npm - @civic/auth - Versions diffs - 0.0.1-beta.2 → 0.0.1-beta.21 - Mend

@civic/auth 0.0.1-beta.2 → 0.0.1-beta.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (84) hide show

package/README.md +26 -0
package/dist/AuthProvider-Bj_Prt1x.d.ts +21 -0
package/dist/AuthProvider-DUAoX4G9.d.mts +21 -0
package/dist/UserProvider-CMLaYOUD.d.ts +16 -0
package/dist/UserProvider-Cbm8MZkJ.d.mts +16 -0
package/dist/chunk-4PLCDPEN.mjs +599 -0
package/dist/chunk-4PLCDPEN.mjs.map +1 -0
package/dist/chunk-5UQQYXCX.js +1 -0
package/dist/chunk-5UQQYXCX.js.map +1 -0
package/dist/chunk-6RFRDWIP.js +223 -0
package/dist/chunk-6RFRDWIP.js.map +1 -0
package/dist/chunk-7K3QN2AT.js +599 -0
package/dist/chunk-7K3QN2AT.js.map +1 -0
package/dist/chunk-AP4627CS.mjs +223 -0
package/dist/chunk-AP4627CS.mjs.map +1 -0
package/dist/chunk-CRTRMMJ7.js.map +1 -1
package/dist/chunk-CTVJJBBA.js +118 -0
package/dist/chunk-CTVJJBBA.js.map +1 -0
package/dist/chunk-FHRZSX3C.js +710 -0
package/dist/chunk-FHRZSX3C.js.map +1 -0
package/dist/chunk-JDZPCA3P.js +173 -0
package/dist/chunk-JDZPCA3P.js.map +1 -0
package/dist/chunk-MK7557NR.mjs +118 -0
package/dist/chunk-MK7557NR.mjs.map +1 -0
package/dist/chunk-NLRREFOX.mjs +710 -0
package/dist/chunk-NLRREFOX.mjs.map +1 -0
package/dist/chunk-O3WGNLRO.mjs +173 -0
package/dist/chunk-O3WGNLRO.mjs.map +1 -0
package/dist/chunk-PMJAV4JJ.mjs +1 -0
package/dist/chunk-PMJAV4JJ.mjs.map +1 -0
package/dist/index.css +63 -70
package/dist/index.css.map +1 -1
package/dist/index.d.mts +3 -1
package/dist/index.d.ts +3 -1
package/dist/index.js +2 -1
package/dist/index.js.map +1 -1
package/dist/index.mjs +1 -0
package/dist/nextjs/client.css +335 -0
package/dist/nextjs/client.css.map +1 -0
package/dist/nextjs/client.d.mts +12 -0
package/dist/nextjs/client.d.ts +12 -0
package/dist/nextjs/client.js +179 -0
package/dist/nextjs/client.js.map +1 -0
package/dist/nextjs/client.mjs +179 -0
package/dist/nextjs/client.mjs.map +1 -0
package/dist/nextjs.d.mts +67 -15
package/dist/nextjs.d.ts +67 -15
package/dist/nextjs.js +158 -180
package/dist/nextjs.js.map +1 -1
package/dist/nextjs.mjs +155 -177
package/dist/nextjs.mjs.map +1 -1
package/dist/react.d.mts +31 -81
package/dist/react.d.ts +31 -81
package/dist/react.js +35 -634
package/dist/react.js.map +1 -1
package/dist/react.mjs +65 -664
package/dist/react.mjs.map +1 -1
package/dist/server.d.mts +14 -34
package/dist/server.d.ts +14 -34
package/dist/server.js +4 -185
package/dist/server.js.map +1 -1
package/dist/server.mjs +10 -191
package/dist/server.mjs.map +1 -1
package/dist/storage-B2eAQNdv.d.ts +25 -0
package/dist/storage-BJPUpxhm.d.mts +25 -0
package/dist/types-Bqm9OCZN.d.mts +22 -0
package/dist/types-Bqm9OCZN.d.ts +22 -0
package/dist/types-HdCjGldB.d.mts +58 -0
package/dist/types-HdCjGldB.d.ts +58 -0
package/package.json +26 -17
package/dist/chunk-5NUJ7LFF.mjs +0 -17
package/dist/chunk-5NUJ7LFF.mjs.map +0 -1
package/dist/chunk-KS7ERXGZ.js +0 -481
package/dist/chunk-KS7ERXGZ.js.map +0 -1
package/dist/chunk-NINRO7GS.js +0 -209
package/dist/chunk-NINRO7GS.js.map +0 -1
package/dist/chunk-NXBKSUKI.mjs +0 -481
package/dist/chunk-NXBKSUKI.mjs.map +0 -1
package/dist/chunk-T7HUHQ3J.mjs +0 -209
package/dist/chunk-T7HUHQ3J.mjs.map +0 -1
package/dist/chunk-WZLC5B4C.js +0 -17
package/dist/chunk-WZLC5B4C.js.map +0 -1
package/dist/index-DoDoIY_K.d.mts +0 -79
package/dist/index-DoDoIY_K.d.ts +0 -79

package/dist/chunk-FHRZSX3C.js ADDED Viewed

@@ -0,0 +1,710 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+var _chunk7K3QN2ATjs = require('./chunk-7K3QN2AT.js');
+var _chunkCRTRMMJ7js = require('./chunk-CRTRMMJ7.js');
+// src/shared/hooks/useAuth.tsx
+var _react = require('react');
+// src/shared/AuthContext.tsx
+var AuthContext = _react.createContext.call(void 0, null);
+// src/shared/hooks/useAuth.tsx
+var useAuth = () => {
+  const context = _react.useContext.call(void 0, AuthContext);
+  if (!context) {
+    throw new Error("useAuth must be used within an AuthProvider");
+  }
+  return context;
+};
+// src/shared/hooks/useSession.tsx
+// src/shared/providers/SessionProvider.tsx
+var _jsxruntime = require('react/jsx-runtime');
+var defaultSession = {
+  authenticated: false,
+  idToken: void 0,
+  accessToken: void 0,
+  displayMode: "iframe"
+};
+var SessionContext = _react.createContext.call(void 0, defaultSession);
+var SessionProvider = ({ children, session }) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SessionContext.Provider, { value: _chunkCRTRMMJ7js.__spreadValues.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, defaultSession), session || {}), children });
+// src/shared/hooks/useSession.tsx
+var useSession = () => {
+  const context = _react.useContext.call(void 0, SessionContext);
+  if (!context) {
+    throw new Error("useSession must be used within an SessionProvider");
+  }
+  return context;
+};
+// src/shared/hooks/useToken.tsx
+// src/shared/providers/TokenProvider.tsx
+var _reactquery = require('@tanstack/react-query');
+var _jwt = require('oslo/jwt');
+var TokenContext = _react.createContext.call(void 0, void 0);
+var TokenProvider = ({ children }) => {
+  const { isLoading, error: authError } = useAuth();
+  const session = useSession();
+  const queryClient = _reactquery.useQueryClient.call(void 0, );
+  const refreshTokenMutation = _reactquery.useMutation.call(void 0, {
+    mutationFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      throw new Error("Method not implemented.");
+    }),
+    onSuccess: () => {
+      queryClient.invalidateQueries({ queryKey: ["session"] });
+    }
+  });
+  const decodeTokens = _react.useMemo.call(void 0, () => {
+    if (!(session == null ? void 0 : session.idToken)) return null;
+    const parsedJWT = _jwt.parseJWT.call(void 0, session.idToken);
+    if (!parsedJWT) return null;
+    const { forwardedTokens } = parsedJWT.payload;
+    return forwardedTokens ? _chunk7K3QN2ATjs.convertForwardedTokenFormat.call(void 0, forwardedTokens) : null;
+  }, [session == null ? void 0 : session.idToken]);
+  const value = _react.useMemo.call(void 0,
+    () => ({
+      accessToken: session.accessToken || null,
+      idToken: session.idToken || null,
+      forwardedTokens: decodeTokens || {},
+      refreshToken: refreshTokenMutation.mutateAsync,
+      isLoading,
+      error: authError || refreshTokenMutation.error
+    }),
+    [
+      session.accessToken,
+      session.idToken,
+      decodeTokens,
+      refreshTokenMutation.mutateAsync,
+      refreshTokenMutation.error,
+      isLoading,
+      authError
+    ]
+  );
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, TokenContext.Provider, { value, children });
+};
+// src/shared/hooks/useToken.tsx
+var useToken = () => {
+  const context = _react.useContext.call(void 0, TokenContext);
+  if (!context) {
+    throw new Error("useToken must be used within a TokenProvider");
+  }
+  return context;
+};
+// src/shared/hooks/useConfig.tsx
+// src/config.ts
+var authConfig = {
+  oauthServer: _chunk7K3QN2ATjs.DEFAULT_AUTH_SERVER
+};
+// src/shared/providers/ConfigProvider.tsx
+var defaultConfig = {
+  config: authConfig,
+  redirectUrl: "",
+  modalIframe: true,
+  serverTokenExchange: false
+};
+var ConfigContext = _react.createContext.call(void 0, defaultConfig);
+var ConfigProvider = ({
+  children,
+  config,
+  redirectUrl,
+  modalIframe,
+  serverTokenExchange
+}) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+  ConfigContext.Provider,
+  {
+    value: {
+      config,
+      redirectUrl,
+      modalIframe: !!modalIframe,
+      serverTokenExchange
+    },
+    children
+  }
+);
+// src/shared/hooks/useConfig.tsx
+var useConfig = () => {
+  const context = _react.useContext.call(void 0, ConfigContext);
+  if (!context) {
+    throw new Error("useConfig must be used within an ConfigProvider");
+  }
+  return context;
+};
+// src/shared/hooks/useIframe.tsx
+// src/shared/providers/IframeProvider.tsx
+var defaultIframe = {
+  iframeRef: null,
+  setAuthResponseUrl: () => {
+  }
+};
+var IframeContext = _react.createContext.call(void 0, defaultIframe);
+var IframeProvider = ({
+  children,
+  iframeRef,
+  setAuthResponseUrl
+}) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0, IframeContext.Provider, { value: { iframeRef, setAuthResponseUrl }, children });
+// src/shared/hooks/useIframe.tsx
+var useIframe = () => {
+  const context = _react.useContext.call(void 0, IframeContext);
+  if (!context) {
+    throw new Error("useIframe must be used within an IframeProvider");
+  }
+  return context;
+};
+// src/shared/components/CivicAuthIframeContainer.tsx
+// src/shared/components/LoadingIcon.tsx
+var LoadingIcon = () => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { role: "status", children: [
+  /* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
+    "svg",
+    {
+      "aria-hidden": "true",
+      className: "cac-inline cac-h-8 cac-w-8 cac-animate-spin cac-fill-neutral-600 cac-text-neutral-200 dark:cac-fill-neutral-300 dark:cac-text-neutral-600",
+      viewBox: "0 0 100 101",
+      fill: "none",
+      xmlns: "http://www.w3.org/2000/svg",
+      children: [
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+          "path",
+          {
+            d: "M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z",
+            fill: "currentColor"
+          }
+        ),
+        /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+          "path",
+          {
+            d: "M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z",
+            fill: "currentFill"
+          }
+        )
+      ]
+    }
+  ),
+  /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "span", { className: "cac-sr-only", children: "Loading..." })
+] });
+// src/shared/components/CloseIcon.tsx
+var CloseIcon = () => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
+  "svg",
+  {
+    xmlns: "http://www.w3.org/2000/svg",
+    width: "24",
+    height: "24",
+    viewBox: "0 0 24 24",
+    fill: "none",
+    stroke: "currentColor",
+    strokeWidth: "2",
+    strokeLinecap: "round",
+    strokeLinejoin: "round",
+    className: "lucide lucide-x",
+    children: [
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "M18 6 6 18" }),
+      /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "path", { d: "m6 6 12 12" })
+    ]
+  }
+);
+// src/shared/components/CivicAuthIframe.tsx
+var CivicAuthIframe = _react.forwardRef.call(void 0,
+  ({ onLoad }, ref) => {
+    return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+      "iframe",
+      {
+        id: _chunk7K3QN2ATjs.IFRAME_ID,
+        ref,
+        className: "cac-h-[26rem] cac-w-80 cac-border-none",
+        onLoad
+      }
+    );
+  }
+);
+CivicAuthIframe.displayName = "CivicAuthIframe";
+// src/shared/components/CivicAuthIframeContainer.tsx
+function NoChrome({
+  children
+}) {
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-relative", children });
+}
+function IframeChrome({
+  children,
+  onClose
+}) {
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+    "div",
+    {
+      className: "cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-neutral-950 cac-bg-opacity-50",
+      onClick: onClose,
+      children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
+        "div",
+        {
+          className: "cac-relative cac-rounded-3xl cac-bg-white cac-p-6 cac-shadow-lg",
+          onClick: (e) => e.stopPropagation(),
+          children: [
+            /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+              "button",
+              {
+                className: "cac-absolute cac-right-4 cac-top-4 cac-flex cac-cursor-pointer cac-items-center cac-justify-center cac-border-none cac-bg-transparent cac-p-1 cac-text-neutral-400",
+                onClick: onClose,
+                children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, CloseIcon, {})
+              }
+            ),
+            children
+          ]
+        }
+      )
+    }
+  );
+}
+var CivicAuthIframeContainer = ({
+  onClose,
+  closeOnRedirect = true
+}) => {
+  var _a;
+  const [isLoading, setIsLoading] = _react.useState.call(void 0, true);
+  const { isLoading: isAuthLoading } = useAuth();
+  const config = useConfig();
+  const { setAuthResponseUrl, iframeRef } = useIframe();
+  const processIframeUrl = _react.useCallback.call(void 0, () => {
+    if (iframeRef && iframeRef.current && iframeRef.current.contentWindow) {
+      try {
+        const iframeUrl = iframeRef.current.contentWindow.location.href;
+        if (iframeUrl.startsWith(config.redirectUrl)) {
+          setIsLoading(true);
+          const iframeBody = iframeRef.current.contentWindow.document.body.innerHTML;
+          if (iframeBody.includes(_chunk7K3QN2ATjs.TOKEN_EXCHANGE_TRIGGER_TEXT)) {
+            console.log(
+              `${_chunk7K3QN2ATjs.TOKEN_EXCHANGE_TRIGGER_TEXT}, calling callback URL again...`
+            );
+            const params = new URL(iframeUrl).searchParams;
+            fetch(`${config.redirectUrl}?${params.toString()}`);
+          } else {
+            setAuthResponseUrl(iframeUrl);
+          }
+          if (closeOnRedirect) onClose == null ? void 0 : onClose();
+          return true;
+        }
+      } catch (e) {
+        console.log("Waiting for redirect...");
+      }
+    }
+    return false;
+  }, [
+    closeOnRedirect,
+    config.redirectUrl,
+    iframeRef,
+    onClose,
+    setAuthResponseUrl
+  ]);
+  const intervalId = _react.useRef.call(void 0, );
+  const handleEscape = _react.useCallback.call(void 0,
+    (event) => {
+      if (event.key === "Escape") {
+        onClose == null ? void 0 : onClose();
+      }
+    },
+    [onClose]
+  );
+  _react.useEffect.call(void 0, () => {
+    window.addEventListener("keydown", handleEscape);
+    return () => window.removeEventListener("keydown", handleEscape);
+  });
+  const handleIframeLoad = () => {
+    setIsLoading(false);
+    console.log("handleIframeLoad");
+    if (processIframeUrl() && intervalId.current) {
+      clearInterval(intervalId.current);
+    }
+  };
+  const showLoadingIcon = isLoading || isAuthLoading || !((_a = iframeRef == null ? void 0 : iframeRef.current) == null ? void 0 : _a.getAttribute("src"));
+  const WrapperComponent = config.modalIframe ? IframeChrome : NoChrome;
+  return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, WrapperComponent, { onClose, children: [
+    showLoadingIcon && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-rounded-3xl cac-bg-white", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingIcon, {}) }),
+    /* @__PURE__ */ _jsxruntime.jsx.call(void 0, CivicAuthIframe, { ref: iframeRef, onLoad: handleIframeLoad })
+  ] });
+};
+// src/shared/UserProvider.tsx
+var UserContext = _react.createContext.call(void 0, null);
+var UserProvider = ({
+  children,
+  storage,
+  user: inputUser,
+  signOut: inputSignOut
+}) => {
+  var _a;
+  const { isLoading: authLoading, error: authError } = useAuth();
+  const session = useSession();
+  const { accessToken } = useToken();
+  const { signIn, signOut } = useAuth();
+  const fetchUser = () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+    if (!accessToken) {
+      return null;
+    }
+    const userSession = new (0, _chunk7K3QN2ATjs.GenericUserSession)(storage);
+    return userSession.get();
+  });
+  const {
+    data: user,
+    isLoading: userLoading,
+    error: userError
+  } = _reactquery.useQuery.call(void 0, {
+    queryKey: ["user", session == null ? void 0 : session.idToken],
+    queryFn: fetchUser,
+    enabled: !!(session == null ? void 0 : session.idToken)
+    // Only run the query if we have an access token
+  });
+  const isLoading = authLoading || userLoading;
+  const error = authError || userError;
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+    UserContext.Provider,
+    {
+      value: {
+        user: (_a = inputUser || user) != null ? _a : null,
+        isLoading,
+        error,
+        signIn,
+        signOut: inputSignOut || signOut
+      },
+      children
+    }
+  );
+};
+// src/shared/AuthProvider.tsx
+var globalThisObject;
+if (typeof window !== "undefined") {
+  globalThisObject = window;
+} else if (typeof global !== "undefined") {
+  globalThisObject = global;
+} else {
+  globalThisObject = Function("return this")();
+}
+globalThisObject.globalThis = globalThisObject;
+function BlockDisplay({ children }) {
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-relative cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white", children }) });
+}
+var AuthProvider = ({
+  children,
+  clientId,
+  redirectUrl: inputRedirectUrl,
+  config = authConfig,
+  onSignIn,
+  onSignOut,
+  pkceConsumer,
+  nonce,
+  modalIframe = true,
+  sessionData: inputSessionData
+}) => {
+  const [iframeUrl, setIframeUrl] = _react.useState.call(void 0, null);
+  const [currentUrl, setCurrentUrl] = _react.useState.call(void 0, null);
+  const [isInIframe, setIsInIframe] = _react.useState.call(void 0, false);
+  const [authResponseUrl, setAuthResponseUrl] = _react.useState.call(void 0, null);
+  const [tokenExchangeError, setTokenExchangeError] = _react.useState.call(void 0, );
+  const [displayMode, setDisplayMode] = _react.useState.call(void 0, "iframe");
+  const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] = _react.useState.call(void 0, );
+  const [showIFrame, setShowIFrame] = _react.useState.call(void 0, false);
+  const [isRedirecting, setIsRedirecting] = _react.useState.call(void 0, false);
+  const queryClient = _reactquery.useQueryClient.call(void 0, );
+  const iframeRef = _react.useRef.call(void 0, null);
+  const serverTokenExchange = pkceConsumer instanceof _chunk7K3QN2ATjs.ConfidentialClientPKCEConsumer;
+  _react.useEffect.call(void 0, () => {
+    if (typeof globalThis.window !== "undefined") {
+      setCurrentUrl(globalThis.window.location.href);
+      const isInIframeVal = _chunk7K3QN2ATjs.isWindowInIframe.call(void 0, globalThis.window);
+      setIsInIframe(isInIframeVal);
+    }
+  }, []);
+  const redirectUrl = _react.useMemo.call(void 0,
+    () => (inputRedirectUrl || currentUrl || "").split("?")[0],
+    [currentUrl, inputRedirectUrl]
+  );
+  const [authService, setAuthService] = _react.useState.call(void 0, );
+  _react.useEffect.call(void 0, () => {
+    if (!currentUrl) return;
+    _chunk7K3QN2ATjs.BrowserAuthenticationService.build({
+      clientId,
+      redirectUrl,
+      oauthServer: config.oauthServer,
+      scopes: _chunk7K3QN2ATjs.DEFAULT_SCOPES,
+      displayMode
+    }).then(setAuthService);
+  }, [currentUrl, clientId, redirectUrl, config, displayMode]);
+  const {
+    data: session,
+    isLoading,
+    error
+  } = _reactquery.useQuery.call(void 0, {
+    queryKey: [
+      "session",
+      authResponseUrl,
+      iframeUrl,
+      currentUrl,
+      isInIframe,
+      authService
+    ],
+    queryFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      if (!authService) {
+        return { authenticated: false };
+      }
+      if (inputSessionData) {
+        return inputSessionData;
+      }
+      const url = new URL(
+        authResponseUrl ? authResponseUrl : globalThis.window.location.href || ""
+      );
+      const existingSessionData = yield authService.validateExistingSession();
+      if (existingSessionData.authenticated) {
+        return existingSessionData;
+      }
+      const code = url.searchParams.get("code");
+      const state = url.searchParams.get("state");
+      if (!serverTokenExchange && code && state && !isInIframe) {
+        try {
+          console.log("AuthProvider useQuery code", {
+            isInIframe,
+            code,
+            state
+          });
+          yield authService.tokenExchange(code, state);
+          const clientStorage = new (0, _chunk7K3QN2ATjs.LocalStorageAdapter)();
+          const user = yield _chunk7K3QN2ATjs.getUser.call(void 0, clientStorage);
+          if (!user) {
+            throw new Error("Failed to get user info");
+          }
+          const userSession = new (0, _chunk7K3QN2ATjs.GenericUserSession)(clientStorage);
+          userSession.set(user);
+          onSignIn == null ? void 0 : onSignIn();
+          return authService.getSessionData();
+        } catch (error2) {
+          setTokenExchangeError(error2);
+          onSignIn == null ? void 0 : onSignIn(
+            error2 instanceof Error ? error2 : new Error("Failed to sign in")
+          );
+          return { authenticated: false };
+        }
+      }
+      return existingSessionData;
+    })
+  });
+  const signOutMutation = _reactquery.useMutation.call(void 0, {
+    mutationFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      const authInitiator = getAuthInitiator();
+      authInitiator == null ? void 0 : authInitiator.signOut();
+      setIframeUrl(null);
+      setShowIFrame(false);
+      setAuthResponseUrl(null);
+      onSignOut == null ? void 0 : onSignOut();
+    }),
+    onSuccess: () => {
+      queryClient.setQueryData(
+        [
+          "session",
+          authResponseUrl,
+          iframeUrl,
+          currentUrl,
+          isInIframe,
+          authService
+        ],
+        null
+      );
+    }
+  });
+  const getAuthInitiator = _react.useCallback.call(void 0,
+    (overrideDisplayMode) => {
+      const useDisplayMode = overrideDisplayMode || displayMode;
+      if (!pkceConsumer) {
+        return null;
+      }
+      return browserAuthenticationInitiator || new (0, _chunk7K3QN2ATjs.BrowserAuthenticationInitiator)({
+        pkceConsumer,
+        // generate and retrieve the challenge client-side
+        clientId,
+        redirectUrl,
+        state: _chunk7K3QN2ATjs.generateState.call(void 0, useDisplayMode, serverTokenExchange),
+        scopes: _chunk7K3QN2ATjs.DEFAULT_SCOPES,
+        displayMode: useDisplayMode,
+        oauthServer: config.oauthServer,
+        // the endpoints to use for the login (if not obtained from the auth server
+        endpointOverrides: config.endpoints,
+        nonce
+      });
+    },
+    [
+      serverTokenExchange,
+      displayMode,
+      browserAuthenticationInitiator,
+      clientId,
+      redirectUrl,
+      config.oauthServer,
+      config.endpoints,
+      pkceConsumer,
+      nonce
+    ]
+  );
+  const signIn = _react.useCallback.call(void 0,
+    (overrideDisplayMode = "iframe") => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      setDisplayMode(overrideDisplayMode);
+      const authInitiator = getAuthInitiator(overrideDisplayMode);
+      setBrowserAuthenticationInitiator(authInitiator);
+      if (overrideDisplayMode === "iframe") {
+        setShowIFrame(true);
+      } else if (overrideDisplayMode === "redirect") {
+        setIsRedirecting(true);
+      }
+      authInitiator == null ? void 0 : authInitiator.signIn(iframeRef.current).catch((error2) => {
+        console.log("signIn error", {
+          error: error2,
+          isPopupError: error2 instanceof _chunk7K3QN2ATjs.PopupError
+        });
+        if (error2 instanceof _chunk7K3QN2ATjs.PopupError) {
+          signIn("redirect");
+        }
+      });
+    }),
+    [getAuthInitiator]
+  );
+  _react.useEffect.call(void 0, () => {
+    return () => {
+      if (browserAuthenticationInitiator) {
+        browserAuthenticationInitiator.cleanup();
+      }
+    };
+  }, [browserAuthenticationInitiator]);
+  const isAuthenticated = _react.useMemo.call(void 0,
+    () => session ? session.authenticated : false,
+    [session]
+  );
+  _reactquery.useQuery.call(void 0, {
+    queryKey: ["autoSignIn", modalIframe, redirectUrl, isAuthenticated],
+    queryFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+      if (!modalIframe && redirectUrl && !isAuthenticated && iframeRef.current) {
+        signIn("iframe");
+      }
+      return true;
+    }),
+    refetchOnWindowFocus: false
+  });
+  const value = _react.useMemo.call(void 0,
+    () => ({
+      isLoading,
+      error,
+      signOut: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
+        yield signOutMutation.mutateAsync();
+      }),
+      isAuthenticated,
+      signIn
+    }),
+    [isLoading, error, signOutMutation, isAuthenticated, signIn]
+  );
+  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, AuthContext.Provider, { value, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+    ConfigProvider,
+    {
+      config,
+      redirectUrl,
+      modalIframe,
+      serverTokenExchange,
+      children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+        IframeProvider,
+        {
+          setAuthResponseUrl,
+          iframeRef,
+          children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, SessionProvider, { session, children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, TokenProvider, { children: [
+            modalIframe && !isInIframe && !(session == null ? void 0 : session.authenticated) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+              "div",
+              {
+                style: showIFrame ? { display: "block" } : { display: "none" },
+                children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
+                  CivicAuthIframeContainer,
+                  {
+                    onClose: () => setShowIFrame(false)
+                  }
+                )
+              }
+            ),
+            modalIframe && (isInIframe || isRedirecting || isLoading && !serverTokenExchange) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, BlockDisplay, { children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingIcon, {}) }),
+            (tokenExchangeError || error) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, BlockDisplay, { children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { children: [
+              "Error: ",
+              (tokenExchangeError || error).message
+            ] }) }),
+            children
+          ] }) })
+        }
+      )
+    }
+  ) });
+};
+exports.useAuth = useAuth; exports.useSession = useSession; exports.useToken = useToken; exports.UserContext = UserContext; exports.UserProvider = UserProvider; exports.useConfig = useConfig; exports.useIframe = useIframe; exports.CivicAuthIframeContainer = CivicAuthIframeContainer; exports.AuthProvider = AuthProvider;
+//# sourceMappingURL=chunk-FHRZSX3C.js.map