;IACxC,QAAQ,CAAC,OAAO,EAAE,WAAW;gBAApB,OAAO,EAAE,WAAW;IAEzC,GAAG,IAAI,IAAI,GAAG,IAAI;IAKlB,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,GAAG,IAAI;CAO7B"}

package/dist/cjs/src/shared/UserSession.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GenericUserSession = void 0;
+const types_js_1 = require("../shared/types.js");
+const jwt_js_1 = require("../lib/jwt.js");
+class GenericUserSession {
+    storage;
+    constructor(storage) {
+        this.storage = storage;
+    }
+    get() {
+        const user = this.storage.get(types_js_1.UserStorage.USER);
+        return user ? JSON.parse(user) : null;
+    }
+    set(user) {
+        const forwardedTokens = user?.forwardedTokens
+            ? (0, jwt_js_1.convertForwardedTokenFormat)(user?.forwardedTokens)
+            : null;
+        const value = user ? JSON.stringify({ ...user, forwardedTokens }) : "";
+        this.storage.set(types_js_1.UserStorage.USER, value);
+    }
+}
+exports.GenericUserSession = GenericUserSession;
+//# sourceMappingURL=UserSession.js.map

package/dist/cjs/src/shared/UserSession.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserSession.js","sourceRoot":"","sources":["../../../../src/shared/UserSession.ts"],"names":[],"mappings":";;;AACA,gDAAgD;AAChD,yCAA2D;AAO3D,MAAa,kBAAkB;IACR;IAArB,YAAqB,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;IAAG,CAAC;IAE7C,GAAG;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,IAAI,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACxC,CAAC;IAED,GAAG,CAAC,IAAiB;QACnB,MAAM,eAAe,GAAG,IAAI,EAAE,eAAe;YAC3C,CAAC,CAAC,IAAA,oCAA2B,EAAC,IAAI,EAAE,eAAqC,CAAC;YAC1E,CAAC,CAAC,IAAI,CAAC;QACT,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;CACF;AAfD,gDAeC","sourcesContent":["import type { AuthStorage, ForwardedTokensJWT, User } from \"@/types.js\";\nimport { UserStorage } from \"@/shared/types.js\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\n\nexport interface UserSession {\n  get(): User | null;\n  set(user: User): void;\n}\n\nexport class GenericUserSession implements UserSession {\n  constructor(readonly storage: AuthStorage) {}\n\n  get(): User | null {\n    const user = this.storage.get(UserStorage.USER);\n    return user ? JSON.parse(user) : null;\n  }\n\n  set(user: User | null): void {\n    const forwardedTokens = user?.forwardedTokens\n      ? convertForwardedTokenFormat(user?.forwardedTokens as ForwardedTokensJWT)\n      : null;\n    const value = user ? JSON.stringify({ ...user, forwardedTokens }) : \"\";\n    this.storage.set(UserStorage.USER, value);\n  }\n}\n"]}

package/dist/cjs/src/shared/components/CivicAuthIframe.d.ts

@@ -0,0 +1,8 @@
+import React from "react";
+type CivicAuthIframeProps = {
+    onLoad?: () => void;
+};
+declare const CivicAuthIframe: React.ForwardRefExoticComponent<CivicAuthIframeProps & React.RefAttributes<HTMLIFrameElement>>;
+export type { CivicAuthIframeProps };
+export { CivicAuthIframe };
+//# sourceMappingURL=CivicAuthIframe.d.ts.map

package/dist/cjs/src/shared/components/CivicAuthIframe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CivicAuthIframe.d.ts","sourceRoot":"","sources":["../../../../../src/shared/components/CivicAuthIframe.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAqB,MAAM,OAAO,CAAC;AAE1C,KAAK,oBAAoB,GAAG;IAC1B,MAAM,CAAC,EAAE,MAAM,IAAI,CAAC;CACrB,CAAC;AAEF,QAAA,MAAM,eAAe,gGAWpB,CAAC;AAIF,YAAY,EAAE,oBAAoB,EAAE,CAAC;AAErC,OAAO,EAAE,eAAe,EAAE,CAAC"}