@civic/auth 0.0.1-beta.28 → 0.0.1-beta.29

package/src/shared/lib/UserSession.ts

@@ -3,23 +3,23 @@ import { UserStorage } from "@/shared/lib/types.js";
 import { convertForwardedTokenFormat } from "@/lib/jwt.js";
 
 export interface UserSession {
-  get(): User | null;
-  set(user: User): void;
+  get(): Promise<User | null>;
+  set(user: User): Promise<void>;
 }
 
 export class GenericUserSession implements UserSession {
   constructor(readonly storage: AuthStorage) {}
 
-  get(): User | null {
-    const user = this.storage.get(UserStorage.USER);
+  async get(): Promise<User | null> {
+    const user = await this.storage.get(UserStorage.USER);
     return user ? JSON.parse(user) : null;
   }
 
-  set(user: User | null): void {
+  async set(user: User | null): Promise<void> {
     const forwardedTokens = user?.forwardedTokens
       ? convertForwardedTokenFormat(user?.forwardedTokens as ForwardedTokensJWT)
       : null;
     const value = user ? JSON.stringify({ ...user, forwardedTokens }) : "";
-    this.storage.set(UserStorage.USER, value);
+    await this.storage.set(UserStorage.USER, value);
   }
 }

package/src/shared/lib/session.ts

@@ -3,7 +3,7 @@ import { parseJWT } from "oslo/jwt";
 import type { AuthStorage, User } from "@/types.js";
 
 export async function getUser(storage: AuthStorage): Promise<User | null> {
-  const tokens = retrieveTokens(storage);
+  const tokens = await retrieveTokens(storage);
   if (!tokens) return null;
 
   // Assumes all information is in the ID token

package/src/shared/lib/storage.ts

@@ -35,6 +35,6 @@ export abstract class CookieStorage implements AuthStorage {
       path: settings.path ?? "/",
     };
   }
-  abstract get(key: string): string | null;
-  abstract set(key: string, value: string): void;
+  abstract get(key: string): Promise<string | null>;
+  abstract set(key: string, value: string): Promise<void>;
 }

package/src/shared/lib/util.ts

@@ -83,7 +83,6 @@ export async function generateOauthLoginUrl(config: {
   // Required by the auth server for offline_access scope
   oAuthUrl.searchParams.append("prompt", "consent");
 
-  console.log("Generated OAuth URL", oAuthUrl.toString());
   return oAuthUrl;
 }
 
@@ -139,36 +138,40 @@ export async function exchangeTokens(
   return tokens;
 }
 
-export function storeTokens(
+export async function storeTokens(
   storage: AuthStorage,
   tokens: OIDCTokenResponseBody,
 ) {
   // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )
-  storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);
-  storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);
-  if (tokens.refresh_token)
-    storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);
+  await storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);
+  await storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);
+  if (tokens.refresh_token) {
+    await storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);
+  }
 }
 
-export function clearTokens(storage: AuthStorage) {
-  Object.values(OAuthTokens).forEach((cookie) => {
-    storage.set(cookie, "");
-  });
-  Object.values(CodeVerifier.COOKIE_NAME).forEach((cookie) => {
+export async function clearTokens(storage: AuthStorage) {
+  const clearOAuthPromises = Object.values(OAuthTokens).map((cookie) => {
     storage.set(cookie, "");
   });
+  const clearCodeVerifierPromises = Object.values(CodeVerifier.COOKIE_NAME).map(
+    (cookie) => {
+      storage.set(cookie, "");
+    },
+  );
+  await Promise.all([...clearOAuthPromises, ...clearCodeVerifierPromises]);
 }
-export function clearUser(storage: AuthStorage) {
+export async function clearUser(storage: AuthStorage) {
   const userSession = new GenericUserSession(storage);
-  userSession.set(null);
+  await userSession.set(null);
 }
 
-export function retrieveTokens(
+export async function retrieveTokens(
   storage: AuthStorage,
-): OIDCTokenResponseBody | null {
-  const idToken = storage.get(OAuthTokens.ID_TOKEN);
-  const accessToken = storage.get(OAuthTokens.ACCESS_TOKEN);
-  const refreshToken = storage.get(OAuthTokens.REFRESH_TOKEN);
+): Promise<OIDCTokenResponseBody | null> {
+  const idToken = await storage.get(OAuthTokens.ID_TOKEN);
+  const accessToken = await storage.get(OAuthTokens.ACCESS_TOKEN);
+  const refreshToken = await storage.get(OAuthTokens.REFRESH_TOKEN);
 
   if (!idToken || !accessToken) return null;
 

package/src/types.ts

@@ -222,6 +222,6 @@ export type {
 };
 
 export interface AuthStorage {
-  get(key: string): string | null;
-  set(key: string, value: string): void;
+  get(key: string): Promise<string | null>;
+  set(key: string, value: string): Promise<void>;
 }

package/test/unit/nextjs/getUser.test.ts

@@ -17,25 +17,25 @@ const mockUser: User = {
 describe("getUser", () => {
   beforeEach(() => {
     vi.clearAllMocks();
-    vi.spyOn(GenericUserSession.prototype, "get").mockReturnValue(mockUser);
+    vi.spyOn(GenericUserSession.prototype, "get").mockResolvedValue(mockUser);
     vi.spyOn(NextjsClientStorage.prototype, "get").mockImplementation(
-      (cookieName: string) => {
+      async (cookieName: string) => {
         switch (cookieName) {
           case "access_token":
-            return "test-access-token";
+            return Promise.resolve("test-access-token");
           case "id_token":
-            return "test-id-token";
+            return Promise.resolve("test-id-token");
           case "refresh_token":
-            return "test-refresh-token";
+            return Promise.resolve("test-refresh-token");
           default:
-            return null;
+            return Promise.resolve(null);
         }
       },
     );
   });
 
-  it("should get the user from session", () => {
-    const user = getUser();
+  it("should get the user from session", async () => {
+    const user = await getUser();
     expect(user).toEqual(mockUser);
   });
 });

package/test/unit/publicApi/__snapshots__/apiSnapshot.test.ts.snap

@@ -1,11 +1,5 @@
 // Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
 
-/**
- * IMPORTANT: If you modify this snapshot, it indicates changes to the public API of the auth SDK, which may impact consumers.
- * Ensure such changes are discussed and agreed with the team and that the documentation is updated accordingly.
- * Docmentation is managed on GitBook: https://app.gitbook.com/o/-MbHRfakrvYmMaAu3Awh/s/PrqdylKqzZDnu8FytHLf/
- */
-
 exports[`Auth Client Public API Snapshot > should match the previous API snapshot 1`] = `
 {
   "CivicAuthIframeContainer": [Function],
@@ -18,7 +12,6 @@ exports[`Auth Client Public API Snapshot > should match the previous API snapsho
   "useIframe": [Function],
   "useSession": [Function],
   "useToken": [Function],
-  "useTokenCookie": [Function],
   "useUser": [Function],
 }
 `;

package/test/unit/server/login.test.ts

@@ -1,20 +1,20 @@
-import { describe, it, expect, vi, beforeEach } from "vitest";
+import { describe, it, expect, vi } from "vitest";
 import {
   resolveOAuthAccessCode,
   isLoggedIn,
   buildLoginUrl,
-} from "@/server/login.js";
-import { ServerAuthenticationResolver } from "@/server/ServerAuthenticationResolver.js";
-import { GenericAuthenticationInitiator } from "@/services/AuthenticationService.js";
+} from "@/server/login";
+import { ServerAuthenticationResolver } from "@/server/ServerAuthenticationResolver";
+import { GenericAuthenticationInitiator } from "@/services/AuthenticationService";
 import { GenericPublicClientPKCEProducer } from "@/services/PKCE.js";
-import { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from "@/constants.js";
-import type { OIDCTokenResponseBody, AuthStorage } from "@/types.js";
-import type { AuthConfig } from "@/server/config.js";
-import type { PKCEProducer } from "@/services/types.js";
+import { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from "@/constants";
+import type { AuthStorage, OIDCTokenResponseBody } from "@/types.js";
+import type { AuthConfig } from "@/server/config.ts";
+import type { PKCEProducer } from "@/services/types.ts";
 
 vi.mock("@/server/ServerAuthenticationResolver");
 vi.mock("@/services/AuthenticationService");
-vi.mock("@/services/PKCE");
+vi.mock("@/services/PKCE.js");
 
 class StubPKCEProducer implements PKCEProducer {
   constructor() {}
@@ -70,18 +70,18 @@ describe("Login Utilities", () => {
   });
 
   describe("isLoggedIn", () => {
-    it("should return true if id_token is in storage", () => {
-      vi.mocked(mockStorage.get).mockReturnValue("mockIdToken");
+    it("should return true if id_token is in storage", async () => {
+      vi.mocked(mockStorage.get).mockResolvedValue("mockIdToken");
 
-      const result = isLoggedIn(mockStorage);
+      const result = await isLoggedIn(mockStorage);
 
       expect(result).toBe(true);
     });
 
-    it("should return false if id_token is not in storage", () => {
-      vi.mocked(mockStorage.get).mockReturnValue(null);
+    it("should return false if id_token is not in storage", async () => {
+      vi.mocked(mockStorage.get).mockResolvedValue(null);
 
-      const result = isLoggedIn(mockStorage);
+      const result = await isLoggedIn(mockStorage);
 
       expect(result).toBe(false);
     });
@@ -171,9 +171,11 @@ describe("Login Utilities", () => {
         mockStorage,
       );
 
-      expect(GenericAuthenticationInitiator).toHaveBeenCalledWith(expect.objectContaining({
-        nonce,
-      }));
+      expect(GenericAuthenticationInitiator).toHaveBeenCalledWith(
+        expect.objectContaining({
+          nonce,
+        }),
+      );
     });
   });
 });

package/test/unit/server/session.test.ts

@@ -1,4 +1,4 @@
-import { describe, it, expect, vi, beforeEach } from "vitest";
+import { describe, it, expect, vi } from "vitest";
 import type { JWT } from "oslo/jwt";
 import { parseJWT } from "oslo/jwt";
 import { getUser } from "@/shared/lib/session.js";
@@ -20,7 +20,7 @@ describe("getUser", () => {
   });
 
   it("should return null if no tokens are retrieved", async () => {
-    vi.mocked(retrieveTokens).mockReturnValue(null);
+    vi.mocked(retrieveTokens).mockResolvedValue(null);
 
     const result = await getUser(mockStorage);
     expect(result).toBeNull();
@@ -29,7 +29,7 @@ describe("getUser", () => {
 
   it("should return a User if tokens are retrieved and parsed successfully", async () => {
     const mockTokens = { id_token: "mockIdToken" } as OIDCTokenResponseBody;
-    vi.mocked(retrieveTokens).mockReturnValue(mockTokens);
+    vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);
     vi.mocked(parseJWT).mockReturnValue({ payload: mockUser } as JWT);
 
     const result = await getUser(mockStorage);
@@ -40,7 +40,7 @@ describe("getUser", () => {
 
   it("should return null if parsing the ID token fails", async () => {
     const mockTokens = { id_token: "mockIdToken" } as OIDCTokenResponseBody;
-    vi.mocked(retrieveTokens).mockReturnValue(mockTokens);
+    vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);
     vi.mocked(parseJWT).mockReturnValue(null); // Simulate parse failure
 
     const result = await getUser(mockStorage);

package/test/unit/services/AuthenticationService.test.ts

@@ -29,7 +29,7 @@ vi.mock("@/shared/lib/util.js", () => ({
   clearUser: vi.fn(),
 }));
 vi.mock("@/browser/storage");
-vi.mock("@/services/PKCE");
+vi.mock("@/services/PKCE.js");
 
 describe("Authentication Services", () => {
   const mockConfig = {
@@ -51,7 +51,7 @@ describe("Authentication Services", () => {
         new URL("http://mockLoginUrl"),
       );
 
-      const url = await initiator.signIn(null);
+      const url = await initiator.signIn({} as HTMLIFrameElement);
 
       expect(url.toString()).toBe("http://mockloginurl/");
     });
@@ -114,7 +114,7 @@ describe("Authentication Services", () => {
         ...mockConfig,
       });
       vi.mocked(exchangeTokens).mockResolvedValue(mockTokens);
-      vi.mocked(retrieveTokens).mockReturnValue(mockTokens);
+      vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);
     });
 
     it("should exchange auth code for tokens and store them", async () => {

package/test/unit/services/ServerAuthenticationResolver.test.ts

@@ -6,13 +6,18 @@ import {
   retrieveTokens,
   storeTokens,
 } from "@/shared/lib/util.js";
-import type { Endpoints, OIDCTokenResponseBody, SessionData, AuthStorage } from "@/types.js";
-import type { AuthConfig } from "@/server/config.js";
+import type {
+  AuthStorage,
+  Endpoints,
+  OIDCTokenResponseBody,
+  SessionData,
+} from "@/types.js";
+import type { AuthConfig } from "@/server/config.ts";
 import { GenericPublicClientPKCEProducer } from "@/services/PKCE.js";
-import type { AuthenticationResolver } from '@/services/types.js';
+import type { AuthenticationResolver } from "@/services/types.ts";
 
 vi.mock("oslo/oauth2");
-vi.mock("@/services/PKCE");
+vi.mock("@/services/PKCE.js");
 vi.mock("@/shared/lib/util.js");
 
 describe("ServerAuthenticationResolver", () => {
@@ -84,7 +89,7 @@ describe("ServerAuthenticationResolver", () => {
 
   describe("getSessionData", () => {
     it("should retrieve session data from storage", async () => {
-      vi.mocked(retrieveTokens).mockReturnValue(mockTokens);
+      vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);
 
       const sessionData: SessionData = {
         authenticated: true,
@@ -100,7 +105,7 @@ describe("ServerAuthenticationResolver", () => {
     });
 
     it("should return null if no tokens are found in storage", async () => {
-      vi.mocked(retrieveTokens).mockReturnValue(null);
+      vi.mocked(retrieveTokens).mockResolvedValue(null);
 
       const result = await resolver.getSessionData();
 

package/test/unit/shared/GenericAuthenticationRefresher.test.ts

@@ -5,9 +5,9 @@ import {
   retrieveTokens,
   storeTokens,
 } from "@/shared/lib/util.js";
-import type { Endpoints, OIDCTokenResponseBody, AuthStorage} from "@/types.js";
+import type { AuthStorage, Endpoints, OIDCTokenResponseBody } from "@/types.js";
 import { OAuth2Client } from "oslo/oauth2";
-import type { AuthConfig } from "@/server/config.js";
+import type { AuthConfig } from "@/server/config.ts";
 
 vi.mock("@/shared/lib/util.js");
 vi.mock("oslo/oauth2");
@@ -55,7 +55,7 @@ describe("GenericAuthenticationRefresher", () => {
 
   describe("refreshTokens", () => {
     it("should refresh tokens and store them", async () => {
-      vi.mocked(retrieveTokens).mockReturnValue(mockTokens);
+      vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);
       const refreshedTokens: OIDCTokenResponseBody = {
         id_token: "newIdToken",
         access_token: "newAccessToken",
@@ -76,7 +76,7 @@ describe("GenericAuthenticationRefresher", () => {
     });
 
     it("should throw an error if no refresh token is available", async () => {
-      vi.mocked(retrieveTokens).mockReturnValue({
+      vi.mocked(retrieveTokens).mockResolvedValue({
         ...mockTokens,
         refresh_token: undefined,
       });

package/test/unit/shared/UserSession.test.ts

@@ -12,10 +12,10 @@ const mockUser: User = {
 
 let storage: Record<string, string> = {};
 class TestStorage implements AuthStorage {
-  get(key: string): string | null {
+  async get(key: string): Promise<string | null> {
     return storage[key] ?? null;
   }
-  set(key: string, value: string): void {
+  async set(key: string, value: string): Promise<void> {
     storage[key] = value;
   }
 }
@@ -26,16 +26,16 @@ describe("UserSession", () => {
   });
 
   describe("GenericUserSession", () => {
-    it("should get the user from session", () => {
+    it("should get the user from session", async () => {
       const userSession = new GenericUserSession(new TestStorage());
       userSession.set(mockUser);
-      const user = userSession.get();
+      const user = await userSession.get();
       expect(user).toEqual(mockUser);
     });
 
-    it("should return null if user it not found", () => {
+    it("should return null if user it not found", async () => {
       const userSession = new GenericUserSession(new TestStorage());
-      const user = userSession.get();
+      const user = await userSession.get();
       expect(user).toBeNull();
     });
   });

package/test/unit/shared/storage.test.ts

@@ -13,10 +13,10 @@ describe("CookieStorage", () => {
       super(settings);
     }
 
-    get(key: string): string | null {
+    async get(key: string): Promise<string | null> {
       return this.storage[key] ?? null;
     }
-    set(key: string, value: string): void {
+    async set(key: string, value: string): Promise<void> {
       this.storage[key] = value;
     }
   }
@@ -57,11 +57,11 @@ describe("CookieStorage", () => {
     expect(storage["settings"]).toMatchObject(customSettings);
   });
 
-  it("should set and get values correctly", () => {
+  it("should set and get values correctly", async () => {
     const storage = new MockCookieStorage({});
 
-    storage.set("testKey", "testValue");
-    expect(storage.get("testKey")).toBe("testValue");
-    expect(storage.get("nonExistentKey")).toBe(null);
+    await storage.set("testKey", "testValue");
+    expect(await storage.get("testKey")).toBe("testValue");
+    expect(await storage.get("nonExistentKey")).toBe(null);
   });
 });

package/dist/cjs/src/nextjs/client/index.d.ts

@@ -1,2 +0,0 @@
-export { CivicNextAuthProvider as CivicAuthProvider, type NextCivicAuthProviderProps as AuthProviderProps, } from "@/nextjs/providers/NextAuthProvider.jsx";
-//# sourceMappingURL=index.d.ts.map

package/dist/cjs/src/nextjs/client/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/nextjs/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,qBAAqB,IAAI,iBAAiB,EAC1C,KAAK,0BAA0B,IAAI,iBAAiB,GACrD,MAAM,yCAAyC,CAAC"}

package/dist/cjs/src/nextjs/client/index.js

@@ -1,6 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.CivicAuthProvider = void 0;
-var NextAuthProvider_jsx_1 = require("@/nextjs/providers/NextAuthProvider.jsx");
-Object.defineProperty(exports, "CivicAuthProvider", { enumerable: true, get: function () { return NextAuthProvider_jsx_1.CivicNextAuthProvider; } });
-//# sourceMappingURL=index.js.map

package/dist/cjs/src/nextjs/client/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/nextjs/client/index.ts"],"names":[],"mappings":";;;AAAA,gFAGiD;AAF/C,yHAAA,qBAAqB,OAAqB","sourcesContent":["export {\n  CivicNextAuthProvider as CivicAuthProvider,\n  type NextCivicAuthProviderProps as AuthProviderProps,\n} from \"@/nextjs/providers/NextAuthProvider.jsx\";\n"]}