@civic/auth 0.0.1-beta.28 → 0.0.1-beta.3

package/dist/src/shared/providers/UserProvider.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,OAAO,CAAC;AAG7C,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAGjD,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAE1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AASjE,MAAM,WAAW,GAAG,aAAa,CAAyB,IAAI,CAAC,CAAC;AAEhE,MAAM,YAAY,GAAG,CAAwB,EAC3C,QAAQ,EACR,OAAO,EACP,IAAI,EAAE,SAAS,EACf,OAAO,EAAE,YAAY,GAMtB,EAAE,EAAE;IACH,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,CAAC;IAC/D,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,QAAQ,EAAE,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,CAAC;IAEtC,MAAM,SAAS,GAAG,KAAK,IAA0B,EAAE;QACjD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;QACpD,OAAO,WAAW,CAAC,GAAG,EAAE,CAAC;IAC3B,CAAC,CAAC;IAEF,MAAM,EACJ,IAAI,EAAE,IAAI,EACV,SAAS,EAAE,WAAW,EACtB,KAAK,EAAE,SAAS,GACjB,GAA0C,QAAQ,CAAC;QAClD,QAAQ,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC;QACpC,OAAO,EAAE,SAAS;QAClB,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,gDAAgD;KAC9E,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC;IAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;IAErC,MAAM,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAE3D,OAAO,CACL,oBAAC,WAAW,CAAC,QAAQ,IACnB,KAAK,EAAE;YACL,IAAI,EAAE,CAAC,SAAS,IAAI,eAAe,CAAC,IAAI,IAAI;YAC5C,SAAS;YACT,KAAK;YACL,MAAM;YACN,OAAO,EAAE,YAAY,IAAI,OAAO;SACjC,IAEA,QAAQ,CACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAIF,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC","sourcesContent":["\"use client\";\n\nimport React, { createContext } from \"react\";\nimport type { ReactNode } from \"react\";\nimport type { UseQueryResult } from \"@tanstack/react-query\";\nimport { useQuery } from \"@tanstack/react-query\";\nimport type { JWT } from \"oslo/jwt\";\nimport type { AuthStorage, EmptyObject, User } from \"@/types.js\";\nimport { useAuth } from \"@/shared/hooks/useAuth.js\";\nimport { useToken } from \"@/shared/hooks/useToken.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { AuthContextType } from \"@/shared/providers/AuthContext.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\n\ntype UserContextType<\n  T extends Record<string, unknown> & JWT[\"payload\"] = Record<string, unknown> &\n    JWT[\"payload\"],\n> = {\n  user: User<T> | null;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends EmptyObject>({\n  children,\n  storage,\n  user: inputUser,\n  signOut: inputSignOut,\n}: {\n  children: ReactNode;\n  storage: AuthStorage;\n  user?: User<T> | null;\n  signOut?: () => Promise<void>;\n}) => {\n  const { isLoading: authLoading, error: authError } = useAuth();\n  const session = useSession();\n  const { accessToken, idToken } = useToken();\n  const { signIn, signOut } = useAuth();\n\n  const fetchUser = async (): Promise<User | null> => {\n    if (!accessToken) {\n      return null;\n    }\n    const userSession = new GenericUserSession(storage);\n    return userSession.get();\n  };\n\n  const {\n    data: user,\n    isLoading: userLoading,\n    error: userError,\n  }: UseQueryResult<User<T> | null, Error> = useQuery({\n    queryKey: [\"user\", session?.idToken],\n    queryFn: fetchUser,\n    enabled: !!session?.idToken, // Only run the query if we have an access token\n  });\n\n  const isLoading = authLoading || userLoading;\n  const error = authError || userError;\n\n  const userWithIdToken = user ? { ...user, idToken } : null;\n\n  return (\n    <UserContext.Provider\n      value={{\n        user: (inputUser || userWithIdToken) ?? null,\n        isLoading,\n        error,\n        signIn,\n        signOut: inputSignOut || signOut,\n      }}\n    >\n      {children}\n    </UserContext.Provider>\n  );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n"]}

package/dist/src/types.d.ts

@@ -1,146 +0,0 @@
-import type { TokenResponseBody } from "oslo/oauth2";
-import type { JWT } from "oslo/jwt";
-type UnknownObject = Record<string, unknown>;
-type EmptyObject = Record<string, never>;
-type DisplayMode = "iframe" | "redirect" | "new_tab" | "custom_tab";
-interface AuthSessionService {
-    loadAuthorizationUrl(authorizationURL: string, displayMode: DisplayMode): void;
-    getAuthorizationUrl(scopes: string[], overrideDisplayMode: DisplayMode, nonce?: string): Promise<string>;
-    signIn(displayMode: DisplayMode, scopes: string[], nonce?: string): Promise<void>;
-    tokenExchange(responseUrl: string): Promise<SessionData>;
-    getSessionData(): SessionData;
-    updateSessionData(data: SessionData): void;
-    getUserInfoService(): Promise<UserInfoService>;
-}
-interface TokenService {
-    exchangeCodeForTokens(authCode: string): Promise<Tokens>;
-    validateIdToken(idToken: string, nonce: string): boolean;
-    refreshAccessToken(refreshToken: string): Promise<Tokens>;
-}
-interface UserInfoService {
-    getUserInfo<T extends UnknownObject>(accessToken: string, idToken: string | null): Promise<User<T> | null>;
-}
-interface ResourceService {
-    getProtectedResource(accessToken: string): Promise<unknown>;
-}
-type AuthRequest = {
-    clientId: string;
-    redirectUri: string;
-    state: string;
-    nonce: string;
-    scope: string;
-};
-type Endpoints = {
-    jwks: string;
-    auth: string;
-    token: string;
-    userinfo: string;
-    challenge?: string;
-};
-type Config = {
-    oauthServer: string;
-    endpoints?: Endpoints;
-};
-type SessionData = {
-    authenticated: boolean;
-    state?: string;
-    accessToken?: string;
-    refreshToken?: string;
-    idToken?: string;
-    timestamp?: number;
-    expiresIn?: number;
-    codeVerifier?: string;
-    displayMode?: DisplayMode;
-    openerUrl?: string;
-};
-type OIDCTokenResponseBody = TokenResponseBody & {
-    id_token: string;
-};
-type ParsedTokens = {
-    id_token: JWTPayload;
-    access_token: JWTPayload;
-    refresh_token?: string;
-};
-type ForwardedTokens = Record<string, {
-    idToken?: string;
-    accessToken?: string;
-    refreshToken?: string;
-}>;
-type ForwardedTokensJWT = Record<string, {
-    id_token?: string;
-    access_token?: string;
-    refresh_token?: string;
-    scope?: string;
-}>;
-type JWTPayload = JWT["payload"] & {
-    iss: string;
-    aud: string;
-    sub: string;
-    iat: number;
-    exp: number;
-};
-type IdTokenPayload = JWTPayload & {
-    forwardedTokens?: ForwardedTokensJWT;
-    email?: string;
-    name?: string;
-    picture?: string;
-    nonce: string;
-    at_hash: string;
-};
-type IdToken = Omit<JWT, "payload"> & {
-    payload: IdTokenPayload;
-};
-type Tokens = {
-    idToken: string;
-    accessToken: string;
-    refreshToken: string;
-    forwardedTokens: ForwardedTokens;
-};
-type BaseUser = {
-    id: string;
-    email?: string;
-    name?: string;
-    given_name?: string;
-    family_name?: string;
-    picture?: string;
-    updated_at?: Date;
-};
-type User<T extends UnknownObject = EmptyObject> = BaseUser & Partial<Tokens> & T;
-type OpenIdConfiguration = {
-    authorization_endpoint: string;
-    claims_parameter_supported: boolean;
-    claims_supported: string[];
-    code_challenge_methods_supported: string[];
-    end_session_endpoint: string;
-    grant_types_supported: string[];
-    issuer: string;
-    jwks_uri: string;
-    authorization_response_iss_parameter_supported: boolean;
-    response_modes_supported: string[];
-    response_types_supported: string[];
-    scopes_supported: string[];
-    subject_types_supported: string[];
-    token_endpoint_auth_methods_supported: string[];
-    token_endpoint_auth_signing_alg_values_supported: string[];
-    token_endpoint: string;
-    id_token_signing_alg_values_supported: string[];
-    pushed_authorization_request_endpoint: string;
-    request_parameter_supported: boolean;
-    request_uri_parameter_supported: boolean;
-    userinfo_endpoint: string;
-    claim_types_supported: string[];
-};
-type LoginPostMessage = {
-    source: string;
-    type: string;
-    clientId: string;
-    data: {
-        url: string;
-    };
-};
-export type { LoginPostMessage, AuthSessionService, TokenService, UserInfoService, ResourceService, AuthRequest, Tokens, Endpoints, Config, SessionData, OIDCTokenResponseBody, ParsedTokens, BaseUser, User, DisplayMode, UnknownObject, EmptyObject, ForwardedTokens, ForwardedTokensJWT, JWTPayload, IdTokenPayload, IdToken, OpenIdConfiguration, };
-export interface AuthStorage {
-    get(key: string): string | null;
-    set(key: string, value: string): void;
-}
-//# sourceMappingURL=types.d.ts.map

package/dist/src/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAEpC,KAAK,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAC7C,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;AAGzC,KAAK,WAAW,GAAG,QAAQ,GAAG,UAAU,GAAG,SAAS,GAAG,YAAY,CAAC;AAGpE,UAAU,kBAAkB;IAE1B,oBAAoB,CAClB,gBAAgB,EAAE,MAAM,EACxB,WAAW,EAAE,WAAW,GACvB,IAAI,CAAC;IAER,mBAAmB,CACjB,MAAM,EAAE,MAAM,EAAE,EAChB,mBAAmB,EAAE,WAAW,EAChC,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnB,MAAM,CACJ,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,MAAM,EAAE,EAChB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAEzD,cAAc,IAAI,WAAW,CAAC;IAE9B,iBAAiB,CAAC,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,kBAAkB,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;CAChD;AAGD,UAAU,YAAY;IACpB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IACzD,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC3D;AAGD,UAAU,eAAe;IACvB,WAAW,CAAC,CAAC,SAAS,aAAa,EACjC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,GAAG,IAAI,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;CAC5B;AAGD,UAAU,eAAe;IACvB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7D;AAGD,KAAK,WAAW,GAAG;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,MAAM,GAAG;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,SAAS,CAAC;CACvB,CAAC;AAEF,KAAK,WAAW,GAAG;IACjB,aAAa,EAAE,OAAO,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,qBAAqB,GAAG,iBAAiB,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAEtE,KAAK,YAAY,GAAG;IAClB,QAAQ,EAAE,UAAU,CAAC;IACrB,YAAY,EAAE,UAAU,CAAC;IACzB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAGF,KAAK,eAAe,GAAG,MAAM,CAC3B,MAAM,EACN;IACE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CACF,CAAC;AAGF,KAAK,kBAAkB,GAAG,MAAM,CAC9B,MAAM,EACN;IACE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CACF,CAAC;AAEF,KAAK,UAAU,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,KAAK,cAAc,GAAG,UAAU,GAAG;IACjC,eAAe,CAAC,EAAE,kBAAkB,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,KAAK,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG;IACpC,OAAO,EAAE,cAAc,CAAC;CACzB,CAAC;AAEF,KAAK,MAAM,GAAG;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,EAAE,eAAe,CAAC;CAClC,CAAC;AAGF,KAAK,QAAQ,GAAG;IACd,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,IAAI,CAAC;CACnB,CAAC;AAEF,KAAK,IAAI,CAAC,CAAC,SAAS,aAAa,GAAG,WAAW,IAAI,QAAQ,GACzD,OAAO,CAAC,MAAM,CAAC,GACf,CAAC,CAAC;AAEJ,KAAK,mBAAmB,GAAG;IACzB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,0BAA0B,EAAE,OAAO,CAAC;IACpC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,gCAAgC,EAAE,MAAM,EAAE,CAAC;IAC3C,oBAAoB,EAAE,MAAM,CAAC;IAC7B,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C,EAAE,OAAO,CAAC;IACxD,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,uBAAuB,EAAE,MAAM,EAAE,CAAC;IAClC,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,gDAAgD,EAAE,MAAM,EAAE,CAAC;IAC3D,cAAc,EAAE,MAAM,CAAC;IACvB,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,qCAAqC,EAAE,MAAM,CAAC;IAC9C,2BAA2B,EAAE,OAAO,CAAC;IACrC,+BAA+B,EAAE,OAAO,CAAC;IACzC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAC;CACjC,CAAC;AAEF,KAAK,gBAAgB,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;CACH,CAAC;AACF,YAAY,EACV,gBAAgB,EAChB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,eAAe,EACf,WAAW,EACX,MAAM,EACN,SAAS,EACT,MAAM,EACN,WAAW,EACX,qBAAqB,EACrB,YAAY,EACZ,QAAQ,EACR,IAAI,EACJ,WAAW,EACX,aAAa,EACb,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,cAAc,EACd,OAAO,EACP,mBAAmB,GACpB,CAAC;AAEF,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IAChC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACvC"}

package/dist/src/types.js

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=types.js.map

package/dist/src/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { TokenResponseBody } from \"oslo/oauth2\";\nimport type { JWT } from \"oslo/jwt\";\n\ntype UnknownObject = Record<string, unknown>;\ntype EmptyObject = Record<string, never>;\n\n// Display modes for the auth flow\ntype DisplayMode = \"iframe\" | \"redirect\" | \"new_tab\" | \"custom_tab\";\n\n// Combined Auth and Session Service\ninterface AuthSessionService {\n  // TODO DK NOTES: Should be in BrowserAuthSessionService, not relevant on backend\n  loadAuthorizationUrl(\n    authorizationURL: string,\n    displayMode: DisplayMode,\n  ): void;\n  // TODO DK NOTES: overrideDisplayMode parameter not appropriate here - also - do we need both this and the above in the interface?\n  getAuthorizationUrl(\n    scopes: string[],\n    overrideDisplayMode: DisplayMode,\n    nonce?: string,\n  ): Promise<string>;\n  // TODO DK NOTES: display mode should be in browser version only. Also, do we need this and the above two in the top-level interface?\n  signIn(\n    displayMode: DisplayMode,\n    scopes: string[],\n    nonce?: string,\n  ): Promise<void>;\n  // TODO DK NOTES: Input should be an auth code - do not assume it comes via an url\n  tokenExchange(responseUrl: string): Promise<SessionData>;\n  // TODO DK NOTES: Should be async for flexibility\n  getSessionData(): SessionData;\n  // TODO DK NOTES: Should be async for flexibility\n  updateSessionData(data: SessionData): void;\n  getUserInfoService(): Promise<UserInfoService>;\n}\n\n// Token Service\ninterface TokenService {\n  exchangeCodeForTokens(authCode: string): Promise<Tokens>;\n  validateIdToken(idToken: string, nonce: string): boolean;\n  refreshAccessToken(refreshToken: string): Promise<Tokens>;\n}\n\n// User Info Service\ninterface UserInfoService {\n  getUserInfo<T extends UnknownObject>(\n    accessToken: string,\n    idToken: string | null,\n  ): Promise<User<T> | null>;\n}\n\n// Resource Service\ninterface ResourceService {\n  getProtectedResource(accessToken: string): Promise<unknown>;\n}\n\n// Auth Request (for internal use in AuthSessionService)\ntype AuthRequest = {\n  clientId: string;\n  redirectUri: string;\n  state: string;\n  nonce: string;\n  scope: string;\n};\n\ntype Endpoints = {\n  jwks: string;\n  auth: string;\n  token: string;\n  userinfo: string;\n  challenge?: string;\n};\n\ntype Config = {\n  oauthServer: string;\n  endpoints?: Endpoints;\n};\n\ntype SessionData = {\n  authenticated: boolean; // TODO can this be inferred from the presence of the tokens?\n  state?: string;\n  accessToken?: string;\n  refreshToken?: string;\n  idToken?: string;\n  timestamp?: number;\n  expiresIn?: number;\n  codeVerifier?: string;\n  displayMode?: DisplayMode;\n  openerUrl?: string;\n};\n\ntype OIDCTokenResponseBody = TokenResponseBody & { id_token: string };\n\ntype ParsedTokens = {\n  id_token: JWTPayload;\n  access_token: JWTPayload;\n  refresh_token?: string;\n};\n\n// The format we expose to the frontend via hooks\ntype ForwardedTokens = Record<\n  string,\n  {\n    idToken?: string;\n    accessToken?: string;\n    refreshToken?: string;\n  }\n>;\n\n// The format in the JWT payload\ntype ForwardedTokensJWT = Record<\n  string,\n  {\n    id_token?: string;\n    access_token?: string;\n    refresh_token?: string;\n    scope?: string;\n  }\n>;\n\ntype JWTPayload = JWT[\"payload\"] & {\n  iss: string;\n  aud: string;\n  sub: string;\n  iat: number;\n  exp: number;\n};\n\ntype IdTokenPayload = JWTPayload & {\n  forwardedTokens?: ForwardedTokensJWT;\n  email?: string;\n  name?: string;\n  picture?: string;\n  nonce: string;\n  at_hash: string;\n};\n\ntype IdToken = Omit<JWT, \"payload\"> & {\n  payload: IdTokenPayload;\n};\n\ntype Tokens = {\n  idToken: string;\n  accessToken: string;\n  refreshToken: string;\n  forwardedTokens: ForwardedTokens;\n};\n\n// Base user interface\ntype BaseUser = {\n  id: string;\n  email?: string;\n  name?: string;\n  given_name?: string;\n  family_name?: string;\n  picture?: string;\n  updated_at?: Date;\n};\n\ntype User<T extends UnknownObject = EmptyObject> = BaseUser &\n  Partial<Tokens> &\n  T;\n\ntype OpenIdConfiguration = {\n  authorization_endpoint: string;\n  claims_parameter_supported: boolean;\n  claims_supported: string[];\n  code_challenge_methods_supported: string[];\n  end_session_endpoint: string;\n  grant_types_supported: string[];\n  issuer: string;\n  jwks_uri: string;\n  authorization_response_iss_parameter_supported: boolean;\n  response_modes_supported: string[];\n  response_types_supported: string[];\n  scopes_supported: string[];\n  subject_types_supported: string[];\n  token_endpoint_auth_methods_supported: string[];\n  token_endpoint_auth_signing_alg_values_supported: string[];\n  token_endpoint: string;\n  id_token_signing_alg_values_supported: string[];\n  pushed_authorization_request_endpoint: string;\n  request_parameter_supported: boolean;\n  request_uri_parameter_supported: boolean;\n  userinfo_endpoint: string;\n  claim_types_supported: string[];\n};\n\ntype LoginPostMessage = {\n  source: string;\n  type: string;\n  clientId: string;\n  data: {\n    url: string;\n  };\n};\nexport type {\n  LoginPostMessage,\n  AuthSessionService,\n  TokenService,\n  UserInfoService,\n  ResourceService,\n  AuthRequest,\n  Tokens,\n  Endpoints,\n  Config,\n  SessionData,\n  OIDCTokenResponseBody,\n  ParsedTokens,\n  BaseUser,\n  User,\n  DisplayMode,\n  UnknownObject,\n  EmptyObject,\n  ForwardedTokens,\n  ForwardedTokensJWT,\n  JWTPayload,\n  IdTokenPayload,\n  IdToken,\n  OpenIdConfiguration,\n};\n\nexport interface AuthStorage {\n  get(key: string): string | null;\n  set(key: string, value: string): void;\n}\n"]}

package/dist/src/utils.d.ts

@@ -1,15 +0,0 @@
-/**
- * Checks if a popup window is blocked by the browser.
- *
- * This function attempts to open a small popup window and then checks if it was successfully created.
- * If the popup is blocked by the browser, the function returns `true`. Otherwise, it returns `false`.
- *
- * @returns {boolean} - `true` if the popup is blocked, `false` otherwise.
- */
-declare const isPopupBlocked: () => boolean;
-type WithoutUndefined<T> = {
-    [K in keyof T as undefined extends T[K] ? never : K]: T[K];
-};
-export declare const withoutUndefined: <T extends { [K in keyof T]: unknown; }>(obj: T) => WithoutUndefined<T>;
-export { isPopupBlocked };
-//# sourceMappingURL=utils.d.ts.map

package/dist/src/utils.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,QAAA,MAAM,cAAc,QAAO,OAsB1B,CAAC;AAOF,KAAK,gBAAgB,CAAC,CAAC,IAAI;KACxB,CAAC,IAAI,MAAM,CAAC,IAAI,SAAS,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAC3D,CAAC;AACF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,GAAG,CAAY,IAAP,MAAM,CAAC,GAAG,OAAO,GAAE,OAC/D,CAAC,KACL,gBAAgB,CAAC,CAAC,CAapB,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,CAAC"}

package/dist/src/utils.js

@@ -1,43 +0,0 @@
-/**
- * Checks if a popup window is blocked by the browser.
- *
- * This function attempts to open a small popup window and then checks if it was successfully created.
- * If the popup is blocked by the browser, the function returns `true`. Otherwise, it returns `false`.
- *
- * @returns {boolean} - `true` if the popup is blocked, `false` otherwise.
- */
-const isPopupBlocked = () => {
-    // First we try to open a small popup window. It either returns a window object or null.
-    const popup = window.open("", "", "width=1,height=1");
-    // If window.open() returns null, popup is definitely blocked
-    if (!popup) {
-        return true;
-    }
-    try {
-        // Try to access a property of the popup to check if it's usable
-        if (typeof popup.closed === "undefined") {
-            throw new Error("Popup is blocked");
-        }
-    }
-    catch {
-        // Accessing the popup's properties throws an error if the popup is blocked
-        return true;
-    }
-    // Close the popup immediately if it was opened
-    popup.close();
-    return false;
-};
-export const withoutUndefined = (obj) => {
-    const result = {};
-    for (const key in obj) {
-        if (obj[key] !== undefined) {
-            // TypeScript needs assurance that key is a valid key in WithoutUndefined<T>
-            // We use type assertion here
-            // eslint-disable-next-line @typescript-eslint/no-explicit-any
-            result[key] = obj[key];
-        }
-    }
-    return result;
-};
-export { isPopupBlocked };
-//# sourceMappingURL=utils.js.map

package/dist/src/utils.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,MAAM,cAAc,GAAG,GAAY,EAAE;IACnC,wFAAwF;IACxF,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,kBAAkB,CAAC,CAAC;IAEtD,6DAA6D;IAC7D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,gEAAgE;QAChE,IAAI,OAAO,KAAK,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2EAA2E;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,+CAA+C;IAC/C,KAAK,CAAC,KAAK,EAAE,CAAC;IACd,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAUF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,GAAM,EACe,EAAE;IACvB,MAAM,MAAM,GAAG,EAAyB,CAAC;IAEzC,KAAK,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;QACtB,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;YAC3B,4EAA4E;YAC5E,6BAA6B;YAC7B,8DAA8D;YAC7D,MAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,CAAC","sourcesContent":["/**\n * Checks if a popup window is blocked by the browser.\n *\n * This function attempts to open a small popup window and then checks if it was successfully created.\n * If the popup is blocked by the browser, the function returns `true`. Otherwise, it returns `false`.\n *\n * @returns {boolean} - `true` if the popup is blocked, `false` otherwise.\n */\nconst isPopupBlocked = (): boolean => {\n  // First we try to open a small popup window. It either returns a window object or null.\n  const popup = window.open(\"\", \"\", \"width=1,height=1\");\n\n  // If window.open() returns null, popup is definitely blocked\n  if (!popup) {\n    return true;\n  }\n\n  try {\n    // Try to access a property of the popup to check if it's usable\n    if (typeof popup.closed === \"undefined\") {\n      throw new Error(\"Popup is blocked\");\n    }\n  } catch {\n    // Accessing the popup's properties throws an error if the popup is blocked\n    return true;\n  }\n\n  // Close the popup immediately if it was opened\n  popup.close();\n  return false;\n};\n\n// This type narrows T as far as it can by:\n// - removing all keys where the value is `undefined`\n// - making keys that are not undefined required\n// So, for example: given { a: string | undefined, b: string | undefined },\n// if you pass in { a: \"foo\" }, it returns an object of type: { a: string }\ntype WithoutUndefined<T> = {\n  [K in keyof T as undefined extends T[K] ? never : K]: T[K];\n};\nexport const withoutUndefined = <T extends { [K in keyof T]: unknown }>(\n  obj: T,\n): WithoutUndefined<T> => {\n  const result = {} as WithoutUndefined<T>;\n\n  for (const key in obj) {\n    if (obj[key] !== undefined) {\n      // TypeScript needs assurance that key is a valid key in WithoutUndefined<T>\n      // We use type assertion here\n      // eslint-disable-next-line @typescript-eslint/no-explicit-any\n      (result as any)[key] = obj[key];\n    }\n  }\n\n  return result;\n};\n\nexport { isPopupBlocked };\n"]}

package/dist/test/integration/sdk.test.d.ts

@@ -1,2 +0,0 @@
-import "@testing-library/jest-dom";
-//# sourceMappingURL=sdk.test.d.ts.map

package/dist/test/integration/sdk.test.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"sdk.test.d.ts","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAaA,OAAO,2BAA2B,CAAC"}

package/dist/test/integration/sdk.test.js

@@ -1,183 +0,0 @@
-import React from "react";
-import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
-import { OAuth2Client } from "oslo/oauth2";
-import { useAuth, useUser } from "@/reactjs/hooks/index.js";
-import { CivicAuthProvider } from "@/reactjs/providers/index.js";
-import { render, screen, act, fireEvent, waitFor, } from "@testing-library/react";
-import { describe, it, expect, beforeEach, vi, afterEach } from "vitest";
-import "@testing-library/jest-dom";
-import * as jose from "jose";
-import tokensFixture from "../support/tokens.json";
-import * as oauthLib from "@/lib/oauth.js";
-const validTokens = { ...tokensFixture.local.validTokens };
-// Mock Component to test OAuth flow with useAuth
-const MockOAuthComponent = () => {
-    const { signIn, isAuthenticated } = useAuth();
-    const { user } = useUser();
-    const handleLogin = async () => {
-        try {
-            await signIn("redirect");
-            alert("Login Redirect Initiated");
-        }
-        catch {
-            alert("Login Failed");
-        }
-    };
-    return (React.createElement("div", null,
-        React.createElement("button", { onClick: handleLogin }, "Login"),
-        user && (React.createElement("p", { "data-testid": "user-email" },
-            "User:",
-            user.email)),
-        isAuthenticated && (React.createElement("p", { "data-testid": "session" }, "Session authenticated:true"))));
-};
-describe("OAuth login", () => {
-    const clientId = "test-client-id";
-    let mockOAuth2Client;
-    let originalWindowLocation;
-    afterEach(vi.clearAllMocks);
-    vi.spyOn(oauthLib, "getOauthEndpoints").mockResolvedValue({
-        auth: "http://localhost:3001/oauth/auth",
-        token: "http://localhost:3001/oauth/token",
-        jwks: "http://localhost:3001/oauth/jwks",
-        userinfo: "http://localhost:3001/oauth/userinfo",
-    });
-    vi.mock("oslo/oauth2", () => ({
-        OAuth2Client: vi.fn(),
-        generateCodeVerifier: vi.fn(() => "mock-code-verifier"),
-        generateState: vi.fn(() => "mock-state"),
-    }));
-    vi.mock("jose", () => ({
-        jwtVerify: vi.fn(),
-        createRemoteJWKSet: vi.fn(),
-    }));
-    beforeEach(() => {
-        vi.clearAllMocks();
-        vi.resetModules();
-        // Setup mock implementations
-        mockOAuth2Client = {
-            createAuthorizationURL: vi.fn(),
-            validateAuthorizationCode: vi.fn(),
-            refreshAccessToken: vi.fn(),
-            clientId: "test-client-id",
-        };
-        vi.mocked(OAuth2Client).mockImplementation(() => mockOAuth2Client);
-        // Setup jose mocks
-        const mockJWKS = {
-            getKey: vi.fn().mockResolvedValue({ alg: "RS256" }),
-        };
-        vi.mocked(jose.createRemoteJWKSet).mockReturnValue(mockJWKS);
-        vi.mocked(jose.jwtVerify).mockResolvedValue({
-            payload: { sub: "user123", name: "Test User", email: "test@example.com" },
-            protectedHeader: { alg: "RS256" },
-        });
-        originalWindowLocation = window.location;
-        window.location = { href: "" };
-        global.alert = vi.fn();
-        // Mock window.open to prevent errors.
-        vi.spyOn(window, "open").mockReturnValue(null);
-    });
-    afterEach(() => {
-        window.location = originalWindowLocation;
-    });
-    it("should set the correct auth url for login with redirect", async () => {
-        const windowAssign = vi.fn();
-        const redirectUri = "http://localhost:3001/callback";
-        vi.mocked(mockOAuth2Client.createAuthorizationURL).mockResolvedValue(new URL("http://localhost:3001/oauth/auth?response_type=code&client_id=" +
-            clientId +
-            "&redirect_uri=" +
-            encodeURIComponent(redirectUri) +
-            "&scope=openid%20profile%20email&state=mock-state&code_challenge=mock-code-challenge&code_challenge_method=S256"));
-        window.location = {
-            ...originalWindowLocation,
-            assign: windowAssign,
-            replace: vi.fn(),
-            reload: vi.fn(),
-        };
-        const queryClient = new QueryClient();
-        render(React.createElement(QueryClientProvider, { client: queryClient },
-            React.createElement(CivicAuthProvider, { clientId: clientId, redirectUrl: redirectUri, config: {
-                    oauthServer: "http://localhost:3001",
-                } },
-                React.createElement(MockOAuthComponent, null))));
-        // Trigger the login button click, which initiates the OAuth flow
-        await act(async () => {
-            fireEvent.click(screen.getByText("Login"));
-        });
-        // Confirm that the sdk set the window.location.href to the auth url
-        const url = new URL(window.location.href);
-        expect(url.origin + url.pathname).toEqual("http://localhost:3001/oauth/auth");
-        expect(url.searchParams.get("response_type")).toEqual("code");
-        expect(url.searchParams.get("client_id")).toEqual(clientId);
-        expect(url.searchParams.get("redirect_uri")).toEqual(redirectUri);
-        expect(url.searchParams.get("scope")).toEqual("openid profile email");
-        expect(url.searchParams.get("state")).toBeTruthy(); // Ensure state is present
-        expect(url.searchParams.get("code_challenge")).toBeTruthy(); // Ensure code_challenge is present
-        expect(url.searchParams.get("code_challenge_method")).toEqual("S256");
-        expect(screen.queryByTestId("session")).not.toBeInTheDocument();
-    });
-    it("should initiate code exchange, validate tokens, and derive user from ID token", async () => {
-        const queryClient = new QueryClient();
-        const redirectUri = "http://localhost:3001/callback";
-        // Mock ID token with user information
-        const mockIdToken = validTokens.idToken;
-        const mockAccessToken = validTokens.accessToken;
-        // Mock oslo token exchange
-        const mockTokens = {
-            access_token: mockAccessToken,
-            id_token: mockIdToken,
-            refresh_token: "mock-refresh-token",
-            expires_in: 3600,
-        };
-        vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue(mockTokens);
-        // Prime storage and simulate redirect
-        await act(async () => {
-            localStorage.setItem("civic-auth:test-client-id", JSON.stringify({
-                authenticated: false,
-                state: "mock-state",
-                codeVerifier: "mock-code-verifier",
-                displayMode: "redirect",
-            }));
-            window.location.pathname = "test-pathName";
-            // Configure window.location to simulate redirect
-            Object.defineProperty(window, "location", {
-                value: {
-                    ...window.location,
-                    origin: "http://mock-origin",
-                },
-                writable: true,
-            });
-            window.location.href = `${redirectUri}?code=test-code&state=mock-state`;
-            // Render the AuthProvider with the mock OAuth component
-            render(React.createElement(QueryClientProvider, { client: queryClient },
-                React.createElement(CivicAuthProvider, { clientId: clientId, redirectUrl: redirectUri, config: {
-                        oauthServer: "http://localhost:3001",
-                    } },
-                    React.createElement(MockOAuthComponent, null))));
-        });
-        expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith("test-code", {
-            codeVerifier: "mock-code-verifier",
-        });
-        // Check that jose.jwtVerify was called for id_token validation
-        await waitFor(() => {
-            expect(jose.jwtVerify).toHaveBeenCalledWith(mockIdToken, expect.any(Object), {
-                issuer: ["http://localhost:3001", "http://localhost:3001/"],
-                audience: clientId,
-            });
-        });
-        // Check that jose.jwtVerify was called for access_token validation
-        await waitFor(() => {
-            expect(jose.jwtVerify).toHaveBeenCalledWith(mockAccessToken, expect.any(Object), {
-                issuer: ["http://localhost:3001", "http://localhost:3001/"],
-            });
-        });
-        // Check that the authenticated flag is set in the session
-        await waitFor(() => {
-            expect(screen.queryByTestId("session")).toHaveTextContent("Session authenticated:true");
-        });
-        // Check that the user info derived from the ID token is displayed
-        await waitFor(() => {
-            expect(screen.queryByTestId("user-email")).toHaveTextContent("User:ghost@civic.com");
-        });
-    });
-});
-//# sourceMappingURL=sdk.test.js.map

package/dist/test/integration/sdk.test.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"sdk.test.js","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EACL,MAAM,EACN,MAAM,EACN,GAAG,EACH,SAAS,EACT,OAAO,GACR,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,2BAA2B,CAAC;AACnC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,aAAa,MAAM,wBAAwB,CAAC;AACnD,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C,MAAM,WAAW,GAAG,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;AAC3D,iDAAiD;AACjD,MAAM,kBAAkB,GAAG,GAAG,EAAE;IAC9B,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,OAAO,EAAE,CAAC;IAC9C,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,EAAE,CAAC;IAE3B,MAAM,WAAW,GAAG,KAAK,IAAI,EAAE;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;YACzB,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,KAAK,CAAC,cAAc,CAAC,CAAC;QACxB,CAAC;IACH,CAAC,CAAC;IAEF,OAAO,CACL;QACE,gCAAQ,OAAO,EAAE,WAAW,YAAgB;QAC3C,IAAI,IAAI,CACP,0CAAe,YAAY;;YAExB,IAAI,CAAC,KAAK,CACT,CACL;QACA,eAAe,IAAI,CAClB,0CAAe,SAAS,iCAA+B,CACxD,CACG,CACP,CAAC;AACJ,CAAC,CAAC;AAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,IAAI,gBAA8B,CAAC;IACnC,IAAI,sBAAgC,CAAC;IACrC,SAAS,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;IAE5B,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC,iBAAiB,CAAC;QACxD,IAAI,EAAE,kCAAkC;QACxC,KAAK,EAAE,mCAAmC;QAC1C,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,sCAAsC;KACjD,CAAC,CAAC;IACH,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;QAC5B,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;QACrB,oBAAoB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;QACvD,aAAa,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;KACzC,CAAC,CAAC,CAAC;IAEJ,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACrB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;KAC5B,CAAC,CAAC,CAAC;IAEJ,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,YAAY,EAAE,CAAC;QAElB,6BAA6B;QAC7B,gBAAgB,GAAG;YACjB,sBAAsB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC/B,yBAAyB,EAAE,EAAE,CAAC,EAAE,EAAE;YAClC,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,QAAQ,EAAE,gBAAgB;SACA,CAAC;QAC7B,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,QAAQ,GAAG;YACf,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpD,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,eAAe,CAAC,QAAe,CAAC,CAAC;QACpE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC;YAC1C,OAAO,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE;YACzE,eAAe,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE;SACmB,CAAC,CAAC;QAExD,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC;QACzC,MAAM,CAAC,QAAQ,GAAG,EAAE,IAAI,EAAE,EAAE,EAAc,CAAC;QAC3C,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACvB,sCAAsC;QACtC,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,CAAC,QAAQ,GAAG,sBAAsB,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,gCAAgC,CAAC;QAErD,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CAClE,IAAI,GAAG,CACL,gEAAgE;YAC9D,QAAQ;YACR,gBAAgB;YAChB,kBAAkB,CAAC,WAAW,CAAC;YAC/B,gHAAgH,CACnH,CACF,CAAC;QAEF,MAAM,CAAC,QAAQ,GAAG;YAChB,GAAG,sBAAsB;YACzB,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,EAAE,CAAC,EAAE,EAAE;YAChB,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;SAChB,CAAC;QAEF,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;QACtC,MAAM,CACJ,oBAAC,mBAAmB,IAAC,MAAM,EAAE,WAAW;YACtC,oBAAC,iBAAiB,IAChB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;oBACN,WAAW,EAAE,uBAAuB;iBACrC;gBAED,oBAAC,kBAAkB,OAAG,CACJ,CACA,CACvB,CAAC;QAEF,iEAAiE;QACjE,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,oEAAoE;QACpE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,OAAO,CACvC,kCAAkC,CACnC,CAAC;QACF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC9D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC5D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAClE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;QACtE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,0BAA0B;QAC9E,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,mCAAmC;QAChG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtE,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+EAA+E,EAAE,KAAK,IAAI,EAAE;QAC7F,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;QACtC,MAAM,WAAW,GAAG,gCAAgC,CAAC;QAErD,sCAAsC;QACtC,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC;QACxC,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,CAAC;QAEhD,2BAA2B;QAC3B,MAAM,UAAU,GAAG;YACjB,YAAY,EAAE,eAAe;YAC7B,QAAQ,EAAE,WAAW;YACrB,aAAa,EAAE,oBAAoB;YACnC,UAAU,EAAE,IAAI;SACjB,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,iBAAiB,CACrE,UAAU,CACX,CAAC;QAEF,sCAAsC;QACtC,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,YAAY,CAAC,OAAO,CAClB,2BAA2B,EAC3B,IAAI,CAAC,SAAS,CAAC;gBACb,aAAa,EAAE,KAAK;gBACpB,KAAK,EAAE,YAAY;gBACnB,YAAY,EAAE,oBAAoB;gBAClC,WAAW,EAAE,UAAU;aACxB,CAAC,CACH,CAAC;YACF,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,eAAe,CAAC;YAE3C,iDAAiD;YACjD,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,UAAU,EAAE;gBACxC,KAAK,EAAE;oBACL,GAAG,MAAM,CAAC,QAAQ;oBAClB,MAAM,EAAE,oBAAoB;iBAC7B;gBACD,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,WAAW,kCAAkC,CAAC;YAExE,wDAAwD;YACxD,MAAM,CACJ,oBAAC,mBAAmB,IAAC,MAAM,EAAE,WAAW;gBACtC,oBAAC,iBAAiB,IAChB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;wBACN,WAAW,EAAE,uBAAuB;qBACrC;oBAED,oBAAC,kBAAkB,OAAG,CACJ,CACA,CACvB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,oBAAoB,CACrE,WAAW,EACX;YACE,YAAY,EAAE,oBAAoB;SACnC,CACF,CAAC;QAEF,+DAA+D;QAC/D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,WAAW,EACX,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;gBAC3D,QAAQ,EAAE,QAAQ;aACnB,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,mEAAmE;QACnE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,eAAe,EACf,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;aAC5D,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,0DAA0D;QAC1D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CACvD,4BAA4B,CAC7B,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,kEAAkE;QAClE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,iBAAiB,CAC1D,sBAAsB,CACvB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import React from \"react\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { useAuth, useUser } from \"@/reactjs/hooks/index.js\";\nimport { CivicAuthProvider } from \"@/reactjs/providers/index.js\";\nimport {\n  render,\n  screen,\n  act,\n  fireEvent,\n  waitFor,\n} from \"@testing-library/react\";\nimport { describe, it, expect, beforeEach, vi, afterEach } from \"vitest\";\nimport \"@testing-library/jest-dom\";\nimport * as jose from \"jose\";\nimport tokensFixture from \"../support/tokens.json\";\nimport * as oauthLib from \"@/lib/oauth.js\";\nimport type { JWTVerifyResult, ResolvedKey } from \"jose\";\n\nconst validTokens = { ...tokensFixture.local.validTokens };\n// Mock Component to test OAuth flow with useAuth\nconst MockOAuthComponent = () => {\n  const { signIn, isAuthenticated } = useAuth();\n  const { user } = useUser();\n\n  const handleLogin = async () => {\n    try {\n      await signIn(\"redirect\");\n      alert(\"Login Redirect Initiated\");\n    } catch {\n      alert(\"Login Failed\");\n    }\n  };\n\n  return (\n    <div>\n      <button onClick={handleLogin}>Login</button>\n      {user && (\n        <p data-testid=\"user-email\">\n          User:\n          {user.email}\n        </p>\n      )}\n      {isAuthenticated && (\n        <p data-testid=\"session\">Session authenticated:true</p>\n      )}\n    </div>\n  );\n};\n\ndescribe(\"OAuth login\", () => {\n  const clientId = \"test-client-id\";\n  let mockOAuth2Client: OAuth2Client;\n  let originalWindowLocation: Location;\n  afterEach(vi.clearAllMocks);\n\n  vi.spyOn(oauthLib, \"getOauthEndpoints\").mockResolvedValue({\n    auth: \"http://localhost:3001/oauth/auth\",\n    token: \"http://localhost:3001/oauth/token\",\n    jwks: \"http://localhost:3001/oauth/jwks\",\n    userinfo: \"http://localhost:3001/oauth/userinfo\",\n  });\n  vi.mock(\"oslo/oauth2\", () => ({\n    OAuth2Client: vi.fn(),\n    generateCodeVerifier: vi.fn(() => \"mock-code-verifier\"),\n    generateState: vi.fn(() => \"mock-state\"),\n  }));\n\n  vi.mock(\"jose\", () => ({\n    jwtVerify: vi.fn(),\n    createRemoteJWKSet: vi.fn(),\n  }));\n\n  beforeEach(() => {\n    vi.clearAllMocks();\n    vi.resetModules();\n\n    // Setup mock implementations\n    mockOAuth2Client = {\n      createAuthorizationURL: vi.fn(),\n      validateAuthorizationCode: vi.fn(),\n      refreshAccessToken: vi.fn(),\n      clientId: \"test-client-id\",\n    } as unknown as OAuth2Client;\n    vi.mocked(OAuth2Client).mockImplementation(() => mockOAuth2Client);\n\n    // Setup jose mocks\n    const mockJWKS = {\n      getKey: vi.fn().mockResolvedValue({ alg: \"RS256\" }),\n    };\n    vi.mocked(jose.createRemoteJWKSet).mockReturnValue(mockJWKS as any);\n    vi.mocked(jose.jwtVerify).mockResolvedValue({\n      payload: { sub: \"user123\", name: \"Test User\", email: \"test@example.com\" },\n      protectedHeader: { alg: \"RS256\" },\n    } as unknown as JWTVerifyResult<unknown> & ResolvedKey);\n\n    originalWindowLocation = window.location;\n    window.location = { href: \"\" } as Location;\n    global.alert = vi.fn();\n    // Mock window.open to prevent errors.\n    vi.spyOn(window, \"open\").mockReturnValue(null);\n  });\n\n  afterEach(() => {\n    window.location = originalWindowLocation;\n  });\n\n  it(\"should set the correct auth url for login with redirect\", async () => {\n    const windowAssign = vi.fn();\n    const redirectUri = \"http://localhost:3001/callback\";\n\n    vi.mocked(mockOAuth2Client.createAuthorizationURL).mockResolvedValue(\n      new URL(\n        \"http://localhost:3001/oauth/auth?response_type=code&client_id=\" +\n          clientId +\n          \"&redirect_uri=\" +\n          encodeURIComponent(redirectUri) +\n          \"&scope=openid%20profile%20email&state=mock-state&code_challenge=mock-code-challenge&code_challenge_method=S256\",\n      ),\n    );\n\n    window.location = {\n      ...originalWindowLocation,\n      assign: windowAssign,\n      replace: vi.fn(),\n      reload: vi.fn(),\n    };\n\n    const queryClient = new QueryClient();\n    render(\n      <QueryClientProvider client={queryClient}>\n        <CivicAuthProvider\n          clientId={clientId}\n          redirectUrl={redirectUri}\n          config={{\n            oauthServer: \"http://localhost:3001\",\n          }}\n        >\n          <MockOAuthComponent />\n        </CivicAuthProvider>\n      </QueryClientProvider>,\n    );\n\n    // Trigger the login button click, which initiates the OAuth flow\n    await act(async () => {\n      fireEvent.click(screen.getByText(\"Login\"));\n    });\n\n    // Confirm that the sdk set the window.location.href to the auth url\n    const url = new URL(window.location.href);\n    expect(url.origin + url.pathname).toEqual(\n      \"http://localhost:3001/oauth/auth\",\n    );\n    expect(url.searchParams.get(\"response_type\")).toEqual(\"code\");\n    expect(url.searchParams.get(\"client_id\")).toEqual(clientId);\n    expect(url.searchParams.get(\"redirect_uri\")).toEqual(redirectUri);\n    expect(url.searchParams.get(\"scope\")).toEqual(\"openid profile email\");\n    expect(url.searchParams.get(\"state\")).toBeTruthy(); // Ensure state is present\n    expect(url.searchParams.get(\"code_challenge\")).toBeTruthy(); // Ensure code_challenge is present\n    expect(url.searchParams.get(\"code_challenge_method\")).toEqual(\"S256\");\n    expect(screen.queryByTestId(\"session\")).not.toBeInTheDocument();\n  });\n\n  it(\"should initiate code exchange, validate tokens, and derive user from ID token\", async () => {\n    const queryClient = new QueryClient();\n    const redirectUri = \"http://localhost:3001/callback\";\n\n    // Mock ID token with user information\n    const mockIdToken = validTokens.idToken;\n    const mockAccessToken = validTokens.accessToken;\n\n    // Mock oslo token exchange\n    const mockTokens = {\n      access_token: mockAccessToken,\n      id_token: mockIdToken,\n      refresh_token: \"mock-refresh-token\",\n      expires_in: 3600,\n    };\n    vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue(\n      mockTokens,\n    );\n\n    // Prime storage and simulate redirect\n    await act(async () => {\n      localStorage.setItem(\n        \"civic-auth:test-client-id\",\n        JSON.stringify({\n          authenticated: false,\n          state: \"mock-state\",\n          codeVerifier: \"mock-code-verifier\",\n          displayMode: \"redirect\",\n        }),\n      );\n      window.location.pathname = \"test-pathName\";\n\n      // Configure window.location to simulate redirect\n      Object.defineProperty(window, \"location\", {\n        value: {\n          ...window.location,\n          origin: \"http://mock-origin\",\n        },\n        writable: true,\n      });\n      window.location.href = `${redirectUri}?code=test-code&state=mock-state`;\n\n      // Render the AuthProvider with the mock OAuth component\n      render(\n        <QueryClientProvider client={queryClient}>\n          <CivicAuthProvider\n            clientId={clientId}\n            redirectUrl={redirectUri}\n            config={{\n              oauthServer: \"http://localhost:3001\",\n            }}\n          >\n            <MockOAuthComponent />\n          </CivicAuthProvider>\n        </QueryClientProvider>,\n      );\n    });\n\n    expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith(\n      \"test-code\",\n      {\n        codeVerifier: \"mock-code-verifier\",\n      },\n    );\n\n    // Check that jose.jwtVerify was called for id_token validation\n    await waitFor(() => {\n      expect(jose.jwtVerify).toHaveBeenCalledWith(\n        mockIdToken,\n        expect.any(Object),\n        {\n          issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n          audience: clientId,\n        },\n      );\n    });\n\n    // Check that jose.jwtVerify was called for access_token validation\n    await waitFor(() => {\n      expect(jose.jwtVerify).toHaveBeenCalledWith(\n        mockAccessToken,\n        expect.any(Object),\n        {\n          issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n        },\n      );\n    });\n\n    // Check that the authenticated flag is set in the session\n    await waitFor(() => {\n      expect(screen.queryByTestId(\"session\")).toHaveTextContent(\n        \"Session authenticated:true\",\n      );\n    });\n\n    // Check that the user info derived from the ID token is displayed\n    await waitFor(() => {\n      expect(screen.queryByTestId(\"user-email\")).toHaveTextContent(\n        \"User:ghost@civic.com\",\n      );\n    });\n  });\n});\n"]}

package/dist/test/support/fixtures.d.ts

@@ -1,26 +0,0 @@
-declare const oauthWellKnownResponse: {
-    authorization_endpoint: string;
-    claims_parameter_supported: boolean;
-    claims_supported: string[];
-    code_challenge_methods_supported: string[];
-    end_session_endpoint: string;
-    grant_types_supported: string[];
-    issuer: string;
-    jwks_uri: string;
-    authorization_response_iss_parameter_supported: boolean;
-    response_modes_supported: string[];
-    response_types_supported: string[];
-    scopes_supported: string[];
-    subject_types_supported: string[];
-    token_endpoint_auth_methods_supported: string[];
-    token_endpoint_auth_signing_alg_values_supported: string[];
-    token_endpoint: string;
-    id_token_signing_alg_values_supported: string[];
-    pushed_authorization_request_endpoint: string;
-    request_parameter_supported: boolean;
-    request_uri_parameter_supported: boolean;
-    userinfo_endpoint: string;
-    claim_types_supported: string[];
-};
-export { oauthWellKnownResponse };
-//# sourceMappingURL=fixtures.d.ts.map

package/dist/test/support/fixtures.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"fixtures.d.ts","sourceRoot":"","sources":["../../../test/support/fixtures.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;CAqD3B,CAAC;AAEF,OAAO,EAAE,sBAAsB,EAAE,CAAC"}

package/dist/test/support/fixtures.js

@@ -1,55 +0,0 @@
-const oauthWellKnownResponse = {
-    authorization_endpoint: "https://auth-dev.civic.com/oauth/auth",
-    claims_parameter_supported: false,
-    claims_supported: [
-        "sub",
-        "forwardedTokens",
-        "email",
-        "name",
-        "family_name",
-        "picture",
-        "login_method",
-        "sid",
-        "auth_time",
-        "iss",
-    ],
-    code_challenge_methods_supported: ["S256"],
-    end_session_endpoint: "https://auth-dev.civic.com/oauth/session/end",
-    grant_types_supported: ["implicit", "authorization_code", "refresh_token"],
-    issuer: "https://auth-dev.civic.com/oauth/",
-    jwks_uri: "https://auth-dev.civic.com/oauth/jwks",
-    authorization_response_iss_parameter_supported: true,
-    response_modes_supported: ["form_post", "fragment", "query"],
-    response_types_supported: ["code id_token", "code", "id_token", "none"],
-    scopes_supported: [
-        "openid",
-        "offline_access",
-        "forwardedTokens",
-        "email",
-        "profile",
-    ],
-    subject_types_supported: ["public"],
-    token_endpoint_auth_methods_supported: [
-        "client_secret_basic",
-        "client_secret_jwt",
-        "client_secret_post",
-        "private_key_jwt",
-        "none",
-    ],
-    token_endpoint_auth_signing_alg_values_supported: [
-        "HS256",
-        "RS256",
-        "PS256",
-        "ES256",
-        "EdDSA",
-    ],
-    token_endpoint: "https://auth-dev.civic.com/oauth/token",
-    id_token_signing_alg_values_supported: ["PS256", "RS256"],
-    pushed_authorization_request_endpoint: "https://auth-dev.civic.com/oauth/request",
-    request_parameter_supported: false,
-    request_uri_parameter_supported: false,
-    userinfo_endpoint: "https://auth-dev.civic.com/oauth/me",
-    claim_types_supported: ["normal"],
-};
-export { oauthWellKnownResponse };
-//# sourceMappingURL=fixtures.js.map

package/dist/test/support/fixtures.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"fixtures.js","sourceRoot":"","sources":["../../../test/support/fixtures.ts"],"names":[],"mappings":"AAAA,MAAM,sBAAsB,GAAG;IAC7B,sBAAsB,EAAE,uCAAuC;IAC/D,0BAA0B,EAAE,KAAK;IACjC,gBAAgB,EAAE;QAChB,KAAK;QACL,iBAAiB;QACjB,OAAO;QACP,MAAM;QACN,aAAa;QACb,SAAS;QACT,cAAc;QACd,KAAK;QACL,WAAW;QACX,KAAK;KACN;IACD,gCAAgC,EAAE,CAAC,MAAM,CAAC;IAC1C,oBAAoB,EAAE,8CAA8C;IACpE,qBAAqB,EAAE,CAAC,UAAU,EAAE,oBAAoB,EAAE,eAAe,CAAC;IAC1E,MAAM,EAAE,mCAAmC;IAC3C,QAAQ,EAAE,uCAAuC;IACjD,8CAA8C,EAAE,IAAI;IACpD,wBAAwB,EAAE,CAAC,WAAW,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5D,wBAAwB,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACvE,gBAAgB,EAAE;QAChB,QAAQ;QACR,gBAAgB;QAChB,iBAAiB;QACjB,OAAO;QACP,SAAS;KACV;IACD,uBAAuB,EAAE,CAAC,QAAQ,CAAC;IACnC,qCAAqC,EAAE;QACrC,qBAAqB;QACrB,mBAAmB;QACnB,oBAAoB;QACpB,iBAAiB;QACjB,MAAM;KACP;IACD,gDAAgD,EAAE;QAChD,OAAO;QACP,OAAO;QACP,OAAO;QACP,OAAO;QACP,OAAO;KACR;IACD,cAAc,EAAE,wCAAwC;IACxD,qCAAqC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;IACzD,qCAAqC,EACnC,0CAA0C;IAC5C,2BAA2B,EAAE,KAAK;IAClC,+BAA+B,EAAE,KAAK;IACtC,iBAAiB,EAAE,qCAAqC;IACxD,qBAAqB,EAAE,CAAC,QAAQ,CAAC;CAClC,CAAC;AAEF,OAAO,EAAE,sBAAsB,EAAE,CAAC","sourcesContent":["const oauthWellKnownResponse = {\n  authorization_endpoint: \"https://auth-dev.civic.com/oauth/auth\",\n  claims_parameter_supported: false,\n  claims_supported: [\n    \"sub\",\n    \"forwardedTokens\",\n    \"email\",\n    \"name\",\n    \"family_name\",\n    \"picture\",\n    \"login_method\",\n    \"sid\",\n    \"auth_time\",\n    \"iss\",\n  ],\n  code_challenge_methods_supported: [\"S256\"],\n  end_session_endpoint: \"https://auth-dev.civic.com/oauth/session/end\",\n  grant_types_supported: [\"implicit\", \"authorization_code\", \"refresh_token\"],\n  issuer: \"https://auth-dev.civic.com/oauth/\",\n  jwks_uri: \"https://auth-dev.civic.com/oauth/jwks\",\n  authorization_response_iss_parameter_supported: true,\n  response_modes_supported: [\"form_post\", \"fragment\", \"query\"],\n  response_types_supported: [\"code id_token\", \"code\", \"id_token\", \"none\"],\n  scopes_supported: [\n    \"openid\",\n    \"offline_access\",\n    \"forwardedTokens\",\n    \"email\",\n    \"profile\",\n  ],\n  subject_types_supported: [\"public\"],\n  token_endpoint_auth_methods_supported: [\n    \"client_secret_basic\",\n    \"client_secret_jwt\",\n    \"client_secret_post\",\n    \"private_key_jwt\",\n    \"none\",\n  ],\n  token_endpoint_auth_signing_alg_values_supported: [\n    \"HS256\",\n    \"RS256\",\n    \"PS256\",\n    \"ES256\",\n    \"EdDSA\",\n  ],\n  token_endpoint: \"https://auth-dev.civic.com/oauth/token\",\n  id_token_signing_alg_values_supported: [\"PS256\", \"RS256\"],\n  pushed_authorization_request_endpoint:\n    \"https://auth-dev.civic.com/oauth/request\",\n  request_parameter_supported: false,\n  request_uri_parameter_supported: false,\n  userinfo_endpoint: \"https://auth-dev.civic.com/oauth/me\",\n  claim_types_supported: [\"normal\"],\n};\n\nexport { oauthWellKnownResponse };\n"]}

package/dist/test/support/tokens.json

@@ -1,26 +0,0 @@
-{
-    "local": {
-        "validTokens": {
-            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImNpdmljLWF1dGgtdG9rZW4tc2lnbmVyLWtleSJ9.eyJzdWIiOiIzMzZmNDQ1Zi1hZjcxLTQxYzYtODNlZC00NjJhY2ZiNTU1YjYiLCJlbWFpbCI6Imdob3N0QGNpdmljLmNvbSIsImZvcndhcmRlZFRva2VucyI6eyJkdW1teSI6eyJhY2Nlc3NfdG9rZW4iOiIiLCJleHBpcmVzX2luIjozNjAwLCJpZF90b2tlbiI6ImV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNJc0ltdHBaQ0k2SW10bGVYTjBiM0psTFVOSVFVNUhSUzFOUlNKOS5leUp6ZFdJaU9pSjBaWE4wSWl3aVlYUmZhR0Z6YUNJNklrcEdVbkZRZUhsZmJGYzFVaTFIV0dabE9Ia3lja0VpTENKaGRXUWlPaUp0ZVMxamJHbGxiblFpTENKbGVIQWlPakUzTWprd05qZ3hOVFVzSW1saGRDSTZNVGN5T1RBMk5EVTFOU3dpYVhOeklqb2lhSFIwY0RvdkwyeHZZMkZzYUc5emREbzVNRGt3SW4wLm11TGg2T2s0YVIyb0V3RC1yUFZXck5RY24xMFZqSjVmN0hUUHVNSk50NFBFVUEyVkttZnRKdHdEOXB5WVVNUngybkhHaWRIMVIyemhwbUpWclVUaDl4SDVpNkQxckx5VHA2UXFTbm9RQ1lYTFA3bzdJRWdLcTkta1R0TUhWS2t1LU1qX2FvNk05TUFaN3llYnpCR3dJcHVYcFRZY3JwMC1EQVZLSW94LVV1b0lfSkljbURWSExtbjJfUEhMZ0Z1Y3ctMTlVZFgyYUlTM19kSDRqQ01CLXp4Y0xGTmV6SlVfV1BRVTNYUEhyQk83M3lMWTU2NmEyb1RVczV3Tkh4bWJKOXdBWXJSRHJSQVBrcml2R2s1WEhNSG5RX21OUlUxNGhSc2N3Y25vOC1NZnNlZlRHc1JsbDdSRXpiaUFWUzZjY2hHV0ItVXJJWk92R0p6UjFlZGRjQSIsInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgZW1haWwiLCJ0b2tlbl90eXBlIjoiQmVhcmVyIn19LCJub25jZSI6IjEyMzQ1Njc4OTAiLCJhdF9oYXNoIjoiVFZjelNRMERIeElHY2t1VzducDYydyIsImF1ZCI6ImRlbW8tY2xpZW50LTEiLCJleHAiOjE3MjkwNjgxNTYsImlhdCI6MTcyOTA2NDU1NiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDozMDAxIn0.NNvOtkls3wjivcCWYanqWr8_cHzf7by2_6mSF_qeNqJ8zt7ZPmKh2R6WbnrlYVsym0sMYueR9m_bDGsNZNrwXGPABz4ff7TV5LH8LO1W_fdPemMBlIDdRwc0DZx7BUIKqwvciQ1lHx-2xv-6gH7TZVX7Dwvv-zArLpLkmzrec4EV0Wyn-WYAZFqMMpPvEUCCxkp_AWMh9P8ax3ExSHPAMu5_skJo1nJTK5lri3DNU31IuXvLz2JFYusDViFDwu5wx_TSC1S-hsRQd_aK_wGGifqfuwuGRX43ZEDqRcB5lgBAfc8v1kxYu5HhF07C63zMLZjJg66pGBHwNWp5r-Q4K-2xBXDU6TP-4YYikvwqIOjlRiz_RP_kEBrioqNRvwk8SU2laJ7g7st_4q86RiXPS4uN31o5eDSCiM5dd0OdC2IUZorC5pMym-IzuHEJhWr68psczj3dUKxbLbuoH-827CQt-8Vv8znfS7ck8I0YDXjVSKhBYXoCnzXpwJ-c9OcPIbquTQrqeogGqTlA6Nt-23rC7Ave8xOcRQZrJ1Ec5c5eD_4MoSYw3q90b6AT6U3tY3ewYQMdg4Ro9x-hFu7uCuurDZgnyugpM7dBATaFfR3ar9nRtdMyPrU2LhEeZS2iwSvP7wuWJpIkjxFy3znFrsFBTa_WbD0BJSOfl1j5G94",
-            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6ImF0K2p3dCIsImtpZCI6ImNpdmljLWF1dGgtdG9rZW4tc2lnbmVyLWtleSJ9.eyJqdGkiOiJjS2xCVW1jZW0tVjE3RzM4N1AyTUIiLCJzdWIiOiIzMzZmNDQ1Zi1hZjcxLTQxYzYtODNlZC00NjJhY2ZiNTU1YjYiLCJpYXQiOjE3MjkwNjQ1NTYsImV4cCI6MTcyOTA2ODE1NiwiY2xpZW50X2lkIjoiZGVtby1jbGllbnQtMSIsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6MzAwMSIsImF1ZCI6ImNpdmljIn0.gsX--7GtdF1JYQi5Spt6GfcvZ_8EZxkpO8GljfoXJw-cRYhP98-w9IADZBn87ekH914pnUTxp1x_oLhTWGBrR_yMsHRYim_gkVv8t-dnOEAR4IzDByG7kd58TM_blbY-yma0Cb-O3XRGgrdkvw2PjMeHfTSl3tlYx0c47PS8WegOkYkQcfyPUUNEsUFA8e5qzmkMCdwFWHaox-fQaaNpFrO0wCRWOvYr3vFnrLU87Ds7AOaurZUYaFgxqcMsg3zhZXB2pslqS2p9pmQO3Yi0m8-ntX5P18TWX6oOdBbOLqJX3R5s2GAAm9tYJOeBz-JpTucmn4OaL3OyJvIZqM-7EAVtHdnVYUjzGarNu4_b-rcj66mkSNBbquqjAmRBQ5nnRMkmWZxkf6BKgOwmuONLaU4soZEc_AUNtcKIRzbYmBvrgBlPZr5lvkSKIynKlDCbhsB7O_yBRijVesQrau5ReUcXdbJMRj1U5goBnWXV8y8xZFVKwJvx5WdQVUz2tjmtTO8xMK0ORcWdJShIzlhvQrUsjuiFKWytlbRckIdrllsNLfTFbIvQLa9Pmi-FgrJtm-wD3RoHlNgtjGiHjN-YfWCauTcSn9Xd8TbjIc8D43LuRR2Oh3c78GrEVerbnmTjXh6UFZ6ZXkrkarVst8KQMtPiUo9_DdtJP6ghXLXdo6A"
-        },
-        "expiredTokens": {
-            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjoxNjk3OTU5OTI1LCJpYXQiOjE2NjY0MjM5MjUsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyJ9.MO0IdxEyNiOq4E5QdtpfSbnXQKiN8euC2ac0E0VWggUP4o5yoz29gqAzETP_omvOBfOn4hJjXTDPGqKXKg-Lz-oLdzF71aztskCerwDuB5PdqyCGMS9Qa2j40FTJ7RkuBG9PISUpGWYfZ28q7u94h8GyWtqRtPAF2aPD1rvckk-WTXLeMqEWtfEy0yCJ4MvEwp6MUgeb7EwRKUZ_cuVCE5Xm8rNebO9b2I3Jqdg8cNNyAxEYkWERBcfFtOfaQYD_8DNJvpNpJvZXAowaab7dzNgGBAxhTQ7s4S9h-Ly2nQIAIpbff_A4baI6rOqWfFxdzrxcFt34x0S_90Z3MXNziAb-ocG0WkPewRm0hvrF4E-zFTM4guTvtol0cKw9qWLb_JE-Idm9Zq-abkOS6FvM2E0j1iqKjT1GqM_EhOdIMzOidqxlls5v2UaaJ34PvR_1yTopm6Lguhr6uX3CW_F4A5tGAxsReeUDdGQAhkPYqZp8zjPUxjCA3cJEnMSGWHgqiBJ5lCLeH-SaccT828pSqYL8FrN0Qts3ILaElVVECHiWhN90lGaBSPw8pn19odH70wH651C2eonWKAKQMpNheGmyjrGE8n0jPwz-p-8ISp5H793wlWiTH2ay33METj0Vbgg-G1p1xcWD5WR4X-uyH1f-iNupvVNYn8mf0iPxM-I",
-            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJleHAiOjE2OTc5NTk5MjUsImlhdCI6MTY2NjQyMzkyNSwiY2xpZW50X2lkIjoiZGVtby1jbGllbnQtMSIsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyIsImF1ZCI6ImNpdmljIn0.HxnjNL8P7K0WHoCQXpvbxtu_yTrcdudj4GI4fjQZEoVXJ14IkssKUa3aJGWZ2vJkxqIogoLmywYFBjvLZqcc1vo3Q-aLlVEb7EkjsQU4Qo8BMsJ0ZS2_4cDewt9WBUrMA-fDy3UwgoxHlM5OCjQ5lKAPLLm2FJDJ-djFOf_z0le9FOZ4MqkU7u_lc57e0jdCwSZmIRIU5DPX90jh-p2r8OxBwRorjAwuiiu59wTtYyEpfdicSwb7mM7hM6nFp-zl14ogWGCiW20_Lx0sz-1EfzUgw-rH2xW5R_QDUQtHJ15Pq0mtck77i608y2IElnQgwYlmSmn7gpSUoNB7Bh7cBckRfV1YHh8CoReQOKjtfCbhZYVdFDuuUaIEYmI_E9W-C4BKWJkdtX3kCy576jCx15-N7VBzVYIpkOVHHeZdRkMLVJCts2W84it0lCXgMg7KfOcuv8Lzqj_IrSBmP6jgKiOhWJ0eWQLrKGBKOS5IxhK6kyQjZSKy8Yj-N_iBt1PP4e-EWBL2jlQ81ycm4_qgUmiADryUVRchUUAyT-y5TD_LTb2gu-7h_ElKFJ_9scWjxn-SguJi2ObYaFqTes9cNtMFLP3mi9wHhlCngb5_Bw1goV0XHR1H-PSX-XOQ0MzTK7KA8uT1PHbRCsHEFkjMaZgWEwfxTqXVt2LzT6PH_Qs"
-        }
-    },
-    "dev": {
-        "validTokens": {
-            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjozMjUyODU5NDc1NCwiaWF0IjoxNzI5MDY2NTY4LCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8ifQ.vRQtCQqzV_m62rClHrOtiV7C2zBDOp6h51IgPvlX4-z9x5BDmgckZpNfxPo-Skl7Un5HwTmnqfEyrdsIUScI86Nf_jVt6oEwM1YE2PwygHPW6oE4-Nlipcpll7zNaQQTBVpfuz1bEC7xRqM3quH-RT_hEB4em8YrN0uIBtPrBJ3JpzSnjrLkdziLiSQbejYMLM69WCRCc0pT1V8oBRWxq3fd6s71ajZ8X-KIf5p5Nc24FzidK6X3Yb7pD9sq8BlqbGIDpdXJXNCPJz8kpN9AiggAJUpYeNV2zi0rm5O5-C8UHwOVkAd7SCc_rBxoUxJ9K8B_RX3mo0wKzjY_BVLrvba4R9Nbl5JYkaWPnvKaZDEebjdb3eHdljeomEtP1uYNOqTGqY0Pj8312WNjC6-HtDQFevzmZKYqLtExGuGMuj81V9QUO_SAWzPKZ_wgscJzdR_lFgCqL2uOE0CL6LcnXefyqiMMtsIh2BuBKBJHzCmBf26ezaOuR_hRH4wbJ2rawiqSInhwedeHC1MoVsEWcjealUJspWCfbTqGF-ewTmRAvXffkNjOiQNtclt63ap9gbE89tsNlG_TFICbHFAbn4rNTq6e1gpgke1Ouf9ex1UXrZb9HdfeN5o9-7IsPlEWblkxDKxqcj6YAukETfW7wYzt4tV_sxqO_uxiHhczRU8",
-            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJpYXQiOjE3MjkwNjY1NjgsImV4cCI6MzI1Mjg1OTQ3NTQsImNsaWVudF9pZCI6ImRlbW8tY2xpZW50LTEiLCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8iLCJhdWQiOiJjaXZpYyJ9.CzQ_WXqFobV_fafE3K2dIUttvcFDxOGMT_GnUmdyg5HLB1MRCQYZItwZof_h-LdQp8suo4XyneclOJnQhCzlmDjOcEZOns_joh91t-zDX1jXIQNqC_evpzvfr5Rubz26gsKljk642ru0gkaH8cLHPJx3jgvtBrQzbLbzKJZRIhWqthrqdcKHKeUxN6g-LAFqQG7d-tP6cL_X1Q29IBpJ49SkpYFEDslLwQ_LU5zal_k-2tEyU6DfoFWB9hbNfBQy16SJzgDBDnZ3DadDSRjpXBwRa7m9ALa3A_qVln3K4wuTR46LFDqMKNAqf_sfy5tIJ6Zja5ehwxqmMwXtHomZY9OtfHDE511AZ6wGSagEpexe3eV-2TVwTvJBZnqfeLnnzlF9Z6qqq65lJ5XhO34Ylxnt-kqLqPOPwp-rYCJna-tUsEKAokkqKnHf2FycMQAaBx0grk5yyD2Y4CttlCfbdehoFSyWtTFvkjkk7MebLXqvMbqxXSmKaBn7Of0W6E9Qs6nJ5gWMaVuD9gc2H-BvQAQBUSYpl0TB_yPJKbiRb03HvvgZUdgB9XI9e5YFSMA0K_0SPtx4AgSLH2Coz-NxwLUtP22PUTNmm-04r8Sj0SVWw9w9mW4YXU3U4BGI_0fmIW3BMGgDk_9ghsumaNYKSe1P4qFLqh2jqEov0MagLck"
-        },
-        "differentSignerTokens": {
-            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjozMjUyODU5NDc1NCwiaWF0IjoxNzI5MDY2NTY4LCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8ifQ.hEPfoJRHEttdCUttpFI1e5fVrPIboOsAqwNsnXR0ANpl9qJjbYgkwPhpTaoujCI2LoNmTNqTxdFuq19g03-EMIJCvfv2hi4NOSXCzk94EFumDLaKQNvSnyXBb3LolD45-OqRBUycvQcWgynRSCS_GaGncJ_qPfFarThwYuzRKF7XvBlQf7FbdnVAWwpuP9AU6dJDLZNJChm3wRrubsbMLzhtWbFhTAlrp7ACLoCkx6c3_IZs35Wcn-5DfdBRGYicrJvaqQ4xBTTLR0lE23VsLMPDAqgdcCOIduCobq6FuY8hAGkJwOZ-cW81KYrCGQn_47GDfaP_BsAUM4YblcCuAQ",
-            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJpYXQiOjE3MjkwNjY1NjgsImV4cCI6MzI1Mjg1OTQ3NTQsImNsaWVudF9pZCI6ImRlbW8tY2xpZW50LTEiLCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8iLCJhdWQiOiJjaXZpYyJ9.VXHpr2yV7fk7ggPurT5zSlfcTrC6VfMGqt5KUi9bw3raetbwC7zdPNtNdcwLEGL1O-JvQB2JH6aDc24bLv6h2yyxNZufoq9LHQKZpJYEe6nEaeTIZkWG0TeKa1Kpj4Gq2C7ooNMPKdjb8hYu_4PN8uaB7z1jM55CLPr-SvSiOqpyZDDc92zShlYTGcUVKFUIM4mQ-vZv8064ck4L1ca0H3LvMegdiUg0WUcDttzcfRpqv9jw1g-CNGx4I-0Bqlb_EqGuY345-0_iH3AsMvFuhQn1SltYYrLLWm9drMpQh3YGtFGqu21Oz-geRrpfAmxRBF7fcgDC-0kwroP2ARymDw"
-        },
-        "expiredTokens": {
-            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjoxNjk3OTU5OTI1LCJpYXQiOjE2NjY0MjM5MjUsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyJ9.MO0IdxEyNiOq4E5QdtpfSbnXQKiN8euC2ac0E0VWggUP4o5yoz29gqAzETP_omvOBfOn4hJjXTDPGqKXKg-Lz-oLdzF71aztskCerwDuB5PdqyCGMS9Qa2j40FTJ7RkuBG9PISUpGWYfZ28q7u94h8GyWtqRtPAF2aPD1rvckk-WTXLeMqEWtfEy0yCJ4MvEwp6MUgeb7EwRKUZ_cuVCE5Xm8rNebO9b2I3Jqdg8cNNyAxEYkWERBcfFtOfaQYD_8DNJvpNpJvZXAowaab7dzNgGBAxhTQ7s4S9h-Ly2nQIAIpbff_A4baI6rOqWfFxdzrxcFt34x0S_90Z3MXNziAb-ocG0WkPewRm0hvrF4E-zFTM4guTvtol0cKw9qWLb_JE-Idm9Zq-abkOS6FvM2E0j1iqKjT1GqM_EhOdIMzOidqxlls5v2UaaJ34PvR_1yTopm6Lguhr6uX3CW_F4A5tGAxsReeUDdGQAhkPYqZp8zjPUxjCA3cJEnMSGWHgqiBJ5lCLeH-SaccT828pSqYL8FrN0Qts3ILaElVVECHiWhN90lGaBSPw8pn19odH70wH651C2eonWKAKQMpNheGmyjrGE8n0jPwz-p-8ISp5H793wlWiTH2ay33METj0Vbgg-G1p1xcWD5WR4X-uyH1f-iNupvVNYn8mf0iPxM-I",
-            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJleHAiOjE2OTc5NTk5MjUsImlhdCI6MTY2NjQyMzkyNSwiY2xpZW50X2lkIjoiZGVtby1jbGllbnQtMSIsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyIsImF1ZCI6ImNpdmljIn0.HxnjNL8P7K0WHoCQXpvbxtu_yTrcdudj4GI4fjQZEoVXJ14IkssKUa3aJGWZ2vJkxqIogoLmywYFBjvLZqcc1vo3Q-aLlVEb7EkjsQU4Qo8BMsJ0ZS2_4cDewt9WBUrMA-fDy3UwgoxHlM5OCjQ5lKAPLLm2FJDJ-djFOf_z0le9FOZ4MqkU7u_lc57e0jdCwSZmIRIU5DPX90jh-p2r8OxBwRorjAwuiiu59wTtYyEpfdicSwb7mM7hM6nFp-zl14ogWGCiW20_Lx0sz-1EfzUgw-rH2xW5R_QDUQtHJ15Pq0mtck77i608y2IElnQgwYlmSmn7gpSUoNB7Bh7cBckRfV1YHh8CoReQOKjtfCbhZYVdFDuuUaIEYmI_E9W-C4BKWJkdtX3kCy576jCx15-N7VBzVYIpkOVHHeZdRkMLVJCts2W84it0lCXgMg7KfOcuv8Lzqj_IrSBmP6jgKiOhWJ0eWQLrKGBKOS5IxhK6kyQjZSKy8Yj-N_iBt1PP4e-EWBL2jlQ81ycm4_qgUmiADryUVRchUUAyT-y5TD_LTb2gu-7h_ElKFJ_9scWjxn-SguJi2ObYaFqTes9cNtMFLP3mi9wHhlCngb5_Bw1goV0XHR1H-PSX-XOQ0MzTK7KA8uT1PHbRCsHEFkjMaZgWEwfxTqXVt2LzT6PH_Qs"
-        }
-    }
-}