@civic/auth 0.0.1-beta.3 → 0.0.1-beta.30

package/dist/test/support/fixtures.js

@@ -0,0 +1,55 @@
+const oauthWellKnownResponse = {
+    authorization_endpoint: "https://auth-dev.civic.com/oauth/auth",
+    claims_parameter_supported: false,
+    claims_supported: [
+        "sub",
+        "forwardedTokens",
+        "email",
+        "name",
+        "family_name",
+        "picture",
+        "login_method",
+        "sid",
+        "auth_time",
+        "iss",
+    ],
+    code_challenge_methods_supported: ["S256"],
+    end_session_endpoint: "https://auth-dev.civic.com/oauth/session/end",
+    grant_types_supported: ["implicit", "authorization_code", "refresh_token"],
+    issuer: "https://auth-dev.civic.com/oauth/",
+    jwks_uri: "https://auth-dev.civic.com/oauth/jwks",
+    authorization_response_iss_parameter_supported: true,
+    response_modes_supported: ["form_post", "fragment", "query"],
+    response_types_supported: ["code id_token", "code", "id_token", "none"],
+    scopes_supported: [
+        "openid",
+        "offline_access",
+        "forwardedTokens",
+        "email",
+        "profile",
+    ],
+    subject_types_supported: ["public"],
+    token_endpoint_auth_methods_supported: [
+        "client_secret_basic",
+        "client_secret_jwt",
+        "client_secret_post",
+        "private_key_jwt",
+        "none",
+    ],
+    token_endpoint_auth_signing_alg_values_supported: [
+        "HS256",
+        "RS256",
+        "PS256",
+        "ES256",
+        "EdDSA",
+    ],
+    token_endpoint: "https://auth-dev.civic.com/oauth/token",
+    id_token_signing_alg_values_supported: ["PS256", "RS256"],
+    pushed_authorization_request_endpoint: "https://auth-dev.civic.com/oauth/request",
+    request_parameter_supported: false,
+    request_uri_parameter_supported: false,
+    userinfo_endpoint: "https://auth-dev.civic.com/oauth/me",
+    claim_types_supported: ["normal"],
+};
+export { oauthWellKnownResponse };
+//# sourceMappingURL=fixtures.js.map

package/dist/test/support/fixtures.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fixtures.js","sourceRoot":"","sources":["../../../test/support/fixtures.ts"],"names":[],"mappings":"AAAA,MAAM,sBAAsB,GAAG;IAC7B,sBAAsB,EAAE,uCAAuC;IAC/D,0BAA0B,EAAE,KAAK;IACjC,gBAAgB,EAAE;QAChB,KAAK;QACL,iBAAiB;QACjB,OAAO;QACP,MAAM;QACN,aAAa;QACb,SAAS;QACT,cAAc;QACd,KAAK;QACL,WAAW;QACX,KAAK;KACN;IACD,gCAAgC,EAAE,CAAC,MAAM,CAAC;IAC1C,oBAAoB,EAAE,8CAA8C;IACpE,qBAAqB,EAAE,CAAC,UAAU,EAAE,oBAAoB,EAAE,eAAe,CAAC;IAC1E,MAAM,EAAE,mCAAmC;IAC3C,QAAQ,EAAE,uCAAuC;IACjD,8CAA8C,EAAE,IAAI;IACpD,wBAAwB,EAAE,CAAC,WAAW,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5D,wBAAwB,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACvE,gBAAgB,EAAE;QAChB,QAAQ;QACR,gBAAgB;QAChB,iBAAiB;QACjB,OAAO;QACP,SAAS;KACV;IACD,uBAAuB,EAAE,CAAC,QAAQ,CAAC;IACnC,qCAAqC,EAAE;QACrC,qBAAqB;QACrB,mBAAmB;QACnB,oBAAoB;QACpB,iBAAiB;QACjB,MAAM;KACP;IACD,gDAAgD,EAAE;QAChD,OAAO;QACP,OAAO;QACP,OAAO;QACP,OAAO;QACP,OAAO;KACR;IACD,cAAc,EAAE,wCAAwC;IACxD,qCAAqC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;IACzD,qCAAqC,EACnC,0CAA0C;IAC5C,2BAA2B,EAAE,KAAK;IAClC,+BAA+B,EAAE,KAAK;IACtC,iBAAiB,EAAE,qCAAqC;IACxD,qBAAqB,EAAE,CAAC,QAAQ,CAAC;CAClC,CAAC;AAEF,OAAO,EAAE,sBAAsB,EAAE,CAAC","sourcesContent":["const oauthWellKnownResponse = {\n  authorization_endpoint: \"https://auth-dev.civic.com/oauth/auth\",\n  claims_parameter_supported: false,\n  claims_supported: [\n    \"sub\",\n    \"forwardedTokens\",\n    \"email\",\n    \"name\",\n    \"family_name\",\n    \"picture\",\n    \"login_method\",\n    \"sid\",\n    \"auth_time\",\n    \"iss\",\n  ],\n  code_challenge_methods_supported: [\"S256\"],\n  end_session_endpoint: \"https://auth-dev.civic.com/oauth/session/end\",\n  grant_types_supported: [\"implicit\", \"authorization_code\", \"refresh_token\"],\n  issuer: \"https://auth-dev.civic.com/oauth/\",\n  jwks_uri: \"https://auth-dev.civic.com/oauth/jwks\",\n  authorization_response_iss_parameter_supported: true,\n  response_modes_supported: [\"form_post\", \"fragment\", \"query\"],\n  response_types_supported: [\"code id_token\", \"code\", \"id_token\", \"none\"],\n  scopes_supported: [\n    \"openid\",\n    \"offline_access\",\n    \"forwardedTokens\",\n    \"email\",\n    \"profile\",\n  ],\n  subject_types_supported: [\"public\"],\n  token_endpoint_auth_methods_supported: [\n    \"client_secret_basic\",\n    \"client_secret_jwt\",\n    \"client_secret_post\",\n    \"private_key_jwt\",\n    \"none\",\n  ],\n  token_endpoint_auth_signing_alg_values_supported: [\n    \"HS256\",\n    \"RS256\",\n    \"PS256\",\n    \"ES256\",\n    \"EdDSA\",\n  ],\n  token_endpoint: \"https://auth-dev.civic.com/oauth/token\",\n  id_token_signing_alg_values_supported: [\"PS256\", \"RS256\"],\n  pushed_authorization_request_endpoint:\n    \"https://auth-dev.civic.com/oauth/request\",\n  request_parameter_supported: false,\n  request_uri_parameter_supported: false,\n  userinfo_endpoint: \"https://auth-dev.civic.com/oauth/me\",\n  claim_types_supported: [\"normal\"],\n};\n\nexport { oauthWellKnownResponse };\n"]}

package/dist/test/support/tokens.json

@@ -0,0 +1,26 @@
+{
+    "local": {
+        "validTokens": {
+            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImNpdmljLWF1dGgtdG9rZW4tc2lnbmVyLWtleSJ9.eyJzdWIiOiIzMzZmNDQ1Zi1hZjcxLTQxYzYtODNlZC00NjJhY2ZiNTU1YjYiLCJlbWFpbCI6Imdob3N0QGNpdmljLmNvbSIsImZvcndhcmRlZFRva2VucyI6eyJkdW1teSI6eyJhY2Nlc3NfdG9rZW4iOiIiLCJleHBpcmVzX2luIjozNjAwLCJpZF90b2tlbiI6ImV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNJc0ltdHBaQ0k2SW10bGVYTjBiM0psTFVOSVFVNUhSUzFOUlNKOS5leUp6ZFdJaU9pSjBaWE4wSWl3aVlYUmZhR0Z6YUNJNklrcEdVbkZRZUhsZmJGYzFVaTFIV0dabE9Ia3lja0VpTENKaGRXUWlPaUp0ZVMxamJHbGxiblFpTENKbGVIQWlPakUzTWprd05qZ3hOVFVzSW1saGRDSTZNVGN5T1RBMk5EVTFOU3dpYVhOeklqb2lhSFIwY0RvdkwyeHZZMkZzYUc5emREbzVNRGt3SW4wLm11TGg2T2s0YVIyb0V3RC1yUFZXck5RY24xMFZqSjVmN0hUUHVNSk50NFBFVUEyVkttZnRKdHdEOXB5WVVNUngybkhHaWRIMVIyemhwbUpWclVUaDl4SDVpNkQxckx5VHA2UXFTbm9RQ1lYTFA3bzdJRWdLcTkta1R0TUhWS2t1LU1qX2FvNk05TUFaN3llYnpCR3dJcHVYcFRZY3JwMC1EQVZLSW94LVV1b0lfSkljbURWSExtbjJfUEhMZ0Z1Y3ctMTlVZFgyYUlTM19kSDRqQ01CLXp4Y0xGTmV6SlVfV1BRVTNYUEhyQk83M3lMWTU2NmEyb1RVczV3Tkh4bWJKOXdBWXJSRHJSQVBrcml2R2s1WEhNSG5RX21OUlUxNGhSc2N3Y25vOC1NZnNlZlRHc1JsbDdSRXpiaUFWUzZjY2hHV0ItVXJJWk92R0p6UjFlZGRjQSIsInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgZW1haWwiLCJ0b2tlbl90eXBlIjoiQmVhcmVyIn19LCJub25jZSI6IjEyMzQ1Njc4OTAiLCJhdF9oYXNoIjoiVFZjelNRMERIeElHY2t1VzducDYydyIsImF1ZCI6ImRlbW8tY2xpZW50LTEiLCJleHAiOjE3MjkwNjgxNTYsImlhdCI6MTcyOTA2NDU1NiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDozMDAxIn0.NNvOtkls3wjivcCWYanqWr8_cHzf7by2_6mSF_qeNqJ8zt7ZPmKh2R6WbnrlYVsym0sMYueR9m_bDGsNZNrwXGPABz4ff7TV5LH8LO1W_fdPemMBlIDdRwc0DZx7BUIKqwvciQ1lHx-2xv-6gH7TZVX7Dwvv-zArLpLkmzrec4EV0Wyn-WYAZFqMMpPvEUCCxkp_AWMh9P8ax3ExSHPAMu5_skJo1nJTK5lri3DNU31IuXvLz2JFYusDViFDwu5wx_TSC1S-hsRQd_aK_wGGifqfuwuGRX43ZEDqRcB5lgBAfc8v1kxYu5HhF07C63zMLZjJg66pGBHwNWp5r-Q4K-2xBXDU6TP-4YYikvwqIOjlRiz_RP_kEBrioqNRvwk8SU2laJ7g7st_4q86RiXPS4uN31o5eDSCiM5dd0OdC2IUZorC5pMym-IzuHEJhWr68psczj3dUKxbLbuoH-827CQt-8Vv8znfS7ck8I0YDXjVSKhBYXoCnzXpwJ-c9OcPIbquTQrqeogGqTlA6Nt-23rC7Ave8xOcRQZrJ1Ec5c5eD_4MoSYw3q90b6AT6U3tY3ewYQMdg4Ro9x-hFu7uCuurDZgnyugpM7dBATaFfR3ar9nRtdMyPrU2LhEeZS2iwSvP7wuWJpIkjxFy3znFrsFBTa_WbD0BJSOfl1j5G94",
+            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6ImF0K2p3dCIsImtpZCI6ImNpdmljLWF1dGgtdG9rZW4tc2lnbmVyLWtleSJ9.eyJqdGkiOiJjS2xCVW1jZW0tVjE3RzM4N1AyTUIiLCJzdWIiOiIzMzZmNDQ1Zi1hZjcxLTQxYzYtODNlZC00NjJhY2ZiNTU1YjYiLCJpYXQiOjE3MjkwNjQ1NTYsImV4cCI6MTcyOTA2ODE1NiwiY2xpZW50X2lkIjoiZGVtby1jbGllbnQtMSIsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6MzAwMSIsImF1ZCI6ImNpdmljIn0.gsX--7GtdF1JYQi5Spt6GfcvZ_8EZxkpO8GljfoXJw-cRYhP98-w9IADZBn87ekH914pnUTxp1x_oLhTWGBrR_yMsHRYim_gkVv8t-dnOEAR4IzDByG7kd58TM_blbY-yma0Cb-O3XRGgrdkvw2PjMeHfTSl3tlYx0c47PS8WegOkYkQcfyPUUNEsUFA8e5qzmkMCdwFWHaox-fQaaNpFrO0wCRWOvYr3vFnrLU87Ds7AOaurZUYaFgxqcMsg3zhZXB2pslqS2p9pmQO3Yi0m8-ntX5P18TWX6oOdBbOLqJX3R5s2GAAm9tYJOeBz-JpTucmn4OaL3OyJvIZqM-7EAVtHdnVYUjzGarNu4_b-rcj66mkSNBbquqjAmRBQ5nnRMkmWZxkf6BKgOwmuONLaU4soZEc_AUNtcKIRzbYmBvrgBlPZr5lvkSKIynKlDCbhsB7O_yBRijVesQrau5ReUcXdbJMRj1U5goBnWXV8y8xZFVKwJvx5WdQVUz2tjmtTO8xMK0ORcWdJShIzlhvQrUsjuiFKWytlbRckIdrllsNLfTFbIvQLa9Pmi-FgrJtm-wD3RoHlNgtjGiHjN-YfWCauTcSn9Xd8TbjIc8D43LuRR2Oh3c78GrEVerbnmTjXh6UFZ6ZXkrkarVst8KQMtPiUo9_DdtJP6ghXLXdo6A"
+        },
+        "expiredTokens": {
+            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjoxNjk3OTU5OTI1LCJpYXQiOjE2NjY0MjM5MjUsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyJ9.MO0IdxEyNiOq4E5QdtpfSbnXQKiN8euC2ac0E0VWggUP4o5yoz29gqAzETP_omvOBfOn4hJjXTDPGqKXKg-Lz-oLdzF71aztskCerwDuB5PdqyCGMS9Qa2j40FTJ7RkuBG9PISUpGWYfZ28q7u94h8GyWtqRtPAF2aPD1rvckk-WTXLeMqEWtfEy0yCJ4MvEwp6MUgeb7EwRKUZ_cuVCE5Xm8rNebO9b2I3Jqdg8cNNyAxEYkWERBcfFtOfaQYD_8DNJvpNpJvZXAowaab7dzNgGBAxhTQ7s4S9h-Ly2nQIAIpbff_A4baI6rOqWfFxdzrxcFt34x0S_90Z3MXNziAb-ocG0WkPewRm0hvrF4E-zFTM4guTvtol0cKw9qWLb_JE-Idm9Zq-abkOS6FvM2E0j1iqKjT1GqM_EhOdIMzOidqxlls5v2UaaJ34PvR_1yTopm6Lguhr6uX3CW_F4A5tGAxsReeUDdGQAhkPYqZp8zjPUxjCA3cJEnMSGWHgqiBJ5lCLeH-SaccT828pSqYL8FrN0Qts3ILaElVVECHiWhN90lGaBSPw8pn19odH70wH651C2eonWKAKQMpNheGmyjrGE8n0jPwz-p-8ISp5H793wlWiTH2ay33METj0Vbgg-G1p1xcWD5WR4X-uyH1f-iNupvVNYn8mf0iPxM-I",
+            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJleHAiOjE2OTc5NTk5MjUsImlhdCI6MTY2NjQyMzkyNSwiY2xpZW50X2lkIjoiZGVtby1jbGllbnQtMSIsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyIsImF1ZCI6ImNpdmljIn0.HxnjNL8P7K0WHoCQXpvbxtu_yTrcdudj4GI4fjQZEoVXJ14IkssKUa3aJGWZ2vJkxqIogoLmywYFBjvLZqcc1vo3Q-aLlVEb7EkjsQU4Qo8BMsJ0ZS2_4cDewt9WBUrMA-fDy3UwgoxHlM5OCjQ5lKAPLLm2FJDJ-djFOf_z0le9FOZ4MqkU7u_lc57e0jdCwSZmIRIU5DPX90jh-p2r8OxBwRorjAwuiiu59wTtYyEpfdicSwb7mM7hM6nFp-zl14ogWGCiW20_Lx0sz-1EfzUgw-rH2xW5R_QDUQtHJ15Pq0mtck77i608y2IElnQgwYlmSmn7gpSUoNB7Bh7cBckRfV1YHh8CoReQOKjtfCbhZYVdFDuuUaIEYmI_E9W-C4BKWJkdtX3kCy576jCx15-N7VBzVYIpkOVHHeZdRkMLVJCts2W84it0lCXgMg7KfOcuv8Lzqj_IrSBmP6jgKiOhWJ0eWQLrKGBKOS5IxhK6kyQjZSKy8Yj-N_iBt1PP4e-EWBL2jlQ81ycm4_qgUmiADryUVRchUUAyT-y5TD_LTb2gu-7h_ElKFJ_9scWjxn-SguJi2ObYaFqTes9cNtMFLP3mi9wHhlCngb5_Bw1goV0XHR1H-PSX-XOQ0MzTK7KA8uT1PHbRCsHEFkjMaZgWEwfxTqXVt2LzT6PH_Qs"
+        }
+    },
+    "dev": {
+        "validTokens": {
+            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjozMjUyODU5NDc1NCwiaWF0IjoxNzI5MDY2NTY4LCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8ifQ.vRQtCQqzV_m62rClHrOtiV7C2zBDOp6h51IgPvlX4-z9x5BDmgckZpNfxPo-Skl7Un5HwTmnqfEyrdsIUScI86Nf_jVt6oEwM1YE2PwygHPW6oE4-Nlipcpll7zNaQQTBVpfuz1bEC7xRqM3quH-RT_hEB4em8YrN0uIBtPrBJ3JpzSnjrLkdziLiSQbejYMLM69WCRCc0pT1V8oBRWxq3fd6s71ajZ8X-KIf5p5Nc24FzidK6X3Yb7pD9sq8BlqbGIDpdXJXNCPJz8kpN9AiggAJUpYeNV2zi0rm5O5-C8UHwOVkAd7SCc_rBxoUxJ9K8B_RX3mo0wKzjY_BVLrvba4R9Nbl5JYkaWPnvKaZDEebjdb3eHdljeomEtP1uYNOqTGqY0Pj8312WNjC6-HtDQFevzmZKYqLtExGuGMuj81V9QUO_SAWzPKZ_wgscJzdR_lFgCqL2uOE0CL6LcnXefyqiMMtsIh2BuBKBJHzCmBf26ezaOuR_hRH4wbJ2rawiqSInhwedeHC1MoVsEWcjealUJspWCfbTqGF-ewTmRAvXffkNjOiQNtclt63ap9gbE89tsNlG_TFICbHFAbn4rNTq6e1gpgke1Ouf9ex1UXrZb9HdfeN5o9-7IsPlEWblkxDKxqcj6YAukETfW7wYzt4tV_sxqO_uxiHhczRU8",
+            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJpYXQiOjE3MjkwNjY1NjgsImV4cCI6MzI1Mjg1OTQ3NTQsImNsaWVudF9pZCI6ImRlbW8tY2xpZW50LTEiLCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8iLCJhdWQiOiJjaXZpYyJ9.CzQ_WXqFobV_fafE3K2dIUttvcFDxOGMT_GnUmdyg5HLB1MRCQYZItwZof_h-LdQp8suo4XyneclOJnQhCzlmDjOcEZOns_joh91t-zDX1jXIQNqC_evpzvfr5Rubz26gsKljk642ru0gkaH8cLHPJx3jgvtBrQzbLbzKJZRIhWqthrqdcKHKeUxN6g-LAFqQG7d-tP6cL_X1Q29IBpJ49SkpYFEDslLwQ_LU5zal_k-2tEyU6DfoFWB9hbNfBQy16SJzgDBDnZ3DadDSRjpXBwRa7m9ALa3A_qVln3K4wuTR46LFDqMKNAqf_sfy5tIJ6Zja5ehwxqmMwXtHomZY9OtfHDE511AZ6wGSagEpexe3eV-2TVwTvJBZnqfeLnnzlF9Z6qqq65lJ5XhO34Ylxnt-kqLqPOPwp-rYCJna-tUsEKAokkqKnHf2FycMQAaBx0grk5yyD2Y4CttlCfbdehoFSyWtTFvkjkk7MebLXqvMbqxXSmKaBn7Of0W6E9Qs6nJ5gWMaVuD9gc2H-BvQAQBUSYpl0TB_yPJKbiRb03HvvgZUdgB9XI9e5YFSMA0K_0SPtx4AgSLH2Coz-NxwLUtP22PUTNmm-04r8Sj0SVWw9w9mW4YXU3U4BGI_0fmIW3BMGgDk_9ghsumaNYKSe1P4qFLqh2jqEov0MagLck"
+        },
+        "differentSignerTokens": {
+            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjozMjUyODU5NDc1NCwiaWF0IjoxNzI5MDY2NTY4LCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8ifQ.hEPfoJRHEttdCUttpFI1e5fVrPIboOsAqwNsnXR0ANpl9qJjbYgkwPhpTaoujCI2LoNmTNqTxdFuq19g03-EMIJCvfv2hi4NOSXCzk94EFumDLaKQNvSnyXBb3LolD45-OqRBUycvQcWgynRSCS_GaGncJ_qPfFarThwYuzRKF7XvBlQf7FbdnVAWwpuP9AU6dJDLZNJChm3wRrubsbMLzhtWbFhTAlrp7ACLoCkx6c3_IZs35Wcn-5DfdBRGYicrJvaqQ4xBTTLR0lE23VsLMPDAqgdcCOIduCobq6FuY8hAGkJwOZ-cW81KYrCGQn_47GDfaP_BsAUM4YblcCuAQ",
+            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJpYXQiOjE3MjkwNjY1NjgsImV4cCI6MzI1Mjg1OTQ3NTQsImNsaWVudF9pZCI6ImRlbW8tY2xpZW50LTEiLCJpc3MiOiJodHRwczovL2F1dGgtZGV2LmNpdmljLmNvbS9vYXV0aC8iLCJhdWQiOiJjaXZpYyJ9.VXHpr2yV7fk7ggPurT5zSlfcTrC6VfMGqt5KUi9bw3raetbwC7zdPNtNdcwLEGL1O-JvQB2JH6aDc24bLv6h2yyxNZufoq9LHQKZpJYEe6nEaeTIZkWG0TeKa1Kpj4Gq2C7ooNMPKdjb8hYu_4PN8uaB7z1jM55CLPr-SvSiOqpyZDDc92zShlYTGcUVKFUIM4mQ-vZv8064ck4L1ca0H3LvMegdiUg0WUcDttzcfRpqv9jw1g-CNGx4I-0Bqlb_EqGuY345-0_iH3AsMvFuhQn1SltYYrLLWm9drMpQh3YGtFGqu21Oz-geRrpfAmxRBF7fcgDC-0kwroP2ARymDw"
+        },
+        "expiredTokens": {
+            "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJlbWFpbCI6ImVkMjEyNTczLTgxMGEtNDliZS1iNzdiLTg2OWMyOWM2ZWRkZEBleGFtcGxlLmV4YW1wbGUiLCJmb3J3YXJkZWRUb2tlbnMiOnsiZHVtbXkiOnsiYWNjZXNzX3Rva2VuIjoidGVzdC1mb3J3YXJkZWQtYWNjZXNzLXRva2VuIiwiaWRfdG9rZW4iOiJ0ZXN0LWZvcndhcmRlZC1pZC10b2tlbiJ9fSwibm9uY2UiOiIxMjM0NTY3ODkwIiwiYXRfaGFzaCI6Ikh3T3JXdldWRV9UR3h3c2ZCN0NyRlEiLCJhdWQiOiJkZW1vLWNsaWVudC0xIiwiZXhwIjoxNjk3OTU5OTI1LCJpYXQiOjE2NjY0MjM5MjUsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyJ9.MO0IdxEyNiOq4E5QdtpfSbnXQKiN8euC2ac0E0VWggUP4o5yoz29gqAzETP_omvOBfOn4hJjXTDPGqKXKg-Lz-oLdzF71aztskCerwDuB5PdqyCGMS9Qa2j40FTJ7RkuBG9PISUpGWYfZ28q7u94h8GyWtqRtPAF2aPD1rvckk-WTXLeMqEWtfEy0yCJ4MvEwp6MUgeb7EwRKUZ_cuVCE5Xm8rNebO9b2I3Jqdg8cNNyAxEYkWERBcfFtOfaQYD_8DNJvpNpJvZXAowaab7dzNgGBAxhTQ7s4S9h-Ly2nQIAIpbff_A4baI6rOqWfFxdzrxcFt34x0S_90Z3MXNziAb-ocG0WkPewRm0hvrF4E-zFTM4guTvtol0cKw9qWLb_JE-Idm9Zq-abkOS6FvM2E0j1iqKjT1GqM_EhOdIMzOidqxlls5v2UaaJ34PvR_1yTopm6Lguhr6uX3CW_F4A5tGAxsReeUDdGQAhkPYqZp8zjPUxjCA3cJEnMSGWHgqiBJ5lCLeH-SaccT828pSqYL8FrN0Qts3ILaElVVECHiWhN90lGaBSPw8pn19odH70wH651C2eonWKAKQMpNheGmyjrGE8n0jPwz-p-8ISp5H793wlWiTH2ay33METj0Vbgg-G1p1xcWD5WR4X-uyH1f-iNupvVNYn8mf0iPxM-I",
+            "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0Wk9RdjQ0Unh2MzJ4dTJReElzTnEiLCJzdWIiOiIzZmJlM2QwMy0yZDM4LTRjZjgtYjAzNy1kZDVjMjdkOWFmODAiLCJleHAiOjE2OTc5NTk5MjUsImlhdCI6MTY2NjQyMzkyNSwiY2xpZW50X2lkIjoiZGVtby1jbGllbnQtMSIsImlzcyI6Imh0dHBzOi8vYXV0aC1kZXYuY2l2aWMuY29tL29hdXRoLyIsImF1ZCI6ImNpdmljIn0.HxnjNL8P7K0WHoCQXpvbxtu_yTrcdudj4GI4fjQZEoVXJ14IkssKUa3aJGWZ2vJkxqIogoLmywYFBjvLZqcc1vo3Q-aLlVEb7EkjsQU4Qo8BMsJ0ZS2_4cDewt9WBUrMA-fDy3UwgoxHlM5OCjQ5lKAPLLm2FJDJ-djFOf_z0le9FOZ4MqkU7u_lc57e0jdCwSZmIRIU5DPX90jh-p2r8OxBwRorjAwuiiu59wTtYyEpfdicSwb7mM7hM6nFp-zl14ogWGCiW20_Lx0sz-1EfzUgw-rH2xW5R_QDUQtHJ15Pq0mtck77i608y2IElnQgwYlmSmn7gpSUoNB7Bh7cBckRfV1YHh8CoReQOKjtfCbhZYVdFDuuUaIEYmI_E9W-C4BKWJkdtX3kCy576jCx15-N7VBzVYIpkOVHHeZdRkMLVJCts2W84it0lCXgMg7KfOcuv8Lzqj_IrSBmP6jgKiOhWJ0eWQLrKGBKOS5IxhK6kyQjZSKy8Yj-N_iBt1PP4e-EWBL2jlQ81ycm4_qgUmiADryUVRchUUAyT-y5TD_LTb2gu-7h_ElKFJ_9scWjxn-SguJi2ObYaFqTes9cNtMFLP3mi9wHhlCngb5_Bw1goV0XHR1H-PSX-XOQ0MzTK7KA8uT1PHbRCsHEFkjMaZgWEwfxTqXVt2LzT6PH_Qs"
+        }
+    }
+}

package/dist/test/unit/lib/oauth.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=oauth.test.d.ts.map

package/dist/test/unit/lib/oauth.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/lib/oauth.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/lib/oauth.test.js

@@ -0,0 +1,55 @@
+import { getOauthEndpoints, getIssuerVariations, displayModeFromState, generateState, } from "@/lib/oauth.js";
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import { oauthWellKnownResponse } from "../../support/fixtures.js";
+describe("getOauthEndpoints", () => {
+    afterEach(vi.clearAllMocks);
+    beforeEach(() => {
+        global.fetch = vi.fn().mockResolvedValue({
+            json: vi.fn().mockResolvedValue(oauthWellKnownResponse),
+        });
+    });
+    it("should translate the response from the auth server into an endpoints object", async () => {
+        const response = await getOauthEndpoints("https://example.com");
+        expect(response).toEqual({
+            auth: "https://auth-dev.civic.com/oauth/auth",
+            token: "https://auth-dev.civic.com/oauth/token",
+            jwks: "https://auth-dev.civic.com/oauth/jwks",
+            userinfo: "https://auth-dev.civic.com/oauth/me",
+        });
+    });
+});
+describe("getIssuerVariations", () => {
+    it("should return an array of variations of the issuer", () => {
+        const issuer = "https://example.com";
+        const variations = getIssuerVariations(issuer);
+        expect(variations).toEqual(["https://example.com", "https://example.com/"]);
+    });
+});
+describe("displayModeFromState", () => {
+    it("should return the display mode from the state", () => {
+        const state = "state";
+        const displayMode = "redirect";
+        const result = displayModeFromState(state, displayMode);
+        expect(result).toEqual(displayMode);
+    });
+    it("should extract the display mode correctly from state", () => {
+        const state = "eyJ1dWlkIjoiMGY0NWU5YWItY2U1Ni00OWZiLTlkYmUtOGQ3ZmM3YTI3NDFhIiwiZGlzcGxheU1vZGUiOiJpZnJhbWUiLCJzZXJ2ZXJUb2tlbkV4Y2hhbmdlIjp0cnVlfQ";
+        const displayMode = "redirect";
+        const result = displayModeFromState(state, displayMode);
+        expect(result).toEqual("iframe");
+    });
+});
+describe("generateState", () => {
+    it("should generate a state string", () => {
+        const state = generateState("redirect");
+        expect(state).toBeTruthy();
+        expect(state).toHaveLength(96);
+    });
+    it('should generate a state string with "serverTokenExchange" key', () => {
+        const state = generateState("redirect", true);
+        expect(state).toBeTruthy();
+        const decoded = atob(state);
+        expect(JSON.parse(decoded)).toHaveProperty("serverTokenExchange", true);
+    });
+});
+//# sourceMappingURL=oauth.test.js.map

package/dist/test/unit/lib/oauth.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.test.js","sourceRoot":"","sources":["../../../../test/unit/lib/oauth.test.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,mBAAmB,EACnB,oBAAoB,EACpB,aAAa,GACd,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAEnE,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,SAAS,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;IAE5B,UAAU,CAAC,GAAG,EAAE;QACd,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;YACvC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,sBAAsB,CAAC;SACxD,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6EAA6E,EAAE,KAAK,IAAI,EAAE;QAC3F,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,qBAAqB,CAAC,CAAC;QAChE,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,uCAAuC;YAC7C,KAAK,EAAE,wCAAwC;YAC/C,IAAI,EAAE,uCAAuC;YAC7C,QAAQ,EAAE,qCAAqC;SAChD,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,MAAM,MAAM,GAAG,qBAAqB,CAAC;QACrC,MAAM,UAAU,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC,CAAC;IAC9E,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,KAAK,GAAG,OAAO,CAAC;QACtB,MAAM,WAAW,GAAG,UAAU,CAAC;QAC/B,MAAM,MAAM,GAAG,oBAAoB,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;QAExD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,KAAK,GACT,oIAAoI,CAAC;QACvI,MAAM,WAAW,GAAG,UAAU,CAAC;QAC/B,MAAM,MAAM,GAAG,oBAAoB,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;QAExD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAExC,MAAM,CAAC,KAAK,CAAC,CAAC,UAAU,EAAE,CAAC;QAC3B,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+DAA+D,EAAE,GAAG,EAAE;QACvE,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAE9C,MAAM,CAAC,KAAK,CAAC,CAAC,UAAU,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import {\n  getOauthEndpoints,\n  getIssuerVariations,\n  displayModeFromState,\n  generateState,\n} from \"@/lib/oauth.js\";\nimport { describe, it, expect, vi, beforeEach, afterEach } from \"vitest\";\nimport { oauthWellKnownResponse } from \"../../support/fixtures.js\";\n\ndescribe(\"getOauthEndpoints\", () => {\n  afterEach(vi.clearAllMocks);\n\n  beforeEach(() => {\n    global.fetch = vi.fn().mockResolvedValue({\n      json: vi.fn().mockResolvedValue(oauthWellKnownResponse),\n    });\n  });\n\n  it(\"should translate the response from the auth server into an endpoints object\", async () => {\n    const response = await getOauthEndpoints(\"https://example.com\");\n    expect(response).toEqual({\n      auth: \"https://auth-dev.civic.com/oauth/auth\",\n      token: \"https://auth-dev.civic.com/oauth/token\",\n      jwks: \"https://auth-dev.civic.com/oauth/jwks\",\n      userinfo: \"https://auth-dev.civic.com/oauth/me\",\n    });\n  });\n});\n\ndescribe(\"getIssuerVariations\", () => {\n  it(\"should return an array of variations of the issuer\", () => {\n    const issuer = \"https://example.com\";\n    const variations = getIssuerVariations(issuer);\n    expect(variations).toEqual([\"https://example.com\", \"https://example.com/\"]);\n  });\n});\n\ndescribe(\"displayModeFromState\", () => {\n  it(\"should return the display mode from the state\", () => {\n    const state = \"state\";\n    const displayMode = \"redirect\";\n    const result = displayModeFromState(state, displayMode);\n\n    expect(result).toEqual(displayMode);\n  });\n\n  it(\"should extract the display mode correctly from state\", () => {\n    const state =\n      \"eyJ1dWlkIjoiMGY0NWU5YWItY2U1Ni00OWZiLTlkYmUtOGQ3ZmM3YTI3NDFhIiwiZGlzcGxheU1vZGUiOiJpZnJhbWUiLCJzZXJ2ZXJUb2tlbkV4Y2hhbmdlIjp0cnVlfQ\";\n    const displayMode = \"redirect\";\n    const result = displayModeFromState(state, displayMode);\n\n    expect(result).toEqual(\"iframe\");\n  });\n});\n\ndescribe(\"generateState\", () => {\n  it(\"should generate a state string\", () => {\n    const state = generateState(\"redirect\");\n\n    expect(state).toBeTruthy();\n    expect(state).toHaveLength(96);\n  });\n\n  it('should generate a state string with \"serverTokenExchange\" key', () => {\n    const state = generateState(\"redirect\", true);\n\n    expect(state).toBeTruthy();\n    const decoded = atob(state);\n    expect(JSON.parse(decoded)).toHaveProperty(\"serverTokenExchange\", true);\n  });\n});\n"]}

package/dist/test/unit/logger.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=logger.test.d.ts.map

package/dist/test/unit/logger.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.test.d.ts","sourceRoot":"","sources":["../../../test/unit/logger.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/logger.test.js

@@ -0,0 +1,141 @@
+import { describe, it, expect, beforeEach, vi } from "vitest";
+import debug from "debug";
+import { createLogger } from "../../src/lib/logger.js";
+// Mock the debug package
+vi.mock("debug", () => {
+    const debugInstance = vi.fn();
+    const debug = vi.fn(() => debugInstance);
+    // Add color property to match debug package API
+    Object.defineProperty(debugInstance, "color", {
+        set: vi.fn(),
+        get: vi.fn(),
+    });
+    return { default: debug };
+});
+describe("Logger", () => {
+    let mockDebug;
+    let debugInstance;
+    let logger;
+    beforeEach(() => {
+        vi.clearAllMocks();
+        mockDebug = debug;
+        debugInstance = mockDebug("test");
+        logger = createLogger("test");
+    });
+    it("should create debug instances with correct namespaces", () => {
+        logger = createLogger("api:routes");
+        // Verify that debug was called with the correct namespaces
+        expect(mockDebug).toHaveBeenCalledWith("@civic/auth:api:routes:debug");
+        expect(mockDebug).toHaveBeenCalledWith("@civic/auth:api:routes:info");
+        expect(mockDebug).toHaveBeenCalledWith("@civic/auth:api:routes:warn");
+        expect(mockDebug).toHaveBeenCalledWith("@civic/auth:api:routes:error");
+    });
+    it("should log debug messages with context", () => {
+        const context = { requestId: "123", userId: "456" };
+        logger.debug("Processing request", context);
+        expect(debugInstance).toHaveBeenCalledWith("Processing request", context);
+    });
+    it("should log info messages with multiple arguments", () => {
+        const requestId = "123";
+        const duration = 456;
+        logger.info("Request completed", { requestId, duration });
+        expect(debugInstance).toHaveBeenCalledWith("Request completed", {
+            requestId,
+            duration,
+        });
+    });
+    it("should log warning messages with structured data", () => {
+        const warning = {
+            code: "RATE_LIMIT",
+            requestId: "123",
+            limit: 100,
+            current: 95,
+        };
+        logger.warn("Rate limit approaching", warning);
+        expect(debugInstance).toHaveBeenCalledWith("Rate limit approaching", warning);
+    });
+    it("should log error messages with error objects", () => {
+        const error = new Error("Database connection failed");
+        const context = {
+            requestId: "123",
+            operation: "getUserProfile",
+        };
+        logger.error("Operation failed", { error, ...context });
+        expect(debugInstance).toHaveBeenCalledWith("Operation failed", {
+            error,
+            ...context,
+        });
+    });
+    it("should handle undefined arguments", () => {
+        logger.info("Simple message");
+        expect(debugInstance).toHaveBeenCalledWith("Simple message");
+    });
+    it("should handle null values in context", () => {
+        const context = {
+            userId: null,
+            sessionId: undefined,
+            requestId: "123",
+        };
+        logger.debug("User context", context);
+        expect(debugInstance).toHaveBeenCalledWith("User context", context);
+    });
+    // Testing different logger namespaces
+    describe("Logger namespaces", () => {
+        it("should create db logger with correct namespace", () => {
+            const dbLogger = createLogger("api:db");
+            dbLogger.info("DB Operation");
+            expect(mockDebug).toHaveBeenCalledWith("@civic/auth:api:db:info");
+        });
+        it("should create auth handler logger with correct namespace", () => {
+            const authLogger = createLogger("api:handlers:auth");
+            authLogger.debug("Auth check");
+            expect(mockDebug).toHaveBeenCalledWith("@civic/auth:api:handlers:auth:debug");
+        });
+    });
+    // Integration-style tests
+    describe("Real-world scenarios", () => {
+        it("should log complete request lifecycle", () => {
+            const requestLogger = createLogger("api:request");
+            const requestId = "123";
+            const start = Date.now();
+            requestLogger.debug("Request started", {
+                requestId,
+                method: "GET",
+                path: "/api/users",
+            });
+            requestLogger.info("Processing request", { requestId, userId: "456" });
+            requestLogger.debug("DB query executed", { requestId, duration: 50 });
+            requestLogger.info("Request completed", {
+                requestId,
+                duration: Date.now() - start,
+                status: 200,
+            });
+            expect(debugInstance).toHaveBeenCalledTimes(4);
+        });
+        it("should log error scenario with full context", () => {
+            const requestLogger = createLogger("api:request");
+            const requestId = "123";
+            const error = new Error("Invalid user input");
+            const context = {
+                userId: "456",
+                input: { email: "invalid" },
+                validation: { failed: true, errors: ["Invalid email format"] },
+            };
+            requestLogger.debug("Validating input", {
+                requestId,
+                input: context.input,
+            });
+            requestLogger.warn("Validation failed", {
+                requestId,
+                validation: context.validation,
+            });
+            requestLogger.error("Request failed", {
+                requestId,
+                error,
+                context,
+            });
+            expect(debugInstance).toHaveBeenCalledTimes(3);
+        });
+    });
+});
+//# sourceMappingURL=logger.test.js.map

package/dist/test/unit/logger.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.test.js","sourceRoot":"","sources":["../../../test/unit/logger.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEvD,yBAAyB;AACzB,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE;IACpB,MAAM,aAAa,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;IAC9B,MAAM,KAAK,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,CAAC;IACzC,gDAAgD;IAChD,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,OAAO,EAAE;QAC5C,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACZ,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;KACb,CAAC,CAAC;IACH,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE;IACtB,IAAI,SAAmC,CAAC;IACxC,IAAI,aAAuC,CAAC;IAC5C,IAAI,MAAuC,CAAC;IAE5C,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,SAAS,GAAG,KAA4C,CAAC;QACzD,aAAa,GAAG,SAAS,CAAC,MAAM,CAAwC,CAAC;QACzE,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;QAC/D,MAAM,GAAG,YAAY,CAAC,YAAY,CAAC,CAAC;QAEpC,2DAA2D;QAC3D,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CAAC,8BAA8B,CAAC,CAAC;QACvE,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;QACtE,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;QACtE,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CAAC,8BAA8B,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,OAAO,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;QACpD,MAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE,OAAO,CAAC,CAAC;QAE5C,MAAM,CAAC,aAAa,CAAC,CAAC,oBAAoB,CAAC,oBAAoB,EAAE,OAAO,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,SAAS,GAAG,KAAK,CAAC;QACxB,MAAM,QAAQ,GAAG,GAAG,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;QAE1D,MAAM,CAAC,aAAa,CAAC,CAAC,oBAAoB,CAAC,mBAAmB,EAAE;YAC9D,SAAS;YACT,QAAQ;SACT,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,OAAO,GAAG;YACd,IAAI,EAAE,YAAY;YAClB,SAAS,EAAE,KAAK;YAChB,KAAK,EAAE,GAAG;YACV,OAAO,EAAE,EAAE;SACZ,CAAC;QAEF,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC;QAE/C,MAAM,CAAC,aAAa,CAAC,CAAC,oBAAoB,CACxC,wBAAwB,EACxB,OAAO,CACR,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QACtD,MAAM,OAAO,GAAG;YACd,SAAS,EAAE,KAAK;YAChB,SAAS,EAAE,gBAAgB;SAC5B,CAAC;QAEF,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;QAExD,MAAM,CAAC,aAAa,CAAC,CAAC,oBAAoB,CAAC,kBAAkB,EAAE;YAC7D,KAAK;YACL,GAAG,OAAO;SACX,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAE9B,MAAM,CAAC,aAAa,CAAC,CAAC,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE,SAAS;YACpB,SAAS,EAAE,KAAK;SACjB,CAAC;QAEF,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QAEtC,MAAM,CAAC,aAAa,CAAC,CAAC,oBAAoB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,sCAAsC;IACtC,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;YACxD,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;YACxC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAE9B,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CAAC,yBAAyB,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;YAClE,MAAM,UAAU,GAAG,YAAY,CAAC,mBAAmB,CAAC,CAAC;YACrD,UAAU,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAE/B,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACpC,qCAAqC,CACtC,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,0BAA0B;IAC1B,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,aAAa,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;YAClD,MAAM,SAAS,GAAG,KAAK,CAAC;YACxB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAEzB,aAAa,CAAC,KAAK,CAAC,iBAAiB,EAAE;gBACrC,SAAS;gBACT,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,YAAY;aACnB,CAAC,CAAC;YACH,aAAa,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACvE,aAAa,CAAC,KAAK,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;YACtE,aAAa,CAAC,IAAI,CAAC,mBAAmB,EAAE;gBACtC,SAAS;gBACT,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;gBAC5B,MAAM,EAAE,GAAG;aACZ,CAAC,CAAC;YAEH,MAAM,CAAC,aAAa,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;YACrD,MAAM,aAAa,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;YAClD,MAAM,SAAS,GAAG,KAAK,CAAC;YACxB,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;YAC9C,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,KAAK;gBACb,KAAK,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE;gBAC3B,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,sBAAsB,CAAC,EAAE;aAC/D,CAAC;YAEF,aAAa,CAAC,KAAK,CAAC,kBAAkB,EAAE;gBACtC,SAAS;gBACT,KAAK,EAAE,OAAO,CAAC,KAAK;aACrB,CAAC,CAAC;YACH,aAAa,CAAC,IAAI,CAAC,mBAAmB,EAAE;gBACtC,SAAS;gBACT,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC,CAAC;YACH,aAAa,CAAC,KAAK,CAAC,gBAAgB,EAAE;gBACpC,SAAS;gBACT,KAAK;gBACL,OAAO;aACR,CAAC,CAAC;YAEH,MAAM,CAAC,aAAa,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, beforeEach, vi } from \"vitest\";\nimport debug from \"debug\";\nimport { createLogger } from \"../../src/lib/logger.js\";\n\n// Mock the debug package\nvi.mock(\"debug\", () => {\n  const debugInstance = vi.fn();\n  const debug = vi.fn(() => debugInstance);\n  // Add color property to match debug package API\n  Object.defineProperty(debugInstance, \"color\", {\n    set: vi.fn(),\n    get: vi.fn(),\n  });\n  return { default: debug };\n});\n\ndescribe(\"Logger\", () => {\n  let mockDebug: ReturnType<typeof debug>;\n  let debugInstance: ReturnType<typeof vi.fn>;\n  let logger: ReturnType<typeof createLogger>;\n\n  beforeEach(() => {\n    vi.clearAllMocks();\n    mockDebug = debug as unknown as ReturnType<typeof debug>;\n    debugInstance = mockDebug(\"test\") as unknown as ReturnType<typeof vi.fn>;\n    logger = createLogger(\"test\");\n  });\n\n  it(\"should create debug instances with correct namespaces\", () => {\n    logger = createLogger(\"api:routes\");\n\n    // Verify that debug was called with the correct namespaces\n    expect(mockDebug).toHaveBeenCalledWith(\"@civic/auth:api:routes:debug\");\n    expect(mockDebug).toHaveBeenCalledWith(\"@civic/auth:api:routes:info\");\n    expect(mockDebug).toHaveBeenCalledWith(\"@civic/auth:api:routes:warn\");\n    expect(mockDebug).toHaveBeenCalledWith(\"@civic/auth:api:routes:error\");\n  });\n\n  it(\"should log debug messages with context\", () => {\n    const context = { requestId: \"123\", userId: \"456\" };\n    logger.debug(\"Processing request\", context);\n\n    expect(debugInstance).toHaveBeenCalledWith(\"Processing request\", context);\n  });\n\n  it(\"should log info messages with multiple arguments\", () => {\n    const requestId = \"123\";\n    const duration = 456;\n    logger.info(\"Request completed\", { requestId, duration });\n\n    expect(debugInstance).toHaveBeenCalledWith(\"Request completed\", {\n      requestId,\n      duration,\n    });\n  });\n\n  it(\"should log warning messages with structured data\", () => {\n    const warning = {\n      code: \"RATE_LIMIT\",\n      requestId: \"123\",\n      limit: 100,\n      current: 95,\n    };\n\n    logger.warn(\"Rate limit approaching\", warning);\n\n    expect(debugInstance).toHaveBeenCalledWith(\n      \"Rate limit approaching\",\n      warning,\n    );\n  });\n\n  it(\"should log error messages with error objects\", () => {\n    const error = new Error(\"Database connection failed\");\n    const context = {\n      requestId: \"123\",\n      operation: \"getUserProfile\",\n    };\n\n    logger.error(\"Operation failed\", { error, ...context });\n\n    expect(debugInstance).toHaveBeenCalledWith(\"Operation failed\", {\n      error,\n      ...context,\n    });\n  });\n\n  it(\"should handle undefined arguments\", () => {\n    logger.info(\"Simple message\");\n\n    expect(debugInstance).toHaveBeenCalledWith(\"Simple message\");\n  });\n\n  it(\"should handle null values in context\", () => {\n    const context = {\n      userId: null,\n      sessionId: undefined,\n      requestId: \"123\",\n    };\n\n    logger.debug(\"User context\", context);\n\n    expect(debugInstance).toHaveBeenCalledWith(\"User context\", context);\n  });\n\n  // Testing different logger namespaces\n  describe(\"Logger namespaces\", () => {\n    it(\"should create db logger with correct namespace\", () => {\n      const dbLogger = createLogger(\"api:db\");\n      dbLogger.info(\"DB Operation\");\n\n      expect(mockDebug).toHaveBeenCalledWith(\"@civic/auth:api:db:info\");\n    });\n\n    it(\"should create auth handler logger with correct namespace\", () => {\n      const authLogger = createLogger(\"api:handlers:auth\");\n      authLogger.debug(\"Auth check\");\n\n      expect(mockDebug).toHaveBeenCalledWith(\n        \"@civic/auth:api:handlers:auth:debug\",\n      );\n    });\n  });\n\n  // Integration-style tests\n  describe(\"Real-world scenarios\", () => {\n    it(\"should log complete request lifecycle\", () => {\n      const requestLogger = createLogger(\"api:request\");\n      const requestId = \"123\";\n      const start = Date.now();\n\n      requestLogger.debug(\"Request started\", {\n        requestId,\n        method: \"GET\",\n        path: \"/api/users\",\n      });\n      requestLogger.info(\"Processing request\", { requestId, userId: \"456\" });\n      requestLogger.debug(\"DB query executed\", { requestId, duration: 50 });\n      requestLogger.info(\"Request completed\", {\n        requestId,\n        duration: Date.now() - start,\n        status: 200,\n      });\n\n      expect(debugInstance).toHaveBeenCalledTimes(4);\n    });\n\n    it(\"should log error scenario with full context\", () => {\n      const requestLogger = createLogger(\"api:request\");\n      const requestId = \"123\";\n      const error = new Error(\"Invalid user input\");\n      const context = {\n        userId: \"456\",\n        input: { email: \"invalid\" },\n        validation: { failed: true, errors: [\"Invalid email format\"] },\n      };\n\n      requestLogger.debug(\"Validating input\", {\n        requestId,\n        input: context.input,\n      });\n      requestLogger.warn(\"Validation failed\", {\n        requestId,\n        validation: context.validation,\n      });\n      requestLogger.error(\"Request failed\", {\n        requestId,\n        error,\n        context,\n      });\n\n      expect(debugInstance).toHaveBeenCalledTimes(3);\n    });\n  });\n});\n"]}

package/dist/test/unit/nextjs/NextAuthProvider.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=NextAuthProvider.test.d.ts.map

package/dist/test/unit/nextjs/NextAuthProvider.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"NextAuthProvider.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/nextjs/NextAuthProvider.test.tsx"],"names":[],"mappings":""}

package/dist/test/unit/nextjs/NextAuthProvider.test.js

@@ -0,0 +1,29 @@
+import { render } from "@testing-library/react";
+import { describe, it, vi, expect } from "vitest";
+import { CivicNextAuthProvider } from "@/nextjs/providers/NextAuthProvider.js";
+import { resolveAuthConfig } from "@/nextjs/config.js";
+import React from "react";
+vi.mock("@/nextjs/config.js", () => ({
+    resolveAuthConfig: vi.fn(() => ({
+        clientId: "test-client-id",
+        oauthServer: "https://example.com",
+        callbackUrl: "https://example.com/callback",
+        challengeUrl: "https://example.com/challenge",
+        logoutUrl: "https://example.com/logout",
+    })),
+}));
+vi.mock("@/nextjs/hooks/useUserCookie", () => ({
+    useUserCookie: vi.fn(),
+}));
+vi.mock("@/nextjs/hooks/useTokenCookie", () => ({
+    useTokenCookie: vi.fn(),
+}));
+describe("CivicNextAuthProvider", () => {
+    it("should call resolveAuthConfig with no arguments", () => {
+        const children = React.createElement("div", null, "Test Content");
+        render(React.createElement(CivicNextAuthProvider, null, children));
+        // The Next implementation should take all config from the next.config.js file, no config taken from provider props.
+        expect(resolveAuthConfig).toHaveBeenCalledWith();
+    });
+});
+//# sourceMappingURL=NextAuthProvider.test.js.map

package/dist/test/unit/nextjs/NextAuthProvider.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"NextAuthProvider.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/NextAuthProvider.test.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,GAAG,EAAE,CAAC,CAAC;IACnC,iBAAiB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QAC9B,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,qBAAqB;QAClC,WAAW,EAAE,8BAA8B;QAC3C,YAAY,EAAE,+BAA+B;QAC7C,SAAS,EAAE,4BAA4B;KACxC,CAAC,CAAC;CACJ,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,8BAA8B,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE;CACvB,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,+BAA+B,EAAE,GAAG,EAAE,CAAC,CAAC;IAC9C,cAAc,EAAE,EAAE,CAAC,EAAE,EAAE;CACxB,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,QAAQ,GAAG,gDAAuB,CAAC;QAEzC,MAAM,CACJ,oBAAC,qBAAqB,QACnB,QAAQ,CACa,CACzB,CAAC;QAEF,oHAAoH;QACpH,MAAM,CAAC,iBAAiB,CAAC,CAAC,oBAAoB,EAAE,CAAC;IACnD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { render } from \"@testing-library/react\";\nimport { describe, it, vi, expect } from \"vitest\";\nimport { CivicNextAuthProvider } from \"@/nextjs/providers/NextAuthProvider.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport React from \"react\";\n\nvi.mock(\"@/nextjs/config.js\", () => ({\n  resolveAuthConfig: vi.fn(() => ({\n    clientId: \"test-client-id\",\n    oauthServer: \"https://example.com\",\n    callbackUrl: \"https://example.com/callback\",\n    challengeUrl: \"https://example.com/challenge\",\n    logoutUrl: \"https://example.com/logout\",\n  })),\n}));\n\nvi.mock(\"@/nextjs/hooks/useUserCookie\", () => ({\n  useUserCookie: vi.fn(),\n}));\n\nvi.mock(\"@/nextjs/hooks/useTokenCookie\", () => ({\n  useTokenCookie: vi.fn(),\n}));\n\ndescribe(\"CivicNextAuthProvider\", () => {\n  it(\"should call resolveAuthConfig with no arguments\", () => {\n    const children = <div>Test Content</div>;\n\n    render(\n      <CivicNextAuthProvider>\n        {children}\n      </CivicNextAuthProvider>\n    );\n\n    // The Next implementation should take all config from the next.config.js file, no config taken from provider props.\n    expect(resolveAuthConfig).toHaveBeenCalledWith();\n  });\n});"]}

package/dist/test/unit/nextjs/config.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=config.test.d.ts.map

package/dist/test/unit/nextjs/config.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/nextjs/config.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/nextjs/config.test.js

@@ -0,0 +1,189 @@
+/* eslint-disable turbo/no-undeclared-env-vars */
+import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
+import { resolveAuthConfig, createCivicAuthPlugin, defaultAuthConfig, } from "@/nextjs/config.js";
+import { DEFAULT_AUTH_SERVER } from "@/constants.js";
+const defaultCookies = {
+    id_token: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    access_token: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    refresh_token: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    code_verifier: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    app_url: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+};
+describe("nextjs/config", () => {
+    const originalEnv = process.env;
+    beforeEach(() => {
+        vi.resetModules();
+        process.env = { ...originalEnv, NODE_ENV: "development" };
+    });
+    afterEach(() => {
+        process.env = originalEnv;
+        vi.restoreAllMocks();
+    });
+    describe("resolveAuthConfig", () => {
+        it("should throw an error if clientId is not provided", () => {
+            expect(() => resolveAuthConfig()).toThrowError("Civic Auth client ID is required");
+        });
+        it("should use default values when no config is provided", () => {
+            // client id must be defined
+            process.env._civic_auth_client_id = "clientId";
+            const result = resolveAuthConfig();
+            expect(result).toEqual({ ...defaultAuthConfig, clientId: "clientId" });
+        });
+        it("should override default values with provided config", () => {
+            const config = {
+                clientId: "clientId",
+                callbackUrl: "/custom/callback",
+                loginUrl: "/custom/login",
+                include: ["/protected/*"],
+                exclude: ["/public/*"],
+            };
+            const result = resolveAuthConfig(config);
+            expect(result.callbackUrl).toBe("/custom/callback");
+            expect(result.loginUrl).toBe("/custom/login");
+            expect(result.include).toEqual(["/protected/*"]);
+            expect(result.exclude).toEqual(["/public/*"]);
+        });
+        it("should use environment variables if set", () => {
+            process.env._civic_auth_client_id = "clientId";
+            process.env._civic_auth_callback_url = "/env/callback";
+            process.env._civic_auth_login_url = "/env/login";
+            process.env._civic_auth_includes = "/env/protected/*";
+            process.env._civic_auth_excludes = "/env/public/*";
+            const result = resolveAuthConfig();
+            expect(result.callbackUrl).toBe("/env/callback");
+            expect(result.loginUrl).toBe("/env/login");
+            expect(result.include).toEqual(["/env/protected/*"]);
+            expect(result.exclude).toEqual(["/env/public/*"]);
+        });
+        it("should prioritize provided config over environment variables", () => {
+            process.env._civic_auth_callback_url = "/env/callback";
+            const config = {
+                clientId: "clientId",
+                callbackUrl: "/config/callback",
+            };
+            const result = resolveAuthConfig(config);
+            expect(result.callbackUrl).toBe("/config/callback");
+        });
+        it("should merge cookie configurations correctly", () => {
+            const config = {
+                clientId: "clientId",
+                cookies: {
+                    tokens: {
+                        id_token: { ...defaultCookies.id_token, secure: false },
+                    },
+                    user: {
+                        httpOnly: false,
+                        secure: false,
+                        sameSite: "strict",
+                    },
+                },
+            };
+            const result = resolveAuthConfig(config);
+            expect(result.cookies.tokens).toEqual({
+                ...defaultCookies,
+                id_token: { ...defaultCookies.id_token, secure: false },
+            });
+            expect(result.cookies.user).toEqual({
+                httpOnly: false,
+                secure: false,
+                sameSite: "strict",
+                path: "/",
+                maxAge: 3600,
+            });
+        });
+        it("should set secure to true in the default cookie configs if NODE_ENV is not development", async () => {
+            process.env = { ...originalEnv, NODE_ENV: "production" };
+            // re-import to get the configs with the updated NODE_ENV
+            const configs = await import("../../../src/nextjs/config.js");
+            const result = configs.resolveAuthConfig({ clientId: "clientId" });
+            Object.values(result.cookies.tokens).forEach((cookie) => {
+                expect(cookie.secure).toBe(true);
+            });
+        });
+    });
+    describe("createCivicAuthPlugin", () => {
+        it("should return a function", () => {
+            const plugin = createCivicAuthPlugin({ clientId: "clientId" });
+            expect(typeof plugin).toBe("function");
+        });
+        it("should set environment variables based on resolved config", () => {
+            const config = {
+                clientId: "clientId",
+                callbackUrl: "/custom/callback",
+                loginUrl: "/custom/login",
+                logoutUrl: "/custom/logout",
+                include: ["/protected/*"],
+                exclude: ["/public/*"],
+                cookies: {
+                    tokens: defaultCookies,
+                    user: {
+                        secure: false,
+                        sameSite: "strict",
+                        maxAge: 3600,
+                    },
+                },
+            };
+            const plugin = createCivicAuthPlugin(config);
+            const nextConfig = plugin({});
+            expect(nextConfig.env).toEqual({
+                _civic_auth_client_id: "clientId",
+                _civic_auth_callback_url: "/custom/callback",
+                _civic_auth_challenge_url: "/api/auth/challenge",
+                _civic_auth_login_url: "/custom/login",
+                _civic_auth_logout_url: "/custom/logout",
+                _civic_auth_includes: "/protected/*",
+                _civic_auth_excludes: "/public/*",
+                _civic_oauth_server: DEFAULT_AUTH_SERVER,
+                _civic_auth_cookie_config: JSON.stringify({
+                    tokens: defaultCookies,
+                    user: {
+                        secure: false,
+                        httpOnly: false,
+                        sameSite: "strict",
+                        path: "/",
+                        maxAge: 3600,
+                    },
+                }),
+            });
+        });
+        it("should merge with existing Next.js config", () => {
+            const existingConfig = {
+                reactStrictMode: true,
+                env: {
+                    CUSTOM_VAR: "value",
+                },
+            };
+            const plugin = createCivicAuthPlugin({ clientId: "clientId" });
+            const nextConfig = plugin(existingConfig);
+            expect(nextConfig.reactStrictMode).toBe(true);
+            expect(nextConfig.env).toHaveProperty("CUSTOM_VAR", "value");
+            expect(nextConfig.env).toHaveProperty("_civic_auth_callback_url");
+        });
+    });
+});
+//# sourceMappingURL=config.test.js.map