@civic/auth 0.1.3 → 0.1.4-beta.1

package/dist/src/types.js

@@ -1,2 +1,4 @@
-export {};
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+const tokenKeys = ["idToken", "accessToken", "refreshToken", "forwardedTokens"];
+export { tokenKeys };
 //# sourceMappingURL=types.js.map

package/dist/src/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { TokenResponseBody } from \"oslo/oauth2\";\nimport type { JWT } from \"oslo/jwt\";\n\ntype UnknownObject = Record<string, unknown>;\ntype EmptyObject = Record<string, never>;\n\n// Display modes for the auth flow\ntype DisplayMode = \"iframe\" | \"redirect\" | \"new_tab\" | \"custom_tab\";\n\n// Combined Auth and Session Service\ninterface AuthSessionService {\n  // TODO DK NOTES: Should be in BrowserAuthSessionService, not relevant on backend\n  loadAuthorizationUrl(\n    authorizationURL: string,\n    displayMode: DisplayMode,\n  ): void;\n  // TODO DK NOTES: overrideDisplayMode parameter not appropriate here - also - do we need both this and the above in the interface?\n  getAuthorizationUrl(\n    scopes: string[],\n    overrideDisplayMode: DisplayMode,\n    nonce?: string,\n  ): Promise<string>;\n  // TODO DK NOTES: display mode should be in browser version only. Also, do we need this and the above two in the top-level interface?\n  signIn(\n    displayMode: DisplayMode,\n    scopes: string[],\n    nonce?: string,\n  ): Promise<void>;\n  // TODO DK NOTES: Input should be an auth code - do not assume it comes via an url\n  tokenExchange(responseUrl: string): Promise<SessionData>;\n  // TODO DK NOTES: Should be async for flexibility\n  getSessionData(): SessionData;\n  // TODO DK NOTES: Should be async for flexibility\n  updateSessionData(data: SessionData): void;\n  getUserInfoService(): Promise<UserInfoService>;\n}\n\n// Token Service\ninterface TokenService {\n  exchangeCodeForTokens(authCode: string): Promise<Tokens>;\n  validateIdToken(idToken: string, nonce: string): boolean;\n  refreshAccessToken(refreshToken: string): Promise<Tokens>;\n}\n\n// User Info Service\ninterface UserInfoService {\n  getUserInfo<T extends UnknownObject>(\n    accessToken: string,\n    idToken: string | null,\n  ): Promise<User<T> | null>;\n}\n\n// Resource Service\ninterface ResourceService {\n  getProtectedResource(accessToken: string): Promise<unknown>;\n}\n\n// Auth Request (for internal use in AuthSessionService)\ntype AuthRequest = {\n  clientId: string;\n  redirectUri: string;\n  state: string;\n  nonce: string;\n  scope: string;\n};\n\ntype Endpoints = {\n  jwks: string;\n  auth: string;\n  token: string;\n  userinfo: string;\n  challenge?: string;\n};\n\ntype Config = {\n  oauthServer: string;\n  endpoints?: Endpoints;\n};\n\ntype SessionData = {\n  authenticated: boolean; // TODO can this be inferred from the presence of the tokens?\n  state?: string;\n  accessToken?: string;\n  refreshToken?: string;\n  idToken?: string;\n  timestamp?: number;\n  expiresIn?: number;\n  codeVerifier?: string;\n  displayMode?: DisplayMode;\n  openerUrl?: string;\n};\n\ntype OIDCTokenResponseBody = TokenResponseBody & { id_token: string };\n\ntype ParsedTokens = {\n  id_token: JWTPayload;\n  access_token: JWTPayload;\n  refresh_token?: string;\n};\n\n// The format we expose to the frontend via hooks\ntype ForwardedTokens = Record<\n  string,\n  {\n    idToken?: string;\n    accessToken?: string;\n    refreshToken?: string;\n  }\n>;\n\n// The format in the JWT payload\ntype ForwardedTokensJWT = Record<\n  string,\n  {\n    id_token?: string;\n    access_token?: string;\n    refresh_token?: string;\n    scope?: string;\n  }\n>;\n\ntype JWTPayload = JWT[\"payload\"] & {\n  iss: string;\n  aud: string;\n  sub: string;\n  iat: number;\n  exp: number;\n};\n\ntype IdTokenPayload = JWTPayload & {\n  forwardedTokens?: ForwardedTokensJWT;\n  email?: string;\n  name?: string;\n  picture?: string;\n  nonce: string;\n  at_hash: string;\n};\n\ntype IdToken = Omit<JWT, \"payload\"> & {\n  payload: IdTokenPayload;\n};\n\ntype Tokens = {\n  idToken: string;\n  accessToken: string;\n  refreshToken: string;\n  forwardedTokens: ForwardedTokens;\n};\n\n// Base user interface\ntype BaseUser = {\n  id: string;\n  email?: string;\n  name?: string;\n  given_name?: string;\n  family_name?: string;\n  picture?: string;\n  updated_at?: Date;\n};\n\ntype User<T extends UnknownObject = EmptyObject> = BaseUser &\n  Partial<Tokens> &\n  T;\n\ntype OpenIdConfiguration = {\n  authorization_endpoint: string;\n  claims_parameter_supported: boolean;\n  claims_supported: string[];\n  code_challenge_methods_supported: string[];\n  end_session_endpoint: string;\n  grant_types_supported: string[];\n  issuer: string;\n  jwks_uri: string;\n  authorization_response_iss_parameter_supported: boolean;\n  response_modes_supported: string[];\n  response_types_supported: string[];\n  scopes_supported: string[];\n  subject_types_supported: string[];\n  token_endpoint_auth_methods_supported: string[];\n  token_endpoint_auth_signing_alg_values_supported: string[];\n  token_endpoint: string;\n  id_token_signing_alg_values_supported: string[];\n  pushed_authorization_request_endpoint: string;\n  request_parameter_supported: boolean;\n  request_uri_parameter_supported: boolean;\n  userinfo_endpoint: string;\n  claim_types_supported: string[];\n};\n\ntype LoginPostMessage = {\n  source: string;\n  type: string;\n  clientId: string;\n  data: {\n    url: string;\n  };\n};\nexport type {\n  LoginPostMessage,\n  AuthSessionService,\n  TokenService,\n  UserInfoService,\n  ResourceService,\n  AuthRequest,\n  Tokens,\n  Endpoints,\n  Config,\n  SessionData,\n  OIDCTokenResponseBody,\n  ParsedTokens,\n  BaseUser,\n  User,\n  DisplayMode,\n  UnknownObject,\n  EmptyObject,\n  ForwardedTokens,\n  ForwardedTokensJWT,\n  JWTPayload,\n  IdTokenPayload,\n  IdToken,\n  OpenIdConfiguration,\n};\n\nexport interface AuthStorage {\n  get(key: string): Promise<string | null>;\n  set(key: string, value: string): Promise<void>;\n}\n"]}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAiJA,6DAA6D;AAC7D,MAAM,SAAS,GAAG,CAAC,SAAS,EAAE,aAAa,EAAE,cAAc,EAAE,iBAAiB,CAAC,CAAC;AAgFhF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import type { TokenResponseBody } from \"oslo/oauth2\";\nimport type { JWT } from \"oslo/jwt\";\n\ntype UnknownObject = Record<string, unknown>;\ntype EmptyObject = Record<string, never>;\n\n// Display modes for the auth flow\ntype DisplayMode = \"iframe\" | \"redirect\" | \"new_tab\" | \"custom_tab\";\n\n// Combined Auth and Session Service\ninterface AuthSessionService {\n  // TODO DK NOTES: Should be in BrowserAuthSessionService, not relevant on backend\n  loadAuthorizationUrl(\n    authorizationURL: string,\n    displayMode: DisplayMode,\n  ): void;\n  // TODO DK NOTES: overrideDisplayMode parameter not appropriate here - also - do we need both this and the above in the interface?\n  getAuthorizationUrl(\n    scopes: string[],\n    overrideDisplayMode: DisplayMode,\n    nonce?: string,\n  ): Promise<string>;\n  // TODO DK NOTES: display mode should be in browser version only. Also, do we need this and the above two in the top-level interface?\n  signIn(\n    displayMode: DisplayMode,\n    scopes: string[],\n    nonce?: string,\n  ): Promise<void>;\n  // TODO DK NOTES: Input should be an auth code - do not assume it comes via an url\n  tokenExchange(responseUrl: string): Promise<SessionData>;\n  // TODO DK NOTES: Should be async for flexibility\n  getSessionData(): SessionData;\n  // TODO DK NOTES: Should be async for flexibility\n  updateSessionData(data: SessionData): void;\n  getUserInfoService(): Promise<UserInfoService>;\n}\n\n// Token Service\ninterface TokenService {\n  exchangeCodeForTokens(authCode: string): Promise<Tokens>;\n  validateIdToken(idToken: string, nonce: string): boolean;\n  refreshAccessToken(refreshToken: string): Promise<Tokens>;\n}\n\n// User Info Service\ninterface UserInfoService {\n  getUserInfo<T extends UnknownObject>(\n    accessToken: string,\n    idToken: string | null,\n  ): Promise<User<T> | null>;\n}\n\n// Resource Service\ninterface ResourceService {\n  getProtectedResource(accessToken: string): Promise<unknown>;\n}\n\n// Auth Request (for internal use in AuthSessionService)\ntype AuthRequest = {\n  clientId: string;\n  redirectUri: string;\n  state: string;\n  nonce: string;\n  scope: string;\n};\n\ntype Endpoints = {\n  jwks: string;\n  auth: string;\n  token: string;\n  userinfo: string;\n  challenge?: string;\n};\n\ntype Config = {\n  oauthServer: string;\n  endpoints?: Endpoints;\n};\n\ntype SessionData = {\n  authenticated: boolean; // TODO can this be inferred from the presence of the tokens?\n  state?: string;\n  accessToken?: string;\n  refreshToken?: string;\n  idToken?: string;\n  timestamp?: number;\n  expiresIn?: number;\n  codeVerifier?: string;\n  displayMode?: DisplayMode;\n  openerUrl?: string;\n};\n\ntype OIDCTokenResponseBody = TokenResponseBody & {\n  id_token: string;\n  timestamp?: number;\n};\n\ntype ParsedTokens = {\n  id_token: JWTPayload;\n  access_token: JWTPayload;\n  refresh_token?: string;\n};\n\n// The format we expose to the frontend via hooks\ntype ForwardedTokens = Record<\n  string,\n  {\n    idToken?: string;\n    accessToken?: string;\n    refreshToken?: string;\n  }\n>;\n\n// The format in the JWT payload\ntype ForwardedTokensJWT = Record<\n  string,\n  {\n    id_token?: string;\n    access_token?: string;\n    refresh_token?: string;\n    scope?: string;\n  }\n>;\n\ntype JWTPayload = JWT[\"payload\"] & {\n  iss: string;\n  aud: string;\n  sub: string;\n  iat: number;\n  exp: number;\n};\n\ntype IdTokenPayload = JWTPayload & {\n  forwardedTokens?: ForwardedTokensJWT;\n  email?: string;\n  name?: string;\n  picture?: string;\n  nonce: string;\n  at_hash: string;\n};\n\ntype IdToken = Omit<JWT, \"payload\"> & {\n  payload: IdTokenPayload;\n};\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nconst tokenKeys = [\"idToken\", \"accessToken\", \"refreshToken\", \"forwardedTokens\"];\n\n// Derive the Tokens type from the array\ntype Tokens = {\n  [K in (typeof tokenKeys)[number]]: K extends \"forwardedTokens\"\n    ? ForwardedTokens\n    : string;\n};\n\n// Base user interface\ntype BaseUser = {\n  id: string;\n  email?: string;\n  name?: string;\n  given_name?: string;\n  family_name?: string;\n  picture?: string;\n  updated_at?: Date;\n};\n\ntype User<T extends UnknownObject = EmptyObject> = BaseUser & T;\n\ntype OpenIdConfiguration = {\n  authorization_endpoint: string;\n  claims_parameter_supported: boolean;\n  claims_supported: string[];\n  code_challenge_methods_supported: string[];\n  end_session_endpoint: string;\n  grant_types_supported: string[];\n  issuer: string;\n  jwks_uri: string;\n  authorization_response_iss_parameter_supported: boolean;\n  response_modes_supported: string[];\n  response_types_supported: string[];\n  scopes_supported: string[];\n  subject_types_supported: string[];\n  token_endpoint_auth_methods_supported: string[];\n  token_endpoint_auth_signing_alg_values_supported: string[];\n  token_endpoint: string;\n  id_token_signing_alg_values_supported: string[];\n  pushed_authorization_request_endpoint: string;\n  request_parameter_supported: boolean;\n  request_uri_parameter_supported: boolean;\n  userinfo_endpoint: string;\n  claim_types_supported: string[];\n};\n\ntype LoginPostMessage = {\n  source: string;\n  type: string;\n  clientId: string;\n  data: {\n    url: string;\n  };\n};\nexport type {\n  LoginPostMessage,\n  AuthSessionService,\n  TokenService,\n  UserInfoService,\n  ResourceService,\n  AuthRequest,\n  Tokens,\n  Endpoints,\n  Config,\n  SessionData,\n  OIDCTokenResponseBody,\n  ParsedTokens,\n  BaseUser,\n  User,\n  DisplayMode,\n  UnknownObject,\n  EmptyObject,\n  ForwardedTokens,\n  ForwardedTokensJWT,\n  JWTPayload,\n  IdTokenPayload,\n  IdToken,\n  OpenIdConfiguration,\n};\nexport { tokenKeys };\nexport interface AuthStorage {\n  get(key: string): Promise<string | null>;\n  set(key: string, value: string): Promise<void>;\n}\n"]}

package/dist/test/integration/sdk.test.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sdk.test.d.ts","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAaA,OAAO,2BAA2B,CAAC"}
+{"version":3,"file":"sdk.test.d.ts","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAoBA,OAAO,2BAA2B,CAAC"}

package/dist/test/integration/sdk.test.js

@@ -1,14 +1,14 @@
 import React from "react";
-import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
 import { OAuth2Client } from "oslo/oauth2";
 import { useAuth, useUser } from "@/reactjs/hooks/index.js";
 import { CivicAuthProvider } from "@/reactjs/providers/index.js";
 import { render, screen, act, fireEvent, waitFor, } from "@testing-library/react";
-import { describe, it, expect, beforeEach, vi, afterEach } from "vitest";
+import { describe, it, expect, beforeEach, vi, afterEach, } from "vitest";
 import "@testing-library/jest-dom";
 import * as jose from "jose";
-import tokensFixture from "../support/tokens.json";
+import tokensFixture from "../support/tokens.json" assert { type: "json" };
 import * as oauthLib from "@/lib/oauth.js";
+import { CodeVerifier } from "@/shared/lib/types.js";
 const validTokens = { ...tokensFixture.local.validTokens };
 // Mock Component to test OAuth flow with useAuth
 const MockOAuthComponent = () => {
@@ -34,8 +34,11 @@ describe("OAuth login", () => {
     const clientId = "test-client-id";
     let mockOAuth2Client;
     let originalWindowLocation;
+    let getOauthEndpointsMock;
     afterEach(vi.clearAllMocks);
-    vi.spyOn(oauthLib, "getOauthEndpoints").mockResolvedValue({
+    getOauthEndpointsMock = vi
+        .spyOn(oauthLib, "getOauthEndpoints")
+        .mockResolvedValue({
         auth: "http://localhost:3001/oauth/auth",
         token: "http://localhost:3001/oauth/token",
         jwks: "http://localhost:3001/oauth/jwks",
@@ -93,30 +96,34 @@ describe("OAuth login", () => {
             replace: vi.fn(),
             reload: vi.fn(),
         };
-        const queryClient = new QueryClient();
-        render(React.createElement(QueryClientProvider, { client: queryClient },
-            React.createElement(CivicAuthProvider, { clientId: clientId, redirectUrl: redirectUri, config: {
+        act(() => {
+            render(React.createElement(CivicAuthProvider, { clientId: clientId, redirectUrl: redirectUri, config: {
                     oauthServer: "http://localhost:3001",
                 } },
-                React.createElement(MockOAuthComponent, null))));
+                React.createElement(MockOAuthComponent, null)));
+        });
+        await waitFor(() => {
+            expect(getOauthEndpointsMock).toHaveBeenCalledWith("http://localhost:3001");
+        });
         // Trigger the login button click, which initiates the OAuth flow
         await act(async () => {
             fireEvent.click(screen.getByText("Login"));
         });
-        // Confirm that the sdk set the window.location.href to the auth url
-        const url = new URL(window.location.href);
-        expect(url.origin + url.pathname).toEqual("http://localhost:3001/oauth/auth");
-        expect(url.searchParams.get("response_type")).toEqual("code");
-        expect(url.searchParams.get("client_id")).toEqual(clientId);
-        expect(url.searchParams.get("redirect_uri")).toEqual(redirectUri);
-        expect(url.searchParams.get("scope")).toEqual("openid profile email");
-        expect(url.searchParams.get("state")).toBeTruthy(); // Ensure state is present
-        expect(url.searchParams.get("code_challenge")).toBeTruthy(); // Ensure code_challenge is present
-        expect(url.searchParams.get("code_challenge_method")).toEqual("S256");
-        expect(screen.queryByTestId("session")).not.toBeInTheDocument();
+        await waitFor(() => {
+            // Confirm that the sdk set the window.location.href to the auth url
+            const url = new URL(window.location.href);
+            expect(url.origin + url.pathname).toEqual("http://localhost:3001/oauth/auth");
+            expect(url.searchParams.get("response_type")).toEqual("code");
+            expect(url.searchParams.get("client_id")).toEqual(clientId);
+            expect(url.searchParams.get("redirect_uri")).toEqual(redirectUri);
+            expect(url.searchParams.get("scope")).toEqual("openid profile email");
+            expect(url.searchParams.get("state")).toBeTruthy(); // Ensure state is present
+            expect(url.searchParams.get("code_challenge")).toBeTruthy(); // Ensure code_challenge is present
+            expect(url.searchParams.get("code_challenge_method")).toEqual("S256");
+            expect(screen.queryByTestId("session")).not.toBeInTheDocument();
+        });
     });
     it("should initiate code exchange, validate tokens, and derive user from ID token", async () => {
-        const queryClient = new QueryClient();
         const redirectUri = "http://localhost:3001/callback";
         // Mock ID token with user information
         const mockIdToken = validTokens.idToken;
@@ -131,12 +138,7 @@ describe("OAuth login", () => {
         vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue(mockTokens);
         // Prime storage and simulate redirect
         await act(async () => {
-            localStorage.setItem("civic-auth:test-client-id", JSON.stringify({
-                authenticated: false,
-                state: "mock-state",
-                codeVerifier: "mock-code-verifier",
-                displayMode: "redirect",
-            }));
+            localStorage.setItem(CodeVerifier.COOKIE_NAME, "mock-code-verifier");
             window.location.pathname = "test-pathName";
             // Configure window.location to simulate redirect
             Object.defineProperty(window, "location", {
@@ -148,14 +150,18 @@ describe("OAuth login", () => {
             });
             window.location.href = `${redirectUri}?code=test-code&state=mock-state`;
             // Render the AuthProvider with the mock OAuth component
-            render(React.createElement(QueryClientProvider, { client: queryClient },
-                React.createElement(CivicAuthProvider, { clientId: clientId, redirectUrl: redirectUri, config: {
-                        oauthServer: "http://localhost:3001",
-                    } },
-                    React.createElement(MockOAuthComponent, null))));
+            render(React.createElement(CivicAuthProvider, { clientId: clientId, redirectUrl: redirectUri, config: {
+                    oauthServer: "http://localhost:3001",
+                } },
+                React.createElement(MockOAuthComponent, null)));
+        });
+        await waitFor(() => {
+            expect(getOauthEndpointsMock).toHaveBeenCalledWith("http://localhost:3001");
         });
-        expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith("test-code", {
-            codeVerifier: "mock-code-verifier",
+        await waitFor(() => {
+            expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith("test-code", {
+                codeVerifier: "mock-code-verifier",
+            });
         });
         // Check that jose.jwtVerify was called for id_token validation
         await waitFor(() => {

package/dist/test/integration/sdk.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"sdk.test.js","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EACL,MAAM,EACN,MAAM,EACN,GAAG,EACH,SAAS,EACT,OAAO,GACR,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,2BAA2B,CAAC;AACnC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,aAAa,MAAM,wBAAwB,CAAC;AACnD,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C,MAAM,WAAW,GAAG,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;AAC3D,iDAAiD;AACjD,MAAM,kBAAkB,GAAG,GAAG,EAAE;IAC9B,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,OAAO,EAAE,CAAC;IAC9C,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,EAAE,CAAC;IAE3B,MAAM,WAAW,GAAG,KAAK,IAAI,EAAE;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;YACzB,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,KAAK,CAAC,cAAc,CAAC,CAAC;QACxB,CAAC;IACH,CAAC,CAAC;IAEF,OAAO,CACL;QACE,gCAAQ,OAAO,EAAE,WAAW,YAAgB;QAC3C,IAAI,IAAI,CACP,0CAAe,YAAY;;YAExB,IAAI,CAAC,KAAK,CACT,CACL;QACA,eAAe,IAAI,CAClB,0CAAe,SAAS,iCAA+B,CACxD,CACG,CACP,CAAC;AACJ,CAAC,CAAC;AAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,IAAI,gBAA8B,CAAC;IACnC,IAAI,sBAAgC,CAAC;IACrC,SAAS,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;IAE5B,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC,iBAAiB,CAAC;QACxD,IAAI,EAAE,kCAAkC;QACxC,KAAK,EAAE,mCAAmC;QAC1C,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,sCAAsC;KACjD,CAAC,CAAC;IACH,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;QAC5B,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;QACrB,oBAAoB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;QACvD,aAAa,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;KACzC,CAAC,CAAC,CAAC;IAEJ,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACrB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;KAC5B,CAAC,CAAC,CAAC;IAEJ,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,YAAY,EAAE,CAAC;QAElB,6BAA6B;QAC7B,gBAAgB,GAAG;YACjB,sBAAsB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC/B,yBAAyB,EAAE,EAAE,CAAC,EAAE,EAAE;YAClC,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,QAAQ,EAAE,gBAAgB;SACA,CAAC;QAC7B,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,QAAQ,GAAG;YACf,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpD,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,eAAe,CAAC,QAAe,CAAC,CAAC;QACpE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC;YAC1C,OAAO,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE;YACzE,eAAe,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE;SACmB,CAAC,CAAC;QAExD,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC;QACzC,MAAM,CAAC,QAAQ,GAAG,EAAE,IAAI,EAAE,EAAE,EAAc,CAAC;QAC3C,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACvB,sCAAsC;QACtC,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,CAAC,QAAQ,GAAG,sBAAsB,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,gCAAgC,CAAC;QAErD,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CAClE,IAAI,GAAG,CACL,gEAAgE;YAC9D,QAAQ;YACR,gBAAgB;YAChB,kBAAkB,CAAC,WAAW,CAAC;YAC/B,gHAAgH,CACnH,CACF,CAAC;QAEF,MAAM,CAAC,QAAQ,GAAG;YAChB,GAAG,sBAAsB;YACzB,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,EAAE,CAAC,EAAE,EAAE;YAChB,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;SAChB,CAAC;QAEF,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;QACtC,MAAM,CACJ,oBAAC,mBAAmB,IAAC,MAAM,EAAE,WAAW;YACtC,oBAAC,iBAAiB,IAChB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;oBACN,WAAW,EAAE,uBAAuB;iBACrC;gBAED,oBAAC,kBAAkB,OAAG,CACJ,CACA,CACvB,CAAC;QAEF,iEAAiE;QACjE,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,oEAAoE;QACpE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,OAAO,CACvC,kCAAkC,CACnC,CAAC;QACF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC9D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC5D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAClE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;QACtE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,0BAA0B;QAC9E,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,mCAAmC;QAChG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtE,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+EAA+E,EAAE,KAAK,IAAI,EAAE;QAC7F,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;QACtC,MAAM,WAAW,GAAG,gCAAgC,CAAC;QAErD,sCAAsC;QACtC,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC;QACxC,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,CAAC;QAEhD,2BAA2B;QAC3B,MAAM,UAAU,GAAG;YACjB,YAAY,EAAE,eAAe;YAC7B,QAAQ,EAAE,WAAW;YACrB,aAAa,EAAE,oBAAoB;YACnC,UAAU,EAAE,IAAI;SACjB,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,iBAAiB,CACrE,UAAU,CACX,CAAC;QAEF,sCAAsC;QACtC,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,YAAY,CAAC,OAAO,CAClB,2BAA2B,EAC3B,IAAI,CAAC,SAAS,CAAC;gBACb,aAAa,EAAE,KAAK;gBACpB,KAAK,EAAE,YAAY;gBACnB,YAAY,EAAE,oBAAoB;gBAClC,WAAW,EAAE,UAAU;aACxB,CAAC,CACH,CAAC;YACF,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,eAAe,CAAC;YAE3C,iDAAiD;YACjD,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,UAAU,EAAE;gBACxC,KAAK,EAAE;oBACL,GAAG,MAAM,CAAC,QAAQ;oBAClB,MAAM,EAAE,oBAAoB;iBAC7B;gBACD,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,WAAW,kCAAkC,CAAC;YAExE,wDAAwD;YACxD,MAAM,CACJ,oBAAC,mBAAmB,IAAC,MAAM,EAAE,WAAW;gBACtC,oBAAC,iBAAiB,IAChB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;wBACN,WAAW,EAAE,uBAAuB;qBACrC;oBAED,oBAAC,kBAAkB,OAAG,CACJ,CACA,CACvB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,oBAAoB,CACrE,WAAW,EACX;YACE,YAAY,EAAE,oBAAoB;SACnC,CACF,CAAC;QAEF,+DAA+D;QAC/D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,WAAW,EACX,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;gBAC3D,QAAQ,EAAE,QAAQ;aACnB,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,mEAAmE;QACnE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,eAAe,EACf,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;aAC5D,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,0DAA0D;QAC1D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CACvD,4BAA4B,CAC7B,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,kEAAkE;QAClE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,iBAAiB,CAC1D,sBAAsB,CACvB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import React from \"react\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { useAuth, useUser } from \"@/reactjs/hooks/index.js\";\nimport { CivicAuthProvider } from \"@/reactjs/providers/index.js\";\nimport {\n  render,\n  screen,\n  act,\n  fireEvent,\n  waitFor,\n} from \"@testing-library/react\";\nimport { describe, it, expect, beforeEach, vi, afterEach } from \"vitest\";\nimport \"@testing-library/jest-dom\";\nimport * as jose from \"jose\";\nimport tokensFixture from \"../support/tokens.json\";\nimport * as oauthLib from \"@/lib/oauth.js\";\nimport type { JWTVerifyResult, ResolvedKey } from \"jose\";\n\nconst validTokens = { ...tokensFixture.local.validTokens };\n// Mock Component to test OAuth flow with useAuth\nconst MockOAuthComponent = () => {\n  const { signIn, isAuthenticated } = useAuth();\n  const { user } = useUser();\n\n  const handleLogin = async () => {\n    try {\n      await signIn(\"redirect\");\n      alert(\"Login Redirect Initiated\");\n    } catch {\n      alert(\"Login Failed\");\n    }\n  };\n\n  return (\n    <div>\n      <button onClick={handleLogin}>Login</button>\n      {user && (\n        <p data-testid=\"user-email\">\n          User:\n          {user.email}\n        </p>\n      )}\n      {isAuthenticated && (\n        <p data-testid=\"session\">Session authenticated:true</p>\n      )}\n    </div>\n  );\n};\n\ndescribe(\"OAuth login\", () => {\n  const clientId = \"test-client-id\";\n  let mockOAuth2Client: OAuth2Client;\n  let originalWindowLocation: Location;\n  afterEach(vi.clearAllMocks);\n\n  vi.spyOn(oauthLib, \"getOauthEndpoints\").mockResolvedValue({\n    auth: \"http://localhost:3001/oauth/auth\",\n    token: \"http://localhost:3001/oauth/token\",\n    jwks: \"http://localhost:3001/oauth/jwks\",\n    userinfo: \"http://localhost:3001/oauth/userinfo\",\n  });\n  vi.mock(\"oslo/oauth2\", () => ({\n    OAuth2Client: vi.fn(),\n    generateCodeVerifier: vi.fn(() => \"mock-code-verifier\"),\n    generateState: vi.fn(() => \"mock-state\"),\n  }));\n\n  vi.mock(\"jose\", () => ({\n    jwtVerify: vi.fn(),\n    createRemoteJWKSet: vi.fn(),\n  }));\n\n  beforeEach(() => {\n    vi.clearAllMocks();\n    vi.resetModules();\n\n    // Setup mock implementations\n    mockOAuth2Client = {\n      createAuthorizationURL: vi.fn(),\n      validateAuthorizationCode: vi.fn(),\n      refreshAccessToken: vi.fn(),\n      clientId: \"test-client-id\",\n    } as unknown as OAuth2Client;\n    vi.mocked(OAuth2Client).mockImplementation(() => mockOAuth2Client);\n\n    // Setup jose mocks\n    const mockJWKS = {\n      getKey: vi.fn().mockResolvedValue({ alg: \"RS256\" }),\n    };\n    vi.mocked(jose.createRemoteJWKSet).mockReturnValue(mockJWKS as any);\n    vi.mocked(jose.jwtVerify).mockResolvedValue({\n      payload: { sub: \"user123\", name: \"Test User\", email: \"test@example.com\" },\n      protectedHeader: { alg: \"RS256\" },\n    } as unknown as JWTVerifyResult<unknown> & ResolvedKey);\n\n    originalWindowLocation = window.location;\n    window.location = { href: \"\" } as Location;\n    global.alert = vi.fn();\n    // Mock window.open to prevent errors.\n    vi.spyOn(window, \"open\").mockReturnValue(null);\n  });\n\n  afterEach(() => {\n    window.location = originalWindowLocation;\n  });\n\n  it(\"should set the correct auth url for login with redirect\", async () => {\n    const windowAssign = vi.fn();\n    const redirectUri = \"http://localhost:3001/callback\";\n\n    vi.mocked(mockOAuth2Client.createAuthorizationURL).mockResolvedValue(\n      new URL(\n        \"http://localhost:3001/oauth/auth?response_type=code&client_id=\" +\n          clientId +\n          \"&redirect_uri=\" +\n          encodeURIComponent(redirectUri) +\n          \"&scope=openid%20profile%20email&state=mock-state&code_challenge=mock-code-challenge&code_challenge_method=S256\",\n      ),\n    );\n\n    window.location = {\n      ...originalWindowLocation,\n      assign: windowAssign,\n      replace: vi.fn(),\n      reload: vi.fn(),\n    };\n\n    const queryClient = new QueryClient();\n    render(\n      <QueryClientProvider client={queryClient}>\n        <CivicAuthProvider\n          clientId={clientId}\n          redirectUrl={redirectUri}\n          config={{\n            oauthServer: \"http://localhost:3001\",\n          }}\n        >\n          <MockOAuthComponent />\n        </CivicAuthProvider>\n      </QueryClientProvider>,\n    );\n\n    // Trigger the login button click, which initiates the OAuth flow\n    await act(async () => {\n      fireEvent.click(screen.getByText(\"Login\"));\n    });\n\n    // Confirm that the sdk set the window.location.href to the auth url\n    const url = new URL(window.location.href);\n    expect(url.origin + url.pathname).toEqual(\n      \"http://localhost:3001/oauth/auth\",\n    );\n    expect(url.searchParams.get(\"response_type\")).toEqual(\"code\");\n    expect(url.searchParams.get(\"client_id\")).toEqual(clientId);\n    expect(url.searchParams.get(\"redirect_uri\")).toEqual(redirectUri);\n    expect(url.searchParams.get(\"scope\")).toEqual(\"openid profile email\");\n    expect(url.searchParams.get(\"state\")).toBeTruthy(); // Ensure state is present\n    expect(url.searchParams.get(\"code_challenge\")).toBeTruthy(); // Ensure code_challenge is present\n    expect(url.searchParams.get(\"code_challenge_method\")).toEqual(\"S256\");\n    expect(screen.queryByTestId(\"session\")).not.toBeInTheDocument();\n  });\n\n  it(\"should initiate code exchange, validate tokens, and derive user from ID token\", async () => {\n    const queryClient = new QueryClient();\n    const redirectUri = \"http://localhost:3001/callback\";\n\n    // Mock ID token with user information\n    const mockIdToken = validTokens.idToken;\n    const mockAccessToken = validTokens.accessToken;\n\n    // Mock oslo token exchange\n    const mockTokens = {\n      access_token: mockAccessToken,\n      id_token: mockIdToken,\n      refresh_token: \"mock-refresh-token\",\n      expires_in: 3600,\n    };\n    vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue(\n      mockTokens,\n    );\n\n    // Prime storage and simulate redirect\n    await act(async () => {\n      localStorage.setItem(\n        \"civic-auth:test-client-id\",\n        JSON.stringify({\n          authenticated: false,\n          state: \"mock-state\",\n          codeVerifier: \"mock-code-verifier\",\n          displayMode: \"redirect\",\n        }),\n      );\n      window.location.pathname = \"test-pathName\";\n\n      // Configure window.location to simulate redirect\n      Object.defineProperty(window, \"location\", {\n        value: {\n          ...window.location,\n          origin: \"http://mock-origin\",\n        },\n        writable: true,\n      });\n      window.location.href = `${redirectUri}?code=test-code&state=mock-state`;\n\n      // Render the AuthProvider with the mock OAuth component\n      render(\n        <QueryClientProvider client={queryClient}>\n          <CivicAuthProvider\n            clientId={clientId}\n            redirectUrl={redirectUri}\n            config={{\n              oauthServer: \"http://localhost:3001\",\n            }}\n          >\n            <MockOAuthComponent />\n          </CivicAuthProvider>\n        </QueryClientProvider>,\n      );\n    });\n\n    expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith(\n      \"test-code\",\n      {\n        codeVerifier: \"mock-code-verifier\",\n      },\n    );\n\n    // Check that jose.jwtVerify was called for id_token validation\n    await waitFor(() => {\n      expect(jose.jwtVerify).toHaveBeenCalledWith(\n        mockIdToken,\n        expect.any(Object),\n        {\n          issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n          audience: clientId,\n        },\n      );\n    });\n\n    // Check that jose.jwtVerify was called for access_token validation\n    await waitFor(() => {\n      expect(jose.jwtVerify).toHaveBeenCalledWith(\n        mockAccessToken,\n        expect.any(Object),\n        {\n          issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n        },\n      );\n    });\n\n    // Check that the authenticated flag is set in the session\n    await waitFor(() => {\n      expect(screen.queryByTestId(\"session\")).toHaveTextContent(\n        \"Session authenticated:true\",\n      );\n    });\n\n    // Check that the user info derived from the ID token is displayed\n    await waitFor(() => {\n      expect(screen.queryByTestId(\"user-email\")).toHaveTextContent(\n        \"User:ghost@civic.com\",\n      );\n    });\n  });\n});\n"]}
+{"version":3,"file":"sdk.test.js","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EACL,MAAM,EACN,MAAM,EACN,GAAG,EACH,SAAS,EACT,OAAO,GACR,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,QAAQ,EACR,EAAE,EACF,MAAM,EACN,UAAU,EACV,EAAE,EACF,SAAS,GAEV,MAAM,QAAQ,CAAC;AAChB,OAAO,2BAA2B,CAAC;AACnC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,aAAa,MAAM,wBAAwB,CAAC,SAAS,IAAI,EAAE,MAAM,EAAE,CAAC;AAC3E,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,MAAM,WAAW,GAAG,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;AAC3D,iDAAiD;AACjD,MAAM,kBAAkB,GAAG,GAAG,EAAE;IAC9B,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,OAAO,EAAE,CAAC;IAC9C,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,EAAE,CAAC;IAE3B,MAAM,WAAW,GAAG,KAAK,IAAI,EAAE;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;YACzB,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,KAAK,CAAC,cAAc,CAAC,CAAC;QACxB,CAAC;IACH,CAAC,CAAC;IAEF,OAAO,CACL;QACE,gCAAQ,OAAO,EAAE,WAAW,YAAgB;QAC3C,IAAI,IAAI,CACP,0CAAe,YAAY;;YAExB,IAAI,CAAC,KAAK,CACT,CACL;QACA,eAAe,IAAI,CAClB,0CAAe,SAAS,iCAA+B,CACxD,CACG,CACP,CAAC;AACJ,CAAC,CAAC;AAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,IAAI,gBAA8B,CAAC;IACnC,IAAI,sBAAgC,CAAC;IAErC,IAAI,qBAEH,CAAC;IAEF,SAAS,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;IAE5B,qBAAqB,GAAG,EAAE;SACvB,KAAK,CAAC,QAAQ,EAAE,mBAAmB,CAAC;SACpC,iBAAiB,CAAC;QACjB,IAAI,EAAE,kCAAkC;QACxC,KAAK,EAAE,mCAAmC;QAC1C,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,sCAAsC;KACjD,CAAC,CAAC;IACL,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;QAC5B,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;QACrB,oBAAoB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;QACvD,aAAa,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;KACzC,CAAC,CAAC,CAAC;IAEJ,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACrB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;KAC5B,CAAC,CAAC,CAAC;IAEJ,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,YAAY,EAAE,CAAC;QAElB,6BAA6B;QAC7B,gBAAgB,GAAG;YACjB,sBAAsB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC/B,yBAAyB,EAAE,EAAE,CAAC,EAAE,EAAE;YAClC,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,QAAQ,EAAE,gBAAgB;SACA,CAAC;QAC7B,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,QAAQ,GAAG;YACf,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpD,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,eAAe,CAAC,QAAe,CAAC,CAAC;QACpE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC;YAC1C,OAAO,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE;YACzE,eAAe,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE;SACmB,CAAC,CAAC;QAExD,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC;QACzC,MAAM,CAAC,QAAQ,GAAG,EAAE,IAAI,EAAE,EAAE,EAAc,CAAC;QAC3C,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACvB,sCAAsC;QACtC,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,CAAC,QAAQ,GAAG,sBAAsB,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,gCAAgC,CAAC;QACrD,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CAClE,IAAI,GAAG,CACL,gEAAgE;YAC9D,QAAQ;YACR,gBAAgB;YAChB,kBAAkB,CAAC,WAAW,CAAC;YAC/B,gHAAgH,CACnH,CACF,CAAC;QAEF,MAAM,CAAC,QAAQ,GAAG;YAChB,GAAG,sBAAsB;YACzB,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,EAAE,CAAC,EAAE,EAAE;YAChB,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;SAChB,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,MAAM,CACJ,oBAAC,iBAAiB,IAChB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;oBACN,WAAW,EAAE,uBAAuB;iBACrC;gBAED,oBAAC,kBAAkB,OAAG,CACJ,CACrB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,qBAAqB,CAAC,CAAC,oBAAoB,CAChD,uBAAuB,CACxB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,iEAAiE;QACjE,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,oEAAoE;YACpE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,OAAO,CACvC,kCAAkC,CACnC,CAAC;YACF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YAC9D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC5D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YAClE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;YACtE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,0BAA0B;YAC9E,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,mCAAmC;YAChG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACtE,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAClE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+EAA+E,EAAE,KAAK,IAAI,EAAE;QAC7F,MAAM,WAAW,GAAG,gCAAgC,CAAC;QAErD,sCAAsC;QACtC,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC;QACxC,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,CAAC;QAEhD,2BAA2B;QAC3B,MAAM,UAAU,GAAG;YACjB,YAAY,EAAE,eAAe;YAC7B,QAAQ,EAAE,WAAW;YACrB,aAAa,EAAE,oBAAoB;YACnC,UAAU,EAAE,IAAI;SACjB,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,iBAAiB,CACrE,UAAU,CACX,CAAC;QAEF,sCAAsC;QACtC,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,EAAE,oBAAoB,CAAC,CAAC;YACrE,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,eAAe,CAAC;YAE3C,iDAAiD;YACjD,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,UAAU,EAAE;gBACxC,KAAK,EAAE;oBACL,GAAG,MAAM,CAAC,QAAQ;oBAClB,MAAM,EAAE,oBAAoB;iBAC7B;gBACD,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,WAAW,kCAAkC,CAAC;YAExE,wDAAwD;YACxD,MAAM,CACJ,oBAAC,iBAAiB,IAChB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;oBACN,WAAW,EAAE,uBAAuB;iBACrC;gBAED,oBAAC,kBAAkB,OAAG,CACJ,CACrB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,qBAAqB,CAAC,CAAC,oBAAoB,CAChD,uBAAuB,CACxB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,oBAAoB,CACrE,WAAW,EACX;gBACE,YAAY,EAAE,oBAAoB;aACnC,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,+DAA+D;QAC/D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,WAAW,EACX,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;gBAC3D,QAAQ,EAAE,QAAQ;aACnB,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,mEAAmE;QACnE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,eAAe,EACf,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;aAC5D,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,0DAA0D;QAC1D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CACvD,4BAA4B,CAC7B,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,kEAAkE;QAClE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,iBAAiB,CAC1D,sBAAsB,CACvB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import React from \"react\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { useAuth, useUser } from \"@/reactjs/hooks/index.js\";\nimport { CivicAuthProvider } from \"@/reactjs/providers/index.js\";\nimport {\n  render,\n  screen,\n  act,\n  fireEvent,\n  waitFor,\n} from \"@testing-library/react\";\nimport {\n  describe,\n  it,\n  expect,\n  beforeEach,\n  vi,\n  afterEach,\n  type MockInstance,\n} from \"vitest\";\nimport \"@testing-library/jest-dom\";\nimport * as jose from \"jose\";\nimport tokensFixture from \"../support/tokens.json\" assert { type: \"json\" };\nimport * as oauthLib from \"@/lib/oauth.js\";\nimport type { JWTVerifyResult, ResolvedKey } from \"jose\";\nimport type { Endpoints } from \"@/types.js\";\nimport { CodeVerifier } from \"@/shared/lib/types.js\";\n\nconst validTokens = { ...tokensFixture.local.validTokens };\n// Mock Component to test OAuth flow with useAuth\nconst MockOAuthComponent = () => {\n  const { signIn, isAuthenticated } = useAuth();\n  const { user } = useUser();\n\n  const handleLogin = async () => {\n    try {\n      await signIn(\"redirect\");\n      alert(\"Login Redirect Initiated\");\n    } catch {\n      alert(\"Login Failed\");\n    }\n  };\n\n  return (\n    <div>\n      <button onClick={handleLogin}>Login</button>\n      {user && (\n        <p data-testid=\"user-email\">\n          User:\n          {user.email}\n        </p>\n      )}\n      {isAuthenticated && (\n        <p data-testid=\"session\">Session authenticated:true</p>\n      )}\n    </div>\n  );\n};\n\ndescribe(\"OAuth login\", () => {\n  const clientId = \"test-client-id\";\n  let mockOAuth2Client: OAuth2Client;\n  let originalWindowLocation: Location;\n\n  let getOauthEndpointsMock: MockInstance<\n    (oauthServer: string) => Promise<Endpoints>\n  >;\n\n  afterEach(vi.clearAllMocks);\n\n  getOauthEndpointsMock = vi\n    .spyOn(oauthLib, \"getOauthEndpoints\")\n    .mockResolvedValue({\n      auth: \"http://localhost:3001/oauth/auth\",\n      token: \"http://localhost:3001/oauth/token\",\n      jwks: \"http://localhost:3001/oauth/jwks\",\n      userinfo: \"http://localhost:3001/oauth/userinfo\",\n    });\n  vi.mock(\"oslo/oauth2\", () => ({\n    OAuth2Client: vi.fn(),\n    generateCodeVerifier: vi.fn(() => \"mock-code-verifier\"),\n    generateState: vi.fn(() => \"mock-state\"),\n  }));\n\n  vi.mock(\"jose\", () => ({\n    jwtVerify: vi.fn(),\n    createRemoteJWKSet: vi.fn(),\n  }));\n\n  beforeEach(() => {\n    vi.clearAllMocks();\n    vi.resetModules();\n\n    // Setup mock implementations\n    mockOAuth2Client = {\n      createAuthorizationURL: vi.fn(),\n      validateAuthorizationCode: vi.fn(),\n      refreshAccessToken: vi.fn(),\n      clientId: \"test-client-id\",\n    } as unknown as OAuth2Client;\n    vi.mocked(OAuth2Client).mockImplementation(() => mockOAuth2Client);\n\n    // Setup jose mocks\n    const mockJWKS = {\n      getKey: vi.fn().mockResolvedValue({ alg: \"RS256\" }),\n    };\n    vi.mocked(jose.createRemoteJWKSet).mockReturnValue(mockJWKS as any);\n    vi.mocked(jose.jwtVerify).mockResolvedValue({\n      payload: { sub: \"user123\", name: \"Test User\", email: \"test@example.com\" },\n      protectedHeader: { alg: \"RS256\" },\n    } as unknown as JWTVerifyResult<unknown> & ResolvedKey);\n\n    originalWindowLocation = window.location;\n    window.location = { href: \"\" } as Location;\n    global.alert = vi.fn();\n    // Mock window.open to prevent errors.\n    vi.spyOn(window, \"open\").mockReturnValue(null);\n  });\n\n  afterEach(() => {\n    window.location = originalWindowLocation;\n  });\n\n  it(\"should set the correct auth url for login with redirect\", async () => {\n    const windowAssign = vi.fn();\n    const redirectUri = \"http://localhost:3001/callback\";\n    vi.mocked(mockOAuth2Client.createAuthorizationURL).mockResolvedValue(\n      new URL(\n        \"http://localhost:3001/oauth/auth?response_type=code&client_id=\" +\n          clientId +\n          \"&redirect_uri=\" +\n          encodeURIComponent(redirectUri) +\n          \"&scope=openid%20profile%20email&state=mock-state&code_challenge=mock-code-challenge&code_challenge_method=S256\",\n      ),\n    );\n\n    window.location = {\n      ...originalWindowLocation,\n      assign: windowAssign,\n      replace: vi.fn(),\n      reload: vi.fn(),\n    };\n\n    act(() => {\n      render(\n        <CivicAuthProvider\n          clientId={clientId}\n          redirectUrl={redirectUri}\n          config={{\n            oauthServer: \"http://localhost:3001\",\n          }}\n        >\n          <MockOAuthComponent />\n        </CivicAuthProvider>,\n      );\n    });\n\n    await waitFor(() => {\n      expect(getOauthEndpointsMock).toHaveBeenCalledWith(\n        \"http://localhost:3001\",\n      );\n    });\n\n    // Trigger the login button click, which initiates the OAuth flow\n    await act(async () => {\n      fireEvent.click(screen.getByText(\"Login\"));\n    });\n\n    await waitFor(() => {\n      // Confirm that the sdk set the window.location.href to the auth url\n      const url = new URL(window.location.href);\n      expect(url.origin + url.pathname).toEqual(\n        \"http://localhost:3001/oauth/auth\",\n      );\n      expect(url.searchParams.get(\"response_type\")).toEqual(\"code\");\n      expect(url.searchParams.get(\"client_id\")).toEqual(clientId);\n      expect(url.searchParams.get(\"redirect_uri\")).toEqual(redirectUri);\n      expect(url.searchParams.get(\"scope\")).toEqual(\"openid profile email\");\n      expect(url.searchParams.get(\"state\")).toBeTruthy(); // Ensure state is present\n      expect(url.searchParams.get(\"code_challenge\")).toBeTruthy(); // Ensure code_challenge is present\n      expect(url.searchParams.get(\"code_challenge_method\")).toEqual(\"S256\");\n      expect(screen.queryByTestId(\"session\")).not.toBeInTheDocument();\n    });\n  });\n\n  it(\"should initiate code exchange, validate tokens, and derive user from ID token\", async () => {\n    const redirectUri = \"http://localhost:3001/callback\";\n\n    // Mock ID token with user information\n    const mockIdToken = validTokens.idToken;\n    const mockAccessToken = validTokens.accessToken;\n\n    // Mock oslo token exchange\n    const mockTokens = {\n      access_token: mockAccessToken,\n      id_token: mockIdToken,\n      refresh_token: \"mock-refresh-token\",\n      expires_in: 3600,\n    };\n    vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue(\n      mockTokens,\n    );\n\n    // Prime storage and simulate redirect\n    await act(async () => {\n      localStorage.setItem(CodeVerifier.COOKIE_NAME, \"mock-code-verifier\");\n      window.location.pathname = \"test-pathName\";\n\n      // Configure window.location to simulate redirect\n      Object.defineProperty(window, \"location\", {\n        value: {\n          ...window.location,\n          origin: \"http://mock-origin\",\n        },\n        writable: true,\n      });\n      window.location.href = `${redirectUri}?code=test-code&state=mock-state`;\n\n      // Render the AuthProvider with the mock OAuth component\n      render(\n        <CivicAuthProvider\n          clientId={clientId}\n          redirectUrl={redirectUri}\n          config={{\n            oauthServer: \"http://localhost:3001\",\n          }}\n        >\n          <MockOAuthComponent />\n        </CivicAuthProvider>,\n      );\n    });\n\n    await waitFor(() => {\n      expect(getOauthEndpointsMock).toHaveBeenCalledWith(\n        \"http://localhost:3001\",\n      );\n    });\n\n    await waitFor(() => {\n      expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith(\n        \"test-code\",\n        {\n          codeVerifier: \"mock-code-verifier\",\n        },\n      );\n    });\n\n    // Check that jose.jwtVerify was called for id_token validation\n    await waitFor(() => {\n      expect(jose.jwtVerify).toHaveBeenCalledWith(\n        mockIdToken,\n        expect.any(Object),\n        {\n          issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n          audience: clientId,\n        },\n      );\n    });\n\n    // Check that jose.jwtVerify was called for access_token validation\n    await waitFor(() => {\n      expect(jose.jwtVerify).toHaveBeenCalledWith(\n        mockAccessToken,\n        expect.any(Object),\n        {\n          issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n        },\n      );\n    });\n\n    // Check that the authenticated flag is set in the session\n    await waitFor(() => {\n      expect(screen.queryByTestId(\"session\")).toHaveTextContent(\n        \"Session authenticated:true\",\n      );\n    });\n\n    // Check that the user info derived from the ID token is displayed\n    await waitFor(() => {\n      expect(screen.queryByTestId(\"user-email\")).toHaveTextContent(\n        \"User:ghost@civic.com\",\n      );\n    });\n  });\n});\n"]}

package/dist/test/unit/nextjs/NextAuthProvider.test.js

@@ -1,4 +1,4 @@
-import { render } from "@testing-library/react";
+import { act, render } from "@testing-library/react";
 import { describe, it, vi, expect } from "vitest";
 import { CivicNextAuthProvider } from "@/nextjs/providers/NextAuthProvider.js";
 import { resolveAuthConfig } from "@/nextjs/config.js";
@@ -13,15 +13,17 @@ vi.mock("@/nextjs/config.js", () => ({
     })),
 }));
 vi.mock("@/nextjs/hooks/useUserCookie", () => ({
-    useUserCookie: vi.fn(),
-}));
-vi.mock("@/nextjs/hooks/useTokenCookie", () => ({
-    useTokenCookie: vi.fn(),
+    useUserCookie: vi.fn().mockReturnValue({
+        user: {},
+        idToken: "",
+    }),
 }));
 describe("CivicNextAuthProvider", () => {
     it("should call resolveAuthConfig with no arguments", () => {
         const children = React.createElement("div", null, "Test Content");
-        render(React.createElement(CivicNextAuthProvider, null, children));
+        act(() => {
+            render(React.createElement(CivicNextAuthProvider, null, children));
+        });
         // The Next implementation should take all config from the next.config.js file, no config taken from provider props.
         expect(resolveAuthConfig).toHaveBeenCalledWith();
     });

package/dist/test/unit/nextjs/NextAuthProvider.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"NextAuthProvider.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/NextAuthProvider.test.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,GAAG,EAAE,CAAC,CAAC;IACnC,iBAAiB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QAC9B,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,qBAAqB;QAClC,WAAW,EAAE,8BAA8B;QAC3C,YAAY,EAAE,+BAA+B;QAC7C,SAAS,EAAE,4BAA4B;KACxC,CAAC,CAAC;CACJ,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,8BAA8B,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE;CACvB,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,+BAA+B,EAAE,GAAG,EAAE,CAAC,CAAC;IAC9C,cAAc,EAAE,EAAE,CAAC,EAAE,EAAE;CACxB,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,QAAQ,GAAG,gDAAuB,CAAC;QAEzC,MAAM,CACJ,oBAAC,qBAAqB,QACnB,QAAQ,CACa,CACzB,CAAC;QAEF,oHAAoH;QACpH,MAAM,CAAC,iBAAiB,CAAC,CAAC,oBAAoB,EAAE,CAAC;IACnD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { render } from \"@testing-library/react\";\nimport { describe, it, vi, expect } from \"vitest\";\nimport { CivicNextAuthProvider } from \"@/nextjs/providers/NextAuthProvider.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport React from \"react\";\n\nvi.mock(\"@/nextjs/config.js\", () => ({\n  resolveAuthConfig: vi.fn(() => ({\n    clientId: \"test-client-id\",\n    oauthServer: \"https://example.com\",\n    callbackUrl: \"https://example.com/callback\",\n    challengeUrl: \"https://example.com/challenge\",\n    logoutUrl: \"https://example.com/logout\",\n  })),\n}));\n\nvi.mock(\"@/nextjs/hooks/useUserCookie\", () => ({\n  useUserCookie: vi.fn(),\n}));\n\nvi.mock(\"@/nextjs/hooks/useTokenCookie\", () => ({\n  useTokenCookie: vi.fn(),\n}));\n\ndescribe(\"CivicNextAuthProvider\", () => {\n  it(\"should call resolveAuthConfig with no arguments\", () => {\n    const children = <div>Test Content</div>;\n\n    render(\n      <CivicNextAuthProvider>\n        {children}\n      </CivicNextAuthProvider>\n    );\n\n    // The Next implementation should take all config from the next.config.js file, no config taken from provider props.\n    expect(resolveAuthConfig).toHaveBeenCalledWith();\n  });\n});"]}
+{"version":3,"file":"NextAuthProvider.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/NextAuthProvider.test.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,GAAG,EAAE,CAAC,CAAC;IACnC,iBAAiB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QAC9B,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,qBAAqB;QAClC,WAAW,EAAE,8BAA8B;QAC3C,YAAY,EAAE,+BAA+B;QAC7C,SAAS,EAAE,4BAA4B;KACxC,CAAC,CAAC;CACJ,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,8BAA8B,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC;QACrC,IAAI,EAAE,EAAE;QACR,OAAO,EAAE,EAAE;KACZ,CAAC;CACH,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,QAAQ,GAAG,gDAAuB,CAAC;QAEzC,GAAG,CAAC,GAAG,EAAE;YACP,MAAM,CAAC,oBAAC,qBAAqB,QAAE,QAAQ,CAAyB,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;QAEH,oHAAoH;QACpH,MAAM,CAAC,iBAAiB,CAAC,CAAC,oBAAoB,EAAE,CAAC;IACnD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { act, render } from \"@testing-library/react\";\nimport { describe, it, vi, expect } from \"vitest\";\nimport { CivicNextAuthProvider } from \"@/nextjs/providers/NextAuthProvider.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport React from \"react\";\n\nvi.mock(\"@/nextjs/config.js\", () => ({\n  resolveAuthConfig: vi.fn(() => ({\n    clientId: \"test-client-id\",\n    oauthServer: \"https://example.com\",\n    callbackUrl: \"https://example.com/callback\",\n    challengeUrl: \"https://example.com/challenge\",\n    logoutUrl: \"https://example.com/logout\",\n  })),\n}));\n\nvi.mock(\"@/nextjs/hooks/useUserCookie\", () => ({\n  useUserCookie: vi.fn().mockReturnValue({\n    user: {},\n    idToken: \"\",\n  }),\n}));\n\ndescribe(\"CivicNextAuthProvider\", () => {\n  it(\"should call resolveAuthConfig with no arguments\", () => {\n    const children = <div>Test Content</div>;\n\n    act(() => {\n      render(<CivicNextAuthProvider>{children}</CivicNextAuthProvider>);\n    });\n\n    // The Next implementation should take all config from the next.config.js file, no config taken from provider props.\n    expect(resolveAuthConfig).toHaveBeenCalledWith();\n  });\n});\n"]}

package/dist/test/unit/nextjs/getUser.test.js

@@ -2,31 +2,17 @@ import { describe, it, expect, beforeEach, vi } from "vitest";
 import { GenericUserSession } from "@/shared/lib/UserSession.js";
 import { getUser } from "@/nextjs/index.js";
 import { NextjsClientStorage } from "@/nextjs/cookies.js";
+import * as session from "@/shared/lib/session.js";
 const mockUser = {
     id: "user123",
     name: "John Doe",
     email: "john@example.com",
     picture: "https://example.com/john.jpg",
-    idToken: "test-id-token",
-    accessToken: "test-access-token",
-    refreshToken: "test-refresh-token",
 };
 describe("getUser", () => {
     beforeEach(() => {
         vi.clearAllMocks();
-        vi.spyOn(GenericUserSession.prototype, "get").mockResolvedValue(mockUser);
-        vi.spyOn(NextjsClientStorage.prototype, "get").mockImplementation(async (cookieName) => {
-            switch (cookieName) {
-                case "access_token":
-                    return Promise.resolve("test-access-token");
-                case "id_token":
-                    return Promise.resolve("test-id-token");
-                case "refresh_token":
-                    return Promise.resolve("test-refresh-token");
-                default:
-                    return Promise.resolve(null);
-            }
-        });
+        vi.spyOn(session, "getUser").mockResolvedValue(mockUser);
     });
     it("should get the user from session", async () => {
         const user = await getUser();

package/dist/test/unit/nextjs/getUser.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"getUser.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/getUser.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAEjE,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAE1D,MAAM,QAAQ,GAAS;IACrB,EAAE,EAAE,SAAS;IACb,IAAI,EAAE,UAAU;IAChB,KAAK,EAAE,kBAAkB;IACzB,OAAO,EAAE,8BAA8B;IACvC,OAAO,EAAE,eAAe;IACxB,WAAW,EAAE,mBAAmB;IAChC,YAAY,EAAE,oBAAoB;CAChB,CAAC;AAErB,QAAQ,CAAC,SAAS,EAAE,GAAG,EAAE;IACvB,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC1E,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,kBAAkB,CAC/D,KAAK,EAAE,UAAkB,EAAE,EAAE;YAC3B,QAAQ,UAAU,EAAE,CAAC;gBACnB,KAAK,cAAc;oBACjB,OAAO,OAAO,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;gBAC9C,KAAK,UAAU;oBACb,OAAO,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;gBAC1C,KAAK,eAAe;oBAClB,OAAO,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;gBAC/C;oBACE,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACjC,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,IAAI,GAAG,MAAM,OAAO,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, beforeEach, vi } from \"vitest\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport type { User } from \"@/types.ts\";\nimport { getUser } from \"@/nextjs/index.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\n\nconst mockUser: User = {\n  id: \"user123\",\n  name: \"John Doe\",\n  email: \"john@example.com\",\n  picture: \"https://example.com/john.jpg\",\n  idToken: \"test-id-token\",\n  accessToken: \"test-access-token\",\n  refreshToken: \"test-refresh-token\",\n} as unknown as User;\n\ndescribe(\"getUser\", () => {\n  beforeEach(() => {\n    vi.clearAllMocks();\n    vi.spyOn(GenericUserSession.prototype, \"get\").mockResolvedValue(mockUser);\n    vi.spyOn(NextjsClientStorage.prototype, \"get\").mockImplementation(\n      async (cookieName: string) => {\n        switch (cookieName) {\n          case \"access_token\":\n            return Promise.resolve(\"test-access-token\");\n          case \"id_token\":\n            return Promise.resolve(\"test-id-token\");\n          case \"refresh_token\":\n            return Promise.resolve(\"test-refresh-token\");\n          default:\n            return Promise.resolve(null);\n        }\n      },\n    );\n  });\n\n  it(\"should get the user from session\", async () => {\n    const user = await getUser();\n    expect(user).toEqual(mockUser);\n  });\n});\n"]}
+{"version":3,"file":"getUser.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/getUser.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAEjE,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,KAAK,OAAO,MAAM,yBAAyB,CAAC;AAEnD,MAAM,QAAQ,GAAS;IACrB,EAAE,EAAE,SAAS;IACb,IAAI,EAAE,UAAU;IAChB,KAAK,EAAE,kBAAkB;IACzB,OAAO,EAAE,8BAA8B;CACrB,CAAC;AAErB,QAAQ,CAAC,SAAS,EAAE,GAAG,EAAE;IACvB,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,IAAI,GAAG,MAAM,OAAO,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, beforeEach, vi } from \"vitest\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport type { User } from \"@/types.ts\";\nimport { getUser } from \"@/nextjs/index.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\nimport * as session from \"@/shared/lib/session.js\";\n\nconst mockUser: User = {\n  id: \"user123\",\n  name: \"John Doe\",\n  email: \"john@example.com\",\n  picture: \"https://example.com/john.jpg\",\n} as unknown as User;\n\ndescribe(\"getUser\", () => {\n  beforeEach(() => {\n    vi.clearAllMocks();\n    vi.spyOn(session, \"getUser\").mockResolvedValue(mockUser);\n  });\n\n  it(\"should get the user from session\", async () => {\n    const user = await getUser();\n    expect(user).toEqual(mockUser);\n  });\n});\n"]}

package/dist/test/unit/server/refresh.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"refresh.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/server/refresh.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/services/AuthenticationService.test.js

@@ -1,8 +1,14 @@
-import { describe, it, expect, vi, beforeEach } from "vitest";
+import { describe, it, expect, vi, beforeEach, } from "vitest";
 import { BrowserAuthenticationInitiator, BrowserAuthenticationService, GenericAuthenticationInitiator, } from "@/services/AuthenticationService.js";
 import { generateOauthLoginUrl, generateOauthLogoutUrl, exchangeTokens, retrieveTokens, storeTokens, } from "@/shared/lib/util.js";
+import { getUser } from "@/shared/lib/session.js";
 import { LocalStorageAdapter } from "@/browser/storage.js";
 import { BrowserPublicClientPKCEProducer } from "@/services/PKCE.js";
+import { GenericUserSession } from "@/shared/lib/UserSession.js";
+const mockUser = {
+    id: "mockUserId",
+    email: "user@example.com",
+};
 vi.mock("@/shared/lib/util.js", () => ({
     getEndpointsWithOverrides: async () => ({
         auth: "auth-endpoint",
@@ -15,6 +21,9 @@ vi.mock("@/shared/lib/util.js", () => ({
     clearTokens: vi.fn(),
     clearUser: vi.fn(),
 }));
+vi.mock("@/shared/lib/session.js", () => ({
+    getUser: vi.fn(),
+}));
 vi.mock("@/browser/storage");
 vi.mock("@/services/PKCE.js");
 describe("Authentication Services", () => {
@@ -73,20 +82,28 @@ describe("Authentication Services", () => {
             access_token: "mockAccessToken",
             refresh_token: "mockRefreshToken",
         };
+        let setUserSpy;
         beforeEach(async () => {
             service = await BrowserAuthenticationService.build({
                 ...mockConfig,
             });
             vi.mocked(exchangeTokens).mockResolvedValue(mockTokens);
             vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);
+            vi.mocked(getUser).mockResolvedValue(mockUser);
+            setUserSpy = vi.spyOn(GenericUserSession.prototype, "set");
+            setUserSpy.mockResolvedValue();
         });
         it("should exchange auth code for tokens and store them", async () => {
+            const signInListenerSpy = vi.fn();
+            LocalStorageAdapter.emitter.on("signIn", signInListenerSpy);
             const code = "mockCode";
             const state = "mockState";
             vi.mocked(BrowserPublicClientPKCEProducer.prototype.getCodeVerifier).mockResolvedValue("dummy-verifier");
             const tokens = await service.tokenExchange(code, state);
             expect(storeTokens).toHaveBeenCalledWith(expect.any(LocalStorageAdapter), mockTokens);
+            expect(setUserSpy).toHaveBeenCalledWith(mockUser);
             expect(tokens).toEqual(mockTokens);
+            expect(signInListenerSpy).toHaveBeenCalled();
         });
         it("should retrieve session data from local storage", async () => {
             const sessionData = {

package/dist/test/unit/services/AuthenticationService.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthenticationService.test.js","sourceRoot":"","sources":["../../../../test/unit/services/AuthenticationService.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EACL,8BAA8B,EAC9B,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,cAAc,EACd,cAAc,EACd,WAAW,GACZ,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AAIrE,EAAE,CAAC,IAAI,CAAC,sBAAsB,EAAE,GAAG,EAAE,CAAC,CAAC;IACrC,yBAAyB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QACtC,IAAI,EAAE,eAAe;KACtB,CAAC;IACF,cAAc,EAAE,EAAE,CAAC,EAAE,EAAE;IACvB,cAAc,EAAE,EAAE,CAAC,EAAE,EAAE;IACvB,WAAW,EAAE,EAAE,CAAC,EAAE,EAAE;IACpB,qBAAqB,EAAE,EAAE,CAAC,EAAE,EAAE;IAC9B,sBAAsB,EAAE,EAAE,CAAC,EAAE,EAAE;IAC/B,WAAW,EAAE,EAAE,CAAC,EAAE,EAAE;IACpB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;CACnB,CAAC,CAAC,CAAC;AACJ,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAC7B,EAAE,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;AAE9B,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,MAAM,UAAU,GAAG;QACjB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,2BAA2B;QACxC,KAAK,EAAE,WAAW;QAClB,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC;QAC7B,WAAW,EAAE,UAAmB;QAChC,WAAW,EAAE,wBAAwB;KACtC,CAAC;IAEF,QAAQ,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;YAC3C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,iBAAiB,CAChD,IAAI,GAAG,CAAC,qBAAqB,CAAC,CAC/B,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,EAAuB,CAAC,CAAC;YAE5D,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC5C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CACjD,IAAI,GAAG,CAAC,sBAAsB,CAAC,CAChC,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;YAEtC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;YAC3C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,iBAAiB,CAChD,IAAI,GAAG,CAAC,qBAAqB,CAAC,CAC/B,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,EAAE,CAAC;YAErC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC5C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CACjD,IAAI,GAAG,CAAC,sBAAsB,CAAC,CAChC,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;YAEtC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,IAAI,OAA+B,CAAC;QACpC,MAAM,UAAU,GAA0B;YACxC,QAAQ,EAAE,aAAa;YACvB,YAAY,EAAE,iBAAiB;YAC/B,aAAa,EAAE,kBAAkB;SAClC,CAAC;QAEF,UAAU,CAAC,KAAK,IAAI,EAAE;YACpB,OAAO,GAAG,MAAM,4BAA4B,CAAC,KAAK,CAAC;gBACjD,GAAG,UAAU;aACd,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YACxD,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;YACnE,MAAM,IAAI,GAAG,UAAU,CAAC;YACxB,MAAM,KAAK,GAAG,WAAW,CAAC;YAE1B,EAAE,CAAC,MAAM,CACP,+BAA+B,CAAC,SAAS,CAAC,eAAe,CAC1D,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;YAEtC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAExD,MAAM,CAAC,WAAW,CAAC,CAAC,oBAAoB,CACtC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAC/B,UAAU,CACX,CAAC;YACF,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;YAC/D,MAAM,WAAW,GAAgB;gBAC/B,aAAa,EAAE,IAAI;gBACnB,OAAO,EAAE,UAAU,CAAC,QAAQ;gBAC5B,WAAW,EAAE,UAAU,CAAC,YAAY;gBACpC,YAAY,EAAE,UAAU,CAAC,aAAa;aACvC,CAAC;YACF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC;YAE9C,MAAM,CAAC,cAAc,CAAC,CAAC,oBAAoB,CACzC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAChC,CAAC;YACF,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, vi, beforeEach } from \"vitest\";\nimport {\n  BrowserAuthenticationInitiator,\n  BrowserAuthenticationService,\n  GenericAuthenticationInitiator,\n} from \"@/services/AuthenticationService.js\";\nimport {\n  generateOauthLoginUrl,\n  generateOauthLogoutUrl,\n  exchangeTokens,\n  retrieveTokens,\n  storeTokens,\n} from \"@/shared/lib/util.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport type { OIDCTokenResponseBody, SessionData } from \"@/types.js\";\nimport type { AuthenticationResolver, PKCEConsumer } from \"@/services/types.js\";\n\nvi.mock(\"@/shared/lib/util.js\", () => ({\n  getEndpointsWithOverrides: async () => ({\n    auth: \"auth-endpoint\",\n  }),\n  exchangeTokens: vi.fn(),\n  retrieveTokens: vi.fn(),\n  storeTokens: vi.fn(),\n  generateOauthLoginUrl: vi.fn(),\n  generateOauthLogoutUrl: vi.fn(),\n  clearTokens: vi.fn(),\n  clearUser: vi.fn(),\n}));\nvi.mock(\"@/browser/storage\");\nvi.mock(\"@/services/PKCE.js\");\n\ndescribe(\"Authentication Services\", () => {\n  const mockConfig = {\n    clientId: \"mockClientId\",\n    redirectUrl: \"http://localhost/redirect\",\n    state: \"mockState\",\n    scopes: [\"openid\", \"profile\"],\n    displayMode: \"redirect\" as const,\n    oauthServer: \"http://mockOauthServer\",\n  };\n\n  describe(\"BrowserAuthenticationInitiator\", () => {\n    it(\"should generate a login URL\", async () => {\n      const initiator = new BrowserAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLoginUrl).mockResolvedValue(\n        new URL(\"http://mockLoginUrl\"),\n      );\n\n      const url = await initiator.signIn({} as HTMLIFrameElement);\n\n      expect(url.toString()).toBe(\"http://mockloginurl/\");\n    });\n\n    it(\"should generate a logout URL\", async () => {\n      const initiator = new BrowserAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLogoutUrl).mockResolvedValue(\n        new URL(\"http://mocklogouturl\"),\n      );\n\n      const url = await initiator.signOut();\n\n      expect(url.toString()).toBe(\"http://mocklogouturl/\");\n    });\n  });\n\n  describe(\"GenericAuthenticationInitiator\", () => {\n    it(\"should generate a login URL\", async () => {\n      const initiator = new GenericAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLoginUrl).mockResolvedValue(\n        new URL(\"http://mockloginurl\"),\n      );\n\n      const url = await initiator.signIn();\n\n      expect(url.toString()).toBe(\"http://mockloginurl/\");\n    });\n\n    it(\"should generate a logout URL\", async () => {\n      const initiator = new GenericAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLogoutUrl).mockResolvedValue(\n        new URL(\"http://mocklogouturl\"),\n      );\n\n      const url = await initiator.signOut();\n\n      expect(url.toString()).toBe(\"http://mocklogouturl/\");\n    });\n  });\n\n  describe(\"BrowserAuthenticationService\", () => {\n    let service: AuthenticationResolver;\n    const mockTokens: OIDCTokenResponseBody = {\n      id_token: \"mockIdToken\",\n      access_token: \"mockAccessToken\",\n      refresh_token: \"mockRefreshToken\",\n    };\n\n    beforeEach(async () => {\n      service = await BrowserAuthenticationService.build({\n        ...mockConfig,\n      });\n      vi.mocked(exchangeTokens).mockResolvedValue(mockTokens);\n      vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);\n    });\n\n    it(\"should exchange auth code for tokens and store them\", async () => {\n      const code = \"mockCode\";\n      const state = \"mockState\";\n\n      vi.mocked(\n        BrowserPublicClientPKCEProducer.prototype.getCodeVerifier,\n      ).mockResolvedValue(\"dummy-verifier\");\n\n      const tokens = await service.tokenExchange(code, state);\n\n      expect(storeTokens).toHaveBeenCalledWith(\n        expect.any(LocalStorageAdapter),\n        mockTokens,\n      );\n      expect(tokens).toEqual(mockTokens);\n    });\n\n    it(\"should retrieve session data from local storage\", async () => {\n      const sessionData: SessionData = {\n        authenticated: true,\n        idToken: mockTokens.id_token,\n        accessToken: mockTokens.access_token,\n        refreshToken: mockTokens.refresh_token,\n      };\n      const result = await service.getSessionData();\n\n      expect(retrieveTokens).toHaveBeenCalledWith(\n        expect.any(LocalStorageAdapter),\n      );\n      expect(result).toEqual(sessionData);\n    });\n  });\n});\n"]}
+{"version":3,"file":"AuthenticationService.test.js","sourceRoot":"","sources":["../../../../test/unit/services/AuthenticationService.test.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EACR,EAAE,EACF,MAAM,EACN,EAAE,EACF,UAAU,GAEX,MAAM,QAAQ,CAAC;AAChB,OAAO,EACL,8BAA8B,EAC9B,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,cAAc,EACd,cAAc,EACd,WAAW,GACZ,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AAGrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAEjE,MAAM,QAAQ,GAAS;IACrB,EAAE,EAAE,YAAY;IAChB,KAAK,EAAE,kBAAkB;CAClB,CAAC;AAEV,EAAE,CAAC,IAAI,CAAC,sBAAsB,EAAE,GAAG,EAAE,CAAC,CAAC;IACrC,yBAAyB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QACtC,IAAI,EAAE,eAAe;KACtB,CAAC;IACF,cAAc,EAAE,EAAE,CAAC,EAAE,EAAE;IACvB,cAAc,EAAE,EAAE,CAAC,EAAE,EAAE;IACvB,WAAW,EAAE,EAAE,CAAC,EAAE,EAAE;IACpB,qBAAqB,EAAE,EAAE,CAAC,EAAE,EAAE;IAC9B,sBAAsB,EAAE,EAAE,CAAC,EAAE,EAAE;IAC/B,WAAW,EAAE,EAAE,CAAC,EAAE,EAAE;IACpB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;CACnB,CAAC,CAAC,CAAC;AACJ,EAAE,CAAC,IAAI,CAAC,yBAAyB,EAAE,GAAG,EAAE,CAAC,CAAC;IACxC,OAAO,EAAE,EAAE,CAAC,EAAE,EAAE;CACjB,CAAC,CAAC,CAAC;AACJ,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAC7B,EAAE,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;AAE9B,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,MAAM,UAAU,GAAG;QACjB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,2BAA2B;QACxC,KAAK,EAAE,WAAW;QAClB,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC;QAC7B,WAAW,EAAE,UAAmB;QAChC,WAAW,EAAE,wBAAwB;KACtC,CAAC;IAEF,QAAQ,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;YAC3C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,iBAAiB,CAChD,IAAI,GAAG,CAAC,qBAAqB,CAAC,CAC/B,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,EAAuB,CAAC,CAAC;YAE5D,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC5C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CACjD,IAAI,GAAG,CAAC,sBAAsB,CAAC,CAChC,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;YAEtC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;YAC3C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,iBAAiB,CAChD,IAAI,GAAG,CAAC,qBAAqB,CAAC,CAC/B,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,EAAE,CAAC;YAErC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC5C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAAC;gBACnD,GAAG,UAAU;gBACb,YAAY,EAAE,EAAkB;aACjC,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CACjD,IAAI,GAAG,CAAC,sBAAsB,CAAC,CAChC,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;YAEtC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,IAAI,OAA+B,CAAC;QACpC,MAAM,UAAU,GAA0B;YACxC,QAAQ,EAAE,aAAa;YACvB,YAAY,EAAE,iBAAiB;YAC/B,aAAa,EAAE,kBAAkB;SAClC,CAAC;QAEF,IAAI,UAA8D,CAAC;QACnE,UAAU,CAAC,KAAK,IAAI,EAAE;YACpB,OAAO,GAAG,MAAM,4BAA4B,CAAC,KAAK,CAAC;gBACjD,GAAG,UAAU;aACd,CAAC,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YACxD,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YACxD,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAE/C,UAAU,GAAG,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAC3D,UAAU,CAAC,iBAAiB,EAAE,CAAC;QACjC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;YACnE,MAAM,iBAAiB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;YAC5D,MAAM,IAAI,GAAG,UAAU,CAAC;YACxB,MAAM,KAAK,GAAG,WAAW,CAAC;YAE1B,EAAE,CAAC,MAAM,CACP,+BAA+B,CAAC,SAAS,CAAC,eAAe,CAC1D,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;YAEtC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAExD,MAAM,CAAC,WAAW,CAAC,CAAC,oBAAoB,CACtC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAC/B,UAAU,CACX,CAAC;YACF,MAAM,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YAClD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YACnC,MAAM,CAAC,iBAAiB,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;YAC/D,MAAM,WAAW,GAAgB;gBAC/B,aAAa,EAAE,IAAI;gBACnB,OAAO,EAAE,UAAU,CAAC,QAAQ;gBAC5B,WAAW,EAAE,UAAU,CAAC,YAAY;gBACpC,YAAY,EAAE,UAAU,CAAC,aAAa;aACvC,CAAC;YACF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC;YAE9C,MAAM,CAAC,cAAc,CAAC,CAAC,oBAAoB,CACzC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAChC,CAAC;YACF,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import {\n  describe,\n  it,\n  expect,\n  vi,\n  beforeEach,\n  type MockInstance,\n} from \"vitest\";\nimport {\n  BrowserAuthenticationInitiator,\n  BrowserAuthenticationService,\n  GenericAuthenticationInitiator,\n} from \"@/services/AuthenticationService.js\";\nimport {\n  generateOauthLoginUrl,\n  generateOauthLogoutUrl,\n  exchangeTokens,\n  retrieveTokens,\n  storeTokens,\n} from \"@/shared/lib/util.js\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport type { OIDCTokenResponseBody, SessionData, User } from \"@/types.js\";\nimport type { AuthenticationResolver, PKCEConsumer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\n\nconst mockUser: User = {\n  id: \"mockUserId\",\n  email: \"user@example.com\",\n} as User;\n\nvi.mock(\"@/shared/lib/util.js\", () => ({\n  getEndpointsWithOverrides: async () => ({\n    auth: \"auth-endpoint\",\n  }),\n  exchangeTokens: vi.fn(),\n  retrieveTokens: vi.fn(),\n  storeTokens: vi.fn(),\n  generateOauthLoginUrl: vi.fn(),\n  generateOauthLogoutUrl: vi.fn(),\n  clearTokens: vi.fn(),\n  clearUser: vi.fn(),\n}));\nvi.mock(\"@/shared/lib/session.js\", () => ({\n  getUser: vi.fn(),\n}));\nvi.mock(\"@/browser/storage\");\nvi.mock(\"@/services/PKCE.js\");\n\ndescribe(\"Authentication Services\", () => {\n  const mockConfig = {\n    clientId: \"mockClientId\",\n    redirectUrl: \"http://localhost/redirect\",\n    state: \"mockState\",\n    scopes: [\"openid\", \"profile\"],\n    displayMode: \"redirect\" as const,\n    oauthServer: \"http://mockOauthServer\",\n  };\n\n  describe(\"BrowserAuthenticationInitiator\", () => {\n    it(\"should generate a login URL\", async () => {\n      const initiator = new BrowserAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLoginUrl).mockResolvedValue(\n        new URL(\"http://mockLoginUrl\"),\n      );\n\n      const url = await initiator.signIn({} as HTMLIFrameElement);\n\n      expect(url.toString()).toBe(\"http://mockloginurl/\");\n    });\n\n    it(\"should generate a logout URL\", async () => {\n      const initiator = new BrowserAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLogoutUrl).mockResolvedValue(\n        new URL(\"http://mocklogouturl\"),\n      );\n\n      const url = await initiator.signOut();\n\n      expect(url.toString()).toBe(\"http://mocklogouturl/\");\n    });\n  });\n\n  describe(\"GenericAuthenticationInitiator\", () => {\n    it(\"should generate a login URL\", async () => {\n      const initiator = new GenericAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLoginUrl).mockResolvedValue(\n        new URL(\"http://mockloginurl\"),\n      );\n\n      const url = await initiator.signIn();\n\n      expect(url.toString()).toBe(\"http://mockloginurl/\");\n    });\n\n    it(\"should generate a logout URL\", async () => {\n      const initiator = new GenericAuthenticationInitiator({\n        ...mockConfig,\n        pkceConsumer: {} as PKCEConsumer,\n      });\n      vi.mocked(generateOauthLogoutUrl).mockResolvedValue(\n        new URL(\"http://mocklogouturl\"),\n      );\n\n      const url = await initiator.signOut();\n\n      expect(url.toString()).toBe(\"http://mocklogouturl/\");\n    });\n  });\n\n  describe(\"BrowserAuthenticationService\", () => {\n    let service: AuthenticationResolver;\n    const mockTokens: OIDCTokenResponseBody = {\n      id_token: \"mockIdToken\",\n      access_token: \"mockAccessToken\",\n      refresh_token: \"mockRefreshToken\",\n    };\n\n    let setUserSpy: MockInstance<(user: User | null) => Promise<void>>;\n    beforeEach(async () => {\n      service = await BrowserAuthenticationService.build({\n        ...mockConfig,\n      });\n      vi.mocked(exchangeTokens).mockResolvedValue(mockTokens);\n      vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);\n      vi.mocked(getUser).mockResolvedValue(mockUser);\n\n      setUserSpy = vi.spyOn(GenericUserSession.prototype, \"set\");\n      setUserSpy.mockResolvedValue();\n    });\n\n    it(\"should exchange auth code for tokens and store them\", async () => {\n      const signInListenerSpy = vi.fn();\n      LocalStorageAdapter.emitter.on(\"signIn\", signInListenerSpy);\n      const code = \"mockCode\";\n      const state = \"mockState\";\n\n      vi.mocked(\n        BrowserPublicClientPKCEProducer.prototype.getCodeVerifier,\n      ).mockResolvedValue(\"dummy-verifier\");\n\n      const tokens = await service.tokenExchange(code, state);\n\n      expect(storeTokens).toHaveBeenCalledWith(\n        expect.any(LocalStorageAdapter),\n        mockTokens,\n      );\n      expect(setUserSpy).toHaveBeenCalledWith(mockUser);\n      expect(tokens).toEqual(mockTokens);\n      expect(signInListenerSpy).toHaveBeenCalled();\n    });\n\n    it(\"should retrieve session data from local storage\", async () => {\n      const sessionData: SessionData = {\n        authenticated: true,\n        idToken: mockTokens.id_token,\n        accessToken: mockTokens.access_token,\n        refreshToken: mockTokens.refresh_token,\n      };\n      const result = await service.getSessionData();\n\n      expect(retrieveTokens).toHaveBeenCalledWith(\n        expect.any(LocalStorageAdapter),\n      );\n      expect(result).toEqual(sessionData);\n    });\n  });\n});\n"]}

package/dist/test/unit/shared/components/CivicAuthIframeContainer.test.js

@@ -1,23 +1,25 @@
 import { render, act, waitFor } from "@testing-library/react";
 import { CivicAuthIframeContainer } from "@/shared/components/CivicAuthIframeContainer.js";
-import { vi } from "vitest";
+import { vi, it } from "vitest";
 import React, {} from "react";
 import { createRef } from "react";
 import { TOKEN_EXCHANGE_TRIGGER_TEXT } from "@/constants.js";
-let setAuthResponseUrlMock;
+let doTokenExchangeMock;
 let iframeRefMock;
 beforeEach(() => {
     iframeRefMock = createRef();
     vi.mock("@/shared/hooks", () => ({
-        useAuth: () => ({ isLoading: false }),
-        useConfig: () => ({
+        useSession: () => ({ isLoading: false, session: { authenticated: false } }),
+        useCivicAuthConfig: () => ({
             redirectUrl: "https://example.com/redirect",
-            modalIframe: true,
         }),
         useIframe: vi.fn(() => ({
-            setAuthResponseUrl: setAuthResponseUrlMock,
+            iframeMode: "modal",
             iframeRef: iframeRefMock,
         })),
+        useClientTokenExchangeSession: vi.fn(() => ({
+            doTokenExchange: doTokenExchangeMock,
+        })),
     }));
 });
 describe("CivicAuthIframeContainer", () => {
@@ -30,7 +32,7 @@ describe("CivicAuthIframeContainer", () => {
     });
     it(`triggers a fetch request when '${TOKEN_EXCHANGE_TRIGGER_TEXT}' is in the iframe body`, async () => {
         const onCloseMock = vi.fn();
-        setAuthResponseUrlMock = vi.fn();
+        doTokenExchangeMock = vi.fn();
         const fetchMock = vi.fn(() => Promise.resolve({ ok: true }));
         global.fetch = fetchMock;
         render(React.createElement(CivicAuthIframeContainer, { onClose: onCloseMock, closeOnRedirect: true }));
@@ -61,7 +63,7 @@ describe("CivicAuthIframeContainer", () => {
     });
     it(`sets auth response URL when no '${TOKEN_EXCHANGE_TRIGGER_TEXT}' in iframe body`, async () => {
         const onCloseMock = vi.fn();
-        setAuthResponseUrlMock = vi.fn();
+        doTokenExchangeMock = vi.fn();
         render(React.createElement(CivicAuthIframeContainer, { onClose: onCloseMock, closeOnRedirect: true }));
         act(() => {
             if (iframeRefMock.current) {
@@ -84,13 +86,13 @@ describe("CivicAuthIframeContainer", () => {
             iframeRefMock.current?.dispatchEvent(new Event("load"));
         });
         await waitFor(() => {
-            expect(setAuthResponseUrlMock).toHaveBeenCalledWith("https://example.com/redirect?code=5678");
+            expect(doTokenExchangeMock).toHaveBeenCalledWith("https://example.com/redirect?code=5678");
             expect(onCloseMock).toHaveBeenCalled();
         });
     });
     it("does not call onClose if closeOnRedirect is false", async () => {
         const onCloseMock = vi.fn();
-        setAuthResponseUrlMock = vi.fn();
+        doTokenExchangeMock = vi.fn();
         render(React.createElement(CivicAuthIframeContainer, { onClose: onCloseMock, closeOnRedirect: false }));
         act(() => {
             if (iframeRefMock.current) {

package/dist/test/unit/shared/components/CivicAuthIframeContainer.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"CivicAuthIframeContainer.test.js","sourceRoot":"","sources":["../../../../../test/unit/shared/components/CivicAuthIframeContainer.test.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAAE,wBAAwB,EAAE,MAAM,iDAAiD,CAAC;AAC3F,OAAO,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC5B,OAAO,KAAK,EAAE,EAAkB,MAAM,OAAO,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAClC,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAE7D,IAAI,sBAA2B,CAAC;AAChC,IAAI,aAA2C,CAAC;AAEhD,UAAU,CAAC,GAAG,EAAE;IACd,aAAa,GAAG,SAAS,EAAE,CAAC;IAE5B,EAAE,CAAC,IAAI,CAAC,gBAAgB,EAAE,GAAG,EAAE,CAAC,CAAC;QAC/B,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QACrC,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;YAChB,WAAW,EAAE,8BAA8B;YAC3C,WAAW,EAAE,IAAI;SAClB,CAAC;QACF,SAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YACtB,kBAAkB,EAAE,sBAAsB;YAC1C,SAAS,EAAE,aAAa;SACzB,CAAC,CAAC;KACJ,CAAC,CAAC,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,IAAI,aAAkC,CAAC;IAEvC,SAAS,CAAC,GAAG,EAAE;QACb,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAG,EAAE;QACZ,MAAM,CAAC,KAAK,GAAG,aAAa,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,2BAA2B,yBAAyB,EAAE,KAAK,IAAI,EAAE;QACpG,MAAM,WAAW,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,sBAAsB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAEjC,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC7D,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;QAEhC,MAAM,CACJ,oBAAC,wBAAwB,IAAC,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,GAAI,CAC1E,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,IAAI,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,EAAE;oBAC5D,KAAK,EAAE;wBACL,QAAQ,EAAE;4BACR,IAAI,EAAE,wCAAwC;yBAC/C;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE;gCACJ,SAAS,EAAE,2BAA2B;6BACvC;yBACF;qBACF;oBACD,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,EAAE;YACP,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACpC,qEAAqE,CACtE,CAAC;YACF,MAAM,CAAC,WAAW,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,2BAA2B,kBAAkB,EAAE,KAAK,IAAI,EAAE;QAC9F,MAAM,WAAW,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,sBAAsB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAEjC,MAAM,CACJ,oBAAC,wBAAwB,IAAC,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,GAAI,CAC1E,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,IAAI,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,EAAE;oBAC5D,KAAK,EAAE;wBACL,QAAQ,EAAE;4BACR,IAAI,EAAE,wCAAwC;yBAC/C;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE;gCACJ,SAAS,EAAE,EAAE;6BACd;yBACF;qBACF;oBACD,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,EAAE;YACP,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,sBAAsB,CAAC,CAAC,oBAAoB,CACjD,wCAAwC,CACzC,CAAC;YACF,MAAM,CAAC,WAAW,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,WAAW,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,sBAAsB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAEjC,MAAM,CACJ,oBAAC,wBAAwB,IACvB,OAAO,EAAE,WAAW,EACpB,eAAe,EAAE,KAAK,GACtB,CACH,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,IAAI,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,EAAE;oBAC5D,KAAK,EAAE;wBACL,QAAQ,EAAE;4BACR,IAAI,EAAE,yCAAyC;yBAChD;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE;gCACJ,SAAS,EAAE,2BAA2B;6BACvC;yBACF;qBACF;oBACD,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,EAAE;YACP,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC7C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { render, act, waitFor } from \"@testing-library/react\";\nimport { CivicAuthIframeContainer } from \"@/shared/components/CivicAuthIframeContainer.js\";\nimport { vi } from \"vitest\";\nimport React, { type RefObject } from \"react\";\nimport { createRef } from \"react\";\nimport { TOKEN_EXCHANGE_TRIGGER_TEXT } from \"@/constants.js\";\n\nlet setAuthResponseUrlMock: any;\nlet iframeRefMock: RefObject<HTMLIFrameElement>;\n\nbeforeEach(() => {\n  iframeRefMock = createRef();\n\n  vi.mock(\"@/shared/hooks\", () => ({\n    useAuth: () => ({ isLoading: false }),\n    useConfig: () => ({\n      redirectUrl: \"https://example.com/redirect\",\n      modalIframe: true,\n    }),\n    useIframe: vi.fn(() => ({\n      setAuthResponseUrl: setAuthResponseUrlMock,\n      iframeRef: iframeRefMock,\n    })),\n  }));\n});\n\ndescribe(\"CivicAuthIframeContainer\", () => {\n  let originalFetch: typeof global.fetch;\n\n  beforeAll(() => {\n    originalFetch = global.fetch;\n  });\n\n  afterAll(() => {\n    global.fetch = originalFetch;\n  });\n\n  it(`triggers a fetch request when '${TOKEN_EXCHANGE_TRIGGER_TEXT}' is in the iframe body`, async () => {\n    const onCloseMock = vi.fn();\n    setAuthResponseUrlMock = vi.fn();\n\n    const fetchMock = vi.fn(() => Promise.resolve({ ok: true }));\n    global.fetch = fetchMock as any;\n\n    render(\n      <CivicAuthIframeContainer onClose={onCloseMock} closeOnRedirect={true} />,\n    );\n\n    act(() => {\n      if (iframeRefMock.current) {\n        Object.defineProperty(iframeRefMock.current, \"contentWindow\", {\n          value: {\n            location: {\n              href: \"https://example.com/redirect?code=1234\",\n            },\n            document: {\n              body: {\n                innerHTML: TOKEN_EXCHANGE_TRIGGER_TEXT,\n              },\n            },\n          },\n          configurable: true,\n        });\n      }\n    });\n\n    act(() => {\n      iframeRefMock.current?.dispatchEvent(new Event(\"load\"));\n    });\n\n    await waitFor(() => {\n      expect(fetchMock).toHaveBeenCalledWith(\n        \"https://example.com/redirect?code=1234&appUrl=http://localhost:3000\",\n      );\n      expect(onCloseMock).toHaveBeenCalled();\n    });\n  });\n\n  it(`sets auth response URL when no '${TOKEN_EXCHANGE_TRIGGER_TEXT}' in iframe body`, async () => {\n    const onCloseMock = vi.fn();\n    setAuthResponseUrlMock = vi.fn();\n\n    render(\n      <CivicAuthIframeContainer onClose={onCloseMock} closeOnRedirect={true} />,\n    );\n\n    act(() => {\n      if (iframeRefMock.current) {\n        Object.defineProperty(iframeRefMock.current, \"contentWindow\", {\n          value: {\n            location: {\n              href: \"https://example.com/redirect?code=5678\",\n            },\n            document: {\n              body: {\n                innerHTML: \"\",\n              },\n            },\n          },\n          configurable: true,\n        });\n      }\n    });\n\n    act(() => {\n      iframeRefMock.current?.dispatchEvent(new Event(\"load\"));\n    });\n\n    await waitFor(() => {\n      expect(setAuthResponseUrlMock).toHaveBeenCalledWith(\n        \"https://example.com/redirect?code=5678\",\n      );\n      expect(onCloseMock).toHaveBeenCalled();\n    });\n  });\n\n  it(\"does not call onClose if closeOnRedirect is false\", async () => {\n    const onCloseMock = vi.fn();\n    setAuthResponseUrlMock = vi.fn();\n\n    render(\n      <CivicAuthIframeContainer\n        onClose={onCloseMock}\n        closeOnRedirect={false}\n      />,\n    );\n\n    act(() => {\n      if (iframeRefMock.current) {\n        Object.defineProperty(iframeRefMock.current, \"contentWindow\", {\n          value: {\n            location: {\n              href: \"https://example.com/redirect?code=91011\",\n            },\n            document: {\n              body: {\n                innerHTML: TOKEN_EXCHANGE_TRIGGER_TEXT,\n              },\n            },\n          },\n          configurable: true,\n        });\n      }\n    });\n\n    act(() => {\n      iframeRefMock.current?.dispatchEvent(new Event(\"load\"));\n    });\n\n    await waitFor(() => {\n      expect(onCloseMock).not.toHaveBeenCalled();\n    });\n  });\n});\n"]}
+{"version":3,"file":"CivicAuthIframeContainer.test.js","sourceRoot":"","sources":["../../../../../test/unit/shared/components/CivicAuthIframeContainer.test.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAAE,wBAAwB,EAAE,MAAM,iDAAiD,CAAC;AAC3F,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAChC,OAAO,KAAK,EAAE,EAAkB,MAAM,OAAO,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAClC,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAE7D,IAAI,mBAAwB,CAAC;AAC7B,IAAI,aAA2C,CAAC;AAEhD,UAAU,CAAC,GAAG,EAAE;IACd,aAAa,GAAG,SAAS,EAAE,CAAC;IAE5B,EAAE,CAAC,IAAI,CAAC,gBAAgB,EAAE,GAAG,EAAE,CAAC,CAAC;QAC/B,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,CAAC;QAC3E,kBAAkB,EAAE,GAAG,EAAE,CAAC,CAAC;YACzB,WAAW,EAAE,8BAA8B;SAC5C,CAAC;QACF,SAAS,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YACtB,UAAU,EAAE,OAAO;YACnB,SAAS,EAAE,aAAa;SACzB,CAAC,CAAC;QACH,6BAA6B,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;YAC1C,eAAe,EAAE,mBAAmB;SACrC,CAAC,CAAC;KACJ,CAAC,CAAC,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,IAAI,aAAkC,CAAC;IAEvC,SAAS,CAAC,GAAG,EAAE;QACb,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAG,EAAE;QACZ,MAAM,CAAC,KAAK,GAAG,aAAa,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,2BAA2B,yBAAyB,EAAE,KAAK,IAAI,EAAE;QACpG,MAAM,WAAW,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,mBAAmB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAE9B,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC7D,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;QAEhC,MAAM,CACJ,oBAAC,wBAAwB,IAAC,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,GAAI,CAC1E,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,IAAI,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,EAAE;oBAC5D,KAAK,EAAE;wBACL,QAAQ,EAAE;4BACR,IAAI,EAAE,wCAAwC;yBAC/C;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE;gCACJ,SAAS,EAAE,2BAA2B;6BACvC;yBACF;qBACF;oBACD,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,EAAE;YACP,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACpC,qEAAqE,CACtE,CAAC;YACF,MAAM,CAAC,WAAW,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,2BAA2B,kBAAkB,EAAE,KAAK,IAAI,EAAE;QAC9F,MAAM,WAAW,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,mBAAmB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAE9B,MAAM,CACJ,oBAAC,wBAAwB,IAAC,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,GAAI,CAC1E,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,IAAI,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,EAAE;oBAC5D,KAAK,EAAE;wBACL,QAAQ,EAAE;4BACR,IAAI,EAAE,wCAAwC;yBAC/C;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE;gCACJ,SAAS,EAAE,EAAE;6BACd;yBACF;qBACF;oBACD,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,EAAE;YACP,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,mBAAmB,CAAC,CAAC,oBAAoB,CAC9C,wCAAwC,CACzC,CAAC;YACF,MAAM,CAAC,WAAW,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,WAAW,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,mBAAmB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAE9B,MAAM,CACJ,oBAAC,wBAAwB,IACvB,OAAO,EAAE,WAAW,EACpB,eAAe,EAAE,KAAK,GACtB,CACH,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,IAAI,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,EAAE;oBAC5D,KAAK,EAAE;wBACL,QAAQ,EAAE;4BACR,IAAI,EAAE,yCAAyC;yBAChD;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE;gCACJ,SAAS,EAAE,2BAA2B;6BACvC;yBACF;qBACF;oBACD,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,EAAE;YACP,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC7C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { render, act, waitFor } from \"@testing-library/react\";\nimport { CivicAuthIframeContainer } from \"@/shared/components/CivicAuthIframeContainer.js\";\nimport { vi, it } from \"vitest\";\nimport React, { type RefObject } from \"react\";\nimport { createRef } from \"react\";\nimport { TOKEN_EXCHANGE_TRIGGER_TEXT } from \"@/constants.js\";\n\nlet doTokenExchangeMock: any;\nlet iframeRefMock: RefObject<HTMLIFrameElement>;\n\nbeforeEach(() => {\n  iframeRefMock = createRef();\n\n  vi.mock(\"@/shared/hooks\", () => ({\n    useSession: () => ({ isLoading: false, session: { authenticated: false } }),\n    useCivicAuthConfig: () => ({\n      redirectUrl: \"https://example.com/redirect\",\n    }),\n    useIframe: vi.fn(() => ({\n      iframeMode: \"modal\",\n      iframeRef: iframeRefMock,\n    })),\n    useClientTokenExchangeSession: vi.fn(() => ({\n      doTokenExchange: doTokenExchangeMock,\n    })),\n  }));\n});\n\ndescribe(\"CivicAuthIframeContainer\", () => {\n  let originalFetch: typeof global.fetch;\n\n  beforeAll(() => {\n    originalFetch = global.fetch;\n  });\n\n  afterAll(() => {\n    global.fetch = originalFetch;\n  });\n\n  it(`triggers a fetch request when '${TOKEN_EXCHANGE_TRIGGER_TEXT}' is in the iframe body`, async () => {\n    const onCloseMock = vi.fn();\n    doTokenExchangeMock = vi.fn();\n\n    const fetchMock = vi.fn(() => Promise.resolve({ ok: true }));\n    global.fetch = fetchMock as any;\n\n    render(\n      <CivicAuthIframeContainer onClose={onCloseMock} closeOnRedirect={true} />,\n    );\n\n    act(() => {\n      if (iframeRefMock.current) {\n        Object.defineProperty(iframeRefMock.current, \"contentWindow\", {\n          value: {\n            location: {\n              href: \"https://example.com/redirect?code=1234\",\n            },\n            document: {\n              body: {\n                innerHTML: TOKEN_EXCHANGE_TRIGGER_TEXT,\n              },\n            },\n          },\n          configurable: true,\n        });\n      }\n    });\n\n    act(() => {\n      iframeRefMock.current?.dispatchEvent(new Event(\"load\"));\n    });\n\n    await waitFor(() => {\n      expect(fetchMock).toHaveBeenCalledWith(\n        \"https://example.com/redirect?code=1234&appUrl=http://localhost:3000\",\n      );\n      expect(onCloseMock).toHaveBeenCalled();\n    });\n  });\n\n  it(`sets auth response URL when no '${TOKEN_EXCHANGE_TRIGGER_TEXT}' in iframe body`, async () => {\n    const onCloseMock = vi.fn();\n    doTokenExchangeMock = vi.fn();\n\n    render(\n      <CivicAuthIframeContainer onClose={onCloseMock} closeOnRedirect={true} />,\n    );\n\n    act(() => {\n      if (iframeRefMock.current) {\n        Object.defineProperty(iframeRefMock.current, \"contentWindow\", {\n          value: {\n            location: {\n              href: \"https://example.com/redirect?code=5678\",\n            },\n            document: {\n              body: {\n                innerHTML: \"\",\n              },\n            },\n          },\n          configurable: true,\n        });\n      }\n    });\n\n    act(() => {\n      iframeRefMock.current?.dispatchEvent(new Event(\"load\"));\n    });\n\n    await waitFor(() => {\n      expect(doTokenExchangeMock).toHaveBeenCalledWith(\n        \"https://example.com/redirect?code=5678\",\n      );\n      expect(onCloseMock).toHaveBeenCalled();\n    });\n  });\n\n  it(\"does not call onClose if closeOnRedirect is false\", async () => {\n    const onCloseMock = vi.fn();\n    doTokenExchangeMock = vi.fn();\n\n    render(\n      <CivicAuthIframeContainer\n        onClose={onCloseMock}\n        closeOnRedirect={false}\n      />,\n    );\n\n    act(() => {\n      if (iframeRefMock.current) {\n        Object.defineProperty(iframeRefMock.current, \"contentWindow\", {\n          value: {\n            location: {\n              href: \"https://example.com/redirect?code=91011\",\n            },\n            document: {\n              body: {\n                innerHTML: TOKEN_EXCHANGE_TRIGGER_TEXT,\n              },\n            },\n          },\n          configurable: true,\n        });\n      }\n    });\n\n    act(() => {\n      iframeRefMock.current?.dispatchEvent(new Event(\"load\"));\n    });\n\n    await waitFor(() => {\n      expect(onCloseMock).not.toHaveBeenCalled();\n    });\n  });\n});\n"]}