@civic/auth 0.0.1-beta.0 → 0.0.1-beta.10

package/dist/react.js

@@ -1,106 +1,45 @@
-'use client'
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __defProps = Object.defineProperties;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropDescs = Object.getOwnPropertyDescriptors;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getOwnPropSymbols = Object.getOwnPropertySymbols;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __propIsEnum = Object.prototype.propertyIsEnumerable;
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __spreadValues = (a, b) => {
-  for (var prop in b || (b = {}))
-    if (__hasOwnProp.call(b, prop))
-      __defNormalProp(a, prop, b[prop]);
-  if (__getOwnPropSymbols)
-    for (var prop of __getOwnPropSymbols(b)) {
-      if (__propIsEnum.call(b, prop))
-        __defNormalProp(a, prop, b[prop]);
-    }
-  return a;
-};
-var __spreadProps = (a, b) => __defProps(a, __getOwnPropDescs(b));
-var __objRest = (source, exclude) => {
-  var target = {};
-  for (var prop in source)
-    if (__hasOwnProp.call(source, prop) && exclude.indexOf(prop) < 0)
-      target[prop] = source[prop];
-  if (source != null && __getOwnPropSymbols)
-    for (var prop of __getOwnPropSymbols(source)) {
-      if (exclude.indexOf(prop) < 0 && __propIsEnum.call(source, prop))
-        target[prop] = source[prop];
-    }
-  return target;
-};
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var __async = (__this, __arguments, generator) => {
-  return new Promise((resolve, reject) => {
-    var fulfilled = (value) => {
-      try {
-        step(generator.next(value));
-      } catch (e) {
-        reject(e);
-      }
-    };
-    var rejected = (value) => {
-      try {
-        step(generator.throw(value));
-      } catch (e) {
-        reject(e);
-      }
-    };
-    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
-    step((generator = generator.apply(__this, __arguments)).next());
-  });
-};
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+
+var _chunkMVO4UZ2Ajs = require('./chunk-MVO4UZ2A.js');
+
+
+
+
+
+
+
+
+
+
+
+
+
+var _chunkYNLXRD5Ljs = require('./chunk-YNLXRD5L.js');
 
-// src/react/index.ts
-var react_exports = {};
-__export(react_exports, {
-  CivicProvider: () => CivicProvider,
-  UserButton: () => UserButton,
-  useAuth: () => useAuth,
-  useParams: () => useParams,
-  useSession: () => useSession,
-  useToken: () => useToken,
-  useUser: () => useUser
-});
-module.exports = __toCommonJS(react_exports);
+
+
+
+
+var _chunkCRTRMMJ7js = require('./chunk-CRTRMMJ7.js');
 
 // src/react/hooks/useUser.tsx
-var import_react10 = require("react");
+var _react = require('react');
 
 // src/react/providers/UserProvider.tsx
-var import_react3 = require("react");
-var import_react_query = require("@tanstack/react-query");
+
+var _reactquery = require('@tanstack/react-query');
+
+// src/react/hooks/useAuth.tsx
+
+
+// src/shared/AuthContext.tsx
+
+var AuthContext = _react.createContext.call(void 0, null);
 
 // src/react/hooks/useAuth.tsx
-var import_react = require("react");
 var useAuth = () => {
-  const context = (0, import_react.useContext)(AuthContext);
+  const context = _react.useContext.call(void 0, AuthContext);
   if (!context) {
     throw new Error("useAuth must be used within an AuthProvider");
   }
@@ -108,98 +47,90 @@ var useAuth = () => {
 };
 
 // src/react/hooks/useToken.tsx
-var import_react2 = require("react");
-var useToken = () => {
-  const context = (0, import_react2.useContext)(TokenContext);
+
+
+// src/react/providers/TokenProvider.tsx
+
+
+
+// src/react/hooks/useSession.tsx
+
+
+// src/react/providers/SessionProvider.tsx
+
+
+
+var _jsxruntime = require('react/jsx-runtime');
+var defaultSession = {
+  authenticated: false,
+  idToken: void 0,
+  accessToken: void 0,
+  displayMode: "iframe",
+  iframeRef: null,
+  setAuthResponseUrl: () => {
+  }
+};
+var SessionContext = _react.createContext.call(void 0, defaultSession);
+var SessionProvider = ({
+  children,
+  session,
+  iframeRef,
+  setAuthResponseUrl
+}) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+  SessionContext.Provider,
+  {
+    value: _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, session || defaultSession), { iframeRef, setAuthResponseUrl }),
+    children
+  }
+);
+
+// src/react/hooks/useSession.tsx
+var useSession = () => {
+  const context = _react.useContext.call(void 0, SessionContext);
   if (!context) {
-    throw new Error("useToken must be used within a TokenProvider");
+    throw new Error("useSession must be used within an SessionProvider");
   }
   return context;
 };
 
-// src/react/providers/UserProvider.tsx
-var import_jwt = require("oslo/jwt");
-var import_jsx_runtime = require("react/jsx-runtime");
-var UserContext = (0, import_react3.createContext)(null);
-var UserProvider = ({
-  children
-}) => {
-  const { isLoading: authLoading, error: authError } = useAuth();
-  const session = useSession();
-  const { forwardedTokens, idToken, accessToken, refreshToken } = useToken();
-  const { isAuthenticated, signIn, signOut } = useAuth();
-  const fetchUser = () => __async(void 0, null, function* () {
-    if (!(session == null ? void 0 : session.idToken)) {
-      return null;
-    }
-    const parsedJWT = (0, import_jwt.parseJWT)(session.idToken);
-    if (!parsedJWT) {
-      return null;
-    }
-    const user2 = parsedJWT.payload;
-    return __spreadProps(__spreadValues({}, user2), {
-      forwardedTokens,
-      idToken,
-      accessToken,
-      refreshToken
-    });
-  });
-  const {
-    data: user,
-    isLoading: userLoading,
-    error: userError,
-    refetch
-  } = (0, import_react_query.useQuery)({
-    queryKey: ["user", session == null ? void 0 : session.accessToken],
-    queryFn: fetchUser,
-    enabled: !!(session == null ? void 0 : session.accessToken)
-    // Only run the query if we have an access token
-  });
-  const isLoading = authLoading || userLoading;
-  const error = authError || userError;
-  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
-    UserContext.Provider,
+// src/react/providers/TokenProvider.tsx
+var _jwt = require('oslo/jwt');
+
+// src/lib/jwt.ts
+var convertForwardedTokenFormat = (inputTokens) => Object.fromEntries(
+  Object.entries(inputTokens).map(([source, tokens]) => [
+    source,
     {
-      value: {
-        user,
-        isLoading,
-        error,
-        refetch,
-        isAuthenticated,
-        signIn,
-        signOut
-      },
-      children
+      idToken: tokens == null ? void 0 : tokens.id_token,
+      accessToken: tokens == null ? void 0 : tokens.access_token,
+      refreshToken: tokens == null ? void 0 : tokens.refresh_token
     }
-  );
-};
+  ])
+);
 
 // src/react/providers/TokenProvider.tsx
-var import_react4 = require("react");
-var import_react_query2 = require("@tanstack/react-query");
-var import_jwt2 = require("oslo/jwt");
-var import_jsx_runtime2 = require("react/jsx-runtime");
-var TokenContext = (0, import_react4.createContext)(void 0);
+
+var TokenContext = _react.createContext.call(void 0, void 0);
 var TokenProvider = ({ children }) => {
   const { isLoading, error: authError } = useAuth();
   const session = useSession();
-  const queryClient2 = (0, import_react_query2.useQueryClient)();
-  const refreshTokenMutation = (0, import_react_query2.useMutation)({
-    mutationFn: () => __async(void 0, null, function* () {
+  const queryClient3 = _reactquery.useQueryClient.call(void 0, );
+  const refreshTokenMutation = _reactquery.useMutation.call(void 0, {
+    mutationFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
       throw new Error("Method not implemented.");
     }),
     onSuccess: () => {
-      queryClient2.invalidateQueries({ queryKey: ["session"] });
+      queryClient3.invalidateQueries({ queryKey: ["session"] });
     }
   });
-  const decodeTokens = (0, import_react4.useMemo)(() => {
+  const decodeTokens = _react.useMemo.call(void 0, () => {
     if (!(session == null ? void 0 : session.idToken)) return null;
-    const parsedJWT = (0, import_jwt2.parseJWT)(session.idToken);
+    const parsedJWT = _jwt.parseJWT.call(void 0, session.idToken);
     if (!parsedJWT) return null;
     const { forwardedTokens } = parsedJWT.payload;
-    return forwardedTokens;
+    return forwardedTokens ? convertForwardedTokenFormat(forwardedTokens) : null;
   }, [session == null ? void 0 : session.idToken]);
-  const value = (0, import_react4.useMemo)(
+  const value = _react.useMemo.call(void 0, 
     () => ({
       accessToken: session.accessToken || null,
       idToken: session.idToken || null,
@@ -218,375 +149,96 @@ var TokenProvider = ({ children }) => {
       authError
     ]
   );
-  return /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(TokenContext.Provider, { value, children });
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, TokenContext.Provider, { value, children });
 };
 
-// src/react/providers/AuthProvider.tsx
-var import_react9 = require("react");
-var import_react_query3 = require("@tanstack/react-query");
-
-// src/services/UserInfoService.ts
-var UserInfoServiceImpl = class {
-  constructor(endpoints) {
-    this.endpoints = endpoints;
-  }
-  getUserInfo(accessToken) {
-    return __async(this, null, function* () {
-      return {
-        id: "user123",
-        name: "John Doe",
-        email: "john@example.com",
-        picture: "https://example.com/john.jpg",
-        given_name: "John",
-        family_name: "Doe",
-        created_at: /* @__PURE__ */ new Date(),
-        updated_at: /* @__PURE__ */ new Date(),
-        country: "US",
-        accessToken
-      };
-    });
+// src/react/hooks/useToken.tsx
+var useToken = () => {
+  const context = _react.useContext.call(void 0, TokenContext);
+  if (!context) {
+    throw new Error("useToken must be used within a TokenProvider");
   }
+  return context;
 };
 
-// src/services/SessionService.ts
-var import_oauth2 = require("oslo/oauth2");
-var jose = __toESM(require("jose"));
+// src/react/providers/UserProvider.tsx
 
-// src/lib/oauth.ts
-var import_uuid = require("uuid");
-var getIssuerVariations = (issuer) => {
-  const issuerWithoutSlash = issuer.endsWith("/") ? issuer.slice(0, issuer.length - 1) : issuer;
-  const issuerWithSlash = `${issuerWithoutSlash}/`;
-  return [issuerWithoutSlash, issuerWithSlash];
-};
-var addSlashIfNeeded = (url) => url.endsWith("/") ? url : `${url}/`;
-var getOauthEndpoints = (oauthServer) => __async(void 0, null, function* () {
-  const openIdConfigResponse = yield fetch(
-    `${addSlashIfNeeded(oauthServer)}.well-known/openid-configuration`
-  );
-  const openIdConfig = yield openIdConfigResponse.json();
-  return {
-    jwks: openIdConfig.jwks_uri,
-    auth: openIdConfig.authorization_endpoint,
-    token: openIdConfig.token_endpoint,
-    userinfo: openIdConfig.userinfo_endpoint
-  };
-});
-var generateState = (displayMode) => {
-  const jsonString = JSON.stringify({
-    uuid: (0, import_uuid.v4)(),
-    displayMode
+var UserContext = _react.createContext.call(void 0, null);
+var UserProvider = ({
+  children,
+  storage
+}) => {
+  const { isLoading: authLoading, error: authError } = useAuth();
+  const session = useSession();
+  const { accessToken } = useToken();
+  const { signIn, signOut } = useAuth();
+  const fetchUser = () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+    if (!accessToken) {
+      return null;
+    }
+    const userSession = new (0, _chunkYNLXRD5Ljs.GenericUserSession)(storage);
+    return userSession.get();
   });
-  return Buffer.from(jsonString).toString("base64");
-};
-var displayModeFromState = (state, sessionDisplayMode) => {
-  try {
-    const jsonString = Buffer.from(state, "base64").toString();
-    return JSON.parse(jsonString).displayMode;
-  } catch (_e) {
-    return sessionDisplayMode;
-  }
-};
-
-// src/utils.ts
-var import_clsx = require("clsx");
-var import_tailwind_merge = require("tailwind-merge");
-var isPopupBlocked = () => {
-  const popup = window.open("", "", "width=1,height=1");
-  if (!popup) {
-    return true;
-  }
-  try {
-    if (typeof popup.closed === "undefined") {
-      throw new Error("Popup is blocked");
+  const {
+    data: user,
+    isLoading: userLoading,
+    error: userError
+  } = _reactquery.useQuery.call(void 0, {
+    queryKey: ["user", session == null ? void 0 : session.idToken],
+    queryFn: fetchUser,
+    enabled: !!(session == null ? void 0 : session.idToken)
+    // Only run the query if we have an access token
+  });
+  const isLoading = authLoading || userLoading;
+  const error = authError || userError;
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    UserContext.Provider,
+    {
+      value: {
+        user: user != null ? user : null,
+        isLoading,
+        error,
+        signIn,
+        signOut
+      },
+      children
     }
-  } catch (e) {
-    return true;
-  }
-  popup.close();
-  return false;
-};
-var cn = (...inputs) => {
-  return (0, import_tailwind_merge.twMerge)((0, import_clsx.clsx)(inputs));
+  );
 };
 
-// src/services/SessionService.ts
-var AuthSessionServiceImpl = class {
-  constructor(clientId, redirectUrl, oauthServer, inputEndpoints) {
-    this.clientId = clientId;
-    this.redirectUrl = redirectUrl;
-    this.oauthServer = oauthServer;
-    this.codeVerifier = void 0;
-    this.state = void 0;
-    this.codeVerifier = (0, import_oauth2.generateCodeVerifier)();
-    this._endpoints = inputEndpoints;
-  }
-  getUserInfoService() {
-    return __async(this, null, function* () {
-      if (this._userInfoService) {
-        return this._userInfoService;
-      }
-      const endpoints = yield this.getEndpoints();
-      this._userInfoService = new UserInfoServiceImpl(endpoints);
-      return this._userInfoService;
-    });
-  }
-  getEndpoints() {
-    return __async(this, null, function* () {
-      if (this._endpoints) {
-        return this._endpoints;
-      }
-      this._endpoints = yield getOauthEndpoints(this.oauthServer);
-      return this._endpoints;
-    });
-  }
-  getOauth2Client() {
-    return __async(this, null, function* () {
-      if (this._oauth2Client) {
-        return this._oauth2Client;
-      }
-      const endpoints = yield this.getEndpoints();
-      this._oauth2Client = new import_oauth2.OAuth2Client(
-        this.clientId,
-        endpoints.auth,
-        endpoints.token,
-        // this
-        { redirectURI: this.redirectUrl }
-      );
-      return this._oauth2Client;
-    });
-  }
-  getSessionData() {
-    return JSON.parse(
-      localStorage.getItem(`civic-auth:${this.clientId}`) || "{}"
-    );
-  }
-  updateSessionData(data) {
-    localStorage.setItem(
-      `civic-auth:${this.clientId}`,
-      JSON.stringify(__spreadValues({}, data))
-    );
-  }
-  getAuthorizationUrl(scopes, displayMode, nonce) {
-    return __async(this, null, function* () {
-      const state = generateState(displayMode);
-      this.state = state;
-      const existingSessionData = this.getSessionData();
-      this.updateSessionData(__spreadProps(__spreadValues({}, existingSessionData), {
-        codeVerifier: this.codeVerifier,
-        displayMode
-      }));
-      const oauth2Client = yield this.getOauth2Client();
-      const oAuthUrl = yield oauth2Client.createAuthorizationURL({
-        state,
-        codeVerifier: this.codeVerifier,
-        codeChallengeMethod: "S256",
-        scopes
-      });
-      if (nonce) {
-        oAuthUrl.searchParams.append("nonce", nonce);
-      }
-      return oAuthUrl.toString();
-    });
-  }
-  // TODO fix the Window reference
-  loadAuthorizationUrl(authorizationURL, displayMode) {
-    switch (displayMode) {
-      case "iframe":
-        break;
-      case "redirect":
-        window.location.href = authorizationURL;
-        break;
-      case "new_tab":
-        window.open(authorizationURL, "_blank");
-        break;
-      case "custom_tab":
-        break;
-    }
-  }
-  init() {
-    return __async(this, null, function* () {
-      this.updateSessionData({ authenticated: false });
-    });
-  }
-  determineDisplayMode(displayMode) {
-    if (isPopupBlocked() && displayMode === "iframe") {
-      displayMode = "redirect";
-    }
-    return displayMode;
-  }
-  signIn(displayMode, scopes, nonce) {
-    return __async(this, null, function* () {
-      const authorizationURL = yield this.getAuthorizationUrl(
-        scopes,
-        displayMode,
-        nonce
-      );
-      this.loadAuthorizationUrl(authorizationURL, displayMode);
-    });
-  }
-  tokenExchange(responseUrl) {
-    return __async(this, null, function* () {
-      let session = this.getSessionData();
-      if (!session.authenticated) {
-        const url = new URL(responseUrl);
-        const authorizationCode = url.searchParams.get("code");
-        const returnedState = url.searchParams.get("state");
-        if (!authorizationCode || !returnedState) {
-          throw new Error("Invalid authorization response");
-        }
-        const codeVerifier = this.getSessionData().codeVerifier;
-        const oauth2Client = yield this.getOauth2Client();
-        const tokens = yield oauth2Client.validateAuthorizationCode(
-          authorizationCode,
-          {
-            codeVerifier
-          }
-        );
-        try {
-          yield this.validateTokens(tokens);
-        } catch (error) {
-          console.error("tokenExchange tokens", { error, tokens });
-          throw new Error(
-            `OIDC tokens validation failed: ${error.message}`
-          );
-        }
-        const parsedDisplayMode = displayModeFromState(
-          returnedState,
-          session.displayMode
-        );
-        session = __spreadProps(__spreadValues({}, session), {
-          displayMode: parsedDisplayMode,
-          idToken: tokens.id_token,
-          authenticated: true,
-          state: returnedState,
-          accessToken: tokens.access_token,
-          refreshToken: tokens.refresh_token,
-          expiresIn: tokens.expires_in
-        });
-        this.updateSessionData(session);
-      }
-      if (session.displayMode === "new_tab") {
-        window.close();
-      } else if (session.displayMode === "redirect") {
-      }
-      return session;
-    });
-  }
-  refreshToken() {
-    return __async(this, null, function* () {
-      const sessionData = this.getSessionData();
-      if (!sessionData.refreshToken) {
-        throw new Error("No refresh token available");
-      }
-      const oauth2Client = yield this.getOauth2Client();
-      const tokens = yield oauth2Client.refreshAccessToken(
-        sessionData.refreshToken
-      );
-      const session = __spreadProps(__spreadValues({}, sessionData), {
-        idToken: tokens.id_token,
-        authenticated: true,
-        accessToken: tokens.access_token,
-        refreshToken: tokens.refresh_token,
-        expiresIn: tokens.expires_in
-      });
-      this.updateSessionData(session);
-      return session;
-    });
-  }
-  getUserInfo() {
-    return __async(this, null, function* () {
-      const sessionData = this.getSessionData();
-      if (!sessionData.accessToken) {
-        throw new Error("No access token available");
-      }
-      const userInfoService = yield this.getUserInfoService();
-      return userInfoService.getUserInfo(sessionData.accessToken);
-    });
-  }
-  /**
-   * Uses the jose library to validate a JWT token using the OAuth JWKS endpoint
-   * @param {string} token
-   * @returns {Promise<jose.JWTPayload>}
-   * @throws {Error} if the token is invalid
-   */
-  validateTokens(tokens) {
-    return __async(this, null, function* () {
-      const endpoints = yield this.getEndpoints();
-      const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));
-      const returnPayload = {};
-      console.log("issuer", getIssuerVariations(this.oauthServer));
-      const idTokenResponse = yield jose.jwtVerify(tokens.id_token, JWKS, {
-        issuer: getIssuerVariations(this.oauthServer),
-        audience: this.clientId
-      });
-      returnPayload.idToken = idTokenResponse.payload;
-      const accessTokenResponse = yield jose.jwtVerify(
-        tokens.access_token,
-        JWKS,
-        {
-          issuer: getIssuerVariations(this.oauthServer)
-        }
-      );
-      returnPayload.accessToken = accessTokenResponse.payload;
-      if (tokens.refresh_token) {
-        const refreshResponse = yield jose.jwtVerify(tokens.refresh_token, JWKS, {
-          issuer: getIssuerVariations(this.oauthServer)
-        });
-        returnPayload.refreshToken = refreshResponse.payload;
-      }
-      return returnPayload;
-    });
-  }
-  validateExistingSession() {
-    return __async(this, null, function* () {
-      const sessionData = this.getSessionData();
-      try {
-        if (!sessionData.idToken || !sessionData.accessToken) {
-          const unAuthenticatedSession = __spreadProps(__spreadValues({}, sessionData), { authenticated: false });
-          this.updateSessionData(unAuthenticatedSession);
-          return unAuthenticatedSession;
-        }
-        yield this.validateTokens({
-          id_token: sessionData.idToken,
-          access_token: sessionData.accessToken,
-          refresh_token: sessionData.refreshToken
-        });
-        sessionData.authenticated = true;
-        return sessionData;
-      } catch (error) {
-        console.warn("Failed to validate existing tokens", error);
-        const unAuthenticatedSession = __spreadProps(__spreadValues({}, sessionData), { authenticated: false });
-        this.updateSessionData(unAuthenticatedSession);
-        return unAuthenticatedSession;
-      }
-    });
-  }
-};
+// src/shared/AuthProvider.tsx
+
+
+
+
+
+
+
+
+
+// src/react/components/CivicAuthIframeContainer.tsx
 
-// src/react/components/CivicAuthIframe.tsx
-var import_react5 = require("react");
 
 // src/react/components/LoadingIcon.tsx
-var import_jsx_runtime3 = require("react/jsx-runtime");
-var LoadingIcon = () => /* @__PURE__ */ (0, import_jsx_runtime3.jsxs)("div", { role: "status", children: [
-  /* @__PURE__ */ (0, import_jsx_runtime3.jsxs)(
+
+var LoadingIcon = () => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { role: "status", children: [
+  /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
     "svg",
     {
       "aria-hidden": "true",
-      className: "inline h-8 w-8 animate-spin fill-neutral-600 text-neutral-200 dark:fill-neutral-300 dark:text-neutral-600",
+      className: "cac-inline cac-h-8 cac-w-8 cac-animate-spin cac-fill-neutral-600 cac-text-neutral-200 dark:cac-fill-neutral-300 dark:cac-text-neutral-600",
       viewBox: "0 0 100 101",
       fill: "none",
       xmlns: "http://www.w3.org/2000/svg",
       children: [
-        /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
           "path",
           {
             d: "M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z",
             fill: "currentColor"
           }
         ),
-        /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
           "path",
           {
             d: "M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z",
@@ -596,12 +248,12 @@ var LoadingIcon = () => /* @__PURE__ */ (0, import_jsx_runtime3.jsxs)("div", { r
       ]
     }
   ),
-  /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("span", { className: "sr-only", children: "Loading..." })
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "cac-sr-only", children: "Loading..." })
 ] });
 
-// src/react/components/CivicAuthIframe.tsx
-var import_jsx_runtime4 = require("react/jsx-runtime");
-var CloseIcon = () => /* @__PURE__ */ (0, import_jsx_runtime4.jsxs)(
+// src/react/components/CloseIcon.tsx
+
+var CloseIcon = () => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
   "svg",
   {
     xmlns: "http://www.w3.org/2000/svg",
@@ -615,26 +267,90 @@ var CloseIcon = () => /* @__PURE__ */ (0, import_jsx_runtime4.jsxs)(
     strokeLinejoin: "round",
     className: "lucide lucide-x",
     children: [
-      /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("path", { d: "M18 6 6 18" }),
-      /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("path", { d: "m6 6 12 12" })
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M18 6 6 18" }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "m6 6 12 12" })
     ]
   }
 );
-var IFRAME_ID = "civic-auth-iframe";
-var CivicAuthIframe = ({
-  authUrl,
-  redirectUri,
-  setAuthResponseUrl,
+
+// src/react/components/CivicAuthIframe.tsx
+
+
+var CivicAuthIframe = _react.forwardRef.call(void 0, 
+  ({ onLoad }, ref) => {
+    return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+      "iframe",
+      {
+        id: _chunkYNLXRD5Ljs.IFRAME_ID,
+        ref,
+        className: "cac-h-96 cac-w-80 cac-border-none",
+        onLoad
+      }
+    );
+  }
+);
+CivicAuthIframe.displayName = "CivicAuthIframe";
+
+// src/react/components/CivicAuthIframeContainer.tsx
+
+function NoChrome({
+  children
+}) {
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _jsxruntime.Fragment, { children });
+}
+function IframeChrome({
+  children,
   onClose
+}) {
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    "div",
+    {
+      className: "cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-neutral-950 cac-bg-opacity-50",
+      onClick: onClose,
+      children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+        "div",
+        {
+          className: "cac-relative cac-rounded-3xl cac-bg-white cac-p-6 cac-shadow-lg",
+          onClick: (e) => e.stopPropagation(),
+          children: [
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "button",
+              {
+                className: "cac-absolute cac-right-4 cac-top-4 cac-flex cac-cursor-pointer cac-items-center cac-justify-center cac-border-none cac-bg-transparent cac-p-1 cac-text-neutral-400",
+                onClick: onClose,
+                children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, CloseIcon, {})
+              }
+            ),
+            children
+          ]
+        }
+      )
+    }
+  );
+}
+var CivicAuthIframeContainer = ({
+  onClose,
+  closeOnRedirect = true
 }) => {
-  const iframeRef = (0, import_react5.useRef)(null);
-  const [isLoading, setIsLoading] = (0, import_react5.useState)(true);
-  const processIframeUrl = (0, import_react5.useCallback)(() => {
-    if (iframeRef.current && iframeRef.current.contentWindow) {
+  var _a;
+  const [isLoading, setIsLoading] = _react.useState.call(void 0, true);
+  const { isLoading: isAuthLoading } = useAuth();
+  const config = useConfig();
+  const { serverTokenExchange } = config;
+  const { setAuthResponseUrl, iframeRef } = useSession();
+  const processIframeUrl = _react.useCallback.call(void 0, () => {
+    if (iframeRef && iframeRef.current && iframeRef.current.contentWindow) {
       try {
         const iframeUrl = iframeRef.current.contentWindow.location.href;
-        if (iframeUrl.startsWith(redirectUri)) {
-          setAuthResponseUrl(iframeUrl);
+        if (iframeUrl.startsWith(config.redirectUrl)) {
+          if (serverTokenExchange) {
+            const params = new URL(iframeUrl).searchParams;
+            params.set("tokenExchange", "true");
+            fetch(`${config.redirectUrl}?${params.toString()}`);
+          } else {
+            setAuthResponseUrl(iframeUrl);
+          }
+          if (closeOnRedirect) onClose == null ? void 0 : onClose();
           return true;
         }
       } catch (e) {
@@ -642,14 +358,24 @@ var CivicAuthIframe = ({
       }
     }
     return false;
-  }, [redirectUri, setAuthResponseUrl]);
-  const intervalId = (0, import_react5.useRef)();
-  (0, import_react5.useEffect)(() => {
-    const handleEscape = (event) => {
+  }, [
+    closeOnRedirect,
+    config.redirectUrl,
+    iframeRef,
+    onClose,
+    serverTokenExchange,
+    setAuthResponseUrl
+  ]);
+  const intervalId = _react.useRef.call(void 0, );
+  const handleEscape = _react.useCallback.call(void 0, 
+    (event) => {
       if (event.key === "Escape") {
-        onClose();
+        onClose == null ? void 0 : onClose();
       }
-    };
+    },
+    [onClose]
+  );
+  _react.useEffect.call(void 0, () => {
     window.addEventListener("keydown", handleEscape);
     return () => window.removeEventListener("keydown", handleEscape);
   });
@@ -660,214 +386,51 @@ var CivicAuthIframe = ({
       clearInterval(intervalId.current);
     }
   };
-  return /* @__PURE__ */ (0, import_jsx_runtime4.jsx)(
-    "div",
-    {
-      className: "absolute left-0 top-0 z-[9999] flex h-screen w-screen items-center justify-center bg-neutral-950 bg-opacity-50",
-      onClick: onClose,
-      children: /* @__PURE__ */ (0, import_jsx_runtime4.jsxs)(
-        "div",
-        {
-          className: "relative rounded-3xl bg-white p-6 shadow-lg",
-          onClick: (e) => e.stopPropagation(),
-          children: [
-            /* @__PURE__ */ (0, import_jsx_runtime4.jsx)(
-              "button",
-              {
-                className: "absolute right-4 top-4 flex cursor-pointer items-center justify-center border-none bg-transparent p-1 text-neutral-400",
-                onClick: onClose,
-                children: /* @__PURE__ */ (0, import_jsx_runtime4.jsx)(CloseIcon, {})
-              }
-            ),
-            isLoading && /* @__PURE__ */ (0, import_jsx_runtime4.jsx)("div", { className: "absolute inset-0 flex items-center justify-center rounded-3xl bg-neutral-100", children: /* @__PURE__ */ (0, import_jsx_runtime4.jsx)(LoadingIcon, {}) }),
-            /* @__PURE__ */ (0, import_jsx_runtime4.jsx)(
-              "iframe",
-              {
-                id: IFRAME_ID,
-                ref: iframeRef,
-                src: authUrl,
-                className: "h-48 w-80 border-none",
-                onLoad: handleIframeLoad
-              }
-            )
-          ]
-        }
-      )
-    }
-  );
+  const showLoadingIcon = isLoading || isAuthLoading || !((_a = iframeRef == null ? void 0 : iframeRef.current) == null ? void 0 : _a.getAttribute("src"));
+  const WrapperComponent = config.modalIframe ? IframeChrome : NoChrome;
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, WrapperComponent, { onClose, children: [
+    showLoadingIcon && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-rounded-3xl cac-bg-neutral-100", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingIcon, {}) }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, CivicAuthIframe, { ref: iframeRef, onLoad: handleIframeLoad })
+  ] });
 };
 
-// src/react/components/UserButton.tsx
-var import_react6 = require("react");
-var import_jsx_runtime5 = require("react/jsx-runtime");
-var ChevronDown = () => /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
-  "svg",
-  {
-    xmlns: "http://www.w3.org/2000/svg",
-    width: "24",
-    height: "24",
-    viewBox: "0 0 24 24",
-    fill: "none",
-    stroke: "currentColor",
-    strokeWidth: "2",
-    strokeLinecap: "round",
-    strokeLinejoin: "round",
-    className: "lucide lucide-chevron-down",
-    children: /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("path", { d: "m6 9 6 6 6-6" })
-  }
-);
-var ChevronUp = () => /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
-  "svg",
-  {
-    xmlns: "http://www.w3.org/2000/svg",
-    width: "24",
-    height: "24",
-    viewBox: "0 0 24 24",
-    fill: "none",
-    stroke: "currentColor",
-    strokeWidth: "2",
-    strokeLinecap: "round",
-    strokeLinejoin: "round",
-    className: "lucide lucide-chevron-up",
-    children: /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("path", { d: "m18 15-6-6-6 6" })
-  }
-);
-var UserButton = ({
-  displayMode,
-  className
-}) => {
-  const [isOpen, setIsOpen] = (0, import_react6.useState)(false);
-  const { signIn, isAuthenticated, signOut } = useAuth();
-  const { user } = useUser();
-  (0, import_react6.useEffect)(() => {
-    const handleEscape = (event) => {
-      if (event.key === "Escape") {
-        setIsOpen(false);
-      }
-    };
-    if (isOpen) {
-      window.addEventListener("keydown", handleEscape);
-    }
-    return () => {
-      window.removeEventListener("keydown", handleEscape);
-    };
-  }, [isOpen]);
-  (0, import_react6.useEffect)(() => {
-    const handleClick = (event) => {
-      const target = event.target;
-      if (!target.closest("#civic-dropdown-container")) {
-        setIsOpen(false);
-      }
-    };
-    if (isOpen) {
-      window.addEventListener("click", handleClick);
-    }
-    return () => {
-      window.removeEventListener("click", handleClick);
-    };
-  }, [isOpen]);
-  (0, import_react6.useEffect)(() => {
-    if (!isAuthenticated) {
-      setIsOpen(false);
-    }
-  }, [isAuthenticated]);
-  if (isAuthenticated) {
-    return /* @__PURE__ */ (0, import_jsx_runtime5.jsxs)("div", { className: "relative", id: "civic-dropdown-container", children: [
-      /* @__PURE__ */ (0, import_jsx_runtime5.jsxs)(
-        "button",
-        {
-          className: cn(
-            "flex w-full items-center justify-between gap-2 rounded-full border border-neutral-500 px-3 py-2 text-neutral-500 transition-colors hover:bg-neutral-200 hover:bg-opacity-50",
-            className
-          ),
-          onClick: () => setIsOpen((isOpen2) => !isOpen2),
-          children: [
-            (user == null ? void 0 : user.picture) ? /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("span", { className: "relative flex h-10 w-10 shrink-0 gap-2 overflow-hidden rounded-full", children: /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
-              "img",
-              {
-                className: "h-full w-full object-cover",
-                src: user.picture,
-                alt: (user == null ? void 0 : user.name) || (user == null ? void 0 : user.email)
-              }
-            ) }) : /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("div", {}),
-            /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("span", { children: (user == null ? void 0 : user.name) || (user == null ? void 0 : user.email) }),
-            isOpen ? /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(ChevronUp, {}) : /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(ChevronDown, {})
-          ]
-        }
-      ),
-      /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
-        "div",
-        {
-          className: isOpen ? "absolute right-0 mt-2 w-full rounded-lg bg-white py-2 text-neutral-500 shadow-xl" : "hidden",
-          children: /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("ul", { children: /* @__PURE__ */ (0, import_jsx_runtime5.jsx)("li", { children: /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
-            "button",
-            {
-              className: "block w-full px-4 py-2 transition-colors hover:bg-neutral-200 hover:bg-opacity-50",
-              onClick: () => signOut(),
-              children: "Logout"
-            }
-          ) }) })
-        }
-      )
-    ] });
-  }
-  return /* @__PURE__ */ (0, import_jsx_runtime5.jsx)(
-    "button",
-    {
-      className: cn(
-        "rounded-full border border-neutral-500 px-3 py-2 transition-colors hover:bg-neutral-200 hover:bg-opacity-50",
-        className
-      ),
-      onClick: () => signIn(displayMode),
-      children: "Sign in"
-    }
-  );
-};
-
-// src/react/providers/ParamsProvider.tsx
-var import_react7 = require("react");
-var import_jsx_runtime6 = require("react/jsx-runtime");
-var ParamsContext = (0, import_react7.createContext)(null);
-var ParamsProvider = ({
-  children,
-  clientId,
-  redirectUrl,
-  config,
-  nonce
-}) => {
-  const value = {
-    clientId,
-    redirectUrl,
-    config,
-    nonce
-  };
-  return /* @__PURE__ */ (0, import_jsx_runtime6.jsx)(ParamsContext.Provider, { value, children });
-};
-
-// src/react/providers/SessionProvider.tsx
-var import_react8 = require("react");
-var import_jsx_runtime7 = require("react/jsx-runtime");
-var defaultSession = {
-  authenticated: false,
-  idToken: void 0,
-  accessToken: void 0,
-  displayMode: "iframe"
-};
-var SessionContext = (0, import_react8.createContext)(defaultSession);
-var SessionProvider = ({ children, session }) => /* @__PURE__ */ (0, import_jsx_runtime7.jsx)(SessionContext.Provider, { value: session || defaultSession, children });
-
-// src/constants.ts
-var DEFAULT_SCOPES = ["openid", "profile", "email", "forwardedTokens"];
-
 // src/config.ts
 var authConfig = {
   // TODO change this to the production URL once we're out of beta
   oauthServer: "https://auth-dev.civic.com/oauth/"
 };
 
-// src/react/providers/AuthProvider.tsx
-var import_jsx_runtime8 = require("react/jsx-runtime");
-var AuthContext = (0, import_react9.createContext)(null);
+// src/react/providers/ConfigProvider.tsx
+
+
+var defaultConfig = {
+  config: authConfig,
+  redirectUrl: "",
+  modalIframe: true,
+  serverTokenExchange: false
+};
+var ConfigContext = _react.createContext.call(void 0, defaultConfig);
+var ConfigProvider = ({
+  children,
+  config,
+  redirectUrl,
+  modalIframe,
+  serverTokenExchange
+}) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+  ConfigContext.Provider,
+  {
+    value: {
+      config,
+      redirectUrl,
+      modalIframe: !!modalIframe,
+      serverTokenExchange
+    },
+    children
+  }
+);
+
+// src/shared/AuthProvider.tsx
+
 var globalThisObject;
 if (typeof window !== "undefined") {
   globalThisObject = window;
@@ -877,78 +440,93 @@ if (typeof window !== "undefined") {
   globalThisObject = Function("return this")();
 }
 globalThisObject.globalThis = globalThisObject;
+function BlockDisplay({ children }) {
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white", children }) });
+}
 var AuthProvider = ({
   children,
   clientId,
   redirectUrl: inputRedirectUrl,
   config = authConfig,
-  nonce,
   onSignIn,
-  onSignOut
+  onSignOut,
+  pkceConsumer,
+  nonce,
+  modalIframe = true
 }) => {
-  const [iframeUrl, setIframeUrl] = (0, import_react9.useState)(null);
-  const [currentUrl, setCurrentUrl] = (0, import_react9.useState)(null);
-  const [isInIframe, setIsInIframe] = (0, import_react9.useState)(false);
-  const [authResponseUrl, setAuthResponseUrl] = (0, import_react9.useState)(null);
-  const [tokenExchangeInProgress, setTokenExchangeInProgress] = (0, import_react9.useState)(false);
-  const [tokenExchangeError, setTokenExchangeError] = (0, import_react9.useState)();
-  const queryClient2 = (0, import_react_query3.useQueryClient)();
-  (0, import_react9.useEffect)(() => {
-    var _a, _b;
+  const [iframeUrl, setIframeUrl] = _react.useState.call(void 0, null);
+  const [currentUrl, setCurrentUrl] = _react.useState.call(void 0, null);
+  const [isInIframe, setIsInIframe] = _react.useState.call(void 0, false);
+  const [authResponseUrl, setAuthResponseUrl] = _react.useState.call(void 0, null);
+  const [tokenExchangeError, setTokenExchangeError] = _react.useState.call(void 0, );
+  const [displayMode, setDisplayMode] = _react.useState.call(void 0, "iframe");
+  const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] = _react.useState.call(void 0, );
+  const [showIFrame, setShowIFrame] = _react.useState.call(void 0, false);
+  const [isRedirecting, setIsRedirecting] = _react.useState.call(void 0, false);
+  const queryClient3 = _reactquery.useQueryClient.call(void 0, );
+  const iframeRef = _react.useRef.call(void 0, null);
+  const serverTokenExchange = pkceConsumer instanceof _chunkYNLXRD5Ljs.ConfidentialClientPKCEConsumer;
+  _react.useEffect.call(void 0, () => {
     if (typeof globalThis.window !== "undefined") {
       setCurrentUrl(globalThis.window.location.href);
-      let isInIframeVal = false;
-      try {
-        if (((_b = (_a = globalThis.window) == null ? void 0 : _a.frameElement) == null ? void 0 : _b.id) === "civic-auth-iframe") {
-          isInIframeVal = true;
-        }
-      } catch (_e) {
-        isInIframeVal = false;
-      }
-      console.log("isInIframeVal", isInIframeVal);
+      const isInIframeVal = _chunkYNLXRD5Ljs.isWindowInIframe.call(void 0, globalThis.window);
       setIsInIframe(isInIframeVal);
     }
   }, []);
-  const redirectUrl = (0, import_react9.useMemo)(
+  const redirectUrl = _react.useMemo.call(void 0, 
     () => (inputRedirectUrl || currentUrl || "").split("?")[0],
     [currentUrl, inputRedirectUrl]
   );
-  const authService = (0, import_react9.useMemo)(
-    () => currentUrl ? new AuthSessionServiceImpl(
+  const [authService, setAuthService] = _react.useState.call(void 0, );
+  _react.useEffect.call(void 0, () => {
+    if (!currentUrl) return;
+    _chunkYNLXRD5Ljs.BrowserAuthenticationService.build({
       clientId,
       redirectUrl,
-      config == null ? void 0 : config.oauthServer,
-      config == null ? void 0 : config.endpoints
-    ) : null,
-    [currentUrl, clientId, redirectUrl, config]
-  );
+      oauthServer: config.oauthServer,
+      scopes: _chunkYNLXRD5Ljs.DEFAULT_SCOPES,
+      displayMode
+    }).then(setAuthService);
+  }, [currentUrl, clientId, redirectUrl, config, displayMode]);
   const {
     data: session,
     isLoading,
     error
-  } = (0, import_react_query3.useQuery)({
-    queryKey: ["session"],
-    queryFn: () => __async(void 0, null, function* () {
-      const url = new URL(globalThis.window.location.href || "");
-      console.log("AuthProvider useQuery", { isInIframe, url, authService });
+  } = _reactquery.useQuery.call(void 0, {
+    queryKey: [
+      "session",
+      authResponseUrl,
+      iframeUrl,
+      currentUrl,
+      isInIframe,
+      authService
+    ],
+    queryFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
       if (!authService) {
         return { authenticated: false };
       }
-      const existingSessionData = yield authService.validateExistingSession();
-      if (existingSessionData.authenticated) {
-        return existingSessionData;
-      }
+      const url = new URL(
+        authResponseUrl ? authResponseUrl : globalThis.window.location.href || ""
+      );
       const code = url.searchParams.get("code");
-      if (code && !isInIframe) {
+      const state = url.searchParams.get("state");
+      if (!serverTokenExchange && code && state && !isInIframe) {
         try {
-          console.log("AuthProvider useQuery code", { isInIframe, code });
-          setTokenExchangeInProgress(true);
-          const newSession = yield authService.tokenExchange(
-            globalThis.window.location.href
-          );
-          setTokenExchangeInProgress(false);
+          console.log("AuthProvider useQuery code", {
+            isInIframe,
+            code,
+            state
+          });
+          yield authService.tokenExchange(code, state);
+          const clientStorage = new (0, _chunkYNLXRD5Ljs.LocalStorageAdapter)();
+          const user = yield _chunkYNLXRD5Ljs.getUser.call(void 0, clientStorage);
+          if (!user) {
+            throw new Error("Failed to get user info");
+          }
+          const userSession = new (0, _chunkYNLXRD5Ljs.GenericUserSession)(clientStorage);
+          userSession.set(user);
           onSignIn == null ? void 0 : onSignIn();
-          return newSession;
+          return authService.getSessionData();
         } catch (error2) {
           setTokenExchangeError(error2);
           onSignIn == null ? void 0 : onSignIn(
@@ -957,174 +535,460 @@ var AuthProvider = ({
           return { authenticated: false };
         }
       }
+      const existingSessionData = yield authService.validateExistingSession();
+      if (existingSessionData.authenticated) {
+        return existingSessionData;
+      }
       return existingSessionData;
-    }),
-    enabled: !!authService && !!currentUrl && !isInIframe
+    })
   });
-  const signOutMutation = (0, import_react_query3.useMutation)({
-    mutationFn: () => __async(void 0, null, function* () {
-      authService == null ? void 0 : authService.updateSessionData({});
+  const signOutMutation = _reactquery.useMutation.call(void 0, {
+    mutationFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      const authInitiator = getAuthInitiator();
+      authInitiator == null ? void 0 : authInitiator.signOut();
+      setIframeUrl(null);
+      setShowIFrame(false);
       setAuthResponseUrl(null);
       onSignOut == null ? void 0 : onSignOut();
     }),
     onSuccess: () => {
-      queryClient2.setQueryData(["session"], null);
+      queryClient3.setQueryData(
+        [
+          "session",
+          authResponseUrl,
+          iframeUrl,
+          currentUrl,
+          isInIframe,
+          authService
+        ],
+        null
+      );
     }
   });
-  const signIn = (0, import_react9.useCallback)(
-    (overrideDisplayMode = "iframe") => __async(void 0, null, function* () {
-      if (!authService) return;
-      const url = yield authService.getAuthorizationUrl(
-        // This is the default scope. We will eventually pull this from the partner dashboard
-        DEFAULT_SCOPES,
-        overrideDisplayMode,
+  const getAuthInitiator = _react.useCallback.call(void 0, 
+    (overrideDisplayMode) => {
+      const useDisplayMode = overrideDisplayMode || displayMode;
+      if (!pkceConsumer) {
+        return null;
+      }
+      return browserAuthenticationInitiator || new (0, _chunkYNLXRD5Ljs.BrowserAuthenticationInitiator)({
+        pkceConsumer,
+        // generate and retrieve the challenge client-side
+        clientId,
+        redirectUrl,
+        state: _chunkYNLXRD5Ljs.generateState.call(void 0, useDisplayMode),
+        scopes: _chunkYNLXRD5Ljs.DEFAULT_SCOPES,
+        displayMode: useDisplayMode,
+        oauthServer: config.oauthServer,
+        // the endpoints to use for the login (if not obtained from the auth server
+        endpointOverrides: config.endpoints,
         nonce
-      );
+      });
+    },
+    [
+      displayMode,
+      browserAuthenticationInitiator,
+      clientId,
+      redirectUrl,
+      config.oauthServer,
+      config.endpoints,
+      pkceConsumer,
+      nonce
+    ]
+  );
+  const signIn = _react.useCallback.call(void 0, 
+    (overrideDisplayMode = "iframe") => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      setDisplayMode(overrideDisplayMode);
+      const authInitiator = getAuthInitiator(overrideDisplayMode);
+      setBrowserAuthenticationInitiator(authInitiator);
       if (overrideDisplayMode === "iframe") {
-        setIframeUrl(url);
-        return;
+        setShowIFrame(true);
+      } else if (overrideDisplayMode === "redirect") {
+        setIsRedirecting(true);
       }
-      authService.loadAuthorizationUrl(url, overrideDisplayMode);
+      authInitiator == null ? void 0 : authInitiator.signIn(iframeRef.current);
     }),
-    [authService, nonce]
+    [getAuthInitiator]
   );
-  const isAuthenticated = (0, import_react9.useMemo)(
+  const isAuthenticated = _react.useMemo.call(void 0, 
     () => session ? session.authenticated : false,
     [session]
   );
-  (0, import_react9.useEffect)(() => {
-    if (!authService || !authResponseUrl) return;
-    const url = new URL(authResponseUrl);
-    const code = url.searchParams.get("code");
-    console.log("AuthProvider useEffect code", {
-      isAuthenticated,
-      code,
-      tokenExchangeInProgress,
-      isInIframe
-    });
-    if (code && !isAuthenticated && !tokenExchangeInProgress && !isInIframe) {
-      try {
-        setTokenExchangeInProgress(true);
-        authService.tokenExchange(authResponseUrl).then((newSession) => {
-          queryClient2.setQueryData(["session"], newSession);
-          setIframeUrl(null);
-          onSignIn == null ? void 0 : onSignIn();
-        }).catch((error2) => {
-          setTokenExchangeError(error2);
-        }).finally(() => {
-          setTokenExchangeInProgress(false);
-        });
-      } catch (error2) {
-        setTokenExchangeInProgress(false);
-        onSignIn == null ? void 0 : onSignIn(
-          error2 instanceof Error ? error2 : new Error("Failed to sign in")
-        );
+  const {
+    data: autoSignIn,
+    isLoading: autoSignInLoading,
+    error: autoSignInError
+  } = _reactquery.useQuery.call(void 0, {
+    queryKey: ["autoSignIn", modalIframe, redirectUrl, isAuthenticated],
+    queryFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      if (!modalIframe && redirectUrl && !isAuthenticated && iframeRef.current) {
+        signIn("iframe");
       }
-    }
-  }, [
-    authService,
-    onSignIn,
-    queryClient2,
-    isAuthenticated,
-    authResponseUrl,
-    tokenExchangeInProgress,
-    isInIframe
-  ]);
-  const value = (0, import_react9.useMemo)(
+      return true;
+    }),
+    refetchOnWindowFocus: false
+  });
+  const value = _react.useMemo.call(void 0, 
     () => ({
       isLoading,
       error,
-      signOut: signOutMutation.mutate,
+      signOut: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+        yield signOutMutation.mutateAsync();
+      }),
       isAuthenticated,
       signIn
     }),
-    [isLoading, error, signOutMutation.mutate, isAuthenticated, signIn]
+    [isLoading, error, signOutMutation, isAuthenticated, signIn]
   );
-  return /* @__PURE__ */ (0, import_jsx_runtime8.jsx)(
-    AuthContext.Provider,
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, AuthContext.Provider, { value, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    ConfigProvider,
     {
-      value: __spreadProps(__spreadValues({}, value), {
-        signOut: () => __async(void 0, null, function* () {
-          yield signOutMutation.mutateAsync();
-        })
-      }),
-      children: /* @__PURE__ */ (0, import_jsx_runtime8.jsx)(
-        ParamsProvider,
+      config,
+      redirectUrl,
+      modalIframe,
+      serverTokenExchange,
+      children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+        SessionProvider,
         {
-          clientId,
-          redirectUrl,
-          config,
-          nonce,
-          children: /* @__PURE__ */ (0, import_jsx_runtime8.jsx)(SessionProvider, { session, children: /* @__PURE__ */ (0, import_jsx_runtime8.jsx)(TokenProvider, { children: /* @__PURE__ */ (0, import_jsx_runtime8.jsxs)(UserProvider, { children: [
-            !isInIframe && iframeUrl && !(session == null ? void 0 : session.authenticated) && /* @__PURE__ */ (0, import_jsx_runtime8.jsx)(
-              CivicAuthIframe,
+          session,
+          setAuthResponseUrl,
+          iframeRef,
+          children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, TokenProvider, { children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, UserProvider, { storage: new (0, _chunkYNLXRD5Ljs.LocalStorageAdapter)(), children: [
+            modalIframe && !isInIframe && !(session == null ? void 0 : session.authenticated) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "div",
               {
-                authUrl: iframeUrl,
-                redirectUri: redirectUrl,
-                setAuthResponseUrl,
-                onClose: () => setIframeUrl(null)
+                style: showIFrame ? { display: "block" } : { display: "none" },
+                children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+                  CivicAuthIframeContainer,
+                  {
+                    onClose: () => setShowIFrame(false)
+                  }
+                )
               }
             ),
-            (tokenExchangeInProgress || tokenExchangeError || isLoading || isInIframe) && /* @__PURE__ */ (0, import_jsx_runtime8.jsxs)("div", { className: "absolute left-0 top-0 z-[9999] flex h-screen w-screen items-center justify-center bg-white", children: [
-              " ",
-              /* @__PURE__ */ (0, import_jsx_runtime8.jsx)("div", { className: "absolute inset-0 flex items-center justify-center bg-white", children: tokenExchangeError ? /* @__PURE__ */ (0, import_jsx_runtime8.jsxs)("div", { children: [
-                "Error: ",
-                tokenExchangeError.message
-              ] }) : /* @__PURE__ */ (0, import_jsx_runtime8.jsx)(LoadingIcon, {}) })
-            ] }),
+            modalIframe && (isInIframe || isRedirecting || isLoading) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, BlockDisplay, { children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingIcon, {}) }),
+            (tokenExchangeError || error) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, BlockDisplay, { children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { children: [
+              "Error: ",
+              (tokenExchangeError || error).message
+            ] }) }),
             children
-          ] }) }) })
+          ] }) })
         }
       )
     }
-  );
+  ) });
 };
 
-// src/react/providers/CivicProvider.tsx
-var import_react_query4 = require("@tanstack/react-query");
-var import_jsx_runtime9 = require("react/jsx-runtime");
-var queryClient = new import_react_query4.QueryClient();
-var CivicProvider = (_a) => {
-  var _b = _a, { children } = _b, props = __objRest(_b, ["children"]);
-  return /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(import_react_query4.QueryClientProvider, { client: queryClient, children: /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(AuthProvider, __spreadProps(__spreadValues({}, props), { children })) });
+// src/shared/CivicAuthProvider.tsx
+
+require('@civic/auth/styles.css');
+
+var queryClient = new (0, _reactquery.QueryClient)();
+var CivicAuthProvider = (_a) => {
+  var _b = _a, { children } = _b, props = _chunkCRTRMMJ7js.__objRest.call(void 0, _b, ["children"]);
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _reactquery.QueryClientProvider, { client: queryClient, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    AuthProvider,
+    _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, props), {
+      pkceConsumer: new (0, _chunkYNLXRD5Ljs.BrowserPublicClientPKCEProducer)(),
+      children
+    })
+  ) });
 };
 
+// src/react/providers/NextAuthProvider.tsx
+
+
+// src/react/hooks/useUserCookie.ts
+
+var _navigationjs = require('next/navigation.js');
+
+
+// src/lib/cookies.ts
+var getCookieValue = (key, window2) => {
+  const cookie = window2.document.cookie;
+  if (!cookie) return null;
+  const cookies = cookie.split(";");
+  for (const c of cookies) {
+    const [name, value] = c.trim().split("=");
+    if (value && name === key) {
+      try {
+        return JSON.parse(decodeURIComponent(value));
+      } catch (e) {
+        console.log("Error parsing cookie value", e);
+        return value;
+      }
+    }
+  }
+  return null;
+};
+
+// src/react/hooks/useUserCookie.ts
+var getUserFromCookie = () => {
+  const userCookie = getCookieValue("user", globalThis.window);
+  return userCookie;
+};
+var useUserCookie = () => {
+  const hasRunRef = _react.useRef.call(void 0, false);
+  const router = _navigationjs.useRouter.call(void 0, );
+  const { data: user } = _reactquery.useQuery.call(void 0, {
+    queryKey: ["user"],
+    queryFn: () => getUserFromCookie(),
+    refetchInterval: 2e3,
+    refetchIntervalInBackground: true,
+    enabled: !hasRunRef.current,
+    refetchOnWindowFocus: true
+  });
+  _react.useEffect.call(void 0, () => {
+    if (user) {
+      if (!hasRunRef.current) {
+        hasRunRef.current = true;
+        router.refresh();
+      }
+    } else {
+      hasRunRef.current = false;
+    }
+  }, [user, router]);
+  return user;
+};
+
+// src/react/providers/NextAuthProvider.tsx
+
+
+
+var queryClient2 = new (0, _reactquery.QueryClient)();
+var defaultUserContext = { user: null };
+var UserContext2 = _react.createContext.call(void 0, defaultUserContext);
+var CivicNextAuthProvider = (_a) => {
+  var _b = _a, {
+    children
+  } = _b, props = _chunkCRTRMMJ7js.__objRest.call(void 0, _b, [
+    "children"
+  ]);
+  const user = useUserCookie();
+  const [redirectUrl, setRedirectUrl] = _react.useState.call(void 0, "");
+  const { clientId, oauthServer, callbackUrl, challengeUrl } = _chunkMVO4UZ2Ajs.resolveAuthConfig.call(void 0, );
+  _react.useEffect.call(void 0, () => {
+    if (typeof globalThis.window !== "undefined") {
+      const currentUrl = globalThis.window.location.href;
+      setRedirectUrl(_chunkMVO4UZ2Ajs.resolveCallbackUrl.call(void 0, _chunkMVO4UZ2Ajs.resolveAuthConfig.call(void 0, ), currentUrl));
+    }
+  }, [callbackUrl]);
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _reactquery.QueryClientProvider, { client: queryClient2, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    AuthProvider,
+    _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, props), {
+      redirectUrl,
+      config: { oauthServer },
+      clientId,
+      pkceConsumer: new (0, _chunkYNLXRD5Ljs.ConfidentialClientPKCEConsumer)(challengeUrl),
+      children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, UserContext2.Provider, { value: user, children })
+    })
+  ) });
+};
+var useNextUser = () => _react.useContext.call(void 0, UserContext2);
+
 // src/react/hooks/useUser.tsx
 var useUser = () => {
-  const context = (0, import_react10.useContext)(UserContext);
+  const context = _react.useContext.call(void 0, UserContext);
   if (!context) {
     throw new Error("useUser must be used within a UserProvider");
   }
   return context;
 };
 
-// src/react/hooks/useParams.tsx
-var import_react11 = require("react");
-var useParams = () => {
-  const context = (0, import_react11.useContext)(ParamsContext);
+// src/react/hooks/useConfig.tsx
+
+var useConfig = () => {
+  const context = _react.useContext.call(void 0, ConfigContext);
   if (!context) {
-    throw new Error("useParams must be used within an ParamsProvider");
+    throw new Error("useConfig must be used within an ConfigProvider");
   }
   return context;
 };
 
-// src/react/hooks/useSession.tsx
-var import_react12 = require("react");
-var useSession = () => {
-  const context = (0, import_react12.useContext)(SessionContext);
-  if (!context) {
-    throw new Error("useSession must be used within an SessionProvider");
+// src/react/components/UserButton.tsx
+
+
+var ChevronDown = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+  "svg",
+  {
+    xmlns: "http://www.w3.org/2000/svg",
+    width: "24",
+    height: "24",
+    viewBox: "0 0 24 24",
+    fill: "none",
+    stroke: "currentColor",
+    strokeWidth: "2",
+    strokeLinecap: "round",
+    strokeLinejoin: "round",
+    className: "lucide lucide-chevron-down",
+    children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "m6 9 6 6 6-6" })
   }
-  return context;
+);
+var ChevronUp = () => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+  "svg",
+  {
+    xmlns: "http://www.w3.org/2000/svg",
+    width: "24",
+    height: "24",
+    viewBox: "0 0 24 24",
+    fill: "none",
+    stroke: "currentColor",
+    strokeWidth: "2",
+    strokeLinecap: "round",
+    strokeLinejoin: "round",
+    className: "lucide lucide-chevron-up",
+    children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "m18 15-6-6-6 6" })
+  }
+);
+var UserButton = ({
+  displayMode,
+  className
+}) => {
+  const [isOpen, setIsOpen] = _react.useState.call(void 0, false);
+  const { signIn, isAuthenticated, signOut } = useAuth();
+  const { user } = useUser();
+  const handleClickOutside = _react.useCallback.call(void 0, (event) => {
+    const target = event.target;
+    if (!target.closest("#civic-dropdown-container")) {
+      setIsOpen(false);
+    }
+  }, []);
+  const handleSignOut = _react.useCallback.call(void 0, () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+    yield signOut();
+    setIsOpen(false);
+  }), [signOut]);
+  const handleSignIn = _react.useCallback.call(void 0, () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+    yield signIn(displayMode);
+    setIsOpen(false);
+  }), [signIn, displayMode]);
+  const handleEscape = _react.useCallback.call(void 0, (event) => {
+    if (event.key === "Escape") {
+      setIsOpen(false);
+    }
+  }, []);
+  _react.useEffect.call(void 0, () => {
+    if (isOpen) {
+      window.addEventListener("click", handleClickOutside);
+      window.addEventListener("keydown", handleEscape);
+    }
+    return () => {
+      window.removeEventListener("click", handleClickOutside);
+      window.removeEventListener("keydown", handleEscape);
+    };
+  }, [handleClickOutside, handleEscape, isOpen]);
+  if (isAuthenticated) {
+    return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { className: "cac-relative", id: "civic-dropdown-container", children: [
+      /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, 
+        "button",
+        {
+          className: _chunkYNLXRD5Ljs.cn.call(void 0, 
+            "cac-flex cac-w-full cac-items-center cac-justify-between cac-gap-2 cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-text-neutral-500 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
+            className
+          ),
+          onClick: () => setIsOpen((isOpen2) => !isOpen2),
+          children: [
+            (user == null ? void 0 : user.picture) ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "cac-relative cac-flex cac-h-10 cac-w-10 cac-shrink-0 cac-gap-2 cac-overflow-hidden cac-rounded-full", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+              "img",
+              {
+                className: "cac-h-full cac-w-full cac-object-cover",
+                src: user.picture,
+                alt: (user == null ? void 0 : user.name) || (user == null ? void 0 : user.email)
+              }
+            ) }) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", {}),
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { children: (user == null ? void 0 : user.name) || (user == null ? void 0 : user.email) }),
+            isOpen ? /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ChevronUp, {}) : /* @__PURE__ */ _jsxruntime.jsx.call(void 0, ChevronDown, {})
+          ]
+        }
+      ),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+        "div",
+        {
+          className: isOpen ? "cac-absolute cac-right-0 cac-mt-2 cac-w-full cac-rounded-lg cac-bg-white cac-py-2 cac-text-neutral-500 cac-shadow-xl" : "cac-hidden",
+          children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "ul", { children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "li", { children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+            "button",
+            {
+              className: "cac-block cac-w-full cac-px-4 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
+              onClick: handleSignOut,
+              children: "Logout"
+            }
+          ) }) })
+        }
+      )
+    ] });
+  }
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    "button",
+    {
+      "data-testid": "sign-in-button",
+      className: _chunkYNLXRD5Ljs.cn.call(void 0, 
+        "cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
+        className
+      ),
+      onClick: handleSignIn,
+      children: "Sign in"
+    }
+  );
 };
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  CivicProvider,
-  UserButton,
-  useAuth,
-  useParams,
-  useSession,
-  useToken,
-  useUser
-});
+
+// src/react/components/SignInButton.tsx
+
+var SignInButton = ({
+  displayMode,
+  className
+}) => {
+  const { signIn } = useAuth();
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    "button",
+    {
+      "data-testid": "sign-in-button",
+      className: _chunkYNLXRD5Ljs.cn.call(void 0, 
+        "cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
+        className
+      ),
+      onClick: () => signIn(displayMode),
+      children: "Sign In"
+    }
+  );
+};
+
+// src/react/components/SignOutButton.tsx
+
+var SignOutButton = ({ className }) => {
+  const { signOut } = useAuth();
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, 
+    "button",
+    {
+      className: _chunkYNLXRD5Ljs.cn.call(void 0, 
+        "cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
+        className
+      ),
+      onClick: () => signOut(),
+      children: "Sign Out"
+    }
+  );
+};
+
+// src/react/components/NextLogOut.tsx
+
+var NextLogOut = ({ children }) => {
+  const config = _chunkMVO4UZ2Ajs.resolveAuthConfig.call(void 0, );
+  const logoutUrl = `${config.logoutUrl}`;
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "a", { href: logoutUrl, children });
+};
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+exports.CivicAuthIframeContainer = CivicAuthIframeContainer; exports.CivicAuthProvider = CivicAuthProvider; exports.CivicNextAuthProvider = CivicNextAuthProvider; exports.NextLogOut = NextLogOut; exports.SignInButton = SignInButton; exports.SignOutButton = SignOutButton; exports.UserButton = UserButton; exports.useAuth = useAuth; exports.useConfig = useConfig; exports.useNextUser = useNextUser; exports.useSession = useSession; exports.useToken = useToken; exports.useUser = useUser; exports.useUserCookie = useUserCookie;
 //# sourceMappingURL=react.js.map