@civic/auth 0.0.1-beta.3 → 0.0.1-beta.30

package/dist/test/unit/nextjs/config.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/config.test.ts"],"names":[],"mappings":"AAAA,iDAAiD;AACjD,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EAErB,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,MAAM,cAAc,GAAG;IACrB,QAAQ,EAAE;QACR,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,YAAY,EAAE;QACZ,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,aAAa,EAAE;QACb,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,aAAa,EAAE;QACb,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,OAAO,EAAE;QACP,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;CACoB,CAAC;AAExB,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC;IAEhC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,GAAG,EAAE,GAAG,WAAW,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,CAAC,GAAG,GAAG,WAAW,CAAC;QAC1B,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;YAC3D,MAAM,CAAC,GAAG,EAAE,CAAC,iBAAiB,EAAE,CAAC,CAAC,YAAY,CAC5C,kCAAkC,CACnC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;YAC9D,4BAA4B;YAC5B,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,UAAU,CAAC;YAC/C,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,EAAE,GAAG,iBAAiB,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;YAC7D,MAAM,MAAM,GAAe;gBACzB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,kBAAkB;gBAC/B,QAAQ,EAAE,eAAe;gBACzB,OAAO,EAAE,CAAC,cAAc,CAAC;gBACzB,OAAO,EAAE,CAAC,WAAW,CAAC;aACvB,CAAC;YACF,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACpD,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC9C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;YACjD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,UAAU,CAAC;YAC/C,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,eAAe,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,YAAY,CAAC;YACjD,OAAO,CAAC,GAAG,CAAC,oBAAoB,GAAG,kBAAkB,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,oBAAoB,GAAG,eAAe,CAAC;YAEnD,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACjD,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;YACtE,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,eAAe,CAAC;YACvD,MAAM,MAAM,GAAe;gBACzB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,kBAAkB;aAChC,CAAC;YAEF,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,MAAM,GAAe;gBACzB,QAAQ,EAAE,UAAU;gBACpB,OAAO,EAAE;oBACP,MAAM,EAAE;wBACN,QAAQ,EAAE,EAAE,GAAG,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE;qBAClC;oBACvB,IAAI,EAAE;wBACJ,QAAQ,EAAE,KAAK;wBACf,MAAM,EAAE,KAAK;wBACb,QAAQ,EAAE,QAAQ;qBACnB;iBACF;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC;gBACpC,GAAG,cAAc;gBACjB,QAAQ,EAAE,EAAE,GAAG,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE;aACxD,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;gBAClC,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,KAAK;gBACb,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,IAAI;aACb,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wFAAwF,EAAE,KAAK,IAAI,EAAE;YACtG,OAAO,CAAC,GAAG,GAAG,EAAE,GAAG,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;YACzD,yDAAyD;YACzD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,+BAA+B,CAAC,CAAC;YAC9D,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;YACnE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;gBACtD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,MAAM,GAAG,qBAAqB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;YAC/D,MAAM,CAAC,OAAO,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;YACnE,MAAM,MAAM,GAAG;gBACb,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,kBAAkB;gBAC/B,QAAQ,EAAE,eAAe;gBACzB,SAAS,EAAE,gBAAgB;gBAC3B,OAAO,EAAE,CAAC,cAAc,CAAC;gBACzB,OAAO,EAAE,CAAC,WAAW,CAAC;gBACtB,OAAO,EAAE;oBACP,MAAM,EAAE,cAAc;oBACtB,IAAI,EAAE;wBACJ,MAAM,EAAE,KAAK;wBACb,QAAQ,EAAE,QAAQ;wBAClB,MAAM,EAAE,IAAI;qBACJ;iBACX;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;YAC7C,MAAM,UAAU,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;YAE9B,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC;gBAC7B,qBAAqB,EAAE,UAAU;gBACjC,wBAAwB,EAAE,kBAAkB;gBAC5C,yBAAyB,EAAE,qBAAqB;gBAChD,qBAAqB,EAAE,eAAe;gBACtC,sBAAsB,EAAE,gBAAgB;gBACxC,oBAAoB,EAAE,cAAc;gBACpC,oBAAoB,EAAE,WAAW;gBACjC,mBAAmB,EAAE,mBAAmB;gBACxC,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC;oBACxC,MAAM,EAAE,cAAc;oBACtB,IAAI,EAAE;wBACJ,MAAM,EAAE,KAAK;wBACb,QAAQ,EAAE,KAAK;wBACf,QAAQ,EAAE,QAAQ;wBAClB,IAAI,EAAE,GAAG;wBACT,MAAM,EAAE,IAAI;qBACb;iBACF,CAAC;aACH,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,cAAc,GAAG;gBACrB,eAAe,EAAE,IAAI;gBACrB,GAAG,EAAE;oBACH,UAAU,EAAE,OAAO;iBACpB;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,qBAAqB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;YAC/D,MAAM,UAAU,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;YAE1C,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC9C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YAC7D,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,0BAA0B,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["/* eslint-disable turbo/no-undeclared-env-vars */\nimport { describe, it, expect, beforeEach, afterEach, vi } from \"vitest\";\nimport {\n  resolveAuthConfig,\n  createCivicAuthPlugin,\n  type AuthConfig,\n  defaultAuthConfig,\n} from \"@/nextjs/config.js\";\nimport type { TokensCookieConfig } from \"@/index.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nconst defaultCookies = {\n  id_token: {\n    httpOnly: true,\n    path: \"/\",\n    sameSite: \"strict\",\n    secure: false,\n  },\n  access_token: {\n    httpOnly: true,\n    path: \"/\",\n    sameSite: \"strict\",\n    secure: false,\n  },\n  refresh_token: {\n    httpOnly: true,\n    path: \"/\",\n    sameSite: \"strict\",\n    secure: false,\n  },\n  code_verifier: {\n    httpOnly: true,\n    path: \"/\",\n    sameSite: \"strict\",\n    secure: false,\n  },\n  app_url: {\n    httpOnly: true,\n    path: \"/\",\n    sameSite: \"strict\",\n    secure: false,\n  },\n} as TokensCookieConfig;\n\ndescribe(\"nextjs/config\", () => {\n  const originalEnv = process.env;\n\n  beforeEach(() => {\n    vi.resetModules();\n    process.env = { ...originalEnv, NODE_ENV: \"development\" };\n  });\n\n  afterEach(() => {\n    process.env = originalEnv;\n    vi.restoreAllMocks();\n  });\n\n  describe(\"resolveAuthConfig\", () => {\n    it(\"should throw an error if clientId is not provided\", () => {\n      expect(() => resolveAuthConfig()).toThrowError(\n        \"Civic Auth client ID is required\",\n      );\n    });\n\n    it(\"should use default values when no config is provided\", () => {\n      // client id must be defined\n      process.env._civic_auth_client_id = \"clientId\";\n      const result = resolveAuthConfig();\n      expect(result).toEqual({ ...defaultAuthConfig, clientId: \"clientId\" });\n    });\n\n    it(\"should override default values with provided config\", () => {\n      const config: AuthConfig = {\n        clientId: \"clientId\",\n        callbackUrl: \"/custom/callback\",\n        loginUrl: \"/custom/login\",\n        include: [\"/protected/*\"],\n        exclude: [\"/public/*\"],\n      };\n      const result = resolveAuthConfig(config);\n      expect(result.callbackUrl).toBe(\"/custom/callback\");\n      expect(result.loginUrl).toBe(\"/custom/login\");\n      expect(result.include).toEqual([\"/protected/*\"]);\n      expect(result.exclude).toEqual([\"/public/*\"]);\n    });\n\n    it(\"should use environment variables if set\", () => {\n      process.env._civic_auth_client_id = \"clientId\";\n      process.env._civic_auth_callback_url = \"/env/callback\";\n      process.env._civic_auth_login_url = \"/env/login\";\n      process.env._civic_auth_includes = \"/env/protected/*\";\n      process.env._civic_auth_excludes = \"/env/public/*\";\n\n      const result = resolveAuthConfig();\n      expect(result.callbackUrl).toBe(\"/env/callback\");\n      expect(result.loginUrl).toBe(\"/env/login\");\n      expect(result.include).toEqual([\"/env/protected/*\"]);\n      expect(result.exclude).toEqual([\"/env/public/*\"]);\n    });\n\n    it(\"should prioritize provided config over environment variables\", () => {\n      process.env._civic_auth_callback_url = \"/env/callback\";\n      const config: AuthConfig = {\n        clientId: \"clientId\",\n        callbackUrl: \"/config/callback\",\n      };\n\n      const result = resolveAuthConfig(config);\n      expect(result.callbackUrl).toBe(\"/config/callback\");\n    });\n\n    it(\"should merge cookie configurations correctly\", () => {\n      const config: AuthConfig = {\n        clientId: \"clientId\",\n        cookies: {\n          tokens: {\n            id_token: { ...defaultCookies.id_token, secure: false },\n          } as TokensCookieConfig,\n          user: {\n            httpOnly: false,\n            secure: false,\n            sameSite: \"strict\",\n          },\n        },\n      };\n\n      const result = resolveAuthConfig(config);\n      expect(result.cookies.tokens).toEqual({\n        ...defaultCookies,\n        id_token: { ...defaultCookies.id_token, secure: false },\n      });\n\n      expect(result.cookies.user).toEqual({\n        httpOnly: false,\n        secure: false,\n        sameSite: \"strict\",\n        path: \"/\",\n        maxAge: 3600,\n      });\n    });\n\n    it(\"should set secure to true in the default cookie configs if NODE_ENV is not development\", async () => {\n      process.env = { ...originalEnv, NODE_ENV: \"production\" };\n      // re-import to get the configs with the updated NODE_ENV\n      const configs = await import(\"../../../src/nextjs/config.js\");\n      const result = configs.resolveAuthConfig({ clientId: \"clientId\" });\n      Object.values(result.cookies.tokens).forEach((cookie) => {\n        expect(cookie.secure).toBe(true);\n      });\n    });\n  });\n\n  describe(\"createCivicAuthPlugin\", () => {\n    it(\"should return a function\", () => {\n      const plugin = createCivicAuthPlugin({ clientId: \"clientId\" });\n      expect(typeof plugin).toBe(\"function\");\n    });\n\n    it(\"should set environment variables based on resolved config\", () => {\n      const config = {\n        clientId: \"clientId\",\n        callbackUrl: \"/custom/callback\",\n        loginUrl: \"/custom/login\",\n        logoutUrl: \"/custom/logout\",\n        include: [\"/protected/*\"],\n        exclude: [\"/public/*\"],\n        cookies: {\n          tokens: defaultCookies,\n          user: {\n            secure: false,\n            sameSite: \"strict\",\n            maxAge: 3600,\n          } as const,\n        },\n      };\n\n      const plugin = createCivicAuthPlugin(config);\n      const nextConfig = plugin({});\n\n      expect(nextConfig.env).toEqual({\n        _civic_auth_client_id: \"clientId\",\n        _civic_auth_callback_url: \"/custom/callback\",\n        _civic_auth_challenge_url: \"/api/auth/challenge\",\n        _civic_auth_login_url: \"/custom/login\",\n        _civic_auth_logout_url: \"/custom/logout\",\n        _civic_auth_includes: \"/protected/*\",\n        _civic_auth_excludes: \"/public/*\",\n        _civic_oauth_server: DEFAULT_AUTH_SERVER,\n        _civic_auth_cookie_config: JSON.stringify({\n          tokens: defaultCookies,\n          user: {\n            secure: false,\n            httpOnly: false,\n            sameSite: \"strict\",\n            path: \"/\",\n            maxAge: 3600,\n          },\n        }),\n      });\n    });\n\n    it(\"should merge with existing Next.js config\", () => {\n      const existingConfig = {\n        reactStrictMode: true,\n        env: {\n          CUSTOM_VAR: \"value\",\n        },\n      };\n\n      const plugin = createCivicAuthPlugin({ clientId: \"clientId\" });\n      const nextConfig = plugin(existingConfig);\n\n      expect(nextConfig.reactStrictMode).toBe(true);\n      expect(nextConfig.env).toHaveProperty(\"CUSTOM_VAR\", \"value\");\n      expect(nextConfig.env).toHaveProperty(\"_civic_auth_callback_url\");\n    });\n  });\n});\n"]}

package/dist/test/unit/nextjs/getUser.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=getUser.test.d.ts.map

package/dist/test/unit/nextjs/getUser.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"getUser.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/nextjs/getUser.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/nextjs/getUser.test.js

@@ -0,0 +1,36 @@
+import { describe, it, expect, beforeEach, vi } from "vitest";
+import { GenericUserSession } from "@/shared/lib/UserSession.js";
+import { getUser } from "@/nextjs/index.js";
+import { NextjsClientStorage } from "@/nextjs/cookies.js";
+const mockUser = {
+    id: "user123",
+    name: "John Doe",
+    email: "john@example.com",
+    picture: "https://example.com/john.jpg",
+    idToken: "test-id-token",
+    accessToken: "test-access-token",
+    refreshToken: "test-refresh-token",
+};
+describe("getUser", () => {
+    beforeEach(() => {
+        vi.clearAllMocks();
+        vi.spyOn(GenericUserSession.prototype, "get").mockReturnValue(mockUser);
+        vi.spyOn(NextjsClientStorage.prototype, "get").mockImplementation((cookieName) => {
+            switch (cookieName) {
+                case "access_token":
+                    return "test-access-token";
+                case "id_token":
+                    return "test-id-token";
+                case "refresh_token":
+                    return "test-refresh-token";
+                default:
+                    return null;
+            }
+        });
+    });
+    it("should get the user from session", () => {
+        const user = getUser();
+        expect(user).toEqual(mockUser);
+    });
+});
+//# sourceMappingURL=getUser.test.js.map

package/dist/test/unit/nextjs/getUser.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"getUser.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/getUser.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAEjE,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAE1D,MAAM,QAAQ,GAAS;IACrB,EAAE,EAAE,SAAS;IACb,IAAI,EAAE,UAAU;IAChB,KAAK,EAAE,kBAAkB;IACzB,OAAO,EAAE,8BAA8B;IACvC,OAAO,EAAE,eAAe;IACxB,WAAW,EAAE,mBAAmB;IAChC,YAAY,EAAE,oBAAoB;CAChB,CAAC;AAErB,QAAQ,CAAC,SAAS,EAAE,GAAG,EAAE;IACvB,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACxE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,kBAAkB,CAC/D,CAAC,UAAkB,EAAE,EAAE;YACrB,QAAQ,UAAU,EAAE,CAAC;gBACnB,KAAK,cAAc;oBACjB,OAAO,mBAAmB,CAAC;gBAC7B,KAAK,UAAU;oBACb,OAAO,eAAe,CAAC;gBACzB,KAAK,eAAe;oBAClB,OAAO,oBAAoB,CAAC;gBAC9B;oBACE,OAAO,IAAI,CAAC;YAChB,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, beforeEach, vi } from \"vitest\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport type { User } from \"@/types.ts\";\nimport { getUser } from \"@/nextjs/index.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\n\nconst mockUser: User = {\n  id: \"user123\",\n  name: \"John Doe\",\n  email: \"john@example.com\",\n  picture: \"https://example.com/john.jpg\",\n  idToken: \"test-id-token\",\n  accessToken: \"test-access-token\",\n  refreshToken: \"test-refresh-token\",\n} as unknown as User;\n\ndescribe(\"getUser\", () => {\n  beforeEach(() => {\n    vi.clearAllMocks();\n    vi.spyOn(GenericUserSession.prototype, \"get\").mockReturnValue(mockUser);\n    vi.spyOn(NextjsClientStorage.prototype, \"get\").mockImplementation(\n      (cookieName: string) => {\n        switch (cookieName) {\n          case \"access_token\":\n            return \"test-access-token\";\n          case \"id_token\":\n            return \"test-id-token\";\n          case \"refresh_token\":\n            return \"test-refresh-token\";\n          default:\n            return null;\n        }\n      },\n    );\n  });\n\n  it(\"should get the user from session\", () => {\n    const user = getUser();\n    expect(user).toEqual(mockUser);\n  });\n});\n"]}

package/dist/test/unit/nextjs/middleware.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=middleware.test.d.ts.map

package/dist/test/unit/nextjs/middleware.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/nextjs/middleware.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/nextjs/middleware.test.js

@@ -0,0 +1,113 @@
+import { describe, it, expect, beforeEach, vi } from "vitest";
+import { NextResponse } from "next/server.js";
+import { authMiddleware, withAuth } from "@/nextjs/middleware/index.js";
+import { defaultAuthConfig } from "@/nextjs/config.js";
+// Mock next/server
+vi.mock("next/server.js", () => ({
+    NextResponse: {
+        next: vi.fn(() => ({ type: "next" })),
+        redirect: vi.fn((url) => ({ type: "redirect", url })),
+    },
+}));
+describe("Auth Middleware", () => {
+    let request;
+    beforeEach(() => {
+        // Reset mocks
+        vi.clearAllMocks();
+        // Create base request
+        request = {
+            nextUrl: {
+                pathname: "/protected",
+            },
+            cookies: {
+                get: vi.fn(),
+            },
+            method: "GET",
+            url: "http://example.com/protected",
+        };
+        process.env._civic_auth_client_id = "abc";
+    });
+    describe("authMiddleware", () => {
+        /* FIXME
+        it("should redirect to login when no token present", async () => {
+          const middleware = authMiddleware();
+          const response = await middleware(request);
+    
+          expect(NextResponse.redirect).toHaveBeenCalledWith("http://example.com/");
+          expect(response.type).toBe("redirect");
+        });
+        */
+        it("should allow access when token is present", async () => {
+            request.cookies.get = vi.fn().mockReturnValue({ value: "valid-token" });
+            const middleware = authMiddleware();
+            const response = await middleware(request);
+            expect(NextResponse.next).toHaveBeenCalled();
+            expect(response.type).toBe("next");
+        });
+        it("should skip auth check for redirect to login page", async () => {
+            request.nextUrl.pathname = "/login";
+            const middleware = authMiddleware({
+                ...defaultAuthConfig,
+                loginUrl: "/login",
+            });
+            const response = await middleware(request);
+            expect(NextResponse.next).toHaveBeenCalled();
+            expect(response.type).toBe("next");
+        });
+        it("should not skip auth check for non-GET to login page", async () => {
+            request.nextUrl.pathname = "/login";
+            const middleware = authMiddleware({
+                ...defaultAuthConfig,
+                loginUrl: "/login",
+            });
+            const response = await middleware({
+                ...request,
+                method: "POST",
+            });
+            // should have redirected to the login page
+            expect(NextResponse.next).not.toHaveBeenCalled();
+            expect(response.type).toBe("redirect");
+        });
+    });
+    describe("withAuth", () => {
+        it("should chain custom middleware when authenticated", async () => {
+            request.cookies.get = vi.fn().mockReturnValue({ value: "valid-token" });
+            const customMiddleware = vi.fn(() => NextResponse.next());
+            const middleware = withAuth(customMiddleware);
+            await middleware(request);
+            expect(customMiddleware).toHaveBeenCalled();
+        });
+        it("should not chain custom middleware when unauthorized", async () => {
+            const customMiddleware = vi.fn(() => NextResponse.next());
+            const middleware = withAuth(customMiddleware);
+            const response = await middleware(request);
+            expect(customMiddleware).not.toHaveBeenCalled();
+            expect(NextResponse.redirect).toHaveBeenCalled();
+            expect(response.type).toBe("redirect");
+        });
+    });
+    describe("path matching", () => {
+        it("should respect include patterns", async () => {
+            request.cookies.get = vi.fn().mockReturnValue({ value: "valid-token" });
+            request.nextUrl.pathname = "/public";
+            const middleware = authMiddleware({
+                include: ["/protected/**"],
+            });
+            const response = await middleware(request);
+            expect(NextResponse.next).toHaveBeenCalled();
+            expect(response.type).toBe("next");
+        });
+        it("should respect exclude patterns", async () => {
+            request.cookies.get = vi.fn().mockReturnValue({ value: "valid-token" });
+            request.nextUrl.pathname = "/protected/public";
+            const middleware = authMiddleware({
+                include: ["/protected/**"],
+                exclude: ["/protected/public"],
+            });
+            const response = await middleware(request);
+            expect(NextResponse.next).toHaveBeenCalled();
+            expect(response.type).toBe("next");
+        });
+    });
+});
+//# sourceMappingURL=middleware.test.js.map

package/dist/test/unit/nextjs/middleware.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/middleware.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAoB,MAAM,gBAAgB,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAEvD,mBAAmB;AACnB,EAAE,CAAC,IAAI,CAAC,gBAAgB,EAAE,GAAG,EAAE,CAAC,CAAC;IAC/B,YAAY,EAAE;QACZ,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QACrC,QAAQ,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;KACtD;CACF,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAC/B,IAAI,OAAoB,CAAC;IAEzB,UAAU,CAAC,GAAG,EAAE;QACd,cAAc;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QAEnB,sBAAsB;QACtB,OAAO,GAAG;YACR,OAAO,EAAE;gBACP,QAAQ,EAAE,YAAY;aACvB;YACD,OAAO,EAAE;gBACP,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;aACb;YACD,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,8BAA8B;SACV,CAAC;QAE5B,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,KAAK,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B;;;;;;;;UAQE;QAEF,EAAE,CAAC,2CAA2C,EAAE,KAAK,IAAI,EAAE;YACzD,OAAO,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC;YACxE,MAAM,UAAU,GAAG,cAAc,EAAE,CAAC;YACpC,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YAE3C,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;YAC7C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;YACjE,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpC,MAAM,UAAU,GAAG,cAAc,CAAC;gBAChC,GAAG,iBAAiB;gBACpB,QAAQ,EAAE,QAAQ;aACnB,CAAC,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YAE3C,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;YAC7C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;YACpE,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpC,MAAM,UAAU,GAAG,cAAc,CAAC;gBAChC,GAAG,iBAAiB;gBACpB,QAAQ,EAAE,QAAQ;aACnB,CAAC,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC;gBAChC,GAAG,OAAO;gBACV,MAAM,EAAE,MAAM;aACA,CAAC,CAAC;YAElB,2CAA2C;YAC3C,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACjD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;QACxB,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;YACjE,OAAO,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC;YACxE,MAAM,gBAAgB,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1D,MAAM,UAAU,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YAE9C,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YAE1B,MAAM,CAAC,gBAAgB,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC9C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;YACpE,MAAM,gBAAgB,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1D,MAAM,UAAU,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YAE9C,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YAE3C,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;YAChD,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,gBAAgB,EAAE,CAAC;YACjD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;YAC/C,OAAO,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC;YACxE,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,SAAS,CAAC;YAErC,MAAM,UAAU,GAAG,cAAc,CAAC;gBAChC,OAAO,EAAE,CAAC,eAAe,CAAC;aAC3B,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YAE3C,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;YAC7C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;YAC/C,OAAO,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC;YACxE,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,mBAAmB,CAAC;YAE/C,MAAM,UAAU,GAAG,cAAc,CAAC;gBAChC,OAAO,EAAE,CAAC,eAAe,CAAC;gBAC1B,OAAO,EAAE,CAAC,mBAAmB,CAAC;aAC/B,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YAE3C,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;YAC7C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, beforeEach, vi } from \"vitest\";\nimport { NextResponse, type NextRequest } from \"next/server.js\";\nimport { authMiddleware, withAuth } from \"@/nextjs/middleware/index.js\";\nimport { defaultAuthConfig } from \"@/nextjs/config.js\";\n\n// Mock next/server\nvi.mock(\"next/server.js\", () => ({\n  NextResponse: {\n    next: vi.fn(() => ({ type: \"next\" })),\n    redirect: vi.fn((url) => ({ type: \"redirect\", url })),\n  },\n}));\n\ndescribe(\"Auth Middleware\", () => {\n  let request: NextRequest;\n\n  beforeEach(() => {\n    // Reset mocks\n    vi.clearAllMocks();\n\n    // Create base request\n    request = {\n      nextUrl: {\n        pathname: \"/protected\",\n      },\n      cookies: {\n        get: vi.fn(),\n      },\n      method: \"GET\",\n      url: \"http://example.com/protected\",\n    } as unknown as NextRequest;\n\n    process.env._civic_auth_client_id = \"abc\";\n  });\n\n  describe(\"authMiddleware\", () => {\n    /* FIXME\n    it(\"should redirect to login when no token present\", async () => {\n      const middleware = authMiddleware();\n      const response = await middleware(request);\n\n      expect(NextResponse.redirect).toHaveBeenCalledWith(\"http://example.com/\");\n      expect(response.type).toBe(\"redirect\");\n    });\n    */\n\n    it(\"should allow access when token is present\", async () => {\n      request.cookies.get = vi.fn().mockReturnValue({ value: \"valid-token\" });\n      const middleware = authMiddleware();\n      const response = await middleware(request);\n\n      expect(NextResponse.next).toHaveBeenCalled();\n      expect(response.type).toBe(\"next\");\n    });\n\n    it(\"should skip auth check for redirect to login page\", async () => {\n      request.nextUrl.pathname = \"/login\";\n      const middleware = authMiddleware({\n        ...defaultAuthConfig,\n        loginUrl: \"/login\",\n      });\n      const response = await middleware(request);\n\n      expect(NextResponse.next).toHaveBeenCalled();\n      expect(response.type).toBe(\"next\");\n    });\n\n    it(\"should not skip auth check for non-GET to login page\", async () => {\n      request.nextUrl.pathname = \"/login\";\n      const middleware = authMiddleware({\n        ...defaultAuthConfig,\n        loginUrl: \"/login\",\n      });\n      const response = await middleware({\n        ...request,\n        method: \"POST\",\n      } as NextRequest);\n\n      // should have redirected to the login page\n      expect(NextResponse.next).not.toHaveBeenCalled();\n      expect(response.type).toBe(\"redirect\");\n    });\n  });\n\n  describe(\"withAuth\", () => {\n    it(\"should chain custom middleware when authenticated\", async () => {\n      request.cookies.get = vi.fn().mockReturnValue({ value: \"valid-token\" });\n      const customMiddleware = vi.fn(() => NextResponse.next());\n      const middleware = withAuth(customMiddleware);\n\n      await middleware(request);\n\n      expect(customMiddleware).toHaveBeenCalled();\n    });\n\n    it(\"should not chain custom middleware when unauthorized\", async () => {\n      const customMiddleware = vi.fn(() => NextResponse.next());\n      const middleware = withAuth(customMiddleware);\n\n      const response = await middleware(request);\n\n      expect(customMiddleware).not.toHaveBeenCalled();\n      expect(NextResponse.redirect).toHaveBeenCalled();\n      expect(response.type).toBe(\"redirect\");\n    });\n  });\n\n  describe(\"path matching\", () => {\n    it(\"should respect include patterns\", async () => {\n      request.cookies.get = vi.fn().mockReturnValue({ value: \"valid-token\" });\n      request.nextUrl.pathname = \"/public\";\n\n      const middleware = authMiddleware({\n        include: [\"/protected/**\"],\n      });\n\n      const response = await middleware(request);\n\n      expect(NextResponse.next).toHaveBeenCalled();\n      expect(response.type).toBe(\"next\");\n    });\n\n    it(\"should respect exclude patterns\", async () => {\n      request.cookies.get = vi.fn().mockReturnValue({ value: \"valid-token\" });\n      request.nextUrl.pathname = \"/protected/public\";\n\n      const middleware = authMiddleware({\n        include: [\"/protected/**\"],\n        exclude: [\"/protected/public\"],\n      });\n\n      const response = await middleware(request);\n\n      expect(NextResponse.next).toHaveBeenCalled();\n      expect(response.type).toBe(\"next\");\n    });\n  });\n});\n"]}

package/dist/test/unit/nextjs/utils.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=utils.test.d.ts.map

package/dist/test/unit/nextjs/utils.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/nextjs/utils.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/nextjs/utils.test.js

@@ -0,0 +1,13 @@
+import { describe, it, expect } from "vitest";
+import { resolveCallbackUrl } from "@/nextjs/utils.js";
+describe("Nextjs utils", () => {
+    describe("resolveCallbackUrl", () => {
+        it("should resolve the callbackUrl by combining the relative callbackUrl from config with baseUrl", () => {
+            const callbackUrl = resolveCallbackUrl({
+                callbackUrl: "/callback",
+            }, "https://example.com");
+            expect(callbackUrl).toBe("https://example.com/callback");
+        });
+    });
+});
+//# sourceMappingURL=utils.test.js.map

package/dist/test/unit/nextjs/utils.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/utils.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAE9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAEvD,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,+FAA+F,EAAE,GAAG,EAAE;YACvG,MAAM,WAAW,GAAG,kBAAkB,CACpC;gBACE,WAAW,EAAE,WAAW;aACY,EACtC,qBAAqB,CACtB,CAAC;YACF,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect } from \"vitest\";\nimport type { AuthConfigWithDefaults } from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\n\ndescribe(\"Nextjs utils\", () => {\n  describe(\"resolveCallbackUrl\", () => {\n    it(\"should resolve the callbackUrl by combining the relative callbackUrl from config with baseUrl\", () => {\n      const callbackUrl = resolveCallbackUrl(\n        {\n          callbackUrl: \"/callback\",\n        } as unknown as AuthConfigWithDefaults,\n        \"https://example.com\",\n      );\n      expect(callbackUrl).toBe(\"https://example.com/callback\");\n    });\n  });\n});\n"]}

package/dist/test/unit/publicApi/apiSnapshot.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=apiSnapshot.test.d.ts.map

package/dist/test/unit/publicApi/apiSnapshot.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"apiSnapshot.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/publicApi/apiSnapshot.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/publicApi/apiSnapshot.test.js

@@ -0,0 +1,10 @@
+import * as authClient from "../../../src/reactjs/index.js";
+import { describe, expect, it } from "vitest";
+// This test checks if the current state of the authClient matches the previously saved snapshot.
+// If the API updates, you will need to update the snapshot by running the test:update script, i.e. `pnpm test:update`
+describe("Auth Client Public API Snapshot", () => {
+    it("should match the previous API snapshot", () => {
+        expect(authClient).toMatchSnapshot();
+    });
+});
+//# sourceMappingURL=apiSnapshot.test.js.map

package/dist/test/unit/publicApi/apiSnapshot.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"apiSnapshot.test.js","sourceRoot":"","sources":["../../../../test/unit/publicApi/apiSnapshot.test.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,+BAA+B,CAAC;AAE5D,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9C,iGAAiG;AACjG,sHAAsH;AACtH,QAAQ,CAAC,iCAAiC,EAAE,GAAG,EAAE;IAC/C,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,CAAC,UAAU,CAAC,CAAC,eAAe,EAAE,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import * as authClient from \"../../../src/reactjs/index.js\";\n\nimport { describe, expect, it } from \"vitest\";\n\n// This test checks if the current state of the authClient matches the previously saved snapshot.\n// If the API updates, you will need to update the snapshot by running the test:update script, i.e. `pnpm test:update`\ndescribe(\"Auth Client Public API Snapshot\", () => {\n  it(\"should match the previous API snapshot\", () => {\n    expect(authClient).toMatchSnapshot();\n  });\n});\n"]}

package/dist/test/unit/react/components/SignInButton.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=SignInButton.test.d.ts.map

package/dist/test/unit/react/components/SignInButton.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SignInButton.test.d.ts","sourceRoot":"","sources":["../../../../../test/unit/react/components/SignInButton.test.tsx"],"names":[],"mappings":""}

package/dist/test/unit/react/components/SignInButton.test.js

@@ -0,0 +1,31 @@
+import { describe, it, expect, vi } from "vitest";
+import React from "react";
+import { fireEvent, render, screen } from "@testing-library/react";
+import { CivicAuthProvider } from "@/shared/providers/CivicAuthProvider.js";
+import { SignInButton } from "@/reactjs/components/SignInButton.js";
+import * as civicHook from "@/reactjs/hooks/useUser.js";
+describe("SignInButton Component", () => {
+    beforeEach(() => {
+        vi.clearAllMocks();
+    });
+    it("should render a SignInButton component", () => {
+        render(React.createElement(CivicAuthProvider, { clientId: "test-client-id", redirectUrl: "https://example.com" },
+            React.createElement(SignInButton, null)));
+        expect(screen.getByText("Sign In")).toBeDefined();
+    });
+    it("should call signIn when the button is clicked", () => {
+        const mockSignIn = vi.fn();
+        vi.spyOn(civicHook, "useUser").mockReturnValue({
+            signIn: mockSignIn,
+            signOut: async () => { },
+            error: null,
+            isLoading: false,
+            user: null,
+        });
+        render(React.createElement(CivicAuthProvider, { clientId: "test-client-id", redirectUrl: "https://example.com" },
+            React.createElement(SignInButton, null)));
+        fireEvent.click(screen.getByText("Sign In"));
+        expect(mockSignIn).toHaveBeenCalled();
+    });
+});
+//# sourceMappingURL=SignInButton.test.js.map

package/dist/test/unit/react/components/SignInButton.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SignInButton.test.js","sourceRoot":"","sources":["../../../../../test/unit/react/components/SignInButton.test.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,yCAAyC,CAAC;AAC5E,OAAO,EAAE,YAAY,EAAE,MAAM,sCAAsC,CAAC;AACpE,OAAO,KAAK,SAAS,MAAM,4BAA4B,CAAC;AAExD,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;IACtC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,CACJ,oBAAC,iBAAiB,IAChB,QAAQ,EAAC,gBAAgB,EACzB,WAAW,EAAC,qBAAqB;YAEjC,oBAAC,YAAY,OAAG,CACE,CACrB,CAAC;QAEF,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,UAAU,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAE3B,EAAE,CAAC,KAAK,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,eAAe,CAAC;YAC7C,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC;YACvB,KAAK,EAAE,IAAI;YACX,SAAS,EAAE,KAAK;YAChB,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;QAEH,MAAM,CACJ,oBAAC,iBAAiB,IAChB,QAAQ,EAAC,gBAAgB,EACzB,WAAW,EAAC,qBAAqB;YAEjC,oBAAC,YAAY,OAAG,CACE,CACrB,CAAC;QAEF,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;QAE7C,MAAM,CAAC,UAAU,CAAC,CAAC,gBAAgB,EAAE,CAAC;IACxC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, vi } from \"vitest\";\nimport React from \"react\";\nimport { fireEvent, render, screen } from \"@testing-library/react\";\nimport { CivicAuthProvider } from \"@/shared/providers/CivicAuthProvider.js\";\nimport { SignInButton } from \"@/reactjs/components/SignInButton.js\";\nimport * as civicHook from \"@/reactjs/hooks/useUser.js\";\n\ndescribe(\"SignInButton Component\", () => {\n  beforeEach(() => {\n    vi.clearAllMocks();\n  });\n\n  it(\"should render a SignInButton component\", () => {\n    render(\n      <CivicAuthProvider\n        clientId=\"test-client-id\"\n        redirectUrl=\"https://example.com\"\n      >\n        <SignInButton />\n      </CivicAuthProvider>,\n    );\n\n    expect(screen.getByText(\"Sign In\")).toBeDefined();\n  });\n\n  it(\"should call signIn when the button is clicked\", () => {\n    const mockSignIn = vi.fn();\n\n    vi.spyOn(civicHook, \"useUser\").mockReturnValue({\n      signIn: mockSignIn,\n      signOut: async () => {},\n      error: null,\n      isLoading: false,\n      user: null,\n    });\n\n    render(\n      <CivicAuthProvider\n        clientId=\"test-client-id\"\n        redirectUrl=\"https://example.com\"\n      >\n        <SignInButton />\n      </CivicAuthProvider>,\n    );\n\n    fireEvent.click(screen.getByText(\"Sign In\"));\n\n    expect(mockSignIn).toHaveBeenCalled();\n  });\n});\n"]}

package/dist/test/unit/react/components/SignOutButton.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=SignOutButton.test.d.ts.map

package/dist/test/unit/react/components/SignOutButton.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SignOutButton.test.d.ts","sourceRoot":"","sources":["../../../../../test/unit/react/components/SignOutButton.test.tsx"],"names":[],"mappings":""}

package/dist/test/unit/react/components/SignOutButton.test.js

@@ -0,0 +1,30 @@
+import { describe, it, expect, vi } from "vitest";
+import { fireEvent, render, screen } from "@testing-library/react";
+import { CivicAuthProvider, SignOutButton } from "@/reactjs/index.js";
+import * as userHook from "@/reactjs/hooks/useUser.js";
+import React from "react";
+describe("SignOutButton Component", () => {
+    beforeEach(() => {
+        vi.clearAllMocks();
+    });
+    it("should render a SignOutButton component", () => {
+        render(React.createElement(CivicAuthProvider, { clientId: "test-client-id", redirectUrl: "https://example.com" },
+            React.createElement(SignOutButton, null)));
+        expect(screen.getByText("Sign Out")).toBeDefined();
+    });
+    it("should call signIn when the button is clicked", () => {
+        const mockSignOut = vi.fn();
+        vi.spyOn(userHook, "useUser").mockReturnValue({
+            signOut: mockSignOut,
+            signIn: async () => { },
+            error: null,
+            isLoading: false,
+            user: null,
+        });
+        render(React.createElement(CivicAuthProvider, { clientId: "test-client-id", redirectUrl: "https://example.com" },
+            React.createElement(SignOutButton, null)));
+        fireEvent.click(screen.getByText("Sign Out"));
+        expect(mockSignOut).toHaveBeenCalled();
+    });
+});
+//# sourceMappingURL=SignOutButton.test.js.map

package/dist/test/unit/react/components/SignOutButton.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SignOutButton.test.js","sourceRoot":"","sources":["../../../../../test/unit/react/components/SignOutButton.test.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACtE,OAAO,KAAK,QAAQ,MAAM,4BAA4B,CAAC;AACvD,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,CACJ,oBAAC,iBAAiB,IAChB,QAAQ,EAAC,gBAAgB,EACzB,WAAW,EAAC,qBAAqB;YAEjC,oBAAC,aAAa,OAAG,CACC,CACrB,CAAC;QAEF,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,WAAW,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAE5B,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,eAAe,CAAC;YAC5C,OAAO,EAAE,WAAW;YACpB,MAAM,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC;YACtB,KAAK,EAAE,IAAI;YACX,SAAS,EAAE,KAAK;YAChB,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;QAEH,MAAM,CACJ,oBAAC,iBAAiB,IAChB,QAAQ,EAAC,gBAAgB,EACzB,WAAW,EAAC,qBAAqB;YAEjC,oBAAC,aAAa,OAAG,CACC,CACrB,CAAC;QAEF,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QAE9C,MAAM,CAAC,WAAW,CAAC,CAAC,gBAAgB,EAAE,CAAC;IACzC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, vi } from \"vitest\";\nimport { fireEvent, render, screen } from \"@testing-library/react\";\nimport { CivicAuthProvider, SignOutButton } from \"@/reactjs/index.js\";\nimport * as userHook from \"@/reactjs/hooks/useUser.js\";\nimport React from \"react\";\n\ndescribe(\"SignOutButton Component\", () => {\n  beforeEach(() => {\n    vi.clearAllMocks();\n  });\n\n  it(\"should render a SignOutButton component\", () => {\n    render(\n      <CivicAuthProvider\n        clientId=\"test-client-id\"\n        redirectUrl=\"https://example.com\"\n      >\n        <SignOutButton />\n      </CivicAuthProvider>,\n    );\n\n    expect(screen.getByText(\"Sign Out\")).toBeDefined();\n  });\n\n  it(\"should call signIn when the button is clicked\", () => {\n    const mockSignOut = vi.fn();\n\n    vi.spyOn(userHook, \"useUser\").mockReturnValue({\n      signOut: mockSignOut,\n      signIn: async () => {},\n      error: null,\n      isLoading: false,\n      user: null,\n    });\n\n    render(\n      <CivicAuthProvider\n        clientId=\"test-client-id\"\n        redirectUrl=\"https://example.com\"\n      >\n        <SignOutButton />\n      </CivicAuthProvider>,\n    );\n\n    fireEvent.click(screen.getByText(\"Sign Out\"));\n\n    expect(mockSignOut).toHaveBeenCalled();\n  });\n});\n"]}

package/dist/test/unit/server/login.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=login.test.d.ts.map

package/dist/test/unit/server/login.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/server/login.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/server/login.test.js

@@ -0,0 +1,127 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { resolveOAuthAccessCode, isLoggedIn, buildLoginUrl, } from "@/server/login.js";
+import { ServerAuthenticationResolver } from "@/server/ServerAuthenticationResolver.js";
+import { GenericAuthenticationInitiator } from "@/services/AuthenticationService.js";
+import { GenericPublicClientPKCEProducer } from "@/services/PKCE.js";
+import { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from "@/constants.js";
+vi.mock("@/server/ServerAuthenticationResolver");
+vi.mock("@/services/AuthenticationService");
+vi.mock("@/services/PKCE");
+class StubPKCEProducer {
+    constructor() { }
+    async getCodeChallenge() {
+        return "dummyCodeChallenge";
+    }
+    async getCodeVerifier() {
+        return "dummyCodeVerifier";
+    }
+}
+describe("Login Utilities", () => {
+    const mockAuthConfig = {
+        clientId: "mockClientId",
+        oauthServer: "http://mockOauthServer",
+        redirectUrl: "http://localhost/redirect",
+    };
+    const mockTokens = {
+        id_token: "mockIdToken",
+        access_token: "mockAccessToken",
+        refresh_token: "mockRefreshToken",
+    };
+    const mockStorage = {
+        get: vi.fn(),
+        set: vi.fn(),
+    };
+    describe("resolveOAuthAccessCode", () => {
+        it("should resolve the OAuth access code and return tokens", async () => {
+            vi.mocked(ServerAuthenticationResolver.build).mockResolvedValue({
+                tokenExchange: vi.fn().mockResolvedValue(mockTokens),
+            });
+            const result = await resolveOAuthAccessCode("mockCode", "mockState", mockStorage, mockAuthConfig);
+            expect(ServerAuthenticationResolver.build).toHaveBeenCalledWith({
+                ...mockAuthConfig,
+                oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,
+            }, mockStorage, undefined);
+            expect(result).toEqual(mockTokens);
+        });
+    });
+    describe("isLoggedIn", () => {
+        it("should return true if id_token is in storage", () => {
+            vi.mocked(mockStorage.get).mockReturnValue("mockIdToken");
+            const result = isLoggedIn(mockStorage);
+            expect(result).toBe(true);
+        });
+        it("should return false if id_token is not in storage", () => {
+            vi.mocked(mockStorage.get).mockReturnValue(null);
+            const result = isLoggedIn(mockStorage);
+            expect(result).toBe(false);
+        });
+    });
+    describe("buildLoginUrl", () => {
+        it("should generate a login URL with provided config", async () => {
+            const state = "mockState";
+            const scopes = ["openid", "profile"];
+            const pkceProducer = new StubPKCEProducer();
+            const authInitiator = new GenericAuthenticationInitiator({
+                ...mockAuthConfig,
+                state,
+                scopes,
+                oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,
+                pkceConsumer: pkceProducer,
+            });
+            vi.mocked(GenericAuthenticationInitiator).mockReturnValue(authInitiator);
+            vi.mocked(authInitiator.signIn).mockResolvedValue(new URL("http://mockLoginUrl"));
+            const result = await buildLoginUrl({
+                ...mockAuthConfig,
+                state,
+                scopes,
+            }, mockStorage);
+            expect(result.toString()).toBe("http://mockloginurl/");
+            expect(GenericAuthenticationInitiator).toHaveBeenCalledWith({
+                ...mockAuthConfig,
+                state,
+                scopes,
+                oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,
+                pkceConsumer: pkceProducer,
+            });
+        });
+        it("should generate a login URL with default state and scopes", async () => {
+            const authInitiator = new GenericAuthenticationInitiator({
+                ...mockAuthConfig,
+                state: expect.any(String), // state is random if not provided
+                scopes: DEFAULT_SCOPES,
+                oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,
+                pkceConsumer: expect.any(GenericPublicClientPKCEProducer),
+            });
+            vi.mocked(GenericAuthenticationInitiator).mockReturnValue(authInitiator);
+            vi.mocked(authInitiator.signIn).mockResolvedValue(new URL("http://mockLoginUrl"));
+            const result = await buildLoginUrl(mockAuthConfig, mockStorage);
+            expect(result.toString()).toBe("http://mockloginurl/");
+        });
+        it("should include nonce in the login URL if provided in config", async () => {
+            const state = "mockState";
+            const scopes = ["openid", "profile"];
+            const nonce = "mockNonce";
+            const pkceProducer = new GenericPublicClientPKCEProducer(mockStorage);
+            const authInitiator = new GenericAuthenticationInitiator({
+                ...mockAuthConfig,
+                state,
+                scopes,
+                oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,
+                pkceConsumer: pkceProducer,
+                nonce,
+            });
+            vi.mocked(GenericAuthenticationInitiator).mockReturnValue(authInitiator);
+            vi.mocked(authInitiator.signIn).mockResolvedValue(new URL(`http://mockLoginUrl?nonce=${nonce}`));
+            await buildLoginUrl({
+                ...mockAuthConfig,
+                state,
+                scopes,
+                nonce,
+            }, mockStorage);
+            expect(GenericAuthenticationInitiator).toHaveBeenCalledWith(expect.objectContaining({
+                nonce,
+            }));
+        });
+    });
+});
+//# sourceMappingURL=login.test.js.map

package/dist/test/unit/server/login.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.test.js","sourceRoot":"","sources":["../../../../test/unit/server/login.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EACL,sBAAsB,EACtB,UAAU,EACV,aAAa,GACd,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,4BAA4B,EAAE,MAAM,0CAA0C,CAAC;AACxF,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAKrE,EAAE,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;AACjD,EAAE,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;AAC5C,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;AAE3B,MAAM,gBAAgB;IACpB,gBAAe,CAAC;IAEhB,KAAK,CAAC,gBAAgB;QACpB,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,OAAO,mBAAmB,CAAC;IAC7B,CAAC;CACF;AAED,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAC/B,MAAM,cAAc,GAAe;QACjC,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,wBAAwB;QACrC,WAAW,EAAE,2BAA2B;KACzC,CAAC;IACF,MAAM,UAAU,GAA0B;QACxC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,iBAAiB;QAC/B,aAAa,EAAE,kBAAkB;KAClC,CAAC;IACF,MAAM,WAAW,GAAG;QAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACZ,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;KACa,CAAC;IAE5B,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;QACtC,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;YACtE,EAAE,CAAC,MAAM,CAAC,4BAA4B,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC;gBAC9D,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC;aACV,CAAC,CAAC;YAE9C,MAAM,MAAM,GAAG,MAAM,sBAAsB,CACzC,UAAU,EACV,WAAW,EACX,WAAW,EACX,cAAc,CACf,CAAC;YAEF,MAAM,CAAC,4BAA4B,CAAC,KAAK,CAAC,CAAC,oBAAoB,CAC7D;gBACE,GAAG,cAAc;gBACjB,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,mBAAmB;aAC/D,EACD,WAAW,EACX,SAAS,CACV,CAAC;YACF,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YAE1D,MAAM,MAAM,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;YAEvC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;YAC3D,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAEjD,MAAM,MAAM,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;YAEvC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;YAChE,MAAM,KAAK,GAAG,WAAW,CAAC;YAC1B,MAAM,MAAM,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YACrC,MAAM,YAAY,GAAG,IAAI,gBAAgB,EAAE,CAAC;YAE5C,MAAM,aAAa,GAAG,IAAI,8BAA8B,CAAC;gBACvD,GAAG,cAAc;gBACjB,KAAK;gBACL,MAAM;gBACN,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,mBAAmB;gBAC9D,YAAY,EAAE,YAAY;aAC3B,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,8BAA8B,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YACzE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,iBAAiB,CAC/C,IAAI,GAAG,CAAC,qBAAqB,CAAC,CAC/B,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAChC;gBACE,GAAG,cAAc;gBACjB,KAAK;gBACL,MAAM;aACP,EACD,WAAW,CACZ,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACvD,MAAM,CAAC,8BAA8B,CAAC,CAAC,oBAAoB,CAAC;gBAC1D,GAAG,cAAc;gBACjB,KAAK;gBACL,MAAM;gBACN,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,mBAAmB;gBAC9D,YAAY,EAAE,YAAY;aAC3B,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;YACzE,MAAM,aAAa,GAAG,IAAI,8BAA8B,CAAC;gBACvD,GAAG,cAAc;gBACjB,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,kCAAkC;gBAC7D,MAAM,EAAE,cAAc;gBACtB,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,mBAAmB;gBAC9D,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,+BAA+B,CAAC;aAC1D,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,8BAA8B,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YACzE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,iBAAiB,CAC/C,IAAI,GAAG,CAAC,qBAAqB,CAAC,CAC/B,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;YAEhE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;YAC3E,MAAM,KAAK,GAAG,WAAW,CAAC;YAC1B,MAAM,MAAM,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YACrC,MAAM,KAAK,GAAG,WAAW,CAAC;YAC1B,MAAM,YAAY,GAAG,IAAI,+BAA+B,CAAC,WAAW,CAAC,CAAC;YAEtE,MAAM,aAAa,GAAG,IAAI,8BAA8B,CAAC;gBACvD,GAAG,cAAc;gBACjB,KAAK;gBACL,MAAM;gBACN,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,mBAAmB;gBAC9D,YAAY,EAAE,YAAY;gBAC1B,KAAK;aACN,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,8BAA8B,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YACzE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,iBAAiB,CAC/C,IAAI,GAAG,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAC9C,CAAC;YAEF,MAAM,aAAa,CACjB;gBACE,GAAG,cAAc;gBACjB,KAAK;gBACL,MAAM;gBACN,KAAK;aACN,EACD,WAAW,CACZ,CAAC;YAEF,MAAM,CAAC,8BAA8B,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,gBAAgB,CAAC;gBAClF,KAAK;aACN,CAAC,CAAC,CAAC;QACN,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, vi, beforeEach } from \"vitest\";\nimport {\n  resolveOAuthAccessCode,\n  isLoggedIn,\n  buildLoginUrl,\n} from \"@/server/login.js\";\nimport { ServerAuthenticationResolver } from \"@/server/ServerAuthenticationResolver.js\";\nimport { GenericAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from \"@/constants.js\";\nimport type { OIDCTokenResponseBody, AuthStorage } from \"@/types.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport type { PKCEProducer } from \"@/services/types.js\";\n\nvi.mock(\"@/server/ServerAuthenticationResolver\");\nvi.mock(\"@/services/AuthenticationService\");\nvi.mock(\"@/services/PKCE\");\n\nclass StubPKCEProducer implements PKCEProducer {\n  constructor() {}\n\n  async getCodeChallenge(): Promise<string> {\n    return \"dummyCodeChallenge\";\n  }\n\n  async getCodeVerifier(): Promise<string> {\n    return \"dummyCodeVerifier\";\n  }\n}\n\ndescribe(\"Login Utilities\", () => {\n  const mockAuthConfig: AuthConfig = {\n    clientId: \"mockClientId\",\n    oauthServer: \"http://mockOauthServer\",\n    redirectUrl: \"http://localhost/redirect\",\n  };\n  const mockTokens: OIDCTokenResponseBody = {\n    id_token: \"mockIdToken\",\n    access_token: \"mockAccessToken\",\n    refresh_token: \"mockRefreshToken\",\n  };\n  const mockStorage = {\n    get: vi.fn(),\n    set: vi.fn(),\n  } as unknown as AuthStorage;\n\n  describe(\"resolveOAuthAccessCode\", () => {\n    it(\"should resolve the OAuth access code and return tokens\", async () => {\n      vi.mocked(ServerAuthenticationResolver.build).mockResolvedValue({\n        tokenExchange: vi.fn().mockResolvedValue(mockTokens),\n      } as unknown as ServerAuthenticationResolver);\n\n      const result = await resolveOAuthAccessCode(\n        \"mockCode\",\n        \"mockState\",\n        mockStorage,\n        mockAuthConfig,\n      );\n\n      expect(ServerAuthenticationResolver.build).toHaveBeenCalledWith(\n        {\n          ...mockAuthConfig,\n          oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,\n        },\n        mockStorage,\n        undefined,\n      );\n      expect(result).toEqual(mockTokens);\n    });\n  });\n\n  describe(\"isLoggedIn\", () => {\n    it(\"should return true if id_token is in storage\", () => {\n      vi.mocked(mockStorage.get).mockReturnValue(\"mockIdToken\");\n\n      const result = isLoggedIn(mockStorage);\n\n      expect(result).toBe(true);\n    });\n\n    it(\"should return false if id_token is not in storage\", () => {\n      vi.mocked(mockStorage.get).mockReturnValue(null);\n\n      const result = isLoggedIn(mockStorage);\n\n      expect(result).toBe(false);\n    });\n  });\n\n  describe(\"buildLoginUrl\", () => {\n    it(\"should generate a login URL with provided config\", async () => {\n      const state = \"mockState\";\n      const scopes = [\"openid\", \"profile\"];\n      const pkceProducer = new StubPKCEProducer();\n\n      const authInitiator = new GenericAuthenticationInitiator({\n        ...mockAuthConfig,\n        state,\n        scopes,\n        oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,\n        pkceConsumer: pkceProducer,\n      });\n      vi.mocked(GenericAuthenticationInitiator).mockReturnValue(authInitiator);\n      vi.mocked(authInitiator.signIn).mockResolvedValue(\n        new URL(\"http://mockLoginUrl\"),\n      );\n\n      const result = await buildLoginUrl(\n        {\n          ...mockAuthConfig,\n          state,\n          scopes,\n        },\n        mockStorage,\n      );\n\n      expect(result.toString()).toBe(\"http://mockloginurl/\");\n      expect(GenericAuthenticationInitiator).toHaveBeenCalledWith({\n        ...mockAuthConfig,\n        state,\n        scopes,\n        oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,\n        pkceConsumer: pkceProducer,\n      });\n    });\n\n    it(\"should generate a login URL with default state and scopes\", async () => {\n      const authInitiator = new GenericAuthenticationInitiator({\n        ...mockAuthConfig,\n        state: expect.any(String), // state is random if not provided\n        scopes: DEFAULT_SCOPES,\n        oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,\n        pkceConsumer: expect.any(GenericPublicClientPKCEProducer),\n      });\n      vi.mocked(GenericAuthenticationInitiator).mockReturnValue(authInitiator);\n      vi.mocked(authInitiator.signIn).mockResolvedValue(\n        new URL(\"http://mockLoginUrl\"),\n      );\n\n      const result = await buildLoginUrl(mockAuthConfig, mockStorage);\n\n      expect(result.toString()).toBe(\"http://mockloginurl/\");\n    });\n\n    it(\"should include nonce in the login URL if provided in config\", async () => {\n      const state = \"mockState\";\n      const scopes = [\"openid\", \"profile\"];\n      const nonce = \"mockNonce\";\n      const pkceProducer = new GenericPublicClientPKCEProducer(mockStorage);\n\n      const authInitiator = new GenericAuthenticationInitiator({\n        ...mockAuthConfig,\n        state,\n        scopes,\n        oauthServer: mockAuthConfig.oauthServer ?? DEFAULT_AUTH_SERVER,\n        pkceConsumer: pkceProducer,\n        nonce,\n      });\n      vi.mocked(GenericAuthenticationInitiator).mockReturnValue(authInitiator);\n      vi.mocked(authInitiator.signIn).mockResolvedValue(\n        new URL(`http://mockLoginUrl?nonce=${nonce}`),\n      );\n\n      await buildLoginUrl(\n        {\n          ...mockAuthConfig,\n          state,\n          scopes,\n          nonce,\n        },\n        mockStorage,\n      );\n\n      expect(GenericAuthenticationInitiator).toHaveBeenCalledWith(expect.objectContaining({\n        nonce,\n      }));\n    });\n  });\n});\n"]}

package/dist/test/unit/server/session.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=session.test.d.ts.map

package/dist/test/unit/server/session.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/server/session.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/server/session.test.js

@@ -0,0 +1,41 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { parseJWT } from "oslo/jwt";
+import { getUser } from "@/shared/lib/session.js";
+import { retrieveTokens } from "@/shared/lib/util.js";
+vi.mock("@/shared/lib/util.js");
+vi.mock("oslo/jwt");
+describe("getUser", () => {
+    const mockStorage = {};
+    const mockUser = {
+        id: "mockUserId",
+        email: "user@example.com",
+    };
+    beforeEach(() => {
+        vi.clearAllMocks();
+    });
+    it("should return null if no tokens are retrieved", async () => {
+        vi.mocked(retrieveTokens).mockReturnValue(null);
+        const result = await getUser(mockStorage);
+        expect(result).toBeNull();
+        expect(retrieveTokens).toHaveBeenCalledWith(mockStorage);
+    });
+    it("should return a User if tokens are retrieved and parsed successfully", async () => {
+        const mockTokens = { id_token: "mockIdToken" };
+        vi.mocked(retrieveTokens).mockReturnValue(mockTokens);
+        vi.mocked(parseJWT).mockReturnValue({ payload: mockUser });
+        const result = await getUser(mockStorage);
+        expect(result).toEqual(mockUser);
+        expect(retrieveTokens).toHaveBeenCalledWith(mockStorage);
+        expect(parseJWT).toHaveBeenCalledWith(mockTokens.id_token);
+    });
+    it("should return null if parsing the ID token fails", async () => {
+        const mockTokens = { id_token: "mockIdToken" };
+        vi.mocked(retrieveTokens).mockReturnValue(mockTokens);
+        vi.mocked(parseJWT).mockReturnValue(null); // Simulate parse failure
+        const result = await getUser(mockStorage);
+        expect(result).toBeNull();
+        expect(retrieveTokens).toHaveBeenCalledWith(mockStorage);
+        expect(parseJWT).toHaveBeenCalledWith(mockTokens.id_token);
+    });
+});
+//# sourceMappingURL=session.test.js.map

package/dist/test/unit/server/session.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.test.js","sourceRoot":"","sources":["../../../../test/unit/server/session.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAE9D,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAGtD,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;AAChC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AAEpB,QAAQ,CAAC,SAAS,EAAE,GAAG,EAAE;IACvB,MAAM,WAAW,GAAG,EAAiB,CAAC;IACtC,MAAM,QAAQ,GAAS;QACrB,EAAE,EAAE,YAAY;QAChB,KAAK,EAAE,kBAAkB;KAClB,CAAC;IAEV,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC7D,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAEhD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,CAAC,cAAc,CAAC,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sEAAsE,EAAE,KAAK,IAAI,EAAE;QACpF,MAAM,UAAU,GAAG,EAAE,QAAQ,EAAE,aAAa,EAA2B,CAAC;QACxE,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;QACtD,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,eAAe,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAS,CAAC,CAAC;QAElE,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,MAAM,CAAC,cAAc,CAAC,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACzD,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,MAAM,UAAU,GAAG,EAAE,QAAQ,EAAE,aAAa,EAA2B,CAAC;QACxE,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;QACtD,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,yBAAyB;QAEpE,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,CAAC,cAAc,CAAC,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACzD,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, vi, beforeEach } from \"vitest\";\nimport type { JWT } from \"oslo/jwt\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { retrieveTokens } from \"@/shared/lib/util.js\";\nimport type { AuthStorage, OIDCTokenResponseBody, User } from \"@/types.js\";\n\nvi.mock(\"@/shared/lib/util.js\");\nvi.mock(\"oslo/jwt\");\n\ndescribe(\"getUser\", () => {\n  const mockStorage = {} as AuthStorage;\n  const mockUser: User = {\n    id: \"mockUserId\",\n    email: \"user@example.com\",\n  } as User;\n\n  beforeEach(() => {\n    vi.clearAllMocks();\n  });\n\n  it(\"should return null if no tokens are retrieved\", async () => {\n    vi.mocked(retrieveTokens).mockReturnValue(null);\n\n    const result = await getUser(mockStorage);\n    expect(result).toBeNull();\n    expect(retrieveTokens).toHaveBeenCalledWith(mockStorage);\n  });\n\n  it(\"should return a User if tokens are retrieved and parsed successfully\", async () => {\n    const mockTokens = { id_token: \"mockIdToken\" } as OIDCTokenResponseBody;\n    vi.mocked(retrieveTokens).mockReturnValue(mockTokens);\n    vi.mocked(parseJWT).mockReturnValue({ payload: mockUser } as JWT);\n\n    const result = await getUser(mockStorage);\n    expect(result).toEqual(mockUser);\n    expect(retrieveTokens).toHaveBeenCalledWith(mockStorage);\n    expect(parseJWT).toHaveBeenCalledWith(mockTokens.id_token);\n  });\n\n  it(\"should return null if parsing the ID token fails\", async () => {\n    const mockTokens = { id_token: \"mockIdToken\" } as OIDCTokenResponseBody;\n    vi.mocked(retrieveTokens).mockReturnValue(mockTokens);\n    vi.mocked(parseJWT).mockReturnValue(null); // Simulate parse failure\n\n    const result = await getUser(mockStorage);\n    expect(result).toBeNull();\n    expect(retrieveTokens).toHaveBeenCalledWith(mockStorage);\n    expect(parseJWT).toHaveBeenCalledWith(mockTokens.id_token);\n  });\n});\n"]}

package/dist/test/unit/services/AuthenticationService.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=AuthenticationService.test.d.ts.map

package/dist/test/unit/services/AuthenticationService.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthenticationService.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/services/AuthenticationService.test.ts"],"names":[],"mappings":""}