@civic/auth 0.0.1-beta.24 → 0.0.1-beta.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (172) hide show
  1. package/dist/AuthProvider-BBetpl_s.d.mts +21 -0
  2. package/dist/AuthProvider-BYZ8w92b.d.mts +15 -0
  3. package/dist/AuthProvider-BgOwv9h8.d.ts +15 -0
  4. package/dist/AuthProvider-D_kReUi0.d.ts +21 -0
  5. package/dist/{index-DTimUlkB.d.ts → UserProvider-BA2uflVB.d.ts} +1 -2
  6. package/dist/{index-DvjkKpkk.d.mts → UserProvider-Bl3j1PUO.d.mts} +1 -2
  7. package/dist/chunk-2OZJONNO.js.map +1 -1
  8. package/dist/chunk-2TDB4XWE.js +277 -0
  9. package/dist/chunk-2TDB4XWE.js.map +1 -0
  10. package/dist/chunk-2ZUCE3XM.mjs +705 -0
  11. package/dist/chunk-2ZUCE3XM.mjs.map +1 -0
  12. package/dist/{chunk-A43GY6C3.mjs → chunk-4KSQPSLG.mjs} +7 -12
  13. package/dist/chunk-4KSQPSLG.mjs.map +1 -0
  14. package/dist/chunk-55ELY65Q.mjs +706 -0
  15. package/dist/chunk-55ELY65Q.mjs.map +1 -0
  16. package/dist/chunk-5UQQYXCX.js.map +1 -1
  17. package/dist/chunk-63YGK3A7.mjs +223 -0
  18. package/dist/chunk-63YGK3A7.mjs.map +1 -0
  19. package/dist/chunk-6RFRDWIP.js.map +1 -1
  20. package/dist/{chunk-74J7HX36.mjs → chunk-6UFAMFB3.mjs} +5 -5
  21. package/dist/chunk-6UFAMFB3.mjs.map +1 -0
  22. package/dist/chunk-75242WAX.js +711 -0
  23. package/dist/chunk-75242WAX.js.map +1 -0
  24. package/dist/chunk-7K3QN2AT.js.map +1 -1
  25. package/dist/chunk-ADCTONP6.js +709 -0
  26. package/dist/chunk-ADCTONP6.js.map +1 -0
  27. package/dist/{chunk-RF23Q4V6.js → chunk-AM2Y662I.js} +117 -224
  28. package/dist/chunk-AM2Y662I.js.map +1 -0
  29. package/dist/chunk-B3L76DWC.mjs +705 -0
  30. package/dist/chunk-B3L76DWC.mjs.map +1 -0
  31. package/dist/{chunk-WXSUVTI4.mjs → chunk-BCXJ4LWQ.mjs} +3 -2
  32. package/dist/chunk-BCXJ4LWQ.mjs.map +1 -0
  33. package/dist/chunk-BFJSBJHA.js +709 -0
  34. package/dist/chunk-BFJSBJHA.js.map +1 -0
  35. package/dist/chunk-BLLLGPVG.mjs +277 -0
  36. package/dist/chunk-BLLLGPVG.mjs.map +1 -0
  37. package/dist/{chunk-COWYPS3A.js → chunk-CJCLQQS5.js} +3 -2
  38. package/dist/chunk-CJCLQQS5.js.map +1 -0
  39. package/dist/chunk-CMMHRIMG.js +705 -0
  40. package/dist/chunk-CMMHRIMG.js.map +1 -0
  41. package/dist/chunk-CRTRMMJ7.js.map +1 -1
  42. package/dist/chunk-CTVJJBBA.js.map +1 -1
  43. package/dist/chunk-D53PLWCK.js +703 -0
  44. package/dist/chunk-D53PLWCK.js.map +1 -0
  45. package/dist/chunk-EKLYHP2D.mjs +711 -0
  46. package/dist/chunk-EKLYHP2D.mjs.map +1 -0
  47. package/dist/{chunk-XNSHSKGI.js → chunk-FHRZSX3C.js} +2 -2
  48. package/dist/chunk-FHRZSX3C.js.map +1 -0
  49. package/dist/{chunk-5XL2ST72.mjs → chunk-G7PH56KW.mjs} +77 -29
  50. package/dist/chunk-G7PH56KW.mjs.map +1 -0
  51. package/dist/chunk-GB3H3I47.js +711 -0
  52. package/dist/chunk-GB3H3I47.js.map +1 -0
  53. package/dist/chunk-GFP6OLRQ.js +709 -0
  54. package/dist/chunk-GFP6OLRQ.js.map +1 -0
  55. package/dist/chunk-HMPKCLIJ.mjs +709 -0
  56. package/dist/chunk-HMPKCLIJ.mjs.map +1 -0
  57. package/dist/chunk-IENACY5A.js +116 -0
  58. package/dist/chunk-IENACY5A.js.map +1 -0
  59. package/dist/chunk-J5KMPZIV.mjs +708 -0
  60. package/dist/chunk-J5KMPZIV.mjs.map +1 -0
  61. package/dist/chunk-J7FWSTAL.js +711 -0
  62. package/dist/chunk-J7FWSTAL.js.map +1 -0
  63. package/dist/chunk-JDZPCA3P.js.map +1 -1
  64. package/dist/chunk-JEOPLLWO.js +223 -0
  65. package/dist/chunk-JEOPLLWO.js.map +1 -0
  66. package/dist/chunk-JTQHIECR.mjs +709 -0
  67. package/dist/chunk-JTQHIECR.mjs.map +1 -0
  68. package/dist/chunk-KBHDXIAM.js +711 -0
  69. package/dist/chunk-KBHDXIAM.js.map +1 -0
  70. package/dist/chunk-KSOWEBHG.js +720 -0
  71. package/dist/chunk-KSOWEBHG.js.map +1 -0
  72. package/dist/chunk-LPW3B7PM.js +712 -0
  73. package/dist/chunk-LPW3B7PM.js.map +1 -0
  74. package/dist/chunk-M7QA57W3.mjs +711 -0
  75. package/dist/chunk-M7QA57W3.mjs.map +1 -0
  76. package/dist/{chunk-3YV5NEM4.js → chunk-MXAJ6OFR.js} +7 -12
  77. package/dist/chunk-MXAJ6OFR.js.map +1 -0
  78. package/dist/{chunk-AMCR45Y5.mjs → chunk-NLRREFOX.mjs} +2 -2
  79. package/dist/chunk-NLRREFOX.mjs.map +1 -0
  80. package/dist/chunk-NRDG7CC4.js +706 -0
  81. package/dist/chunk-NRDG7CC4.js.map +1 -0
  82. package/dist/{chunk-JCLIMTK5.js → chunk-NSAO2ERW.js} +5 -9
  83. package/dist/chunk-NSAO2ERW.js.map +1 -0
  84. package/dist/chunk-NXGNAFNY.js +708 -0
  85. package/dist/chunk-NXGNAFNY.js.map +1 -0
  86. package/dist/chunk-OXXUQ36U.mjs +283 -0
  87. package/dist/chunk-OXXUQ36U.mjs.map +1 -0
  88. package/dist/chunk-PKBT2ALA.mjs +703 -0
  89. package/dist/chunk-PKBT2ALA.mjs.map +1 -0
  90. package/dist/chunk-PS5WST7W.mjs +711 -0
  91. package/dist/chunk-PS5WST7W.mjs.map +1 -0
  92. package/dist/{chunk-G3P5TIO2.mjs → chunk-Q7DSPTUG.mjs} +126 -233
  93. package/dist/chunk-Q7DSPTUG.mjs.map +1 -0
  94. package/dist/chunk-RCFPLIWS.js.map +1 -1
  95. package/dist/chunk-RIHMMI3P.mjs +116 -0
  96. package/dist/chunk-RIHMMI3P.mjs.map +1 -0
  97. package/dist/chunk-RMN6R4VP.mjs +708 -0
  98. package/dist/chunk-RMN6R4VP.mjs.map +1 -0
  99. package/dist/{chunk-QHE3SPKQ.js → chunk-SJ6NSD2E.js} +3 -6
  100. package/dist/chunk-SJ6NSD2E.js.map +1 -0
  101. package/dist/chunk-SN7YDQQH.js.map +1 -1
  102. package/dist/chunk-SYJZGEFV.mjs +709 -0
  103. package/dist/chunk-SYJZGEFV.mjs.map +1 -0
  104. package/dist/chunk-TH6FI2XI.js +283 -0
  105. package/dist/chunk-TH6FI2XI.js.map +1 -0
  106. package/dist/{chunk-6RJHOVY6.mjs → chunk-UBO6RIOZ.mjs} +3 -6
  107. package/dist/chunk-UBO6RIOZ.mjs.map +1 -0
  108. package/dist/chunk-UGDZ4VB3.js +705 -0
  109. package/dist/chunk-UGDZ4VB3.js.map +1 -0
  110. package/dist/{chunk-NTJWPNOZ.mjs → chunk-UVRXIVK3.mjs} +2 -4
  111. package/dist/chunk-UVRXIVK3.mjs.map +1 -0
  112. package/dist/chunk-WC2OMEHO.mjs +711 -0
  113. package/dist/chunk-WC2OMEHO.mjs.map +1 -0
  114. package/dist/chunk-WQNOMTSD.mjs +720 -0
  115. package/dist/chunk-WQNOMTSD.mjs.map +1 -0
  116. package/dist/chunk-WVG3PNQ6.js +708 -0
  117. package/dist/chunk-WVG3PNQ6.js.map +1 -0
  118. package/dist/chunk-WYA7Q4IM.mjs +708 -0
  119. package/dist/chunk-WYA7Q4IM.mjs.map +1 -0
  120. package/dist/{chunk-SEKF2WZX.js → chunk-X7YY6SHZ.js} +80 -32
  121. package/dist/chunk-X7YY6SHZ.js.map +1 -0
  122. package/dist/{chunk-ELO3M4DA.js → chunk-ZXNMEKUE.js} +2 -4
  123. package/dist/chunk-ZXNMEKUE.js.map +1 -0
  124. package/dist/index.d.mts +3 -3
  125. package/dist/index.d.ts +3 -3
  126. package/dist/index.js.map +1 -1
  127. package/dist/nextjs/client.d.mts +3 -5
  128. package/dist/nextjs/client.d.ts +3 -5
  129. package/dist/nextjs/client.js +14 -16
  130. package/dist/nextjs/client.js.map +1 -1
  131. package/dist/nextjs/client.mjs +10 -12
  132. package/dist/nextjs/client.mjs.map +1 -1
  133. package/dist/nextjs.d.mts +3 -5
  134. package/dist/nextjs.d.ts +3 -5
  135. package/dist/nextjs.js +63 -55
  136. package/dist/nextjs.js.map +1 -1
  137. package/dist/nextjs.mjs +40 -32
  138. package/dist/nextjs.mjs.map +1 -1
  139. package/dist/react.d.mts +5 -9
  140. package/dist/react.d.ts +5 -9
  141. package/dist/react.js +11 -23
  142. package/dist/react.js.map +1 -1
  143. package/dist/react.mjs +2 -14
  144. package/dist/react.mjs.map +1 -1
  145. package/dist/server.d.mts +2 -2
  146. package/dist/server.d.ts +2 -2
  147. package/dist/server.js +3 -3
  148. package/dist/server.js.map +1 -1
  149. package/dist/server.mjs +2 -2
  150. package/dist/storage-ANmRwpZ3.d.ts +25 -0
  151. package/dist/storage-BJyqsZwC.d.mts +25 -0
  152. package/dist/types-BxAubCqO.d.mts +58 -0
  153. package/dist/types-BxAubCqO.d.ts +58 -0
  154. package/dist/{types-b4c1koXj.d.mts → types-DOfl9w7j.d.mts} +6 -2
  155. package/dist/{types-b4c1koXj.d.ts → types-DOfl9w7j.d.ts} +6 -2
  156. package/package.json +14 -14
  157. package/dist/chunk-3YV5NEM4.js.map +0 -1
  158. package/dist/chunk-5XL2ST72.mjs.map +0 -1
  159. package/dist/chunk-6RJHOVY6.mjs.map +0 -1
  160. package/dist/chunk-74J7HX36.mjs.map +0 -1
  161. package/dist/chunk-A43GY6C3.mjs.map +0 -1
  162. package/dist/chunk-AMCR45Y5.mjs.map +0 -1
  163. package/dist/chunk-COWYPS3A.js.map +0 -1
  164. package/dist/chunk-ELO3M4DA.js.map +0 -1
  165. package/dist/chunk-G3P5TIO2.mjs.map +0 -1
  166. package/dist/chunk-JCLIMTK5.js.map +0 -1
  167. package/dist/chunk-NTJWPNOZ.mjs.map +0 -1
  168. package/dist/chunk-QHE3SPKQ.js.map +0 -1
  169. package/dist/chunk-RF23Q4V6.js.map +0 -1
  170. package/dist/chunk-SEKF2WZX.js.map +0 -1
  171. package/dist/chunk-WXSUVTI4.mjs.map +0 -1
  172. package/dist/chunk-XNSHSKGI.js.map +0 -1
package/dist/chunk-ADCTONP6.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/lucas/dev/civic/civic-auth/packages/civic-auth-client/dist/chunk-ADCTONP6.js","../src/shared/hooks/useAuth.tsx","../src/shared/AuthContext.tsx","../src/shared/hooks/useSession.tsx","../src/shared/providers/SessionProvider.tsx","../src/shared/hooks/useToken.tsx","../src/shared/providers/TokenProvider.tsx","../src/shared/hooks/useConfig.tsx","../src/config.ts","../src/shared/providers/ConfigProvider.tsx","../src/shared/hooks/useIframe.tsx","../src/shared/providers/IframeProvider.tsx","../src/shared/components/CivicAuthIframeContainer.tsx","../src/shared/components/LoadingIcon.tsx","../src/shared/components/CloseIcon.tsx","../src/shared/components/CivicAuthIframe.tsx","../src/shared/UserProvider.tsx","../src/shared/AuthProvider.tsx"],"names":["createContext","useContext","jsx","jsxs","_a","useEffect","useMemo","useRef","useState","useQuery","error"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACA;AACA;AACF,sDAA4B;AAC5B;AACA;ACrBA,8BAA2B;ADuB3B;AACA;AEzBA;AAUO,IAAM,YAAA,EAAc,kCAAA,IAA0C,CAAA;AFkBrE;AACA;ACxBA,IAAM,QAAA,EAAU,CAAA,EAAA,GAAM;AACpB,EAAA,MAAM,QAAA,EAAU,+BAAA,WAAsB,CAAA;AAEtC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,6CAA6C,CAAA;AAAA,EAC/D;AAEA,EAAA,OAAO,OAAA;AACT,CAAA;ADwBA;AACA;AGrCA;AHuCA;AACA;AIvCA;AAmBE,+CAAA;AAhBF,IAAM,eAAA,EAAwC;AAAA,EAC5C,aAAA,EAAe,KAAA;AAAA,EACf,OAAA,EAAS,KAAA,CAAA;AAAA,EACT,WAAA,EAAa,KAAA,CAAA;AAAA,EACb,WAAA,EAAa;AACf,CAAA;AAGA,IAAM,eAAA,EAAiBA,kCAAAA,cAAmD,CAAA;AAO1E,IAAM,gBAAA,EAAkB,CAAC,EAAE,QAAA,EAAU,QAAQ,CAAA,EAAA,mBAC3C,6BAAA,cAAC,CAAe,QAAA,EAAf,EAAwB,KAAA,EAAO,6CAAA,6CAAA,CAAA,CAAA,EAAK,cAAA,CAAA,EAAoB,QAAA,GAAW,CAAC,CAAA,CAAA,EAClE,SAAA,CACH,CAAA;AJ6BF;AACA;AGhDA,IAAM,WAAA,EAAa,CAAA,EAAA,GAAM;AACvB,EAAA,MAAM,QAAA,EAAUC,+BAAAA,cAAyB,CAAA;AACzC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,mDAAmD,CAAA;AAAA,EACrE;AACA,EAAA,OAAO,OAAA;AACT,CAAA;AHkDA;AACA;AK7DA;AL+DA;AACA;AMhEA;AACA,mDAA4C;AAI5C,+BAAyB;AAiErB;AArDJ,IAAM,aAAA,EAAeD,kCAAAA,KAA4C,CAAS,CAAA;AAE1E,IAAM,cAAA,EAAgB,CAAC,EAAE,SAAS,CAAA,EAAA,GAA+B;AAC/D,EAAA,MAAM,EAAE,SAAA,EAAW,KAAA,EAAO,UAAU,EAAA,EAAI,OAAA,CAAQ,CAAA;AAChD,EAAA,MAAM,QAAA,EAAU,UAAA,CAAW,CAAA;AAC3B,EAAA,MAAM,YAAA,EAAc,wCAAA,CAAe;AAEnC,EAAA,MAAM,qBAAA,EAAuB,qCAAA;AAAY,IACvC,UAAA,EAAY,CAAA,EAAA,GAAY,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAEtB,MAAA,MAAM,IAAI,KAAA,CAAM,yBAAyB,CAAA;AAAA,IAC3C,CAAA,CAAA;AAAA,IACA,SAAA,EAAW,CAAA,EAAA,GAAM;AAEf,MAAA,WAAA,CAAY,iBAAA,CAAkB,EAAE,QAAA,EAAU,CAAC,SAAS,EAAE,CAAC,CAAA;AAAA,IACzD;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,aAAA,EAAe,4BAAA,CAAQ,EAAA,GAAM;AACjC,IAAA,GAAA,CAAI,CAAA,CAAC,QAAA,GAAA,KAAA,EAAA,KAAA,EAAA,EAAA,OAAA,CAAS,OAAA,CAAA,EAAS,OAAO,IAAA;AAE9B,IAAA,MAAM,UAAA,EAAY,2BAAA,OAAS,CAAQ,OAAO,CAAA;AAE1C,IAAA,GAAA,CAAI,CAAC,SAAA,EAAW,OAAO,IAAA;AAEvB,IAAA,MAAM,EAAE,gBAAgB,EAAA,EAAI,SAAA,CAAU,OAAA;AAEtC,IAAA,OAAO,gBAAA,EACH,0DAAA,eAA2C,EAAA,EAC3C,IAAA;AAAA,EACN,CAAA,EAAG,CAAC,QAAA,GAAA,KAAA,EAAA,KAAA,EAAA,EAAA,OAAA,CAAS,OAAO,CAAC,CAAA;AAErB,EAAA,MAAM,MAAA,EAAQ,4BAAA;AAAA,IACZ,CAAA,EAAA,GAAA,CAAO;AAAA,MACL,WAAA,EAAa,OAAA,CAAQ,YAAA,GAAe,IAAA;AAAA,MACpC,OAAA,EAAS,OAAA,CAAQ,QAAA,GAAW,IAAA;AAAA,MAC5B,eAAA,EAAiB,aAAA,GAAgB,CAAC,CAAA;AAAA,MAClC,YAAA,EAAc,oBAAA,CAAqB,WAAA;AAAA,MACnC,SAAA;AAAA,MACA,KAAA,EAAQ,UAAA,GAAa,oBAAA,CAAqB;AAAA,IAC5C,CAAA,CAAA;AAAA,IACA;AAAA,MACE,OAAA,CAAQ,WAAA;AAAA,MACR,OAAA,CAAQ,OAAA;AAAA,MACR,YAAA;AAAA,MACA,oBAAA,CAAqB,WAAA;AAAA,MACrB,oBAAA,CAAqB,KAAA;AAAA,MACrB,SAAA;AAAA,MACA;AAAA,IACF;AAAA,EACF,CAAA;AAEA,EAAA,uBACEE,6BAAAA,YAAC,CAAa,QAAA,EAAb,EAAsB,KAAA,EAAe,SAAA,CAAS,CAAA;AAEnD,CAAA;ANsCA;AACA;AK5GA,IAAM,SAAA,EAAW,CAAA,EAAA,GAAM;AACrB,EAAA,MAAM,QAAA,EAAUD,+BAAAA,YAAuB,CAAA;AAEvC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,8CAA8C,CAAA;AAAA,EAChE;AAEA,EAAA,OAAO,OAAA;AACT,CAAA;AL4GA;AACA;AOxHA;AP0HA;AACA;AQzHO,IAAM,WAAA,EAAqB;AAAA,EAChC,WAAA,EAAa;AACf,CAAA;AR2HA;AACA;AS9HA;AAgCE;AAxBF,IAAM,cAAA,EAAsC;AAAA,EAC1C,MAAA,EAAQ,UAAA;AAAA,EACR,WAAA,EAAa,EAAA;AAAA,EACb,WAAA,EAAa,IAAA;AAAA,EACb,mBAAA,EAAqB;AACvB,CAAA;AAEA,IAAM,cAAA,EAAgBD,kCAAAA,aAAiD,CAAA;AAUvE,IAAM,eAAA,EAAiB,CAAC;AAAA,EACtB,QAAA;AAAA,EACA,MAAA;AAAA,EACA,WAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA,EAAA,mBACEE,6BAAAA;AAAA,EAAC,aAAA,CAAc,QAAA;AAAA,EAAd;AAAA,IACC,KAAA,EAAO;AAAA,MACL,MAAA;AAAA,MACA,WAAA;AAAA,MACA,WAAA,EAAa,CAAC,CAAC,WAAA;AAAA,MACf;AAAA,IACF,CAAA;AAAA,IAEC;AAAA,EAAA;AACH,CAAA;ATiHF;AACA;AOzJA,IAAM,UAAA,EAAY,CAAA,EAAA,GAAM;AACtB,EAAA,MAAM,QAAA,EAAUD,+BAAAA,aAAwB,CAAA;AACxC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT,CAAA;AP2JA;AACA;AUtKA;AVwKA;AACA;AWzKA;AACE;AAAA;AA8BA;AAnBF,IAAM,cAAA,EAAsC;AAAA,EAC1C,SAAA,EAAW,IAAA;AAAA,EACX,kBAAA,EAAoB,CAAA,EAAA,GAAM;AAAA,EAAC;AAC7B,CAAA;AAGA,IAAM,cAAA,EAAgBD,kCAAAA,aAAiD,CAAA;AAQvE,IAAM,eAAA,EAAiB,CAAC;AAAA,EACtB,QAAA;AAAA,EACA,SAAA;AAAA,EACA;AACF,CAAA,EAAA,mBACEE,6BAAAA,aAAC,CAAc,QAAA,EAAd,EAAuB,KAAA,EAAO,EAAE,SAAA,EAAW,mBAAmB,CAAA,EAC5D,SAAA,CACH,CAAA;AXwJF;AACA;AUtLA,IAAM,UAAA,EAAY,CAAA,EAAA,GAAM;AACtB,EAAA,MAAM,QAAA,EAAUD,+BAAAA,aAAwB,CAAA;AACxC,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,KAAA,CAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT,CAAA;AVwLA;AACA;AYnMA;AZqMA;AACA;AarMI;AAFJ,IAAM,YAAA,EAAc,CAAA,EAAA,mBAClB,8BAAA,KAAC,EAAA,EAAI,IAAA,EAAK,QAAA,EACR,QAAA,EAAA;AAAA,kBAAA,8BAAA;AAAA,IAAC,KAAA;AAAA,IAAA;AAAA,MACC,aAAA,EAAY,MAAA;AAAA,MACZ,SAAA,EAAU,2IAAA;AAAA,MACV,OAAA,EAAQ,aAAA;AAAA,MACR,IAAA,EAAK,MAAA;AAAA,MACL,KAAA,EAAM,4BAAA;AAAA,MAEN,QAAA,EAAA;AAAA,wBAAAC,6BAAAA;AAAA,UAAC,MAAA;AAAA,UAAA;AAAA,YACC,CAAA,EAAE,8WAAA;AAAA,YACF,IAAA,EAAK;AAAA,UAAA;AAAA,QACP,CAAA;AAAA,wBACAA,6BAAAA;AAAA,UAAC,MAAA;AAAA,UAAA;AAAA,YACC,CAAA,EAAE,+kBAAA;AAAA,YACF,IAAA,EAAK;AAAA,UAAA;AAAA,QACP;AAAA,MAAA;AAAA,IAAA;AAAA,EACF,CAAA;AAAA,kBACAA,6BAAAA,MAAC,EAAA,EAAK,SAAA,EAAU,aAAA,EAAc,QAAA,EAAA,aAAA,CAAU;AAAA,EAAA,CAC1C,CAAA;AbmNF;AACA;ActOE;AADF,IAAM,UAAA,EAAY,CAAA,EAAA,mBAChBC,8BAAAA;AAAA,EAAC,KAAA;AAAA,EAAA;AAAA,IACC,KAAA,EAAM,4BAAA;AAAA,IACN,KAAA,EAAM,IAAA;AAAA,IACN,MAAA,EAAO,IAAA;AAAA,IACP,OAAA,EAAQ,WAAA;AAAA,IACR,IAAA,EAAK,MAAA;AAAA,IACL,MAAA,EAAO,cAAA;AAAA,IACP,WAAA,EAAY,GAAA;AAAA,IACZ,aAAA,EAAc,OAAA;AAAA,IACd,cAAA,EAAe,OAAA;AAAA,IACf,SAAA,EAAU,iBAAA;AAAA,IAEV,QAAA,EAAA;AAAA,sBAAAD,6BAAAA,MAAC,EAAA,EAAK,CAAA,EAAE,aAAA,CAAa,CAAA;AAAA,sBACrBA,6BAAAA,MAAC,EAAA,EAAK,CAAA,EAAE,aAAA,CAAa;AAAA,IAAA;AAAA,EAAA;AACvB,CAAA;Ad6OF;AACA;Ae3PA;AASM;AAHN,IAAM,gBAAA,EAAkB,+BAAA;AAAA,EACtB,CAAC,EAAE,OAAO,CAAA,EAAG,GAAA,EAAA,GAAQ;AACnB,IAAA,uBACEA,6BAAAA;AAAA,MAAC,QAAA;AAAA,MAAA;AAAA,QACC,EAAA,EAAI,0BAAA;AAAA,QACJ,GAAA;AAAA,QACA,SAAA,EAAU,0CAAA;AAAA,QACV;AAAA,MAAA;AAAA,IACF,CAAA;AAAA,EAEJ;AACF,CAAA;AAEA,eAAA,CAAgB,YAAA,EAAc,iBAAA;AfyP9B;AACA;AY3PS;AANT,SAAS,QAAA,CAAS;AAAA,EAChB;AACF,CAAA,EAGG;AACD,EAAA,uBAAOA,6BAAAA,KAAC,EAAA,EAAI,SAAA,EAAU,cAAA,EAAgB,SAAA,CAAS,CAAA;AACjD;AAEA,SAAS,YAAA,CAAa;AAAA,EACpB,QAAA;AAAA,EACA;AACF,CAAA,EAGG;AACD,EAAA,uBACEA,6BAAAA;AAAA,IAAC,KAAA;AAAA,IAAA;AAAA,MACC,SAAA,EAAU,qKAAA;AAAA,MACV,OAAA,EAAS,OAAA;AAAA,MAET,QAAA,kBAAAC,8BAAAA;AAAA,QAAC,KAAA;AAAA,QAAA;AAAA,UACC,SAAA,EAAU,gGAAA;AAAA,UACV,OAAA,EAAS,CAAC,CAAA,EAAA,GAAM,CAAA,CAAE,eAAA,CAAgB,CAAA;AAAA,UAElC,QAAA,EAAA;AAAA,4BAAAD,6BAAAA;AAAA,cAAC,QAAA;AAAA,cAAA;AAAA,gBACC,SAAA,EAAU,oKAAA;AAAA,gBACV,OAAA,EAAS,OAAA;AAAA,gBAET,QAAA,kBAAAA,6BAAAA,SAAC,EAAA,CAAA,CAAU;AAAA,cAAA;AAAA,YACb,CAAA;AAAA,YAEC;AAAA,UAAA;AAAA,QAAA;AAAA,MACH;AAAA,IAAA;AAAA,EACF,CAAA;AAEJ;AACA,IAAM,yBAAA,EAA2B,CAAC;AAAA,EAChC,OAAA;AAAA,EACA,gBAAA,EAAkB;AACpB,CAAA,EAAA,GAAqC;AAtDrC,EAAA,IAAA,EAAA;AAuDE,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,EAAA,EAAI,6BAAA,IAAa,CAAA;AAC/C,EAAA,MAAM,EAAE,SAAA,EAAW,cAAc,EAAA,EAAI,OAAA,CAAQ,CAAA;AAC7C,EAAA,MAAM,OAAA,EAAS,SAAA,CAAU,CAAA;AACzB,EAAA,MAAM,EAAE,kBAAA,EAAoB,UAAU,EAAA,EAAI,SAAA,CAAU,CAAA;AACpD,EAAA,MAAM,iBAAA,EAAmB,gCAAA,CAAY,EAAA,GAAM;AA3D7C,IAAA,IAAAE,GAAAA,EAAA,EAAA;AA4DI,IAAA,GAAA,CAAI,UAAA,GAAa,SAAA,CAAU,QAAA,GAAW,SAAA,CAAU,OAAA,CAAQ,aAAA,EAAe;AACrE,MAAA,IAAI;AACF,QAAA,MAAM,UAAA,EAAY,SAAA,CAAU,OAAA,CAAQ,aAAA,CAAc,QAAA,CAAS,IAAA;AAE3D,QAAA,GAAA,CAAI,SAAA,CAAU,UAAA,CAAW,MAAA,CAAO,WAAW,CAAA,EAAG;AAE5C,UAAA,YAAA,CAAa,IAAI,CAAA;AACjB,UAAA,MAAM,WAAA,EACJ,SAAA,CAAU,OAAA,CAAQ,aAAA,CAAc,QAAA,CAAS,IAAA,CAAK,SAAA;AAOhD,UAAA,GAAA,CAAI,UAAA,CAAW,QAAA,CAAS,4CAA2B,CAAA,EAAG;AACpD,YAAA,OAAA,CAAQ,GAAA;AAAA,cACN,CAAA,EAAA;AACF,YAAA;AACA,YAAA;AACA,YAAA;AACA,YAAA;AACF,UAAA;AAGE,YAAA;AACF,UAAA;AAEI,UAAA;AACJ,UAAA;AACF,QAAA;AACM,MAAA;AAEN,QAAA;AACF,MAAA;AACF,IAAA;AACO,IAAA;AACN,EAAA;AACD,IAAA;AACO,IAAA;AACP,IAAA;AACA,IAAA;AACA,IAAA;AACD,EAAA;AAEK,EAAA;AAEA,EAAA;AACsB,IAAA;AACpB,MAAA;AACF,QAAA;AACF,MAAA;AACF,IAAA;AACQ,IAAA;AACV,EAAA;AAGU,EAAA;AACD,IAAA;AAEA,IAAA;AACR,EAAA;AAEK,EAAA;AACJ,IAAA;AACQ,IAAA;AACJ,IAAA;AACF,MAAA;AACF,IAAA;AACF,EAAA;AACM,EAAA;AAGA,EAAA;AAGJ,EAAA;AACG,IAAA;AAMD,oBAAA;AACF,EAAA;AAEJ;AZuOe;AACA;AgBzXN;AACA;AA0DL;AA1CE;AAEA;AACJ,EAAA;AACA,EAAA;AACM,EAAA;AACG,EAAA;AAML;AA9BN,EAAA;AA+BU,EAAA;AACF,EAAA;AACE,EAAA;AACA,EAAA;AAEF,EAAA;AACC,IAAA;AACI,MAAA;AACT,IAAA;AACM,IAAA;AACC,IAAA;AACT,EAAA;AAEM,EAAA;AACE,IAAA;AACK,IAAA;AACJ,IAAA;AAC2C,EAAA;AACvC,IAAA;AACF,IAAA;AACC,IAAA;AAAU;AACrB,EAAA;AAEK,EAAA;AACA,EAAA;AAEA,EAAA;AAGJ,EAAA;AAAC,IAAA;AAAA,IAAA;AACQ,MAAA;AACE,QAAA;AACP,QAAA;AACA,QAAA;AACA,QAAA;AACA,QAAA;AACF,MAAA;AAEC,MAAA;AAAA,IAAA;AACH,EAAA;AAEJ;AhBoWe;AACA;AiB5af;AAEE;AACAC;AACAC;AACAC;AACAC;AACK;AACE;AAsDH;AA1BF;AACO;AACT,EAAA;AACS;AACT,EAAA;AACK;AACL,EAAA;AACF;AACA;AAeS;AAEL,EAAA;AAMJ;AAEM;AACJ,EAAA;AACA,EAAA;AACa,EAAA;AACJ,EAAA;AACT,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACa,EAAA;AACU;AAChB,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AAEA,EAAA;AACA,EAAA;AACD,EAAA;AACA,EAAA;AAGA,EAAA;AAGI,EAAA;AACG,IAAA;AACT,MAAA;AACM,MAAA;AACN,MAAA;AACF,IAAA;AACG,EAAA;AAEC,EAAA;AACG,IAAA;AACN,IAAA;AACH,EAAA;AAEO,EAAA;AAEG,EAAA;AACH,IAAA;AACL,IAAA;AACE,MAAA;AACA,MAAA;AACA,MAAA;AACQ,MAAA;AACR,MAAA;AACM,IAAA;AACN,EAAA;AAEE,EAAA;AACE,IAAA;AACN,IAAA;AACA,IAAA;AACEC,EAAAA;AACQ,IAAA;AACR,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AACS,IAAA;AACF,MAAA;AACI,QAAA;AACT,MAAA;AACI,MAAA;AACK,QAAA;AACT,MAAA;AACM,MAAA;AACJ,QAAA;AAGF,MAAA;AAIM,MAAA;AACF,MAAA;AACK,QAAA;AACT,MAAA;AACM,MAAA;AACA,MAAA;AACD,MAAA;AACC,QAAA;AACF,UAAA;AACA,UAAA;AACA,UAAA;AACK,UAAA;AACH,YAAA;AACF,UAAA;AAEA,UAAA;AACA,UAAA;AAEA,UAAA;AACA,UAAA;AACF,QAAA;AACE,UAAA;AACA,UAAA;AACEC,YAAAA;AAA8D,UAAA;AAEhE,UAAA;AACF,QAAA;AACF,MAAA;AAEO,MAAA;AACT,IAAA;AACD,EAAA;AAEK,EAAA;AACJ,IAAA;AAEQ,MAAA;AACN,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AACW,IAAA;AACT,MAAA;AACE,QAAA;AACE,UAAA;AACA,UAAA;AACA,UAAA;AACA,UAAA;AACA,UAAA;AACA,UAAA;AACF,QAAA;AACA,QAAA;AACF,MAAA;AACF,IAAA;AACD,EAAA;AAEK,EAAA;AACH,IAAA;AACO,MAAA;AACD,MAAA;AACI,QAAA;AACT,MAAA;AAEE,MAAA;AAEE,QAAA;AAAA;AACA,QAAA;AACA,QAAA;AACO,QAAA;AACP,QAAA;AACA,QAAA;AACA,QAAA;AAAoB;AAEpB,QAAA;AACA,QAAA;AACD,MAAA;AAEL,IAAA;AACA,IAAA;AACE,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACO,MAAA;AACA,MAAA;AACP,MAAA;AACA,MAAA;AACF,IAAA;AACF,EAAA;AAEM,EAAA;AACG,IAAA;AACL,MAAA;AACM,MAAA;AACN,MAAA;AACI,MAAA;AACF,QAAA;AACF,MAAA;AACE,QAAA;AACF,MAAA;AACA,MAAA;AACE,QAAA;AACE,UAAA;AACA,UAAA;AACD,QAAA;AAEGA,QAAAA;AACF,UAAA;AACF,QAAA;AACF,MAAA;AACF,IAAA;AACC,IAAA;AACH,EAAA;AAGU,EAAA;AACD,IAAA;AACD,MAAA;AACF,QAAA;AACF,MAAA;AACF,IAAA;AACE,EAAA;AAEE,EAAA;AACG,IAAA;AACC,IAAA;AACV,EAAA;AAES,EAAA;AACI,IAAA;AACF,IAAA;AAEJ,MAAA;AAKM,QAAA;AACT,MAAA;AACO,MAAA;AACT,IAAA;AACA,IAAA;AACD,EAAA;AAEK,EAAA;AACG,IAAA;AACL,MAAA;AACA,MAAA;AACS,MAAA;AACD,QAAA;AACR,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AACC,IAAA;AACH,EAAA;AAEE,EAAA;AACG,IAAA;AAAA,IAAA;AACC,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AAEA,MAAA;AAAC,QAAA;AAAA,QAAA;AACC,UAAA;AACA,UAAA;AAEA,UAAA;AAEK,YAAA;AACE,cAAA;AAAA,cAAA;AAAA,gBAAA;AAEyD,gBAAA;AAGxD,kBAAA;AAAC,kBAAA;AAAA,oBAAA;AACmC,kBAAA;AAAA,gBAAA;AACpC,cAAA;AACF,YAAA;AAGD,YAAA;AASC,YAAA;AAEO,cAAA;AACM,cAAA;AACX,YAAA;AAGH,YAAA;AACH,UAAA;AACF,QAAA;AACF,MAAA;AAAA,IAAA;AAEJ,EAAA;AAEJ;AjB+Ue;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/lucas/dev/civic/civic-auth/packages/civic-auth-client/dist/chunk-ADCTONP6.js","sourcesContent":[null,"\"use client\";\nimport { useContext } from \"react\";\n\nimport { AuthContext } from \"@/shared/AuthContext.tsx\";\n\nconst useAuth = () => {\n const context = useContext(AuthContext);\n\n if (!context) {\n throw new Error(\"useAuth must be used within an AuthProvider\");\n }\n\n return context;\n};\n\nexport { useAuth };\n","import { createContext } from \"react\";\nimport { DisplayMode } from \"@/types.ts\";\n\nexport type AuthContextType = {\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n isAuthenticated: boolean;\n isLoading: boolean;\n error: Error | null;\n signOut: () => Promise<void>;\n};\nexport const AuthContext = createContext<AuthContextType | null>(null);\n","\"use client\";\nimport { useContext } from \"react\";\nimport { SessionContext } from \"@/shared/providers/SessionProvider\";\n\n// TokenProvider will use this internal context to access session\nconst useSession = () => {\n const context = useContext(SessionContext);\n if (!context) {\n throw new Error(\"useSession must be used within an SessionProvider\");\n }\n return context;\n};\n\nexport { useSession };\n","\"use client\";\nimport { SessionData } from \"@/types\";\nimport { createContext, ReactNode } from \"react\";\n\nexport type SessionProviderOutput = SessionData;\nconst defaultSession: SessionProviderOutput = {\n authenticated: false,\n idToken: undefined,\n accessToken: undefined,\n displayMode: \"iframe\",\n};\n\n// Context for exposing session specifically to the TokenProvider\nconst SessionContext = createContext<SessionProviderOutput>(defaultSession);\n\ntype SessionContextType = {\n children: ReactNode;\n session?: SessionData | null;\n};\n\nconst SessionProvider = ({ children, session }: SessionContextType) => (\n <SessionContext.Provider value={{ ...defaultSession, ...(session || {}) }}>\n {children}\n </SessionContext.Provider>\n);\n\nexport type { SessionContextType };\nexport { SessionProvider, SessionContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { TokenContext } from \"@/shared/providers/TokenProvider\";\n\nconst useToken = () => {\n const context = useContext(TokenContext);\n\n if (!context) {\n throw new Error(\"useToken must be used within a TokenProvider\");\n }\n\n return context;\n};\n\nexport { useToken };\n","\"use client\";\nimport { createContext, ReactNode, useMemo } from \"react\";\nimport { useMutation, useQueryClient } from \"@tanstack/react-query\";\nimport { useAuth } from \"@/shared/hooks/useAuth\";\nimport { useSession } from \"@/shared/hooks/useSession\";\nimport { ForwardedTokens, IdToken } from \"@/types\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\n\ntype TokenContextType = {\n accessToken: string | null;\n idToken: string | null;\n forwardedTokens: ForwardedTokens;\n refreshToken: () => Promise<void>;\n isLoading: boolean;\n error: Error | null;\n};\n\nconst TokenContext = createContext<TokenContextType | undefined>(undefined);\n\nconst TokenProvider = ({ children }: { children: ReactNode }) => {\n const { isLoading, error: authError } = useAuth();\n const session = useSession();\n const queryClient = useQueryClient();\n\n const refreshTokenMutation = useMutation({\n mutationFn: async () => {\n // Implement token refresh logic here\n throw new Error(\"Method not implemented.\");\n },\n onSuccess: () => {\n // Invalidate and refetch queries that depend on the auth session\n queryClient.invalidateQueries({ queryKey: [\"session\"] });\n },\n });\n\n const decodeTokens = useMemo(() => {\n if (!session?.idToken) return null;\n\n const parsedJWT = parseJWT(session.idToken) as IdToken | null;\n\n if (!parsedJWT) return null;\n\n const { forwardedTokens } = parsedJWT.payload;\n\n return forwardedTokens\n ? convertForwardedTokenFormat(forwardedTokens)\n : null;\n }, [session?.idToken]);\n\n const value = useMemo(\n () => ({\n accessToken: session.accessToken || null,\n idToken: session.idToken || null,\n forwardedTokens: decodeTokens || {},\n refreshToken: refreshTokenMutation.mutateAsync,\n isLoading,\n error: (authError || refreshTokenMutation.error) as Error | null,\n }),\n [\n session.accessToken,\n session.idToken,\n decodeTokens,\n refreshTokenMutation.mutateAsync,\n refreshTokenMutation.error,\n isLoading,\n authError,\n ],\n );\n\n return (\n <TokenContext.Provider value={value}>{children}</TokenContext.Provider>\n );\n};\n\nexport type { TokenContextType };\nexport { TokenProvider, TokenContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { ConfigContext } from \"@/shared/providers/ConfigProvider\";\n\n// TokenProvider will use this internal context to access Config\nconst useConfig = () => {\n const context = useContext(ConfigContext);\n if (!context) {\n throw new Error(\"useConfig must be used within an ConfigProvider\");\n }\n return context;\n};\n\nexport { useConfig };\n","import { Config } from \"@/types\";\nimport { DEFAULT_AUTH_SERVER } from \"./constants\";\n\nexport const authConfig: Config = {\n oauthServer: DEFAULT_AUTH_SERVER,\n};\n","\"use client\";\nimport { authConfig } from \"@/config\";\nimport { Config } from \"@/types\";\nimport { createContext, ReactNode } from \"react\";\n\nexport type ConfigProviderOutput = {\n config: Config;\n redirectUrl: string;\n modalIframe: boolean;\n serverTokenExchange: boolean;\n};\nconst defaultConfig: ConfigProviderOutput = {\n config: authConfig,\n redirectUrl: \"\",\n modalIframe: true,\n serverTokenExchange: false,\n};\n// Context for exposing Config specifically to the TokenProvider\nconst ConfigContext = createContext<ConfigProviderOutput>(defaultConfig);\n\ntype ConfigContextType = {\n children: ReactNode;\n config: Config;\n redirectUrl: string;\n modalIframe?: boolean;\n serverTokenExchange: boolean;\n};\n\nconst ConfigProvider = ({\n children,\n config,\n redirectUrl,\n modalIframe,\n serverTokenExchange,\n}: ConfigContextType) => (\n <ConfigContext.Provider\n value={{\n config,\n redirectUrl,\n modalIframe: !!modalIframe,\n serverTokenExchange,\n }}\n >\n {children}\n </ConfigContext.Provider>\n);\n\nexport type { ConfigContextType };\nexport { ConfigProvider, ConfigContext };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { IframeContext } from \"@/shared/providers/IframeProvider\";\n\n// TokenProvider will use this internal context to access Iframe\nconst useIframe = () => {\n const context = useContext(IframeContext);\n if (!context) {\n throw new Error(\"useIframe must be used within an IframeProvider\");\n }\n return context;\n};\n\nexport { useIframe };\n","\"use client\";\nimport {\n createContext,\n Dispatch,\n ReactNode,\n RefObject,\n SetStateAction,\n} from \"react\";\n\nexport type IframeProviderOutput = {\n iframeRef: RefObject<HTMLIFrameElement> | null;\n setAuthResponseUrl: Dispatch<SetStateAction<string | null>>;\n};\nconst defaultIframe: IframeProviderOutput = {\n iframeRef: null,\n setAuthResponseUrl: () => {},\n};\n\n// Context for exposing Iframe specifically to the TokenProvider\nconst IframeContext = createContext<IframeProviderOutput>(defaultIframe);\n\ntype IframeContextType = {\n children: ReactNode;\n iframeRef: RefObject<HTMLIFrameElement> | null;\n setAuthResponseUrl: Dispatch<SetStateAction<string | null>>;\n};\n\nconst IframeProvider = ({\n children,\n iframeRef,\n setAuthResponseUrl,\n}: IframeContextType) => (\n <IframeContext.Provider value={{ iframeRef, setAuthResponseUrl }}>\n {children}\n </IframeContext.Provider>\n);\n\nexport type { IframeContextType };\nexport { IframeProvider, IframeContext };\n","\"use client\";\nimport { useCallback, useEffect, useRef, useState } from \"react\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon\";\nimport { CloseIcon } from \"@/shared/components/CloseIcon\";\nimport { CivicAuthIframe } from \"@/shared/components/CivicAuthIframe\";\nimport { useAuth, useConfig, useIframe } from \"@/shared/hooks\";\nimport React from \"react\";\nimport { TOKEN_EXCHANGE_TRIGGER_TEXT } from \"@/constants\";\n\ntype CivicAuthIframeContainerProps = {\n onClose?: () => void;\n closeOnRedirect?: boolean;\n};\n\nfunction NoChrome({\n children,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return <div className=\"cac-relative\">{children}</div>;\n}\n\nfunction IframeChrome({\n children,\n onClose,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return (\n <div\n className=\"cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-min-w-72 cac-items-center cac-justify-center cac-bg-neutral-950 cac-bg-opacity-50\"\n onClick={onClose}\n >\n <div\n className=\"cac-relative cac-overflow-hidden cac-rounded-3xl cac-bg-white cac-p-2 cac-shadow-lg sm:cac-p-6\"\n onClick={(e) => e.stopPropagation()}\n >\n <button\n className=\"cac-absolute cac-right-4 cac-top-4 cac-flex cac-cursor-pointer cac-items-center cac-justify-center cac-border-none cac-bg-transparent cac-p-1 cac-text-neutral-400\"\n onClick={onClose}\n >\n <CloseIcon />\n </button>\n\n {children}\n </div>\n </div>\n );\n}\nconst CivicAuthIframeContainer = ({\n onClose,\n closeOnRedirect = true,\n}: CivicAuthIframeContainerProps) => {\n const [isLoading, setIsLoading] = useState(true);\n const { isLoading: isAuthLoading } = useAuth();\n const config = useConfig();\n const { setAuthResponseUrl, iframeRef } = useIframe();\n const processIframeUrl = useCallback(() => {\n if (iframeRef && iframeRef.current && iframeRef.current.contentWindow) {\n try {\n const iframeUrl = iframeRef.current.contentWindow.location.href;\n // we know that oauth has finished when the iframe redirects to our redirectUrl\n if (iframeUrl.startsWith(config.redirectUrl)) {\n // we still want to show the spinner during redirect\n setIsLoading(true);\n const iframeBody =\n iframeRef.current.contentWindow.document.body.innerHTML;\n\n // If we're doing a server token exchange, we need to call the server a second time\n // using a fetch so that we're on the same domain and cookies can be sent and read\n // The server will use the presence of the code_verifier cookie to determine whether to do a token exchange or not.\n // On the initial (3rd party) redirect from the auth server, the cookie won't be sent, so the server-side callback route will just render a blank page,\n // and we'll do the exchange request from here, which will include the cookies.\n if (iframeBody.includes(TOKEN_EXCHANGE_TRIGGER_TEXT)) {\n console.log(\n `${TOKEN_EXCHANGE_TRIGGER_TEXT}, calling callback URL again...`,\n );\n const params = new URL(iframeUrl).searchParams;\n const appUrl = globalThis.window?.location?.origin;\n fetch(`${config.redirectUrl}?${params.toString()}&appUrl=${appUrl}`);\n } else {\n // if we're doing token-exchange in the client, we can just set the authResponseUrl\n // to be handled by the auth provider\n setAuthResponseUrl(iframeUrl);\n }\n\n if (closeOnRedirect) onClose?.();\n return true; // Successfully processed the URL\n }\n } catch {\n // If we get here, the iframe hasn't redirected to our origin yet\n console.log(\"Waiting for redirect...\");\n }\n }\n return false; // Haven't processed the URL yet\n }, [\n closeOnRedirect,\n config.redirectUrl,\n iframeRef,\n onClose,\n setAuthResponseUrl,\n ]);\n\n const intervalId = useRef<NodeJS.Timeout>();\n\n const handleEscape = useCallback(\n (event: KeyboardEvent) => {\n if (event.key === \"Escape\") {\n onClose?.();\n }\n },\n [onClose],\n );\n\n // handle Escape\n useEffect(() => {\n window.addEventListener(\"keydown\", handleEscape);\n\n return () => window.removeEventListener(\"keydown\", handleEscape);\n });\n\n const handleIframeLoad = () => {\n setIsLoading(false);\n console.log(\"handleIframeLoad\");\n if (processIframeUrl() && intervalId.current) {\n clearInterval(intervalId.current);\n }\n };\n const showLoadingIcon =\n isLoading || isAuthLoading || !iframeRef?.current?.getAttribute(\"src\");\n\n const WrapperComponent = config.modalIframe ? IframeChrome : NoChrome;\n\n return (\n <WrapperComponent onClose={onClose}>\n {showLoadingIcon && (\n <div className=\"cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white\">\n <LoadingIcon />\n </div>\n )}\n\n <CivicAuthIframe ref={iframeRef} onLoad={handleIframeLoad} />\n </WrapperComponent>\n );\n};\n\nexport type { CivicAuthIframeContainerProps };\n\nexport { CivicAuthIframeContainer };\n","const LoadingIcon = () => (\n <div role=\"status\">\n <svg\n aria-hidden=\"true\"\n className=\"cac-inline cac-h-8 cac-w-8 cac-animate-spin cac-fill-neutral-600 cac-text-neutral-200 dark:cac-fill-neutral-300 dark:cac-text-neutral-600\"\n viewBox=\"0 0 100 101\"\n fill=\"none\"\n xmlns=\"http://www.w3.org/2000/svg\"\n >\n <path\n d=\"M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z\"\n fill=\"currentColor\"\n />\n <path\n d=\"M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z\"\n fill=\"currentFill\"\n />\n </svg>\n <span className=\"cac-sr-only\">Loading...</span>\n </div>\n);\n\nexport { LoadingIcon };\n","const CloseIcon = () => (\n <svg\n xmlns=\"http://www.w3.org/2000/svg\"\n width=\"24\"\n height=\"24\"\n viewBox=\"0 0 24 24\"\n fill=\"none\"\n stroke=\"currentColor\"\n strokeWidth=\"2\"\n strokeLinecap=\"round\"\n strokeLinejoin=\"round\"\n className=\"lucide lucide-x\"\n >\n <path d=\"M18 6 6 18\" />\n <path d=\"m6 6 12 12\" />\n </svg>\n);\n\nexport { CloseIcon };\n","\"use client\";\nimport { IFRAME_ID } from \"@/constants\";\nimport { forwardRef } from \"react\";\n\ntype CivicAuthIframeProps = {\n onLoad?: () => void;\n};\n\nconst CivicAuthIframe = forwardRef<HTMLIFrameElement, CivicAuthIframeProps>(\n ({ onLoad }, ref) => {\n return (\n <iframe\n id={IFRAME_ID}\n ref={ref}\n className=\"cac-h-[26rem] cac-w-full cac-border-none\"\n onLoad={onLoad}\n />\n );\n },\n);\n\nCivicAuthIframe.displayName = \"CivicAuthIframe\";\n\nexport type { CivicAuthIframeProps };\n\nexport { CivicAuthIframe };\n","\"use client\";\nimport { createContext, ReactNode } from \"react\";\nimport { useQuery, UseQueryResult } from \"@tanstack/react-query\";\nimport { JWT } from \"oslo/jwt\";\nimport { AuthStorage, EmptyObject, User } from \"@/types\";\nimport { useAuth } from \"@/shared/hooks/useAuth\";\nimport { useToken } from \"@/shared/hooks/useToken\";\nimport { useSession } from \"@/shared/hooks/useSession\";\nimport { AuthContextType } from \"@/shared/AuthContext\";\nimport { GenericUserSession } from \"@/shared/UserSession\";\n\ntype UserContextType<\n T extends Record<string, unknown> & JWT[\"payload\"] = Record<string, unknown> &\n JWT[\"payload\"],\n> = {\n user: User<T> | null;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends EmptyObject>({\n children,\n storage,\n user: inputUser,\n signOut: inputSignOut,\n}: {\n children: ReactNode;\n storage: AuthStorage;\n user?: User<T> | null;\n signOut?: () => Promise<void>;\n}) => {\n const { isLoading: authLoading, error: authError } = useAuth();\n const session = useSession();\n const { accessToken, idToken } = useToken();\n const { signIn, signOut } = useAuth();\n\n const fetchUser = async (): Promise<User | null> => {\n if (!accessToken) {\n return null;\n }\n const userSession = new GenericUserSession(storage);\n return userSession.get();\n };\n\n const {\n data: user,\n isLoading: userLoading,\n error: userError,\n }: UseQueryResult<User<T> | null, Error> = useQuery({\n queryKey: [\"user\", session?.idToken],\n queryFn: fetchUser,\n enabled: !!session?.idToken, // Only run the query if we have an access token\n });\n\n const isLoading = authLoading || userLoading;\n const error = authError || userError;\n\n const userWithIdToken = user ? { ...user, idToken } : null;\n\n return (\n <UserContext.Provider\n value={{\n user: (inputUser || userWithIdToken) ?? null,\n isLoading,\n error,\n signIn,\n signOut: inputSignOut || signOut,\n }}\n >\n {children}\n </UserContext.Provider>\n );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n","\"use client\";\nimport {\n ReactNode,\n useCallback,\n useEffect,\n useMemo,\n useRef,\n useState,\n} from \"react\";\nimport { useMutation, useQuery, useQueryClient } from \"@tanstack/react-query\";\nimport { Config, DisplayMode, SessionData } from \"@/types\";\nimport { CivicAuthIframeContainer } from \"@/shared/components/CivicAuthIframeContainer\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider\";\nimport { DEFAULT_SCOPES } from \"@/constants\";\nimport { authConfig } from \"@/config\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon\";\nimport { isWindowInIframe } from \"@/lib/windowUtil\";\nimport { AuthContext } from \"@/shared/AuthContext\";\nimport {\n BrowserAuthenticationInitiator,\n BrowserAuthenticationService,\n} from \"@/services/AuthenticationService\";\nimport {\n AuthenticationResolver,\n PKCEConsumer,\n PopupError,\n} from \"@/services/types\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE\";\nimport { generateState } from \"@/lib/oauth\";\nimport { LocalStorageAdapter } from \"@/browser/storage\";\nimport { ConfigProvider } from \"@/shared/providers/ConfigProvider\";\nimport { getUser } from \"./session\";\nimport { GenericUserSession } from \"./UserSession\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider\";\n\n// Global this object setup\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n globalThisObject = global;\n} else {\n globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nexport type AuthProviderProps = {\n children: ReactNode;\n clientId: string;\n redirectUrl?: string;\n nonce?: string;\n config?: Config;\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => Promise<void>;\n pkceConsumer?: PKCEConsumer;\n modalIframe?: boolean;\n sessionData?: SessionData;\n};\n\nfunction BlockDisplay({ children }: { children: ReactNode }) {\n return (\n <div className=\"cac-relative cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white\">\n <div className=\"cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white\">\n {children}\n </div>\n </div>\n );\n}\n\nconst AuthProvider = ({\n children,\n clientId,\n redirectUrl: inputRedirectUrl,\n config = authConfig,\n onSignIn,\n onSignOut,\n pkceConsumer,\n nonce,\n modalIframe = true,\n sessionData: inputSessionData,\n}: AuthProviderProps) => {\n const [iframeUrl, setIframeUrl] = useState<string | null>(null);\n const [currentUrl, setCurrentUrl] = useState<string | null>(null);\n const [isInIframe, setIsInIframe] = useState(false);\n const [authResponseUrl, setAuthResponseUrl] = useState<string | null>(null);\n const [tokenExchangeError, setTokenExchangeError] = useState<Error>();\n const [displayMode, setDisplayMode] = useState<DisplayMode>(\"iframe\");\n const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] =\n useState<BrowserAuthenticationInitiator | null>();\n const [showIFrame, setShowIFrame] = useState(false);\n const [isRedirecting, setIsRedirecting] = useState(false);\n const queryClient = useQueryClient();\n const iframeRef = useRef<HTMLIFrameElement>(null);\n\n // TODO maybe we want to support or derive serverTokenExchange another way?\n const serverTokenExchange =\n pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n // check if the current window is in an iframe with the iframe id, and set an isInIframe state\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n setCurrentUrl(globalThis.window.location.href);\n const isInIframeVal = isWindowInIframe(globalThis.window);\n setIsInIframe(isInIframeVal);\n }\n }, []);\n\n const redirectUrl = useMemo(\n () => (inputRedirectUrl || currentUrl || \"\").split(\"?\")[0],\n [currentUrl, inputRedirectUrl],\n );\n\n const [authService, setAuthService] = useState<AuthenticationResolver>();\n\n useEffect(() => {\n if (!currentUrl) return;\n BrowserAuthenticationService.build({\n clientId,\n redirectUrl,\n oauthServer: config.oauthServer,\n scopes: DEFAULT_SCOPES,\n displayMode,\n }).then(setAuthService);\n }, [currentUrl, clientId, redirectUrl, config, displayMode]);\n\n const {\n data: session,\n isLoading,\n error,\n } = useQuery({\n queryKey: [\n \"session\",\n authResponseUrl,\n iframeUrl,\n currentUrl,\n isInIframe,\n authService,\n ],\n queryFn: async () => {\n if (!authService) {\n return { authenticated: false };\n }\n if (inputSessionData) {\n return inputSessionData;\n }\n const url = new URL(\n authResponseUrl\n ? authResponseUrl\n : globalThis.window.location.href || \"\",\n );\n // if we have existing tokens, then validate them and return the session data\n // otherwise check if we have a code in the url and exchange it for tokens\n // if we have neither, return undefined\n const existingSessionData = await authService.validateExistingSession();\n if (existingSessionData.authenticated) {\n return existingSessionData;\n }\n const code = url.searchParams.get(\"code\");\n const state = url.searchParams.get(\"state\");\n if (!serverTokenExchange && code && state && !isInIframe) {\n try {\n await authService.tokenExchange(code, state);\n const clientStorage = new LocalStorageAdapter();\n const user = await getUser(clientStorage);\n if (!user) {\n throw new Error(\"Failed to get user info\");\n }\n\n const userSession = new GenericUserSession(clientStorage);\n userSession.set(user);\n\n onSignIn?.(); // Call onSignIn without an error if successful\n return authService.getSessionData();\n } catch (error) {\n setTokenExchangeError(error as Error);\n onSignIn?.(\n error instanceof Error ? error : new Error(\"Failed to sign in\"),\n ); // Pass the error to onSignIn\n return { authenticated: false };\n }\n }\n\n return existingSessionData;\n },\n });\n\n const signOutMutation = useMutation({\n mutationFn: async () => {\n // Implement signOut logic here\n const authInitiator = getAuthInitiator();\n authInitiator?.signOut();\n setIframeUrl(null);\n setShowIFrame(false);\n setAuthResponseUrl(null);\n onSignOut?.();\n },\n onSuccess: () => {\n queryClient.setQueryData(\n [\n \"session\",\n authResponseUrl,\n iframeUrl,\n currentUrl,\n isInIframe,\n authService,\n ],\n null,\n );\n },\n });\n\n const getAuthInitiator = useCallback(\n (overrideDisplayMode?: DisplayMode) => {\n const useDisplayMode = overrideDisplayMode || displayMode;\n if (!pkceConsumer) {\n return null;\n }\n return (\n browserAuthenticationInitiator ||\n new BrowserAuthenticationInitiator({\n pkceConsumer, // generate and retrieve the challenge client-side\n clientId,\n redirectUrl,\n state: generateState(useDisplayMode, serverTokenExchange),\n scopes: DEFAULT_SCOPES,\n displayMode: useDisplayMode,\n oauthServer: config.oauthServer,\n // the endpoints to use for the login (if not obtained from the auth server\n endpointOverrides: config.endpoints,\n nonce,\n })\n );\n },\n [\n serverTokenExchange,\n displayMode,\n browserAuthenticationInitiator,\n clientId,\n redirectUrl,\n config.oauthServer,\n config.endpoints,\n pkceConsumer,\n nonce,\n ],\n );\n\n const signIn = useCallback(\n async (overrideDisplayMode: DisplayMode = \"iframe\") => {\n setDisplayMode(overrideDisplayMode);\n const authInitiator = getAuthInitiator(overrideDisplayMode);\n setBrowserAuthenticationInitiator(authInitiator);\n if (overrideDisplayMode === \"iframe\") {\n setShowIFrame(true);\n } else if (overrideDisplayMode === \"redirect\") {\n setIsRedirecting(true);\n }\n authInitiator?.signIn(iframeRef.current).catch((error) => {\n console.log(\"signIn error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n // if we've tried to open a popup and it has failed, then fallback to redirect mode\n if (error instanceof PopupError) {\n signIn(\"redirect\");\n }\n });\n },\n [getAuthInitiator],\n );\n\n // remove event listeners when the component unmounts\n useEffect(() => {\n return () => {\n if (browserAuthenticationInitiator) {\n browserAuthenticationInitiator.cleanup();\n }\n };\n }, [browserAuthenticationInitiator]);\n\n const isAuthenticated = useMemo(\n () => (session ? session.authenticated : false),\n [session],\n );\n\n useQuery({\n queryKey: [\"autoSignIn\", modalIframe, redirectUrl, isAuthenticated],\n queryFn: async () => {\n if (\n !modalIframe &&\n redirectUrl &&\n !isAuthenticated &&\n iframeRef.current\n ) {\n signIn(\"iframe\");\n }\n return true;\n },\n refetchOnWindowFocus: false,\n });\n\n const value = useMemo(\n () => ({\n isLoading,\n error: error as Error | null,\n signOut: async () => {\n await signOutMutation.mutateAsync();\n },\n isAuthenticated,\n signIn,\n }),\n [isLoading, error, signOutMutation, isAuthenticated, signIn],\n );\n return (\n <AuthContext.Provider value={value}>\n <ConfigProvider\n config={config}\n redirectUrl={redirectUrl}\n modalIframe={modalIframe}\n serverTokenExchange={serverTokenExchange}\n >\n <IframeProvider\n setAuthResponseUrl={setAuthResponseUrl}\n iframeRef={iframeRef}\n >\n <SessionProvider session={session}>\n <TokenProvider>\n {modalIframe && !isInIframe && !session?.authenticated && (\n <div\n style={\n showIFrame ? { display: \"block\" } : { display: \"none\" }\n }\n >\n <CivicAuthIframeContainer\n onClose={() => setShowIFrame(false)}\n />\n </div>\n )}\n\n {modalIframe &&\n (isInIframe ||\n isRedirecting ||\n (isLoading && !serverTokenExchange)) && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n\n {(tokenExchangeError || error) && (\n <BlockDisplay>\n <div>\n Error: {(tokenExchangeError || (error as Error)).message}\n </div>\n </BlockDisplay>\n )}\n {children}\n </TokenProvider>\n </SessionProvider>\n </IframeProvider>\n </ConfigProvider>\n </AuthContext.Provider>\n );\n};\n\nexport { AuthProvider };\n"]}
package/dist/{chunk-RF23Q4V6.js → chunk-AM2Y662I.js} RENAMED
@@ -4,36 +4,6 @@
4
4
 
5
5
  var _chunkCRTRMMJ7js = require('./chunk-CRTRMMJ7.js');
6
6
 
7
- // src/shared/storage.ts
8
- var DEFAULT_COOKIE_DURATION = 60 * 15;
9
- var CookieStorage = class {
10
- constructor(settings = {}) {
11
- var _a, _b, _c, _d, _e;
12
- this.settings = {
13
- httpOnly: (_a = settings.httpOnly) != null ? _a : true,
14
- secure: (_b = settings.secure) != null ? _b : true,
15
- // the callback request comes the auth server
16
- // 'lax' ensures the code_verifier cookie is sent with the request
17
- sameSite: (_c = settings.sameSite) != null ? _c : "lax",
18
- expires: (_d = settings.expires) != null ? _d : new Date(Date.now() + 1e3 * DEFAULT_COOKIE_DURATION),
19
- path: (_e = settings.path) != null ? _e : "/"
20
- };
21
- }
22
- };
23
-
24
- // src/constants.ts
25
- var DEFAULT_SCOPES = [
26
- "openid",
27
- "profile",
28
- "email",
29
- "forwardedTokens",
30
- "offline_access"
31
- ];
32
- var IFRAME_ID = "civic-auth-iframe";
33
- var AUTH_SERVER = "https://auth-dev.civic.com/oauth";
34
- var DEFAULT_OAUTH_GET_PARAMS = ["code", "state", "iss"];
35
- var TOKEN_EXCHANGE_TRIGGER_TEXT = "sameDomainCodeExchangeRequired";
36
-
37
7
  // src/shared/types.ts
38
8
  var OAuthTokens = /* @__PURE__ */ ((OAuthTokens2) => {
39
9
  OAuthTokens2["ID_TOKEN"] = "id_token";
@@ -65,11 +35,11 @@ var getOauthEndpoints = (oauthServer) => _chunkCRTRMMJ7js.__async.call(void 0, v
65
35
  userinfo: openIdConfig.userinfo_endpoint
66
36
  };
67
37
  });
68
- var generateState = (displayMode) => {
69
- const jsonString = JSON.stringify({
38
+ var generateState = (displayMode, serverTokenExchange) => {
39
+ const jsonString = JSON.stringify(_chunkCRTRMMJ7js.__spreadValues.call(void 0, {
70
40
  uuid: _uuid.v4.call(void 0, ),
71
41
  displayMode
72
- });
42
+ }, serverTokenExchange ? { serverTokenExchange } : {}));
73
43
  return btoa(jsonString);
74
44
  };
75
45
  var displayModeFromState = (state, sessionDisplayMode) => {
@@ -81,6 +51,15 @@ var displayModeFromState = (state, sessionDisplayMode) => {
81
51
  return sessionDisplayMode;
82
52
  }
83
53
  };
54
+ var serverTokenExchangeFromState = (state) => {
55
+ try {
56
+ const jsonString = atob(state);
57
+ return JSON.parse(jsonString).serverTokenExchange;
58
+ } catch (e) {
59
+ console.error("Failed to parse serverTokenExchange from state:", state);
60
+ return void 0;
61
+ }
62
+ };
84
63
 
85
64
  // src/shared/util.ts
86
65
  var _jose = require('jose'); var jose = _interopRequireWildcard(_jose);
@@ -212,6 +191,9 @@ function clearTokens(storage) {
212
191
  Object.values(OAuthTokens).forEach((cookie) => {
213
192
  storage.set(cookie, "");
214
193
  });
194
+ Object.values("code_verifier" /* COOKIE_NAME */).forEach((cookie) => {
195
+ storage.set(cookie, "");
196
+ });
215
197
  }
216
198
  function clearUser(storage) {
217
199
  const userSession = new GenericUserSession(storage);
@@ -254,8 +236,30 @@ function validateOauth2Tokens(tokens, endpoints, oauth2Client, issuer) {
254
236
  });
255
237
  }
256
238
 
257
- // src/services/PKCE.ts
239
+ // src/shared/session.ts
240
+ var _jwt = require('oslo/jwt');
241
+ function getUser(storage) {
242
+ return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
243
+ var _a, _b;
244
+ const tokens = retrieveTokens(storage);
245
+ if (!tokens) return null;
246
+ return (_b = (_a = _jwt.parseJWT.call(void 0, tokens.id_token)) == null ? void 0 : _a.payload) != null ? _b : null;
247
+ });
248
+ }
258
249
 
250
+ // src/constants.ts
251
+ var DEFAULT_SCOPES = [
252
+ "openid",
253
+ "profile",
254
+ "email",
255
+ "forwardedTokens",
256
+ "offline_access"
257
+ ];
258
+ var IFRAME_ID = "civic-auth-iframe";
259
+ var DEFAULT_AUTH_SERVER = "https://auth.civic.com/oauth";
260
+ var DEFAULT_OAUTH_GET_PARAMS = ["code", "state", "iss"];
261
+ var TOKEN_EXCHANGE_TRIGGER_TEXT = "sameDomainCodeExchangeRequired";
262
+ var TOKEN_EXCHANGE_SUCCESS_TEXT = "serverSideTokenExchangeSuccess";
259
263
 
260
264
  // src/browser/storage.ts
261
265
  var LocalStorageAdapter = class {
@@ -268,13 +272,16 @@ var LocalStorageAdapter = class {
268
272
  };
269
273
 
270
274
  // src/services/PKCE.ts
275
+
271
276
  var ConfidentialClientPKCEConsumer = class {
272
277
  constructor(pkceChallengeEndpoint) {
273
278
  this.pkceChallengeEndpoint = pkceChallengeEndpoint;
274
279
  }
275
280
  getCodeChallenge() {
276
281
  return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
277
- const response = yield fetch(this.pkceChallengeEndpoint);
282
+ const response = yield fetch(
283
+ `${this.pkceChallengeEndpoint}?appUrl=${window.location.origin}`
284
+ );
278
285
  const data = yield response.json();
279
286
  return data.challenge;
280
287
  });
@@ -289,14 +296,14 @@ var GenericPublicClientPKCEProducer = class {
289
296
  getCodeChallenge() {
290
297
  return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
291
298
  const verifier = _oauth2.generateCodeVerifier.call(void 0, );
292
- this.storage.set("code_verifier", verifier);
299
+ this.storage.set("code_verifier" /* COOKIE_NAME */, verifier);
293
300
  return deriveCodeChallenge(verifier);
294
301
  });
295
302
  }
296
303
  // if there is already a verifier, return it,
297
304
  getCodeVerifier() {
298
305
  return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
299
- return this.storage.get("code_verifier");
306
+ return this.storage.get("code_verifier" /* COOKIE_NAME */);
300
307
  });
301
308
  }
302
309
  };
@@ -309,6 +316,14 @@ var BrowserPublicClientPKCEProducer = class extends GenericPublicClientPKCEProdu
309
316
  // src/services/AuthenticationService.ts
310
317
 
311
318
 
319
+ // src/services/types.ts
320
+ var PopupError = class _PopupError extends Error {
321
+ constructor(message) {
322
+ super(message);
323
+ Object.setPrototypeOf(this, _PopupError.prototype);
324
+ }
325
+ };
326
+
312
327
  // src/lib/windowUtil.ts
313
328
  var isWindowInIframe = (window2) => {
314
329
  var _a;
@@ -328,19 +343,57 @@ var removeParamsWithoutReload = (paramsToRemove) => {
328
343
  paramsToRemove.forEach((param) => {
329
344
  url.searchParams.delete(param);
330
345
  });
331
- window.history.replaceState({}, "", url);
346
+ try {
347
+ window.history.replaceState({}, "", url);
348
+ } catch (error) {
349
+ console.warn("window.history.replaceState failed", error);
350
+ }
351
+ };
352
+
353
+ // src/lib/postMessage.ts
354
+ var validateLoginAppPostMessage = (event, clientId) => {
355
+ const caseEvent = event;
356
+ console.log("caseEvent", caseEvent);
357
+ if (!caseEvent.clientId || !caseEvent.data.url || !caseEvent.source || !caseEvent.type || caseEvent.clientId !== clientId || caseEvent.source !== "civicloginApp") {
358
+ return false;
359
+ }
360
+ return true;
332
361
  };
333
362
 
334
363
  // src/services/AuthenticationService.ts
335
364
  var BrowserAuthenticationInitiator = class {
336
365
  constructor(config) {
366
+ this.postMessageHandler = null;
337
367
  this.config = config;
368
+ console.log("BrowserAuthenticationInitiator constructor", this.config);
369
+ }
370
+ handleLoginAppPopupFailed(redirectUrl) {
371
+ return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
372
+ console.warn(
373
+ "Login app popup failed open a popup, using redirect mode instead...",
374
+ redirectUrl
375
+ );
376
+ window.location.href = redirectUrl;
377
+ });
338
378
  }
339
379
  // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url
340
380
  // and then use the display mode to decide how to send the user there
341
381
  signIn(iframeRef) {
342
382
  return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
343
383
  const url = yield generateOauthLoginUrl(this.config);
384
+ this.postMessageHandler = (event) => {
385
+ const thisURL = new URL(window.location.href);
386
+ if (event.origin.endsWith("civic.com") || thisURL.hostname === "localhost") {
387
+ if (!validateLoginAppPostMessage(event.data, this.config.clientId)) {
388
+ console.log("Received invalid message from login app", event.data);
389
+ return;
390
+ }
391
+ const loginMessage = event.data;
392
+ console.log("Received message from login app", event.data);
393
+ this.handleLoginAppPopupFailed(loginMessage.data.url);
394
+ }
395
+ };
396
+ window.addEventListener("message", this.postMessageHandler);
344
397
  if (this.config.displayMode === "iframe") {
345
398
  if (!iframeRef)
346
399
  throw new Error("iframeRef is required for displayMode 'iframe'");
@@ -350,7 +403,18 @@ var BrowserAuthenticationInitiator = class {
350
403
  window.location.href = url.toString();
351
404
  }
352
405
  if (this.config.displayMode === "new_tab") {
353
- window.open(url.toString(), "_blank");
406
+ try {
407
+ const popupWindow = window.open(url.toString(), "_blank");
408
+ console.log("signIn", popupWindow);
409
+ if (!popupWindow) {
410
+ throw new PopupError("Failed to open popup window");
411
+ }
412
+ } catch (error) {
413
+ console.error("popupWindow", error);
414
+ throw new PopupError(
415
+ "window.open has thrown: Failed to open popup window"
416
+ );
417
+ }
354
418
  }
355
419
  return url;
356
420
  });
@@ -364,10 +428,18 @@ var BrowserAuthenticationInitiator = class {
364
428
  return url;
365
429
  });
366
430
  }
431
+ cleanup() {
432
+ if (this.postMessageHandler) {
433
+ window.removeEventListener("message", this.postMessageHandler);
434
+ }
435
+ }
367
436
  };
368
437
  var GenericAuthenticationInitiator = class {
369
438
  constructor(config) {
370
439
  this.config = config;
440
+ console.log("GenericAuthenticationInitiator constructor", {
441
+ config
442
+ });
371
443
  }
372
444
  // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url
373
445
  // and simply return the url
@@ -385,6 +457,9 @@ var GenericAuthenticationInitiator = class {
385
457
  var BrowserAuthenticationService = class _BrowserAuthenticationService extends BrowserAuthenticationInitiator {
386
458
  // TODO WIP - perhaps we want to keep resolver and initiator separate here
387
459
  constructor(config, pkceProducer = new BrowserPublicClientPKCEProducer()) {
460
+ console.log("BrowserAuthenticationService constructor", {
461
+ config
462
+ });
388
463
  super(_chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, config), {
389
464
  state: generateState(config.displayMode),
390
465
  // Store and retrieve the PKCE challenge in local storage
@@ -437,9 +512,8 @@ var BrowserAuthenticationService = class _BrowserAuthenticationService extends B
437
512
  );
438
513
  if (parsedDisplayMode === "new_tab") {
439
514
  window.close();
440
- } else if (parsedDisplayMode === "redirect") {
441
- removeParamsWithoutReload(DEFAULT_OAUTH_GET_PARAMS);
442
515
  }
516
+ removeParamsWithoutReload(DEFAULT_OAUTH_GET_PARAMS);
443
517
  return tokens;
444
518
  });
445
519
  }
@@ -496,189 +570,8 @@ var BrowserAuthenticationService = class _BrowserAuthenticationService extends B
496
570
  }
497
571
  };
498
572
 
499
- // src/server/ServerAuthenticationResolver.ts
500
-
501
- var ServerAuthenticationResolver = class _ServerAuthenticationResolver {
502
- constructor(authConfig, storage, endpointOverrides) {
503
- this.authConfig = authConfig;
504
- this.storage = storage;
505
- this.endpointOverrides = endpointOverrides;
506
- this.pkceProducer = new GenericPublicClientPKCEProducer(storage);
507
- }
508
- validateExistingSession() {
509
- throw new Error("Method not implemented.");
510
- }
511
- init() {
512
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
513
- this.endpoints = yield getEndpointsWithOverrides(
514
- this.authConfig.oauthServer,
515
- this.endpointOverrides
516
- );
517
- this.oauth2client = new (0, _oauth2.OAuth2Client)(
518
- this.authConfig.clientId,
519
- this.endpoints.auth,
520
- this.endpoints.token,
521
- {
522
- redirectURI: this.authConfig.redirectUrl
523
- }
524
- );
525
- return this;
526
- });
527
- }
528
- tokenExchange(code, state) {
529
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
530
- if (!this.oauth2client) yield this.init();
531
- const codeVerifier = yield this.pkceProducer.getCodeVerifier();
532
- if (!codeVerifier) throw new Error("Code verifier not found in storage");
533
- const tokens = yield exchangeTokens(
534
- code,
535
- state,
536
- this.pkceProducer,
537
- this.oauth2client,
538
- // clean up types here to avoid the ! operator
539
- this.authConfig.oauthServer,
540
- this.endpoints
541
- // clean up types here to avoid the ! operator
542
- );
543
- storeTokens(this.storage, tokens);
544
- return tokens;
545
- });
546
- }
547
- getSessionData() {
548
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
549
- const storageData = retrieveTokens(this.storage);
550
- if (!storageData) return null;
551
- return {
552
- authenticated: !!storageData.id_token,
553
- idToken: storageData.id_token,
554
- accessToken: storageData.access_token,
555
- refreshToken: storageData.refresh_token
556
- };
557
- });
558
- }
559
- static build(authConfig, storage, endpointOverrides) {
560
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
561
- const resolver = new _ServerAuthenticationResolver(
562
- authConfig,
563
- storage,
564
- endpointOverrides
565
- );
566
- yield resolver.init();
567
- return resolver;
568
- });
569
- }
570
- };
571
-
572
- // src/server/login.ts
573
- function resolveOAuthAccessCode(code, state, storage, config) {
574
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
575
- var _a;
576
- const authSessionService = yield ServerAuthenticationResolver.build(
577
- _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, config), {
578
- oauthServer: (_a = config.oauthServer) != null ? _a : AUTH_SERVER
579
- }),
580
- storage,
581
- config.endpointOverrides
582
- );
583
- return authSessionService.tokenExchange(code, state);
584
- });
585
- }
586
- function isLoggedIn(storage) {
587
- return !!storage.get("id_token");
588
- }
589
- function buildLoginUrl(config, storage) {
590
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
591
- var _a, _b, _c;
592
- const state = (_a = config.state) != null ? _a : Math.random().toString(36).substring(2);
593
- const scopes = (_b = config.scopes) != null ? _b : DEFAULT_SCOPES;
594
- const pkceProducer = new GenericPublicClientPKCEProducer(storage);
595
- const authInitiator = new GenericAuthenticationInitiator(_chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, config), {
596
- state,
597
- scopes,
598
- oauthServer: (_c = config.oauthServer) != null ? _c : AUTH_SERVER,
599
- // When retrieving the PKCE challenge on the server-side, we produce it and store it in the session
600
- pkceConsumer: pkceProducer
601
- }));
602
- return authInitiator.signIn();
603
- });
604
- }
605
573
 
606
- // src/shared/session.ts
607
- var _jwt = require('oslo/jwt');
608
- function getUser(storage) {
609
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
610
- var _a, _b;
611
- const tokens = retrieveTokens(storage);
612
- if (!tokens) return null;
613
- return (_b = (_a = _jwt.parseJWT.call(void 0, tokens.id_token)) == null ? void 0 : _a.payload) != null ? _b : null;
614
- });
615
- }
616
-
617
- // src/shared/GenericAuthenticationRefresher.ts
618
574
 
619
- var GenericAuthenticationRefresher = class _GenericAuthenticationRefresher {
620
- constructor(authConfig, storage, endpointOverrides) {
621
- this.authConfig = authConfig;
622
- this.storage = storage;
623
- this.endpointOverrides = endpointOverrides;
624
- }
625
- init() {
626
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
627
- this.endpoints = yield getEndpointsWithOverrides(
628
- this.authConfig.oauthServer,
629
- this.endpointOverrides
630
- );
631
- this.oauth2client = new (0, _oauth2.OAuth2Client)(
632
- this.authConfig.clientId,
633
- this.endpoints.auth,
634
- this.endpoints.token,
635
- {
636
- redirectURI: this.authConfig.redirectUrl
637
- }
638
- );
639
- return this;
640
- });
641
- }
642
- static build(authConfig, storage, endpointOverrides) {
643
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
644
- const refresher = new _GenericAuthenticationRefresher(
645
- authConfig,
646
- storage,
647
- endpointOverrides
648
- );
649
- yield refresher.init();
650
- return refresher;
651
- });
652
- }
653
- refreshTokens() {
654
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
655
- if (!this.oauth2client) yield this.init();
656
- const tokens = retrieveTokens(this.storage);
657
- if (!(tokens == null ? void 0 : tokens.refresh_token)) throw new Error("No refresh token available");
658
- const oauth2Client = this.oauth2client;
659
- const refreshedTokens = yield oauth2Client.refreshAccessToken(
660
- tokens.refresh_token
661
- );
662
- storeTokens(this.storage, refreshedTokens);
663
- return tokens;
664
- });
665
- }
666
- };
667
-
668
- // src/server/refresh.ts
669
- function refreshTokens(storage, config) {
670
- return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
671
- var _a;
672
- const refresher = yield GenericAuthenticationRefresher.build(
673
- _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, config), {
674
- oauthServer: (_a = config.oauthServer) != null ? _a : AUTH_SERVER
675
- }),
676
- storage,
677
- config.endpointOverrides
678
- );
679
- return refresher.refreshTokens();
680
- });
681
- }
682
575
 
683
576
 
684
577
 
@@ -704,5 +597,5 @@ function refreshTokens(storage, config) {
704
597
 
705
598
 
706
599
 
707
- exports.convertForwardedTokenFormat = convertForwardedTokenFormat; exports.GenericUserSession = GenericUserSession; exports.DEFAULT_SCOPES = DEFAULT_SCOPES; exports.IFRAME_ID = IFRAME_ID; exports.TOKEN_EXCHANGE_TRIGGER_TEXT = TOKEN_EXCHANGE_TRIGGER_TEXT; exports.isWindowInIframe = isWindowInIframe; exports.generateState = generateState; exports.cn = cn; exports.withoutUndefined = withoutUndefined; exports.clearTokens = clearTokens; exports.retrieveTokens = retrieveTokens; exports.LocalStorageAdapter = LocalStorageAdapter; exports.ConfidentialClientPKCEConsumer = ConfidentialClientPKCEConsumer; exports.GenericPublicClientPKCEProducer = GenericPublicClientPKCEProducer; exports.BrowserPublicClientPKCEProducer = BrowserPublicClientPKCEProducer; exports.BrowserAuthenticationInitiator = BrowserAuthenticationInitiator; exports.BrowserAuthenticationService = BrowserAuthenticationService; exports.getUser = getUser; exports.CookieStorage = CookieStorage; exports.resolveOAuthAccessCode = resolveOAuthAccessCode; exports.isLoggedIn = isLoggedIn; exports.buildLoginUrl = buildLoginUrl; exports.refreshTokens = refreshTokens;
708
- //# sourceMappingURL=chunk-RF23Q4V6.js.map
600
+ exports.convertForwardedTokenFormat = convertForwardedTokenFormat; exports.GenericUserSession = GenericUserSession; exports.DEFAULT_SCOPES = DEFAULT_SCOPES; exports.IFRAME_ID = IFRAME_ID; exports.DEFAULT_AUTH_SERVER = DEFAULT_AUTH_SERVER; exports.TOKEN_EXCHANGE_TRIGGER_TEXT = TOKEN_EXCHANGE_TRIGGER_TEXT; exports.TOKEN_EXCHANGE_SUCCESS_TEXT = TOKEN_EXCHANGE_SUCCESS_TEXT; exports.isWindowInIframe = isWindowInIframe; exports.generateState = generateState; exports.serverTokenExchangeFromState = serverTokenExchangeFromState; exports.cn = cn; exports.withoutUndefined = withoutUndefined; exports.getEndpointsWithOverrides = getEndpointsWithOverrides; exports.exchangeTokens = exchangeTokens; exports.storeTokens = storeTokens; exports.clearTokens = clearTokens; exports.retrieveTokens = retrieveTokens; exports.LocalStorageAdapter = LocalStorageAdapter; exports.ConfidentialClientPKCEConsumer = ConfidentialClientPKCEConsumer; exports.GenericPublicClientPKCEProducer = GenericPublicClientPKCEProducer; exports.BrowserPublicClientPKCEProducer = BrowserPublicClientPKCEProducer; exports.PopupError = PopupError; exports.BrowserAuthenticationInitiator = BrowserAuthenticationInitiator; exports.GenericAuthenticationInitiator = GenericAuthenticationInitiator; exports.BrowserAuthenticationService = BrowserAuthenticationService; exports.getUser = getUser;
601
+ //# sourceMappingURL=chunk-AM2Y662I.js.map