@civic/auth 0.0.1-beta.4 → 0.0.1-beta.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +26 -0
- package/dist/{chunk-NQPMNXBL.mjs → chunk-EAANLFR5.mjs} +4 -10
- package/dist/chunk-EAANLFR5.mjs.map +1 -0
- package/dist/{chunk-3UIVD6NR.mjs → chunk-EGFTMH5S.mjs} +11 -65
- package/dist/chunk-EGFTMH5S.mjs.map +1 -0
- package/dist/{chunk-T47HULF6.js → chunk-KCSGIIPA.js} +21 -75
- package/dist/chunk-KCSGIIPA.js.map +1 -0
- package/dist/{chunk-WPISYQG3.js → chunk-MVO4UZ2A.js} +5 -11
- package/dist/chunk-MVO4UZ2A.js.map +1 -0
- package/dist/chunk-PMDIR5XE.mjs +502 -0
- package/dist/chunk-PMDIR5XE.mjs.map +1 -0
- package/dist/chunk-YNLXRD5L.js +502 -0
- package/dist/chunk-YNLXRD5L.js.map +1 -0
- package/dist/{index-DoDoIY_K.d.mts → index-Bfi0hVMZ.d.mts} +5 -26
- package/dist/{index-DoDoIY_K.d.ts → index-Bfi0hVMZ.d.ts} +5 -26
- package/dist/index.d.mts +1 -2
- package/dist/index.d.ts +1 -2
- package/dist/nextjs.d.mts +2 -3
- package/dist/nextjs.d.ts +2 -3
- package/dist/nextjs.js +22 -36
- package/dist/nextjs.js.map +1 -1
- package/dist/nextjs.mjs +8 -22
- package/dist/nextjs.mjs.map +1 -1
- package/dist/react.d.mts +29 -47
- package/dist/react.d.ts +29 -47
- package/dist/react.js +278 -487
- package/dist/react.js.map +1 -1
- package/dist/react.mjs +300 -509
- package/dist/react.mjs.map +1 -1
- package/dist/server.d.mts +2 -7
- package/dist/server.d.ts +2 -7
- package/dist/server.js +4 -3
- package/dist/server.js.map +1 -1
- package/dist/server.mjs +4 -3
- package/package.json +1 -1
- package/dist/chunk-3UIVD6NR.mjs.map +0 -1
- package/dist/chunk-KBDRDCE5.mjs +0 -239
- package/dist/chunk-KBDRDCE5.mjs.map +0 -1
- package/dist/chunk-NQPMNXBL.mjs.map +0 -1
- package/dist/chunk-OLT5HB3G.js +0 -239
- package/dist/chunk-OLT5HB3G.js.map +0 -1
- package/dist/chunk-T47HULF6.js.map +0 -1
- package/dist/chunk-WPISYQG3.js.map +0 -1
package/dist/react.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use strict";Object.defineProperty(exports, "__esModule", {value: true});
|
|
2
2
|
|
|
3
3
|
|
|
4
|
-
var
|
|
4
|
+
var _chunkMVO4UZ2Ajs = require('./chunk-MVO4UZ2A.js');
|
|
5
5
|
|
|
6
6
|
|
|
7
7
|
|
|
@@ -12,7 +12,10 @@ var _chunkWPISYQG3js = require('./chunk-WPISYQG3.js');
|
|
|
12
12
|
|
|
13
13
|
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
var _chunkYNLXRD5Ljs = require('./chunk-YNLXRD5L.js');
|
|
16
19
|
|
|
17
20
|
|
|
18
21
|
|
|
@@ -55,15 +58,31 @@ var useAuth = () => {
|
|
|
55
58
|
|
|
56
59
|
// src/react/providers/SessionProvider.tsx
|
|
57
60
|
|
|
61
|
+
|
|
62
|
+
|
|
58
63
|
var _jsxruntime = require('react/jsx-runtime');
|
|
59
64
|
var defaultSession = {
|
|
60
65
|
authenticated: false,
|
|
61
66
|
idToken: void 0,
|
|
62
67
|
accessToken: void 0,
|
|
63
|
-
displayMode: "iframe"
|
|
68
|
+
displayMode: "iframe",
|
|
69
|
+
iframeRef: null,
|
|
70
|
+
setAuthResponseUrl: () => {
|
|
71
|
+
}
|
|
64
72
|
};
|
|
65
73
|
var SessionContext = _react.createContext.call(void 0, defaultSession);
|
|
66
|
-
var SessionProvider = ({
|
|
74
|
+
var SessionProvider = ({
|
|
75
|
+
children,
|
|
76
|
+
session,
|
|
77
|
+
iframeRef,
|
|
78
|
+
setAuthResponseUrl
|
|
79
|
+
}) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
80
|
+
SessionContext.Provider,
|
|
81
|
+
{
|
|
82
|
+
value: _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, session || defaultSession), { iframeRef, setAuthResponseUrl }),
|
|
83
|
+
children
|
|
84
|
+
}
|
|
85
|
+
);
|
|
67
86
|
|
|
68
87
|
// src/react/hooks/useSession.tsx
|
|
69
88
|
var useSession = () => {
|
|
@@ -147,26 +166,18 @@ var useToken = () => {
|
|
|
147
166
|
var UserContext = _react.createContext.call(void 0, null);
|
|
148
167
|
var UserProvider = ({
|
|
149
168
|
children,
|
|
150
|
-
|
|
169
|
+
storage
|
|
151
170
|
}) => {
|
|
152
171
|
const { isLoading: authLoading, error: authError } = useAuth();
|
|
153
172
|
const session = useSession();
|
|
154
|
-
const {
|
|
173
|
+
const { accessToken } = useToken();
|
|
155
174
|
const { signIn, signOut } = useAuth();
|
|
156
175
|
const fetchUser = () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
157
|
-
if (!accessToken
|
|
158
|
-
return null;
|
|
159
|
-
}
|
|
160
|
-
const user2 = yield userInfoService == null ? void 0 : userInfoService.getUserInfo(accessToken, idToken);
|
|
161
|
-
if (!user2) {
|
|
176
|
+
if (!accessToken) {
|
|
162
177
|
return null;
|
|
163
178
|
}
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
idToken,
|
|
167
|
-
accessToken,
|
|
168
|
-
refreshToken
|
|
169
|
-
});
|
|
179
|
+
const userSession = new (0, _chunkYNLXRD5Ljs.GenericUserSession)(storage);
|
|
180
|
+
return userSession.get();
|
|
170
181
|
});
|
|
171
182
|
const {
|
|
172
183
|
data: user,
|
|
@@ -205,344 +216,7 @@ var UserProvider = ({
|
|
|
205
216
|
|
|
206
217
|
|
|
207
218
|
|
|
208
|
-
// src/
|
|
209
|
-
|
|
210
|
-
var UserInfoServiceImpl = class {
|
|
211
|
-
constructor(endpoints) {
|
|
212
|
-
this.endpoints = endpoints;
|
|
213
|
-
}
|
|
214
|
-
extractUserFromIdToken(idToken) {
|
|
215
|
-
const parsedJWT = _jwt.parseJWT.call(void 0, idToken);
|
|
216
|
-
if (!parsedJWT) {
|
|
217
|
-
return null;
|
|
218
|
-
}
|
|
219
|
-
return parsedJWT.payload;
|
|
220
|
-
}
|
|
221
|
-
getUserInfo(accessToken, idToken) {
|
|
222
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
223
|
-
if (idToken) {
|
|
224
|
-
return this.extractUserFromIdToken(idToken);
|
|
225
|
-
}
|
|
226
|
-
const userInfo = yield fetch(this.endpoints.userinfo, {
|
|
227
|
-
headers: { Authorization: `Bearer ${accessToken}` }
|
|
228
|
-
});
|
|
229
|
-
return userInfo.json();
|
|
230
|
-
});
|
|
231
|
-
}
|
|
232
|
-
};
|
|
233
|
-
|
|
234
|
-
// src/services/SessionService.ts
|
|
235
|
-
var _oauth2 = require('oslo/oauth2');
|
|
236
|
-
var AuthSessionServiceImpl = class {
|
|
237
|
-
constructor(clientId, redirectUrl, oauthServer, inputEndpoints) {
|
|
238
|
-
this.clientId = clientId;
|
|
239
|
-
this.redirectUrl = redirectUrl;
|
|
240
|
-
this.oauthServer = oauthServer;
|
|
241
|
-
this.inputEndpoints = inputEndpoints;
|
|
242
|
-
this.codeVerifier = void 0;
|
|
243
|
-
this.refreshTokenTimeout = null;
|
|
244
|
-
this.codeVerifier = this.getCodeVerifier();
|
|
245
|
-
this.endpoints = inputEndpoints;
|
|
246
|
-
this.redirectUrl = redirectUrl;
|
|
247
|
-
}
|
|
248
|
-
getCodeVerifier() {
|
|
249
|
-
return _oauth2.generateCodeVerifier.call(void 0, );
|
|
250
|
-
}
|
|
251
|
-
getUserInfoService() {
|
|
252
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
253
|
-
if (this.userInfoService) {
|
|
254
|
-
return this.userInfoService;
|
|
255
|
-
}
|
|
256
|
-
const endpoints = yield this.getEndpoints();
|
|
257
|
-
this.userInfoService = new UserInfoServiceImpl(endpoints);
|
|
258
|
-
return this.userInfoService;
|
|
259
|
-
});
|
|
260
|
-
}
|
|
261
|
-
getEndpoints() {
|
|
262
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
263
|
-
var _a;
|
|
264
|
-
if ((_a = this.endpoints) == null ? void 0 : _a.auth) {
|
|
265
|
-
return this.endpoints;
|
|
266
|
-
}
|
|
267
|
-
const jwksEndpoints = yield _chunkOLT5HB3Gjs.getOauthEndpoints.call(void 0, this.oauthServer);
|
|
268
|
-
return this.endpoints ? _chunkCRTRMMJ7js.__spreadValues.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, this.endpoints), jwksEndpoints) : jwksEndpoints;
|
|
269
|
-
});
|
|
270
|
-
}
|
|
271
|
-
getOauth2Client() {
|
|
272
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
273
|
-
if (this.oauth2Client) {
|
|
274
|
-
return this.oauth2Client;
|
|
275
|
-
}
|
|
276
|
-
const endpoints = yield this.getEndpoints();
|
|
277
|
-
this.oauth2Client = _chunkOLT5HB3Gjs.buildOauth2Client.call(void 0,
|
|
278
|
-
this.clientId,
|
|
279
|
-
this.redirectUrl,
|
|
280
|
-
endpoints
|
|
281
|
-
);
|
|
282
|
-
return this.oauth2Client;
|
|
283
|
-
});
|
|
284
|
-
}
|
|
285
|
-
getSessionData() {
|
|
286
|
-
console.log("getSessionData", this.clientId);
|
|
287
|
-
const storedItem = localStorage.getItem(`civic-auth:${this.clientId}`) || "{}";
|
|
288
|
-
console.log("stored item", storedItem);
|
|
289
|
-
return JSON.parse(storedItem);
|
|
290
|
-
}
|
|
291
|
-
updateSessionData(data) {
|
|
292
|
-
localStorage.setItem(
|
|
293
|
-
`civic-auth:${this.clientId}`,
|
|
294
|
-
JSON.stringify(_chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, data))
|
|
295
|
-
);
|
|
296
|
-
}
|
|
297
|
-
getUser() {
|
|
298
|
-
return JSON.parse(
|
|
299
|
-
localStorage.getItem(`civic-auth:${this.clientId}:user`) || "{}"
|
|
300
|
-
);
|
|
301
|
-
}
|
|
302
|
-
setUser(data) {
|
|
303
|
-
localStorage.setItem(
|
|
304
|
-
`civic-auth:${this.clientId}:user`,
|
|
305
|
-
JSON.stringify(data === null ? {} : data)
|
|
306
|
-
);
|
|
307
|
-
}
|
|
308
|
-
clearSessionData() {
|
|
309
|
-
localStorage.setItem(`civic-auth:${this.clientId}`, JSON.stringify({}));
|
|
310
|
-
}
|
|
311
|
-
getAuthorizationUrlWithChallenge(state, scopes) {
|
|
312
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
313
|
-
var _a;
|
|
314
|
-
const oauth2Client = yield this.getOauth2Client();
|
|
315
|
-
if ((_a = this.endpoints) == null ? void 0 : _a.challenge) {
|
|
316
|
-
const challenge = yield fetch(this.endpoints.challenge).then(
|
|
317
|
-
(res) => res.json().then((data) => data.challenge)
|
|
318
|
-
);
|
|
319
|
-
const oAuthUrl = yield oauth2Client.createAuthorizationURL({
|
|
320
|
-
state,
|
|
321
|
-
scopes
|
|
322
|
-
});
|
|
323
|
-
oAuthUrl.searchParams.append("code_challenge", challenge);
|
|
324
|
-
oAuthUrl.searchParams.append("code_challenge_method", "S256");
|
|
325
|
-
return oAuthUrl;
|
|
326
|
-
}
|
|
327
|
-
return oauth2Client.createAuthorizationURL({
|
|
328
|
-
state,
|
|
329
|
-
codeVerifier: this.codeVerifier,
|
|
330
|
-
codeChallengeMethod: "S256",
|
|
331
|
-
scopes
|
|
332
|
-
});
|
|
333
|
-
});
|
|
334
|
-
}
|
|
335
|
-
getAuthorizationUrl(scopes, displayMode, nonce) {
|
|
336
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
337
|
-
const state = _chunkOLT5HB3Gjs.generateState.call(void 0, displayMode);
|
|
338
|
-
const existingSessionData = this.getSessionData();
|
|
339
|
-
this.updateSessionData(_chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, existingSessionData), {
|
|
340
|
-
codeVerifier: this.codeVerifier,
|
|
341
|
-
displayMode
|
|
342
|
-
}));
|
|
343
|
-
const oAuthUrl = yield this.getAuthorizationUrlWithChallenge(state, scopes);
|
|
344
|
-
if (nonce) {
|
|
345
|
-
oAuthUrl.searchParams.append("nonce", nonce);
|
|
346
|
-
}
|
|
347
|
-
oAuthUrl.searchParams.append("prompt", "consent");
|
|
348
|
-
return oAuthUrl.toString();
|
|
349
|
-
});
|
|
350
|
-
}
|
|
351
|
-
// TODO fix the Window reference
|
|
352
|
-
loadAuthorizationUrl(authorizationURL, displayMode) {
|
|
353
|
-
switch (displayMode) {
|
|
354
|
-
case "iframe":
|
|
355
|
-
break;
|
|
356
|
-
case "redirect":
|
|
357
|
-
window.location.href = authorizationURL;
|
|
358
|
-
break;
|
|
359
|
-
case "new_tab":
|
|
360
|
-
window.open(authorizationURL, "_blank");
|
|
361
|
-
break;
|
|
362
|
-
case "custom_tab":
|
|
363
|
-
break;
|
|
364
|
-
}
|
|
365
|
-
}
|
|
366
|
-
init() {
|
|
367
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
368
|
-
yield this.getOauth2Client();
|
|
369
|
-
return this;
|
|
370
|
-
});
|
|
371
|
-
}
|
|
372
|
-
logout() {
|
|
373
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
374
|
-
this.updateSessionData({ authenticated: false });
|
|
375
|
-
});
|
|
376
|
-
}
|
|
377
|
-
determineDisplayMode(displayMode) {
|
|
378
|
-
if (_chunkOLT5HB3Gjs.isPopupBlocked.call(void 0, ) && displayMode === "iframe") {
|
|
379
|
-
displayMode = "redirect";
|
|
380
|
-
}
|
|
381
|
-
return displayMode;
|
|
382
|
-
}
|
|
383
|
-
signIn(displayMode, scopes, nonce) {
|
|
384
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
385
|
-
const authorizationURL = yield this.getAuthorizationUrl(
|
|
386
|
-
scopes,
|
|
387
|
-
displayMode,
|
|
388
|
-
nonce
|
|
389
|
-
);
|
|
390
|
-
this.loadAuthorizationUrl(authorizationURL, displayMode);
|
|
391
|
-
});
|
|
392
|
-
}
|
|
393
|
-
tokenExchange(responseUrl) {
|
|
394
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
395
|
-
let session = this.getSessionData();
|
|
396
|
-
if (!session.authenticated) {
|
|
397
|
-
const url = new URL(responseUrl);
|
|
398
|
-
const authorizationCode = url.searchParams.get("code");
|
|
399
|
-
const returnedState = url.searchParams.get("state");
|
|
400
|
-
if (!authorizationCode || !returnedState) {
|
|
401
|
-
throw new Error("Invalid authorization response");
|
|
402
|
-
}
|
|
403
|
-
const codeVerifier = session.codeVerifier;
|
|
404
|
-
const oauth2Client = yield this.getOauth2Client();
|
|
405
|
-
const tokens = yield oauth2Client.validateAuthorizationCode(
|
|
406
|
-
authorizationCode,
|
|
407
|
-
{
|
|
408
|
-
codeVerifier
|
|
409
|
-
}
|
|
410
|
-
);
|
|
411
|
-
try {
|
|
412
|
-
yield this.validateTokens(tokens);
|
|
413
|
-
} catch (error) {
|
|
414
|
-
console.error("tokenExchange tokens", { error, tokens });
|
|
415
|
-
throw new Error(
|
|
416
|
-
`OIDC tokens validation failed: ${error.message}`
|
|
417
|
-
);
|
|
418
|
-
}
|
|
419
|
-
const parsedDisplayMode = _chunkOLT5HB3Gjs.displayModeFromState.call(void 0,
|
|
420
|
-
returnedState,
|
|
421
|
-
session.displayMode
|
|
422
|
-
);
|
|
423
|
-
session = _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, session), {
|
|
424
|
-
displayMode: parsedDisplayMode,
|
|
425
|
-
idToken: tokens.id_token,
|
|
426
|
-
authenticated: true,
|
|
427
|
-
state: returnedState,
|
|
428
|
-
accessToken: tokens.access_token,
|
|
429
|
-
refreshToken: tokens.refresh_token,
|
|
430
|
-
timestamp: Date.now(),
|
|
431
|
-
expiresIn: tokens.expires_in
|
|
432
|
-
});
|
|
433
|
-
this.updateSessionData(session);
|
|
434
|
-
const user = yield (yield this.getUserInfoService()).getUserInfo(tokens.access_token, tokens.id_token || null);
|
|
435
|
-
this.setUser(user);
|
|
436
|
-
}
|
|
437
|
-
this.setupTokenRefresh(session);
|
|
438
|
-
if (session.displayMode === "new_tab") {
|
|
439
|
-
window.close();
|
|
440
|
-
} else if (session.displayMode === "redirect") {
|
|
441
|
-
}
|
|
442
|
-
return session;
|
|
443
|
-
});
|
|
444
|
-
}
|
|
445
|
-
setupTokenRefresh(session) {
|
|
446
|
-
if (this.refreshTokenTimeout) {
|
|
447
|
-
clearTimeout(this.refreshTokenTimeout);
|
|
448
|
-
}
|
|
449
|
-
if (session.expiresIn) {
|
|
450
|
-
const elapsedTime = Date.now() - (session.timestamp || 0);
|
|
451
|
-
const remainingTime = session.expiresIn * 1e3 - elapsedTime;
|
|
452
|
-
const refreshTime = Math.max(0, remainingTime - 6e4);
|
|
453
|
-
this.refreshTokenTimeout = setTimeout(() => {
|
|
454
|
-
this.refreshToken().then((newSession) => {
|
|
455
|
-
console.log("Token refreshed successfully", newSession);
|
|
456
|
-
}).catch((error) => {
|
|
457
|
-
console.error("Failed to refresh token:", error);
|
|
458
|
-
this.updateSessionData({});
|
|
459
|
-
});
|
|
460
|
-
}, refreshTime);
|
|
461
|
-
}
|
|
462
|
-
}
|
|
463
|
-
refreshToken() {
|
|
464
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
465
|
-
const sessionData = this.getSessionData();
|
|
466
|
-
if (!sessionData.refreshToken) {
|
|
467
|
-
throw new Error("No refresh token available");
|
|
468
|
-
}
|
|
469
|
-
const oauth2Client = yield this.getOauth2Client();
|
|
470
|
-
const tokens = yield oauth2Client.refreshAccessToken(
|
|
471
|
-
sessionData.refreshToken
|
|
472
|
-
);
|
|
473
|
-
const session = _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, sessionData), {
|
|
474
|
-
idToken: tokens.id_token,
|
|
475
|
-
authenticated: true,
|
|
476
|
-
accessToken: tokens.access_token,
|
|
477
|
-
refreshToken: tokens.refresh_token,
|
|
478
|
-
timestamp: Date.now(),
|
|
479
|
-
expiresIn: tokens.expires_in
|
|
480
|
-
});
|
|
481
|
-
this.updateSessionData(session);
|
|
482
|
-
this.setupTokenRefresh(session);
|
|
483
|
-
return session;
|
|
484
|
-
});
|
|
485
|
-
}
|
|
486
|
-
getUserInfo() {
|
|
487
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
488
|
-
const sessionData = this.getSessionData();
|
|
489
|
-
if (!sessionData.accessToken) {
|
|
490
|
-
throw new Error("No access token available");
|
|
491
|
-
}
|
|
492
|
-
const userInfoService = yield this.getUserInfoService();
|
|
493
|
-
return userInfoService.getUserInfo(
|
|
494
|
-
sessionData.accessToken,
|
|
495
|
-
sessionData.idToken || null
|
|
496
|
-
);
|
|
497
|
-
});
|
|
498
|
-
}
|
|
499
|
-
/**
|
|
500
|
-
* Uses the jose library to validate a JWT token using the OAuth JWKS endpoint
|
|
501
|
-
* @returns {Promise<jose.JWTPayload>}
|
|
502
|
-
* @throws {Error} if the token is invalid
|
|
503
|
-
* @param tokens
|
|
504
|
-
*/
|
|
505
|
-
validateTokens(tokens) {
|
|
506
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
507
|
-
const endpoints = yield this.getEndpoints();
|
|
508
|
-
if (!this.oauth2Client) yield this.init();
|
|
509
|
-
return _chunkOLT5HB3Gjs.validateOauth2Tokens.call(void 0,
|
|
510
|
-
tokens,
|
|
511
|
-
endpoints,
|
|
512
|
-
this.oauth2Client,
|
|
513
|
-
this.oauthServer
|
|
514
|
-
);
|
|
515
|
-
});
|
|
516
|
-
}
|
|
517
|
-
validateExistingSession() {
|
|
518
|
-
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
519
|
-
const sessionData = this.getSessionData();
|
|
520
|
-
try {
|
|
521
|
-
if (!sessionData.idToken || !sessionData.accessToken) {
|
|
522
|
-
const unAuthenticatedSession = _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, sessionData), { authenticated: false });
|
|
523
|
-
this.updateSessionData(unAuthenticatedSession);
|
|
524
|
-
return unAuthenticatedSession;
|
|
525
|
-
}
|
|
526
|
-
yield this.validateTokens({
|
|
527
|
-
id_token: sessionData.idToken,
|
|
528
|
-
access_token: sessionData.accessToken,
|
|
529
|
-
refresh_token: sessionData.refreshToken
|
|
530
|
-
});
|
|
531
|
-
sessionData.authenticated = true;
|
|
532
|
-
return sessionData;
|
|
533
|
-
} catch (error) {
|
|
534
|
-
console.warn("Failed to validate existing tokens", error);
|
|
535
|
-
const unAuthenticatedSession = {
|
|
536
|
-
authenticated: false
|
|
537
|
-
};
|
|
538
|
-
this.updateSessionData(unAuthenticatedSession);
|
|
539
|
-
return unAuthenticatedSession;
|
|
540
|
-
}
|
|
541
|
-
});
|
|
542
|
-
}
|
|
543
|
-
};
|
|
544
|
-
|
|
545
|
-
// src/react/components/CivicAuthIframeModal.tsx
|
|
219
|
+
// src/react/components/CivicAuthIframeContainer.tsx
|
|
546
220
|
|
|
547
221
|
|
|
548
222
|
// src/react/components/LoadingIcon.tsx
|
|
@@ -603,13 +277,12 @@ var CloseIcon = () => /* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
|
|
|
603
277
|
|
|
604
278
|
|
|
605
279
|
var CivicAuthIframe = _react.forwardRef.call(void 0,
|
|
606
|
-
({
|
|
280
|
+
({ onLoad }, ref) => {
|
|
607
281
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
608
282
|
"iframe",
|
|
609
283
|
{
|
|
610
|
-
id:
|
|
284
|
+
id: _chunkYNLXRD5Ljs.IFRAME_ID,
|
|
611
285
|
ref,
|
|
612
|
-
src: authUrl,
|
|
613
286
|
className: "cac-h-96 cac-w-80 cac-border-none",
|
|
614
287
|
onLoad
|
|
615
288
|
}
|
|
@@ -618,25 +291,57 @@ var CivicAuthIframe = _react.forwardRef.call(void 0,
|
|
|
618
291
|
);
|
|
619
292
|
CivicAuthIframe.displayName = "CivicAuthIframe";
|
|
620
293
|
|
|
621
|
-
// src/react/components/
|
|
294
|
+
// src/react/components/CivicAuthIframeContainer.tsx
|
|
622
295
|
|
|
623
|
-
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
|
|
296
|
+
function NoChrome({
|
|
297
|
+
children
|
|
298
|
+
}) {
|
|
299
|
+
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _jsxruntime.Fragment, { children });
|
|
300
|
+
}
|
|
301
|
+
function IframeChrome({
|
|
302
|
+
children,
|
|
303
|
+
onClose
|
|
304
|
+
}) {
|
|
305
|
+
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
306
|
+
"div",
|
|
307
|
+
{
|
|
308
|
+
className: "cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-neutral-950 cac-bg-opacity-50",
|
|
309
|
+
onClick: onClose,
|
|
310
|
+
children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
|
|
311
|
+
"div",
|
|
312
|
+
{
|
|
313
|
+
className: "cac-relative cac-rounded-3xl cac-bg-white cac-p-6 cac-shadow-lg",
|
|
314
|
+
onClick: (e) => e.stopPropagation(),
|
|
315
|
+
children: [
|
|
316
|
+
/* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
317
|
+
"button",
|
|
318
|
+
{
|
|
319
|
+
className: "cac-absolute cac-right-4 cac-top-4 cac-flex cac-cursor-pointer cac-items-center cac-justify-center cac-border-none cac-bg-transparent cac-p-1 cac-text-neutral-400",
|
|
320
|
+
onClick: onClose,
|
|
321
|
+
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, CloseIcon, {})
|
|
322
|
+
}
|
|
323
|
+
),
|
|
324
|
+
children
|
|
325
|
+
]
|
|
326
|
+
}
|
|
327
|
+
)
|
|
328
|
+
}
|
|
329
|
+
);
|
|
330
|
+
}
|
|
331
|
+
var CivicAuthIframeContainer = ({
|
|
627
332
|
onClose,
|
|
628
|
-
iframeRef,
|
|
629
|
-
redirectInProgress = false,
|
|
630
333
|
closeOnRedirect = true
|
|
631
334
|
}) => {
|
|
632
335
|
const [isLoading, setIsLoading] = _react.useState.call(void 0, true);
|
|
336
|
+
const config = useConfig();
|
|
337
|
+
const { setAuthResponseUrl, iframeRef } = useSession();
|
|
633
338
|
const processIframeUrl = _react.useCallback.call(void 0, () => {
|
|
634
|
-
if (iframeRef.current && iframeRef.current.contentWindow) {
|
|
339
|
+
if (iframeRef && iframeRef.current && iframeRef.current.contentWindow) {
|
|
635
340
|
try {
|
|
636
341
|
const iframeUrl = iframeRef.current.contentWindow.location.href;
|
|
637
|
-
if (iframeUrl.startsWith(
|
|
342
|
+
if (iframeUrl.startsWith(config.redirectUrl)) {
|
|
638
343
|
setAuthResponseUrl(iframeUrl);
|
|
639
|
-
if (closeOnRedirect) onClose();
|
|
344
|
+
if (closeOnRedirect) onClose == null ? void 0 : onClose();
|
|
640
345
|
return true;
|
|
641
346
|
}
|
|
642
347
|
} catch (e) {
|
|
@@ -644,12 +349,18 @@ var CivicAuthIframeModal = ({
|
|
|
644
349
|
}
|
|
645
350
|
}
|
|
646
351
|
return false;
|
|
647
|
-
}, [
|
|
352
|
+
}, [
|
|
353
|
+
closeOnRedirect,
|
|
354
|
+
config.redirectUrl,
|
|
355
|
+
iframeRef,
|
|
356
|
+
onClose,
|
|
357
|
+
setAuthResponseUrl
|
|
358
|
+
]);
|
|
648
359
|
const intervalId = _react.useRef.call(void 0, );
|
|
649
360
|
const handleEscape = _react.useCallback.call(void 0,
|
|
650
361
|
(event) => {
|
|
651
362
|
if (event.key === "Escape") {
|
|
652
|
-
onClose();
|
|
363
|
+
onClose == null ? void 0 : onClose();
|
|
653
364
|
}
|
|
654
365
|
},
|
|
655
366
|
[onClose]
|
|
@@ -665,39 +376,11 @@ var CivicAuthIframeModal = ({
|
|
|
665
376
|
clearInterval(intervalId.current);
|
|
666
377
|
}
|
|
667
378
|
};
|
|
668
|
-
|
|
669
|
-
|
|
670
|
-
{
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
|
|
674
|
-
"div",
|
|
675
|
-
{
|
|
676
|
-
className: "cac-relative cac-rounded-3xl cac-bg-white cac-p-6 cac-shadow-lg",
|
|
677
|
-
onClick: (e) => e.stopPropagation(),
|
|
678
|
-
children: [
|
|
679
|
-
/* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
680
|
-
"button",
|
|
681
|
-
{
|
|
682
|
-
className: "cac-absolute cac-right-4 cac-top-4 cac-flex cac-cursor-pointer cac-items-center cac-justify-center cac-border-none cac-bg-transparent cac-p-1 cac-text-neutral-400",
|
|
683
|
-
onClick: onClose,
|
|
684
|
-
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, CloseIcon, {})
|
|
685
|
-
}
|
|
686
|
-
),
|
|
687
|
-
(isLoading || redirectInProgress) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-rounded-3xl cac-bg-neutral-100", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingIcon, {}) }),
|
|
688
|
-
/* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
689
|
-
CivicAuthIframe,
|
|
690
|
-
{
|
|
691
|
-
ref: iframeRef,
|
|
692
|
-
authUrl,
|
|
693
|
-
onLoad: handleIframeLoad
|
|
694
|
-
}
|
|
695
|
-
)
|
|
696
|
-
]
|
|
697
|
-
}
|
|
698
|
-
)
|
|
699
|
-
}
|
|
700
|
-
);
|
|
379
|
+
const WrapperComponent = config.modalIframe ? IframeChrome : NoChrome;
|
|
380
|
+
return /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, WrapperComponent, { onClose, children: [
|
|
381
|
+
isLoading && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-rounded-3xl cac-bg-neutral-100", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingIcon, {}) }),
|
|
382
|
+
/* @__PURE__ */ _jsxruntime.jsx.call(void 0, CivicAuthIframe, { ref: iframeRef, onLoad: handleIframeLoad })
|
|
383
|
+
] });
|
|
701
384
|
};
|
|
702
385
|
|
|
703
386
|
// src/config.ts
|
|
@@ -706,20 +389,27 @@ var authConfig = {
|
|
|
706
389
|
oauthServer: "https://auth-dev.civic.com/oauth/"
|
|
707
390
|
};
|
|
708
391
|
|
|
709
|
-
// src/
|
|
710
|
-
|
|
711
|
-
|
|
712
|
-
|
|
713
|
-
|
|
714
|
-
|
|
715
|
-
|
|
716
|
-
}
|
|
717
|
-
} catch (_e) {
|
|
718
|
-
return false;
|
|
719
|
-
}
|
|
720
|
-
}
|
|
721
|
-
return false;
|
|
392
|
+
// src/react/providers/ConfigProvider.tsx
|
|
393
|
+
|
|
394
|
+
|
|
395
|
+
var defaultConfig = {
|
|
396
|
+
config: authConfig,
|
|
397
|
+
redirectUrl: "",
|
|
398
|
+
modalIframe: true
|
|
722
399
|
};
|
|
400
|
+
var ConfigContext = _react.createContext.call(void 0, defaultConfig);
|
|
401
|
+
var ConfigProvider = ({
|
|
402
|
+
children,
|
|
403
|
+
config,
|
|
404
|
+
redirectUrl,
|
|
405
|
+
modalIframe
|
|
406
|
+
}) => /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
407
|
+
ConfigContext.Provider,
|
|
408
|
+
{
|
|
409
|
+
value: { config, redirectUrl, modalIframe: !!modalIframe },
|
|
410
|
+
children
|
|
411
|
+
}
|
|
412
|
+
);
|
|
723
413
|
|
|
724
414
|
// src/shared/AuthProvider.tsx
|
|
725
415
|
|
|
@@ -732,28 +422,36 @@ if (typeof window !== "undefined") {
|
|
|
732
422
|
globalThisObject = Function("return this")();
|
|
733
423
|
}
|
|
734
424
|
globalThisObject.globalThis = globalThisObject;
|
|
425
|
+
function BlockDisplay({ children }) {
|
|
426
|
+
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-left-0 cac-top-0 cac-z-50 cac-flex cac-h-screen cac-w-screen cac-items-center cac-justify-center cac-bg-white", children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "div", { className: "cac-absolute cac-inset-0 cac-flex cac-items-center cac-justify-center cac-bg-white", children }) });
|
|
427
|
+
}
|
|
735
428
|
var AuthProvider = ({
|
|
736
429
|
children,
|
|
737
430
|
clientId,
|
|
738
431
|
redirectUrl: inputRedirectUrl,
|
|
739
432
|
config = authConfig,
|
|
740
|
-
nonce,
|
|
741
433
|
onSignIn,
|
|
742
434
|
onSignOut,
|
|
743
|
-
|
|
744
|
-
|
|
435
|
+
pkceConsumer,
|
|
436
|
+
nonce,
|
|
437
|
+
modalIframe = true
|
|
745
438
|
}) => {
|
|
746
439
|
const [iframeUrl, setIframeUrl] = _react.useState.call(void 0, null);
|
|
747
440
|
const [currentUrl, setCurrentUrl] = _react.useState.call(void 0, null);
|
|
748
441
|
const [isInIframe, setIsInIframe] = _react.useState.call(void 0, false);
|
|
749
442
|
const [authResponseUrl, setAuthResponseUrl] = _react.useState.call(void 0, null);
|
|
750
443
|
const [tokenExchangeError, setTokenExchangeError] = _react.useState.call(void 0, );
|
|
444
|
+
const [displayMode, setDisplayMode] = _react.useState.call(void 0, "iframe");
|
|
445
|
+
const [browserAuthenticationInitiator, setBrowserAuthenticationInitiator] = _react.useState.call(void 0, );
|
|
446
|
+
const [showIFrame, setShowIFrame] = _react.useState.call(void 0, false);
|
|
447
|
+
const [isRedirecting, setIsRedirecting] = _react.useState.call(void 0, false);
|
|
751
448
|
const queryClient3 = _reactquery.useQueryClient.call(void 0, );
|
|
752
449
|
const iframeRef = _react.useRef.call(void 0, null);
|
|
450
|
+
const serverBasedPKCE = pkceConsumer instanceof _chunkYNLXRD5Ljs.ConfidentialClientPKCEConsumer;
|
|
753
451
|
_react.useEffect.call(void 0, () => {
|
|
754
452
|
if (typeof globalThis.window !== "undefined") {
|
|
755
453
|
setCurrentUrl(globalThis.window.location.href);
|
|
756
|
-
const isInIframeVal = isWindowInIframe(globalThis.window);
|
|
454
|
+
const isInIframeVal = _chunkYNLXRD5Ljs.isWindowInIframe.call(void 0, globalThis.window);
|
|
757
455
|
setIsInIframe(isInIframeVal);
|
|
758
456
|
}
|
|
759
457
|
}, []);
|
|
@@ -761,26 +459,30 @@ var AuthProvider = ({
|
|
|
761
459
|
() => (inputRedirectUrl || currentUrl || "").split("?")[0],
|
|
762
460
|
[currentUrl, inputRedirectUrl]
|
|
763
461
|
);
|
|
764
|
-
const authService = _react.
|
|
765
|
-
|
|
462
|
+
const [authService, setAuthService] = _react.useState.call(void 0, );
|
|
463
|
+
_react.useEffect.call(void 0, () => {
|
|
464
|
+
if (!currentUrl) return;
|
|
465
|
+
_chunkYNLXRD5Ljs.BrowserAuthenticationService.build({
|
|
766
466
|
clientId,
|
|
767
467
|
redirectUrl,
|
|
768
|
-
|
|
769
|
-
|
|
770
|
-
|
|
771
|
-
|
|
772
|
-
);
|
|
773
|
-
const [userInfoService, setUserInfoService] = _react.useState.call(void 0, );
|
|
774
|
-
_react.useEffect.call(void 0, () => {
|
|
775
|
-
if (!authService) return;
|
|
776
|
-
authService.getUserInfoService().then(setUserInfoService);
|
|
777
|
-
}, [authService]);
|
|
468
|
+
oauthServer: config.oauthServer,
|
|
469
|
+
scopes: _chunkYNLXRD5Ljs.DEFAULT_SCOPES,
|
|
470
|
+
displayMode
|
|
471
|
+
}).then(setAuthService);
|
|
472
|
+
}, [currentUrl, clientId, redirectUrl, config, displayMode]);
|
|
778
473
|
const {
|
|
779
474
|
data: session,
|
|
780
475
|
isLoading,
|
|
781
476
|
error
|
|
782
477
|
} = _reactquery.useQuery.call(void 0, {
|
|
783
|
-
queryKey: [
|
|
478
|
+
queryKey: [
|
|
479
|
+
"session",
|
|
480
|
+
authResponseUrl,
|
|
481
|
+
iframeUrl,
|
|
482
|
+
currentUrl,
|
|
483
|
+
isInIframe,
|
|
484
|
+
authService
|
|
485
|
+
],
|
|
784
486
|
queryFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
785
487
|
if (!authService) {
|
|
786
488
|
return { authenticated: false };
|
|
@@ -789,12 +491,24 @@ var AuthProvider = ({
|
|
|
789
491
|
authResponseUrl ? authResponseUrl : globalThis.window.location.href || ""
|
|
790
492
|
);
|
|
791
493
|
const code = url.searchParams.get("code");
|
|
792
|
-
|
|
494
|
+
const state = url.searchParams.get("state");
|
|
495
|
+
if (!serverBasedPKCE && code && state && !isInIframe) {
|
|
793
496
|
try {
|
|
794
|
-
console.log("AuthProvider useQuery code", {
|
|
795
|
-
|
|
497
|
+
console.log("AuthProvider useQuery code", {
|
|
498
|
+
isInIframe,
|
|
499
|
+
code,
|
|
500
|
+
state
|
|
501
|
+
});
|
|
502
|
+
yield authService.tokenExchange(code, state);
|
|
503
|
+
const clientStorage = new (0, _chunkYNLXRD5Ljs.LocalStorageAdapter)();
|
|
504
|
+
const user = yield _chunkYNLXRD5Ljs.getUser.call(void 0, clientStorage);
|
|
505
|
+
if (!user) {
|
|
506
|
+
throw new Error("Failed to get user info");
|
|
507
|
+
}
|
|
508
|
+
const userSession = new (0, _chunkYNLXRD5Ljs.GenericUserSession)(clientStorage);
|
|
509
|
+
userSession.set(user);
|
|
796
510
|
onSignIn == null ? void 0 : onSignIn();
|
|
797
|
-
return
|
|
511
|
+
return authService.getSessionData();
|
|
798
512
|
} catch (error2) {
|
|
799
513
|
setTokenExchangeError(error2);
|
|
800
514
|
onSignIn == null ? void 0 : onSignIn(
|
|
@@ -812,39 +526,90 @@ var AuthProvider = ({
|
|
|
812
526
|
});
|
|
813
527
|
const signOutMutation = _reactquery.useMutation.call(void 0, {
|
|
814
528
|
mutationFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
815
|
-
|
|
529
|
+
const authInitiator = getAuthInitiator();
|
|
530
|
+
authInitiator == null ? void 0 : authInitiator.signOut();
|
|
816
531
|
setIframeUrl(null);
|
|
532
|
+
setShowIFrame(false);
|
|
817
533
|
setAuthResponseUrl(null);
|
|
818
534
|
onSignOut == null ? void 0 : onSignOut();
|
|
819
535
|
}),
|
|
820
536
|
onSuccess: () => {
|
|
821
537
|
queryClient3.setQueryData(
|
|
822
|
-
[
|
|
538
|
+
[
|
|
539
|
+
"session",
|
|
540
|
+
authResponseUrl,
|
|
541
|
+
iframeUrl,
|
|
542
|
+
currentUrl,
|
|
543
|
+
isInIframe,
|
|
544
|
+
authService
|
|
545
|
+
],
|
|
823
546
|
null
|
|
824
547
|
);
|
|
825
548
|
}
|
|
826
549
|
});
|
|
550
|
+
const getAuthInitiator = _react.useCallback.call(void 0,
|
|
551
|
+
(overrideDisplayMode) => {
|
|
552
|
+
const useDisplayMode = overrideDisplayMode || displayMode;
|
|
553
|
+
if (!pkceConsumer) {
|
|
554
|
+
return null;
|
|
555
|
+
}
|
|
556
|
+
return browserAuthenticationInitiator || new (0, _chunkYNLXRD5Ljs.BrowserAuthenticationInitiator)({
|
|
557
|
+
pkceConsumer,
|
|
558
|
+
// generate and retrieve the challenge client-side
|
|
559
|
+
clientId,
|
|
560
|
+
redirectUrl,
|
|
561
|
+
state: _chunkYNLXRD5Ljs.generateState.call(void 0, useDisplayMode),
|
|
562
|
+
scopes: _chunkYNLXRD5Ljs.DEFAULT_SCOPES,
|
|
563
|
+
displayMode: useDisplayMode,
|
|
564
|
+
oauthServer: config.oauthServer,
|
|
565
|
+
// the endpoints to use for the login (if not obtained from the auth server
|
|
566
|
+
endpointOverrides: config.endpoints,
|
|
567
|
+
nonce
|
|
568
|
+
});
|
|
569
|
+
},
|
|
570
|
+
[
|
|
571
|
+
displayMode,
|
|
572
|
+
browserAuthenticationInitiator,
|
|
573
|
+
clientId,
|
|
574
|
+
redirectUrl,
|
|
575
|
+
config.oauthServer,
|
|
576
|
+
config.endpoints,
|
|
577
|
+
pkceConsumer,
|
|
578
|
+
nonce
|
|
579
|
+
]
|
|
580
|
+
);
|
|
827
581
|
const signIn = _react.useCallback.call(void 0,
|
|
828
582
|
(overrideDisplayMode = "iframe") => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
829
|
-
|
|
830
|
-
const
|
|
831
|
-
|
|
832
|
-
_chunkOLT5HB3Gjs.DEFAULT_SCOPES,
|
|
833
|
-
overrideDisplayMode,
|
|
834
|
-
nonce
|
|
835
|
-
);
|
|
583
|
+
setDisplayMode(overrideDisplayMode);
|
|
584
|
+
const authInitiator = getAuthInitiator(overrideDisplayMode);
|
|
585
|
+
setBrowserAuthenticationInitiator(authInitiator);
|
|
836
586
|
if (overrideDisplayMode === "iframe") {
|
|
837
|
-
|
|
838
|
-
|
|
587
|
+
setShowIFrame(true);
|
|
588
|
+
} else if (overrideDisplayMode === "redirect") {
|
|
589
|
+
setIsRedirecting(true);
|
|
839
590
|
}
|
|
840
|
-
|
|
591
|
+
authInitiator == null ? void 0 : authInitiator.signIn(iframeRef.current);
|
|
841
592
|
}),
|
|
842
|
-
[
|
|
593
|
+
[getAuthInitiator]
|
|
843
594
|
);
|
|
844
595
|
const isAuthenticated = _react.useMemo.call(void 0,
|
|
845
596
|
() => session ? session.authenticated : false,
|
|
846
597
|
[session]
|
|
847
598
|
);
|
|
599
|
+
const {
|
|
600
|
+
data: autoSignIn,
|
|
601
|
+
isLoading: autoSignInLoading,
|
|
602
|
+
error: autoSignInError
|
|
603
|
+
} = _reactquery.useQuery.call(void 0, {
|
|
604
|
+
queryKey: ["autoSignIn", modalIframe, redirectUrl, isAuthenticated],
|
|
605
|
+
queryFn: () => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
606
|
+
if (!modalIframe && redirectUrl && !isAuthenticated && iframeRef.current) {
|
|
607
|
+
signIn("iframe");
|
|
608
|
+
}
|
|
609
|
+
return true;
|
|
610
|
+
}),
|
|
611
|
+
refetchOnWindowFocus: false
|
|
612
|
+
});
|
|
848
613
|
const value = _react.useMemo.call(void 0,
|
|
849
614
|
() => ({
|
|
850
615
|
isLoading,
|
|
@@ -857,23 +622,37 @@ var AuthProvider = ({
|
|
|
857
622
|
}),
|
|
858
623
|
[isLoading, error, signOutMutation, isAuthenticated, signIn]
|
|
859
624
|
);
|
|
860
|
-
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, AuthContext.Provider, { value, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
861
|
-
|
|
862
|
-
|
|
863
|
-
|
|
864
|
-
|
|
865
|
-
|
|
866
|
-
|
|
867
|
-
|
|
868
|
-
|
|
869
|
-
|
|
870
|
-
|
|
871
|
-
|
|
872
|
-
|
|
873
|
-
|
|
874
|
-
|
|
875
|
-
|
|
876
|
-
|
|
625
|
+
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, AuthContext.Provider, { value, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
626
|
+
ConfigProvider,
|
|
627
|
+
{
|
|
628
|
+
config,
|
|
629
|
+
redirectUrl,
|
|
630
|
+
modalIframe,
|
|
631
|
+
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
632
|
+
SessionProvider,
|
|
633
|
+
{
|
|
634
|
+
session,
|
|
635
|
+
setAuthResponseUrl,
|
|
636
|
+
iframeRef,
|
|
637
|
+
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, TokenProvider, { children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, UserProvider, { storage: new (0, _chunkYNLXRD5Ljs.LocalStorageAdapter)(), children: [
|
|
638
|
+
modalIframe && !isInIframe && !(session == null ? void 0 : session.authenticated) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
639
|
+
"div",
|
|
640
|
+
{
|
|
641
|
+
style: showIFrame ? { display: "block" } : { display: "none" },
|
|
642
|
+
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, CivicAuthIframeContainer, { onClose: () => setShowIFrame(false) })
|
|
643
|
+
}
|
|
644
|
+
),
|
|
645
|
+
modalIframe && (isInIframe || isRedirecting || isLoading) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, BlockDisplay, { children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, LoadingIcon, {}) }),
|
|
646
|
+
(tokenExchangeError || error) && /* @__PURE__ */ _jsxruntime.jsx.call(void 0, BlockDisplay, { children: /* @__PURE__ */ _jsxruntime.jsxs.call(void 0, "div", { children: [
|
|
647
|
+
"Error: ",
|
|
648
|
+
(tokenExchangeError || error).message
|
|
649
|
+
] }) }),
|
|
650
|
+
children
|
|
651
|
+
] }) })
|
|
652
|
+
}
|
|
653
|
+
)
|
|
654
|
+
}
|
|
655
|
+
) });
|
|
877
656
|
};
|
|
878
657
|
|
|
879
658
|
// src/shared/CivicAuthProvider.tsx
|
|
@@ -883,7 +662,13 @@ require('@civic/auth/styles.css');
|
|
|
883
662
|
var queryClient = new (0, _reactquery.QueryClient)();
|
|
884
663
|
var CivicAuthProvider = (_a) => {
|
|
885
664
|
var _b = _a, { children } = _b, props = _chunkCRTRMMJ7js.__objRest.call(void 0, _b, ["children"]);
|
|
886
|
-
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _reactquery.QueryClientProvider, { client: queryClient, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
665
|
+
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _reactquery.QueryClientProvider, { client: queryClient, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
666
|
+
AuthProvider,
|
|
667
|
+
_chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, props), {
|
|
668
|
+
pkceConsumer: new (0, _chunkYNLXRD5Ljs.BrowserPublicClientPKCEProducer)(),
|
|
669
|
+
children
|
|
670
|
+
})
|
|
671
|
+
) });
|
|
887
672
|
};
|
|
888
673
|
|
|
889
674
|
// src/react/providers/NextAuthProvider.tsx
|
|
@@ -901,7 +686,7 @@ var getCookieValue = (key, window2) => {
|
|
|
901
686
|
const cookies = cookie.split(";");
|
|
902
687
|
for (const c of cookies) {
|
|
903
688
|
const [name, value] = c.trim().split("=");
|
|
904
|
-
if (name === key) {
|
|
689
|
+
if (value && name === key) {
|
|
905
690
|
try {
|
|
906
691
|
return JSON.parse(decodeURIComponent(value));
|
|
907
692
|
} catch (e) {
|
|
@@ -957,28 +742,20 @@ var CivicNextAuthProvider = (_a) => {
|
|
|
957
742
|
]);
|
|
958
743
|
const user = useUserCookie();
|
|
959
744
|
const [redirectUrl, setRedirectUrl] = _react.useState.call(void 0, "");
|
|
960
|
-
const { clientId, oauthServer, callbackUrl, challengeUrl } =
|
|
745
|
+
const { clientId, oauthServer, callbackUrl, challengeUrl } = _chunkMVO4UZ2Ajs.resolveAuthConfig.call(void 0, );
|
|
961
746
|
_react.useEffect.call(void 0, () => {
|
|
962
747
|
if (typeof globalThis.window !== "undefined") {
|
|
963
748
|
const currentUrl = globalThis.window.location.href;
|
|
964
|
-
setRedirectUrl(
|
|
749
|
+
setRedirectUrl(_chunkMVO4UZ2Ajs.resolveCallbackUrl.call(void 0, _chunkMVO4UZ2Ajs.resolveAuthConfig.call(void 0, ), currentUrl));
|
|
965
750
|
}
|
|
966
751
|
}, [callbackUrl]);
|
|
967
|
-
const authService = _react.useMemo.call(void 0, () => {
|
|
968
|
-
if (redirectUrl && clientId && oauthServer) {
|
|
969
|
-
return new AuthSessionServiceImpl(clientId, redirectUrl, oauthServer, {
|
|
970
|
-
challenge: challengeUrl
|
|
971
|
-
});
|
|
972
|
-
}
|
|
973
|
-
return void 0;
|
|
974
|
-
}, [redirectUrl, clientId, oauthServer, challengeUrl]);
|
|
975
752
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _reactquery.QueryClientProvider, { client: queryClient2, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
976
753
|
AuthProvider,
|
|
977
754
|
_chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, props), {
|
|
755
|
+
redirectUrl,
|
|
978
756
|
config: { oauthServer },
|
|
979
757
|
clientId,
|
|
980
|
-
|
|
981
|
-
serverSideTokenExchange: true,
|
|
758
|
+
pkceConsumer: new (0, _chunkYNLXRD5Ljs.ConfidentialClientPKCEConsumer)(challengeUrl),
|
|
982
759
|
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, UserContext2.Provider, { value: user, children })
|
|
983
760
|
})
|
|
984
761
|
) });
|
|
@@ -994,6 +771,16 @@ var useUser = () => {
|
|
|
994
771
|
return context;
|
|
995
772
|
};
|
|
996
773
|
|
|
774
|
+
// src/react/hooks/useConfig.tsx
|
|
775
|
+
|
|
776
|
+
var useConfig = () => {
|
|
777
|
+
const context = _react.useContext.call(void 0, ConfigContext);
|
|
778
|
+
if (!context) {
|
|
779
|
+
throw new Error("useConfig must be used within an ConfigProvider");
|
|
780
|
+
}
|
|
781
|
+
return context;
|
|
782
|
+
};
|
|
783
|
+
|
|
997
784
|
// src/react/components/UserButton.tsx
|
|
998
785
|
|
|
999
786
|
|
|
@@ -1070,7 +857,7 @@ var UserButton = ({
|
|
|
1070
857
|
/* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
|
|
1071
858
|
"button",
|
|
1072
859
|
{
|
|
1073
|
-
className:
|
|
860
|
+
className: _chunkYNLXRD5Ljs.cn.call(void 0,
|
|
1074
861
|
"cac-flex cac-w-full cac-items-center cac-justify-between cac-gap-2 cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-text-neutral-500 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
1075
862
|
className
|
|
1076
863
|
),
|
|
@@ -1108,7 +895,8 @@ var UserButton = ({
|
|
|
1108
895
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
1109
896
|
"button",
|
|
1110
897
|
{
|
|
1111
|
-
|
|
898
|
+
"data-testid": "sign-in-button",
|
|
899
|
+
className: _chunkYNLXRD5Ljs.cn.call(void 0,
|
|
1112
900
|
"cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
1113
901
|
className
|
|
1114
902
|
),
|
|
@@ -1128,7 +916,8 @@ var SignInButton = ({
|
|
|
1128
916
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
1129
917
|
"button",
|
|
1130
918
|
{
|
|
1131
|
-
|
|
919
|
+
"data-testid": "sign-in-button",
|
|
920
|
+
className: _chunkYNLXRD5Ljs.cn.call(void 0,
|
|
1132
921
|
"cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
1133
922
|
className
|
|
1134
923
|
),
|
|
@@ -1145,7 +934,7 @@ var SignOutButton = ({ className }) => {
|
|
|
1145
934
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
1146
935
|
"button",
|
|
1147
936
|
{
|
|
1148
|
-
className:
|
|
937
|
+
className: _chunkYNLXRD5Ljs.cn.call(void 0,
|
|
1149
938
|
"cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
1150
939
|
className
|
|
1151
940
|
),
|
|
@@ -1158,7 +947,7 @@ var SignOutButton = ({ className }) => {
|
|
|
1158
947
|
// src/react/components/NextLogOut.tsx
|
|
1159
948
|
|
|
1160
949
|
var NextLogOut = ({ children }) => {
|
|
1161
|
-
const config =
|
|
950
|
+
const config = _chunkMVO4UZ2Ajs.resolveAuthConfig.call(void 0, );
|
|
1162
951
|
const logoutUrl = `${config.logoutUrl}`;
|
|
1163
952
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "a", { href: logoutUrl, children });
|
|
1164
953
|
};
|
|
@@ -1175,5 +964,7 @@ var NextLogOut = ({ children }) => {
|
|
|
1175
964
|
|
|
1176
965
|
|
|
1177
966
|
|
|
1178
|
-
|
|
967
|
+
|
|
968
|
+
|
|
969
|
+
exports.CivicAuthIframeContainer = CivicAuthIframeContainer; exports.CivicAuthProvider = CivicAuthProvider; exports.CivicNextAuthProvider = CivicNextAuthProvider; exports.NextLogOut = NextLogOut; exports.SignInButton = SignInButton; exports.SignOutButton = SignOutButton; exports.UserButton = UserButton; exports.useAuth = useAuth; exports.useConfig = useConfig; exports.useNextUser = useNextUser; exports.useSession = useSession; exports.useToken = useToken; exports.useUser = useUser; exports.useUserCookie = useUserCookie;
|
|
1179
970
|
//# sourceMappingURL=react.js.map
|