@civic/auth 0.0.1-beta.20 → 0.0.1-beta.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. package/dist/{chunk-CBQ3HKRV.mjs → chunk-4PLCDPEN.mjs} +3 -3
  2. package/dist/chunk-4PLCDPEN.mjs.map +1 -0
  3. package/dist/chunk-5AIZ4DVQ.mjs +712 -0
  4. package/dist/chunk-5AIZ4DVQ.mjs.map +1 -0
  5. package/dist/chunk-5UQQYXCX.js.map +1 -1
  6. package/dist/{chunk-O6DPCPRH.js → chunk-6RFRDWIP.js} +16 -16
  7. package/dist/chunk-6RFRDWIP.js.map +1 -0
  8. package/dist/{chunk-O2SODTR3.js → chunk-7K3QN2AT.js} +3 -3
  9. package/dist/chunk-7K3QN2AT.js.map +1 -0
  10. package/dist/{chunk-HTTTZ2BP.mjs → chunk-AP4627CS.mjs} +6 -6
  11. package/dist/chunk-AP4627CS.mjs.map +1 -0
  12. package/dist/chunk-CRTRMMJ7.js.map +1 -1
  13. package/dist/{chunk-DJFTZS4P.js → chunk-CTVJJBBA.js} +7 -7
  14. package/dist/chunk-CTVJJBBA.js.map +1 -0
  15. package/dist/{chunk-VJVRFKDH.js → chunk-FHRZSX3C.js} +21 -21
  16. package/dist/chunk-FHRZSX3C.js.map +1 -0
  17. package/dist/{chunk-CZ3AVCKD.js → chunk-JDZPCA3P.js} +9 -7
  18. package/dist/chunk-JDZPCA3P.js.map +1 -0
  19. package/dist/{chunk-BFESCRFK.mjs → chunk-MK7557NR.mjs} +3 -3
  20. package/dist/chunk-MK7557NR.mjs.map +1 -0
  21. package/dist/{chunk-UADVRCHY.mjs → chunk-NLRREFOX.mjs} +4 -4
  22. package/dist/chunk-NLRREFOX.mjs.map +1 -0
  23. package/dist/{chunk-X3FQBE22.mjs → chunk-O3WGNLRO.mjs} +8 -6
  24. package/dist/chunk-O3WGNLRO.mjs.map +1 -0
  25. package/dist/chunk-SN7YDQQH.js +712 -0
  26. package/dist/chunk-SN7YDQQH.js.map +1 -0
  27. package/dist/index.css +0 -3
  28. package/dist/index.css.map +1 -1
  29. package/dist/index.js.map +1 -1
  30. package/dist/nextjs/client.css +0 -3
  31. package/dist/nextjs/client.css.map +1 -1
  32. package/dist/nextjs/client.js +11 -11
  33. package/dist/nextjs/client.js.map +1 -1
  34. package/dist/nextjs/client.mjs +5 -5
  35. package/dist/nextjs.js +31 -31
  36. package/dist/nextjs.js.map +1 -1
  37. package/dist/nextjs.mjs +4 -4
  38. package/dist/react.js +13 -13
  39. package/dist/react.js.map +1 -1
  40. package/dist/react.mjs +3 -3
  41. package/dist/server.js +3 -3
  42. package/dist/server.js.map +1 -1
  43. package/dist/server.mjs +2 -2
  44. package/package.json +14 -14
  45. package/dist/chunk-BFESCRFK.mjs.map +0 -1
  46. package/dist/chunk-CBQ3HKRV.mjs.map +0 -1
  47. package/dist/chunk-CZ3AVCKD.js.map +0 -1
  48. package/dist/chunk-DJFTZS4P.js.map +0 -1
  49. package/dist/chunk-HTTTZ2BP.mjs.map +0 -1
  50. package/dist/chunk-O2SODTR3.js.map +0 -1
  51. package/dist/chunk-O6DPCPRH.js.map +0 -1
  52. package/dist/chunk-UADVRCHY.mjs.map +0 -1
  53. package/dist/chunk-VJVRFKDH.js.map +0 -1
  54. package/dist/chunk-X3FQBE22.mjs.map +0 -1
package/dist/{chunk-VJVRFKDH.js → chunk-FHRZSX3C.js} RENAMED
@@ -12,7 +12,8 @@
12
12
 
13
13
 
14
14
 
15
- var _chunkO2SODTR3js = require('./chunk-O2SODTR3.js');
15
+
16
+ var _chunk7K3QN2ATjs = require('./chunk-7K3QN2AT.js');
16
17
 
17
18
 
18
19
 
@@ -84,7 +85,7 @@ var TokenProvider = ({ children }) => {
84
85
  const parsedJWT = _jwt.parseJWT.call(void 0, session.idToken);
85
86
  if (!parsedJWT) return null;
86
87
  const { forwardedTokens } = parsedJWT.payload;
87
- return forwardedTokens ? _chunkO2SODTR3js.convertForwardedTokenFormat.call(void 0, forwardedTokens) : null;
88
+ return forwardedTokens ? _chunk7K3QN2ATjs.convertForwardedTokenFormat.call(void 0, forwardedTokens) : null;
88
89
  }, [session == null ? void 0 : session.idToken]);
89
90
  const value = _react.useMemo.call(void 0,
90
91
  () => ({
@@ -122,8 +123,7 @@ var useToken = () => {
122
123
 
123
124
  // src/config.ts
124
125
  var authConfig = {
125
- // TODO change this to the production URL once we're out of beta
126
- oauthServer: "https://auth-dev.civic.com/oauth/"
126
+ oauthServer: _chunk7K3QN2ATjs.DEFAULT_AUTH_SERVER
127
127
  };
128
128
 
129
129
  // src/shared/providers/ConfigProvider.tsx
@@ -258,7 +258,7 @@ var CivicAuthIframe = _react.forwardRef.call(void 0,
258
258
  return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
259
259
  "iframe",
260
260
  {
261
- id: _chunkO2SODTR3js.IFRAME_ID,
261
+ id: _chunk7K3QN2ATjs.IFRAME_ID,
262
262
  ref,
263
263
  className: "cac-h-[26rem] cac-w-80 cac-border-none",
264
264
  onLoad
@@ -321,9 +321,9 @@ var CivicAuthIframeContainer = ({
321
321
  if (iframeUrl.startsWith(config.redirectUrl)) {
322
322
  setIsLoading(true);
323
323
  const iframeBody = iframeRef.current.contentWindow.document.body.innerHTML;
324
- if (iframeBody.includes(_chunkO2SODTR3js.TOKEN_EXCHANGE_TRIGGER_TEXT)) {
324
+ if (iframeBody.includes(_chunk7K3QN2ATjs.TOKEN_EXCHANGE_TRIGGER_TEXT)) {
325
325
  console.log(
326
- `${_chunkO2SODTR3js.TOKEN_EXCHANGE_TRIGGER_TEXT}, calling callback URL again...`
326
+ `${_chunk7K3QN2ATjs.TOKEN_EXCHANGE_TRIGGER_TEXT}, calling callback URL again...`
327
327
  );
328
328
  const params = new URL(iframeUrl).searchParams;
329
329
  fetch(`${config.redirectUrl}?${params.toString()}`);
@@ -393,7 +393,7 @@ var UserProvider = ({
393
393
  if (!accessToken) {
394
394
  return null;
395
395
  }
396
- const userSession = new (0, _chunkO2SODTR3js.GenericUserSession)(storage);
396
+ const userSession = new (0, _chunk7K3QN2ATjs.GenericUserSession)(storage);
397
397
  return userSession.get();
398
398
  });
399
399
  const {
@@ -468,11 +468,11 @@ var AuthProvider = ({
468
468
  const [isRedirecting, setIsRedirecting] = _react.useState.call(void 0, false);
469
469
  const queryClient = _reactquery.useQueryClient.call(void 0, );
470
470
  const iframeRef = _react.useRef.call(void 0, null);
471
- const serverTokenExchange = pkceConsumer instanceof _chunkO2SODTR3js.ConfidentialClientPKCEConsumer;
471
+ const serverTokenExchange = pkceConsumer instanceof _chunk7K3QN2ATjs.ConfidentialClientPKCEConsumer;
472
472
  _react.useEffect.call(void 0, () => {
473
473
  if (typeof globalThis.window !== "undefined") {
474
474
  setCurrentUrl(globalThis.window.location.href);
475
- const isInIframeVal = _chunkO2SODTR3js.isWindowInIframe.call(void 0, globalThis.window);
475
+ const isInIframeVal = _chunk7K3QN2ATjs.isWindowInIframe.call(void 0, globalThis.window);
476
476
  setIsInIframe(isInIframeVal);
477
477
  }
478
478
  }, []);
@@ -483,11 +483,11 @@ var AuthProvider = ({
483
483
  const [authService, setAuthService] = _react.useState.call(void 0, );
484
484
  _react.useEffect.call(void 0, () => {
485
485
  if (!currentUrl) return;
486
- _chunkO2SODTR3js.BrowserAuthenticationService.build({
486
+ _chunk7K3QN2ATjs.BrowserAuthenticationService.build({
487
487
  clientId,
488
488
  redirectUrl,
489
489
  oauthServer: config.oauthServer,
490
- scopes: _chunkO2SODTR3js.DEFAULT_SCOPES,
490
+ scopes: _chunk7K3QN2ATjs.DEFAULT_SCOPES,
491
491
  displayMode
492
492
  }).then(setAuthService);
493
493
  }, [currentUrl, clientId, redirectUrl, config, displayMode]);
@@ -528,12 +528,12 @@ var AuthProvider = ({
528
528
  state
529
529
  });
530
530
  yield authService.tokenExchange(code, state);
531
- const clientStorage = new (0, _chunkO2SODTR3js.LocalStorageAdapter)();
532
- const user = yield _chunkO2SODTR3js.getUser.call(void 0, clientStorage);
531
+ const clientStorage = new (0, _chunk7K3QN2ATjs.LocalStorageAdapter)();
532
+ const user = yield _chunk7K3QN2ATjs.getUser.call(void 0, clientStorage);
533
533
  if (!user) {
534
534
  throw new Error("Failed to get user info");
535
535
  }
536
- const userSession = new (0, _chunkO2SODTR3js.GenericUserSession)(clientStorage);
536
+ const userSession = new (0, _chunk7K3QN2ATjs.GenericUserSession)(clientStorage);
537
537
  userSession.set(user);
538
538
  onSignIn == null ? void 0 : onSignIn();
539
539
  return authService.getSessionData();
@@ -577,13 +577,13 @@ var AuthProvider = ({
577
577
  if (!pkceConsumer) {
578
578
  return null;
579
579
  }
580
- return browserAuthenticationInitiator || new (0, _chunkO2SODTR3js.BrowserAuthenticationInitiator)({
580
+ return browserAuthenticationInitiator || new (0, _chunk7K3QN2ATjs.BrowserAuthenticationInitiator)({
581
581
  pkceConsumer,
582
582
  // generate and retrieve the challenge client-side
583
583
  clientId,
584
584
  redirectUrl,
585
- state: _chunkO2SODTR3js.generateState.call(void 0, useDisplayMode, serverTokenExchange),
586
- scopes: _chunkO2SODTR3js.DEFAULT_SCOPES,
585
+ state: _chunk7K3QN2ATjs.generateState.call(void 0, useDisplayMode, serverTokenExchange),
586
+ scopes: _chunk7K3QN2ATjs.DEFAULT_SCOPES,
587
587
  displayMode: useDisplayMode,
588
588
  oauthServer: config.oauthServer,
589
589
  // the endpoints to use for the login (if not obtained from the auth server
@@ -616,9 +616,9 @@ var AuthProvider = ({
616
616
  authInitiator == null ? void 0 : authInitiator.signIn(iframeRef.current).catch((error2) => {
617
617
  console.log("signIn error", {
618
618
  error: error2,
619
- isPopupError: error2 instanceof _chunkO2SODTR3js.PopupError
619
+ isPopupError: error2 instanceof _chunk7K3QN2ATjs.PopupError
620
620
  });
621
- if (error2 instanceof _chunkO2SODTR3js.PopupError) {
621
+ if (error2 instanceof _chunk7K3QN2ATjs.PopupError) {
622
622
  signIn("redirect");
623
623
  }
624
624
  });
@@ -707,4 +707,4 @@ var AuthProvider = ({
707
707
 
708
708
 
709
709
  exports.useAuth = useAuth; exports.useSession = useSession; exports.useToken = useToken; exports.UserContext = UserContext; exports.UserProvider = UserProvider; exports.useConfig = useConfig; exports.useIframe = useIframe; exports.CivicAuthIframeContainer = CivicAuthIframeContainer; exports.AuthProvider = AuthProvider;
710
- //# sourceMappingURL=chunk-VJVRFKDH.js.map
710
+ //# sourceMappingURL=chunk-FHRZSX3C.js.map
package/dist/chunk-FHRZSX3C.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/lucas/dev/civic/civic-auth/packages/civic-auth-client/dist/chunk-FHRZSX3C.js","../src/shared/hooks/useAuth.tsx","../src/shared/AuthContext.tsx","../src/shared/hooks/useSession.tsx","../src/shared/providers/SessionProvider.tsx","../src/shared/hooks/useToken.tsx","../src/shared/providers/TokenProvider.tsx","../src/shared/hooks/useConfig.tsx","../src/config.ts","../src/shared/providers/ConfigProvider.tsx","../src/shared/hooks/useIframe.tsx","../src/shared/providers/IframeProvider.tsx","../src/shared/components/CivicAuthIframeContainer.tsx","../src/shared/components/LoadingIcon.tsx","../src/shared/components/CloseIcon.tsx","../src/shared/components/CivicAuthIframe.tsx","../src/shared/UserProvider.tsx","../src/shared/AuthProvider.tsx"],"names":["createContext","useContext","jsx","jsxs","useEffect","useMemo","useRef","useState","useQuery","error"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACA;AACF,sDAA4B;AAC5B;AACA;ACpBA,8BAA2B;ADsB3B;AACA;AExBA;AAUO,IAAM,YAAA,EAAc,kCAAA,IAA0C,CAAA;AFiBrE;AACA;ACvBA,IAAM,QAAA,EAAU,CAAA,EAAA,GAAM;AACpB,EAAA,MAAM,QAAA,EAAU,+BAAA,WAAsB,CAAA;AAEtC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,6CAA6C,CAAA;AAAA,EAC/D;AAEA,EAAA,OAAO,OAAA;AACT,CAAA;ADuBA;AACA;AGpCA;AHsCA;AACA;AItCA;AAmBE,+CAAA;AAhBF,IAAM,eAAA,EAAwC;AAAA,EAC5C,aAAA,EAAe,KAAA;AAAA,EACf,OAAA,EAAS,KAAA,CAAA;AAAA,EACT,WAAA,EAAa,KAAA,CAAA;AAAA,EACb,WAAA,EAAa;AACf,CAAA;AAGA,IAAM,eAAA,EAAiBA,kCAAAA,cAAmD,CAAA;AAO1E,IAAM,gBAAA,EAAkB,CAAC,EAAE,QAAA,EAAU,QAAQ,CAAA,EAAA,mBAC3C,6BAAA,cAAC,CAAe,QAAA,EAAf,EAAwB,KAAA,EAAO,6CAAA,6CAAA,CAAA,CAAA,EAAK,cAAA,CAAA,EAAoB,QAAA,GAAW,CAAC,CAAA,CAAA,EAClE,SAAA,CACH,CAAA;AJ4BF;AACA;AG/CA,IAAM,WAAA,EAAa,CAAA,EAAA,GAAM;AACvB,EAAA,MAAM,QAAA,EAAUC,+BAAAA,cAAyB,CAAA;AACzC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,mDAAmD,CAAA;AAAA,EACrE;AACA,EAAA,OAAO,OAAA;AACT,CAAA;AHiDA;AACA;AK5DA;AL8DA;AACA;AM/DA;AACA,mDAA4C;AAI5C,+BAAyB;AAiErB;AArDJ,IAAM,aAAA,EAAeD,kCAAAA,KAA4C,CAAS,CAAA;AAE1E,IAAM,cAAA,EAAgB,CAAC,EAAE,SAAS,CAAA,EAAA,GAA+B;AAC/D,EAAA,MAAM,EAAE,SAAA,EAAW,KAAA,EAAO,UAAU,EAAA,EAAI,OAAA,CAAQ,CAAA;AAChD,EAAA,MAAM,QAAA,EAAU,UAAA,CAAW,CAAA;AAC3B,EAAA,MAAM,YAAA,EAAc,wCAAA,CAAe;AAEnC,EAAA,MAAM,qBAAA,EAAuB,qCAAA;AAAY,IACvC,UAAA,EAAY,CAAA,EAAA,GAAY,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAEtB,MAAA,MAAM,IAAI,KAAA,CAAM,yBAAyB,CAAA;AAAA,IAC3C,CAAA,CAAA;AAAA,IACA,SAAA,EAAW,CAAA,EAAA,GAAM;AAEf,MAAA,WAAA,CAAY,iBAAA,CAAkB,EAAE,QAAA,EAAU,CAAC,SAAS,EAAE,CAAC,CAAA;AAAA,IACzD;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,aAAA,EAAe,4BAAA,CAAQ,EAAA,GAAM;AACjC,IAAA,GAAA,CAAI,CAAA,CAAC,QAAA,GAAA,KAAA,EAAA,KAAA,EAAA,EAAA,OAAA,CAAS,OAAA,CAAA,EAAS,OAAO,IAAA;AAE9B,IAAA,MAAM,UAAA,EAAY,2BAAA,OAAS,CAAQ,OAAO,CAAA;AAE1C,IAAA,GAAA,CAAI,CAAC,SAAA,EAAW,OAAO,IAAA;AAEvB,IAAA,MAAM,EAAE,gBAAgB,EAAA,EAAI,SAAA,CAAU,OAAA;AAEtC,IAAA,OAAO,gBAAA,EACH,0DAAA,eAA2C,EAAA,EAC3C,IAAA;AAAA,EACN,CAAA,EAAG,CAAC,QAAA,GAAA,KAAA,EAAA,KAAA,EAAA,EAAA,OAAA,CAAS,OAAO,CAAC,CAAA;AAErB,EAAA,MAAM,MAAA,EAAQ,4BAAA;AAAA,IACZ,CAAA,EAAA,GAAA,CAAO;AAAA,MACL,WAAA,EAAa,OAAA,CAAQ,YAAA,GAAe,IAAA;AAAA,MACpC,OAAA,EAAS,OAAA,CAAQ,QAAA,GAAW,IAAA;AAAA,MAC5B,eAAA,EAAiB,aAAA,GAAgB,CAAC,CAAA;AAAA,MAClC,YAAA,EAAc,oBAAA,CAAqB,WAAA;AAAA,MACnC,SAAA;AAAA,MACA,KAAA,EAAQ,UAAA,GAAa,oBAAA,CAAqB;AAAA,IAC5C,CAAA,CAAA;AAAA,IACA;AAAA,MACE,OAAA,CAAQ,WAAA;AAAA,MACR,OAAA,CAAQ,OAAA;AAAA,MACR,YAAA;AAAA,MACA,oBAAA,CAAqB,WAAA;AAAA,MACrB,oBAAA,CAAqB,KAAA;AAAA,MACrB,SAAA;AAAA,MACA;AAAA,IACF;AAAA,EACF,CAAA;AAEA,EAAA,uBACEE,6BAAAA,YAAC,CAAa,QAAA,EAAb,EAAsB,KAAA,EAAe,SAAA,CAAS,CAAA;AAEnD,CAAA;ANqCA;AACA;AK3GA,IAAM,SAAA,EAAW,CAAA,EAAA,GAAM;AACrB,EAAA,MAAM,QAAA,EAAUD,+BAAAA,YAAuB,CAAA;AAEvC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,8CAA8C,CAAA;AAAA,EAChE;AAEA,EAAA,OAAO,OAAA;AACT,CAAA;AL2GA;AACA;AOvHA;APyHA;AACA;AQxHO,IAAM,WAAA,EAAqB;AAAA,EAChC,WAAA,EAAa;AACf,CAAA;AR0HA;AACA;AS7HA;AAgCE;AAxBF,IAAM,cAAA,EAAsC;AAAA,EAC1C,MAAA,EAAQ,UAAA;AAAA,EACR,WAAA,EAAa,EAAA;AAAA,EACb,WAAA,EAAa,IAAA;AAAA,EACb,mBAAA,EAAqB;AACvB,CAAA;AAEA,IAAM,cAAA,EAAgBD,kCAAAA,aAAiD,CAAA;AAUvE,IAAM,eAAA,EAAiB,CAAC;AAAA,EACtB,QAAA;AAAA,EACA,MAAA;AAAA,EACA,WAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA,EAAA,mBACEE,6BAAAA;AAAA,EAAC,aAAA,CAAc,QAAA;AAAA,EAAd;AAAA,IACC,KAAA,EAAO;AAAA,MACL,MAAA;AAAA,MACA,WAAA;AAAA,MACA,WAAA,EAAa,CAAC,CAAC,WAAA;AAAA,MACf;AAAA,IACF,CAAA;AAAA,IAEC;AAAA,EAAA;AACH,CAAA;ATgHF;AACA;AOxJA,IAAM,UAAA,EAAY,CAAA,EAAA,GAAM;AACtB,EAAA,MAAM,QAAA,EAAUD,+BAAAA,aAAwB,CAAA;AACxC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT,CAAA;AP0JA;AACA;AUrKA;AVuKA;AACA;AWxKA;AACE;AAAA;AA8BA;AAnBF,IAAM,cAAA,EAAsC;AAAA,EAC1C,SAAA,EAAW,IAAA;AAAA,EACX,kBAAA,EAAoB,CAAA,EAAA,GAAM;AAAA,EAAC;AAC7B,CAAA;AAGA,IAAM,cAAA,EAAgBD,kCAAAA,aAAiD,CAAA;AAQvE,IAAM,eAAA,EAAiB,CAAC;AAAA,EACtB,QAAA;AAAA,EACA,SAAA;AAAA,EACA;AACF,CAAA,EAAA,mBACEE,6BAAAA,aAAC,CAAc,QAAA,EAAd,EAAuB,KAAA,EAAO,EAAE,SAAA,EAAW,mBAAmB,CAAA,EAC5D,SAAA,CACH,CAAA;AXuJF;AACA;AUrLA,IAAM,UAAA,EAAY,CAAA,EAAA,GAAM;AACtB,EAAA,MAAM,QAAA,EAAUD,+BAAAA,aAAwB,CAAA;AACxC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT,CAAA;AVuLA;AACA;AYlMA;AZoMA;AACA;AapMI;AAFJ,IAAM,YAAA,EAAc,CAAA,EAAA,mBAClB,8BAAA,KAAC,EAAA,EAAI,IAAA,EAAK,QAAA,EACR,QAAA,EAAA;AAAA,kBAAA,8BAAA;AAAA,IAAC,KAAA;AAAA,IAAA;AAAA,MACC,aAAA,EAAY,MAAA;AAAA,MACZ,SAAA,EAAU,2IAAA;AAAA,MACV,OAAA,EAAQ,aAAA;AAAA,MACR,IAAA,EAAK,MAAA;AAAA,MACL,KAAA,EAAM,4BAAA;AAAA,MAEN,QAAA,EAAA;AAAA,wBAAAC,6BAAAA;AAAA,UAAC,MAAA;AAAA,UAAA;AAAA,YACC,CAAA,EAAE,8WAAA;AAAA,YACF,IAAA,EAAK;AAAA,UAAA;AAAA,QACP,CAAA;AAAA,wBACAA,6BAAAA;AAAA,UAAC,MAAA;AAAA,UAAA;AAAA,YACC,CAAA,EAAE,+kBAAA;AAAA,YACF,IAAA,EAAK;AAAA,UAAA;AAAA,QACP;AAAA,MAAA;AAAA,IAAA;AAAA,EACF,CAAA;AAAA,kBACAA,6BAAAA,MAAC,EAAA,EAAK,SAAA,EAAU,aAAA,EAAc,QAAA,EAAA,aAAA,CAAU;AAAA,EAAA,CAC1C,CAAA;AbkNF;AACA;AcrOE;AADF,IAAM,UAAA,EAAY,CAAA,EAAA,mBAChBC,8BAAAA;AAAA,EAAC,KAAA;AAAA,EAAA;AAAA,IACC,KAAA,EAAM,4BAAA;AAAA,IACN,KAAA,EAAM,IAAA;AAAA,IACN,MAAA,EAAO,IAAA;AAAA,IACP,OAAA,EAAQ,WAAA;AAAA,IACR,IAAA,EAAK,MAAA;AAAA,IACL,MAAA,EAAO,cAAA;AAAA,IACP,WAAA,EAAY,GAAA;AAAA,IACZ,aAAA,EAAc,OAAA;AAAA,IACd,cAAA,EAAe,OAAA;AAAA,IACf,SAAA,EAAU,iBAAA;AAAA,IAEV,QAAA,EAAA;AAAA,sBAAAD,6BAAAA,MAAC,EAAA,EAAK,CAAA,EAAE,aAAA,CAAa,CAAA;AAAA,sBACrBA,6BAAAA,MAAC,EAAA,EAAK,CAAA,EAAE,aAAA,CAAa;AAAA,IAAA;AAAA,EAAA;AACvB,CAAA;Ad4OF;AACA;Ae1PA;AASM;AAHN,IAAM,gBAAA,EAAkB,+BAAA;AAAA,EACtB,CAAC,EAAE,OAAO,CAAA,EAAG,GAAA,EAAA,GAAQ;AACnB,IAAA,uBACEA,6BAAAA;AAAA,MAAC,QAAA;AAAA,MAAA;AAAA,QACC,EAAA,EAAI,0BAAA;AAAA,QACJ,GAAA;AAAA,QACA,SAAA,EAAU,wCAAA;AAAA,QACV;AAAA,MAAA;AAAA,IACF,CAAA;AAAA,EAEJ;AACF,CAAA;AAEA,eAAA,CAAgB,YAAA,EAAc,iBAAA;AfwP9B;AACA;AY1PS;AANT,SAAS,QAAA,CAAS;AAAA,EAChB;AACF,CAAA,EAGG;AACD,EAAA,uBAAOA,6BAAAA,KAAC,EAAA,EAAI,SAAA,EAAU,cAAA,EAAgB,SAAA,CAAS,CAAA;AACjD;AAEA,SAAS,YAAA,CAAa;AAAA,EACpB,QAAA;AAAA,EACA;AACF,CAAA,EAGG;AACD,EAAA,uBACEA,6BAAAA;AAAA,IAAC,KAAA;AAAA,IAAA;AAAA,MACC,SAAA,EAAU,wJAAA;AAAA,MACV,OAAA,EAAS,OAAA;AAAA,MAET,QAAA,kBAAAC,8BAAAA;AAAA,QAAC,KAAA;AAAA,QAAA;AAAA,UACC,SAAA,EAAU,iEAAA;AAAA,UACV,OAAA,EAAS,CAAC,CAAA,EAAA,GAAM,CAAA,CAAE,eAAA,CAAgB,CAAA;AAAA,UAElC,QAAA,EAAA;AAAA,4BAAAD,6BAAAA;AAAA,cAAC,QAAA;AAAA,cAAA;AAAA,gBACC,SAAA,EAAU,oKAAA;AAAA,gBACV,OAAA,EAAS,OAAA;AAAA,gBAET,QAAA,kBAAAA,6BAAAA,SAAC,EAAA,CAAA,CAAU;AAAA,cAAA;AAAA,YACb,CAAA;AAAA,YAEC;AAAA,UAAA;AAAA,QAAA;AAAA,MACH;AAAA,IAAA;AAAA,EACF,CAAA;AAEJ;AACA,IAAM,yBAAA,EAA2B,CAAC;AAAA,EAChC,OAAA;AAAA,EACA,gBAAA,EAAkB;AACpB,CAAA,EAAA,GAAqC;AAtDrC,EAAA,IAAA,EAAA;AAuDE,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,EAAA,EAAI,6BAAA,IAAa,CAAA;AAC/C,EAAA,MAAM,EAAE,SAAA,EAAW,cAAc,EAAA,EAAI,OAAA,CAAQ,CAAA;AAC7C,EAAA,MAAM,OAAA,EAAS,SAAA,CAAU,CAAA;AACzB,EAAA,MAAM,EAAE,kBAAA,EAAoB,UAAU,EAAA,EAAI,SAAA,CAAU,CAAA;AACpD,EAAA,MAAM,iBAAA,EAAmB,gCAAA,CAAY,EAAA,GAAM;AACzC,IAAA,GAAA,CAAI,UAAA,GAAa,SAAA,CAAU,QAAA,GAAW,SAAA,CAAU,OAAA,CAAQ,aAAA,EAAe;AACrE,MAAA,IAAI;AACF,QAAA,MAAM,UAAA,EAAY,SAAA,CAAU,OAAA,CAAQ,aAAA,CAAc,QAAA,CAAS,IAAA;AAE3D,QAAA,GAAA,CAAI,SAAA,CAAU,UAAA,CAAW,MAAA,CAAO,WAAW,CAAA,EAAG;AAE5C,UAAA,YAAA,CAAa,IAAI,CAAA;AACjB,UAAA,MAAM,WAAA,EACJ,SAAA,CAAU,OAAA,CAAQ,aAAA,CAAc,QAAA,CAAS,IAAA,CAAK,SAAA;AAOhD,UAAA,GAAA,CAAI,UAAA,CAAW,QAAA,CAAS,4CAA2B,CAAA,EAAG;AACpD,YAAA,OAAA,CAAQ,GAAA;AAAA,cACN,CAAA,EAAA;AACF,YAAA;AACA,YAAA;AACA,YAAA;AACF,UAAA;AAGE,YAAA;AACF,UAAA;AAEI,UAAA;AACJ,UAAA;AACF,QAAA;AACM,MAAA;AAEN,QAAA;AACF,MAAA;AACF,IAAA;AACO,IAAA;AACN,EAAA;AACD,IAAA;AACO,IAAA;AACP,IAAA;AACA,IAAA;AACA,IAAA;AACD,EAAA;AAEK,EAAA;AAEA,EAAA;AACsB,IAAA;AACpB,MAAA;AACF,QAAA;AACF,MAAA;AACF,IAAA;AACQ,IAAA;AACV,EAAA;AAGU,EAAA;AACD,IAAA;AAEA,IAAA;AACR,EAAA;AAEK,EAAA;AACJ,IAAA;AACQ,IAAA;AACJ,IAAA;AACF,MAAA;AACF,IAAA;AACF,EAAA;AACM,EAAA;AAGA,EAAA;AAGJ,EAAA;AACG,IAAA;AAMD,oBAAA;AACF,EAAA;AAEJ;AZqOe;AACA;AgBtXN;AACA;AAwDL;AAxCE;AAEA;AACJ,EAAA;AACA,EAAA;AACM,EAAA;AACG,EAAA;AAML;AA9BN,EAAA;AA+BU,EAAA;AACF,EAAA;AACE,EAAA;AACA,EAAA;AAEF,EAAA;AACC,IAAA;AACI,MAAA;AACT,IAAA;AACM,IAAA;AACC,IAAA;AACT,EAAA;AAEM,EAAA;AACE,IAAA;AACK,IAAA;AACJ,IAAA;AAC2C,EAAA;AACvC,IAAA;AACF,IAAA;AACC,IAAA;AAAU;AACrB,EAAA;AAEK,EAAA;AACA,EAAA;AAGJ,EAAA;AAAC,IAAA;AAAA,IAAA;AACQ,MAAA;AACE,QAAA;AACP,QAAA;AACA,QAAA;AACA,QAAA;AACA,QAAA;AACF,MAAA;AAEC,MAAA;AAAA,IAAA;AACH,EAAA;AAEJ;AhBkWe;AACA;AiBxaf;AAEE;AACAE;AACAC;AACAC;AACAC;AACK;AACE;AAsDH;AA1BF;AACO;AACT,EAAA;AACS;AACT,EAAA;AACK;AACL,EAAA;AACF;AACA;AAeS;AAEL,EAAA;AAMJ;AAEM;AACJ,EAAA;AACA,EAAA;AACa,EAAA;AACJ,EAAA;AACT,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACa,EAAA;AACU;AAChB,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AAEA,EAAA;AACA,EAAA;AACD,EAAA;AACA,EAAA;AAGA,EAAA;AAGI,EAAA;AACG,IAAA;AACT,MAAA;AACM,MAAA;AACN,MAAA;AACF,IAAA;AACG,EAAA;AAEC,EAAA;AACG,IAAA;AACN,IAAA;AACH,EAAA;AAEO,EAAA;AAEG,EAAA;AACH,IAAA;AACL,IAAA;AACE,MAAA;AACA,MAAA;AACA,MAAA;AACQ,MAAA;AACR,MAAA;AACM,IAAA;AACN,EAAA;AAEE,EAAA;AACE,IAAA;AACN,IAAA;AACA,IAAA;AACEC,EAAAA;AACQ,IAAA;AACR,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AACS,IAAA;AACF,MAAA;AACI,QAAA;AACT,MAAA;AACI,MAAA;AACK,QAAA;AACT,MAAA;AACM,MAAA;AACJ,QAAA;AAGF,MAAA;AAIM,MAAA;AACF,MAAA;AACK,QAAA;AACT,MAAA;AACM,MAAA;AACA,MAAA;AACD,MAAA;AACC,QAAA;AACF,UAAA;AACE,YAAA;AACA,YAAA;AACA,YAAA;AACD,UAAA;AACD,UAAA;AACA,UAAA;AACA,UAAA;AACK,UAAA;AACH,YAAA;AACF,UAAA;AAEA,UAAA;AACA,UAAA;AAEA,UAAA;AACA,UAAA;AACF,QAAA;AACE,UAAA;AACA,UAAA;AACEC,YAAAA;AAA8D,UAAA;AAEhE,UAAA;AACF,QAAA;AACF,MAAA;AAEO,MAAA;AACT,IAAA;AACD,EAAA;AAEK,EAAA;AACJ,IAAA;AAEQ,MAAA;AACN,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AACW,IAAA;AACT,MAAA;AACE,QAAA;AACE,UAAA;AACA,UAAA;AACA,UAAA;AACA,UAAA;AACA,UAAA;AACA,UAAA;AACF,QAAA;AACA,QAAA;AACF,MAAA;AACF,IAAA;AACD,EAAA;AAEK,EAAA;AACH,IAAA;AACO,MAAA;AACD,MAAA;AACI,QAAA;AACT,MAAA;AAEE,MAAA;AAEE,QAAA;AAAA;AACA,QAAA;AACA,QAAA;AACO,QAAA;AACP,QAAA;AACA,QAAA;AACA,QAAA;AAAoB;AAEpB,QAAA;AACA,QAAA;AACD,MAAA;AAEL,IAAA;AACA,IAAA;AACE,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACO,MAAA;AACA,MAAA;AACP,MAAA;AACA,MAAA;AACF,IAAA;AACF,EAAA;AAEM,EAAA;AACG,IAAA;AACL,MAAA;AACM,MAAA;AACN,MAAA;AACI,MAAA;AACF,QAAA;AACF,MAAA;AACE,QAAA;AACF,MAAA;AACA,MAAA;AACE,QAAA;AACE,UAAA;AACA,UAAA;AACD,QAAA;AAEGA,QAAAA;AACF,UAAA;AACF,QAAA;AACF,MAAA;AACF,IAAA;AACC,IAAA;AACH,EAAA;AAGU,EAAA;AACD,IAAA;AACD,MAAA;AACF,QAAA;AACF,MAAA;AACF,IAAA;AACE,EAAA;AAEE,EAAA;AACG,IAAA;AACC,IAAA;AACV,EAAA;AAES,EAAA;AACI,IAAA;AACF,IAAA;AAEJ,MAAA;AAKM,QAAA;AACT,MAAA;AACO,MAAA;AACT,IAAA;AACA,IAAA;AACD,EAAA;AAEK,EAAA;AACG,IAAA;AACL,MAAA;AACA,MAAA;AACS,MAAA;AACD,QAAA;AACR,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AACC,IAAA;AACH,EAAA;AAEE,EAAA;AACG,IAAA;AAAA,IAAA;AACC,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AAEA,MAAA;AAAC,QAAA;AAAA,QAAA;AACC,UAAA;AACA,UAAA;AAEA,UAAA;AAEK,YAAA;AACE,cAAA;AAAA,cAAA;AAAA,gBAAA;AAEyD,gBAAA;AAGxD,kBAAA;AAAC,kBAAA;AAAA,oBAAA;AACmC,kBAAA;AAAA,gBAAA;AACpC,cAAA;AACF,YAAA;AAGD,YAAA;AASC,YAAA;AAEO,cAAA;AACM,cAAA;AACX,YAAA;AAGH,YAAA;AACH,UAAA;AACF,QAAA;AACF,MAAA;AAAA,IAAA;AAEJ,EAAA;AAEJ;AjB2Ue;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/lucas/dev/civic/civic-auth/packages/civic-auth-client/dist/chunk-FHRZSX3C.js","sourcesContent":[null,"\"use client\";\nimport { useContext } from \"react\";\n\nimport { AuthContext } from \"@/shared/AuthContext.tsx\";\n\nconst useAuth = () => {\n const context = useContext(AuthContext);\n\n if (!context) {\n throw new Error(\"useAuth must be used within an AuthProvider\");\n }\n\n return context;\n};\n\nexport { useAuth };\n","import { createContext } from \"react\";\nimport { DisplayMode } from \"@/types.ts\";\n\nexport type AuthContextType = {\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n isAuthenticated: boolean;\n isLoading: boolean;\n error: Error | null;\n signOut: () => Promise<void>;\n};\nexport const AuthContext = createContext<AuthContextType | null>(null);\n","\"use client\";\nimport { useContext } from \"react\";\nimport { SessionContext } from \"@/shared/providers/SessionProvider\";\n\n// TokenProvider will use this internal context to access session\nconst useSession = () => {\n const context = useContext(SessionContext);\n if (!context) {\n throw new Error(\"useSession must be used within an SessionProvider\");\n }\n return context;\n};\n\nexport { useSession };\n","\"use client\";\nimport { SessionData } from \"@/types\";\nimport { createContext, ReactNode } from \"react\";\n\nexport type SessionProviderOutput = SessionData;\nconst defaultSession: SessionProviderOutput = {\n authenticated: false,\n idToken: undefined,\n accessToken: undefined,\n displayMode: \"iframe\",\n};\n\n// Context for exposing session specifically to the TokenProvider\nconst SessionContext = createContext<SessionProviderOutput>(defaultSession);\n\ntype SessionContextType = {\n children: ReactNode;\n session?: SessionData | null;\n};\n\nconst SessionProvider = ({ children, session }: SessionContextType) => (\n <SessionContext.Provider value={{ ...defaultSession, ...(session || {}) }}>\n {children}\n </SessionContext.Provider>\n);\n\nexport type { SessionContextType };\nexport { SessionProvider, SessionContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { TokenContext } from \"@/shared/providers/TokenProvider\";\n\nconst useToken = () => {\n const context = useContext(TokenContext);\n\n if (!context) {\n throw new Error(\"useToken must be used within a TokenProvider\");\n }\n\n return context;\n};\n\nexport { useToken };\n","\"use client\";\nimport { createContext, ReactNode, useMemo } from \"react\";\nimport { useMutation, useQueryClient } from \"@tanstack/react-query\";\nimport { useAuth } from \"@/shared/hooks/useAuth\";\nimport { useSession } from \"@/shared/hooks/useSession\";\nimport { ForwardedTokens, IdToken } from \"@/types\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\n\ntype TokenContextType = {\n accessToken: string | null;\n idToken: string | null;\n forwardedTokens: ForwardedTokens;\n refreshToken: () => Promise<void>;\n isLoading: boolean;\n error: Error | null;\n};\n\nconst TokenContext = createContext<TokenContextType | undefined>(undefined);\n\nconst TokenProvider = ({ children }: { children: ReactNode }) => {\n const { isLoading, error: authError } = useAuth();\n const session = useSession();\n const queryClient = useQueryClient();\n\n const refreshTokenMutation = useMutation({\n mutationFn: async () => {\n // Implement token refresh logic here\n throw new Error(\"Method not implemented.\");\n },\n onSuccess: () => {\n // Invalidate and refetch queries that depend on the auth session\n queryClient.invalidateQueries({ queryKey: [\"session\"] });\n },\n });\n\n const decodeTokens = useMemo(() => {\n if (!session?.idToken) return null;\n\n const parsedJWT = parseJWT(session.idToken) as IdToken | null;\n\n if (!parsedJWT) return null;\n\n const { forwardedTokens } = parsedJWT.payload;\n\n return forwardedTokens\n ? convertForwardedTokenFormat(forwardedTokens)\n : null;\n }, [session?.idToken]);\n\n const value = useMemo(\n () => ({\n accessToken: session.accessToken || null,\n idToken: session.idToken || null,\n forwardedTokens: decodeTokens || {},\n refreshToken: refreshTokenMutation.mutateAsync,\n isLoading,\n error: (authError || refreshTokenMutation.error) as Error | null,\n }),\n [\n session.accessToken,\n session.idToken,\n decodeTokens,\n refreshTokenMutation.mutateAsync,\n refreshTokenMutation.error,\n isLoading,\n authError,\n ],\n );\n\n return (\n <TokenContext.Provider value={value}>{children}</TokenContext.Provider>\n );\n};\n\nexport type { TokenContextType };\nexport { TokenProvider, TokenContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { ConfigContext } from \"@/shared/providers/ConfigProvider\";\n\n// TokenProvider will use this internal context to access Config\nconst useConfig = () => {\n const context = useContext(ConfigContext);\n if (!context) {\n throw new Error(\"useConfig must be used within an ConfigProvider\");\n }\n return context;\n};\n\nexport { useConfig };\n","import { Config } from \"@/types\";\nimport { DEFAULT_AUTH_SERVER } from \"./constants\";\n\nexport const authConfig: Config = {\n oauthServer: DEFAULT_AUTH_SERVER,\n};\n","\"use client\";\nimport { authConfig } from \"@/config\";\nimport { Config } from \"@/types\";\nimport { createContext, ReactNode } from \"react\";\n\nexport type ConfigProviderOutput = {\n config: Config;\n redirectUrl: string;\n modalIframe: boolean;\n serverTokenExchange: boolean;\n};\nconst defaultConfig: ConfigProviderOutput = {\n config: authConfig,\n redirectUrl: \"\",\n modalIframe: true,\n serverTokenExchange: false,\n};\n// Context for exposing Config specifically to the TokenProvider\nconst ConfigContext = createContext<ConfigProviderOutput>(defaultConfig);\n\ntype ConfigContextType = {\n children: ReactNode;\n config: Config;\n redirectUrl: string;\n modalIframe?: boolean;\n serverTokenExchange: boolean;\n};\n\nconst ConfigProvider = ({\n children,\n config,\n redirectUrl,\n modalIframe,\n serverTokenExchange,\n}: ConfigContextType) => (\n <ConfigContext.Provider\n value={{\n config,\n redirectUrl,\n modalIframe: !!modalIframe,\n serverTokenExchange,\n }}\n >\n {children}\n </ConfigContext.Provider>\n);\n\nexport type { ConfigContextType };\nexport { ConfigProvider, ConfigContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { IframeContext } from \"@/shared/providers/IframeProvider\";\n\n// TokenProvider will use this internal context to access Iframe\nconst useIframe = () => {\n const context = useContext(IframeContext);\n if (!context) {\n throw new Error(\"useIframe must be used within an IframeProvider\");\n }\n return context;\n};\n\nexport { useIframe };\n","\"use client\";\nimport {\n createContext,\n Dispatch,\n ReactNode,\n RefObject,\n SetStateAction,\n} from \"react\";\n\nexport type IframeProviderOutput = {\n iframeRef: RefObject<HTMLIFrameElement> | null;\n setAuthResponseUrl: Dispatch<SetStateAction<string | null>>;\n};\nconst defaultIframe: IframeProviderOutput = {\n iframeRef: null,\n setAuthResponseUrl: () => {},\n};\n\n// Context for exposing Iframe specifically to the TokenProvider\nconst IframeContext = createContext<IframeProviderOutput>(defaultIframe);\n\ntype IframeContextType = {\n children: ReactNode;\n iframeRef: RefObject<HTMLIFrameElement> | null;\n setAuthResponseUrl: Dispatch<SetStateAction<string | null>>;\n};\n\nconst IframeProvider = ({\n children,\n iframeRef,\n setAuthResponseUrl,\n}: IframeContextType) => (\n <IframeContext.Provider value={{ iframeRef, setAuthResponseUrl }}>\n {children}\n </IframeContext.Provider>\n);\n\nexport type { IframeContextType };\nexport { IframeProvider, IframeContext };\n","\"use client\";\nimport { useCallback, useEffect, useRef, useState } from \"react\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon\";\nimport { CloseIcon } from \"@/shared/components/CloseIcon\";\nimport { CivicAuthIframe } from \"@/shared/components/CivicAuthIframe\";\nimport { useAuth, useConfig, useIframe } from \"@/shared/hooks\";\nimport React from \"react\";\nimport { TOKEN_EXCHANGE_TRIGGER_TEXT } from \"@/constants\";\n\ntype CivicAuthIframeContainerProps = {\n onClose?: () => void;\n closeOnRedirect?: boolean;\n};\n\nfunction NoChrome({\n children,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return <div className=\"cac-relative\">{children}</div>;\n}\n\nfunction IframeChrome({\n children,\n onClose,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return (\n <div\n className=\"cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-neutral-950 cac-bg-opacity-50\"\n onClick={onClose}\n >\n <div\n className=\"cac-relative cac-rounded-3xl cac-bg-white cac-p-6 cac-shadow-lg\"\n onClick={(e) => e.stopPropagation()}\n >\n <button\n className=\"cac-absolute cac-right-4 cac-top-4 cac-flex cac-cursor-pointer cac-items-center cac-justify-center cac-border-none cac-bg-transparent cac-p-1 cac-text-neutral-400\"\n onClick={onClose}\n >\n <CloseIcon />\n </button>\n\n {children}\n </div>\n </div>\n );\n}\nconst CivicAuthIframeContainer = ({\n onClose,\n closeOnRedirect = true,\n}: CivicAuthIframeContainerProps) => {\n const [isLoading, setIsLoading] = useState(true);\n const { isLoading: isAuthLoading } = useAuth();\n const config = useConfig();\n const { setAuthResponseUrl, iframeRef } = useIframe();\n const processIframeUrl = useCallback(() => {\n if (iframeRef && iframeRef.current && iframeRef.current.contentWindow) {\n try {\n const iframeUrl = iframeRef.current.contentWindow.location.href;\n // we know that oauth has finished when the iframe redirects to our redirectUrl\n if (iframeUrl.startsWith(config.redirectUrl)) {\n // we still want to show the spinner during redirect\n setIsLoading(true);\n const iframeBody =\n iframeRef.current.contentWindow.document.body.innerHTML;\n\n // If we're doing a server token exchange, we need to call the server a second time\n // using a fetch so that we're on the same domain and cookies can be sent and read\n // The server will use the presence of the code_verifier cookie to determine whether to do a token exchange or not.\n // On the initial (3rd party) redirect from the auth server, the cookie won't be sent, so the server-side callback route will just render a blank page,\n // and we'll do the exchange request from here, which will include the cookies.\n if (iframeBody.includes(TOKEN_EXCHANGE_TRIGGER_TEXT)) {\n console.log(\n `${TOKEN_EXCHANGE_TRIGGER_TEXT}, calling callback URL again...`,\n );\n const params = new URL(iframeUrl).searchParams;\n fetch(`${config.redirectUrl}?${params.toString()}`);\n } else {\n // if we're doing token-exchange in the client, we can just set the authResponseUrl\n // to be handled by the auth provider\n setAuthResponseUrl(iframeUrl);\n }\n\n if (closeOnRedirect) onClose?.();\n return true; // Successfully processed the URL\n }\n } catch {\n // If we get here, the iframe hasn't redirected to our origin yet\n console.log(\"Waiting for redirect...\");\n }\n }\n return false; // Haven't processed the URL yet\n }, [\n closeOnRedirect,\n config.redirectUrl,\n iframeRef,\n onClose,\n setAuthResponseUrl,\n ]);\n\n const intervalId = useRef<NodeJS.Timeout>();\n\n const handleEscape = useCallback(\n (event: KeyboardEvent) => {\n if (event.key === \"Escape\") {\n onClose?.();\n }\n },\n [onClose],\n );\n\n // handle Escape\n useEffect(() => {\n window.addEventListener(\"keydown\", handleEscape);\n\n return () => window.removeEventListener(\"keydown\", handleEscape);\n });\n\n const handleIframeLoad = () => {\n setIsLoading(false);\n console.log(\"handleIframeLoad\");\n if (processIframeUrl() && intervalId.current) {\n clearInterval(intervalId.current);\n }\n };\n const showLoadingIcon =\n isLoading || isAuthLoading || !iframeRef?.current?.getAttribute(\"src\");\n\n const WrapperComponent = config.modalIframe ? IframeChrome : NoChrome;\n\n return (\n <WrapperComponent onClose={onClose}>\n {showLoadingIcon && (\n <div className=\"cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-rounded-3xl cac-bg-white\">\n <LoadingIcon />\n </div>\n )}\n\n <CivicAuthIframe ref={iframeRef} onLoad={handleIframeLoad} />\n </WrapperComponent>\n );\n};\n\nexport type { CivicAuthIframeContainerProps };\n\nexport { CivicAuthIframeContainer };\n","const LoadingIcon = () => (\n <div role=\"status\">\n <svg\n aria-hidden=\"true\"\n className=\"cac-inline cac-h-8 cac-w-8 cac-animate-spin cac-fill-neutral-600 cac-text-neutral-200 dark:cac-fill-neutral-300 dark:cac-text-neutral-600\"\n viewBox=\"0 0 100 101\"\n fill=\"none\"\n xmlns=\"http://www.w3.org/2000/svg\"\n >\n <path\n d=\"M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z\"\n fill=\"currentColor\"\n />\n <path\n d=\"M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z\"\n fill=\"currentFill\"\n />\n </svg>\n <span className=\"cac-sr-only\">Loading...</span>\n </div>\n);\n\nexport { LoadingIcon };\n","const CloseIcon = () => (\n <svg\n xmlns=\"http://www.w3.org/2000/svg\"\n width=\"24\"\n height=\"24\"\n viewBox=\"0 0 24 24\"\n fill=\"none\"\n stroke=\"currentColor\"\n strokeWidth=\"2\"\n strokeLinecap=\"round\"\n strokeLinejoin=\"round\"\n className=\"lucide lucide-x\"\n >\n <path d=\"M18 6 6 18\" />\n <path d=\"m6 6 12 12\" />\n </svg>\n);\n\nexport { CloseIcon };\n","\"use client\";\nimport { IFRAME_ID } from \"@/constants\";\nimport { forwardRef } from \"react\";\n\ntype CivicAuthIframeProps = {\n onLoad?: () => void;\n};\n\nconst CivicAuthIframe = forwardRef<HTMLIFrameElement, CivicAuthIframeProps>(\n ({ onLoad }, ref) => {\n return (\n <iframe\n id={IFRAME_ID}\n ref={ref}\n className=\"cac-h-[26rem] cac-w-80 cac-border-none\"\n onLoad={onLoad}\n />\n );\n },\n);\n\nCivicAuthIframe.displayName = \"CivicAuthIframe\";\n\nexport type { CivicAuthIframeProps };\n\nexport { CivicAuthIframe };\n","\"use client\";\nimport { createContext, ReactNode } from \"react\";\nimport { useQuery, UseQueryResult } from \"@tanstack/react-query\";\nimport { JWT } from \"oslo/jwt\";\nimport { AuthStorage, EmptyObject, User } from \"@/types\";\nimport { useAuth } from \"@/shared/hooks/useAuth\";\nimport { useToken } from \"@/shared/hooks/useToken\";\nimport { useSession } from \"@/shared/hooks/useSession\";\nimport { AuthContextType } from \"@/shared/AuthContext\";\nimport { GenericUserSession } from \"@/shared/UserSession\";\n\ntype UserContextType<\n T extends Record<string, unknown> & JWT[\"payload\"] = Record<string, unknown> &\n JWT[\"payload\"],\n> = {\n user: User<T> | null;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends EmptyObject>({\n children,\n storage,\n user: inputUser,\n signOut: inputSignOut,\n}: {\n children: ReactNode;\n storage: AuthStorage;\n user?: User<T> | null;\n signOut?: () => Promise<void>;\n}) => {\n const { isLoading: authLoading, error: authError } = useAuth();\n const session = useSession();\n const { accessToken } = useToken();\n const { signIn, signOut } = useAuth();\n\n const fetchUser = async (): Promise<User | null> => {\n if (!accessToken) {\n return null;\n }\n const userSession = new GenericUserSession(storage);\n return userSession.get();\n };\n\n const {\n data: user,\n isLoading: userLoading,\n error: userError,\n }: UseQueryResult<User<T> | null, Error> = useQuery({\n queryKey: [\"user\", session?.idToken],\n queryFn: fetchUser,\n enabled: !!session?.idToken, // Only run the query if we have an access token\n });\n\n const isLoading = authLoading || userLoading;\n const error = authError || userError;\n\n return (\n <UserContext.Provider\n value={{\n user: (inputUser || user) ?? null,\n isLoading,\n error,\n signIn,\n signOut: inputSignOut || signOut,\n }}\n >\n {children}\n </UserContext.Provider>\n );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n","\"use client\";\nimport {\n ReactNode,\n useCallback,\n useEffect,\n useMemo,\n useRef,\n useState,\n} from \"react\";\nimport { useMutation, useQuery, useQueryClient } from \"@tanstack/react-query\";\nimport { Config, DisplayMode, SessionData } from \"@/types\";\nimport { CivicAuthIframeContainer } from \"@/shared/components/CivicAuthIframeContainer\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider\";\nimport { DEFAULT_SCOPES } from \"@/constants\";\nimport { authConfig } from \"@/config\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon\";\nimport { isWindowInIframe } from \"@/lib/windowUtil\";\nimport { AuthContext } from \"@/shared/AuthContext\";\nimport {\n BrowserAuthenticationInitiator,\n BrowserAuthenticationService,\n} from \"@/services/AuthenticationService\";\nimport {\n AuthenticationResolver,\n PKCEConsumer,\n PopupError,\n} from \"@/services/types\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE\";\nimport { generateState } from \"@/lib/oauth\";\nimport { LocalStorageAdapter } from \"@/browser/storage\";\nimport { ConfigProvider } from \"@/shared/providers/ConfigProvider\";\nimport { getUser } from \"./session\";\nimport { GenericUserSession } from \"./UserSession\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider\";\n\n// Global this object setup\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n globalThisObject = global;\n} else {\n globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nexport type AuthProviderProps = {\n children: ReactNode;\n clientId: string;\n redirectUrl?: string;\n nonce?: string;\n config?: Config;\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => Promise<void>;\n pkceConsumer?: PKCEConsumer;\n modalIframe?: boolean;\n sessionData?: SessionData;\n};\n\nfunction BlockDisplay({ children }: { children: ReactNode }) {\n return (\n <div className=\"cac-relative cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white\">\n <div className=\"cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white\">\n {children}\n </div>\n </div>\n );\n}\n\nconst AuthProvider = ({\n children,\n clientId,\n redirectUrl: inputRedirectUrl,\n config = authConfig,\n onSignIn,\n onSignOut,\n pkceConsumer,\n nonce,\n modalIframe = true,\n sessionData: inputSessionData,\n}: AuthProviderProps) => {\n const [iframeUrl, setIframeUrl] = useState<string | null>(null);\n const [currentUrl, setCurrentUrl] = useState<string | null>(null);\n const [isInIframe, setIsInIframe] = useState(false);\n const [authResponseUrl, setAuthResponseUrl] = useState<string | null>(null);\n const [tokenExchangeError, setTokenExchangeError] = useState<Error>();\n const [displayMode, setDisplayMode] = useState<DisplayMode>(\"iframe\");\n const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] =\n useState<BrowserAuthenticationInitiator | null>();\n const [showIFrame, setShowIFrame] = useState(false);\n const [isRedirecting, setIsRedirecting] = useState(false);\n const queryClient = useQueryClient();\n const iframeRef = useRef<HTMLIFrameElement>(null);\n\n // TODO maybe we want to support or derive serverTokenExchange another way?\n const serverTokenExchange =\n pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n // check if the current window is in an iframe with the iframe id, and set an isInIframe state\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n setCurrentUrl(globalThis.window.location.href);\n const isInIframeVal = isWindowInIframe(globalThis.window);\n setIsInIframe(isInIframeVal);\n }\n }, []);\n\n const redirectUrl = useMemo(\n () => (inputRedirectUrl || currentUrl || \"\").split(\"?\")[0],\n [currentUrl, inputRedirectUrl],\n );\n\n const [authService, setAuthService] = useState<AuthenticationResolver>();\n\n useEffect(() => {\n if (!currentUrl) return;\n BrowserAuthenticationService.build({\n clientId,\n redirectUrl,\n oauthServer: config.oauthServer,\n scopes: DEFAULT_SCOPES,\n displayMode,\n }).then(setAuthService);\n }, [currentUrl, clientId, redirectUrl, config, displayMode]);\n\n const {\n data: session,\n isLoading,\n error,\n } = useQuery({\n queryKey: [\n \"session\",\n authResponseUrl,\n iframeUrl,\n currentUrl,\n isInIframe,\n authService,\n ],\n queryFn: async () => {\n if (!authService) {\n return { authenticated: false };\n }\n if (inputSessionData) {\n return inputSessionData;\n }\n const url = new URL(\n authResponseUrl\n ? authResponseUrl\n : globalThis.window.location.href || \"\",\n );\n // if we have existing tokens, then validate them and return the session data\n // otherwise check if we have a code in the url and exchange it for tokens\n // if we have neither, return undefined\n const existingSessionData = await authService.validateExistingSession();\n if (existingSessionData.authenticated) {\n return existingSessionData;\n }\n const code = url.searchParams.get(\"code\");\n const state = url.searchParams.get(\"state\");\n if (!serverTokenExchange && code && state && !isInIframe) {\n try {\n console.log(\"AuthProvider useQuery code\", {\n isInIframe,\n code,\n state,\n });\n await authService.tokenExchange(code, state);\n const clientStorage = new LocalStorageAdapter();\n const user = await getUser(clientStorage);\n if (!user) {\n throw new Error(\"Failed to get user info\");\n }\n\n const userSession = new GenericUserSession(clientStorage);\n userSession.set(user);\n\n onSignIn?.(); // Call onSignIn without an error if successful\n return authService.getSessionData();\n } catch (error) {\n setTokenExchangeError(error as Error);\n onSignIn?.(\n error instanceof Error ? error : new Error(\"Failed to sign in\"),\n ); // Pass the error to onSignIn\n return { authenticated: false };\n }\n }\n\n return existingSessionData;\n },\n });\n\n const signOutMutation = useMutation({\n mutationFn: async () => {\n // Implement signOut logic here\n const authInitiator = getAuthInitiator();\n authInitiator?.signOut();\n setIframeUrl(null);\n setShowIFrame(false);\n setAuthResponseUrl(null);\n onSignOut?.();\n },\n onSuccess: () => {\n queryClient.setQueryData(\n [\n \"session\",\n authResponseUrl,\n iframeUrl,\n currentUrl,\n isInIframe,\n authService,\n ],\n null,\n );\n },\n });\n\n const getAuthInitiator = useCallback(\n (overrideDisplayMode?: DisplayMode) => {\n const useDisplayMode = overrideDisplayMode || displayMode;\n if (!pkceConsumer) {\n return null;\n }\n return (\n browserAuthenticationInitiator ||\n new BrowserAuthenticationInitiator({\n pkceConsumer, // generate and retrieve the challenge client-side\n clientId,\n redirectUrl,\n state: generateState(useDisplayMode, serverTokenExchange),\n scopes: DEFAULT_SCOPES,\n displayMode: useDisplayMode,\n oauthServer: config.oauthServer,\n // the endpoints to use for the login (if not obtained from the auth server\n endpointOverrides: config.endpoints,\n nonce,\n })\n );\n },\n [\n serverTokenExchange,\n displayMode,\n browserAuthenticationInitiator,\n clientId,\n redirectUrl,\n config.oauthServer,\n config.endpoints,\n pkceConsumer,\n nonce,\n ],\n );\n\n const signIn = useCallback(\n async (overrideDisplayMode: DisplayMode = \"iframe\") => {\n setDisplayMode(overrideDisplayMode);\n const authInitiator = getAuthInitiator(overrideDisplayMode);\n setBrowserAuthenticationInitiator(authInitiator);\n if (overrideDisplayMode === \"iframe\") {\n setShowIFrame(true);\n } else if (overrideDisplayMode === \"redirect\") {\n setIsRedirecting(true);\n }\n authInitiator?.signIn(iframeRef.current).catch((error) => {\n console.log(\"signIn error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n // if we've tried to open a popup and it has failed, then fallback to redirect mode\n if (error instanceof PopupError) {\n signIn(\"redirect\");\n }\n });\n },\n [getAuthInitiator],\n );\n\n // remove event listeners when the component unmounts\n useEffect(() => {\n return () => {\n if (browserAuthenticationInitiator) {\n browserAuthenticationInitiator.cleanup();\n }\n };\n }, [browserAuthenticationInitiator]);\n\n const isAuthenticated = useMemo(\n () => (session ? session.authenticated : false),\n [session],\n );\n\n useQuery({\n queryKey: [\"autoSignIn\", modalIframe, redirectUrl, isAuthenticated],\n queryFn: async () => {\n if (\n !modalIframe &&\n redirectUrl &&\n !isAuthenticated &&\n iframeRef.current\n ) {\n signIn(\"iframe\");\n }\n return true;\n },\n refetchOnWindowFocus: false,\n });\n\n const value = useMemo(\n () => ({\n isLoading,\n error: error as Error | null,\n signOut: async () => {\n await signOutMutation.mutateAsync();\n },\n isAuthenticated,\n signIn,\n }),\n [isLoading, error, signOutMutation, isAuthenticated, signIn],\n );\n return (\n <AuthContext.Provider value={value}>\n <ConfigProvider\n config={config}\n redirectUrl={redirectUrl}\n modalIframe={modalIframe}\n serverTokenExchange={serverTokenExchange}\n >\n <IframeProvider\n setAuthResponseUrl={setAuthResponseUrl}\n iframeRef={iframeRef}\n >\n <SessionProvider session={session}>\n <TokenProvider>\n {modalIframe && !isInIframe && !session?.authenticated && (\n <div\n style={\n showIFrame ? { display: \"block\" } : { display: \"none\" }\n }\n >\n <CivicAuthIframeContainer\n onClose={() => setShowIFrame(false)}\n />\n </div>\n )}\n\n {modalIframe &&\n (isInIframe ||\n isRedirecting ||\n (isLoading && !serverTokenExchange)) && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n\n {(tokenExchangeError || error) && (\n <BlockDisplay>\n <div>\n Error: {(tokenExchangeError || (error as Error)).message}\n </div>\n </BlockDisplay>\n )}\n {children}\n </TokenProvider>\n </SessionProvider>\n </IframeProvider>\n </ConfigProvider>\n </AuthContext.Provider>\n );\n};\n\nexport { AuthProvider };\n"]}
package/dist/{chunk-CZ3AVCKD.js → chunk-JDZPCA3P.js} RENAMED
@@ -1,6 +1,7 @@
1
1
  "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
2
2
 
3
- var _chunkO2SODTR3js = require('./chunk-O2SODTR3.js');
3
+
4
+ var _chunk7K3QN2ATjs = require('./chunk-7K3QN2AT.js');
4
5
 
5
6
 
6
7
 
@@ -58,10 +59,11 @@ var loggers = {
58
59
 
59
60
  // src/nextjs/config.ts
60
61
  var logger = loggers.nextjs.handlers.auth;
61
- var appUrl = process.env.NEXT_PUBLIC_DASHBOARD_URL || "";
62
+ var _a;
63
+ var appUrl = typeof process !== "undefined" ? ((_a = process == null ? void 0 : process.env) == null ? void 0 : _a.NEXT_PUBLIC_APP_URL) || "" : "";
62
64
  var defaultServerSecure = !appUrl.startsWith("http://localhost");
63
65
  var defaultAuthConfig = {
64
- oauthServer: "https://auth-dev.civic.com/oauth",
66
+ oauthServer: _chunk7K3QN2ATjs.DEFAULT_AUTH_SERVER,
65
67
  callbackUrl: "/api/auth/callback",
66
68
  challengeUrl: "/api/auth/challenge",
67
69
  logoutUrl: "/api/auth/logout",
@@ -106,9 +108,9 @@ var defaultAuthConfig = {
106
108
  }
107
109
  };
108
110
  var resolveAuthConfig = (config = {}) => {
109
- var _a, _b, _c, _d, _e, _f;
111
+ var _a2, _b, _c, _d, _e, _f;
110
112
  logger.debug("resolveAuthConfig inputs", JSON.stringify(config, null, 2));
111
- const configFromEnv = _chunkO2SODTR3js.withoutUndefined.call(void 0, {
113
+ const configFromEnv = _chunk7K3QN2ATjs.withoutUndefined.call(void 0, {
112
114
  clientId: process.env._civic_auth_client_id,
113
115
  oauthServer: process.env._civic_oauth_server,
114
116
  callbackUrl: process.env._civic_auth_callback_url,
@@ -116,7 +118,7 @@ var resolveAuthConfig = (config = {}) => {
116
118
  loginUrl: process.env._civic_auth_login_url,
117
119
  appUrl: process.env._civic_auth_app_url,
118
120
  logoutUrl: process.env._civic_auth_logout_url,
119
- include: (_a = process.env._civic_auth_includes) == null ? void 0 : _a.split(","),
121
+ include: (_a2 = process.env._civic_auth_includes) == null ? void 0 : _a2.split(","),
120
122
  exclude: (_b = process.env._civic_auth_excludes) == null ? void 0 : _b.split(","),
121
123
  cookies: process.env._civic_auth_cookie_config ? JSON.parse(process.env._civic_auth_cookie_config) : void 0
122
124
  });
@@ -168,4 +170,4 @@ var createCivicAuthPlugin = (clientId, authConfig = {}) => {
168
170
 
169
171
 
170
172
  exports.loggers = loggers; exports.defaultAuthConfig = defaultAuthConfig; exports.resolveAuthConfig = resolveAuthConfig; exports.createCivicAuthPlugin = createCivicAuthPlugin;
171
- //# sourceMappingURL=chunk-CZ3AVCKD.js.map
173
+ //# sourceMappingURL=chunk-JDZPCA3P.js.map
package/dist/chunk-JDZPCA3P.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/lucas/dev/civic/civic-auth/packages/civic-auth-client/dist/chunk-JDZPCA3P.js","../src/lib/logger.ts","../src/nextjs/config.ts"],"names":[],"mappings":"AAAA;AACE;AACA;AACF,sDAA4B;AAC5B;AACE;AACA;AACF,sDAA4B;AAC5B;AACA;ACTA,4EAAkB;AAElB,IAAM,aAAA,EAAe,aAAA;AASrB,IAAM,YAAA,EAAN,MAAoC;AAAA,EAMlC,WAAA,CAAY,SAAA,EAAmB;AAE7B,IAAA,IAAA,CAAK,YAAA,EAAc,6BAAA,CAAM,EAAA;AACD,IAAA;AACA,IAAA;AACC,IAAA;AAEA,IAAA;AACD,IAAA;AACA,IAAA;AACC,IAAA;AAC3B,EAAA;AAEiD,EAAA;AACrB,IAAA;AAC5B,EAAA;AAEgD,EAAA;AACrB,IAAA;AAC3B,EAAA;AAEgD,EAAA;AACrB,IAAA;AAC3B,EAAA;AAEiD,EAAA;AACrB,IAAA;AAC5B,EAAA;AACF;AAE6B;AAIN;AAAA;AAEb,EAAA;AACe,IAAA;AACI,IAAA;AACf,IAAA;AACW,MAAA;AACrB,IAAA;AACF,EAAA;AAAA;AAEO,EAAA;AACoB,IAAA;AACL,IAAA;AACE,IAAA;AACxB,EAAA;AAAA;AAEU,EAAA;AACiB,IAAA;AACH,IAAA;AACxB,EAAA;AACF;ADb8B;AACA;AE/CA;AAZ9B;AAoCS;AAGoB;AAK8C;AAC5D,EAAA;AACA,EAAA;AACC,EAAA;AACH,EAAA;AACD,EAAA;AACI,EAAA;AACJ,EAAA;AACD,EAAA;AACC,IAAA;AACN,MAAA;AACU,QAAA;AACE,QAAA;AACA,QAAA;AACJ,QAAA;AACR,MAAA;AACA,MAAA;AACU,QAAA;AACE,QAAA;AACA,QAAA;AACJ,QAAA;AACR,MAAA;AACA,MAAA;AACU,QAAA;AACE,QAAA;AACA,QAAA;AACJ,QAAA;AACR,MAAA;AACA,MAAA;AACU,QAAA;AACE,QAAA;AACA,QAAA;AACJ,QAAA;AACR,MAAA;AACF,IAAA;AACM,IAAA;AACI,MAAA;AACE,MAAA;AACA,MAAA;AACJ,MAAA;AACO,MAAA;AAAA;AACf,IAAA;AACF,EAAA;AACF;AAoBE;AA3GF,EAAA;AA6Ge,EAAA;AAES,EAAA;AACE,IAAA;AACG,IAAA;AACA,IAAA;AACC,IAAA;AACJ,IAAA;AACF,IAAA;AACG,IAAA;AACN,IAAA;AACA,IAAA;AACI,IAAA;AAGtB,EAAA;AACoB,EAAA;AAAA;AAIV,IAAA;AACC,MAAA;AAKF,MAAA;AAKR,IAAA;AACF,EAAA;AAEO,EAAA;AACL,IAAA;AACe,IAAA;AACjB,EAAA;AACa,EAAA;AACI,EAAA;AACC,IAAA;AAClB,EAAA;AACO,EAAA;AACT;AA0BE;AAGoC,EAAA;AAC3B,IAAA;AACL,MAAA;AACe,MAAA;AACjB,IAAA;AACuB,IAAA;AAChB,IAAA;AAEA,MAAA;AAAA;AAGH,QAAA;AACqB,QAAA;AACrB,QAAA;AACA,QAAA;AACA,QAAA;AACA,QAAA;AACqB,QAAA;AACC,QAAA;AACA,QAAA;AACtB,QAAA;AACF,MAAA;AACF,IAAA;AACF,EAAA;AACF;AFxC8B;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/lucas/dev/civic/civic-auth/packages/civic-auth-client/dist/chunk-JDZPCA3P.js","sourcesContent":[null,"import debug from \"debug\";\n\nconst PACKAGE_NAME = \"@civic/auth\";\n\nexport interface Logger {\n debug(message: string, ...args: unknown[]): void;\n info(message: string, ...args: unknown[]): void;\n warn(message: string, ...args: unknown[]): void;\n error(message: string, ...args: unknown[]): void;\n}\n\nclass DebugLogger implements Logger {\n private debugLogger: debug.Debugger;\n private infoLogger: debug.Debugger;\n private warnLogger: debug.Debugger;\n private errorLogger: debug.Debugger;\n\n constructor(namespace: string) {\n // Format: @org/package:library:component:level\n this.debugLogger = debug(`${PACKAGE_NAME}:${namespace}:debug`);\n this.infoLogger = debug(`${PACKAGE_NAME}:${namespace}:info`);\n this.warnLogger = debug(`${PACKAGE_NAME}:${namespace}:warn`);\n this.errorLogger = debug(`${PACKAGE_NAME}:${namespace}:error`);\n\n this.debugLogger.color = \"4\";\n this.infoLogger.color = \"2\";\n this.warnLogger.color = \"3\";\n this.errorLogger.color = \"1\";\n }\n\n debug(message: string, ...args: unknown[]): void {\n this.debugLogger(message, ...args);\n }\n\n info(message: string, ...args: unknown[]): void {\n this.infoLogger(message, ...args);\n }\n\n warn(message: string, ...args: unknown[]): void {\n this.warnLogger(message, ...args);\n }\n\n error(message: string, ...args: unknown[]): void {\n this.errorLogger(message, ...args);\n }\n}\n\nexport const createLogger = (namespace: string): Logger =>\n new DebugLogger(namespace);\n\n// Pre-configured loggers for different parts of your package\nexport const loggers = {\n // Next.js specific loggers\n nextjs: {\n routes: createLogger(\"api:routes\"),\n middleware: createLogger(\"api:middleware\"),\n handlers: {\n auth: createLogger(\"api:handlers:auth\"),\n },\n },\n // React specific loggers\n react: {\n components: createLogger(\"react:components\"),\n hooks: createLogger(\"react:hooks\"),\n context: createLogger(\"react:context\"),\n },\n // Shared utilities loggers\n services: {\n validation: createLogger(\"utils:validation\"),\n network: createLogger(\"utils:network\"),\n },\n} as const;\n","/* eslint-disable turbo/no-undeclared-env-vars */\nimport { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger\";\nimport { withoutUndefined } from \"@/utils\";\nimport {\n CodeVerifier,\n CookieConfig,\n OAuthTokens,\n TokensCookieConfig,\n} from \"@/shared/types\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport type CookiesConfigObject = {\n tokens: TokensCookieConfig;\n user: CookieConfig;\n};\nexport type AuthConfigWithDefaults = {\n clientId: string;\n oauthServer: string;\n callbackUrl: string;\n loginUrl: string;\n logoutUrl: string;\n appUrl?: string;\n challengeUrl: string;\n include: string[];\n exclude: string[];\n cookies: CookiesConfigObject;\n};\n\nexport type AuthConfig = Partial<AuthConfigWithDefaults>;\n\nexport type DefinedAuthConfig = AuthConfigWithDefaults;\n\nconst appUrl =\n typeof process !== \"undefined\"\n ? process?.env?.NEXT_PUBLIC_APP_URL || \"\"\n : \"\";\nconst defaultServerSecure = !appUrl.startsWith(\"http://localhost\");\n\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n oauthServer: DEFAULT_AUTH_SERVER,\n callbackUrl: \"/api/auth/callback\",\n challengeUrl: \"/api/auth/challenge\",\n logoutUrl: \"/api/auth/logout\",\n loginUrl: \"/\",\n include: [\"/*\"],\n exclude: [],\n cookies: {\n tokens: {\n [OAuthTokens.ID_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.ACCESS_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.REFRESH_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [CodeVerifier.COOKIE_NAME]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n },\n user: {\n secure: defaultServerSecure,\n httpOnly: false,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: 60 * 60, // 1 hour\n },\n },\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n config: AuthConfig = {},\n): AuthConfigWithDefaults & { clientId: string } => {\n logger.debug(\"resolveAuthConfig inputs\", JSON.stringify(config, null, 2));\n // Read configuration that was set by the plugin via environment variables\n const configFromEnv = withoutUndefined({\n clientId: process.env._civic_auth_client_id,\n oauthServer: process.env._civic_oauth_server,\n callbackUrl: process.env._civic_auth_callback_url,\n challengeUrl: process.env._civic_auth_challenge_url,\n loginUrl: process.env._civic_auth_login_url,\n appUrl: process.env._civic_auth_app_url,\n logoutUrl: process.env._civic_auth_logout_url,\n include: process.env._civic_auth_includes?.split(\",\"),\n exclude: process.env._civic_auth_excludes?.split(\",\"),\n cookies: process.env._civic_auth_cookie_config\n ? JSON.parse(process.env._civic_auth_cookie_config)\n : undefined,\n }) as AuthConfig;\n const mergedConfig = {\n ...defaultAuthConfig,\n ...configFromEnv, // Apply plugin-set config\n ...config, // Override with directly passed config\n cookies: {\n tokens: {\n ...defaultAuthConfig.cookies.tokens,\n ...(configFromEnv?.cookies?.tokens || {}),\n ...(config.cookies?.tokens || {}),\n },\n user: {\n ...defaultAuthConfig.cookies.user,\n ...(configFromEnv?.cookies?.user || {}),\n ...(config.cookies?.user || {}),\n },\n },\n };\n\n logger.debug(\n \"Config from environment:\",\n JSON.stringify(configFromEnv, null, 2),\n );\n logger.debug(\"Resolved config:\", JSON.stringify(mergedConfig, null, 2));\n if (mergedConfig.clientId === undefined) {\n throw new Error(\"Civic Auth client ID is required\");\n }\n return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * callbackUrl: '/custom/callback',\n * loginUrl: '/custom/login',\n * logoutUrl: '/custom/logout',\n * include: ['/protected/*'],\n * exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (\n clientId: string,\n authConfig: AuthConfig = {},\n) => {\n return (nextConfig?: NextConfig) => {\n logger.debug(\n \"createCivicAuthPlugin nextConfig\",\n JSON.stringify(nextConfig, null, 2),\n );\n const resolvedConfig = resolveAuthConfig({ ...authConfig, clientId });\n return {\n ...nextConfig,\n env: {\n ...nextConfig?.env,\n // Internal environment variables - do not set these manually\n _civic_auth_client_id: clientId,\n _civic_oauth_server: resolvedConfig.oauthServer,\n _civic_auth_callback_url: resolvedConfig.callbackUrl,\n _civic_auth_challenge_url: resolvedConfig.challengeUrl,\n _civic_auth_login_url: resolvedConfig.loginUrl,\n _civic_auth_logout_url: resolvedConfig.logoutUrl,\n _civic_auth_app_url: resolvedConfig.appUrl,\n _civic_auth_includes: resolvedConfig.include.join(\",\"),\n _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n },\n };\n };\n};\n"]}
package/dist/{chunk-BFESCRFK.mjs → chunk-MK7557NR.mjs} RENAMED
@@ -1,10 +1,10 @@
1
1
  import {
2
2
  CookieStorage
3
- } from "./chunk-HTTTZ2BP.mjs";
3
+ } from "./chunk-AP4627CS.mjs";
4
4
  import {
5
5
  GenericUserSession,
6
6
  clearTokens
7
- } from "./chunk-CBQ3HKRV.mjs";
7
+ } from "./chunk-4PLCDPEN.mjs";
8
8
  import {
9
9
  __async,
10
10
  __spreadProps,
@@ -115,4 +115,4 @@ export {
115
115
  NextjsClientStorage,
116
116
  resolveCallbackUrl
117
117
  };
118
- //# sourceMappingURL=chunk-BFESCRFK.mjs.map
118
+ //# sourceMappingURL=chunk-MK7557NR.mjs.map
package/dist/chunk-MK7557NR.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/nextjs/cookies.ts","../src/nextjs/utils.ts"],"sourcesContent":["import { SessionData, UnknownObject, User } from \"@/types\";\nimport { NextResponse } from \"next/server\";\nimport { AuthConfig } from \"@/nextjs/config\";\nimport { CookieStorage, CookieStorageSettings } from \"@/server\";\nimport { cookies } from \"next/headers.js\";\nimport { GenericUserSession } from \"@/shared/UserSession\";\nimport { clearTokens } from \"@/shared/util\";\nimport { CodeVerifier, OAuthTokens, TokensCookieConfig } from \"@/shared/types\";\n\n/**\n * Creates HTTP-only cookies for authentication tokens\n */\nconst createTokenCookies = (\n response: NextResponse,\n sessionData: SessionData,\n config: AuthConfig,\n) => {\n const maxAge = sessionData.expiresIn ?? 3600;\n const cookieOptions = {\n ...config.cookies?.tokens,\n maxAge,\n };\n\n if (sessionData.accessToken) {\n response.cookies.set(\"access_token\", sessionData.accessToken, {\n ...cookieOptions,\n httpOnly: true,\n });\n }\n\n if (sessionData.idToken) {\n response.cookies.set(\"id_token\", sessionData.idToken, {\n ...cookieOptions,\n httpOnly: true,\n });\n }\n\n if (sessionData.refreshToken) {\n response.cookies.set(\"refresh_token\", sessionData.refreshToken, {\n ...cookieOptions,\n httpOnly: true,\n });\n }\n};\n\n/**\n * Creates a client-readable cookie with user info\n */\nconst createUserInfoCookie = (\n response: NextResponse,\n user: User<UnknownObject> | null,\n sessionData: SessionData,\n config: AuthConfig,\n) => {\n if (!user) {\n response.cookies.set(\"user\", \"\", {\n ...config.cookies?.user,\n maxAge: 0,\n });\n return;\n }\n const maxAge = sessionData.expiresIn ?? 3600;\n\n // TODO select fields to include in the user cookie\n const frontendUser = {\n ...user,\n };\n\n // TODO make call to get user info from the\n // auth server /userinfo endpoint when it's available\n // then add to the default claims above\n\n response.cookies.set(\"user\", JSON.stringify(frontendUser), {\n ...config.cookies?.user,\n maxAge,\n });\n};\n\n/**\n * Clears all authentication cookies\n */\nconst clearAuthCookies = async (config: AuthConfig) => {\n // clear session, and tokens\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens);\n clearTokens(cookieStorage);\n\n // clear user\n const clientStorage = new NextjsClientStorage();\n const userSession = new GenericUserSession(clientStorage);\n userSession.set(null);\n};\n\ntype KeySetter = OAuthTokens | CodeVerifier;\nclass NextjsCookieStorage extends CookieStorage {\n constructor(readonly config: Partial<TokensCookieConfig> = {}) {\n super({\n secure: true,\n httpOnly: true,\n });\n }\n\n get(key: string): string | null {\n return cookies().get(key)?.value || null;\n }\n\n set(key: KeySetter, value: string): void {\n const cookieSettings = this.config?.[key as KeySetter] || {\n ...this.settings,\n };\n console.log(\n \"NextjsCookieStorage.set\",\n JSON.stringify(\n { key, value, config: this.config, cookieSettings },\n null,\n 2,\n ),\n );\n cookies().set(key, value, cookieSettings);\n }\n}\n\nclass NextjsClientStorage extends CookieStorage {\n constructor(config: Partial<CookieStorageSettings> = {}) {\n super({\n ...config,\n secure: false,\n httpOnly: false,\n });\n }\n\n get(key: string): string | null {\n return cookies().get(key)?.value || null;\n }\n\n set(key: string, value: string): void {\n cookies().set(key, value, this.settings);\n }\n}\n\nexport {\n createTokenCookies,\n createUserInfoCookie,\n clearAuthCookies,\n NextjsCookieStorage,\n NextjsClientStorage,\n};\n","import { AuthConfigWithDefaults } from \"@/nextjs/config\";\n\nexport const resolveCallbackUrl = (\n config: AuthConfigWithDefaults,\n alternativeUrl?: string,\n): string => {\n const baseUrl = config.appUrl ?? alternativeUrl;\n const callbackUrl = new URL(config?.callbackUrl, baseUrl).toString();\n return callbackUrl.toString();\n};\n"],"mappings":";;;;;;;;;;;;;;AAIA,SAAS,eAAe;AAQxB,IAAM,qBAAqB,CACzB,UACA,aACA,WACG;AAhBL;AAiBE,QAAM,UAAS,iBAAY,cAAZ,YAAyB;AACxC,QAAM,gBAAgB,kCACjB,YAAO,YAAP,mBAAgB,SADC;AAAA,IAEpB;AAAA,EACF;AAEA,MAAI,YAAY,aAAa;AAC3B,aAAS,QAAQ,IAAI,gBAAgB,YAAY,aAAa,iCACzD,gBADyD;AAAA,MAE5D,UAAU;AAAA,IACZ,EAAC;AAAA,EACH;AAEA,MAAI,YAAY,SAAS;AACvB,aAAS,QAAQ,IAAI,YAAY,YAAY,SAAS,iCACjD,gBADiD;AAAA,MAEpD,UAAU;AAAA,IACZ,EAAC;AAAA,EACH;AAEA,MAAI,YAAY,cAAc;AAC5B,aAAS,QAAQ,IAAI,iBAAiB,YAAY,cAAc,iCAC3D,gBAD2D;AAAA,MAE9D,UAAU;AAAA,IACZ,EAAC;AAAA,EACH;AACF;AAKA,IAAM,uBAAuB,CAC3B,UACA,MACA,aACA,WACG;AArDL;AAsDE,MAAI,CAAC,MAAM;AACT,aAAS,QAAQ,IAAI,QAAQ,IAAI,kCAC5B,YAAO,YAAP,mBAAgB,OADY;AAAA,MAE/B,QAAQ;AAAA,IACV,EAAC;AACD;AAAA,EACF;AACA,QAAM,UAAS,iBAAY,cAAZ,YAAyB;AAGxC,QAAM,eAAe,mBAChB;AAOL,WAAS,QAAQ,IAAI,QAAQ,KAAK,UAAU,YAAY,GAAG,kCACtD,YAAO,YAAP,mBAAgB,OADsC;AAAA,IAEzD;AAAA,EACF,EAAC;AACH;AAKA,IAAM,mBAAmB,CAAO,WAAuB;AAjFvD;AAmFE,QAAM,gBAAgB,IAAI,qBAAoB,YAAO,YAAP,mBAAgB,MAAM;AACpE,cAAY,aAAa;AAGzB,QAAM,gBAAgB,IAAI,oBAAoB;AAC9C,QAAM,cAAc,IAAI,mBAAmB,aAAa;AACxD,cAAY,IAAI,IAAI;AACtB;AAGA,IAAM,sBAAN,cAAkC,cAAc;AAAA,EAC9C,YAAqB,SAAsC,CAAC,GAAG;AAC7D,UAAM;AAAA,MACJ,QAAQ;AAAA,MACR,UAAU;AAAA,IACZ,CAAC;AAJkB;AAAA,EAKrB;AAAA,EAEA,IAAI,KAA4B;AArGlC;AAsGI,aAAO,aAAQ,EAAE,IAAI,GAAG,MAAjB,mBAAoB,UAAS;AAAA,EACtC;AAAA,EAEA,IAAI,KAAgB,OAAqB;AAzG3C;AA0GI,UAAM,mBAAiB,UAAK,WAAL,mBAAc,SAAqB,mBACrD,KAAK;AAEV,YAAQ;AAAA,MACN;AAAA,MACA,KAAK;AAAA,QACH,EAAE,KAAK,OAAO,QAAQ,KAAK,QAAQ,eAAe;AAAA,QAClD;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,YAAQ,EAAE,IAAI,KAAK,OAAO,cAAc;AAAA,EAC1C;AACF;AAEA,IAAM,sBAAN,cAAkC,cAAc;AAAA,EAC9C,YAAY,SAAyC,CAAC,GAAG;AACvD,UAAM,iCACD,SADC;AAAA,MAEJ,QAAQ;AAAA,MACR,UAAU;AAAA,IACZ,EAAC;AAAA,EACH;AAAA,EAEA,IAAI,KAA4B;AAlIlC;AAmII,aAAO,aAAQ,EAAE,IAAI,GAAG,MAAjB,mBAAoB,UAAS;AAAA,EACtC;AAAA,EAEA,IAAI,KAAa,OAAqB;AACpC,YAAQ,EAAE,IAAI,KAAK,OAAO,KAAK,QAAQ;AAAA,EACzC;AACF;;;ACvIO,IAAM,qBAAqB,CAChC,QACA,mBACW;AALb;AAME,QAAM,WAAU,YAAO,WAAP,YAAiB;AACjC,QAAM,cAAc,IAAI,IAAI,iCAAQ,aAAa,OAAO,EAAE,SAAS;AACnE,SAAO,YAAY,SAAS;AAC9B;","names":[]}
package/dist/{chunk-UADVRCHY.mjs → chunk-NLRREFOX.mjs} RENAMED
@@ -2,6 +2,7 @@ import {
2
2
  BrowserAuthenticationInitiator,
3
3
  BrowserAuthenticationService,
4
4
  ConfidentialClientPKCEConsumer,
5
+ DEFAULT_AUTH_SERVER,
5
6
  DEFAULT_SCOPES,
6
7
  GenericUserSession,
7
8
  IFRAME_ID,
@@ -12,7 +13,7 @@ import {
12
13
  generateState,
13
14
  getUser,
14
15
  isWindowInIframe
15
- } from "./chunk-CBQ3HKRV.mjs";
16
+ } from "./chunk-4PLCDPEN.mjs";
16
17
  import {
17
18
  __async,
18
19
  __spreadValues
@@ -122,8 +123,7 @@ import { useContext as useContext4 } from "react";
122
123
 
123
124
  // src/config.ts
124
125
  var authConfig = {
125
- // TODO change this to the production URL once we're out of beta
126
- oauthServer: "https://auth-dev.civic.com/oauth/"
126
+ oauthServer: DEFAULT_AUTH_SERVER
127
127
  };
128
128
 
129
129
  // src/shared/providers/ConfigProvider.tsx
@@ -707,4 +707,4 @@ export {
707
707
  CivicAuthIframeContainer,
708
708
  AuthProvider
709
709
  };
710
- //# sourceMappingURL=chunk-UADVRCHY.mjs.map
710
+ //# sourceMappingURL=chunk-NLRREFOX.mjs.map
package/dist/chunk-NLRREFOX.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/shared/hooks/useAuth.tsx","../src/shared/AuthContext.tsx","../src/shared/hooks/useSession.tsx","../src/shared/providers/SessionProvider.tsx","../src/shared/hooks/useToken.tsx","../src/shared/providers/TokenProvider.tsx","../src/shared/hooks/useConfig.tsx","../src/config.ts","../src/shared/providers/ConfigProvider.tsx","../src/shared/hooks/useIframe.tsx","../src/shared/providers/IframeProvider.tsx","../src/shared/components/CivicAuthIframeContainer.tsx","../src/shared/components/LoadingIcon.tsx","../src/shared/components/CloseIcon.tsx","../src/shared/components/CivicAuthIframe.tsx","../src/shared/UserProvider.tsx","../src/shared/AuthProvider.tsx"],"sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\n\nimport { AuthContext } from \"@/shared/AuthContext.tsx\";\n\nconst useAuth = () => {\n const context = useContext(AuthContext);\n\n if (!context) {\n throw new Error(\"useAuth must be used within an AuthProvider\");\n }\n\n return context;\n};\n\nexport { useAuth };\n","import { createContext } from \"react\";\nimport { DisplayMode } from \"@/types.ts\";\n\nexport type AuthContextType = {\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n isAuthenticated: boolean;\n isLoading: boolean;\n error: Error | null;\n signOut: () => Promise<void>;\n};\nexport const AuthContext = createContext<AuthContextType | null>(null);\n","\"use client\";\nimport { useContext } from \"react\";\nimport { SessionContext } from \"@/shared/providers/SessionProvider\";\n\n// TokenProvider will use this internal context to access session\nconst useSession = () => {\n const context = useContext(SessionContext);\n if (!context) {\n throw new Error(\"useSession must be used within an SessionProvider\");\n }\n return context;\n};\n\nexport { useSession };\n","\"use client\";\nimport { SessionData } from \"@/types\";\nimport { createContext, ReactNode } from \"react\";\n\nexport type SessionProviderOutput = SessionData;\nconst defaultSession: SessionProviderOutput = {\n authenticated: false,\n idToken: undefined,\n accessToken: undefined,\n displayMode: \"iframe\",\n};\n\n// Context for exposing session specifically to the TokenProvider\nconst SessionContext = createContext<SessionProviderOutput>(defaultSession);\n\ntype SessionContextType = {\n children: ReactNode;\n session?: SessionData | null;\n};\n\nconst SessionProvider = ({ children, session }: SessionContextType) => (\n <SessionContext.Provider value={{ ...defaultSession, ...(session || {}) }}>\n {children}\n </SessionContext.Provider>\n);\n\nexport type { SessionContextType };\nexport { SessionProvider, SessionContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { TokenContext } from \"@/shared/providers/TokenProvider\";\n\nconst useToken = () => {\n const context = useContext(TokenContext);\n\n if (!context) {\n throw new Error(\"useToken must be used within a TokenProvider\");\n }\n\n return context;\n};\n\nexport { useToken };\n","\"use client\";\nimport { createContext, ReactNode, useMemo } from \"react\";\nimport { useMutation, useQueryClient } from \"@tanstack/react-query\";\nimport { useAuth } from \"@/shared/hooks/useAuth\";\nimport { useSession } from \"@/shared/hooks/useSession\";\nimport { ForwardedTokens, IdToken } from \"@/types\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\n\ntype TokenContextType = {\n accessToken: string | null;\n idToken: string | null;\n forwardedTokens: ForwardedTokens;\n refreshToken: () => Promise<void>;\n isLoading: boolean;\n error: Error | null;\n};\n\nconst TokenContext = createContext<TokenContextType | undefined>(undefined);\n\nconst TokenProvider = ({ children }: { children: ReactNode }) => {\n const { isLoading, error: authError } = useAuth();\n const session = useSession();\n const queryClient = useQueryClient();\n\n const refreshTokenMutation = useMutation({\n mutationFn: async () => {\n // Implement token refresh logic here\n throw new Error(\"Method not implemented.\");\n },\n onSuccess: () => {\n // Invalidate and refetch queries that depend on the auth session\n queryClient.invalidateQueries({ queryKey: [\"session\"] });\n },\n });\n\n const decodeTokens = useMemo(() => {\n if (!session?.idToken) return null;\n\n const parsedJWT = parseJWT(session.idToken) as IdToken | null;\n\n if (!parsedJWT) return null;\n\n const { forwardedTokens } = parsedJWT.payload;\n\n return forwardedTokens\n ? convertForwardedTokenFormat(forwardedTokens)\n : null;\n }, [session?.idToken]);\n\n const value = useMemo(\n () => ({\n accessToken: session.accessToken || null,\n idToken: session.idToken || null,\n forwardedTokens: decodeTokens || {},\n refreshToken: refreshTokenMutation.mutateAsync,\n isLoading,\n error: (authError || refreshTokenMutation.error) as Error | null,\n }),\n [\n session.accessToken,\n session.idToken,\n decodeTokens,\n refreshTokenMutation.mutateAsync,\n refreshTokenMutation.error,\n isLoading,\n authError,\n ],\n );\n\n return (\n <TokenContext.Provider value={value}>{children}</TokenContext.Provider>\n );\n};\n\nexport type { TokenContextType };\nexport { TokenProvider, TokenContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { ConfigContext } from \"@/shared/providers/ConfigProvider\";\n\n// TokenProvider will use this internal context to access Config\nconst useConfig = () => {\n const context = useContext(ConfigContext);\n if (!context) {\n throw new Error(\"useConfig must be used within an ConfigProvider\");\n }\n return context;\n};\n\nexport { useConfig };\n","import { Config } from \"@/types\";\nimport { DEFAULT_AUTH_SERVER } from \"./constants\";\n\nexport const authConfig: Config = {\n oauthServer: DEFAULT_AUTH_SERVER,\n};\n","\"use client\";\nimport { authConfig } from \"@/config\";\nimport { Config } from \"@/types\";\nimport { createContext, ReactNode } from \"react\";\n\nexport type ConfigProviderOutput = {\n config: Config;\n redirectUrl: string;\n modalIframe: boolean;\n serverTokenExchange: boolean;\n};\nconst defaultConfig: ConfigProviderOutput = {\n config: authConfig,\n redirectUrl: \"\",\n modalIframe: true,\n serverTokenExchange: false,\n};\n// Context for exposing Config specifically to the TokenProvider\nconst ConfigContext = createContext<ConfigProviderOutput>(defaultConfig);\n\ntype ConfigContextType = {\n children: ReactNode;\n config: Config;\n redirectUrl: string;\n modalIframe?: boolean;\n serverTokenExchange: boolean;\n};\n\nconst ConfigProvider = ({\n children,\n config,\n redirectUrl,\n modalIframe,\n serverTokenExchange,\n}: ConfigContextType) => (\n <ConfigContext.Provider\n value={{\n config,\n redirectUrl,\n modalIframe: !!modalIframe,\n serverTokenExchange,\n }}\n >\n {children}\n </ConfigContext.Provider>\n);\n\nexport type { ConfigContextType };\nexport { ConfigProvider, ConfigContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { IframeContext } from \"@/shared/providers/IframeProvider\";\n\n// TokenProvider will use this internal context to access Iframe\nconst useIframe = () => {\n const context = useContext(IframeContext);\n if (!context) {\n throw new Error(\"useIframe must be used within an IframeProvider\");\n }\n return context;\n};\n\nexport { useIframe };\n","\"use client\";\nimport {\n createContext,\n Dispatch,\n ReactNode,\n RefObject,\n SetStateAction,\n} from \"react\";\n\nexport type IframeProviderOutput = {\n iframeRef: RefObject<HTMLIFrameElement> | null;\n setAuthResponseUrl: Dispatch<SetStateAction<string | null>>;\n};\nconst defaultIframe: IframeProviderOutput = {\n iframeRef: null,\n setAuthResponseUrl: () => {},\n};\n\n// Context for exposing Iframe specifically to the TokenProvider\nconst IframeContext = createContext<IframeProviderOutput>(defaultIframe);\n\ntype IframeContextType = {\n children: ReactNode;\n iframeRef: RefObject<HTMLIFrameElement> | null;\n setAuthResponseUrl: Dispatch<SetStateAction<string | null>>;\n};\n\nconst IframeProvider = ({\n children,\n iframeRef,\n setAuthResponseUrl,\n}: IframeContextType) => (\n <IframeContext.Provider value={{ iframeRef, setAuthResponseUrl }}>\n {children}\n </IframeContext.Provider>\n);\n\nexport type { IframeContextType };\nexport { IframeProvider, IframeContext };\n","\"use client\";\nimport { useCallback, useEffect, useRef, useState } from \"react\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon\";\nimport { CloseIcon } from \"@/shared/components/CloseIcon\";\nimport { CivicAuthIframe } from \"@/shared/components/CivicAuthIframe\";\nimport { useAuth, useConfig, useIframe } from \"@/shared/hooks\";\nimport React from \"react\";\nimport { TOKEN_EXCHANGE_TRIGGER_TEXT } from \"@/constants\";\n\ntype CivicAuthIframeContainerProps = {\n onClose?: () => void;\n closeOnRedirect?: boolean;\n};\n\nfunction NoChrome({\n children,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return <div className=\"cac-relative\">{children}</div>;\n}\n\nfunction IframeChrome({\n children,\n onClose,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return (\n <div\n className=\"cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-neutral-950 cac-bg-opacity-50\"\n onClick={onClose}\n >\n <div\n className=\"cac-relative cac-rounded-3xl cac-bg-white cac-p-6 cac-shadow-lg\"\n onClick={(e) => e.stopPropagation()}\n >\n <button\n className=\"cac-absolute cac-right-4 cac-top-4 cac-flex cac-cursor-pointer cac-items-center cac-justify-center cac-border-none cac-bg-transparent cac-p-1 cac-text-neutral-400\"\n onClick={onClose}\n >\n <CloseIcon />\n </button>\n\n {children}\n </div>\n </div>\n );\n}\nconst CivicAuthIframeContainer = ({\n onClose,\n closeOnRedirect = true,\n}: CivicAuthIframeContainerProps) => {\n const [isLoading, setIsLoading] = useState(true);\n const { isLoading: isAuthLoading } = useAuth();\n const config = useConfig();\n const { setAuthResponseUrl, iframeRef } = useIframe();\n const processIframeUrl = useCallback(() => {\n if (iframeRef && iframeRef.current && iframeRef.current.contentWindow) {\n try {\n const iframeUrl = iframeRef.current.contentWindow.location.href;\n // we know that oauth has finished when the iframe redirects to our redirectUrl\n if (iframeUrl.startsWith(config.redirectUrl)) {\n // we still want to show the spinner during redirect\n setIsLoading(true);\n const iframeBody =\n iframeRef.current.contentWindow.document.body.innerHTML;\n\n // If we're doing a server token exchange, we need to call the server a second time\n // using a fetch so that we're on the same domain and cookies can be sent and read\n // The server will use the presence of the code_verifier cookie to determine whether to do a token exchange or not.\n // On the initial (3rd party) redirect from the auth server, the cookie won't be sent, so the server-side callback route will just render a blank page,\n // and we'll do the exchange request from here, which will include the cookies.\n if (iframeBody.includes(TOKEN_EXCHANGE_TRIGGER_TEXT)) {\n console.log(\n `${TOKEN_EXCHANGE_TRIGGER_TEXT}, calling callback URL again...`,\n );\n const params = new URL(iframeUrl).searchParams;\n fetch(`${config.redirectUrl}?${params.toString()}`);\n } else {\n // if we're doing token-exchange in the client, we can just set the authResponseUrl\n // to be handled by the auth provider\n setAuthResponseUrl(iframeUrl);\n }\n\n if (closeOnRedirect) onClose?.();\n return true; // Successfully processed the URL\n }\n } catch {\n // If we get here, the iframe hasn't redirected to our origin yet\n console.log(\"Waiting for redirect...\");\n }\n }\n return false; // Haven't processed the URL yet\n }, [\n closeOnRedirect,\n config.redirectUrl,\n iframeRef,\n onClose,\n setAuthResponseUrl,\n ]);\n\n const intervalId = useRef<NodeJS.Timeout>();\n\n const handleEscape = useCallback(\n (event: KeyboardEvent) => {\n if (event.key === \"Escape\") {\n onClose?.();\n }\n },\n [onClose],\n );\n\n // handle Escape\n useEffect(() => {\n window.addEventListener(\"keydown\", handleEscape);\n\n return () => window.removeEventListener(\"keydown\", handleEscape);\n });\n\n const handleIframeLoad = () => {\n setIsLoading(false);\n console.log(\"handleIframeLoad\");\n if (processIframeUrl() && intervalId.current) {\n clearInterval(intervalId.current);\n }\n };\n const showLoadingIcon =\n isLoading || isAuthLoading || !iframeRef?.current?.getAttribute(\"src\");\n\n const WrapperComponent = config.modalIframe ? IframeChrome : NoChrome;\n\n return (\n <WrapperComponent onClose={onClose}>\n {showLoadingIcon && (\n <div className=\"cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-rounded-3xl cac-bg-white\">\n <LoadingIcon />\n </div>\n )}\n\n <CivicAuthIframe ref={iframeRef} onLoad={handleIframeLoad} />\n </WrapperComponent>\n );\n};\n\nexport type { CivicAuthIframeContainerProps };\n\nexport { CivicAuthIframeContainer };\n","const LoadingIcon = () => (\n <div role=\"status\">\n <svg\n aria-hidden=\"true\"\n className=\"cac-inline cac-h-8 cac-w-8 cac-animate-spin cac-fill-neutral-600 cac-text-neutral-200 dark:cac-fill-neutral-300 dark:cac-text-neutral-600\"\n viewBox=\"0 0 100 101\"\n fill=\"none\"\n xmlns=\"http://www.w3.org/2000/svg\"\n >\n <path\n d=\"M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z\"\n fill=\"currentColor\"\n />\n <path\n d=\"M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z\"\n fill=\"currentFill\"\n />\n </svg>\n <span className=\"cac-sr-only\">Loading...</span>\n </div>\n);\n\nexport { LoadingIcon };\n","const CloseIcon = () => (\n <svg\n xmlns=\"http://www.w3.org/2000/svg\"\n width=\"24\"\n height=\"24\"\n viewBox=\"0 0 24 24\"\n fill=\"none\"\n stroke=\"currentColor\"\n strokeWidth=\"2\"\n strokeLinecap=\"round\"\n strokeLinejoin=\"round\"\n className=\"lucide lucide-x\"\n >\n <path d=\"M18 6 6 18\" />\n <path d=\"m6 6 12 12\" />\n </svg>\n);\n\nexport { CloseIcon };\n","\"use client\";\nimport { IFRAME_ID } from \"@/constants\";\nimport { forwardRef } from \"react\";\n\ntype CivicAuthIframeProps = {\n onLoad?: () => void;\n};\n\nconst CivicAuthIframe = forwardRef<HTMLIFrameElement, CivicAuthIframeProps>(\n ({ onLoad }, ref) => {\n return (\n <iframe\n id={IFRAME_ID}\n ref={ref}\n className=\"cac-h-[26rem] cac-w-80 cac-border-none\"\n onLoad={onLoad}\n />\n );\n },\n);\n\nCivicAuthIframe.displayName = \"CivicAuthIframe\";\n\nexport type { CivicAuthIframeProps };\n\nexport { CivicAuthIframe };\n","\"use client\";\nimport { createContext, ReactNode } from \"react\";\nimport { useQuery, UseQueryResult } from \"@tanstack/react-query\";\nimport { JWT } from \"oslo/jwt\";\nimport { AuthStorage, EmptyObject, User } from \"@/types\";\nimport { useAuth } from \"@/shared/hooks/useAuth\";\nimport { useToken } from \"@/shared/hooks/useToken\";\nimport { useSession } from \"@/shared/hooks/useSession\";\nimport { AuthContextType } from \"@/shared/AuthContext\";\nimport { GenericUserSession } from \"@/shared/UserSession\";\n\ntype UserContextType<\n T extends Record<string, unknown> & JWT[\"payload\"] = Record<string, unknown> &\n JWT[\"payload\"],\n> = {\n user: User<T> | null;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends EmptyObject>({\n children,\n storage,\n user: inputUser,\n signOut: inputSignOut,\n}: {\n children: ReactNode;\n storage: AuthStorage;\n user?: User<T> | null;\n signOut?: () => Promise<void>;\n}) => {\n const { isLoading: authLoading, error: authError } = useAuth();\n const session = useSession();\n const { accessToken } = useToken();\n const { signIn, signOut } = useAuth();\n\n const fetchUser = async (): Promise<User | null> => {\n if (!accessToken) {\n return null;\n }\n const userSession = new GenericUserSession(storage);\n return userSession.get();\n };\n\n const {\n data: user,\n isLoading: userLoading,\n error: userError,\n }: UseQueryResult<User<T> | null, Error> = useQuery({\n queryKey: [\"user\", session?.idToken],\n queryFn: fetchUser,\n enabled: !!session?.idToken, // Only run the query if we have an access token\n });\n\n const isLoading = authLoading || userLoading;\n const error = authError || userError;\n\n return (\n <UserContext.Provider\n value={{\n user: (inputUser || user) ?? null,\n isLoading,\n error,\n signIn,\n signOut: inputSignOut || signOut,\n }}\n >\n {children}\n </UserContext.Provider>\n );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n","\"use client\";\nimport {\n ReactNode,\n useCallback,\n useEffect,\n useMemo,\n useRef,\n useState,\n} from \"react\";\nimport { useMutation, useQuery, useQueryClient } from \"@tanstack/react-query\";\nimport { Config, DisplayMode, SessionData } from \"@/types\";\nimport { CivicAuthIframeContainer } from \"@/shared/components/CivicAuthIframeContainer\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider\";\nimport { DEFAULT_SCOPES } from \"@/constants\";\nimport { authConfig } from \"@/config\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon\";\nimport { isWindowInIframe } from \"@/lib/windowUtil\";\nimport { AuthContext } from \"@/shared/AuthContext\";\nimport {\n BrowserAuthenticationInitiator,\n BrowserAuthenticationService,\n} from \"@/services/AuthenticationService\";\nimport {\n AuthenticationResolver,\n PKCEConsumer,\n PopupError,\n} from \"@/services/types\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE\";\nimport { generateState } from \"@/lib/oauth\";\nimport { LocalStorageAdapter } from \"@/browser/storage\";\nimport { ConfigProvider } from \"@/shared/providers/ConfigProvider\";\nimport { getUser } from \"./session\";\nimport { GenericUserSession } from \"./UserSession\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider\";\n\n// Global this object setup\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n globalThisObject = global;\n} else {\n globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nexport type AuthProviderProps = {\n children: ReactNode;\n clientId: string;\n redirectUrl?: string;\n nonce?: string;\n config?: Config;\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => Promise<void>;\n pkceConsumer?: PKCEConsumer;\n modalIframe?: boolean;\n sessionData?: SessionData;\n};\n\nfunction BlockDisplay({ children }: { children: ReactNode }) {\n return (\n <div className=\"cac-relative cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white\">\n <div className=\"cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white\">\n {children}\n </div>\n </div>\n );\n}\n\nconst AuthProvider = ({\n children,\n clientId,\n redirectUrl: inputRedirectUrl,\n config = authConfig,\n onSignIn,\n onSignOut,\n pkceConsumer,\n nonce,\n modalIframe = true,\n sessionData: inputSessionData,\n}: AuthProviderProps) => {\n const [iframeUrl, setIframeUrl] = useState<string | null>(null);\n const [currentUrl, setCurrentUrl] = useState<string | null>(null);\n const [isInIframe, setIsInIframe] = useState(false);\n const [authResponseUrl, setAuthResponseUrl] = useState<string | null>(null);\n const [tokenExchangeError, setTokenExchangeError] = useState<Error>();\n const [displayMode, setDisplayMode] = useState<DisplayMode>(\"iframe\");\n const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] =\n useState<BrowserAuthenticationInitiator | null>();\n const [showIFrame, setShowIFrame] = useState(false);\n const [isRedirecting, setIsRedirecting] = useState(false);\n const queryClient = useQueryClient();\n const iframeRef = useRef<HTMLIFrameElement>(null);\n\n // TODO maybe we want to support or derive serverTokenExchange another way?\n const serverTokenExchange =\n pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n // check if the current window is in an iframe with the iframe id, and set an isInIframe state\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n setCurrentUrl(globalThis.window.location.href);\n const isInIframeVal = isWindowInIframe(globalThis.window);\n setIsInIframe(isInIframeVal);\n }\n }, []);\n\n const redirectUrl = useMemo(\n () => (inputRedirectUrl || currentUrl || \"\").split(\"?\")[0],\n [currentUrl, inputRedirectUrl],\n );\n\n const [authService, setAuthService] = useState<AuthenticationResolver>();\n\n useEffect(() => {\n if (!currentUrl) return;\n BrowserAuthenticationService.build({\n clientId,\n redirectUrl,\n oauthServer: config.oauthServer,\n scopes: DEFAULT_SCOPES,\n displayMode,\n }).then(setAuthService);\n }, [currentUrl, clientId, redirectUrl, config, displayMode]);\n\n const {\n data: session,\n isLoading,\n error,\n } = useQuery({\n queryKey: [\n \"session\",\n authResponseUrl,\n iframeUrl,\n currentUrl,\n isInIframe,\n authService,\n ],\n queryFn: async () => {\n if (!authService) {\n return { authenticated: false };\n }\n if (inputSessionData) {\n return inputSessionData;\n }\n const url = new URL(\n authResponseUrl\n ? authResponseUrl\n : globalThis.window.location.href || \"\",\n );\n // if we have existing tokens, then validate them and return the session data\n // otherwise check if we have a code in the url and exchange it for tokens\n // if we have neither, return undefined\n const existingSessionData = await authService.validateExistingSession();\n if (existingSessionData.authenticated) {\n return existingSessionData;\n }\n const code = url.searchParams.get(\"code\");\n const state = url.searchParams.get(\"state\");\n if (!serverTokenExchange && code && state && !isInIframe) {\n try {\n console.log(\"AuthProvider useQuery code\", {\n isInIframe,\n code,\n state,\n });\n await authService.tokenExchange(code, state);\n const clientStorage = new LocalStorageAdapter();\n const user = await getUser(clientStorage);\n if (!user) {\n throw new Error(\"Failed to get user info\");\n }\n\n const userSession = new GenericUserSession(clientStorage);\n userSession.set(user);\n\n onSignIn?.(); // Call onSignIn without an error if successful\n return authService.getSessionData();\n } catch (error) {\n setTokenExchangeError(error as Error);\n onSignIn?.(\n error instanceof Error ? error : new Error(\"Failed to sign in\"),\n ); // Pass the error to onSignIn\n return { authenticated: false };\n }\n }\n\n return existingSessionData;\n },\n });\n\n const signOutMutation = useMutation({\n mutationFn: async () => {\n // Implement signOut logic here\n const authInitiator = getAuthInitiator();\n authInitiator?.signOut();\n setIframeUrl(null);\n setShowIFrame(false);\n setAuthResponseUrl(null);\n onSignOut?.();\n },\n onSuccess: () => {\n queryClient.setQueryData(\n [\n \"session\",\n authResponseUrl,\n iframeUrl,\n currentUrl,\n isInIframe,\n authService,\n ],\n null,\n );\n },\n });\n\n const getAuthInitiator = useCallback(\n (overrideDisplayMode?: DisplayMode) => {\n const useDisplayMode = overrideDisplayMode || displayMode;\n if (!pkceConsumer) {\n return null;\n }\n return (\n browserAuthenticationInitiator ||\n new BrowserAuthenticationInitiator({\n pkceConsumer, // generate and retrieve the challenge client-side\n clientId,\n redirectUrl,\n state: generateState(useDisplayMode, serverTokenExchange),\n scopes: DEFAULT_SCOPES,\n displayMode: useDisplayMode,\n oauthServer: config.oauthServer,\n // the endpoints to use for the login (if not obtained from the auth server\n endpointOverrides: config.endpoints,\n nonce,\n })\n );\n },\n [\n serverTokenExchange,\n displayMode,\n browserAuthenticationInitiator,\n clientId,\n redirectUrl,\n config.oauthServer,\n config.endpoints,\n pkceConsumer,\n nonce,\n ],\n );\n\n const signIn = useCallback(\n async (overrideDisplayMode: DisplayMode = \"iframe\") => {\n setDisplayMode(overrideDisplayMode);\n const authInitiator = getAuthInitiator(overrideDisplayMode);\n setBrowserAuthenticationInitiator(authInitiator);\n if (overrideDisplayMode === \"iframe\") {\n setShowIFrame(true);\n } else if (overrideDisplayMode === \"redirect\") {\n setIsRedirecting(true);\n }\n authInitiator?.signIn(iframeRef.current).catch((error) => {\n console.log(\"signIn error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n // if we've tried to open a popup and it has failed, then fallback to redirect mode\n if (error instanceof PopupError) {\n signIn(\"redirect\");\n }\n });\n },\n [getAuthInitiator],\n );\n\n // remove event listeners when the component unmounts\n useEffect(() => {\n return () => {\n if (browserAuthenticationInitiator) {\n browserAuthenticationInitiator.cleanup();\n }\n };\n }, [browserAuthenticationInitiator]);\n\n const isAuthenticated = useMemo(\n () => (session ? session.authenticated : false),\n [session],\n );\n\n useQuery({\n queryKey: [\"autoSignIn\", modalIframe, redirectUrl, isAuthenticated],\n queryFn: async () => {\n if (\n !modalIframe &&\n redirectUrl &&\n !isAuthenticated &&\n iframeRef.current\n ) {\n signIn(\"iframe\");\n }\n return true;\n },\n refetchOnWindowFocus: false,\n });\n\n const value = useMemo(\n () => ({\n isLoading,\n error: error as Error | null,\n signOut: async () => {\n await signOutMutation.mutateAsync();\n },\n isAuthenticated,\n signIn,\n }),\n [isLoading, error, signOutMutation, isAuthenticated, signIn],\n );\n return (\n <AuthContext.Provider value={value}>\n <ConfigProvider\n config={config}\n redirectUrl={redirectUrl}\n modalIframe={modalIframe}\n serverTokenExchange={serverTokenExchange}\n >\n <IframeProvider\n setAuthResponseUrl={setAuthResponseUrl}\n iframeRef={iframeRef}\n >\n <SessionProvider session={session}>\n <TokenProvider>\n {modalIframe && !isInIframe && !session?.authenticated && (\n <div\n style={\n showIFrame ? { display: \"block\" } : { display: \"none\" }\n }\n >\n <CivicAuthIframeContainer\n onClose={() => setShowIFrame(false)}\n />\n </div>\n )}\n\n {modalIframe &&\n (isInIframe ||\n isRedirecting ||\n (isLoading && !serverTokenExchange)) && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n\n {(tokenExchangeError || error) && (\n <BlockDisplay>\n <div>\n Error: {(tokenExchangeError || (error as Error)).message}\n </div>\n </BlockDisplay>\n )}\n {children}\n </TokenProvider>\n </SessionProvider>\n </IframeProvider>\n </ConfigProvider>\n </AuthContext.Provider>\n );\n};\n\nexport { AuthProvider };\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AACA,SAAS,kBAAkB;;;ACD3B,SAAS,qBAAqB;AAUvB,IAAM,cAAc,cAAsC,IAAI;;;ADLrE,IAAM,UAAU,MAAM;AACpB,QAAM,UAAU,WAAW,WAAW;AAEtC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,6CAA6C;AAAA,EAC/D;AAEA,SAAO;AACT;;;AEZA,SAAS,cAAAA,mBAAkB;;;ACC3B,SAAS,iBAAAC,sBAAgC;AAmBvC;AAhBF,IAAM,iBAAwC;AAAA,EAC5C,eAAe;AAAA,EACf,SAAS;AAAA,EACT,aAAa;AAAA,EACb,aAAa;AACf;AAGA,IAAM,iBAAiBC,eAAqC,cAAc;AAO1E,IAAM,kBAAkB,CAAC,EAAE,UAAU,QAAQ,MAC3C,oBAAC,eAAe,UAAf,EAAwB,OAAO,kCAAK,iBAAoB,WAAW,CAAC,IAClE,UACH;;;ADlBF,IAAM,aAAa,MAAM;AACvB,QAAM,UAAUC,YAAW,cAAc;AACzC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,mDAAmD;AAAA,EACrE;AACA,SAAO;AACT;;;AEVA,SAAS,cAAAC,mBAAkB;;;ACA3B,SAAS,iBAAAC,gBAA0B,eAAe;AAClD,SAAS,aAAa,sBAAsB;AAI5C,SAAS,gBAAgB;AAiErB,gBAAAC,YAAA;AArDJ,IAAM,eAAeC,eAA4C,MAAS;AAE1E,IAAM,gBAAgB,CAAC,EAAE,SAAS,MAA+B;AAC/D,QAAM,EAAE,WAAW,OAAO,UAAU,IAAI,QAAQ;AAChD,QAAM,UAAU,WAAW;AAC3B,QAAM,cAAc,eAAe;AAEnC,QAAM,uBAAuB,YAAY;AAAA,IACvC,YAAY,MAAY;AAEtB,YAAM,IAAI,MAAM,yBAAyB;AAAA,IAC3C;AAAA,IACA,WAAW,MAAM;AAEf,kBAAY,kBAAkB,EAAE,UAAU,CAAC,SAAS,EAAE,CAAC;AAAA,IACzD;AAAA,EACF,CAAC;AAED,QAAM,eAAe,QAAQ,MAAM;AACjC,QAAI,EAAC,mCAAS,SAAS,QAAO;AAE9B,UAAM,YAAY,SAAS,QAAQ,OAAO;AAE1C,QAAI,CAAC,UAAW,QAAO;AAEvB,UAAM,EAAE,gBAAgB,IAAI,UAAU;AAEtC,WAAO,kBACH,4BAA4B,eAAe,IAC3C;AAAA,EACN,GAAG,CAAC,mCAAS,OAAO,CAAC;AAErB,QAAM,QAAQ;AAAA,IACZ,OAAO;AAAA,MACL,aAAa,QAAQ,eAAe;AAAA,MACpC,SAAS,QAAQ,WAAW;AAAA,MAC5B,iBAAiB,gBAAgB,CAAC;AAAA,MAClC,cAAc,qBAAqB;AAAA,MACnC;AAAA,MACA,OAAQ,aAAa,qBAAqB;AAAA,IAC5C;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR;AAAA,MACA,qBAAqB;AAAA,MACrB,qBAAqB;AAAA,MACrB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,SACE,gBAAAD,KAAC,aAAa,UAAb,EAAsB,OAAe,UAAS;AAEnD;;;ADrEA,IAAM,WAAW,MAAM;AACrB,QAAM,UAAUE,YAAW,YAAY;AAEvC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,8CAA8C;AAAA,EAChE;AAEA,SAAO;AACT;;;AEXA,SAAS,cAAAC,mBAAkB;;;ACEpB,IAAM,aAAqB;AAAA,EAChC,aAAa;AACf;;;ACFA,SAAS,iBAAAC,sBAAgC;AAgCvC,gBAAAC,YAAA;AAxBF,IAAM,gBAAsC;AAAA,EAC1C,QAAQ;AAAA,EACR,aAAa;AAAA,EACb,aAAa;AAAA,EACb,qBAAqB;AACvB;AAEA,IAAM,gBAAgBD,eAAoC,aAAa;AAUvE,IAAM,iBAAiB,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MACE,gBAAAC;AAAA,EAAC,cAAc;AAAA,EAAd;AAAA,IACC,OAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,aAAa,CAAC,CAAC;AAAA,MACf;AAAA,IACF;AAAA,IAEC;AAAA;AACH;;;AFvCF,IAAM,YAAY,MAAM;AACtB,QAAM,UAAUC,YAAW,aAAa;AACxC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,iDAAiD;AAAA,EACnE;AACA,SAAO;AACT;;;AGVA,SAAS,cAAAC,mBAAkB;;;ACA3B;AAAA,EACE,iBAAAC;AAAA,OAKK;AAyBL,gBAAAC,YAAA;AAnBF,IAAM,gBAAsC;AAAA,EAC1C,WAAW;AAAA,EACX,oBAAoB,MAAM;AAAA,EAAC;AAC7B;AAGA,IAAM,gBAAgBD,eAAoC,aAAa;AAQvE,IAAM,iBAAiB,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACF,MACE,gBAAAC,KAAC,cAAc,UAAd,EAAuB,OAAO,EAAE,WAAW,mBAAmB,GAC5D,UACH;;;AD7BF,IAAM,YAAY,MAAM;AACtB,QAAM,UAAUC,YAAW,aAAa;AACxC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,iDAAiD;AAAA,EACnE;AACA,SAAO;AACT;;;AEVA,SAAS,aAAa,WAAW,QAAQ,gBAAgB;;;ACCrD,SAOE,OAAAC,MAPF;AAFJ,IAAM,cAAc,MAClB,qBAAC,SAAI,MAAK,UACR;AAAA;AAAA,IAAC;AAAA;AAAA,MACC,eAAY;AAAA,MACZ,WAAU;AAAA,MACV,SAAQ;AAAA,MACR,MAAK;AAAA,MACL,OAAM;AAAA,MAEN;AAAA,wBAAAA;AAAA,UAAC;AAAA;AAAA,YACC,GAAE;AAAA,YACF,MAAK;AAAA;AAAA,QACP;AAAA,QACA,gBAAAA;AAAA,UAAC;AAAA;AAAA,YACC,GAAE;AAAA,YACF,MAAK;AAAA;AAAA,QACP;AAAA;AAAA;AAAA,EACF;AAAA,EACA,gBAAAA,KAAC,UAAK,WAAU,eAAc,wBAAU;AAAA,GAC1C;;;AClBA,SAYE,OAAAC,MAZF,QAAAC,aAAA;AADF,IAAM,YAAY,MAChB,gBAAAA;AAAA,EAAC;AAAA;AAAA,IACC,OAAM;AAAA,IACN,OAAM;AAAA,IACN,QAAO;AAAA,IACP,SAAQ;AAAA,IACR,MAAK;AAAA,IACL,QAAO;AAAA,IACP,aAAY;AAAA,IACZ,eAAc;AAAA,IACd,gBAAe;AAAA,IACf,WAAU;AAAA,IAEV;AAAA,sBAAAD,KAAC,UAAK,GAAE,cAAa;AAAA,MACrB,gBAAAA,KAAC,UAAK,GAAE,cAAa;AAAA;AAAA;AACvB;;;ACbF,SAAS,kBAAkB;AASrB,gBAAAE,YAAA;AAHN,IAAM,kBAAkB;AAAA,EACtB,CAAC,EAAE,OAAO,GAAG,QAAQ;AACnB,WACE,gBAAAA;AAAA,MAAC;AAAA;AAAA,QACC,IAAI;AAAA,QACJ;AAAA,QACA,WAAU;AAAA,QACV;AAAA;AAAA,IACF;AAAA,EAEJ;AACF;AAEA,gBAAgB,cAAc;;;AHDrB,gBAAAC,MAeH,QAAAC,aAfG;AANT,SAAS,SAAS;AAAA,EAChB;AACF,GAGG;AACD,SAAO,gBAAAD,KAAC,SAAI,WAAU,gBAAgB,UAAS;AACjD;AAEA,SAAS,aAAa;AAAA,EACpB;AAAA,EACA;AACF,GAGG;AACD,SACE,gBAAAA;AAAA,IAAC;AAAA;AAAA,MACC,WAAU;AAAA,MACV,SAAS;AAAA,MAET,0BAAAC;AAAA,QAAC;AAAA;AAAA,UACC,WAAU;AAAA,UACV,SAAS,CAAC,MAAM,EAAE,gBAAgB;AAAA,UAElC;AAAA,4BAAAD;AAAA,cAAC;AAAA;AAAA,gBACC,WAAU;AAAA,gBACV,SAAS;AAAA,gBAET,0BAAAA,KAAC,aAAU;AAAA;AAAA,YACb;AAAA,YAEC;AAAA;AAAA;AAAA,MACH;AAAA;AAAA,EACF;AAEJ;AACA,IAAM,2BAA2B,CAAC;AAAA,EAChC;AAAA,EACA,kBAAkB;AACpB,MAAqC;AAtDrC;AAuDE,QAAM,CAAC,WAAW,YAAY,IAAI,SAAS,IAAI;AAC/C,QAAM,EAAE,WAAW,cAAc,IAAI,QAAQ;AAC7C,QAAM,SAAS,UAAU;AACzB,QAAM,EAAE,oBAAoB,UAAU,IAAI,UAAU;AACpD,QAAM,mBAAmB,YAAY,MAAM;AACzC,QAAI,aAAa,UAAU,WAAW,UAAU,QAAQ,eAAe;AACrE,UAAI;AACF,cAAM,YAAY,UAAU,QAAQ,cAAc,SAAS;AAE3D,YAAI,UAAU,WAAW,OAAO,WAAW,GAAG;AAE5C,uBAAa,IAAI;AACjB,gBAAM,aACJ,UAAU,QAAQ,cAAc,SAAS,KAAK;AAOhD,cAAI,WAAW,SAAS,2BAA2B,GAAG;AACpD,oBAAQ;AAAA,cACN,GAAG,2BAA2B;AAAA,YAChC;AACA,kBAAM,SAAS,IAAI,IAAI,SAAS,EAAE;AAClC,kBAAM,GAAG,OAAO,WAAW,IAAI,OAAO,SAAS,CAAC,EAAE;AAAA,UACpD,OAAO;AAGL,+BAAmB,SAAS;AAAA,UAC9B;AAEA,cAAI,gBAAiB;AACrB,iBAAO;AAAA,QACT;AAAA,MACF,SAAQ;AAEN,gBAAQ,IAAI,yBAAyB;AAAA,MACvC;AAAA,IACF;AACA,WAAO;AAAA,EACT,GAAG;AAAA,IACD;AAAA,IACA,OAAO;AAAA,IACP;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,aAAa,OAAuB;AAE1C,QAAM,eAAe;AAAA,IACnB,CAAC,UAAyB;AACxB,UAAI,MAAM,QAAQ,UAAU;AAC1B;AAAA,MACF;AAAA,IACF;AAAA,IACA,CAAC,OAAO;AAAA,EACV;AAGA,YAAU,MAAM;AACd,WAAO,iBAAiB,WAAW,YAAY;AAE/C,WAAO,MAAM,OAAO,oBAAoB,WAAW,YAAY;AAAA,EACjE,CAAC;AAED,QAAM,mBAAmB,MAAM;AAC7B,iBAAa,KAAK;AAClB,YAAQ,IAAI,kBAAkB;AAC9B,QAAI,iBAAiB,KAAK,WAAW,SAAS;AAC5C,oBAAc,WAAW,OAAO;AAAA,IAClC;AAAA,EACF;AACA,QAAM,kBACJ,aAAa,iBAAiB,GAAC,4CAAW,YAAX,mBAAoB,aAAa;AAElE,QAAM,mBAAmB,OAAO,cAAc,eAAe;AAE7D,SACE,gBAAAC,MAAC,oBAAiB,SACf;AAAA,uBACC,gBAAAD,KAAC,SAAI,WAAU,sGACb,0BAAAA,KAAC,eAAY,GACf;AAAA,IAGF,gBAAAA,KAAC,mBAAgB,KAAK,WAAW,QAAQ,kBAAkB;AAAA,KAC7D;AAEJ;;;AIhJA,SAAS,iBAAAE,sBAAgC;AACzC,SAAS,gBAAgC;AAwDrC,gBAAAC,YAAA;AAxCJ,IAAM,cAAcC,eAAsC,IAAI;AAE9D,IAAM,eAAe,CAAwB;AAAA,EAC3C;AAAA,EACA;AAAA,EACA,MAAM;AAAA,EACN,SAAS;AACX,MAKM;AA9BN;AA+BE,QAAM,EAAE,WAAW,aAAa,OAAO,UAAU,IAAI,QAAQ;AAC7D,QAAM,UAAU,WAAW;AAC3B,QAAM,EAAE,YAAY,IAAI,SAAS;AACjC,QAAM,EAAE,QAAQ,QAAQ,IAAI,QAAQ;AAEpC,QAAM,YAAY,MAAkC;AAClD,QAAI,CAAC,aAAa;AAChB,aAAO;AAAA,IACT;AACA,UAAM,cAAc,IAAI,mBAAmB,OAAO;AAClD,WAAO,YAAY,IAAI;AAAA,EACzB;AAEA,QAAM;AAAA,IACJ,MAAM;AAAA,IACN,WAAW;AAAA,IACX,OAAO;AAAA,EACT,IAA2C,SAAS;AAAA,IAClD,UAAU,CAAC,QAAQ,mCAAS,OAAO;AAAA,IACnC,SAAS;AAAA,IACT,SAAS,CAAC,EAAC,mCAAS;AAAA;AAAA,EACtB,CAAC;AAED,QAAM,YAAY,eAAe;AACjC,QAAM,QAAQ,aAAa;AAE3B,SACE,gBAAAD;AAAA,IAAC,YAAY;AAAA,IAAZ;AAAA,MACC,OAAO;AAAA,QACL,OAAO,kBAAa,SAAb,YAAsB;AAAA,QAC7B;AAAA,QACA;AAAA,QACA;AAAA,QACA,SAAS,gBAAgB;AAAA,MAC3B;AAAA,MAEC;AAAA;AAAA,EACH;AAEJ;;;ACrEA;AAAA,EAEE,eAAAE;AAAA,EACA,aAAAC;AAAA,EACA,WAAAC;AAAA,EACA,UAAAC;AAAA,EACA,YAAAC;AAAA,OACK;AACP,SAAS,eAAAC,cAAa,YAAAC,WAAU,kBAAAC,uBAAsB;AAsDhD,gBAAAC,OAmSY,QAAAC,aAnSZ;AA1BN,IAAI;AACJ,IAAI,OAAO,WAAW,aAAa;AACjC,qBAAmB;AACrB,WAAW,OAAO,WAAW,aAAa;AACxC,qBAAmB;AACrB,OAAO;AACL,qBAAmB,SAAS,aAAa,EAAE;AAC7C;AACA,iBAAiB,aAAa;AAe9B,SAAS,aAAa,EAAE,SAAS,GAA4B;AAC3D,SACE,gBAAAD,MAAC,SAAI,WAAU,kIACb,0BAAAA,MAAC,SAAI,WAAU,sFACZ,UACH,GACF;AAEJ;AAEA,IAAM,eAAe,CAAC;AAAA,EACpB;AAAA,EACA;AAAA,EACA,aAAa;AAAA,EACb,SAAS;AAAA,EACT;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,cAAc;AAAA,EACd,aAAa;AACf,MAAyB;AACvB,QAAM,CAAC,WAAW,YAAY,IAAIE,UAAwB,IAAI;AAC9D,QAAM,CAAC,YAAY,aAAa,IAAIA,UAAwB,IAAI;AAChE,QAAM,CAAC,YAAY,aAAa,IAAIA,UAAS,KAAK;AAClD,QAAM,CAAC,iBAAiB,kBAAkB,IAAIA,UAAwB,IAAI;AAC1E,QAAM,CAAC,oBAAoB,qBAAqB,IAAIA,UAAgB;AACpE,QAAM,CAAC,aAAa,cAAc,IAAIA,UAAsB,QAAQ;AACpE,QAAM,CAAC,gCAAgC,iCAAiC,IACtEA,UAAgD;AAClD,QAAM,CAAC,YAAY,aAAa,IAAIA,UAAS,KAAK;AAClD,QAAM,CAAC,eAAe,gBAAgB,IAAIA,UAAS,KAAK;AACxD,QAAM,cAAcC,gBAAe;AACnC,QAAM,YAAYC,QAA0B,IAAI;AAGhD,QAAM,sBACJ,wBAAwB;AAE1B,EAAAC,WAAU,MAAM;AACd,QAAI,OAAO,WAAW,WAAW,aAAa;AAC5C,oBAAc,WAAW,OAAO,SAAS,IAAI;AAC7C,YAAM,gBAAgB,iBAAiB,WAAW,MAAM;AACxD,oBAAc,aAAa;AAAA,IAC7B;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,cAAcC;AAAA,IAClB,OAAO,oBAAoB,cAAc,IAAI,MAAM,GAAG,EAAE,CAAC;AAAA,IACzD,CAAC,YAAY,gBAAgB;AAAA,EAC/B;AAEA,QAAM,CAAC,aAAa,cAAc,IAAIJ,UAAiC;AAEvE,EAAAG,WAAU,MAAM;AACd,QAAI,CAAC,WAAY;AACjB,iCAA6B,MAAM;AAAA,MACjC;AAAA,MACA;AAAA,MACA,aAAa,OAAO;AAAA,MACpB,QAAQ;AAAA,MACR;AAAA,IACF,CAAC,EAAE,KAAK,cAAc;AAAA,EACxB,GAAG,CAAC,YAAY,UAAU,aAAa,QAAQ,WAAW,CAAC;AAE3D,QAAM;AAAA,IACJ,MAAM;AAAA,IACN;AAAA,IACA;AAAA,EACF,IAAIE,UAAS;AAAA,IACX,UAAU;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,IACA,SAAS,MAAY;AACnB,UAAI,CAAC,aAAa;AAChB,eAAO,EAAE,eAAe,MAAM;AAAA,MAChC;AACA,UAAI,kBAAkB;AACpB,eAAO;AAAA,MACT;AACA,YAAM,MAAM,IAAI;AAAA,QACd,kBACI,kBACA,WAAW,OAAO,SAAS,QAAQ;AAAA,MACzC;AAIA,YAAM,sBAAsB,MAAM,YAAY,wBAAwB;AACtE,UAAI,oBAAoB,eAAe;AACrC,eAAO;AAAA,MACT;AACA,YAAM,OAAO,IAAI,aAAa,IAAI,MAAM;AACxC,YAAM,QAAQ,IAAI,aAAa,IAAI,OAAO;AAC1C,UAAI,CAAC,uBAAuB,QAAQ,SAAS,CAAC,YAAY;AACxD,YAAI;AACF,kBAAQ,IAAI,8BAA8B;AAAA,YACxC;AAAA,YACA;AAAA,YACA;AAAA,UACF,CAAC;AACD,gBAAM,YAAY,cAAc,MAAM,KAAK;AAC3C,gBAAM,gBAAgB,IAAI,oBAAoB;AAC9C,gBAAM,OAAO,MAAM,QAAQ,aAAa;AACxC,cAAI,CAAC,MAAM;AACT,kBAAM,IAAI,MAAM,yBAAyB;AAAA,UAC3C;AAEA,gBAAM,cAAc,IAAI,mBAAmB,aAAa;AACxD,sBAAY,IAAI,IAAI;AAEpB;AACA,iBAAO,YAAY,eAAe;AAAA,QACpC,SAASC,QAAO;AACd,gCAAsBA,MAAc;AACpC;AAAA,YACEA,kBAAiB,QAAQA,SAAQ,IAAI,MAAM,mBAAmB;AAAA;AAEhE,iBAAO,EAAE,eAAe,MAAM;AAAA,QAChC;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AAED,QAAM,kBAAkBC,aAAY;AAAA,IAClC,YAAY,MAAY;AAEtB,YAAM,gBAAgB,iBAAiB;AACvC,qDAAe;AACf,mBAAa,IAAI;AACjB,oBAAc,KAAK;AACnB,yBAAmB,IAAI;AACvB;AAAA,IACF;AAAA,IACA,WAAW,MAAM;AACf,kBAAY;AAAA,QACV;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAC;AAED,QAAM,mBAAmBC;AAAA,IACvB,CAAC,wBAAsC;AACrC,YAAM,iBAAiB,uBAAuB;AAC9C,UAAI,CAAC,cAAc;AACjB,eAAO;AAAA,MACT;AACA,aACE,kCACA,IAAI,+BAA+B;AAAA,QACjC;AAAA;AAAA,QACA;AAAA,QACA;AAAA,QACA,OAAO,cAAc,gBAAgB,mBAAmB;AAAA,QACxD,QAAQ;AAAA,QACR,aAAa;AAAA,QACb,aAAa,OAAO;AAAA;AAAA,QAEpB,mBAAmB,OAAO;AAAA,QAC1B;AAAA,MACF,CAAC;AAAA,IAEL;AAAA,IACA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,OAAO;AAAA,MACP,OAAO;AAAA,MACP;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,QAAM,SAASA;AAAA,IACb,CAAO,sBAAmC,aAAa;AACrD,qBAAe,mBAAmB;AAClC,YAAM,gBAAgB,iBAAiB,mBAAmB;AAC1D,wCAAkC,aAAa;AAC/C,UAAI,wBAAwB,UAAU;AACpC,sBAAc,IAAI;AAAA,MACpB,WAAW,wBAAwB,YAAY;AAC7C,yBAAiB,IAAI;AAAA,MACvB;AACA,qDAAe,OAAO,UAAU,SAAS,MAAM,CAACF,WAAU;AACxD,gBAAQ,IAAI,gBAAgB;AAAA,UAC1B,OAAAA;AAAA,UACA,cAAcA,kBAAiB;AAAA,QACjC,CAAC;AAED,YAAIA,kBAAiB,YAAY;AAC/B,iBAAO,UAAU;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAAA,IACA,CAAC,gBAAgB;AAAA,EACnB;AAGA,EAAAH,WAAU,MAAM;AACd,WAAO,MAAM;AACX,UAAI,gCAAgC;AAClC,uCAA+B,QAAQ;AAAA,MACzC;AAAA,IACF;AAAA,EACF,GAAG,CAAC,8BAA8B,CAAC;AAEnC,QAAM,kBAAkBC;AAAA,IACtB,MAAO,UAAU,QAAQ,gBAAgB;AAAA,IACzC,CAAC,OAAO;AAAA,EACV;AAEA,EAAAC,UAAS;AAAA,IACP,UAAU,CAAC,cAAc,aAAa,aAAa,eAAe;AAAA,IAClE,SAAS,MAAY;AACnB,UACE,CAAC,eACD,eACA,CAAC,mBACD,UAAU,SACV;AACA,eAAO,QAAQ;AAAA,MACjB;AACA,aAAO;AAAA,IACT;AAAA,IACA,sBAAsB;AAAA,EACxB,CAAC;AAED,QAAM,QAAQD;AAAA,IACZ,OAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,SAAS,MAAY;AACnB,cAAM,gBAAgB,YAAY;AAAA,MACpC;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,IACA,CAAC,WAAW,OAAO,iBAAiB,iBAAiB,MAAM;AAAA,EAC7D;AACA,SACE,gBAAAN,MAAC,YAAY,UAAZ,EAAqB,OACpB,0BAAAA;AAAA,IAAC;AAAA;AAAA,MACC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MAEA,0BAAAA;AAAA,QAAC;AAAA;AAAA,UACC;AAAA,UACA;AAAA,UAEA,0BAAAA,MAAC,mBAAgB,SACf,0BAAAC,MAAC,iBACE;AAAA,2BAAe,CAAC,cAAc,EAAC,mCAAS,kBACvC,gBAAAD;AAAA,cAAC;AAAA;AAAA,gBACC,OACE,aAAa,EAAE,SAAS,QAAQ,IAAI,EAAE,SAAS,OAAO;AAAA,gBAGxD,0BAAAA;AAAA,kBAAC;AAAA;AAAA,oBACC,SAAS,MAAM,cAAc,KAAK;AAAA;AAAA,gBACpC;AAAA;AAAA,YACF;AAAA,YAGD,gBACE,cACC,iBACC,aAAa,CAAC,wBACf,gBAAAA,MAAC,gBACC,0BAAAA,MAAC,eAAY,GACf;AAAA,aAGF,sBAAsB,UACtB,gBAAAA,MAAC,gBACC,0BAAAC,MAAC,SAAI;AAAA;AAAA,eACM,sBAAuB,OAAiB;AAAA,eACnD,GACF;AAAA,YAED;AAAA,aACH,GACF;AAAA;AAAA,MACF;AAAA;AAAA,EACF,GACF;AAEJ;","names":["useContext","createContext","createContext","useContext","useContext","createContext","jsx","createContext","useContext","useContext","createContext","jsx","useContext","useContext","createContext","jsx","useContext","jsx","jsx","jsxs","jsx","jsx","jsxs","createContext","jsx","createContext","useCallback","useEffect","useMemo","useRef","useState","useMutation","useQuery","useQueryClient","jsx","jsxs","useState","useQueryClient","useRef","useEffect","useMemo","useQuery","error","useMutation","useCallback"]}
package/dist/{chunk-X3FQBE22.mjs → chunk-O3WGNLRO.mjs} RENAMED
@@ -1,6 +1,7 @@
1
1
  import {
2
+ DEFAULT_AUTH_SERVER,
2
3
  withoutUndefined
3
- } from "./chunk-CBQ3HKRV.mjs";
4
+ } from "./chunk-4PLCDPEN.mjs";
4
5
  import {
5
6
  __spreadProps,
6
7
  __spreadValues
@@ -58,10 +59,11 @@ var loggers = {
58
59
 
59
60
  // src/nextjs/config.ts
60
61
  var logger = loggers.nextjs.handlers.auth;
61
- var appUrl = process.env.NEXT_PUBLIC_DASHBOARD_URL || "";
62
+ var _a;
63
+ var appUrl = typeof process !== "undefined" ? ((_a = process == null ? void 0 : process.env) == null ? void 0 : _a.NEXT_PUBLIC_APP_URL) || "" : "";
62
64
  var defaultServerSecure = !appUrl.startsWith("http://localhost");
63
65
  var defaultAuthConfig = {
64
- oauthServer: "https://auth-dev.civic.com/oauth",
66
+ oauthServer: DEFAULT_AUTH_SERVER,
65
67
  callbackUrl: "/api/auth/callback",
66
68
  challengeUrl: "/api/auth/challenge",
67
69
  logoutUrl: "/api/auth/logout",
@@ -106,7 +108,7 @@ var defaultAuthConfig = {
106
108
  }
107
109
  };
108
110
  var resolveAuthConfig = (config = {}) => {
109
- var _a, _b, _c, _d, _e, _f;
111
+ var _a2, _b, _c, _d, _e, _f;
110
112
  logger.debug("resolveAuthConfig inputs", JSON.stringify(config, null, 2));
111
113
  const configFromEnv = withoutUndefined({
112
114
  clientId: process.env._civic_auth_client_id,
@@ -116,7 +118,7 @@ var resolveAuthConfig = (config = {}) => {
116
118
  loginUrl: process.env._civic_auth_login_url,
117
119
  appUrl: process.env._civic_auth_app_url,
118
120
  logoutUrl: process.env._civic_auth_logout_url,
119
- include: (_a = process.env._civic_auth_includes) == null ? void 0 : _a.split(","),
121
+ include: (_a2 = process.env._civic_auth_includes) == null ? void 0 : _a2.split(","),
120
122
  exclude: (_b = process.env._civic_auth_excludes) == null ? void 0 : _b.split(","),
121
123
  cookies: process.env._civic_auth_cookie_config ? JSON.parse(process.env._civic_auth_cookie_config) : void 0
122
124
  });
@@ -168,4 +170,4 @@ export {
168
170
  resolveAuthConfig,
169
171
  createCivicAuthPlugin
170
172
  };
171
- //# sourceMappingURL=chunk-X3FQBE22.mjs.map
173
+ //# sourceMappingURL=chunk-O3WGNLRO.mjs.map
package/dist/chunk-O3WGNLRO.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/lib/logger.ts","../src/nextjs/config.ts"],"sourcesContent":["import debug from \"debug\";\n\nconst PACKAGE_NAME = \"@civic/auth\";\n\nexport interface Logger {\n debug(message: string, ...args: unknown[]): void;\n info(message: string, ...args: unknown[]): void;\n warn(message: string, ...args: unknown[]): void;\n error(message: string, ...args: unknown[]): void;\n}\n\nclass DebugLogger implements Logger {\n private debugLogger: debug.Debugger;\n private infoLogger: debug.Debugger;\n private warnLogger: debug.Debugger;\n private errorLogger: debug.Debugger;\n\n constructor(namespace: string) {\n // Format: @org/package:library:component:level\n this.debugLogger = debug(`${PACKAGE_NAME}:${namespace}:debug`);\n this.infoLogger = debug(`${PACKAGE_NAME}:${namespace}:info`);\n this.warnLogger = debug(`${PACKAGE_NAME}:${namespace}:warn`);\n this.errorLogger = debug(`${PACKAGE_NAME}:${namespace}:error`);\n\n this.debugLogger.color = \"4\";\n this.infoLogger.color = \"2\";\n this.warnLogger.color = \"3\";\n this.errorLogger.color = \"1\";\n }\n\n debug(message: string, ...args: unknown[]): void {\n this.debugLogger(message, ...args);\n }\n\n info(message: string, ...args: unknown[]): void {\n this.infoLogger(message, ...args);\n }\n\n warn(message: string, ...args: unknown[]): void {\n this.warnLogger(message, ...args);\n }\n\n error(message: string, ...args: unknown[]): void {\n this.errorLogger(message, ...args);\n }\n}\n\nexport const createLogger = (namespace: string): Logger =>\n new DebugLogger(namespace);\n\n// Pre-configured loggers for different parts of your package\nexport const loggers = {\n // Next.js specific loggers\n nextjs: {\n routes: createLogger(\"api:routes\"),\n middleware: createLogger(\"api:middleware\"),\n handlers: {\n auth: createLogger(\"api:handlers:auth\"),\n },\n },\n // React specific loggers\n react: {\n components: createLogger(\"react:components\"),\n hooks: createLogger(\"react:hooks\"),\n context: createLogger(\"react:context\"),\n },\n // Shared utilities loggers\n services: {\n validation: createLogger(\"utils:validation\"),\n network: createLogger(\"utils:network\"),\n },\n} as const;\n","/* eslint-disable turbo/no-undeclared-env-vars */\nimport { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger\";\nimport { withoutUndefined } from \"@/utils\";\nimport {\n CodeVerifier,\n CookieConfig,\n OAuthTokens,\n TokensCookieConfig,\n} from \"@/shared/types\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport type CookiesConfigObject = {\n tokens: TokensCookieConfig;\n user: CookieConfig;\n};\nexport type AuthConfigWithDefaults = {\n clientId: string;\n oauthServer: string;\n callbackUrl: string;\n loginUrl: string;\n logoutUrl: string;\n appUrl?: string;\n challengeUrl: string;\n include: string[];\n exclude: string[];\n cookies: CookiesConfigObject;\n};\n\nexport type AuthConfig = Partial<AuthConfigWithDefaults>;\n\nexport type DefinedAuthConfig = AuthConfigWithDefaults;\n\nconst appUrl =\n typeof process !== \"undefined\"\n ? process?.env?.NEXT_PUBLIC_APP_URL || \"\"\n : \"\";\nconst defaultServerSecure = !appUrl.startsWith(\"http://localhost\");\n\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n oauthServer: DEFAULT_AUTH_SERVER,\n callbackUrl: \"/api/auth/callback\",\n challengeUrl: \"/api/auth/challenge\",\n logoutUrl: \"/api/auth/logout\",\n loginUrl: \"/\",\n include: [\"/*\"],\n exclude: [],\n cookies: {\n tokens: {\n [OAuthTokens.ID_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.ACCESS_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.REFRESH_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [CodeVerifier.COOKIE_NAME]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n },\n user: {\n secure: defaultServerSecure,\n httpOnly: false,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: 60 * 60, // 1 hour\n },\n },\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n config: AuthConfig = {},\n): AuthConfigWithDefaults & { clientId: string } => {\n logger.debug(\"resolveAuthConfig inputs\", JSON.stringify(config, null, 2));\n // Read configuration that was set by the plugin via environment variables\n const configFromEnv = withoutUndefined({\n clientId: process.env._civic_auth_client_id,\n oauthServer: process.env._civic_oauth_server,\n callbackUrl: process.env._civic_auth_callback_url,\n challengeUrl: process.env._civic_auth_challenge_url,\n loginUrl: process.env._civic_auth_login_url,\n appUrl: process.env._civic_auth_app_url,\n logoutUrl: process.env._civic_auth_logout_url,\n include: process.env._civic_auth_includes?.split(\",\"),\n exclude: process.env._civic_auth_excludes?.split(\",\"),\n cookies: process.env._civic_auth_cookie_config\n ? JSON.parse(process.env._civic_auth_cookie_config)\n : undefined,\n }) as AuthConfig;\n const mergedConfig = {\n ...defaultAuthConfig,\n ...configFromEnv, // Apply plugin-set config\n ...config, // Override with directly passed config\n cookies: {\n tokens: {\n ...defaultAuthConfig.cookies.tokens,\n ...(configFromEnv?.cookies?.tokens || {}),\n ...(config.cookies?.tokens || {}),\n },\n user: {\n ...defaultAuthConfig.cookies.user,\n ...(configFromEnv?.cookies?.user || {}),\n ...(config.cookies?.user || {}),\n },\n },\n };\n\n logger.debug(\n \"Config from environment:\",\n JSON.stringify(configFromEnv, null, 2),\n );\n logger.debug(\"Resolved config:\", JSON.stringify(mergedConfig, null, 2));\n if (mergedConfig.clientId === undefined) {\n throw new Error(\"Civic Auth client ID is required\");\n }\n return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * callbackUrl: '/custom/callback',\n * loginUrl: '/custom/login',\n * logoutUrl: '/custom/logout',\n * include: ['/protected/*'],\n * exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (\n clientId: string,\n authConfig: AuthConfig = {},\n) => {\n return (nextConfig?: NextConfig) => {\n logger.debug(\n \"createCivicAuthPlugin nextConfig\",\n JSON.stringify(nextConfig, null, 2),\n );\n const resolvedConfig = resolveAuthConfig({ ...authConfig, clientId });\n return {\n ...nextConfig,\n env: {\n ...nextConfig?.env,\n // Internal environment variables - do not set these manually\n _civic_auth_client_id: clientId,\n _civic_oauth_server: resolvedConfig.oauthServer,\n _civic_auth_callback_url: resolvedConfig.callbackUrl,\n _civic_auth_challenge_url: resolvedConfig.challengeUrl,\n _civic_auth_login_url: resolvedConfig.loginUrl,\n _civic_auth_logout_url: resolvedConfig.logoutUrl,\n _civic_auth_app_url: resolvedConfig.appUrl,\n _civic_auth_includes: resolvedConfig.include.join(\",\"),\n _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n },\n };\n };\n};\n"],"mappings":";;;;;;;;;;AAAA,OAAO,WAAW;AAElB,IAAM,eAAe;AASrB,IAAM,cAAN,MAAoC;AAAA,EAMlC,YAAY,WAAmB;AAE7B,SAAK,cAAc,MAAM,GAAG,YAAY,IAAI,SAAS,QAAQ;AAC7D,SAAK,aAAa,MAAM,GAAG,YAAY,IAAI,SAAS,OAAO;AAC3D,SAAK,aAAa,MAAM,GAAG,YAAY,IAAI,SAAS,OAAO;AAC3D,SAAK,cAAc,MAAM,GAAG,YAAY,IAAI,SAAS,QAAQ;AAE7D,SAAK,YAAY,QAAQ;AACzB,SAAK,WAAW,QAAQ;AACxB,SAAK,WAAW,QAAQ;AACxB,SAAK,YAAY,QAAQ;AAAA,EAC3B;AAAA,EAEA,MAAM,YAAoB,MAAuB;AAC/C,SAAK,YAAY,SAAS,GAAG,IAAI;AAAA,EACnC;AAAA,EAEA,KAAK,YAAoB,MAAuB;AAC9C,SAAK,WAAW,SAAS,GAAG,IAAI;AAAA,EAClC;AAAA,EAEA,KAAK,YAAoB,MAAuB;AAC9C,SAAK,WAAW,SAAS,GAAG,IAAI;AAAA,EAClC;AAAA,EAEA,MAAM,YAAoB,MAAuB;AAC/C,SAAK,YAAY,SAAS,GAAG,IAAI;AAAA,EACnC;AACF;AAEO,IAAM,eAAe,CAAC,cAC3B,IAAI,YAAY,SAAS;AAGpB,IAAM,UAAU;AAAA;AAAA,EAErB,QAAQ;AAAA,IACN,QAAQ,aAAa,YAAY;AAAA,IACjC,YAAY,aAAa,gBAAgB;AAAA,IACzC,UAAU;AAAA,MACR,MAAM,aAAa,mBAAmB;AAAA,IACxC;AAAA,EACF;AAAA;AAAA,EAEA,OAAO;AAAA,IACL,YAAY,aAAa,kBAAkB;AAAA,IAC3C,OAAO,aAAa,aAAa;AAAA,IACjC,SAAS,aAAa,eAAe;AAAA,EACvC;AAAA;AAAA,EAEA,UAAU;AAAA,IACR,YAAY,aAAa,kBAAkB;AAAA,IAC3C,SAAS,aAAa,eAAe;AAAA,EACvC;AACF;;;AC3DA,IAAM,SAAS,QAAQ,OAAO,SAAS;AAZvC;AAmCA,IAAM,SACJ,OAAO,YAAY,gBACf,wCAAS,QAAT,mBAAc,wBAAuB,KACrC;AACN,IAAM,sBAAsB,CAAC,OAAO,WAAW,kBAAkB;AAK1D,IAAM,oBAA8D;AAAA,EACzE,aAAa;AAAA,EACb,aAAa;AAAA,EACb,cAAc;AAAA,EACd,WAAW;AAAA,EACX,UAAU;AAAA,EACV,SAAS,CAAC,IAAI;AAAA,EACd,SAAS,CAAC;AAAA,EACV,SAAS;AAAA,IACP,QAAQ;AAAA,MACN,0BAAqB,GAAG;AAAA,QACtB,QAAQ;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,MACR;AAAA,MACA,kCAAyB,GAAG;AAAA,QAC1B,QAAQ;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,MACR;AAAA,MACA,oCAA0B,GAAG;AAAA,QAC3B,QAAQ;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,MACR;AAAA,MACA,kCAAyB,GAAG;AAAA,QAC1B,QAAQ;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,MACR;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,UAAU;AAAA,MACV,MAAM;AAAA,MACN,QAAQ,KAAK;AAAA;AAAA,IACf;AAAA,EACF;AACF;AAmBO,IAAM,oBAAoB,CAC/B,SAAqB,CAAC,MAC4B;AA5GpD,MAAAA,KAAA;AA6GE,SAAO,MAAM,4BAA4B,KAAK,UAAU,QAAQ,MAAM,CAAC,CAAC;AAExE,QAAM,gBAAgB,iBAAiB;AAAA,IACrC,UAAU,QAAQ,IAAI;AAAA,IACtB,aAAa,QAAQ,IAAI;AAAA,IACzB,aAAa,QAAQ,IAAI;AAAA,IACzB,cAAc,QAAQ,IAAI;AAAA,IAC1B,UAAU,QAAQ,IAAI;AAAA,IACtB,QAAQ,QAAQ,IAAI;AAAA,IACpB,WAAW,QAAQ,IAAI;AAAA,IACvB,UAASA,MAAA,QAAQ,IAAI,yBAAZ,gBAAAA,IAAkC,MAAM;AAAA,IACjD,UAAS,aAAQ,IAAI,yBAAZ,mBAAkC,MAAM;AAAA,IACjD,SAAS,QAAQ,IAAI,4BACjB,KAAK,MAAM,QAAQ,IAAI,yBAAyB,IAChD;AAAA,EACN,CAAC;AACD,QAAM,eAAe,+DAChB,oBACA,gBACA,SAHgB;AAAA;AAAA,IAInB,SAAS;AAAA,MACP,QAAQ,iDACH,kBAAkB,QAAQ,WACzB,oDAAe,YAAf,mBAAwB,WAAU,CAAC,MACnC,YAAO,YAAP,mBAAgB,WAAU,CAAC;AAAA,MAEjC,MAAM,iDACD,kBAAkB,QAAQ,SACzB,oDAAe,YAAf,mBAAwB,SAAQ,CAAC,MACjC,YAAO,YAAP,mBAAgB,SAAQ,CAAC;AAAA,IAEjC;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA,KAAK,UAAU,eAAe,MAAM,CAAC;AAAA,EACvC;AACA,SAAO,MAAM,oBAAoB,KAAK,UAAU,cAAc,MAAM,CAAC,CAAC;AACtE,MAAI,aAAa,aAAa,QAAW;AACvC,UAAM,IAAI,MAAM,kCAAkC;AAAA,EACpD;AACA,SAAO;AACT;AAyBO,IAAM,wBAAwB,CACnC,UACA,aAAyB,CAAC,MACvB;AACH,SAAO,CAAC,eAA4B;AAClC,WAAO;AAAA,MACL;AAAA,MACA,KAAK,UAAU,YAAY,MAAM,CAAC;AAAA,IACpC;AACA,UAAM,iBAAiB,kBAAkB,iCAAK,aAAL,EAAiB,SAAS,EAAC;AACpE,WAAO,iCACF,aADE;AAAA,MAEL,KAAK,iCACA,yCAAY,MADZ;AAAA;AAAA,QAGH,uBAAuB;AAAA,QACvB,qBAAqB,eAAe;AAAA,QACpC,0BAA0B,eAAe;AAAA,QACzC,2BAA2B,eAAe;AAAA,QAC1C,uBAAuB,eAAe;AAAA,QACtC,wBAAwB,eAAe;AAAA,QACvC,qBAAqB,eAAe;AAAA,QACpC,sBAAsB,eAAe,QAAQ,KAAK,GAAG;AAAA,QACrD,sBAAsB,eAAe,QAAQ,KAAK,GAAG;AAAA,QACrD,2BAA2B,KAAK,UAAU,eAAe,OAAO;AAAA,MAClE;AAAA,IACF;AAAA,EACF;AACF;","names":["_a"]}