@civic/auth 0.0.1-beta.30 → 0.0.1-beta.31

package/dist/src/shared/components/LoadingIcon.js

@@ -1,24 +0,0 @@
-import React from "react";
-const LoadingIcon = () => (React.createElement("div", { role: "status" },
-    React.createElement("svg", { "aria-hidden": "true", style: {
-            display: "inline",
-            height: "2rem",
-            width: "2rem",
-            animation: "spin 1s linear infinite",
-            fill: "#4b5563",
-            color: "#e5e7eb",
-        }, viewBox: "0 0 100 101", fill: "none", xmlns: "http://www.w3.org/2000/svg" },
-        React.createElement("path", { d: "M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z", fill: "currentColor" }),
-        React.createElement("path", { d: "M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z", fill: "currentFill" })),
-    React.createElement("span", { style: {
-            position: "absolute",
-            width: "1px",
-            height: "1px",
-            padding: 0,
-            margin: "-1px",
-            overflow: "hidden",
-            clip: "rect(0, 0, 0, 0)",
-            border: 0,
-        } }, "Loading...")));
-export { LoadingIcon };
-//# sourceMappingURL=LoadingIcon.js.map

package/dist/src/shared/components/LoadingIcon.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"LoadingIcon.js","sourceRoot":"","sources":["../../../../src/shared/components/LoadingIcon.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,CACxB,6BAAK,IAAI,EAAC,QAAQ;IAChB,4CACc,MAAM,EAClB,KAAK,EAAE;YACL,OAAO,EAAE,QAAQ;YACjB,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,MAAM;YACb,SAAS,EAAE,yBAAyB;YACpC,IAAI,EAAE,SAAS;YACf,KAAK,EAAE,SAAS;SACjB,EACD,OAAO,EAAC,aAAa,EACrB,IAAI,EAAC,MAAM,EACX,KAAK,EAAC,4BAA4B;QAElC,8BACE,CAAC,EAAC,8WAA8W,EAChX,IAAI,EAAC,cAAc,GACnB;QACF,8BACE,CAAC,EAAC,+kBAA+kB,EACjlB,IAAI,EAAC,aAAa,GAClB,CACE;IACN,8BACE,KAAK,EAAE;YACL,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,kBAAkB;YACxB,MAAM,EAAE,CAAC;SACV,iBAGI,CACH,CACP,CAAC;AAEF,OAAO,EAAE,WAAW,EAAE,CAAC","sourcesContent":["import React from \"react\";\n\nconst LoadingIcon = () => (\n  <div role=\"status\">\n    <svg\n      aria-hidden=\"true\"\n      style={{\n        display: \"inline\",\n        height: \"2rem\",\n        width: \"2rem\",\n        animation: \"spin 1s linear infinite\",\n        fill: \"#4b5563\",\n        color: \"#e5e7eb\",\n      }}\n      viewBox=\"0 0 100 101\"\n      fill=\"none\"\n      xmlns=\"http://www.w3.org/2000/svg\"\n    >\n      <path\n        d=\"M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z\"\n        fill=\"currentColor\"\n      />\n      <path\n        d=\"M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z\"\n        fill=\"currentFill\"\n      />\n    </svg>\n    <span\n      style={{\n        position: \"absolute\",\n        width: \"1px\",\n        height: \"1px\",\n        padding: 0,\n        margin: \"-1px\",\n        overflow: \"hidden\",\n        clip: \"rect(0, 0, 0, 0)\",\n        border: 0,\n      }}\n    >\n      Loading...\n    </span>\n  </div>\n);\n\nexport { LoadingIcon };\n"]}

package/dist/src/shared/hooks/index.d.ts

@@ -1,5 +0,0 @@
-export { useToken } from "@/shared/hooks/useToken.js";
-export { useAuth } from "@/shared/hooks/useAuth.js";
-export { useConfig } from "@/shared/hooks/useConfig.js";
-export { useIframe } from "@/shared/hooks/useIframe.js";
-//# sourceMappingURL=index.d.ts.map

package/dist/src/shared/hooks/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC"}

package/dist/src/shared/hooks/index.js

@@ -1,5 +0,0 @@
-export { useToken } from "@/shared/hooks/useToken.js";
-export { useAuth } from "@/shared/hooks/useAuth.js";
-export { useConfig } from "@/shared/hooks/useConfig.js";
-export { useIframe } from "@/shared/hooks/useIframe.js";
-//# sourceMappingURL=index.js.map

package/dist/src/shared/hooks/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/shared/hooks/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC","sourcesContent":["export { useToken } from \"@/shared/hooks/useToken.js\";\nexport { useAuth } from \"@/shared/hooks/useAuth.js\";\nexport { useConfig } from \"@/shared/hooks/useConfig.js\";\nexport { useIframe } from \"@/shared/hooks/useIframe.js\";\n"]}

package/dist/src/shared/hooks/useAuth.d.ts

@@ -1,3 +0,0 @@
-declare const useAuth: () => import("@/shared/providers/AuthContext.js").AuthContextType;
-export { useAuth };
-//# sourceMappingURL=useAuth.d.ts.map

package/dist/src/shared/hooks/useAuth.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useAuth.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useAuth.ts"],"names":[],"mappings":"AAIA,QAAA,MAAM,OAAO,mEAQZ,CAAC;AAEF,OAAO,EAAE,OAAO,EAAE,CAAC"}

package/dist/src/shared/hooks/useAuth.js

@@ -1,12 +0,0 @@
-"use client";
-import { useContext } from "react";
-import { AuthContext } from "@/shared/providers/AuthContext.js";
-const useAuth = () => {
-    const context = useContext(AuthContext);
-    if (!context) {
-        throw new Error("useAuth must be used within an AuthProvider");
-    }
-    return context;
-};
-export { useAuth };
-//# sourceMappingURL=useAuth.js.map

package/dist/src/shared/hooks/useAuth.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useAuth.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useAuth.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAEhE,MAAM,OAAO,GAAG,GAAG,EAAE;IACnB,MAAM,OAAO,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;IAExC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,OAAO,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { AuthContext } from \"@/shared/providers/AuthContext.js\";\n\nconst useAuth = () => {\n  const context = useContext(AuthContext);\n\n  if (!context) {\n    throw new Error(\"useAuth must be used within an AuthProvider\");\n  }\n\n  return context;\n};\n\nexport { useAuth };\n"]}

package/dist/src/shared/hooks/useConfig.d.ts

@@ -1,3 +0,0 @@
-declare const useConfig: () => import("@/shared/providers/ConfigProvider.js").ConfigProviderOutput;
-export { useConfig };
-//# sourceMappingURL=useConfig.d.ts.map

package/dist/src/shared/hooks/useConfig.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useConfig.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useConfig.ts"],"names":[],"mappings":"AAKA,QAAA,MAAM,SAAS,2EAMd,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/src/shared/hooks/useConfig.js

@@ -1,13 +0,0 @@
-"use client";
-import { useContext } from "react";
-import { ConfigContext } from "@/shared/providers/ConfigProvider.js";
-// TokenProvider will use this internal context to access Config
-const useConfig = () => {
-    const context = useContext(ConfigContext);
-    if (!context) {
-        throw new Error("useConfig must be used within an ConfigProvider");
-    }
-    return context;
-};
-export { useConfig };
-//# sourceMappingURL=useConfig.js.map

package/dist/src/shared/hooks/useConfig.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useConfig.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useConfig.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AAErE,gEAAgE;AAChE,MAAM,SAAS,GAAG,GAAG,EAAE;IACrB,MAAM,OAAO,GAAG,UAAU,CAAC,aAAa,CAAC,CAAC;IAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { ConfigContext } from \"@/shared/providers/ConfigProvider.js\";\n\n// TokenProvider will use this internal context to access Config\nconst useConfig = () => {\n  const context = useContext(ConfigContext);\n  if (!context) {\n    throw new Error(\"useConfig must be used within an ConfigProvider\");\n  }\n  return context;\n};\n\nexport { useConfig };\n"]}

package/dist/src/shared/hooks/useIframe.d.ts

@@ -1,3 +0,0 @@
-declare const useIframe: () => import("@/shared/providers/IframeProvider.js").IframeProviderOutput;
-export { useIframe };
-//# sourceMappingURL=useIframe.d.ts.map

package/dist/src/shared/hooks/useIframe.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useIframe.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useIframe.ts"],"names":[],"mappings":"AAKA,QAAA,MAAM,SAAS,2EAMd,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/src/shared/hooks/useIframe.js

@@ -1,13 +0,0 @@
-"use client";
-import { useContext } from "react";
-import { IframeContext } from "@/shared/providers/IframeProvider.js";
-// TokenProvider will use this internal context to access Iframe
-const useIframe = () => {
-    const context = useContext(IframeContext);
-    if (!context) {
-        throw new Error("useIframe must be used within an IframeProvider");
-    }
-    return context;
-};
-export { useIframe };
-//# sourceMappingURL=useIframe.js.map

package/dist/src/shared/hooks/useIframe.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useIframe.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useIframe.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AAErE,gEAAgE;AAChE,MAAM,SAAS,GAAG,GAAG,EAAE;IACrB,MAAM,OAAO,GAAG,UAAU,CAAC,aAAa,CAAC,CAAC;IAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { IframeContext } from \"@/shared/providers/IframeProvider.js\";\n\n// TokenProvider will use this internal context to access Iframe\nconst useIframe = () => {\n  const context = useContext(IframeContext);\n  if (!context) {\n    throw new Error(\"useIframe must be used within an IframeProvider\");\n  }\n  return context;\n};\n\nexport { useIframe };\n"]}

package/dist/src/shared/hooks/useSession.d.ts

@@ -1,3 +0,0 @@
-declare const useSession: () => import("../../types.js").SessionData;
-export { useSession };
-//# sourceMappingURL=useSession.d.ts.map

package/dist/src/shared/hooks/useSession.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useSession.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useSession.ts"],"names":[],"mappings":"AAKA,QAAA,MAAM,UAAU,4CAMf,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC"}

package/dist/src/shared/hooks/useSession.js

@@ -1,13 +0,0 @@
-"use client";
-import { useContext } from "react";
-import { SessionContext } from "@/shared/providers/SessionProvider.js";
-// TokenProvider will use this internal context to access session
-const useSession = () => {
-    const context = useContext(SessionContext);
-    if (!context) {
-        throw new Error("useSession must be used within an SessionProvider");
-    }
-    return context;
-};
-export { useSession };
-//# sourceMappingURL=useSession.js.map

package/dist/src/shared/hooks/useSession.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useSession.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useSession.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,cAAc,EAAE,MAAM,uCAAuC,CAAC;AAEvE,iEAAiE;AACjE,MAAM,UAAU,GAAG,GAAG,EAAE;IACtB,MAAM,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { SessionContext } from \"@/shared/providers/SessionProvider.js\";\n\n// TokenProvider will use this internal context to access session\nconst useSession = () => {\n  const context = useContext(SessionContext);\n  if (!context) {\n    throw new Error(\"useSession must be used within an SessionProvider\");\n  }\n  return context;\n};\n\nexport { useSession };\n"]}

package/dist/src/shared/hooks/useToken.d.ts

@@ -1,3 +0,0 @@
-declare const useToken: () => import("@/shared/providers/TokenProvider.js").TokenContextType;
-export { useToken };
-//# sourceMappingURL=useToken.d.ts.map

package/dist/src/shared/hooks/useToken.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useToken.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useToken.ts"],"names":[],"mappings":"AAIA,QAAA,MAAM,QAAQ,sEAQb,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,CAAC"}

package/dist/src/shared/hooks/useToken.js

@@ -1,12 +0,0 @@
-"use client";
-import { useContext } from "react";
-import { TokenContext } from "@/shared/providers/TokenProvider.js";
-const useToken = () => {
-    const context = useContext(TokenContext);
-    if (!context) {
-        throw new Error("useToken must be used within a TokenProvider");
-    }
-    return context;
-};
-export { useToken };
-//# sourceMappingURL=useToken.js.map

package/dist/src/shared/hooks/useToken.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useToken.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useToken.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,qCAAqC,CAAC;AAEnE,MAAM,QAAQ,GAAG,GAAG,EAAE;IACpB,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IAEzC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { TokenContext } from \"@/shared/providers/TokenProvider.js\";\n\nconst useToken = () => {\n  const context = useContext(TokenContext);\n\n  if (!context) {\n    throw new Error(\"useToken must be used within a TokenProvider\");\n  }\n\n  return context;\n};\n\nexport { useToken };\n"]}

package/dist/src/shared/lib/GenericAuthenticationRefresher.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"GenericAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/GenericAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAMhF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD,qBAAa,8BAA+B,YAAW,uBAAuB;IAK1E,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,iBAAiB,CAAC;IAN5B,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;IAEzC,OAAO;IAWD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAkBd,KAAK,CAChB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GACrC,OAAO,CAAC,8BAA8B,CAAC;IAWpC,aAAa;CAgBpB"}

package/dist/src/shared/lib/GenericAuthenticationRefresher.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"GenericAuthenticationRefresher.js","sourceRoot":"","sources":["../../../../src/shared/lib/GenericAuthenticationRefresher.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,yBAAyB,EACzB,cAAc,EACd,WAAW,GACZ,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,MAAM,OAAO,8BAA8B;IAK/B;IACA;IACA;IANF,YAAY,CAA2B;IACvC,SAAS,CAAwB;IAEzC,YACU,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAFtC,eAAU,GAAV,UAAU,CAAY;QACtB,YAAO,GAAP,OAAO,CAAa;QACpB,sBAAiB,GAAjB,iBAAiB,CAAqB;QAE9C,OAAO,CAAC,GAAG,CAAC,4CAA4C,EAAE;YACxD,UAAU;YACV,iBAAiB;SAClB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,yBAAyB,CAC9C,IAAI,CAAC,UAAU,CAAC,WAAW,EAC3B,IAAI,CAAC,iBAAiB,CACvB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,IAAI,CAAC,UAAU,CAAC,QAAQ,EACxB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW;SACzC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAEtC,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAClD,UAAU,EACV,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QAEvB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAE1C,MAAM,MAAM,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,EAAE,aAAa;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAE1E,MAAM,YAAY,GAAG,IAAI,CAAC,YAAa,CAAC;QACxC,MAAM,eAAe,GACnB,MAAM,YAAY,CAAC,kBAAkB,CACnC,MAAM,CAAC,aAAa,CACrB,CAAC;QAEJ,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3C,OAAO,MAAM,CAAC;IAChB,CAAC;CACF","sourcesContent":["import type { AuthenticationRefresher } from \"@/services/types.js\";\nimport type { AuthStorage, Endpoints, OIDCTokenResponseBody } from \"@/types.js\";\nimport {\n  getEndpointsWithOverrides,\n  retrieveTokens,\n  storeTokens,\n} from \"@/shared/lib/util.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\n\nexport class GenericAuthenticationRefresher implements AuthenticationRefresher {\n  private oauth2client: OAuth2Client | undefined;\n  private endpoints: Endpoints | undefined;\n\n  private constructor(\n    private authConfig: AuthConfig,\n    private storage: AuthStorage,\n    private endpointOverrides?: Partial<Endpoints>,\n  ) {\n    console.log(\"GenericAuthenticationRefresher constructor\", {\n      authConfig,\n      endpointOverrides,\n    });\n  }\n\n  async init(): Promise<this> {\n    // resolve oauth config\n    this.endpoints = await getEndpointsWithOverrides(\n      this.authConfig.oauthServer,\n      this.endpointOverrides,\n    );\n    this.oauth2client = new OAuth2Client(\n      this.authConfig.clientId,\n      this.endpoints.auth,\n      this.endpoints.token,\n      {\n        redirectURI: this.authConfig.redirectUrl,\n      },\n    );\n\n    return this;\n  }\n\n  static async build(\n    authConfig: AuthConfig,\n    storage: AuthStorage,\n    endpointOverrides?: Partial<Endpoints>,\n  ): Promise<GenericAuthenticationRefresher> {\n    const refresher = new GenericAuthenticationRefresher(\n      authConfig,\n      storage,\n      endpointOverrides,\n    );\n    await refresher.init();\n\n    return refresher;\n  }\n\n  async refreshTokens() {\n    if (!this.oauth2client) await this.init();\n\n    const tokens = retrieveTokens(this.storage);\n    if (!tokens?.refresh_token) throw new Error(\"No refresh token available\");\n\n    const oauth2Client = this.oauth2client!;\n    const refreshedTokens =\n      await oauth2Client.refreshAccessToken<OIDCTokenResponseBody>(\n        tokens.refresh_token,\n      );\n\n    storeTokens(this.storage, refreshedTokens);\n\n    return tokens;\n  }\n}\n"]}

package/dist/src/shared/lib/UserSession.d.ts

@@ -1,12 +0,0 @@
-import type { AuthStorage, User } from "@/types.js";
-export interface UserSession {
-    get(): User | null;
-    set(user: User): void;
-}
-export declare class GenericUserSession implements UserSession {
-    readonly storage: AuthStorage;
-    constructor(storage: AuthStorage);
-    get(): User | null;
-    set(user: User | null): void;
-}
-//# sourceMappingURL=UserSession.d.ts.map

package/dist/src/shared/lib/UserSession.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserSession.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/UserSession.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAsB,IAAI,EAAE,MAAM,YAAY,CAAC;AAIxE,MAAM,WAAW,WAAW;IAC1B,GAAG,IAAI,IAAI,GAAG,IAAI,CAAC;IACnB,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;CACvB;AAED,qBAAa,kBAAmB,YAAW,WAAW;IACxC,QAAQ,CAAC,OAAO,EAAE,WAAW;gBAApB,OAAO,EAAE,WAAW;IAEzC,GAAG,IAAI,IAAI,GAAG,IAAI;IAKlB,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,GAAG,IAAI;CAO7B"}

package/dist/src/shared/lib/UserSession.js

@@ -1,20 +0,0 @@
-import { UserStorage } from "@/shared/lib/types.js";
-import { convertForwardedTokenFormat } from "@/lib/jwt.js";
-export class GenericUserSession {
-    storage;
-    constructor(storage) {
-        this.storage = storage;
-    }
-    get() {
-        const user = this.storage.get(UserStorage.USER);
-        return user ? JSON.parse(user) : null;
-    }
-    set(user) {
-        const forwardedTokens = user?.forwardedTokens
-            ? convertForwardedTokenFormat(user?.forwardedTokens)
-            : null;
-        const value = user ? JSON.stringify({ ...user, forwardedTokens }) : "";
-        this.storage.set(UserStorage.USER, value);
-    }
-}
-//# sourceMappingURL=UserSession.js.map

package/dist/src/shared/lib/UserSession.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserSession.js","sourceRoot":"","sources":["../../../../src/shared/lib/UserSession.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAO3D,MAAM,OAAO,kBAAkB;IACR;IAArB,YAAqB,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;IAAG,CAAC;IAE7C,GAAG;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACxC,CAAC;IAED,GAAG,CAAC,IAAiB;QACnB,MAAM,eAAe,GAAG,IAAI,EAAE,eAAe;YAC3C,CAAC,CAAC,2BAA2B,CAAC,IAAI,EAAE,eAAqC,CAAC;YAC1E,CAAC,CAAC,IAAI,CAAC;QACT,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;CACF","sourcesContent":["import type { AuthStorage, ForwardedTokensJWT, User } from \"@/types.js\";\nimport { UserStorage } from \"@/shared/lib/types.js\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\n\nexport interface UserSession {\n  get(): User | null;\n  set(user: User): void;\n}\n\nexport class GenericUserSession implements UserSession {\n  constructor(readonly storage: AuthStorage) {}\n\n  get(): User | null {\n    const user = this.storage.get(UserStorage.USER);\n    return user ? JSON.parse(user) : null;\n  }\n\n  set(user: User | null): void {\n    const forwardedTokens = user?.forwardedTokens\n      ? convertForwardedTokenFormat(user?.forwardedTokens as ForwardedTokensJWT)\n      : null;\n    const value = user ? JSON.stringify({ ...user, forwardedTokens }) : \"\";\n    this.storage.set(UserStorage.USER, value);\n  }\n}\n"]}

package/dist/src/shared/lib/session.d.ts

@@ -1,3 +0,0 @@
-import type { AuthStorage, User } from "@/types.js";
-export declare function getUser(storage: AuthStorage): Promise<User | null>;
-//# sourceMappingURL=session.d.ts.map

package/dist/src/shared/lib/session.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEpD,wBAAsB,OAAO,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAMxE"}

package/dist/src/shared/lib/session.js

@@ -1,10 +0,0 @@
-import { retrieveTokens } from "@/shared/lib/util.js";
-import { parseJWT } from "oslo/jwt";
-export async function getUser(storage) {
-    const tokens = retrieveTokens(storage);
-    if (!tokens)
-        return null;
-    // Assumes all information is in the ID token
-    return parseJWT(tokens.id_token)?.payload ?? null;
-}
-//# sourceMappingURL=session.js.map

package/dist/src/shared/lib/session.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AAGpC,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,OAAoB;IAChD,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IACvC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,6CAA6C;IAC7C,OAAQ,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,OAAgB,IAAI,IAAI,CAAC;AAC9D,CAAC","sourcesContent":["import { retrieveTokens } from \"@/shared/lib/util.js\";\nimport { parseJWT } from \"oslo/jwt\";\nimport type { AuthStorage, User } from \"@/types.js\";\n\nexport async function getUser(storage: AuthStorage): Promise<User | null> {\n  const tokens = retrieveTokens(storage);\n  if (!tokens) return null;\n\n  // Assumes all information is in the ID token\n  return (parseJWT(tokens.id_token)?.payload as User) ?? null;\n}\n"]}

package/dist/src/shared/lib/storage.d.ts

@@ -1,25 +0,0 @@
-import type { AuthStorage, SessionData, UnknownObject, User } from "@/types.js";
-type SameSiteOption = "strict" | "lax" | "none";
-export interface SessionStorage {
-    get(): SessionData;
-    getUser(): User<UnknownObject> | null;
-    set(data: Partial<SessionData>): void;
-    setUser(data: User<UnknownObject> | null): void;
-    clear(): void;
-}
-export type CookieStorageSettings = {
-    httpOnly: boolean;
-    secure: boolean;
-    sameSite: SameSiteOption;
-    expires: Date;
-    path: string;
-};
-export declare const DEFAULT_COOKIE_DURATION: number;
-export declare abstract class CookieStorage implements AuthStorage {
-    protected settings: CookieStorageSettings;
-    protected constructor(settings?: Partial<CookieStorageSettings>);
-    abstract get(key: string): string | null;
-    abstract set(key: string, value: string): void;
-}
-export {};
-//# sourceMappingURL=storage.d.ts.map

package/dist/src/shared/lib/storage.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/storage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEhF,KAAK,cAAc,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEhD,MAAM,WAAW,cAAc;IAC7B,GAAG,IAAI,WAAW,CAAC;IACnB,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IACtC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC;IACtC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;IAChD,KAAK,IAAI,IAAI,CAAC;CACf;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,IAAI,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,eAAO,MAAM,uBAAuB,QAAU,CAAC;AAE/C,8BAAsB,aAAc,YAAW,WAAW;IACxD,SAAS,CAAC,QAAQ,EAAE,qBAAqB,CAAC;IAC1C,SAAS,aAAa,QAAQ,GAAE,OAAO,CAAC,qBAAqB,CAAM;IAanE,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IACxC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;CAC/C"}

package/dist/src/shared/lib/storage.js

@@ -1,17 +0,0 @@
-export const DEFAULT_COOKIE_DURATION = 60 * 15; // 15 minutes
-export class CookieStorage {
-    settings;
-    constructor(settings = {}) {
-        this.settings = {
-            httpOnly: settings.httpOnly ?? true,
-            secure: settings.secure ?? true,
-            // the callback request comes the auth server
-            // 'lax' ensures the code_verifier cookie is sent with the request
-            sameSite: settings.sameSite ?? "lax",
-            expires: settings.expires ??
-                new Date(Date.now() + 1000 * DEFAULT_COOKIE_DURATION),
-            path: settings.path ?? "/",
-        };
-    }
-}
-//# sourceMappingURL=storage.js.map

package/dist/src/shared/lib/storage.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"storage.js","sourceRoot":"","sources":["../../../../src/shared/lib/storage.ts"],"names":[],"mappings":"AAoBA,MAAM,CAAC,MAAM,uBAAuB,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,aAAa;AAE7D,MAAM,OAAgB,aAAa;IACvB,QAAQ,CAAwB;IAC1C,YAAsB,WAA2C,EAAE;QACjE,IAAI,CAAC,QAAQ,GAAG;YACd,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,IAAI;YACnC,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,IAAI;YAC/B,6CAA6C;YAC7C,kEAAkE;YAClE,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,KAAK;YACpC,OAAO,EACL,QAAQ,CAAC,OAAO;gBAChB,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,uBAAuB,CAAC;YACvD,IAAI,EAAE,QAAQ,CAAC,IAAI,IAAI,GAAG;SAC3B,CAAC;IACJ,CAAC;CAGF","sourcesContent":["import type { AuthStorage, SessionData, UnknownObject, User } from \"@/types.js\";\n\ntype SameSiteOption = \"strict\" | \"lax\" | \"none\";\n\nexport interface SessionStorage {\n  get(): SessionData;\n  getUser(): User<UnknownObject> | null;\n  set(data: Partial<SessionData>): void;\n  setUser(data: User<UnknownObject> | null): void;\n  clear(): void;\n}\n\nexport type CookieStorageSettings = {\n  httpOnly: boolean;\n  secure: boolean;\n  sameSite: SameSiteOption;\n  expires: Date;\n  path: string;\n};\n\nexport const DEFAULT_COOKIE_DURATION = 60 * 15; // 15 minutes\n\nexport abstract class CookieStorage implements AuthStorage {\n  protected settings: CookieStorageSettings;\n  protected constructor(settings: Partial<CookieStorageSettings> = {}) {\n    this.settings = {\n      httpOnly: settings.httpOnly ?? true,\n      secure: settings.secure ?? true,\n      // the callback request comes the auth server\n      // 'lax' ensures the code_verifier cookie is sent with the request\n      sameSite: settings.sameSite ?? \"lax\",\n      expires:\n        settings.expires ??\n        new Date(Date.now() + 1000 * DEFAULT_COOKIE_DURATION),\n      path: settings.path ?? \"/\",\n    };\n  }\n  abstract get(key: string): string | null;\n  abstract set(key: string, value: string): void;\n}\n"]}

package/dist/src/shared/lib/types.d.ts

@@ -1,22 +0,0 @@
-export declare enum OAuthTokens {
-    ID_TOKEN = "id_token",
-    ACCESS_TOKEN = "access_token",
-    REFRESH_TOKEN = "refresh_token"
-}
-export declare enum CodeVerifier {
-    COOKIE_NAME = "code_verifier",
-    APP_URL = "app_url"
-}
-export declare enum UserStorage {
-    USER = "user"
-}
-export interface CookieConfig {
-    secure?: boolean;
-    sameSite?: "strict" | "lax" | "none";
-    domain?: string;
-    path?: string;
-    maxAge?: number;
-    httpOnly?: boolean;
-}
-export type TokensCookieConfig = Record<OAuthTokens | CodeVerifier, CookieConfig>;
-//# sourceMappingURL=types.d.ts.map

package/dist/src/shared/lib/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAAA,oBAAY,WAAW;IACrB,QAAQ,aAAa;IACrB,YAAY,iBAAiB;IAC7B,aAAa,kBAAkB;CAChC;AAED,oBAAY,YAAY;IACtB,WAAW,kBAAkB;IAC7B,OAAO,YAAY;CACpB;AACD,oBAAY,WAAW;IACrB,IAAI,SAAS;CACd;AACD,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,MAAM,kBAAkB,GAAG,MAAM,CACrC,WAAW,GAAG,YAAY,EAC1B,YAAY,CACb,CAAC"}

package/dist/src/shared/lib/types.js

@@ -1,16 +0,0 @@
-export var OAuthTokens;
-(function (OAuthTokens) {
-    OAuthTokens["ID_TOKEN"] = "id_token";
-    OAuthTokens["ACCESS_TOKEN"] = "access_token";
-    OAuthTokens["REFRESH_TOKEN"] = "refresh_token";
-})(OAuthTokens || (OAuthTokens = {}));
-export var CodeVerifier;
-(function (CodeVerifier) {
-    CodeVerifier["COOKIE_NAME"] = "code_verifier";
-    CodeVerifier["APP_URL"] = "app_url";
-})(CodeVerifier || (CodeVerifier = {}));
-export var UserStorage;
-(function (UserStorage) {
-    UserStorage["USER"] = "user";
-})(UserStorage || (UserStorage = {}));
-//# sourceMappingURL=types.js.map

package/dist/src/shared/lib/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAAA,MAAM,CAAN,IAAY,WAIX;AAJD,WAAY,WAAW;IACrB,oCAAqB,CAAA;IACrB,4CAA6B,CAAA;IAC7B,8CAA+B,CAAA;AACjC,CAAC,EAJW,WAAW,KAAX,WAAW,QAItB;AAED,MAAM,CAAN,IAAY,YAGX;AAHD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,mCAAmB,CAAA;AACrB,CAAC,EAHW,YAAY,KAAZ,YAAY,QAGvB;AACD,MAAM,CAAN,IAAY,WAEX;AAFD,WAAY,WAAW;IACrB,4BAAa,CAAA;AACf,CAAC,EAFW,WAAW,KAAX,WAAW,QAEtB","sourcesContent":["export enum OAuthTokens {\n  ID_TOKEN = \"id_token\",\n  ACCESS_TOKEN = \"access_token\",\n  REFRESH_TOKEN = \"refresh_token\",\n}\n\nexport enum CodeVerifier {\n  COOKIE_NAME = \"code_verifier\",\n  APP_URL = \"app_url\",\n}\nexport enum UserStorage {\n  USER = \"user\",\n}\nexport interface CookieConfig {\n  secure?: boolean;\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n  domain?: string;\n  path?: string;\n  maxAge?: number;\n  httpOnly?: boolean;\n}\n\nexport type TokensCookieConfig = Record<\n  OAuthTokens | CodeVerifier,\n  CookieConfig\n>;\n"]}

package/dist/src/shared/lib/util.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EAET,qBAAqB,EACrB,YAAY,EACb,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGtE;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,OAAO,GAAG,MAAe,GAChC,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,iBAAiB,GAAE,OAAO,CAAC,SAAS,CAAM,GACzC,OAAO,CAAC,SAAS,CAAC,CAMpB;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,GAAG,OAAO,CAAC,GAAG,CAAC,CA4Bf;AAED,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,GAAG,OAAO,CAAC,GAAG,CAAC,CAIf;AAED,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,GACnB,YAAY,CAId;AAED,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,YAAY,EAC1B,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,kCAqBrB;AAED,wBAAgB,WAAW,CACzB,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,qBAAqB,QAO9B;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,QAO/C;AACD,wBAAgB,SAAS,CAAC,OAAO,EAAE,WAAW,QAG7C;AAED,wBAAgB,cAAc,CAC5B,OAAO,EAAE,WAAW,GACnB,qBAAqB,GAAG,IAAI,CAY9B;AAED,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,qBAAqB,EAC7B,SAAS,EAAE,SAAS,EACpB,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,CAAC,CA2BvB"}

package/dist/src/shared/lib/util.js

@@ -1,126 +0,0 @@
-import { CodeVerifier, OAuthTokens } from "./types.js";
-import { OAuth2Client } from "oslo/oauth2";
-import { getIssuerVariations, getOauthEndpoints } from "@/lib/oauth.js";
-import * as jose from "jose";
-import { withoutUndefined } from "@/utils.js";
-import { GenericUserSession } from "@/shared/lib/UserSession.js";
-/**
- * Given a PKCE code verifier, derive the code challenge using SHA
- */
-export async function deriveCodeChallenge(codeVerifier, method = "S256") {
-    if (method === "Plain") {
-        console.warn("Using insecure plain code challenge method");
-        return codeVerifier;
-    }
-    const encoder = new TextEncoder();
-    const data = encoder.encode(codeVerifier);
-    const digest = await crypto.subtle.digest("SHA-256", data);
-    return btoa(String.fromCharCode(...new Uint8Array(digest)))
-        .replace(/\+/g, "-")
-        .replace(/\//g, "_")
-        .replace(/=+$/, "");
-}
-export async function getEndpointsWithOverrides(oauthServer, endpointOverrides = {}) {
-    const endpoints = await getOauthEndpoints(oauthServer);
-    return {
-        ...endpoints,
-        ...endpointOverrides,
-    };
-}
-export async function generateOauthLoginUrl(config) {
-    const endpoints = await getEndpointsWithOverrides(config.oauthServer, config.endpointOverrides);
-    const oauth2Client = buildOauth2Client(config.clientId, config.redirectUrl, endpoints);
-    const challenge = await config.pkceConsumer.getCodeChallenge();
-    const oAuthUrl = await oauth2Client.createAuthorizationURL({
-        state: config.state,
-        scopes: config.scopes,
-    });
-    // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source
-    // It only allows passing in a code verifier which it then hashes itself.
-    oAuthUrl.searchParams.append("code_challenge", challenge);
-    oAuthUrl.searchParams.append("code_challenge_method", "S256");
-    if (config.nonce) {
-        // nonce isn't supported by oslo, so we add it manually
-        oAuthUrl.searchParams.append("nonce", config.nonce);
-    }
-    // Required by the auth server for offline_access scope
-    oAuthUrl.searchParams.append("prompt", "consent");
-    console.log("Generated OAuth URL", oAuthUrl.toString());
-    return oAuthUrl;
-}
-export async function generateOauthLogoutUrl(config) {
-    // TODO TECH-676: Implement logout
-    console.log("generateOauthLogoutUrl not implemented", config);
-    return new URL("http://localhost");
-}
-export function buildOauth2Client(clientId, redirectUri, endpoints) {
-    return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {
-        redirectURI: redirectUri,
-    });
-}
-export async function exchangeTokens(code, state, pkceProducer, oauth2Client, oauthServer, endpoints) {
-    const codeVerifier = await pkceProducer.getCodeVerifier();
-    if (!codeVerifier)
-        throw new Error("Code verifier not found in state");
-    const tokens = await oauth2Client.validateAuthorizationCode(code, {
-        codeVerifier,
-    });
-    // Validate relevant tokens
-    try {
-        await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);
-    }
-    catch (error) {
-        console.error("tokenExchange error", { error, tokens });
-        throw new Error(`OIDC tokens validation failed: ${error.message}`);
-    }
-    return tokens;
-}
-export function storeTokens(storage, tokens) {
-    // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )
-    storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);
-    storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);
-    if (tokens.refresh_token)
-        storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);
-}
-export function clearTokens(storage) {
-    Object.values(OAuthTokens).forEach((cookie) => {
-        storage.set(cookie, "");
-    });
-    Object.values(CodeVerifier.COOKIE_NAME).forEach((cookie) => {
-        storage.set(cookie, "");
-    });
-}
-export function clearUser(storage) {
-    const userSession = new GenericUserSession(storage);
-    userSession.set(null);
-}
-export function retrieveTokens(storage) {
-    const idToken = storage.get(OAuthTokens.ID_TOKEN);
-    const accessToken = storage.get(OAuthTokens.ACCESS_TOKEN);
-    const refreshToken = storage.get(OAuthTokens.REFRESH_TOKEN);
-    if (!idToken || !accessToken)
-        return null;
-    return {
-        id_token: idToken,
-        access_token: accessToken,
-        refresh_token: refreshToken ?? undefined,
-    };
-}
-export async function validateOauth2Tokens(tokens, endpoints, oauth2Client, issuer) {
-    const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));
-    // validate the ID token
-    const idTokenResponse = await jose.jwtVerify(tokens.id_token, JWKS, {
-        issuer: getIssuerVariations(issuer),
-        audience: oauth2Client.clientId,
-    });
-    // validate the access token
-    const accessTokenResponse = await jose.jwtVerify(tokens.access_token, JWKS, {
-        issuer: getIssuerVariations(issuer),
-    });
-    return withoutUndefined({
-        id_token: idTokenResponse.payload,
-        access_token: accessTokenResponse.payload,
-        refresh_token: tokens.refresh_token,
-    });
-}
-//# sourceMappingURL=util.js.map

package/dist/src/shared/lib/util.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAEjE;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IACxD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,kCAAkC;IAClC,OAAO,CAAC,GAAG,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAAC;IAC9D,OAAO,IAAI,GAAG,CAAC,kBAAkB,CAAC,CAAC;AACrC,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GACV,MAAM,YAAY,CAAC,yBAAyB,CAAwB,IAAI,EAAE;QACxE,YAAY;KACb,CAAC,CAAC;IAEL,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,WAAW,CACzB,OAAoB,EACpB,MAA6B;IAE7B,4GAA4G;IAC5G,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACnD,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IAC3D,IAAI,MAAM,CAAC,aAAa;QACtB,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;AACjE,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,OAAoB;IAC9C,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IACH,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACzD,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC;AACD,MAAM,UAAU,SAAS,CAAC,OAAoB;IAC5C,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,OAAoB;IAEpB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAClD,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAC1D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAE5D,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE1C,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,WAAW;QACzB,aAAa,EAAE,YAAY,IAAI,SAAS;KACzC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,SAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,IAAI,EACJ;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,IAAI,EACJ;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;KACpC,CACF,CAAC;IAEF,OAAO,gBAAgB,CAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,mBAAmB,CAAC,OAAO;QACzC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n  AuthStorage,\n  Endpoints,\n  JWTPayload,\n  OIDCTokenResponseBody,\n  ParsedTokens,\n} from \"@/types.js\";\nimport { CodeVerifier, OAuthTokens } from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\n\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n  codeVerifier: string,\n  method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n  if (method === \"Plain\") {\n    console.warn(\"Using insecure plain code challenge method\");\n    return codeVerifier;\n  }\n\n  const encoder = new TextEncoder();\n  const data = encoder.encode(codeVerifier);\n  const digest = await crypto.subtle.digest(\"SHA-256\", data);\n  return btoa(String.fromCharCode(...new Uint8Array(digest)))\n    .replace(/\\+/g, \"-\")\n    .replace(/\\//g, \"_\")\n    .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n  oauthServer: string,\n  endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n  const endpoints = await getOauthEndpoints(oauthServer);\n  return {\n    ...endpoints,\n    ...endpointOverrides,\n  };\n}\n\nexport async function generateOauthLoginUrl(config: {\n  clientId: string;\n  scopes: string[];\n  state: string;\n  redirectUrl: string;\n  oauthServer: string;\n  nonce?: string;\n  endpointOverrides?: Partial<Endpoints>;\n  // used to get the PKCE challenge\n  pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n  const endpoints = await getEndpointsWithOverrides(\n    config.oauthServer,\n    config.endpointOverrides,\n  );\n  const oauth2Client = buildOauth2Client(\n    config.clientId,\n    config.redirectUrl,\n    endpoints,\n  );\n  const challenge = await config.pkceConsumer.getCodeChallenge();\n  const oAuthUrl = await oauth2Client.createAuthorizationURL({\n    state: config.state,\n    scopes: config.scopes,\n  });\n  // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n  // It only allows passing in a code verifier which it then hashes itself.\n  oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n  oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n  if (config.nonce) {\n    // nonce isn't supported by oslo, so we add it manually\n    oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n  }\n  // Required by the auth server for offline_access scope\n  oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n  console.log(\"Generated OAuth URL\", oAuthUrl.toString());\n  return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n  clientId: string;\n  scopes: string[];\n  oauthServer: string;\n  endpointOverrides?: Partial<Endpoints>;\n  // used to get the PKCE challenge\n  pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n  // TODO TECH-676: Implement logout\n  console.log(\"generateOauthLogoutUrl not implemented\", config);\n  return new URL(\"http://localhost\");\n}\n\nexport function buildOauth2Client(\n  clientId: string,\n  redirectUri: string,\n  endpoints: Endpoints,\n): OAuth2Client {\n  return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n    redirectURI: redirectUri,\n  });\n}\n\nexport async function exchangeTokens(\n  code: string,\n  state: string,\n  pkceProducer: PKCEProducer,\n  oauth2Client: OAuth2Client,\n  oauthServer: string,\n  endpoints: Endpoints,\n) {\n  const codeVerifier = await pkceProducer.getCodeVerifier();\n  if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n  const tokens =\n    await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(code, {\n      codeVerifier,\n    });\n\n  // Validate relevant tokens\n  try {\n    await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);\n  } catch (error) {\n    console.error(\"tokenExchange error\", { error, tokens });\n    throw new Error(\n      `OIDC tokens validation failed: ${(error as Error).message}`,\n    );\n  }\n\n  return tokens;\n}\n\nexport function storeTokens(\n  storage: AuthStorage,\n  tokens: OIDCTokenResponseBody,\n) {\n  // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )\n  storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);\n  storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);\n  if (tokens.refresh_token)\n    storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);\n}\n\nexport function clearTokens(storage: AuthStorage) {\n  Object.values(OAuthTokens).forEach((cookie) => {\n    storage.set(cookie, \"\");\n  });\n  Object.values(CodeVerifier.COOKIE_NAME).forEach((cookie) => {\n    storage.set(cookie, \"\");\n  });\n}\nexport function clearUser(storage: AuthStorage) {\n  const userSession = new GenericUserSession(storage);\n  userSession.set(null);\n}\n\nexport function retrieveTokens(\n  storage: AuthStorage,\n): OIDCTokenResponseBody | null {\n  const idToken = storage.get(OAuthTokens.ID_TOKEN);\n  const accessToken = storage.get(OAuthTokens.ACCESS_TOKEN);\n  const refreshToken = storage.get(OAuthTokens.REFRESH_TOKEN);\n\n  if (!idToken || !accessToken) return null;\n\n  return {\n    id_token: idToken,\n    access_token: accessToken,\n    refresh_token: refreshToken ?? undefined,\n  };\n}\n\nexport async function validateOauth2Tokens(\n  tokens: OIDCTokenResponseBody,\n  endpoints: Endpoints,\n  oauth2Client: OAuth2Client,\n  issuer: string,\n): Promise<ParsedTokens> {\n  const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n\n  // validate the ID token\n  const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n    tokens.id_token,\n    JWKS,\n    {\n      issuer: getIssuerVariations(issuer),\n      audience: oauth2Client.clientId,\n    },\n  );\n\n  // validate the access token\n  const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n    tokens.access_token,\n    JWKS,\n    {\n      issuer: getIssuerVariations(issuer),\n    },\n  );\n\n  return withoutUndefined({\n    id_token: idTokenResponse.payload,\n    access_token: accessTokenResponse.payload,\n    refresh_token: tokens.refresh_token,\n  });\n}\n"]}

package/dist/src/shared/providers/AuthContext.d.ts

@@ -1,10 +0,0 @@
-import type { DisplayMode } from "@/types.js";
-export type AuthContextType = {
-    signIn: (displayMode?: DisplayMode) => Promise<void>;
-    isAuthenticated: boolean;
-    isLoading: boolean;
-    error: Error | null;
-    signOut: () => Promise<void>;
-};
-export declare const AuthContext: import("react").Context<AuthContextType | null>;
-//# sourceMappingURL=AuthContext.d.ts.map

package/dist/src/shared/providers/AuthContext.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthContext.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C,MAAM,MAAM,eAAe,GAAG;IAC5B,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B,CAAC;AACF,eAAO,MAAM,WAAW,iDAA8C,CAAC"}

package/dist/src/shared/providers/AuthContext.js

@@ -1,3 +0,0 @@
-import { createContext } from "react";
-export const AuthContext = createContext(null);
-//# sourceMappingURL=AuthContext.js.map

package/dist/src/shared/providers/AuthContext.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthContext.js","sourceRoot":"","sources":["../../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,OAAO,CAAC;AAUtC,MAAM,CAAC,MAAM,WAAW,GAAG,aAAa,CAAyB,IAAI,CAAC,CAAC","sourcesContent":["import { createContext } from \"react\";\nimport type { DisplayMode } from \"@/types.js\";\n\nexport type AuthContextType = {\n  signIn: (displayMode?: DisplayMode) => Promise<void>;\n  isAuthenticated: boolean;\n  isLoading: boolean;\n  error: Error | null;\n  signOut: () => Promise<void>;\n};\nexport const AuthContext = createContext<AuthContextType | null>(null);\n"]}

package/dist/src/shared/providers/AuthProvider.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/AuthProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EACZ,KAAK,SAAS,EAMf,MAAM,OAAO,CAAC;AAEf,OAAO,KAAK,EAAE,MAAM,EAAe,WAAW,EAAE,MAAM,YAAY,CAAC;AAanE,OAAO,KAAK,EAA0B,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAqBhF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,SAAS,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,KAAK,IAAI,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG,iBAAiB,GAAG;IAC1D,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B,CAAC;AAkCF,QAAA,MAAM,YAAY,yJAWf,yBAAyB,6BA2R3B,CAAC;AAEF,OAAO,EAAE,YAAY,EAAE,CAAC"}