@civic/auth 0.1.3 → 0.1.4-beta.1

package/dist/cjs/nextjs/providers/NextAuthProvider.js

@@ -16,61 +16,100 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CivicNextAuthProvider = void 0;
 /**
  * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.
  */
 const react_1 = __importStar(require("react"));
-const AuthProvider_js_1 = require("../../shared/providers/AuthProvider.js");
-const react_query_1 = require("@tanstack/react-query");
 const config_js_1 = require("../../nextjs/config.js");
 const utils_js_1 = require("../../nextjs/utils.js");
 const PKCE_js_1 = require("../../services/PKCE.js");
 const cookies_js_1 = require("../../nextjs/cookies.js");
 const UserProvider_js_1 = require("../../shared/providers/UserProvider.js");
-const types_js_1 = require("../../shared/lib/types.js");
 const useUserCookie_js_1 = require("../../nextjs/hooks/useUserCookie.js");
-const index_js_1 = require("../../nextjs/hooks/index.js");
-const queryClient = new react_query_1.QueryClient();
-const CivicNextAuthProviderInternal = ({ children, ...props }) => {
-    const [redirectUrl, setRedirectUrl] = (0, react_1.useState)("");
+const CivicAuthConfigContext_js_1 = require("../../shared/providers/CivicAuthConfigContext.js");
+const SessionProvider_js_1 = require("../../shared/providers/SessionProvider.js");
+const IframeProvider_js_1 = require("../../shared/providers/IframeProvider.js");
+const TokenProvider_js_1 = require("../../shared/providers/TokenProvider.js");
+const useSignIn_js_1 = require("../../shared/hooks/useSignIn.js");
+const useCivicAuthConfig_js_1 = require("../../shared/hooks/useCivicAuthConfig.js");
+const index_js_1 = require("../../reactjs/index.js");
+const IFrameAndLoading_js_1 = require("../../shared/components/IFrameAndLoading.js");
+const BlockDisplay_js_1 = require("../../shared/components/BlockDisplay.js");
+const LoadingIcon_js_1 = require("../../shared/components/LoadingIcon.js");
+const CivicNextAuthProviderInternal = ({ children, resolvedConfig, ...props }) => {
+    const { iframeMode } = props;
+    const { iframeRef } = (0, index_js_1.useIframe)();
+    const [isLoading, setIsLoading] = (0, react_1.useState)(false);
+    const civicAuthConfig = (0, useCivicAuthConfig_js_1.useCivicAuthConfig)();
+    const { challengeUrl, logoutUrl } = resolvedConfig;
+    const pkceConsumer = new PKCE_js_1.ConfidentialClientPKCEConsumer(challengeUrl);
+    const postSignOut = async () => {
+        const appUrl = globalThis.window.location.origin;
+        window.location.href = `${logoutUrl}?appUrl=${appUrl}`;
+        return;
+    };
+    const preSignOut = (0, react_1.useCallback)(async () => {
+        setIsLoading(true);
+        await props?.onSignOut?.();
+    }, [props]);
+    const { signIn, signOut } = (0, useSignIn_js_1.useSignIn)({
+        preSignOut,
+        postSignOut,
+        pkceConsumer,
+    });
+    const { user, idToken } = (0, useUserCookie_js_1.useUserCookie)();
+    const session = {
+        authenticated: !!user,
+        idToken,
+    };
+    (0, react_1.useEffect)(() => {
+        if (iframeMode === "embedded" &&
+            civicAuthConfig &&
+            !session?.authenticated &&
+            iframeRef?.current) {
+            signIn("iframe");
+        }
+    }, [iframeMode, civicAuthConfig, session?.authenticated, iframeRef, signIn]);
+    return (react_1.default.createElement(SessionProvider_js_1.SessionProvider, { data: session, isLoading: isLoading },
+        react_1.default.createElement(TokenProvider_js_1.TokenProvider, null,
+            react_1.default.createElement(UserProvider_js_1.UserProvider, { storage: new cookies_js_1.NextjsClientStorage(), user: user, signOut: signOut, signIn: signIn },
+                react_1.default.createElement(IFrameAndLoading_js_1.IFrameAndLoading, { isLoading: isLoading, error: null }),
+                isLoading && (react_1.default.createElement(BlockDisplay_js_1.BlockDisplay, null,
+                    react_1.default.createElement(LoadingIcon_js_1.LoadingIcon, null))),
+                children))));
+};
+const CivicNextAuthProvider = ({ children, ...props }) => {
     const resolvedConfig = (0, config_js_1.resolveAuthConfig)();
     const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl } = resolvedConfig;
+    const [redirectUrl, setRedirectUrl] = (0, react_1.useState)("");
     (0, react_1.useEffect)(() => {
         if (typeof globalThis.window !== "undefined") {
             const appUrl = globalThis.window.location.origin;
             setRedirectUrl((0, utils_js_1.resolveCallbackUrl)(resolvedConfig, appUrl));
         }
     }, [callbackUrl, resolvedConfig]);
-    const user = (0, useUserCookie_js_1.useUserCookie)();
-    const idToken = (0, index_js_1.useTokenCookie)(types_js_1.OAuthTokens.ID_TOKEN);
-    const combinedUser = user ? { ...(user || {}), idToken } : null;
-    const sessionData = {
-        authenticated: !!user,
-        ...(idToken ? { idToken } : {}),
-    };
-    const signOut = async () => {
-        if (props.onSignOut) {
-            await props.onSignOut();
-        }
-        const appUrl = globalThis.window.location.origin;
-        window.location.href = `${logoutUrl}?appUrl=${appUrl}`;
-        return;
-    };
-    return (react_1.default.createElement(AuthProvider_js_1.AuthProvider, { ...props, redirectUrl: redirectUrl, config: { oauthServer }, clientId: clientId, pkceConsumer: new PKCE_js_1.ConfidentialClientPKCEConsumer(challengeUrl), sessionData: sessionData },
-        react_1.default.createElement(UserProvider_js_1.UserProvider, { storage: new cookies_js_1.NextjsClientStorage(), user: combinedUser, signOut: signOut }, children)));
-};
-const CivicNextAuthProvider = ({ children, ...props }) => {
-    return (react_1.default.createElement(react_query_1.QueryClientProvider, { client: queryClient },
-        react_1.default.createElement(CivicNextAuthProviderInternal, { ...props }, children)));
+    return (react_1.default.createElement(CivicAuthConfigContext_js_1.CivicAuthConfigProvider, { oauthServer: oauthServer, clientId: clientId, redirectUrl: redirectUrl, nonce: props?.nonce, challengeUrl: challengeUrl, logoutUrl: logoutUrl },
+        react_1.default.createElement(IframeProvider_js_1.IframeProvider, { iframeMode: props.iframeMode },
+            react_1.default.createElement(CivicNextAuthProviderInternal, { ...props, resolvedConfig: resolvedConfig }, children))));
 };
 exports.CivicNextAuthProvider = CivicNextAuthProvider;
 //# sourceMappingURL=NextAuthProvider.js.map

package/dist/cjs/nextjs/providers/NextAuthProvider.js.map

@@ -1 +1 @@
-{"version":3,"file":"NextAuthProvider.js","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;AACb;;GAEG;AACH,+CAAmD;AAEnD,wEAAkE;AAClE,uDAAyE;AAEzE,kDAAuD;AACvD,gDAAuD;AACvD,gDAAoE;AACpE,oDAA0D;AAC1D,wEAAkE;AAClE,oDAAoD;AACpD,sEAAgE;AAChE,sDAAyD;AAEzD,MAAM,WAAW,GAAG,IAAI,yBAAW,EAAE,CAAC;AAItC,MAAM,6BAA6B,GAAG,CAAC,EACrC,QAAQ,EACR,GAAG,KAAK,EACmB,EAAE,EAAE;IAC/B,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAS,EAAE,CAAC,CAAC;IAC3D,MAAM,cAAc,GAAG,IAAA,6BAAiB,GAAE,CAAC;IAC3C,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,GACnE,cAAc,CAAC;IAEjB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,cAAc,CAAC,IAAA,6BAAkB,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;IAElC,MAAM,IAAI,GAAG,IAAA,gCAAa,GAAE,CAAC;IAC7B,MAAM,OAAO,GAAG,IAAA,yBAAc,EAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,YAAY,GAAG,IAAI,CAAC,CAAC,CAAE,EAAE,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,OAAO,EAAW,CAAC,CAAC,CAAC,IAAI,CAAC;IAC1E,MAAM,WAAW,GAAG;QAClB,aAAa,EAAE,CAAC,CAAC,IAAI;QACrB,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChC,CAAC;IACF,MAAM,OAAO,GAAG,KAAK,IAAmB,EAAE;QACxC,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,KAAK,CAAC,SAAS,EAAE,CAAC;QAC1B,CAAC;QACD,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QACjD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,SAAS,WAAW,MAAM,EAAE,CAAC;QACvD,OAAO;IACT,CAAC,CAAC;IACF,OAAO,CACL,8BAAC,8BAAY,OACP,KAAK,EACT,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,EAAE,WAAW,EAAE,EACvB,QAAQ,EAAE,QAAQ,EAClB,YAAY,EAAE,IAAI,wCAA8B,CAAC,YAAY,CAAC,EAC9D,WAAW,EAAE,WAAW;QAExB,8BAAC,8BAAY,IACX,OAAO,EAAE,IAAI,gCAAmB,EAAE,EAClC,IAAI,EAAE,YAAY,EAClB,OAAO,EAAE,OAAO,IAEf,QAAQ,CACI,CACF,CAChB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,EAC7B,QAAQ,EACR,GAAG,KAAK,EACmB,EAAE,EAAE;IAC/B,OAAO,CACL,8BAAC,iCAAmB,IAAC,MAAM,EAAE,WAAW;QACtC,8BAAC,6BAA6B,OAAK,KAAK,IACrC,QAAQ,CACqB,CACZ,CACvB,CAAC;AACJ,CAAC,CAAC;AAEO,sDAAqB","sourcesContent":["\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport React, { useEffect, useState } from \"react\";\nimport type { AuthProviderProps } from \"@/shared/providers/AuthProvider.js\";\nimport { AuthProvider } from \"@/shared/providers/AuthProvider.js\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\nimport type { User } from \"@/types.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\nimport { UserProvider } from \"@/shared/providers/UserProvider.js\";\nimport { OAuthTokens } from \"@/shared/lib/types.js\";\nimport { useUserCookie } from \"@/nextjs/hooks/useUserCookie.js\";\nimport { useTokenCookie } from \"@/nextjs/hooks/index.js\";\n\nconst queryClient = new QueryClient();\n\ntype NextCivicAuthProviderProps = Omit<AuthProviderProps, \"clientId\">;\n\nconst CivicNextAuthProviderInternal = ({\n  children,\n  ...props\n}: NextCivicAuthProviderProps) => {\n  const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n  const resolvedConfig = resolveAuthConfig();\n  const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl } =\n    resolvedConfig;\n\n  useEffect(() => {\n    if (typeof globalThis.window !== \"undefined\") {\n      const appUrl = globalThis.window.location.origin;\n      setRedirectUrl(resolveCallbackUrl(resolvedConfig, appUrl));\n    }\n  }, [callbackUrl, resolvedConfig]);\n\n  const user = useUserCookie();\n  const idToken = useTokenCookie(OAuthTokens.ID_TOKEN);\n  const combinedUser = user ? ({ ...(user || {}), idToken } as User) : null;\n  const sessionData = {\n    authenticated: !!user,\n    ...(idToken ? { idToken } : {}),\n  };\n  const signOut = async (): Promise<void> => {\n    if (props.onSignOut) {\n      await props.onSignOut();\n    }\n    const appUrl = globalThis.window.location.origin;\n    window.location.href = `${logoutUrl}?appUrl=${appUrl}`;\n    return;\n  };\n  return (\n    <AuthProvider\n      {...props}\n      redirectUrl={redirectUrl}\n      config={{ oauthServer }}\n      clientId={clientId}\n      pkceConsumer={new ConfidentialClientPKCEConsumer(challengeUrl)}\n      sessionData={sessionData}\n    >\n      <UserProvider\n        storage={new NextjsClientStorage()}\n        user={combinedUser}\n        signOut={signOut}\n      >\n        {children}\n      </UserProvider>\n    </AuthProvider>\n  );\n};\n\nconst CivicNextAuthProvider = ({\n  children,\n  ...props\n}: NextCivicAuthProviderProps) => {\n  return (\n    <QueryClientProvider client={queryClient}>\n      <CivicNextAuthProviderInternal {...props}>\n        {children}\n      </CivicNextAuthProviderInternal>\n    </QueryClientProvider>\n  );\n};\n\nexport { CivicNextAuthProvider, type NextCivicAuthProviderProps };\n"]}
+{"version":3,"file":"NextAuthProvider.js","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb;;GAEG;AACH,+CAAgE;AAEhE,kDAG4B;AAC5B,gDAAuD;AACvD,gDAAoE;AACpE,oDAA0D;AAC1D,wEAAkE;AAClE,sEAAgE;AAChE,4FAAuF;AACvF,8EAAwE;AACxE,4EAAsE;AACtE,0EAAoE;AACpE,8DAAwD;AACxD,gFAA0E;AAC1E,iDAA+C;AAC/C,iFAA2E;AAC3E,yEAAmE;AACnE,uEAAiE;AAajE,MAAM,6BAA6B,GAAG,CAAC,EACrC,QAAQ,EACR,cAAc,EACd,GAAG,KAAK,EAC2B,EAAE,EAAE;IACvC,MAAM,EAAE,UAAU,EAAE,GAAG,KAAK,CAAC;IAC7B,MAAM,EAAE,SAAS,EAAE,GAAG,IAAA,oBAAS,GAAE,CAAC;IAClC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAAU,KAAK,CAAC,CAAC;IAC3D,MAAM,eAAe,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAC7C,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,cAAc,CAAC;IACnD,MAAM,YAAY,GAAG,IAAI,wCAA8B,CAAC,YAAY,CAAC,CAAC;IACtE,MAAM,WAAW,GAAG,KAAK,IAAmB,EAAE;QAC5C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QACjD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,SAAS,WAAW,MAAM,EAAE,CAAC;QACvD,OAAO;IACT,CAAC,CAAC;IAEF,MAAM,UAAU,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACxC,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,MAAM,KAAK,EAAE,SAAS,EAAE,EAAE,CAAC;IAC7B,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;IAEZ,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,wBAAS,EAAC;QACpC,UAAU;QACV,WAAW;QACX,YAAY;KACb,CAAC,CAAC;IAEH,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,gCAAa,GAAE,CAAC;IAC1C,MAAM,OAAO,GAAG;QACd,aAAa,EAAE,CAAC,CAAC,IAAI;QACrB,OAAO;KACR,CAAC;IAEF,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IACE,UAAU,KAAK,UAAU;YACzB,eAAe;YACf,CAAC,OAAO,EAAE,aAAa;YACvB,SAAS,EAAE,OAAO,EAClB,CAAC;YACD,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnB,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;IAC7E,OAAO,CACL,8BAAC,oCAAe,IAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;QAClD,8BAAC,gCAAa;YACZ,8BAAC,8BAAY,IACX,OAAO,EAAE,IAAI,gCAAmB,EAAE,EAClC,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM;gBAEd,8BAAC,sCAAgB,IAAC,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,GAAI;gBACtD,SAAS,IAAI,CACZ,8BAAC,8BAAY;oBACX,8BAAC,4BAAW,OAAG,CACF,CAChB;gBACA,QAAQ,CACI,CACD,CACA,CACnB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,EAC7B,QAAQ,EACR,GAAG,KAAK,EACmB,EAAE,EAAE;IAC/B,MAAM,cAAc,GAAG,IAAA,6BAAiB,GAAE,CAAC;IAC3C,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,GACnE,cAAc,CAAC;IACjB,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAS,EAAE,CAAC,CAAC;IAC3D,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,cAAc,CAAC,IAAA,6BAAkB,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;IAElC,OAAO,CACL,8BAAC,mDAAuB,IACtB,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,KAAK,EAAE,KAAK,EAAE,KAAK,EACnB,YAAY,EAAE,YAAY,EAC1B,SAAS,EAAE,SAAS;QAEpB,8BAAC,kCAAc,IAAC,UAAU,EAAE,KAAK,CAAC,UAAU;YAC1C,8BAAC,6BAA6B,OACxB,KAAK,EACT,cAAc,EAAE,cAAc,IAE7B,QAAQ,CACqB,CACjB,CACO,CAC3B,CAAC;AACJ,CAAC,CAAC;AAEO,sDAAqB","sourcesContent":["\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport React, { useCallback, useEffect, useState } from \"react\";\nimport type { AuthProviderProps } from \"@/shared/providers/AuthProvider.js\";\nimport {\n  resolveAuthConfig,\n  type AuthConfigWithDefaults,\n} from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\nimport { UserProvider } from \"@/shared/providers/UserProvider.js\";\nimport { useUserCookie } from \"@/nextjs/hooks/useUserCookie.js\";\nimport { CivicAuthConfigProvider } from \"@/shared/providers/CivicAuthConfigContext.js\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider.js\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider.js\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { useIframe } from \"@/reactjs/index.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\nimport { BlockDisplay } from \"@/shared/components/BlockDisplay.js\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\n\ntype InternalNextCivicAuthProviderProps = Omit<\n  AuthProviderProps,\n  \"clientId\"\n> & {\n  resolvedConfig: AuthConfigWithDefaults;\n};\ntype NextCivicAuthProviderProps = Omit<\n  InternalNextCivicAuthProviderProps,\n  \"clientId\" | \"resolvedConfig\" | \"redirectUrl\"\n>;\n\nconst CivicNextAuthProviderInternal = ({\n  children,\n  resolvedConfig,\n  ...props\n}: InternalNextCivicAuthProviderProps) => {\n  const { iframeMode } = props;\n  const { iframeRef } = useIframe();\n  const [isLoading, setIsLoading] = useState<boolean>(false);\n  const civicAuthConfig = useCivicAuthConfig();\n  const { challengeUrl, logoutUrl } = resolvedConfig;\n  const pkceConsumer = new ConfidentialClientPKCEConsumer(challengeUrl);\n  const postSignOut = async (): Promise<void> => {\n    const appUrl = globalThis.window.location.origin;\n    window.location.href = `${logoutUrl}?appUrl=${appUrl}`;\n    return;\n  };\n\n  const preSignOut = useCallback(async () => {\n    setIsLoading(true);\n    await props?.onSignOut?.();\n  }, [props]);\n\n  const { signIn, signOut } = useSignIn({\n    preSignOut,\n    postSignOut,\n    pkceConsumer,\n  });\n\n  const { user, idToken } = useUserCookie();\n  const session = {\n    authenticated: !!user,\n    idToken,\n  };\n\n  useEffect(() => {\n    if (\n      iframeMode === \"embedded\" &&\n      civicAuthConfig &&\n      !session?.authenticated &&\n      iframeRef?.current\n    ) {\n      signIn(\"iframe\");\n    }\n  }, [iframeMode, civicAuthConfig, session?.authenticated, iframeRef, signIn]);\n  return (\n    <SessionProvider data={session} isLoading={isLoading}>\n      <TokenProvider>\n        <UserProvider\n          storage={new NextjsClientStorage()}\n          user={user}\n          signOut={signOut}\n          signIn={signIn}\n        >\n          <IFrameAndLoading isLoading={isLoading} error={null} />\n          {isLoading && (\n            <BlockDisplay>\n              <LoadingIcon />\n            </BlockDisplay>\n          )}\n          {children}\n        </UserProvider>\n      </TokenProvider>\n    </SessionProvider>\n  );\n};\n\nconst CivicNextAuthProvider = ({\n  children,\n  ...props\n}: NextCivicAuthProviderProps) => {\n  const resolvedConfig = resolveAuthConfig();\n  const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl } =\n    resolvedConfig;\n  const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n  useEffect(() => {\n    if (typeof globalThis.window !== \"undefined\") {\n      const appUrl = globalThis.window.location.origin;\n      setRedirectUrl(resolveCallbackUrl(resolvedConfig, appUrl));\n    }\n  }, [callbackUrl, resolvedConfig]);\n\n  return (\n    <CivicAuthConfigProvider\n      oauthServer={oauthServer}\n      clientId={clientId}\n      redirectUrl={redirectUrl}\n      nonce={props?.nonce}\n      challengeUrl={challengeUrl}\n      logoutUrl={logoutUrl}\n    >\n      <IframeProvider iframeMode={props.iframeMode}>\n        <CivicNextAuthProviderInternal\n          {...props}\n          resolvedConfig={resolvedConfig}\n        >\n          {children}\n        </CivicNextAuthProviderInternal>\n      </IframeProvider>\n    </CivicAuthConfigProvider>\n  );\n};\n\nexport { CivicNextAuthProvider, type NextCivicAuthProviderProps };\n"]}

package/dist/cjs/nextjs/routeHandler.js

@@ -9,7 +9,7 @@ const logger_js_1 = require("../lib/logger.js");
 const cookies_js_1 = require("../nextjs/cookies.js");
 const PKCE_js_1 = require("../services/PKCE.js");
 const login_js_1 = require("../server/login.js");
-const session_js_1 = require("../shared/lib/session.js");
+const GetUser_js_1 = require("../nextjs/GetUser.js");
 const utils_js_1 = require("../nextjs/utils.js");
 const UserSession_js_1 = require("../shared/lib/UserSession.js");
 const constants_js_1 = require("../constants.js");
@@ -53,7 +53,7 @@ async function performTokenExchangeAndSetCookies(request, config, code, state, a
         logger.error("Token exchange failed:", error);
         throw new AuthError("Failed to authenticate user", 401);
     }
-    const user = await (0, session_js_1.getUser)(cookieStorage);
+    const user = await (0, GetUser_js_1.getUser)();
     if (!user) {
         throw new AuthError("Failed to get user info", 401);
     }

package/dist/cjs/nextjs/routeHandler.js.map

@@ -1 +1 @@
-{"version":3,"file":"routeHandler.js","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":";;;AA2NA,oCA+BC;AAzPD,8CAA8C;AAC9C,4CAA+C;AAE/C,kDAAuD;AACvD,+CAA0C;AAC1C,oDAI6B;AAC7B,gDAAqE;AACrE,gDAA2D;AAC3D,wDAAkD;AAClD,gDAAuD;AACvD,gEAAiE;AACjE,iDAGwB;AACxB,6CAA8D;AAC9D,oDAAqD;AAErD,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAE5C,MAAM,SAAU,SAAQ,KAAK;IAGT;IAFlB,YACE,OAAe,EACC,SAAiB,GAAG;QAEpC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,WAAM,GAAN,MAAM,CAAc;QAGpC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAC1B,CAAC;CACF;AAED;;;;GAIG;AACH,KAAK,UAAU,eAAe,CAC5B,OAAoB,EACpB,MAAkB;IAElB,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,MAAM,YAAY,GAAG,IAAI,yCAA+B,CAAC,aAAa,CAAC,CAAC;IAExE,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,gBAAgB,EAAE,CAAC;IACxD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,aAAa,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,KAAK,UAAU,iCAAiC,CAC9C,OAAoB,EACpB,MAAkB,EAClB,IAAY,EACZ,KAAa,EACb,MAAc;IAEd,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAE9E,MAAM,WAAW,GAAG,IAAA,6BAAkB,EAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAChE,IAAI,CAAC;QACH,MAAM,IAAA,iCAAsB,EAAC,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE;YACvD,GAAG,eAAe;YAClB,WAAW,EAAE,WAAW;SACzB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,IAAI,SAAS,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,IAAA,oBAAO,EAAC,aAAa,CAAC,CAAC;IAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,SAAS,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,gCAAmB,EAAE,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,aAAa,CAAC,CAAC;IAC1D,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC;AACD,KAAK,UAAU,cAAc,CAC3B,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;IAC5D,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;IAC9D,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;IAEhE,qEAAqE;IACrE,mGAAmG;IACnG,+FAA+F;IAC/F,MAAM,MAAM,GACV,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE,KAAK;QAChD,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAE7C,gFAAgF;IAChF,wCAAwC;IACxC,yHAAyH;IACzH,wHAAwH;IACxH,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE;QAC5B,IAAI;QACJ,KAAK;QACL,MAAM;KACP,CAAC,CAAC;IAEH,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,WAAW,CAAC,CAAC;IAEnE,IAAI,CAAC,YAAY,IAAI,CAAC,MAAM,EAAE,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,uCAAuC,EAAE;YACnD,KAAK;YACL,mBAAmB,EAAE,IAAA,uCAA4B,EAAC,GAAG,KAAK,EAAE,CAAC;SAC9D,CAAC,CAAC;QACH,IAAI,QAAQ,GAAG,IAAI,wBAAY,CAC7B,0CAA0C,0CAA2B,uBAAuB,CAC7F,CAAC;QAEF,mGAAmG;QACnG,uEAAuE;QACvE,wGAAwG;QACxG,sCAAsC;QACtC,IAAI,KAAK,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;YACjD,OAAO,CAAC,GAAG,CACT,yEAAyE,EACzE;gBACE,UAAU,EAAE,OAAO,CAAC,GAAG;gBACvB,iBAAiB,EAAE,eAAe,CAAC,WAAW;aAC/C,CACF,CAAC;YACF,+EAA+E;YAC/E,0CAA0C;YAC1C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxC,MAAM,QAAQ,GAAG,GAAG,eAAe,CAAC,WAAW,IAAI,UAAU,CAAC,YAAY,CAAC,QAAQ,EAAE,qCAAqC,CAAC;YAC3H,QAAQ,GAAG,IAAI,wBAAY,CACzB;;;;;;qCAM6B,QAAQ;;;;;;;;;;;;SAYpC,CACF,CAAC;QACJ,CAAC;QACD,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CACT,oDAAoD,0CAA2B,EAAE,CAClF,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,iCAAiC,CACrC,OAAO,EACP,eAAe,EACf,IAAI,EACJ,KAAK,EACL,MAAM,CACP,CAAC;IAEF,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,oCAAoC,CAAC,EAAE,CAAC;QAC/D,OAAO,CAAC,GAAG,CACT,8EAA8E,EAC9E,MAAM,CACP,CAAC;QACF,OAAO,wBAAY,CAAC,IAAI,CAAC;YACvB,MAAM,EAAE,SAAS;YACjB,WAAW,EAAE,MAAM;SACpB,CAAC,CAAC;IACL,CAAC;IAED,0DAA0D;IAC1D,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,CAAC,GAAG,CACT,iEAAiE,EACjE,MAAM,CACP,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,wBAAY,CAAC,QAAQ,CAAC,GAAG,MAAM,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,wEAAwE;IACxE,iEAAiE;IACjE,oDAAoD;IACpD,MAAM,QAAQ,GAAG,IAAI,wBAAY,CAC/B,oCAAoC,0CAA2B,gBAAgB,CAChF,CAAC;IACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;GAKG;AACH,MAAM,uBAAuB,GAAG,CAC9B,YAAoB,EACpB,eAAuB,EACvB,EAAE,CAAC,IAAI,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC,IAAI,CAAC;AAE1C,KAAK,UAAU,YAAY,CAChC,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,mBAAmB,GAAG,eAAe,CAAC,QAAQ,IAAI,GAAG,CAAC;IAC5D,MAAM,cAAc,GAClB,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,mBAAmB,CAAC;IAE3E,MAAM,kBAAkB,GAAG,yBAAyB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE1E,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAE1D,MAAM,gBAAgB,GAAG,kBAAkB;QACzC,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,uBAAuB,CACrB,cAAc,EACd,IAAI,GAAG,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,CACtC,CAAC;IAEN,MAAM,QAAQ,GAAG,wBAAY,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;IAEzD,MAAM,IAAA,6BAAgB,EAAC,MAAM,CAAC,CAAC;IAE/B,IAAI,CAAC;QACH,IAAA,yBAAc,EAAC,kBAAkB,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;IACzE,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;IAChE,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;;;GAWG;AACI,MAAM,OAAO,GAClB,CAAC,UAAU,GAAG,EAAE,EAAE,EAAE,CACpB,KAAK,EAAE,OAAoB,EAAyB,EAAE;IACpD,MAAM,MAAM,GAAG,IAAA,6BAAiB,EAAC,UAAU,CAAC,CAAC;IAE7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;QAC1C,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzC,MAAM,WAAW,GAAG,YAAY,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAE1D,QAAQ,WAAW,EAAE,CAAC;YACpB,KAAK,WAAW;gBACd,OAAO,MAAM,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAChD,KAAK,UAAU;gBACb,OAAO,MAAM,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC/C,KAAK,QAAQ;gBACX,OAAO,MAAM,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC7C;gBACE,MAAM,IAAI,SAAS,CAAC,uBAAuB,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,KAAK,CAAC,CAAC;QAE3C,MAAM,MAAM,GAAG,KAAK,YAAY,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC;QAC/D,MAAM,OAAO,GACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAEnE,MAAM,QAAQ,GAAG,wBAAY,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAEnE,IAAA,6BAAgB,EAAC,MAAM,CAAC,CAAC;QACzB,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC,CAAC;AAhCS,QAAA,OAAO,WAgChB","sourcesContent":["import type { NextRequest } from \"next/server.js\";\nimport { NextResponse } from \"next/server.js\";\nimport { revalidatePath } from \"next/cache.js\";\nimport type { AuthConfig } from \"@/nextjs/config.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport {\n  clearAuthCookies,\n  NextjsClientStorage,\n  NextjsCookieStorage,\n} from \"@/nextjs/cookies.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { resolveOAuthAccessCode } from \"@/server/login.js\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport {\n  TOKEN_EXCHANGE_SUCCESS_TEXT,\n  TOKEN_EXCHANGE_TRIGGER_TEXT,\n} from \"@/constants.js\";\nimport { serverTokenExchangeFromState } from \"@/lib/oauth.js\";\nimport { CodeVerifier } from \"@/shared/lib/types.js\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nclass AuthError extends Error {\n  constructor(\n    message: string,\n    public readonly status: number = 401,\n  ) {\n    super(message);\n    this.name = \"AuthError\";\n  }\n}\n\n/**\n * create a code verifier and challenge for PKCE\n * saving the verifier in a cookie for later use\n * @returns {Promise<NextResponse>}\n */\nasync function handleChallenge(\n  request: NextRequest,\n  config: AuthConfig,\n): Promise<NextResponse> {\n  const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n  const pkceProducer = new GenericPublicClientPKCEProducer(cookieStorage);\n\n  const challenge = await pkceProducer.getCodeChallenge();\n  const appUrl = request.nextUrl.searchParams.get(\"appUrl\");\n  if (appUrl) {\n    cookieStorage.set(CodeVerifier.APP_URL, appUrl);\n  }\n  return NextResponse.json({ status: \"success\", challenge });\n}\n\nasync function performTokenExchangeAndSetCookies(\n  request: NextRequest,\n  config: AuthConfig,\n  code: string,\n  state: string,\n  appUrl: string,\n) {\n  const resolvedConfigs = resolveAuthConfig(config);\n  const cookieStorage = new NextjsCookieStorage(resolvedConfigs.cookies.tokens);\n\n  const callbackUrl = resolveCallbackUrl(resolvedConfigs, appUrl);\n  try {\n    await resolveOAuthAccessCode(code, state, cookieStorage, {\n      ...resolvedConfigs,\n      redirectUrl: callbackUrl,\n    });\n  } catch (error) {\n    logger.error(\"Token exchange failed:\", error);\n    throw new AuthError(\"Failed to authenticate user\", 401);\n  }\n\n  const user = await getUser(cookieStorage);\n  if (!user) {\n    throw new AuthError(\"Failed to get user info\", 401);\n  }\n\n  const clientStorage = new NextjsClientStorage();\n  const userSession = new GenericUserSession(clientStorage);\n  userSession.set(user);\n}\nasync function handleCallback(\n  request: NextRequest,\n  config: AuthConfig,\n): Promise<NextResponse> {\n  const resolvedConfigs = resolveAuthConfig(config);\n  console.log(\"handleCallback\", { request, resolvedConfigs });\n  const code = request.nextUrl.searchParams.get(\"code\");\n  const state = request.nextUrl.searchParams.get(\"state\") || \"\";\n  if (!code || !state) throw new AuthError(\"Bad parameters\", 400);\n\n  // appUrl is passed from the client to the server in the query string\n  // this is necessary because the server does not have access to the client's window.location.origin\n  // and can not accurately determine the appUrl (specially if the app is behind a reverse proxy)\n  const appUrl =\n    request.cookies.get(CodeVerifier.APP_URL)?.value ||\n    request.nextUrl.searchParams.get(\"appUrl\");\n\n  // If we have a code_verifier cookie and the appUrl, we can do a token exchange.\n  // Otherwise, just render an empty page.\n  // The initial redirect back from the auth server does not send cookies, because the redirect is from a 3rd-party domain.\n  // The client will make an additional call to this route with cookies included, at which point we do the token exchange.\n  console.log(\"handleCallback\", {\n    code,\n    state,\n    appUrl,\n  });\n\n  const codeVerifier = request.cookies.get(CodeVerifier.COOKIE_NAME);\n\n  if (!codeVerifier || !appUrl) {\n    console.log(\"handleCallback no code_verifier found\", {\n      state,\n      serverTokenExchange: serverTokenExchangeFromState(`${state}`),\n    });\n    let response = new NextResponse(\n      `<html><body><span style=\"display:none\">${TOKEN_EXCHANGE_TRIGGER_TEXT}</span></body></html>`,\n    );\n\n    // in server-side token exchange mode we need to launch a page that will trigger the token exchange\n    // from the same domain, allowing it access to the code_verifier cookie\n    // we only need to do this in redirect mode, as the iframe already triggers a client-side token exchange\n    // if no code-verifier cookie is found\n    if (state && serverTokenExchangeFromState(state)) {\n      console.log(\n        \"handleCallback serverTokenExchangeFromState, launching redirect page...\",\n        {\n          requestUrl: request.url,\n          configCallbackUrl: resolvedConfigs.callbackUrl,\n        },\n      );\n      // we need to replace the URL with resolved config in case the server is hosted\n      // behind a reverse proxy or load balancer\n      const requestUrl = new URL(request.url);\n      const fetchUrl = `${resolvedConfigs.callbackUrl}?${requestUrl.searchParams.toString()}&sameDomainServerTokenExchange=true`;\n      response = new NextResponse(\n        `<html>\n            <body>\n                <span style=\"display:none\">\n                    <script>\n                        window.onload = function () {\n                            const appUrl = globalThis.window?.location?.origin;\n                            fetch('${fetchUrl}&appUrl=' + appUrl).then((response) => {\n                                response.json().then((jsonResponse) => {\n                                    if (jsonResponse.redirectUrl) {\n                                        window.location.href = jsonResponse.redirectUrl;\n                                    }\n                                });\n                            });\n                        };\n                    </script>\n                </span>\n            </body>\n        </html>\n        `,\n      );\n    }\n    response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n    console.log(\n      `handleCallback no code_verifier found, returning ${TOKEN_EXCHANGE_TRIGGER_TEXT}`,\n    );\n    return response;\n  }\n\n  await performTokenExchangeAndSetCookies(\n    request,\n    resolvedConfigs,\n    code,\n    state,\n    appUrl,\n  );\n\n  if (request.url.includes(\"sameDomainServerTokenExchange=true\")) {\n    console.log(\n      \"handleCallback sameDomainServerTokenExchange = true, returnining redirectUrl\",\n      appUrl,\n    );\n    return NextResponse.json({\n      status: \"success\",\n      redirectUrl: appUrl,\n    });\n  }\n\n  // this is the case where a 'normal' redirect is happening\n  if (serverTokenExchangeFromState(state)) {\n    console.log(\n      \"handleCallback serverTokenExchangeFromState, redirect to appUrl\",\n      appUrl,\n    );\n    if (!appUrl) {\n      throw new Error(\"appUrl undefined. Cannot redirect.\");\n    }\n    return NextResponse.redirect(`${appUrl}`);\n  }\n  // return an empty HTML response so the iframe doesn't show any response\n  // in the short moment between the redirect and the parent window\n  // acknowledging the redirect and closing the iframe\n  const response = new NextResponse(\n    `<html><span style=\"display:none\">${TOKEN_EXCHANGE_SUCCESS_TEXT}</span></html>`,\n  );\n  response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n  return response;\n}\n\n/**\n * If redirectPath is an absolute path, return it as-is.\n * Otherwise for relative paths, append it to the current domain.\n * @param redirectPath\n * @returns\n */\nconst getAbsoluteRedirectPath = (\n  redirectPath: string,\n  currentBasePath: string,\n) => new URL(redirectPath, currentBasePath).href;\n\nexport async function handleLogout(\n  request: NextRequest,\n  config: AuthConfig,\n): Promise<NextResponse> {\n  const resolvedConfigs = resolveAuthConfig(config);\n  const defaultRedirectPath = resolvedConfigs.loginUrl ?? \"/\";\n  const redirectTarget =\n    new URL(request.url).searchParams.get(\"redirect\") || defaultRedirectPath;\n\n  const isAbsoluteRedirect = /^(https?:\\/\\/|www\\.).+/i.test(redirectTarget);\n\n  const appUrl = request.nextUrl.searchParams.get(\"appUrl\");\n\n  const finalRedirectUrl = isAbsoluteRedirect\n    ? redirectTarget\n    : getAbsoluteRedirectPath(\n        redirectTarget,\n        new URL(appUrl ?? request.url).origin,\n      );\n\n  const response = NextResponse.redirect(finalRedirectUrl);\n\n  await clearAuthCookies(config);\n\n  try {\n    revalidatePath(isAbsoluteRedirect ? finalRedirectUrl : redirectTarget);\n  } catch (error) {\n    logger.warn(\"Failed to revalidate path after logout:\", error);\n  }\n\n  return response;\n}\n\n/**\n * Creates an authentication handler for Next.js API routes\n *\n * Usage:\n * ```ts\n * // app/api/auth/[...civicauth]/route.ts\n * import { handler } from '@civic/auth/nextjs'\n * export const GET = handler({\n *   // optional config overrides\n * })\n * ```\n */\nexport const handler =\n  (authConfig = {}) =>\n  async (request: NextRequest): Promise<NextResponse> => {\n    const config = resolveAuthConfig(authConfig);\n\n    try {\n      const pathname = request.nextUrl.pathname;\n      const pathSegments = pathname.split(\"/\");\n      const lastSegment = pathSegments[pathSegments.length - 1];\n\n      switch (lastSegment) {\n        case \"challenge\":\n          return await handleChallenge(request, config);\n        case \"callback\":\n          return await handleCallback(request, config);\n        case \"logout\":\n          return await handleLogout(request, config);\n        default:\n          throw new AuthError(`Invalid auth route: ${pathname}`, 404);\n      }\n    } catch (error) {\n      logger.error(\"Auth handler error:\", error);\n\n      const status = error instanceof AuthError ? error.status : 500;\n      const message =\n        error instanceof Error ? error.message : \"Authentication failed\";\n\n      const response = NextResponse.json({ error: message }, { status });\n\n      clearAuthCookies(config);\n      return response;\n    }\n  };\n"]}
+{"version":3,"file":"routeHandler.js","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":";;;AA2NA,oCA+BC;AAzPD,8CAA8C;AAC9C,4CAA+C;AAE/C,kDAAuD;AACvD,+CAA0C;AAC1C,oDAI6B;AAC7B,gDAAqE;AACrE,gDAA2D;AAC3D,oDAA8C;AAC9C,gDAAuD;AACvD,gEAAiE;AACjE,iDAGwB;AACxB,6CAA8D;AAC9D,oDAAqD;AAErD,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAE5C,MAAM,SAAU,SAAQ,KAAK;IAGT;IAFlB,YACE,OAAe,EACC,SAAiB,GAAG;QAEpC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,WAAM,GAAN,MAAM,CAAc;QAGpC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAC1B,CAAC;CACF;AAED;;;;GAIG;AACH,KAAK,UAAU,eAAe,CAC5B,OAAoB,EACpB,MAAkB;IAElB,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,MAAM,YAAY,GAAG,IAAI,yCAA+B,CAAC,aAAa,CAAC,CAAC;IAExE,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,gBAAgB,EAAE,CAAC;IACxD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,aAAa,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,KAAK,UAAU,iCAAiC,CAC9C,OAAoB,EACpB,MAAkB,EAClB,IAAY,EACZ,KAAa,EACb,MAAc;IAEd,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAE9E,MAAM,WAAW,GAAG,IAAA,6BAAkB,EAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAChE,IAAI,CAAC;QACH,MAAM,IAAA,iCAAsB,EAAC,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE;YACvD,GAAG,eAAe;YAClB,WAAW,EAAE,WAAW;SACzB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,IAAI,SAAS,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,IAAA,oBAAO,GAAE,CAAC;IAC7B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,SAAS,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,gCAAmB,EAAE,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,aAAa,CAAC,CAAC;IAC1D,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC;AACD,KAAK,UAAU,cAAc,CAC3B,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;IAC5D,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;IAC9D,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;IAEhE,qEAAqE;IACrE,mGAAmG;IACnG,+FAA+F;IAC/F,MAAM,MAAM,GACV,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE,KAAK;QAChD,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAE7C,gFAAgF;IAChF,wCAAwC;IACxC,yHAAyH;IACzH,wHAAwH;IACxH,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE;QAC5B,IAAI;QACJ,KAAK;QACL,MAAM;KACP,CAAC,CAAC;IAEH,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,WAAW,CAAC,CAAC;IAEnE,IAAI,CAAC,YAAY,IAAI,CAAC,MAAM,EAAE,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,uCAAuC,EAAE;YACnD,KAAK;YACL,mBAAmB,EAAE,IAAA,uCAA4B,EAAC,GAAG,KAAK,EAAE,CAAC;SAC9D,CAAC,CAAC;QACH,IAAI,QAAQ,GAAG,IAAI,wBAAY,CAC7B,0CAA0C,0CAA2B,uBAAuB,CAC7F,CAAC;QAEF,mGAAmG;QACnG,uEAAuE;QACvE,wGAAwG;QACxG,sCAAsC;QACtC,IAAI,KAAK,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;YACjD,OAAO,CAAC,GAAG,CACT,yEAAyE,EACzE;gBACE,UAAU,EAAE,OAAO,CAAC,GAAG;gBACvB,iBAAiB,EAAE,eAAe,CAAC,WAAW;aAC/C,CACF,CAAC;YACF,+EAA+E;YAC/E,0CAA0C;YAC1C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxC,MAAM,QAAQ,GAAG,GAAG,eAAe,CAAC,WAAW,IAAI,UAAU,CAAC,YAAY,CAAC,QAAQ,EAAE,qCAAqC,CAAC;YAC3H,QAAQ,GAAG,IAAI,wBAAY,CACzB;;;;;;qCAM6B,QAAQ;;;;;;;;;;;;SAYpC,CACF,CAAC;QACJ,CAAC;QACD,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CACT,oDAAoD,0CAA2B,EAAE,CAClF,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,iCAAiC,CACrC,OAAO,EACP,eAAe,EACf,IAAI,EACJ,KAAK,EACL,MAAM,CACP,CAAC;IAEF,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,oCAAoC,CAAC,EAAE,CAAC;QAC/D,OAAO,CAAC,GAAG,CACT,8EAA8E,EAC9E,MAAM,CACP,CAAC;QACF,OAAO,wBAAY,CAAC,IAAI,CAAC;YACvB,MAAM,EAAE,SAAS;YACjB,WAAW,EAAE,MAAM;SACpB,CAAC,CAAC;IACL,CAAC;IAED,0DAA0D;IAC1D,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,CAAC,GAAG,CACT,iEAAiE,EACjE,MAAM,CACP,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,wBAAY,CAAC,QAAQ,CAAC,GAAG,MAAM,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,wEAAwE;IACxE,iEAAiE;IACjE,oDAAoD;IACpD,MAAM,QAAQ,GAAG,IAAI,wBAAY,CAC/B,oCAAoC,0CAA2B,gBAAgB,CAChF,CAAC;IACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;GAKG;AACH,MAAM,uBAAuB,GAAG,CAC9B,YAAoB,EACpB,eAAuB,EACvB,EAAE,CAAC,IAAI,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC,IAAI,CAAC;AAE1C,KAAK,UAAU,YAAY,CAChC,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,mBAAmB,GAAG,eAAe,CAAC,QAAQ,IAAI,GAAG,CAAC;IAC5D,MAAM,cAAc,GAClB,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,mBAAmB,CAAC;IAE3E,MAAM,kBAAkB,GAAG,yBAAyB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE1E,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAE1D,MAAM,gBAAgB,GAAG,kBAAkB;QACzC,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,uBAAuB,CACrB,cAAc,EACd,IAAI,GAAG,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,CACtC,CAAC;IAEN,MAAM,QAAQ,GAAG,wBAAY,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;IAEzD,MAAM,IAAA,6BAAgB,EAAC,MAAM,CAAC,CAAC;IAE/B,IAAI,CAAC;QACH,IAAA,yBAAc,EAAC,kBAAkB,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;IACzE,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;IAChE,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;;;GAWG;AACI,MAAM,OAAO,GAClB,CAAC,UAAU,GAAG,EAAE,EAAE,EAAE,CACpB,KAAK,EAAE,OAAoB,EAAyB,EAAE;IACpD,MAAM,MAAM,GAAG,IAAA,6BAAiB,EAAC,UAAU,CAAC,CAAC;IAE7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;QAC1C,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzC,MAAM,WAAW,GAAG,YAAY,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAE1D,QAAQ,WAAW,EAAE,CAAC;YACpB,KAAK,WAAW;gBACd,OAAO,MAAM,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAChD,KAAK,UAAU;gBACb,OAAO,MAAM,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC/C,KAAK,QAAQ;gBACX,OAAO,MAAM,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC7C;gBACE,MAAM,IAAI,SAAS,CAAC,uBAAuB,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,KAAK,CAAC,CAAC;QAE3C,MAAM,MAAM,GAAG,KAAK,YAAY,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC;QAC/D,MAAM,OAAO,GACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAEnE,MAAM,QAAQ,GAAG,wBAAY,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAEnE,IAAA,6BAAgB,EAAC,MAAM,CAAC,CAAC;QACzB,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC,CAAC;AAhCS,QAAA,OAAO,WAgChB","sourcesContent":["import type { NextRequest } from \"next/server.js\";\nimport { NextResponse } from \"next/server.js\";\nimport { revalidatePath } from \"next/cache.js\";\nimport type { AuthConfig } from \"@/nextjs/config.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport {\n  clearAuthCookies,\n  NextjsClientStorage,\n  NextjsCookieStorage,\n} from \"@/nextjs/cookies.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { resolveOAuthAccessCode } from \"@/server/login.js\";\nimport { getUser } from \"@/nextjs/GetUser.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport {\n  TOKEN_EXCHANGE_SUCCESS_TEXT,\n  TOKEN_EXCHANGE_TRIGGER_TEXT,\n} from \"@/constants.js\";\nimport { serverTokenExchangeFromState } from \"@/lib/oauth.js\";\nimport { CodeVerifier } from \"@/shared/lib/types.js\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nclass AuthError extends Error {\n  constructor(\n    message: string,\n    public readonly status: number = 401,\n  ) {\n    super(message);\n    this.name = \"AuthError\";\n  }\n}\n\n/**\n * create a code verifier and challenge for PKCE\n * saving the verifier in a cookie for later use\n * @returns {Promise<NextResponse>}\n */\nasync function handleChallenge(\n  request: NextRequest,\n  config: AuthConfig,\n): Promise<NextResponse> {\n  const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n  const pkceProducer = new GenericPublicClientPKCEProducer(cookieStorage);\n\n  const challenge = await pkceProducer.getCodeChallenge();\n  const appUrl = request.nextUrl.searchParams.get(\"appUrl\");\n  if (appUrl) {\n    cookieStorage.set(CodeVerifier.APP_URL, appUrl);\n  }\n  return NextResponse.json({ status: \"success\", challenge });\n}\n\nasync function performTokenExchangeAndSetCookies(\n  request: NextRequest,\n  config: AuthConfig,\n  code: string,\n  state: string,\n  appUrl: string,\n) {\n  const resolvedConfigs = resolveAuthConfig(config);\n  const cookieStorage = new NextjsCookieStorage(resolvedConfigs.cookies.tokens);\n\n  const callbackUrl = resolveCallbackUrl(resolvedConfigs, appUrl);\n  try {\n    await resolveOAuthAccessCode(code, state, cookieStorage, {\n      ...resolvedConfigs,\n      redirectUrl: callbackUrl,\n    });\n  } catch (error) {\n    logger.error(\"Token exchange failed:\", error);\n    throw new AuthError(\"Failed to authenticate user\", 401);\n  }\n\n  const user = await getUser();\n  if (!user) {\n    throw new AuthError(\"Failed to get user info\", 401);\n  }\n\n  const clientStorage = new NextjsClientStorage();\n  const userSession = new GenericUserSession(clientStorage);\n  userSession.set(user);\n}\nasync function handleCallback(\n  request: NextRequest,\n  config: AuthConfig,\n): Promise<NextResponse> {\n  const resolvedConfigs = resolveAuthConfig(config);\n  console.log(\"handleCallback\", { request, resolvedConfigs });\n  const code = request.nextUrl.searchParams.get(\"code\");\n  const state = request.nextUrl.searchParams.get(\"state\") || \"\";\n  if (!code || !state) throw new AuthError(\"Bad parameters\", 400);\n\n  // appUrl is passed from the client to the server in the query string\n  // this is necessary because the server does not have access to the client's window.location.origin\n  // and can not accurately determine the appUrl (specially if the app is behind a reverse proxy)\n  const appUrl =\n    request.cookies.get(CodeVerifier.APP_URL)?.value ||\n    request.nextUrl.searchParams.get(\"appUrl\");\n\n  // If we have a code_verifier cookie and the appUrl, we can do a token exchange.\n  // Otherwise, just render an empty page.\n  // The initial redirect back from the auth server does not send cookies, because the redirect is from a 3rd-party domain.\n  // The client will make an additional call to this route with cookies included, at which point we do the token exchange.\n  console.log(\"handleCallback\", {\n    code,\n    state,\n    appUrl,\n  });\n\n  const codeVerifier = request.cookies.get(CodeVerifier.COOKIE_NAME);\n\n  if (!codeVerifier || !appUrl) {\n    console.log(\"handleCallback no code_verifier found\", {\n      state,\n      serverTokenExchange: serverTokenExchangeFromState(`${state}`),\n    });\n    let response = new NextResponse(\n      `<html><body><span style=\"display:none\">${TOKEN_EXCHANGE_TRIGGER_TEXT}</span></body></html>`,\n    );\n\n    // in server-side token exchange mode we need to launch a page that will trigger the token exchange\n    // from the same domain, allowing it access to the code_verifier cookie\n    // we only need to do this in redirect mode, as the iframe already triggers a client-side token exchange\n    // if no code-verifier cookie is found\n    if (state && serverTokenExchangeFromState(state)) {\n      console.log(\n        \"handleCallback serverTokenExchangeFromState, launching redirect page...\",\n        {\n          requestUrl: request.url,\n          configCallbackUrl: resolvedConfigs.callbackUrl,\n        },\n      );\n      // we need to replace the URL with resolved config in case the server is hosted\n      // behind a reverse proxy or load balancer\n      const requestUrl = new URL(request.url);\n      const fetchUrl = `${resolvedConfigs.callbackUrl}?${requestUrl.searchParams.toString()}&sameDomainServerTokenExchange=true`;\n      response = new NextResponse(\n        `<html>\n            <body>\n                <span style=\"display:none\">\n                    <script>\n                        window.onload = function () {\n                            const appUrl = globalThis.window?.location?.origin;\n                            fetch('${fetchUrl}&appUrl=' + appUrl).then((response) => {\n                                response.json().then((jsonResponse) => {\n                                    if (jsonResponse.redirectUrl) {\n                                        window.location.href = jsonResponse.redirectUrl;\n                                    }\n                                });\n                            });\n                        };\n                    </script>\n                </span>\n            </body>\n        </html>\n        `,\n      );\n    }\n    response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n    console.log(\n      `handleCallback no code_verifier found, returning ${TOKEN_EXCHANGE_TRIGGER_TEXT}`,\n    );\n    return response;\n  }\n\n  await performTokenExchangeAndSetCookies(\n    request,\n    resolvedConfigs,\n    code,\n    state,\n    appUrl,\n  );\n\n  if (request.url.includes(\"sameDomainServerTokenExchange=true\")) {\n    console.log(\n      \"handleCallback sameDomainServerTokenExchange = true, returnining redirectUrl\",\n      appUrl,\n    );\n    return NextResponse.json({\n      status: \"success\",\n      redirectUrl: appUrl,\n    });\n  }\n\n  // this is the case where a 'normal' redirect is happening\n  if (serverTokenExchangeFromState(state)) {\n    console.log(\n      \"handleCallback serverTokenExchangeFromState, redirect to appUrl\",\n      appUrl,\n    );\n    if (!appUrl) {\n      throw new Error(\"appUrl undefined. Cannot redirect.\");\n    }\n    return NextResponse.redirect(`${appUrl}`);\n  }\n  // return an empty HTML response so the iframe doesn't show any response\n  // in the short moment between the redirect and the parent window\n  // acknowledging the redirect and closing the iframe\n  const response = new NextResponse(\n    `<html><span style=\"display:none\">${TOKEN_EXCHANGE_SUCCESS_TEXT}</span></html>`,\n  );\n  response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n  return response;\n}\n\n/**\n * If redirectPath is an absolute path, return it as-is.\n * Otherwise for relative paths, append it to the current domain.\n * @param redirectPath\n * @returns\n */\nconst getAbsoluteRedirectPath = (\n  redirectPath: string,\n  currentBasePath: string,\n) => new URL(redirectPath, currentBasePath).href;\n\nexport async function handleLogout(\n  request: NextRequest,\n  config: AuthConfig,\n): Promise<NextResponse> {\n  const resolvedConfigs = resolveAuthConfig(config);\n  const defaultRedirectPath = resolvedConfigs.loginUrl ?? \"/\";\n  const redirectTarget =\n    new URL(request.url).searchParams.get(\"redirect\") || defaultRedirectPath;\n\n  const isAbsoluteRedirect = /^(https?:\\/\\/|www\\.).+/i.test(redirectTarget);\n\n  const appUrl = request.nextUrl.searchParams.get(\"appUrl\");\n\n  const finalRedirectUrl = isAbsoluteRedirect\n    ? redirectTarget\n    : getAbsoluteRedirectPath(\n        redirectTarget,\n        new URL(appUrl ?? request.url).origin,\n      );\n\n  const response = NextResponse.redirect(finalRedirectUrl);\n\n  await clearAuthCookies(config);\n\n  try {\n    revalidatePath(isAbsoluteRedirect ? finalRedirectUrl : redirectTarget);\n  } catch (error) {\n    logger.warn(\"Failed to revalidate path after logout:\", error);\n  }\n\n  return response;\n}\n\n/**\n * Creates an authentication handler for Next.js API routes\n *\n * Usage:\n * ```ts\n * // app/api/auth/[...civicauth]/route.ts\n * import { handler } from '@civic/auth/nextjs'\n * export const GET = handler({\n *   // optional config overrides\n * })\n * ```\n */\nexport const handler =\n  (authConfig = {}) =>\n  async (request: NextRequest): Promise<NextResponse> => {\n    const config = resolveAuthConfig(authConfig);\n\n    try {\n      const pathname = request.nextUrl.pathname;\n      const pathSegments = pathname.split(\"/\");\n      const lastSegment = pathSegments[pathSegments.length - 1];\n\n      switch (lastSegment) {\n        case \"challenge\":\n          return await handleChallenge(request, config);\n        case \"callback\":\n          return await handleCallback(request, config);\n        case \"logout\":\n          return await handleLogout(request, config);\n        default:\n          throw new AuthError(`Invalid auth route: ${pathname}`, 404);\n      }\n    } catch (error) {\n      logger.error(\"Auth handler error:\", error);\n\n      const status = error instanceof AuthError ? error.status : 500;\n      const message =\n        error instanceof Error ? error.message : \"Authentication failed\";\n\n      const response = NextResponse.json({ error: message }, { status });\n\n      clearAuthCookies(config);\n      return response;\n    }\n  };\n"]}

package/dist/cjs/reactjs/components/UserButton.js

@@ -16,13 +16,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.UserButton = void 0;
 const index_js_1 = require("../../reactjs/hooks/index.js");
@@ -52,7 +62,7 @@ const UserButton = ({ displayMode, className, }) => {
         }
     }, []);
     const handleSignOut = (0, react_1.useCallback)(async () => {
-        signOut();
+        await signOut();
         setIsOpen(false);
     }, [signOut]);
     const handleSignIn = (0, react_1.useCallback)(async () => {
@@ -102,9 +112,9 @@ const UserButton = ({ displayMode, className, }) => {
                         overflow: "hidden",
                         borderRadius: "9999px",
                     } },
-                    react_1.default.createElement("img", { style: { height: "100%", width: "100%", objectFit: "cover" }, src: user.picture, alt: user?.name || user?.email }))) : (react_1.default.createElement("div", null)),
+                    react_1.default.createElement("img", { style: { height: "100%", width: "100%", objectFit: "cover" }, src: user.picture, alt: user?.name || user?.email }))) : (react_1.default.createElement("span", { style: { display: "block" } })),
                 react_1.default.createElement("span", null, user?.name || user?.email),
-                react_1.default.createElement("div", { style: { pointerEvents: "none" } }, isOpen ? react_1.default.createElement(ChevronUp, null) : react_1.default.createElement(ChevronDown, null))),
+                react_1.default.createElement("span", { style: { display: "block", pointerEvents: "none" } }, isOpen ? react_1.default.createElement(ChevronUp, null) : react_1.default.createElement(ChevronDown, null))),
             react_1.default.createElement("div", { ref: dropdownRef, style: isOpen
                     ? {
                         position: "absolute",

package/dist/cjs/reactjs/components/UserButton.js.map

@@ -1 +1 @@
-{"version":3,"file":"UserButton.js","sourceRoot":"","sources":["../../../../src/reactjs/components/UserButton.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;AACb,uDAAmD;AAEnD,+CAAwE;AAExE,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,CACxB,uCACE,KAAK,EAAC,4BAA4B,EAClC,KAAK,EAAC,IAAI,EACV,MAAM,EAAC,IAAI,EACX,OAAO,EAAC,WAAW,EACnB,IAAI,EAAC,MAAM,EACX,MAAM,EAAC,cAAc,EACrB,WAAW,EAAC,GAAG,EACf,aAAa,EAAC,OAAO,EACrB,cAAc,EAAC,OAAO,EACtB,SAAS,EAAC,4BAA4B;IAEtC,wCAAM,CAAC,EAAC,cAAc,GAAG,CACrB,CACP,CAAC;AAEF,MAAM,SAAS,GAAG,GAAG,EAAE,CAAC,CACtB,uCACE,KAAK,EAAC,4BAA4B,EAClC,KAAK,EAAC,IAAI,EACV,MAAM,EAAC,IAAI,EACX,OAAO,EAAC,WAAW,EACnB,IAAI,EAAC,MAAM,EACX,MAAM,EAAC,cAAc,EACrB,WAAW,EAAC,GAAG,EACf,aAAa,EAAC,OAAO,EACrB,cAAc,EAAC,OAAO,EACtB,SAAS,EAAC,0BAA0B;IAEpC,wCAAM,CAAC,EAAC,gBAAgB,GAAG,CACvB,CACP,CAAC;AAEF,MAAM,UAAU,GAAG,CAAC,EAClB,WAAW,EACX,SAAS,GAIV,EAAE,EAAE;IACH,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IACpE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,kBAAO,GAAE,CAAC;IAC5C,MAAM,SAAS,GAAG,IAAA,cAAM,EAAoB,IAAI,CAAC,CAAC;IAClD,MAAM,WAAW,GAAG,IAAA,cAAM,EAAiB,IAAI,CAAC,CAAC;IAEjD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;YACtB,cAAc,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,MAAM,kBAAkB,GAAG,IAAA,mBAAW,EAAC,CAAC,KAAiB,EAAE,EAAE;QAC3D,MAAM,MAAM,GAAG,KAAK,CAAC,MAAqB,CAAC;QAE3C,IACE,SAAS,CAAC,OAAO;YACjB,WAAW,CAAC,OAAO;YACnB,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;YACnC,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EACrC,CAAC;YACD,SAAS,CAAC,KAAK,CAAC,CAAC;QACnB,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,aAAa,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QAC3C,OAAO,EAAE,CAAC;QAEV,SAAS,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAEd,MAAM,YAAY,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QAC1C,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;QAE1B,SAAS,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC,EAAE,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1B,MAAM,YAAY,GAAG,IAAA,mBAAW,EAAC,CAAC,KAAoB,EAAE,EAAE;QACxD,IAAI,KAAK,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC3B,SAAS,CAAC,KAAK,CAAC,CAAC;QACnB,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;YAErD,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;QACnD,CAAC;QAED,OAAO,GAAG,EAAE;YACV,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;YAExD,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;QACtD,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,kBAAkB,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC;IAE/C,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CACL,uCACE,KAAK,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,EAC9C,EAAE,EAAC,0BAA0B;YAE7B,0CACE,GAAG,EAAE,SAAS,EACd,KAAK,EAAE;oBACL,MAAM,EAAE,SAAS;oBACjB,OAAO,EAAE,MAAM;oBACf,QAAQ,EAAE,OAAO;oBACjB,UAAU,EAAE,QAAQ;oBACpB,cAAc,EAAE,eAAe;oBAC/B,GAAG,EAAE,QAAQ;oBACb,YAAY,EAAE,QAAQ;oBACtB,MAAM,EAAE,mBAAmB;oBAC3B,OAAO,EAAE,cAAc;oBACvB,KAAK,EAAE,SAAS;oBAChB,UAAU,EAAE,MAAM;oBAClB,UAAU,EAAE,uBAAuB;iBACpC,EACD,SAAS,EAAE,SAAS,EACpB,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,EAErD,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,aAAa,CAAC,EAEzD,OAAO,EAAE,GAAG,EAAE;oBACZ,SAAS,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;gBACjC,CAAC;gBAEA,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CACf,wCACE,KAAK,EAAE;wBACL,QAAQ,EAAE,UAAU;wBACpB,OAAO,EAAE,MAAM;wBACf,MAAM,EAAE,QAAQ;wBAChB,KAAK,EAAE,QAAQ;wBACf,UAAU,EAAE,CAAC;wBACb,GAAG,EAAE,QAAQ;wBACb,QAAQ,EAAE,QAAQ;wBAClB,YAAY,EAAE,QAAQ;qBACvB;oBAED,uCACE,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,EAC5D,GAAG,EAAE,IAAI,CAAC,OAAO,EACjB,GAAG,EAAE,IAAI,EAAE,IAAI,IAAI,IAAI,EAAE,KAAK,GAC9B,CACG,CACR,CAAC,CAAC,CAAC,CACF,0CAAO,CACR;gBAED,4CAAO,IAAI,EAAE,IAAI,IAAI,IAAI,EAAE,KAAK,CAAQ;gBAExC,uCAAK,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,IAClC,MAAM,CAAC,CAAC,CAAC,8BAAC,SAAS,OAAG,CAAC,CAAC,CAAC,8BAAC,WAAW,OAAG,CACrC,CACC;YACT,uCACE,GAAG,EAAE,WAAW,EAChB,KAAK,EACH,MAAM;oBACJ,CAAC,CAAC;wBACE,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,CAAC;wBACP,KAAK,EAAE,WAAW,IAAI,MAAM;wBAC5B,SAAS,EAAE,QAAQ;wBACnB,YAAY,EAAE,QAAQ;wBACtB,eAAe,EAAE,OAAO;wBACxB,OAAO,EAAE,UAAU;wBACnB,KAAK,EAAE,SAAS;wBAChB,SAAS,EACP,yEAAyE;qBAC5E;oBACH,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE;gBAGzB,sCAAI,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE;oBACzD;wBACE,0CACE,KAAK,EAAE;gCACL,OAAO,EAAE,OAAO;gCAChB,KAAK,EAAE,MAAM;gCACb,OAAO,EAAE,aAAa;gCACtB,UAAU,EAAE,uBAAuB;gCACnC,UAAU,EAAE,MAAM;gCAClB,MAAM,EAAE,MAAM;gCACd,SAAS,EAAE,QAAQ;gCACnB,MAAM,EAAE,SAAS;6BAClB,EACD,OAAO,EAAE,aAAa,EACtB,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,EAErD,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,aAAa,CAAC,aAIlD,CACN,CACF,CACD,CACF,CACP,CAAC;IACJ,CAAC;IAED,OAAO,CACL,0CACE,GAAG,EAAE,SAAS,iBACF,gBAAgB,EAC5B,KAAK,EAAE;YACL,MAAM,EAAE,SAAS;YACjB,YAAY,EAAE,QAAQ;YACtB,MAAM,EAAE,mBAAmB;YAC3B,OAAO,EAAE,cAAc;YACvB,UAAU,EAAE,MAAM;YAClB,UAAU,EAAE,uBAAuB;SACpC,EACD,SAAS,EAAE,SAAS,EACpB,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,EACxE,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,aAAa,CAAC,EAEzD,OAAO,EAAE,YAAY,cAGd,CACV,CAAC;AACJ,CAAC,CAAC;AAEO,gCAAU","sourcesContent":["\"use client\";\nimport { useUser } from \"@/reactjs/hooks/index.js\";\nimport type { DisplayMode } from \"@/types.js\";\nimport React, { useCallback, useEffect, useRef, useState } from \"react\";\n\nconst ChevronDown = () => (\n  <svg\n    xmlns=\"http://www.w3.org/2000/svg\"\n    width=\"24\"\n    height=\"24\"\n    viewBox=\"0 0 24 24\"\n    fill=\"none\"\n    stroke=\"currentColor\"\n    strokeWidth=\"2\"\n    strokeLinecap=\"round\"\n    strokeLinejoin=\"round\"\n    className=\"lucide lucide-chevron-down\"\n  >\n    <path d=\"m6 9 6 6 6-6\" />\n  </svg>\n);\n\nconst ChevronUp = () => (\n  <svg\n    xmlns=\"http://www.w3.org/2000/svg\"\n    width=\"24\"\n    height=\"24\"\n    viewBox=\"0 0 24 24\"\n    fill=\"none\"\n    stroke=\"currentColor\"\n    strokeWidth=\"2\"\n    strokeLinecap=\"round\"\n    strokeLinejoin=\"round\"\n    className=\"lucide lucide-chevron-up\"\n  >\n    <path d=\"m18 15-6-6-6 6\" />\n  </svg>\n);\n\nconst UserButton = ({\n  displayMode,\n  className,\n}: {\n  displayMode?: DisplayMode;\n  className?: string;\n}) => {\n  const [isOpen, setIsOpen] = useState(false);\n  const [buttonWidth, setButtonWidth] = useState<number | null>(null);\n  const { user, signIn, signOut } = useUser();\n  const buttonRef = useRef<HTMLButtonElement>(null);\n  const dropdownRef = useRef<HTMLDivElement>(null);\n\n  useEffect(() => {\n    if (buttonRef.current) {\n      setButtonWidth(buttonRef.current.offsetWidth);\n    }\n  }, [isOpen]);\n\n  const handleClickOutside = useCallback((event: MouseEvent) => {\n    const target = event.target as HTMLElement;\n\n    if (\n      buttonRef.current &&\n      dropdownRef.current &&\n      !buttonRef.current.contains(target) &&\n      !dropdownRef.current.contains(target)\n    ) {\n      setIsOpen(false);\n    }\n  }, []);\n\n  const handleSignOut = useCallback(async () => {\n    signOut();\n\n    setIsOpen(false);\n  }, [signOut]);\n\n  const handleSignIn = useCallback(async () => {\n    await signIn(displayMode);\n\n    setIsOpen(false);\n  }, [signIn, displayMode]);\n\n  const handleEscape = useCallback((event: KeyboardEvent) => {\n    if (event.key === \"Escape\") {\n      setIsOpen(false);\n    }\n  }, []);\n\n  useEffect(() => {\n    if (isOpen) {\n      window.addEventListener(\"click\", handleClickOutside);\n\n      window.addEventListener(\"keydown\", handleEscape);\n    }\n\n    return () => {\n      window.removeEventListener(\"click\", handleClickOutside);\n\n      window.removeEventListener(\"keydown\", handleEscape);\n    };\n  }, [handleClickOutside, handleEscape, isOpen]);\n\n  if (user) {\n    return (\n      <div\n        style={{ position: \"relative\", width: \"auto\" }}\n        id=\"civic-dropdown-container\"\n      >\n        <button\n          ref={buttonRef}\n          style={{\n            cursor: \"pointer\",\n            display: \"flex\",\n            minWidth: \"10rem\",\n            alignItems: \"center\",\n            justifyContent: \"space-between\",\n            gap: \"0.5rem\",\n            borderRadius: \"9999px\",\n            border: \"1px solid #6b7280\",\n            padding: \"0.75rem 1rem\",\n            color: \"#6b7280\",\n            background: \"none\",\n            transition: \"background-color 0.2s\",\n          }}\n          className={className}\n          onMouseEnter={(e) =>\n            (e.currentTarget.style.backgroundColor = \"#f3f4f6\")\n          }\n          onMouseLeave={(e) =>\n            (e.currentTarget.style.backgroundColor = \"transparent\")\n          }\n          onClick={() => {\n            setIsOpen((isOpen) => !isOpen);\n          }}\n        >\n          {user?.picture ? (\n            <span\n              style={{\n                position: \"relative\",\n                display: \"flex\",\n                height: \"1.5rem\",\n                width: \"1.5rem\",\n                flexShrink: 0,\n                gap: \"0.5rem\",\n                overflow: \"hidden\",\n                borderRadius: \"9999px\",\n              }}\n            >\n              <img\n                style={{ height: \"100%\", width: \"100%\", objectFit: \"cover\" }}\n                src={user.picture}\n                alt={user?.name || user?.email}\n              />\n            </span>\n          ) : (\n            <div />\n          )}\n\n          <span>{user?.name || user?.email}</span>\n\n          <div style={{ pointerEvents: \"none\" }}>\n            {isOpen ? <ChevronUp /> : <ChevronDown />}\n          </div>\n        </button>\n        <div\n          ref={dropdownRef}\n          style={\n            isOpen\n              ? {\n                  position: \"absolute\",\n                  left: 0,\n                  width: buttonWidth || \"auto\",\n                  marginTop: \"0.5rem\",\n                  borderRadius: \"0.5rem\",\n                  backgroundColor: \"white\",\n                  padding: \"0.5rem 0\",\n                  color: \"#6b7280\",\n                  boxShadow:\n                    \"0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05)\",\n                }\n              : { display: \"none\" }\n          }\n        >\n          <ul style={{ listStyleType: \"none\", margin: 0, padding: 0 }}>\n            <li>\n              <button\n                style={{\n                  display: \"block\",\n                  width: \"100%\",\n                  padding: \"0.5rem 1rem\",\n                  transition: \"background-color 0.2s\",\n                  background: \"none\",\n                  border: \"none\",\n                  textAlign: \"center\",\n                  cursor: \"pointer\",\n                }}\n                onClick={handleSignOut}\n                onMouseEnter={(e) =>\n                  (e.currentTarget.style.backgroundColor = \"#f3f4f6\")\n                }\n                onMouseLeave={(e) =>\n                  (e.currentTarget.style.backgroundColor = \"transparent\")\n                }\n              >\n                Logout\n              </button>\n            </li>\n          </ul>\n        </div>\n      </div>\n    );\n  }\n\n  return (\n    <button\n      ref={buttonRef}\n      data-testid=\"sign-in-button\"\n      style={{\n        cursor: \"pointer\",\n        borderRadius: \"9999px\",\n        border: \"1px solid #6b7280\",\n        padding: \"0.75rem 1rem\",\n        background: \"none\",\n        transition: \"background-color 0.2s\",\n      }}\n      className={className}\n      onMouseEnter={(e) => (e.currentTarget.style.backgroundColor = \"#f3f4f6\")}\n      onMouseLeave={(e) =>\n        (e.currentTarget.style.backgroundColor = \"transparent\")\n      }\n      onClick={handleSignIn}\n    >\n      Sign in\n    </button>\n  );\n};\n\nexport { UserButton };\n"]}
+{"version":3,"file":"UserButton.js","sourceRoot":"","sources":["../../../../src/reactjs/components/UserButton.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb,uDAAmD;AAEnD,+CAAwE;AAExE,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,CACxB,uCACE,KAAK,EAAC,4BAA4B,EAClC,KAAK,EAAC,IAAI,EACV,MAAM,EAAC,IAAI,EACX,OAAO,EAAC,WAAW,EACnB,IAAI,EAAC,MAAM,EACX,MAAM,EAAC,cAAc,EACrB,WAAW,EAAC,GAAG,EACf,aAAa,EAAC,OAAO,EACrB,cAAc,EAAC,OAAO,EACtB,SAAS,EAAC,4BAA4B;IAEtC,wCAAM,CAAC,EAAC,cAAc,GAAG,CACrB,CACP,CAAC;AAEF,MAAM,SAAS,GAAG,GAAG,EAAE,CAAC,CACtB,uCACE,KAAK,EAAC,4BAA4B,EAClC,KAAK,EAAC,IAAI,EACV,MAAM,EAAC,IAAI,EACX,OAAO,EAAC,WAAW,EACnB,IAAI,EAAC,MAAM,EACX,MAAM,EAAC,cAAc,EACrB,WAAW,EAAC,GAAG,EACf,aAAa,EAAC,OAAO,EACrB,cAAc,EAAC,OAAO,EACtB,SAAS,EAAC,0BAA0B;IAEpC,wCAAM,CAAC,EAAC,gBAAgB,GAAG,CACvB,CACP,CAAC;AAEF,MAAM,UAAU,GAAG,CAAC,EAClB,WAAW,EACX,SAAS,GAIV,EAAE,EAAE;IACH,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IACpE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,kBAAO,GAAE,CAAC;IAC5C,MAAM,SAAS,GAAG,IAAA,cAAM,EAAoB,IAAI,CAAC,CAAC;IAClD,MAAM,WAAW,GAAG,IAAA,cAAM,EAAiB,IAAI,CAAC,CAAC;IAEjD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;YACtB,cAAc,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,MAAM,kBAAkB,GAAG,IAAA,mBAAW,EAAC,CAAC,KAAiB,EAAE,EAAE;QAC3D,MAAM,MAAM,GAAG,KAAK,CAAC,MAAqB,CAAC;QAE3C,IACE,SAAS,CAAC,OAAO;YACjB,WAAW,CAAC,OAAO;YACnB,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;YACnC,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EACrC,CAAC;YACD,SAAS,CAAC,KAAK,CAAC,CAAC;QACnB,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,aAAa,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QAC3C,MAAM,OAAO,EAAE,CAAC;QAEhB,SAAS,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAEd,MAAM,YAAY,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QAC1C,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;QAE1B,SAAS,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC,EAAE,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1B,MAAM,YAAY,GAAG,IAAA,mBAAW,EAAC,CAAC,KAAoB,EAAE,EAAE;QACxD,IAAI,KAAK,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC3B,SAAS,CAAC,KAAK,CAAC,CAAC;QACnB,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;YAErD,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;QACnD,CAAC;QAED,OAAO,GAAG,EAAE;YACV,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;YAExD,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;QACtD,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,kBAAkB,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC;IAE/C,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CACL,uCACE,KAAK,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,EAC9C,EAAE,EAAC,0BAA0B;YAE7B,0CACE,GAAG,EAAE,SAAS,EACd,KAAK,EAAE;oBACL,MAAM,EAAE,SAAS;oBACjB,OAAO,EAAE,MAAM;oBACf,QAAQ,EAAE,OAAO;oBACjB,UAAU,EAAE,QAAQ;oBACpB,cAAc,EAAE,eAAe;oBAC/B,GAAG,EAAE,QAAQ;oBACb,YAAY,EAAE,QAAQ;oBACtB,MAAM,EAAE,mBAAmB;oBAC3B,OAAO,EAAE,cAAc;oBACvB,KAAK,EAAE,SAAS;oBAChB,UAAU,EAAE,MAAM;oBAClB,UAAU,EAAE,uBAAuB;iBACpC,EACD,SAAS,EAAE,SAAS,EACpB,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,EAErD,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,aAAa,CAAC,EAEzD,OAAO,EAAE,GAAG,EAAE;oBACZ,SAAS,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;gBACjC,CAAC;gBAEA,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CACf,wCACE,KAAK,EAAE;wBACL,QAAQ,EAAE,UAAU;wBACpB,OAAO,EAAE,MAAM;wBACf,MAAM,EAAE,QAAQ;wBAChB,KAAK,EAAE,QAAQ;wBACf,UAAU,EAAE,CAAC;wBACb,GAAG,EAAE,QAAQ;wBACb,QAAQ,EAAE,QAAQ;wBAClB,YAAY,EAAE,QAAQ;qBACvB;oBAED,uCACE,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,EAC5D,GAAG,EAAE,IAAI,CAAC,OAAO,EACjB,GAAG,EAAE,IAAI,EAAE,IAAI,IAAI,IAAI,EAAE,KAAK,GAC9B,CACG,CACR,CAAC,CAAC,CAAC,CACF,wCAAM,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,GAAI,CACtC;gBAED,4CAAO,IAAI,EAAE,IAAI,IAAI,IAAI,EAAE,KAAK,CAAQ;gBAExC,wCAAM,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,IACrD,MAAM,CAAC,CAAC,CAAC,8BAAC,SAAS,OAAG,CAAC,CAAC,CAAC,8BAAC,WAAW,OAAG,CACpC,CACA;YACT,uCACE,GAAG,EAAE,WAAW,EAChB,KAAK,EACH,MAAM;oBACJ,CAAC,CAAC;wBACE,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,CAAC;wBACP,KAAK,EAAE,WAAW,IAAI,MAAM;wBAC5B,SAAS,EAAE,QAAQ;wBACnB,YAAY,EAAE,QAAQ;wBACtB,eAAe,EAAE,OAAO;wBACxB,OAAO,EAAE,UAAU;wBACnB,KAAK,EAAE,SAAS;wBAChB,SAAS,EACP,yEAAyE;qBAC5E;oBACH,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE;gBAGzB,sCAAI,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE;oBACzD;wBACE,0CACE,KAAK,EAAE;gCACL,OAAO,EAAE,OAAO;gCAChB,KAAK,EAAE,MAAM;gCACb,OAAO,EAAE,aAAa;gCACtB,UAAU,EAAE,uBAAuB;gCACnC,UAAU,EAAE,MAAM;gCAClB,MAAM,EAAE,MAAM;gCACd,SAAS,EAAE,QAAQ;gCACnB,MAAM,EAAE,SAAS;6BAClB,EACD,OAAO,EAAE,aAAa,EACtB,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,EAErD,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,aAAa,CAAC,aAIlD,CACN,CACF,CACD,CACF,CACP,CAAC;IACJ,CAAC;IAED,OAAO,CACL,0CACE,GAAG,EAAE,SAAS,iBACF,gBAAgB,EAC5B,KAAK,EAAE;YACL,MAAM,EAAE,SAAS;YACjB,YAAY,EAAE,QAAQ;YACtB,MAAM,EAAE,mBAAmB;YAC3B,OAAO,EAAE,cAAc;YACvB,UAAU,EAAE,MAAM;YAClB,UAAU,EAAE,uBAAuB;SACpC,EACD,SAAS,EAAE,SAAS,EACpB,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,EACxE,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAClB,CAAC,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,eAAe,GAAG,aAAa,CAAC,EAEzD,OAAO,EAAE,YAAY,cAGd,CACV,CAAC;AACJ,CAAC,CAAC;AAEO,gCAAU","sourcesContent":["\"use client\";\nimport { useUser } from \"@/reactjs/hooks/index.js\";\nimport type { DisplayMode } from \"@/types.js\";\nimport React, { useCallback, useEffect, useRef, useState } from \"react\";\n\nconst ChevronDown = () => (\n  <svg\n    xmlns=\"http://www.w3.org/2000/svg\"\n    width=\"24\"\n    height=\"24\"\n    viewBox=\"0 0 24 24\"\n    fill=\"none\"\n    stroke=\"currentColor\"\n    strokeWidth=\"2\"\n    strokeLinecap=\"round\"\n    strokeLinejoin=\"round\"\n    className=\"lucide lucide-chevron-down\"\n  >\n    <path d=\"m6 9 6 6 6-6\" />\n  </svg>\n);\n\nconst ChevronUp = () => (\n  <svg\n    xmlns=\"http://www.w3.org/2000/svg\"\n    width=\"24\"\n    height=\"24\"\n    viewBox=\"0 0 24 24\"\n    fill=\"none\"\n    stroke=\"currentColor\"\n    strokeWidth=\"2\"\n    strokeLinecap=\"round\"\n    strokeLinejoin=\"round\"\n    className=\"lucide lucide-chevron-up\"\n  >\n    <path d=\"m18 15-6-6-6 6\" />\n  </svg>\n);\n\nconst UserButton = ({\n  displayMode,\n  className,\n}: {\n  displayMode?: DisplayMode;\n  className?: string;\n}) => {\n  const [isOpen, setIsOpen] = useState(false);\n  const [buttonWidth, setButtonWidth] = useState<number | null>(null);\n  const { user, signIn, signOut } = useUser();\n  const buttonRef = useRef<HTMLButtonElement>(null);\n  const dropdownRef = useRef<HTMLDivElement>(null);\n\n  useEffect(() => {\n    if (buttonRef.current) {\n      setButtonWidth(buttonRef.current.offsetWidth);\n    }\n  }, [isOpen]);\n\n  const handleClickOutside = useCallback((event: MouseEvent) => {\n    const target = event.target as HTMLElement;\n\n    if (\n      buttonRef.current &&\n      dropdownRef.current &&\n      !buttonRef.current.contains(target) &&\n      !dropdownRef.current.contains(target)\n    ) {\n      setIsOpen(false);\n    }\n  }, []);\n\n  const handleSignOut = useCallback(async () => {\n    await signOut();\n\n    setIsOpen(false);\n  }, [signOut]);\n\n  const handleSignIn = useCallback(async () => {\n    await signIn(displayMode);\n\n    setIsOpen(false);\n  }, [signIn, displayMode]);\n\n  const handleEscape = useCallback((event: KeyboardEvent) => {\n    if (event.key === \"Escape\") {\n      setIsOpen(false);\n    }\n  }, []);\n\n  useEffect(() => {\n    if (isOpen) {\n      window.addEventListener(\"click\", handleClickOutside);\n\n      window.addEventListener(\"keydown\", handleEscape);\n    }\n\n    return () => {\n      window.removeEventListener(\"click\", handleClickOutside);\n\n      window.removeEventListener(\"keydown\", handleEscape);\n    };\n  }, [handleClickOutside, handleEscape, isOpen]);\n\n  if (user) {\n    return (\n      <div\n        style={{ position: \"relative\", width: \"auto\" }}\n        id=\"civic-dropdown-container\"\n      >\n        <button\n          ref={buttonRef}\n          style={{\n            cursor: \"pointer\",\n            display: \"flex\",\n            minWidth: \"10rem\",\n            alignItems: \"center\",\n            justifyContent: \"space-between\",\n            gap: \"0.5rem\",\n            borderRadius: \"9999px\",\n            border: \"1px solid #6b7280\",\n            padding: \"0.75rem 1rem\",\n            color: \"#6b7280\",\n            background: \"none\",\n            transition: \"background-color 0.2s\",\n          }}\n          className={className}\n          onMouseEnter={(e) =>\n            (e.currentTarget.style.backgroundColor = \"#f3f4f6\")\n          }\n          onMouseLeave={(e) =>\n            (e.currentTarget.style.backgroundColor = \"transparent\")\n          }\n          onClick={() => {\n            setIsOpen((isOpen) => !isOpen);\n          }}\n        >\n          {user?.picture ? (\n            <span\n              style={{\n                position: \"relative\",\n                display: \"flex\",\n                height: \"1.5rem\",\n                width: \"1.5rem\",\n                flexShrink: 0,\n                gap: \"0.5rem\",\n                overflow: \"hidden\",\n                borderRadius: \"9999px\",\n              }}\n            >\n              <img\n                style={{ height: \"100%\", width: \"100%\", objectFit: \"cover\" }}\n                src={user.picture}\n                alt={user?.name || user?.email}\n              />\n            </span>\n          ) : (\n            <span style={{ display: \"block\" }} />\n          )}\n\n          <span>{user?.name || user?.email}</span>\n\n          <span style={{ display: \"block\", pointerEvents: \"none\" }}>\n            {isOpen ? <ChevronUp /> : <ChevronDown />}\n          </span>\n        </button>\n        <div\n          ref={dropdownRef}\n          style={\n            isOpen\n              ? {\n                  position: \"absolute\",\n                  left: 0,\n                  width: buttonWidth || \"auto\",\n                  marginTop: \"0.5rem\",\n                  borderRadius: \"0.5rem\",\n                  backgroundColor: \"white\",\n                  padding: \"0.5rem 0\",\n                  color: \"#6b7280\",\n                  boxShadow:\n                    \"0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05)\",\n                }\n              : { display: \"none\" }\n          }\n        >\n          <ul style={{ listStyleType: \"none\", margin: 0, padding: 0 }}>\n            <li>\n              <button\n                style={{\n                  display: \"block\",\n                  width: \"100%\",\n                  padding: \"0.5rem 1rem\",\n                  transition: \"background-color 0.2s\",\n                  background: \"none\",\n                  border: \"none\",\n                  textAlign: \"center\",\n                  cursor: \"pointer\",\n                }}\n                onClick={handleSignOut}\n                onMouseEnter={(e) =>\n                  (e.currentTarget.style.backgroundColor = \"#f3f4f6\")\n                }\n                onMouseLeave={(e) =>\n                  (e.currentTarget.style.backgroundColor = \"transparent\")\n                }\n              >\n                Logout\n              </button>\n            </li>\n          </ul>\n        </div>\n      </div>\n    );\n  }\n\n  return (\n    <button\n      ref={buttonRef}\n      data-testid=\"sign-in-button\"\n      style={{\n        cursor: \"pointer\",\n        borderRadius: \"9999px\",\n        border: \"1px solid #6b7280\",\n        padding: \"0.75rem 1rem\",\n        background: \"none\",\n        transition: \"background-color 0.2s\",\n      }}\n      className={className}\n      onMouseEnter={(e) => (e.currentTarget.style.backgroundColor = \"#f3f4f6\")}\n      onMouseLeave={(e) =>\n        (e.currentTarget.style.backgroundColor = \"transparent\")\n      }\n      onClick={handleSignIn}\n    >\n      Sign in\n    </button>\n  );\n};\n\nexport { UserButton };\n"]}

package/dist/cjs/reactjs/hooks/index.d.ts

@@ -2,6 +2,5 @@ export { useUser } from "../../reactjs/hooks/useUser.js";
 export { useToken } from "../../shared/hooks/useToken.js";
 export { useAuth } from "../../shared/hooks/useAuth.js";
 export { useSession } from "../../shared/hooks/useSession.js";
-export { useConfig } from "../../shared/hooks/useConfig.js";
 export { useIframe } from "../../shared/hooks/useIframe.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/cjs/reactjs/hooks/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/hooks/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,4BAA4B,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/hooks/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,4BAA4B,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC"}

package/dist/cjs/reactjs/hooks/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.useIframe = exports.useConfig = exports.useSession = exports.useAuth = exports.useToken = exports.useUser = void 0;
+exports.useIframe = exports.useSession = exports.useAuth = exports.useToken = exports.useUser = void 0;
 var useUser_js_1 = require("../../reactjs/hooks/useUser.js");
 Object.defineProperty(exports, "useUser", { enumerable: true, get: function () { return useUser_js_1.useUser; } });
 var useToken_js_1 = require("../../shared/hooks/useToken.js");
@@ -9,8 +9,6 @@ var useAuth_js_1 = require("../../shared/hooks/useAuth.js");
 Object.defineProperty(exports, "useAuth", { enumerable: true, get: function () { return useAuth_js_1.useAuth; } });
 var useSession_js_1 = require("../../shared/hooks/useSession.js");
 Object.defineProperty(exports, "useSession", { enumerable: true, get: function () { return useSession_js_1.useSession; } });
-var useConfig_js_1 = require("../../shared/hooks/useConfig.js");
-Object.defineProperty(exports, "useConfig", { enumerable: true, get: function () { return useConfig_js_1.useConfig; } });
 var useIframe_js_1 = require("../../shared/hooks/useIframe.js");
 Object.defineProperty(exports, "useIframe", { enumerable: true, get: function () { return useIframe_js_1.useIframe; } });
 //# sourceMappingURL=index.js.map

package/dist/cjs/reactjs/hooks/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/reactjs/hooks/index.ts"],"names":[],"mappings":";;;AAAA,yDAAqD;AAA5C,qGAAA,OAAO,OAAA;AAChB,0DAAsD;AAA7C,uGAAA,QAAQ,OAAA;AACjB,wDAAoD;AAA3C,qGAAA,OAAO,OAAA;AAChB,8DAA0D;AAAjD,2GAAA,UAAU,OAAA;AACnB,4DAAwD;AAA/C,yGAAA,SAAS,OAAA;AAClB,4DAAwD;AAA/C,yGAAA,SAAS,OAAA","sourcesContent":["export { useUser } from \"@/reactjs/hooks/useUser.js\";\nexport { useToken } from \"@/shared/hooks/useToken.js\";\nexport { useAuth } from \"@/shared/hooks/useAuth.js\";\nexport { useSession } from \"@/shared/hooks/useSession.js\";\nexport { useConfig } from \"@/shared/hooks/useConfig.js\";\nexport { useIframe } from \"@/shared/hooks/useIframe.js\";\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/reactjs/hooks/index.ts"],"names":[],"mappings":";;;AAAA,yDAAqD;AAA5C,qGAAA,OAAO,OAAA;AAChB,0DAAsD;AAA7C,uGAAA,QAAQ,OAAA;AACjB,wDAAoD;AAA3C,qGAAA,OAAO,OAAA;AAChB,8DAA0D;AAAjD,2GAAA,UAAU,OAAA;AACnB,4DAAwD;AAA/C,yGAAA,SAAS,OAAA","sourcesContent":["export { useUser } from \"@/reactjs/hooks/useUser.js\";\nexport { useToken } from \"@/shared/hooks/useToken.js\";\nexport { useAuth } from \"@/shared/hooks/useAuth.js\";\nexport { useSession } from \"@/shared/hooks/useSession.js\";\nexport { useIframe } from \"@/shared/hooks/useIframe.js\";\n"]}

package/dist/cjs/services/AuthenticationService.d.ts

@@ -27,7 +27,6 @@ export declare class BrowserAuthenticationInitiator implements AuthenticationIni
     protected config: {
         clientId: string;
         redirectUrl: string;
-        state: string;
         scopes: string[];
         displayMode: DisplayMode;
         oauthServer: string;
@@ -35,6 +34,10 @@ export declare class BrowserAuthenticationInitiator implements AuthenticationIni
         pkceConsumer: PKCEConsumer;
         nonce?: string;
     };
+    setDisplayMode(displayMode: DisplayMode): void;
+    get displayMode(): DisplayMode;
+    get isServerTokenExchange(): boolean;
+    get state(): string;
     constructor(config: typeof this.config);
     handleLoginAppPopupFailed(redirectUrl: string): Promise<void>;
     signIn(iframeRef: HTMLIFrameElement | null): Promise<URL>;

package/dist/cjs/services/AuthenticationService.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EAET,qBAAqB,EACrB,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AAerE,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACb,MAAM,qBAAqB,CAAC;AAM7B;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,OAAO,CAAC,kBAAkB,CAAgD;IAE1E,SAAS,CAAC,MAAM,EAAE;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,CAAC;QAEjB,WAAW,EAAE,WAAW,CAAC;QACzB,WAAW,EAAE,MAAM,CAAC;QAEpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAEvC,YAAY,EAAE,YAAY,CAAC;QAE3B,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;gBAEU,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAIhC,yBAAyB,CAAC,WAAW,EAAE,MAAM;IAU7C,MAAM,CAAC,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IA8CzD,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC;IAU7B,OAAO;CAKR;AAED;;;GAGG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,SAAS,CAAC,MAAM,EAAE;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,CAAC,EAAE,MAAM,CAAC;QAEf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAEvC,YAAY,EAAE,YAAY,CAAC;KAC5B,CAAC;gBAEU,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAMhC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC;IAItB,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC;CAG9B;AAED,KAAK,2BAA2B,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IACvC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,8BAA8B;IAQ5E,SAAS,CAAC,YAAY;IAPxB,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;gBAIvC,MAAM,EAAE,2BAA2B,EAEzB,YAAY,kCAAwC;IAa1D,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqBrB,aAAa,CACjB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IAiC3B,cAAc,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAa7C,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC;WAgCxC,KAAK,CAChB,MAAM,EAAE,2BAA2B,GAClC,OAAO,CAAC,sBAAsB,CAAC;CAMnC"}
+{"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EAET,qBAAqB,EACrB,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,+BAA+B,EAEhC,MAAM,oBAAoB,CAAC;AAe5B,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACb,MAAM,qBAAqB,CAAC;AAQ7B;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,OAAO,CAAC,kBAAkB,CAAgD;IAE1E,SAAS,CAAC,MAAM,EAAE;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,EAAE,CAAC;QAEjB,WAAW,EAAE,WAAW,CAAC;QACzB,WAAW,EAAE,MAAM,CAAC;QAEpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAEvC,YAAY,EAAE,YAAY,CAAC;QAE3B,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;IAEK,cAAc,CAAC,WAAW,EAAE,WAAW;IAI9C,IAAI,WAAW,gBAEd;IAED,IAAI,qBAAqB,YAExB;IACD,IAAI,KAAK,WAER;gBACW,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAIhC,yBAAyB,CAAC,WAAW,EAAE,MAAM;IAU7C,MAAM,CAAC,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IAiDzD,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC;IAe7B,OAAO;CAKR;AAED;;;GAGG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,SAAS,CAAC,MAAM,EAAE;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,CAAC,EAAE,MAAM,CAAC;QAEf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAEvC,YAAY,EAAE,YAAY,CAAC;KAC5B,CAAC;gBAEU,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAMhC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC;IAItB,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC;CAG9B;AAED,KAAK,2BAA2B,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IACvC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,8BAA8B;IAQ5E,SAAS,CAAC,YAAY;IAPxB,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;gBAIvC,MAAM,EAAE,2BAA2B,EAEzB,YAAY,kCAAwC;IAY1D,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqBrB,aAAa,CACjB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IA0C3B,cAAc,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAa7C,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC;WAgCxC,KAAK,CAChB,MAAM,EAAE,2BAA2B,GAClC,OAAO,CAAC,sBAAsB,CAAC;CAMnC"}

package/dist/cjs/services/AuthenticationService.js

@@ -11,6 +11,8 @@ const types_js_1 = require("../services/types.js");
 const windowUtil_js_1 = require("../lib/windowUtil.js");
 const constants_js_1 = require("../constants.js");
 const postMessage_js_1 = require("../lib/postMessage.js");
+const session_js_1 = require("../shared/lib/session.js");
+const UserSession_js_1 = require("../shared/lib/UserSession.js");
 /**
  * An authentication initiator that works on a browser. Since this is just triggering
  * login and logout, session data is not stored here.
@@ -35,6 +37,18 @@ const postMessage_js_1 = require("../lib/postMessage.js");
 class BrowserAuthenticationInitiator {
     postMessageHandler = null;
     config;
+    setDisplayMode(displayMode) {
+        this.config.displayMode = displayMode;
+    }
+    get displayMode() {
+        return this.config.displayMode;
+    }
+    get isServerTokenExchange() {
+        return this.config.pkceConsumer instanceof PKCE_js_1.ConfidentialClientPKCEConsumer;
+    }
+    get state() {
+        return (0, oauth_js_1.generateState)(this.config.displayMode, this.isServerTokenExchange);
+    }
     constructor(config) {
         this.config = config;
     }
@@ -45,7 +59,10 @@ class BrowserAuthenticationInitiator {
     // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url
     // and then use the display mode to decide how to send the user there
     async signIn(iframeRef) {
-        const url = await (0, util_js_1.generateOauthLoginUrl)(this.config);
+        const url = await (0, util_js_1.generateOauthLoginUrl)({
+            ...this.config,
+            state: this.state,
+        });
         this.postMessageHandler = (event) => {
             const thisURL = new URL(window.location.href);
             if (event.origin.endsWith("civic.com") ||
@@ -81,9 +98,13 @@ class BrowserAuthenticationInitiator {
         return url;
     }
     async signOut() {
-        const localStorage = new storage_js_1.LocalStorageAdapter();
-        await (0, util_js_1.clearTokens)(localStorage);
-        await (0, util_js_1.clearUser)(localStorage);
+        // we only use local storage for the client-side token exchange
+        if (!this.isServerTokenExchange) {
+            const localStorage = new storage_js_1.LocalStorageAdapter();
+            await (0, util_js_1.clearTokens)(localStorage);
+            await (0, util_js_1.clearUser)(localStorage);
+            storage_js_1.LocalStorageAdapter.emitter.emit("signOut");
+        }
         // TODO open the iframe or new tab etc: the logout URL is not currently
         // supported by on the oauth, so just clear state until then
         const url = await (0, util_js_1.generateOauthLogoutUrl)(this.config);
@@ -129,7 +150,6 @@ class BrowserAuthenticationService extends BrowserAuthenticationInitiator {
     pkceProducer = new PKCE_js_1.BrowserPublicClientPKCEProducer()) {
         super({
             ...config,
-            state: (0, oauth_js_1.generateState)(config.displayMode),
             // Store and retrieve the PKCE challenge in local storage
             pkceConsumer: pkceProducer,
         });
@@ -158,11 +178,22 @@ class BrowserAuthenticationService extends BrowserAuthenticationInitiator {
         // exchange auth code for tokens
         const tokens = await (0, util_js_1.exchangeTokens)(code, state, this.pkceProducer, this.oauth2client, // clean up types here to avoid the ! operator
         this.config.oauthServer, this.endpoints);
-        await (0, util_js_1.storeTokens)(new storage_js_1.LocalStorageAdapter(), tokens);
+        const clientStorage = new storage_js_1.LocalStorageAdapter();
+        await (0, util_js_1.storeTokens)(clientStorage, tokens);
+        const user = await (0, session_js_1.getUser)(clientStorage);
+        if (!user) {
+            throw new Error("Failed to get user info");
+        }
+        const userSession = new UserSession_js_1.GenericUserSession(clientStorage);
+        await userSession.set(user);
+        storage_js_1.LocalStorageAdapter.emitter.emit("signIn");
         // cleanup the browser window if needed
         const parsedDisplayMode = (0, oauth_js_1.displayModeFromState)(state, this.config.displayMode);
         if (parsedDisplayMode === "new_tab") {
             // Close the popup window
+            window.addEventListener("beforeunload", () => {
+                window?.opener?.focus();
+            });
             window.close();
         }
         // these are the default oAuth params that get added to the URL in redirect which we want to remove if present
@@ -186,7 +217,7 @@ class BrowserAuthenticationService extends BrowserAuthenticationInitiator {
             const sessionData = await this.getSessionData();
             if (!sessionData?.idToken || !sessionData.accessToken) {
                 const unAuthenticatedSession = { ...sessionData, authenticated: false };
-                await (0, util_js_1.clearTokens)(new storage_js_1.LocalStorageAdapter());
+                // await clearTokens(new LocalStorageAdapter());
                 return unAuthenticatedSession;
             }
             if (!this.endpoints || !this.oauth2client)