npm - @civic/auth - Versions diffs - 0.1.6-beta.2 → 0.1.6-beta.3 - Mend

@civic/auth 0.1.6-beta.2 → 0.1.6-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (70) hide show

package/dist/cjs/shared/version.d.ts CHANGED Viewed

@@ -1,2 +1,2 @@
-export declare const VERSION = "@civic/auth:0.1.6-beta.2";
+export declare const VERSION = "@civic/auth:0.1.6-beta.3";
 //# sourceMappingURL=version.d.ts.map

package/dist/cjs/shared/version.js CHANGED Viewed

@@ -2,5 +2,5 @@
 // This is an auto-generated file. Do not edit.
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.VERSION = void 0;
-exports.VERSION = "@civic/auth:0.1.6-beta.2";
+exports.VERSION = "@civic/auth:0.1.6-beta.3";
 //# sourceMappingURL=version.js.map

package/dist/cjs/shared/version.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":";AAAA,+CAA+C;;;AAElC,QAAA,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.1.6-beta.2\";\n"]}
1	+ {"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":";AAAA,+CAA+C;;;AAElC,QAAA,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.1.6-beta.3\";\n"]}

package/dist/esm/shared/version.d.ts CHANGED Viewed

@@ -1,2 +1,2 @@
-export declare const VERSION = "@civic/auth:0.1.6-beta.2";
+export declare const VERSION = "@civic/auth:0.1.6-beta.3";
 //# sourceMappingURL=version.d.ts.map

package/dist/esm/shared/version.js CHANGED Viewed

@@ -1,3 +1,3 @@
 // This is an auto-generated file. Do not edit.
-export const VERSION = "@civic/auth:0.1.6-beta.2";
+export const VERSION = "@civic/auth:0.1.6-beta.3";
 //# sourceMappingURL=version.js.map

package/dist/esm/shared/version.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.1.6-beta.2\";\n"]}
1	+ {"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.1.6-beta.3\";\n"]}

package/dist/src/lib/cookies.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/lib/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,KAAK,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAK7E,QAAA,MAAM,oBAAoB,aACd;IACR,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,EAAE,4DAqBJ,CAAC;AAEF,cAAM,oBAAqB,SAAQ,aAAa;IAClC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,kBAAkB,CAAC;gBAAnC,MAAM,GAAE,OAAO,CAAC,kBAAkB,CAAM;IAOvD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAUxC,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAG5D;AAED,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,CAAC"}

package/dist/src/lib/cookies.js ADDED Viewed

@@ -0,0 +1,51 @@
+import { CookieStorage } from "@/shared/lib/storage.js";
+// TODO move this into its own CookieStorage class that implements AuthStorage
+// and provides getters and a non-implemented setter
+// it should just return the string and let the user etc. be parsed by the caller
+const getWindowCookieValue = (requests) => {
+    const cookie = window.document.cookie;
+    if (!cookie)
+        return null;
+    const cookies = cookie.split(";");
+    const response = {};
+    for (const c of cookies) {
+        const [name, value] = c.trim().split("=");
+        const request = requests.find((r) => r.key === name);
+        if (value && request) {
+            try {
+                const decodeURIComponentValue = decodeURIComponent(value);
+                response[request.key] = request.parseJson
+                    ? JSON.parse(decodeURIComponentValue)
+                    : decodeURIComponentValue;
+            }
+            catch {
+                response[request.key] = value;
+            }
+        }
+    }
+    return response;
+};
+class BrowserCookieStorage extends CookieStorage {
+    config;
+    constructor(config = {}) {
+        super({
+            secure: true,
+            httpOnly: false,
+        });
+        this.config = config;
+    }
+    async get(key) {
+        const value = `; ${document.cookie}`;
+        const parts = value.split(`; ${key}=`);
+        if (parts && parts.length === 2) {
+            return parts.pop()?.split(";").shift() ?? null;
+        }
+        return null;
+    }
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    async set(_key, _value) {
+        throw new Error("Not implemented.");
+    }
+}
+export { BrowserCookieStorage, getWindowCookieValue };
+//# sourceMappingURL=cookies.js.map

package/dist/src/lib/cookies.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cookies.js","sourceRoot":"","sources":["../../../src/lib/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAGxD,8EAA8E;AAC9E,oDAAoD;AACpD,iFAAiF;AACjF,MAAM,oBAAoB,GAAG,CAC3B,QAIG,EACH,EAAE;IACF,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;IACtC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAqD,EAAE,CAAC;IACtE,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;QACrD,IAAI,KAAK,IAAI,OAAO,EAAE,CAAC;YACrB,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC1D,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,SAAS;oBACvC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,uBAAuB,CAAC;oBACrC,CAAC,CAAC,uBAAuB,CAAC;YAC9B,CAAC;YAAC,MAAM,CAAC;gBACP,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,oBAAqB,SAAQ,aAAa;IACzB;IAArB,YAAqB,SAAsC,EAAE;QAC3D,KAAK,CAAC;YACJ,MAAM,EAAE,IAAI;YACZ,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAJgB,WAAM,GAAN,MAAM,CAAkC;IAK7D,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,MAAM,KAAK,GAAG,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;QACvC,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChC,OAAO,KAAK,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,IAAI,IAAI,CAAC;QACjD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,6DAA6D;IAC7D,KAAK,CAAC,GAAG,CAAC,IAAiB,EAAE,MAAc;QACzC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACtC,CAAC;CACF;AAED,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,CAAC","sourcesContent":["import { CookieStorage } from \"@/shared/lib/storage.js\";\nimport type { OAuthTokens, TokensCookieConfig } from \"@/shared/lib/types.js\";\n\n// TODO move this into its own CookieStorage class that implements AuthStorage\n// and provides getters and a non-implemented setter\n// it should just return the string and let the user etc. be parsed by the caller\nconst getWindowCookieValue = (\n requests: {\n key: string;\n window: Window;\n parseJson?: boolean;\n }[],\n) => {\n const cookie = window.document.cookie;\n if (!cookie) return null;\n const cookies = cookie.split(\";\");\n const response: Record<string, string | Record<string, unknown>> = {};\n for (const c of cookies) {\n const [name, value] = c.trim().split(\"=\");\n const request = requests.find((r) => r.key === name);\n if (value && request) {\n try {\n const decodeURIComponentValue = decodeURIComponent(value);\n response[request.key] = request.parseJson\n ? JSON.parse(decodeURIComponentValue)\n : decodeURIComponentValue;\n } catch {\n response[request.key] = value;\n }\n }\n }\n return response;\n};\n\nclass BrowserCookieStorage extends CookieStorage {\n constructor(readonly config: Partial<TokensCookieConfig> = {}) {\n super({\n secure: true,\n httpOnly: false,\n });\n }\n\n async get(key: string): Promise<string | null> {\n const value = `; ${document.cookie}`;\n const parts = value.split(`; ${key}=`);\n if (parts && parts.length === 2) {\n return parts.pop()?.split(\";\").shift() ?? null;\n }\n return null;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async set(_key: OAuthTokens, _value: string): Promise<void> {\n throw new Error(\"Not implemented.\");\n }\n}\n\nexport { BrowserCookieStorage, getWindowCookieValue };\n"]}

package/dist/test/unit/lib/cookies.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"cookies.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/lib/cookies.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/lib/cookies.test.js ADDED Viewed

@@ -0,0 +1,25 @@
+import { BrowserCookieStorage } from "@/lib/cookies.js";
+import { describe, it } from "vitest";
+import { OAuthTokens } from "@/shared/lib/types.js";
+describe("cookies.ts", () => {
+    describe("BrowserCookieStorage", () => {
+        const originalCookieValue = document.cookie;
+        afterAll(() => {
+            document.cookie = originalCookieValue;
+        });
+        it("should get a cookie values", () => {
+            const cookieStorage = new BrowserCookieStorage();
+            document.cookie = "testCookie=testValue";
+            document.cookie = "testCookie2=testValue2";
+            document.cookie = "testCookie3=testValue3";
+            expect(cookieStorage.get("testCookie")).resolves.toBe("testValue");
+            expect(cookieStorage.get("testCookie2")).resolves.toBe("testValue2");
+            expect(cookieStorage.get("testCookie3")).resolves.toBe("testValue3");
+        });
+        it("should throw an error when trying to set a value", () => {
+            const cookieStorage = new BrowserCookieStorage();
+            expect(() => cookieStorage.set(OAuthTokens.TIMESTAMP, "cookieValue")).rejects.toThrow("Not implemented.");
+        });
+    });
+});
+//# sourceMappingURL=cookies.test.js.map

package/dist/test/unit/lib/cookies.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cookies.test.js","sourceRoot":"","sources":["../../../../test/unit/lib/cookies.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;IAC1B,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,MAAM,mBAAmB,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC5C,QAAQ,CAAC,GAAG,EAAE;YACZ,QAAQ,CAAC,MAAM,GAAG,mBAAmB,CAAC;QACxC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,aAAa,GAAG,IAAI,oBAAoB,EAAE,CAAC;YACjD,QAAQ,CAAC,MAAM,GAAG,sBAAsB,CAAC;YACzC,QAAQ,CAAC,MAAM,GAAG,wBAAwB,CAAC;YAC3C,QAAQ,CAAC,MAAM,GAAG,wBAAwB,CAAC;YAC3C,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACnE,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACrE,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACvE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;YAC1D,MAAM,aAAa,GAAG,IAAI,oBAAoB,EAAE,CAAC;YACjD,MAAM,CAAC,GAAG,EAAE,CACV,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,EAAE,aAAa,CAAC,CACxD,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { BrowserCookieStorage } from \"@/lib/cookies.js\";\nimport { describe, it } from \"vitest\";\nimport { OAuthTokens } from \"@/shared/lib/types.js\";\n\ndescribe(\"cookies.ts\", () => {\n describe(\"BrowserCookieStorage\", () => {\n const originalCookieValue = document.cookie;\n afterAll(() => {\n document.cookie = originalCookieValue;\n });\n\n it(\"should get a cookie values\", () => {\n const cookieStorage = new BrowserCookieStorage();\n document.cookie = \"testCookie=testValue\";\n document.cookie = \"testCookie2=testValue2\";\n document.cookie = \"testCookie3=testValue3\";\n expect(cookieStorage.get(\"testCookie\")).resolves.toBe(\"testValue\");\n expect(cookieStorage.get(\"testCookie2\")).resolves.toBe(\"testValue2\");\n expect(cookieStorage.get(\"testCookie3\")).resolves.toBe(\"testValue3\");\n });\n\n it(\"should throw an error when trying to set a value\", () => {\n const cookieStorage = new BrowserCookieStorage();\n expect(() =>\n cookieStorage.set(OAuthTokens.TIMESTAMP, \"cookieValue\"),\n ).rejects.toThrow(\"Not implemented.\");\n });\n });\n});\n"]}

package/dist/test/unit/nextjs/config.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"config.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/nextjs/config.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/nextjs/config.test.js ADDED Viewed

@@ -0,0 +1,203 @@
+/* eslint-disable turbo/no-undeclared-env-vars */
+import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
+import { resolveAuthConfig, createCivicAuthPlugin, defaultAuthConfig, } from "@/nextjs/config.js";
+import { DEFAULT_AUTH_SERVER } from "@/constants.js";
+const defaultCookies = {
+    id_token: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    access_token: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    refresh_token: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    expires_in: {
+        httpOnly: false,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    timestamp: {
+        httpOnly: false,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    code_verifier: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+    app_url: {
+        httpOnly: true,
+        path: "/",
+        sameSite: "strict",
+        secure: false,
+    },
+};
+describe("nextjs/config", () => {
+    const originalEnv = process.env;
+    beforeEach(() => {
+        vi.resetModules();
+        process.env = { ...originalEnv, NODE_ENV: "development" };
+    });
+    afterEach(() => {
+        process.env = originalEnv;
+        vi.restoreAllMocks();
+    });
+    describe("resolveAuthConfig", () => {
+        it("should throw an error if clientId is not provided", () => {
+            expect(() => resolveAuthConfig()).toThrowError("Civic Auth client ID is required");
+        });
+        it("should use default values when no config is provided", () => {
+            // client id must be defined
+            process.env._civic_auth_client_id = "clientId";
+            const result = resolveAuthConfig();
+            expect(result).toEqual({ ...defaultAuthConfig, clientId: "clientId" });
+        });
+        it("should override default values with provided config", () => {
+            const config = {
+                clientId: "clientId",
+                callbackUrl: "/custom/callback",
+                loginUrl: "/custom/login",
+                include: ["/protected/*"],
+                exclude: ["/public/*"],
+            };
+            const result = resolveAuthConfig(config);
+            expect(result.callbackUrl).toBe("/custom/callback");
+            expect(result.loginUrl).toBe("/custom/login");
+            expect(result.include).toEqual(["/protected/*"]);
+            expect(result.exclude).toEqual(["/public/*"]);
+        });
+        it("should use environment variables if set", () => {
+            process.env._civic_auth_client_id = "clientId";
+            process.env._civic_auth_callback_url = "/env/callback";
+            process.env._civic_auth_login_url = "/env/login";
+            process.env._civic_auth_includes = "/env/protected/*";
+            process.env._civic_auth_excludes = "/env/public/*";
+            const result = resolveAuthConfig();
+            expect(result.callbackUrl).toBe("/env/callback");
+            expect(result.loginUrl).toBe("/env/login");
+            expect(result.include).toEqual(["/env/protected/*"]);
+            expect(result.exclude).toEqual(["/env/public/*"]);
+        });
+        it("should prioritize provided config over environment variables", () => {
+            process.env._civic_auth_callback_url = "/env/callback";
+            const config = {
+                clientId: "clientId",
+                callbackUrl: "/config/callback",
+            };
+            const result = resolveAuthConfig(config);
+            expect(result.callbackUrl).toBe("/config/callback");
+        });
+        it("should merge cookie configurations correctly", () => {
+            const config = {
+                clientId: "clientId",
+                cookies: {
+                    tokens: {
+                        id_token: { ...defaultCookies.id_token, secure: false },
+                    },
+                    user: {
+                        httpOnly: false,
+                        secure: false,
+                        sameSite: "strict",
+                    },
+                },
+            };
+            const result = resolveAuthConfig(config);
+            expect(result.cookies.tokens).toEqual({
+                ...defaultCookies,
+                id_token: { ...defaultCookies.id_token, secure: false },
+            });
+            expect(result.cookies.user).toEqual({
+                httpOnly: false,
+                secure: false,
+                sameSite: "strict",
+                path: "/",
+                maxAge: 3600,
+            });
+        });
+        it("should set secure to true in the default cookie configs if NODE_ENV is not development", async () => {
+            process.env = { ...originalEnv, NODE_ENV: "production" };
+            // re-import to get the configs with the updated NODE_ENV
+            const configs = await import("../../../src/nextjs/config.js");
+            const result = configs.resolveAuthConfig({ clientId: "clientId" });
+            Object.values(result.cookies.tokens).forEach((cookie) => {
+                expect(cookie.secure).toBe(true);
+            });
+        });
+    });
+    describe("createCivicAuthPlugin", () => {
+        it("should return a function", () => {
+            const plugin = createCivicAuthPlugin({ clientId: "clientId" });
+            expect(typeof plugin).toBe("function");
+        });
+        it("should set environment variables based on resolved config", () => {
+            const config = {
+                clientId: "clientId",
+                callbackUrl: "/custom/callback",
+                loginUrl: "/custom/login",
+                logoutUrl: "/custom/logout",
+                logoutCallbackUrl: "/custom/logoutcallback",
+                include: ["/protected/*"],
+                exclude: ["/public/*"],
+                cookies: {
+                    tokens: defaultCookies,
+                    user: {
+                        secure: false,
+                        sameSite: "strict",
+                        maxAge: 3600,
+                    },
+                },
+            };
+            const plugin = createCivicAuthPlugin(config);
+            const nextConfig = plugin({});
+            expect(nextConfig.env).toEqual({
+                _civic_auth_client_id: "clientId",
+                _civic_auth_callback_url: "/custom/callback",
+                _civic_auth_challenge_url: "/api/auth/challenge",
+                _civic_auth_login_url: "/custom/login",
+                _civic_auth_logout_url: "/custom/logout",
+                _civic_auth_logout_callback_url: "/custom/logoutcallback",
+                _civic_auth_includes: "/protected/*",
+                _civic_auth_excludes: "/public/*",
+                _civic_oauth_server: DEFAULT_AUTH_SERVER,
+                _civic_auth_cookie_config: JSON.stringify({
+                    tokens: defaultCookies,
+                    user: {
+                        secure: false,
+                        httpOnly: false,
+                        sameSite: "strict",
+                        path: "/",
+                        maxAge: 3600,
+                    },
+                }),
+            });
+        });
+        it("should merge with existing Next.js config", () => {
+            const existingConfig = {
+                reactStrictMode: true,
+                env: {
+                    CUSTOM_VAR: "value",
+                },
+            };
+            const plugin = createCivicAuthPlugin({ clientId: "clientId" });
+            const nextConfig = plugin(existingConfig);
+            expect(nextConfig.reactStrictMode).toBe(true);
+            expect(nextConfig.env).toHaveProperty("CUSTOM_VAR", "value");
+            expect(nextConfig.env).toHaveProperty("_civic_auth_callback_url");
+        });
+    });
+});
+//# sourceMappingURL=config.test.js.map

package/dist/test/unit/nextjs/config.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"config.test.js","sourceRoot":"","sources":["../../../../test/unit/nextjs/config.test.ts"],"names":[],"mappings":"AAAA,iDAAiD;AACjD,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EAErB,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,MAAM,cAAc,GAAG;IACrB,QAAQ,EAAE;QACR,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,YAAY,EAAE;QACZ,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,aAAa,EAAE;QACb,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,UAAU,EAAE;QACV,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,SAAS,EAAE;QACT,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,aAAa,EAAE;QACb,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;IACD,OAAO,EAAE;QACP,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,KAAK;KACd;CACoB,CAAC;AAExB,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC;IAEhC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,GAAG,EAAE,GAAG,WAAW,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,CAAC,GAAG,GAAG,WAAW,CAAC;QAC1B,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;YAC3D,MAAM,CAAC,GAAG,EAAE,CAAC,iBAAiB,EAAE,CAAC,CAAC,YAAY,CAC5C,kCAAkC,CACnC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;YAC9D,4BAA4B;YAC5B,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,UAAU,CAAC;YAC/C,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,EAAE,GAAG,iBAAiB,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;YAC7D,MAAM,MAAM,GAAe;gBACzB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,kBAAkB;gBAC/B,QAAQ,EAAE,eAAe;gBACzB,OAAO,EAAE,CAAC,cAAc,CAAC;gBACzB,OAAO,EAAE,CAAC,WAAW,CAAC;aACvB,CAAC;YACF,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACpD,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC9C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;YACjD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,UAAU,CAAC;YAC/C,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,eAAe,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,YAAY,CAAC;YACjD,OAAO,CAAC,GAAG,CAAC,oBAAoB,GAAG,kBAAkB,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,oBAAoB,GAAG,eAAe,CAAC;YAEnD,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACjD,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;YACtE,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,eAAe,CAAC;YACvD,MAAM,MAAM,GAAe;gBACzB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,kBAAkB;aAChC,CAAC;YAEF,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,MAAM,GAAe;gBACzB,QAAQ,EAAE,UAAU;gBACpB,OAAO,EAAE;oBACP,MAAM,EAAE;wBACN,QAAQ,EAAE,EAAE,GAAG,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE;qBAClC;oBACvB,IAAI,EAAE;wBACJ,QAAQ,EAAE,KAAK;wBACf,MAAM,EAAE,KAAK;wBACb,QAAQ,EAAE,QAAQ;qBACnB;iBACF;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC;gBACpC,GAAG,cAAc;gBACjB,QAAQ,EAAE,EAAE,GAAG,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE;aACxD,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;gBAClC,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,KAAK;gBACb,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,IAAI;aACb,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wFAAwF,EAAE,KAAK,IAAI,EAAE;YACtG,OAAO,CAAC,GAAG,GAAG,EAAE,GAAG,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;YACzD,yDAAyD;YACzD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,+BAA+B,CAAC,CAAC;YAC9D,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;YACnE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;gBACtD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,MAAM,GAAG,qBAAqB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;YAC/D,MAAM,CAAC,OAAO,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;YACnE,MAAM,MAAM,GAAG;gBACb,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,kBAAkB;gBAC/B,QAAQ,EAAE,eAAe;gBACzB,SAAS,EAAE,gBAAgB;gBAC3B,iBAAiB,EAAE,wBAAwB;gBAC3C,OAAO,EAAE,CAAC,cAAc,CAAC;gBACzB,OAAO,EAAE,CAAC,WAAW,CAAC;gBACtB,OAAO,EAAE;oBACP,MAAM,EAAE,cAAc;oBACtB,IAAI,EAAE;wBACJ,MAAM,EAAE,KAAK;wBACb,QAAQ,EAAE,QAAQ;wBAClB,MAAM,EAAE,IAAI;qBACJ;iBACX;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;YAC7C,MAAM,UAAU,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;YAE9B,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC;gBAC7B,qBAAqB,EAAE,UAAU;gBACjC,wBAAwB,EAAE,kBAAkB;gBAC5C,yBAAyB,EAAE,qBAAqB;gBAChD,qBAAqB,EAAE,eAAe;gBACtC,sBAAsB,EAAE,gBAAgB;gBACxC,+BAA+B,EAAE,wBAAwB;gBACzD,oBAAoB,EAAE,cAAc;gBACpC,oBAAoB,EAAE,WAAW;gBACjC,mBAAmB,EAAE,mBAAmB;gBACxC,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC;oBACxC,MAAM,EAAE,cAAc;oBACtB,IAAI,EAAE;wBACJ,MAAM,EAAE,KAAK;wBACb,QAAQ,EAAE,KAAK;wBACf,QAAQ,EAAE,QAAQ;wBAClB,IAAI,EAAE,GAAG;wBACT,MAAM,EAAE,IAAI;qBACb;iBACF,CAAC;aACH,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,cAAc,GAAG;gBACrB,eAAe,EAAE,IAAI;gBACrB,GAAG,EAAE;oBACH,UAAU,EAAE,OAAO;iBACpB;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,qBAAqB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;YAC/D,MAAM,UAAU,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;YAE1C,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC9C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YAC7D,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,0BAA0B,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["/* eslint-disable turbo/no-undeclared-env-vars */\nimport { describe, it, expect, beforeEach, afterEach, vi } from \"vitest\";\nimport {\n resolveAuthConfig,\n createCivicAuthPlugin,\n type AuthConfig,\n defaultAuthConfig,\n} from \"@/nextjs/config.js\";\nimport type { TokensCookieConfig } from \"@/index.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nconst defaultCookies = {\n id_token: {\n httpOnly: true,\n path: \"/\",\n sameSite: \"strict\",\n secure: false,\n },\n access_token: {\n httpOnly: true,\n path: \"/\",\n sameSite: \"strict\",\n secure: false,\n },\n refresh_token: {\n httpOnly: true,\n path: \"/\",\n sameSite: \"strict\",\n secure: false,\n },\n expires_in: {\n httpOnly: false,\n path: \"/\",\n sameSite: \"strict\",\n secure: false,\n },\n timestamp: {\n httpOnly: false,\n path: \"/\",\n sameSite: \"strict\",\n secure: false,\n },\n code_verifier: {\n httpOnly: true,\n path: \"/\",\n sameSite: \"strict\",\n secure: false,\n },\n app_url: {\n httpOnly: true,\n path: \"/\",\n sameSite: \"strict\",\n secure: false,\n },\n} as TokensCookieConfig;\n\ndescribe(\"nextjs/config\", () => {\n const originalEnv = process.env;\n\n beforeEach(() => {\n vi.resetModules();\n process.env = { ...originalEnv, NODE_ENV: \"development\" };\n });\n\n afterEach(() => {\n process.env = originalEnv;\n vi.restoreAllMocks();\n });\n\n describe(\"resolveAuthConfig\", () => {\n it(\"should throw an error if clientId is not provided\", () => {\n expect(() => resolveAuthConfig()).toThrowError(\n \"Civic Auth client ID is required\",\n );\n });\n\n it(\"should use default values when no config is provided\", () => {\n // client id must be defined\n process.env._civic_auth_client_id = \"clientId\";\n const result = resolveAuthConfig();\n expect(result).toEqual({ ...defaultAuthConfig, clientId: \"clientId\" });\n });\n\n it(\"should override default values with provided config\", () => {\n const config: AuthConfig = {\n clientId: \"clientId\",\n callbackUrl: \"/custom/callback\",\n loginUrl: \"/custom/login\",\n include: [\"/protected/*\"],\n exclude: [\"/public/*\"],\n };\n const result = resolveAuthConfig(config);\n expect(result.callbackUrl).toBe(\"/custom/callback\");\n expect(result.loginUrl).toBe(\"/custom/login\");\n expect(result.include).toEqual([\"/protected/*\"]);\n expect(result.exclude).toEqual([\"/public/*\"]);\n });\n\n it(\"should use environment variables if set\", () => {\n process.env._civic_auth_client_id = \"clientId\";\n process.env._civic_auth_callback_url = \"/env/callback\";\n process.env._civic_auth_login_url = \"/env/login\";\n process.env._civic_auth_includes = \"/env/protected/*\";\n process.env._civic_auth_excludes = \"/env/public/*\";\n\n const result = resolveAuthConfig();\n expect(result.callbackUrl).toBe(\"/env/callback\");\n expect(result.loginUrl).toBe(\"/env/login\");\n expect(result.include).toEqual([\"/env/protected/*\"]);\n expect(result.exclude).toEqual([\"/env/public/*\"]);\n });\n\n it(\"should prioritize provided config over environment variables\", () => {\n process.env._civic_auth_callback_url = \"/env/callback\";\n const config: AuthConfig = {\n clientId: \"clientId\",\n callbackUrl: \"/config/callback\",\n };\n\n const result = resolveAuthConfig(config);\n expect(result.callbackUrl).toBe(\"/config/callback\");\n });\n\n it(\"should merge cookie configurations correctly\", () => {\n const config: AuthConfig = {\n clientId: \"clientId\",\n cookies: {\n tokens: {\n id_token: { ...defaultCookies.id_token, secure: false },\n } as TokensCookieConfig,\n user: {\n httpOnly: false,\n secure: false,\n sameSite: \"strict\",\n },\n },\n };\n\n const result = resolveAuthConfig(config);\n expect(result.cookies.tokens).toEqual({\n ...defaultCookies,\n id_token: { ...defaultCookies.id_token, secure: false },\n });\n\n expect(result.cookies.user).toEqual({\n httpOnly: false,\n secure: false,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: 3600,\n });\n });\n\n it(\"should set secure to true in the default cookie configs if NODE_ENV is not development\", async () => {\n process.env = { ...originalEnv, NODE_ENV: \"production\" };\n // re-import to get the configs with the updated NODE_ENV\n const configs = await import(\"../../../src/nextjs/config.js\");\n const result = configs.resolveAuthConfig({ clientId: \"clientId\" });\n Object.values(result.cookies.tokens).forEach((cookie) => {\n expect(cookie.secure).toBe(true);\n });\n });\n });\n\n describe(\"createCivicAuthPlugin\", () => {\n it(\"should return a function\", () => {\n const plugin = createCivicAuthPlugin({ clientId: \"clientId\" });\n expect(typeof plugin).toBe(\"function\");\n });\n\n it(\"should set environment variables based on resolved config\", () => {\n const config = {\n clientId: \"clientId\",\n callbackUrl: \"/custom/callback\",\n loginUrl: \"/custom/login\",\n logoutUrl: \"/custom/logout\",\n logoutCallbackUrl: \"/custom/logoutcallback\",\n include: [\"/protected/*\"],\n exclude: [\"/public/*\"],\n cookies: {\n tokens: defaultCookies,\n user: {\n secure: false,\n sameSite: \"strict\",\n maxAge: 3600,\n } as const,\n },\n };\n\n const plugin = createCivicAuthPlugin(config);\n const nextConfig = plugin({});\n\n expect(nextConfig.env).toEqual({\n _civic_auth_client_id: \"clientId\",\n _civic_auth_callback_url: \"/custom/callback\",\n _civic_auth_challenge_url: \"/api/auth/challenge\",\n _civic_auth_login_url: \"/custom/login\",\n _civic_auth_logout_url: \"/custom/logout\",\n _civic_auth_logout_callback_url: \"/custom/logoutcallback\",\n _civic_auth_includes: \"/protected/*\",\n _civic_auth_excludes: \"/public/*\",\n _civic_oauth_server: DEFAULT_AUTH_SERVER,\n _civic_auth_cookie_config: JSON.stringify({\n tokens: defaultCookies,\n user: {\n secure: false,\n httpOnly: false,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: 3600,\n },\n }),\n });\n });\n\n it(\"should merge with existing Next.js config\", () => {\n const existingConfig = {\n reactStrictMode: true,\n env: {\n CUSTOM_VAR: \"value\",\n },\n };\n\n const plugin = createCivicAuthPlugin({ clientId: \"clientId\" });\n const nextConfig = plugin(existingConfig);\n\n expect(nextConfig.reactStrictMode).toBe(true);\n expect(nextConfig.env).toHaveProperty(\"CUSTOM_VAR\", \"value\");\n expect(nextConfig.env).toHaveProperty(\"_civic_auth_callback_url\");\n });\n });\n});\n"]}

package/dist/test/unit/server/refresh.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"refresh.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/server/refresh.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/server/refresh.test.js ADDED Viewed

@@ -0,0 +1,55 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { refreshTokens } from "@/server/refresh.js";
+import { GenericStandaloneAuthenticationRefresher } from "@/shared/lib/GenericStandaloneAuthenticationRefresher.js";
+import { DEFAULT_AUTH_SERVER } from "@/constants.js";
+// Mock the GenericStandaloneAuthenticationRefresher
+vi.mock("@/shared/lib/GenericStandaloneAuthenticationRefresher.js", () => ({
+    GenericStandaloneAuthenticationRefresher: {
+        build: vi.fn(),
+    },
+}));
+describe("refresh.ts", () => {
+    const mockStorage = {
+        get: vi.fn(),
+        set: vi.fn(),
+        removeItem: vi.fn(),
+    };
+    const mockConfig = {
+        clientId: "test-client-id",
+        clientSecret: "test-client-secret",
+        redirectUrl: "http://localhost:3000/redirect",
+    };
+    const mockRefreshResponse = {
+        access_token: "new-access-token",
+        refresh_token: "new-refresh-token",
+        expires_in: 3600,
+    };
+    const mockRefresher = {
+        refreshTokens: vi.fn().mockResolvedValue(mockRefreshResponse),
+        setupAutorefresh: vi.fn(),
+    };
+    beforeEach(() => {
+        vi.clearAllMocks();
+        GenericStandaloneAuthenticationRefresher.build.mockResolvedValue(mockRefresher);
+    });
+    describe("refreshTokens", () => {
+        it("should create refresher with correct config and call refreshTokens", async () => {
+            const result = await refreshTokens(mockStorage, mockConfig);
+            expect(GenericStandaloneAuthenticationRefresher.build).toHaveBeenCalledWith({
+                ...mockConfig,
+                oauthServer: DEFAULT_AUTH_SERVER,
+            }, mockStorage, undefined);
+            expect(mockRefresher.refreshTokens).toHaveBeenCalled();
+            expect(result).toEqual(mockRefreshResponse);
+        });
+        it("should use custom oauthServer when provided", async () => {
+            const customConfig = {
+                ...mockConfig,
+                oauthServer: "https://custom-server.com",
+            };
+            await refreshTokens(mockStorage, customConfig);
+            expect(GenericStandaloneAuthenticationRefresher.build).toHaveBeenCalledWith(customConfig, mockStorage, undefined);
+        });
+    });
+});
+//# sourceMappingURL=refresh.test.js.map

package/dist/test/unit/server/refresh.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"refresh.test.js","sourceRoot":"","sources":["../../../../test/unit/server/refresh.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,wCAAwC,EAAE,MAAM,0DAA0D,CAAC;AACpH,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,oDAAoD;AACpD,EAAE,CAAC,IAAI,CAAC,0DAA0D,EAAE,GAAG,EAAE,CAAC,CAAC;IACzE,wCAAwC,EAAE;QACxC,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE;KACf;CACF,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;IAC1B,MAAM,WAAW,GAAG;QAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACZ,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACZ,UAAU,EAAE,EAAE,CAAC,EAAE,EAAE;KACpB,CAAC;IAEF,MAAM,UAAU,GAAG;QACjB,QAAQ,EAAE,gBAAgB;QAC1B,YAAY,EAAE,oBAAoB;QAClC,WAAW,EAAE,gCAAgC;KAC9C,CAAC;IAEF,MAAM,mBAAmB,GAAG;QAC1B,YAAY,EAAE,kBAAkB;QAChC,aAAa,EAAE,mBAAmB;QAClC,UAAU,EAAE,IAAI;KACjB,CAAC;IAEF,MAAM,aAAa,GAAG;QACpB,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,mBAAmB,CAAC;QAC7D,gBAAgB,EAAE,EAAE,CAAC,EAAE,EAAE;KAC1B,CAAC;IAEF,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QAClB,wCAAwC,CAAC,KAAa,CAAC,iBAAiB,CACvE,aAAa,CACd,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;YAClF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;YAE5D,MAAM,CACJ,wCAAwC,CAAC,KAAK,CAC/C,CAAC,oBAAoB,CACpB;gBACE,GAAG,UAAU;gBACb,WAAW,EAAE,mBAAmB;aACjC,EACD,WAAW,EACX,SAAS,CACV,CAAC;YACF,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC,gBAAgB,EAAE,CAAC;YACvD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;YAC3D,MAAM,YAAY,GAAG;gBACnB,GAAG,UAAU;gBACb,WAAW,EAAE,2BAA2B;aACzC,CAAC;YAEF,MAAM,aAAa,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;YAE/C,MAAM,CACJ,wCAAwC,CAAC,KAAK,CAC/C,CAAC,oBAAoB,CAAC,YAAY,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import { describe, it, expect, vi, beforeEach } from \"vitest\";\nimport { refreshTokens } from \"@/server/refresh.js\";\nimport { GenericStandaloneAuthenticationRefresher } from \"@/shared/lib/GenericStandaloneAuthenticationRefresher.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\n// Mock the GenericStandaloneAuthenticationRefresher\nvi.mock(\"@/shared/lib/GenericStandaloneAuthenticationRefresher.js\", () => ({\n GenericStandaloneAuthenticationRefresher: {\n build: vi.fn(),\n },\n}));\n\ndescribe(\"refresh.ts\", () => {\n const mockStorage = {\n get: vi.fn(),\n set: vi.fn(),\n removeItem: vi.fn(),\n };\n\n const mockConfig = {\n clientId: \"test-client-id\",\n clientSecret: \"test-client-secret\",\n redirectUrl: \"http://localhost:3000/redirect\",\n };\n\n const mockRefreshResponse = {\n access_token: \"new-access-token\",\n refresh_token: \"new-refresh-token\",\n expires_in: 3600,\n };\n\n const mockRefresher = {\n refreshTokens: vi.fn().mockResolvedValue(mockRefreshResponse),\n setupAutorefresh: vi.fn(),\n };\n\n beforeEach(() => {\n vi.clearAllMocks();\n (GenericStandaloneAuthenticationRefresher.build as any).mockResolvedValue(\n mockRefresher,\n );\n });\n\n describe(\"refreshTokens\", () => {\n it(\"should create refresher with correct config and call refreshTokens\", async () => {\n const result = await refreshTokens(mockStorage, mockConfig);\n\n expect(\n GenericStandaloneAuthenticationRefresher.build,\n ).toHaveBeenCalledWith(\n {\n ...mockConfig,\n oauthServer: DEFAULT_AUTH_SERVER,\n },\n mockStorage,\n undefined,\n );\n expect(mockRefresher.refreshTokens).toHaveBeenCalled();\n expect(result).toEqual(mockRefreshResponse);\n });\n\n it(\"should use custom oauthServer when provided\", async () => {\n const customConfig = {\n ...mockConfig,\n oauthServer: \"https://custom-server.com\",\n };\n\n await refreshTokens(mockStorage, customConfig);\n\n expect(\n GenericStandaloneAuthenticationRefresher.build,\n ).toHaveBeenCalledWith(customConfig, mockStorage, undefined);\n });\n });\n});\n"]}

package/dist/test/unit/shared/GenericStandaloneAuthenticationRefresher.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=GenericStandaloneAuthenticationRefresher.test.d.ts.map

package/dist/test/unit/shared/GenericStandaloneAuthenticationRefresher.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"GenericStandaloneAuthenticationRefresher.test.d.ts","sourceRoot":"","sources":["../../../../test/unit/shared/GenericStandaloneAuthenticationRefresher.test.ts"],"names":[],"mappings":""}

package/dist/test/unit/shared/GenericStandaloneAuthenticationRefresher.test.js ADDED Viewed

@@ -0,0 +1,144 @@
+import { describe, it, expect, vi, beforeEach, } from "vitest";
+import { getEndpointsWithOverrides, retrieveTokens, storeTokens, } from "@/shared/lib/util.js";
+import { OAuth2Client } from "oslo/oauth2";
+import { GenericStandaloneAuthenticationRefresher } from "@/shared/lib/GenericStandaloneAuthenticationRefresher.js";
+vi.mock("@/shared/lib/util.js");
+vi.mock("oslo/oauth2");
+describe("GenericStandaloneAuthenticationRefresher", () => {
+    const mockAuthConfig = {
+        clientId: "mockClientId",
+        oauthServer: "http://mockOauthServer",
+        redirectUrl: "http://localhost/redirect",
+    };
+    const mockEndpoints = {
+        auth: "http://mockAuthEndpoint",
+        token: "http://mockTokenEndpoint",
+        jwks: "http://mockJwksEndpoint",
+        userinfo: "http://mockUserinfoEndpoint",
+        endsession: "http://mockEndsessionEndpoint",
+    };
+    const mockTokens = {
+        id_token: "mockIdToken",
+        access_token: "mockAccessToken",
+        refresh_token: "mockRefreshToken",
+    };
+    const mockStorage = {};
+    let refresher;
+    beforeEach(async () => {
+        vi.clearAllMocks();
+        vi.mocked(getEndpointsWithOverrides).mockResolvedValue(mockEndpoints);
+        refresher = await GenericStandaloneAuthenticationRefresher.build(mockAuthConfig, mockStorage);
+    });
+    describe("init", () => {
+        it("should initialize OAuth2 client with resolved endpoints", async () => {
+            expect(getEndpointsWithOverrides).toHaveBeenCalledWith(mockAuthConfig.oauthServer, undefined);
+            expect(refresher["endpoints"]).toEqual(mockEndpoints);
+            expect(refresher["oauth2client"]).toBeInstanceOf(OAuth2Client);
+        });
+    });
+    describe("refreshTokens", () => {
+        it("should refresh tokens and store them", async () => {
+            vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);
+            const refreshedTokens = {
+                id_token: "newIdToken",
+                access_token: "newAccessToken",
+                refresh_token: "newRefreshToken",
+            };
+            vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockResolvedValue(refreshedTokens);
+            const result = await refresher.refreshTokens();
+            expect(refresher["oauth2client"]?.refreshAccessToken).toHaveBeenCalledWith(mockTokens.refresh_token);
+            expect(storeTokens).toHaveBeenCalledWith(mockStorage, refreshedTokens);
+            expect(result).toEqual(refreshedTokens);
+        });
+        it("should throw an error if no refresh token is available", async () => {
+            vi.mocked(retrieveTokens).mockResolvedValue({
+                ...mockTokens,
+                refresh_token: undefined,
+            });
+            await expect(refresher.refreshTokens()).rejects.toThrow("No refresh token available");
+        });
+    });
+    describe("auto refresh", () => {
+        let setTimeoutSpy;
+        let clearTimeoutSpy;
+        beforeEach(() => {
+            vi.clearAllMocks(); // Ensure all mocks are reset
+            vi.useFakeTimers();
+            setTimeoutSpy = vi.spyOn(global, "setTimeout");
+            clearTimeoutSpy = vi.spyOn(global, "clearTimeout");
+        });
+        afterEach(() => {
+            vi.useRealTimers();
+            setTimeoutSpy.mockRestore();
+            clearTimeoutSpy.mockRestore();
+            vi.clearAllTimers(); // Clear any pending timers
+        });
+        it("should setup auto refresh timer based on token expiry", async () => {
+            const tokensWithExpiry = {
+                ...mockTokens,
+                expires_in: 3600, // 1 hour
+            };
+            vi.mocked(retrieveTokens).mockResolvedValue(tokensWithExpiry);
+            await refresher.setupAutorefresh();
+            // Should set timeout for (3600 - 30) seconds
+            expect(setTimeout).toHaveBeenCalledTimes(1);
+            expect(setTimeout).toHaveBeenCalledWith(expect.any(Function), 3570000);
+        });
+        it("should clear existing timeout when setting up new refresh", async () => {
+            const tokensWithExpiry = {
+                ...mockTokens,
+                expires_in: 3600,
+            };
+            vi.mocked(retrieveTokens).mockResolvedValue(tokensWithExpiry);
+            // Setup initial timeout
+            await refresher.setupAutorefresh();
+            // Setup another timeout
+            await refresher.setupAutorefresh();
+            expect(clearTimeout).toHaveBeenCalled();
+        });
+        it("should refresh tokens and setup new timer when timeout triggers", async () => {
+            const tokensWithExpiry = {
+                ...mockTokens,
+                expires_in: 3600,
+            };
+            const refreshedTokens = {
+                ...mockTokens,
+                id_token: "newIdToken",
+                access_token: "newAccessToken",
+                refresh_token: "newRefreshToken",
+                expires_in: 3600,
+            };
+            // Reset mock call history
+            vi.mocked(retrieveTokens).mockReset();
+            vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockReset();
+            vi.mocked(retrieveTokens)
+                .mockResolvedValueOnce(tokensWithExpiry) // First call for initial setup
+                .mockResolvedValueOnce(tokensWithExpiry) // Second call in refreshTokens
+                .mockResolvedValueOnce(refreshedTokens); // Third call for next setup
+            vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockResolvedValue(refreshedTokens);
+            await refresher.setupAutorefresh();
+            // Fast-forward time to trigger the refresh
+            await vi.advanceTimersByTimeAsync(3570000); // Use async version
+            expect(OAuth2Client.prototype.refreshAccessToken).toHaveBeenCalled();
+            expect(storeTokens).toHaveBeenCalledWith(mockStorage, refreshedTokens);
+            expect(setTimeout).toHaveBeenCalledTimes(2);
+        });
+        it("should handle refresh failures gracefully", async () => {
+            const tokensWithExpiry = {
+                ...mockTokens,
+                expires_in: 3600,
+            };
+            vi.mocked(retrieveTokens).mockResolvedValue(tokensWithExpiry);
+            vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockRejectedValue(new Error("Refresh failed"));
+            const consoleSpy = vi
+                .spyOn(console, "error")
+                .mockImplementation(() => { });
+            await refresher.setupAutorefresh();
+            // Fast-forward time to trigger the refresh
+            vi.advanceTimersByTime(3570000);
+            await vi.runAllTimersAsync();
+            expect(consoleSpy).toHaveBeenCalledWith("Failed to refresh tokens:", expect.any(Error));
+        });
+    });
+});
+//# sourceMappingURL=GenericStandaloneAuthenticationRefresher.test.js.map

package/dist/test/unit/shared/GenericStandaloneAuthenticationRefresher.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"GenericStandaloneAuthenticationRefresher.test.js","sourceRoot":"","sources":["../../../../test/unit/shared/GenericStandaloneAuthenticationRefresher.test.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EACR,EAAE,EACF,MAAM,EACN,EAAE,EACF,UAAU,GAEX,MAAM,QAAQ,CAAC;AAChB,OAAO,EACL,yBAAyB,EACzB,cAAc,EACd,WAAW,GACZ,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,EAAE,wCAAwC,EAAE,MAAM,0DAA0D,CAAC;AAEpH,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;AAChC,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;AAEvB,QAAQ,CAAC,0CAA0C,EAAE,GAAG,EAAE;IACxD,MAAM,cAAc,GAAe;QACjC,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,wBAAwB;QACrC,WAAW,EAAE,2BAA2B;KACzC,CAAC;IACF,MAAM,aAAa,GAAc;QAC/B,IAAI,EAAE,yBAAyB;QAC/B,KAAK,EAAE,0BAA0B;QACjC,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,6BAA6B;QACvC,UAAU,EAAE,+BAA+B;KAC5C,CAAC;IACF,MAAM,UAAU,GAA0B;QACxC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,iBAAiB;QAC/B,aAAa,EAAE,kBAAkB;KAClC,CAAC;IACF,MAAM,WAAW,GAAG,EAAiB,CAAC;IAEtC,IAAI,SAAmD,CAAC;IAExD,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,MAAM,CAAC,yBAAyB,CAAC,CAAC,iBAAiB,CAAC,aAAa,CAAC,CAAC;QACtE,SAAS,GAAG,MAAM,wCAAwC,CAAC,KAAK,CAC9D,cAAc,EACd,WAAW,CACZ,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,MAAM,EAAE,GAAG,EAAE;QACpB,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;YACvE,MAAM,CAAC,yBAAyB,CAAC,CAAC,oBAAoB,CACpD,cAAc,CAAC,WAAW,EAC1B,SAAS,CACV,CAAC;YACF,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YACtD,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YACxD,MAAM,eAAe,GAA0B;gBAC7C,QAAQ,EAAE,YAAY;gBACtB,YAAY,EAAE,gBAAgB;gBAC9B,aAAa,EAAE,iBAAiB;aACjC,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,iBAAiB,CACpE,eAAe,CAChB,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,aAAa,EAAE,CAAC;YAE/C,MAAM,CACJ,SAAS,CAAC,cAAc,CAAC,EAAE,kBAAkB,CAC9C,CAAC,oBAAoB,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YACjD,MAAM,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;YACvE,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;YACtE,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC;gBAC1C,GAAG,UAAU;gBACb,aAAa,EAAE,SAAS;aACzB,CAAC,CAAC;YAEH,MAAM,MAAM,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CACrD,4BAA4B,CAC7B,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,IAAI,aAA8C,CAAC;QACnD,IAAI,eAAkD,CAAC;QAEvD,UAAU,CAAC,GAAG,EAAE;YACd,EAAE,CAAC,aAAa,EAAE,CAAC,CAAC,6BAA6B;YACjD,EAAE,CAAC,aAAa,EAAE,CAAC;YACnB,aAAa,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;YAC/C,eAAe,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QACrD,CAAC,CAAC,CAAC;QAEH,SAAS,CAAC,GAAG,EAAE;YACb,EAAE,CAAC,aAAa,EAAE,CAAC;YACnB,aAAa,CAAC,WAAW,EAAE,CAAC;YAC5B,eAAe,CAAC,WAAW,EAAE,CAAC;YAC9B,EAAE,CAAC,cAAc,EAAE,CAAC,CAAC,2BAA2B;QAClD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uDAAuD,EAAE,KAAK,IAAI,EAAE;YACrE,MAAM,gBAAgB,GAAG;gBACvB,GAAG,UAAU;gBACb,UAAU,EAAE,IAAI,EAAE,SAAS;aAC5B,CAAC;YACF,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;YAE9D,MAAM,SAAS,CAAC,gBAAgB,EAAE,CAAC;YAEnC,6CAA6C;YAC7C,MAAM,CAAC,UAAU,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;YAC5C,MAAM,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;YACzE,MAAM,gBAAgB,GAAG;gBACvB,GAAG,UAAU;gBACb,UAAU,EAAE,IAAI;aACjB,CAAC;YACF,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;YAE9D,wBAAwB;YACxB,MAAM,SAAS,CAAC,gBAAgB,EAAE,CAAC;YAEnC,wBAAwB;YACxB,MAAM,SAAS,CAAC,gBAAgB,EAAE,CAAC;YAEnC,MAAM,CAAC,YAAY,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iEAAiE,EAAE,KAAK,IAAI,EAAE;YAC/E,MAAM,gBAAgB,GAAG;gBACvB,GAAG,UAAU;gBACb,UAAU,EAAE,IAAI;aACjB,CAAC;YACF,MAAM,eAAe,GAAG;gBACtB,GAAG,UAAU;gBACb,QAAQ,EAAE,YAAY;gBACtB,YAAY,EAAE,gBAAgB;gBAC9B,aAAa,EAAE,iBAAiB;gBAChC,UAAU,EAAE,IAAI;aACjB,CAAC;YAEF,0BAA0B;YAC1B,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,EAAE,CAAC;YACtC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,SAAS,EAAE,CAAC;YAEjE,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC;iBACtB,qBAAqB,CAAC,gBAAgB,CAAC,CAAC,+BAA+B;iBACvE,qBAAqB,CAAC,gBAAgB,CAAC,CAAC,+BAA+B;iBACvE,qBAAqB,CAAC,eAAe,CAAC,CAAC,CAAC,4BAA4B;YAEvE,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,iBAAiB,CACpE,eAAe,CAChB,CAAC;YAEF,MAAM,SAAS,CAAC,gBAAgB,EAAE,CAAC;YAEnC,2CAA2C;YAC3C,MAAM,EAAE,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC,CAAC,oBAAoB;YAEhE,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,gBAAgB,EAAE,CAAC;YACrE,MAAM,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;YACvE,MAAM,CAAC,UAAU,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,KAAK,IAAI,EAAE;YACzD,MAAM,gBAAgB,GAAG;gBACvB,GAAG,UAAU;gBACb,UAAU,EAAE,IAAI;aACjB,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;YAC9D,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,iBAAiB,CACpE,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAC5B,CAAC;YAEF,MAAM,UAAU,GAAG,EAAE;iBAClB,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC;iBACvB,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YAEhC,MAAM,SAAS,CAAC,gBAAgB,EAAE,CAAC;YAEnC,2CAA2C;YAC3C,EAAE,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAChC,MAAM,EAAE,CAAC,iBAAiB,EAAE,CAAC;YAE7B,MAAM,CAAC,UAAU,CAAC,CAAC,oBAAoB,CACrC,2BAA2B,EAC3B,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAClB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import {\n describe,\n it,\n expect,\n vi,\n beforeEach,\n type MockInstance,\n} from \"vitest\";\nimport {\n getEndpointsWithOverrides,\n retrieveTokens,\n storeTokens,\n} from \"@/shared/lib/util.js\";\nimport type { AuthStorage, Endpoints, OIDCTokenResponseBody } from \"@/types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport type { AuthConfig } from \"@/server/config.ts\";\nimport { GenericStandaloneAuthenticationRefresher } from \"@/shared/lib/GenericStandaloneAuthenticationRefresher.js\";\n\nvi.mock(\"@/shared/lib/util.js\");\nvi.mock(\"oslo/oauth2\");\n\ndescribe(\"GenericStandaloneAuthenticationRefresher\", () => {\n const mockAuthConfig: AuthConfig = {\n clientId: \"mockClientId\",\n oauthServer: \"http://mockOauthServer\",\n redirectUrl: \"http://localhost/redirect\",\n };\n const mockEndpoints: Endpoints = {\n auth: \"http://mockAuthEndpoint\",\n token: \"http://mockTokenEndpoint\",\n jwks: \"http://mockJwksEndpoint\",\n userinfo: \"http://mockUserinfoEndpoint\",\n endsession: \"http://mockEndsessionEndpoint\",\n };\n const mockTokens: OIDCTokenResponseBody = {\n id_token: \"mockIdToken\",\n access_token: \"mockAccessToken\",\n refresh_token: \"mockRefreshToken\",\n };\n const mockStorage = {} as AuthStorage;\n\n let refresher: GenericStandaloneAuthenticationRefresher;\n\n beforeEach(async () => {\n vi.clearAllMocks();\n vi.mocked(getEndpointsWithOverrides).mockResolvedValue(mockEndpoints);\n refresher = await GenericStandaloneAuthenticationRefresher.build(\n mockAuthConfig,\n mockStorage,\n );\n });\n\n describe(\"init\", () => {\n it(\"should initialize OAuth2 client with resolved endpoints\", async () => {\n expect(getEndpointsWithOverrides).toHaveBeenCalledWith(\n mockAuthConfig.oauthServer,\n undefined,\n );\n expect(refresher[\"endpoints\"]).toEqual(mockEndpoints);\n expect(refresher[\"oauth2client\"]).toBeInstanceOf(OAuth2Client);\n });\n });\n\n describe(\"refreshTokens\", () => {\n it(\"should refresh tokens and store them\", async () => {\n vi.mocked(retrieveTokens).mockResolvedValue(mockTokens);\n const refreshedTokens: OIDCTokenResponseBody = {\n id_token: \"newIdToken\",\n access_token: \"newAccessToken\",\n refresh_token: \"newRefreshToken\",\n };\n\n vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockResolvedValue(\n refreshedTokens,\n );\n\n const result = await refresher.refreshTokens();\n\n expect(\n refresher[\"oauth2client\"]?.refreshAccessToken,\n ).toHaveBeenCalledWith(mockTokens.refresh_token);\n expect(storeTokens).toHaveBeenCalledWith(mockStorage, refreshedTokens);\n expect(result).toEqual(refreshedTokens);\n });\n\n it(\"should throw an error if no refresh token is available\", async () => {\n vi.mocked(retrieveTokens).mockResolvedValue({\n ...mockTokens,\n refresh_token: undefined,\n });\n\n await expect(refresher.refreshTokens()).rejects.toThrow(\n \"No refresh token available\",\n );\n });\n });\n\n describe(\"auto refresh\", () => {\n let setTimeoutSpy: MockInstance<typeof setTimeout>;\n let clearTimeoutSpy: MockInstance<typeof clearTimeout>;\n\n beforeEach(() => {\n vi.clearAllMocks(); // Ensure all mocks are reset\n vi.useFakeTimers();\n setTimeoutSpy = vi.spyOn(global, \"setTimeout\");\n clearTimeoutSpy = vi.spyOn(global, \"clearTimeout\");\n });\n\n afterEach(() => {\n vi.useRealTimers();\n setTimeoutSpy.mockRestore();\n clearTimeoutSpy.mockRestore();\n vi.clearAllTimers(); // Clear any pending timers\n });\n\n it(\"should setup auto refresh timer based on token expiry\", async () => {\n const tokensWithExpiry = {\n ...mockTokens,\n expires_in: 3600, // 1 hour\n };\n vi.mocked(retrieveTokens).mockResolvedValue(tokensWithExpiry);\n\n await refresher.setupAutorefresh();\n\n // Should set timeout for (3600 - 30) seconds\n expect(setTimeout).toHaveBeenCalledTimes(1);\n expect(setTimeout).toHaveBeenCalledWith(expect.any(Function), 3570000);\n });\n\n it(\"should clear existing timeout when setting up new refresh\", async () => {\n const tokensWithExpiry = {\n ...mockTokens,\n expires_in: 3600,\n };\n vi.mocked(retrieveTokens).mockResolvedValue(tokensWithExpiry);\n\n // Setup initial timeout\n await refresher.setupAutorefresh();\n\n // Setup another timeout\n await refresher.setupAutorefresh();\n\n expect(clearTimeout).toHaveBeenCalled();\n });\n\n it(\"should refresh tokens and setup new timer when timeout triggers\", async () => {\n const tokensWithExpiry = {\n ...mockTokens,\n expires_in: 3600,\n };\n const refreshedTokens = {\n ...mockTokens,\n id_token: \"newIdToken\",\n access_token: \"newAccessToken\",\n refresh_token: \"newRefreshToken\",\n expires_in: 3600,\n };\n\n // Reset mock call history\n vi.mocked(retrieveTokens).mockReset();\n vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockReset();\n\n vi.mocked(retrieveTokens)\n .mockResolvedValueOnce(tokensWithExpiry) // First call for initial setup\n .mockResolvedValueOnce(tokensWithExpiry) // Second call in refreshTokens\n .mockResolvedValueOnce(refreshedTokens); // Third call for next setup\n\n vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockResolvedValue(\n refreshedTokens,\n );\n\n await refresher.setupAutorefresh();\n\n // Fast-forward time to trigger the refresh\n await vi.advanceTimersByTimeAsync(3570000); // Use async version\n\n expect(OAuth2Client.prototype.refreshAccessToken).toHaveBeenCalled();\n expect(storeTokens).toHaveBeenCalledWith(mockStorage, refreshedTokens);\n expect(setTimeout).toHaveBeenCalledTimes(2);\n });\n\n it(\"should handle refresh failures gracefully\", async () => {\n const tokensWithExpiry = {\n ...mockTokens,\n expires_in: 3600,\n };\n\n vi.mocked(retrieveTokens).mockResolvedValue(tokensWithExpiry);\n vi.mocked(OAuth2Client.prototype.refreshAccessToken).mockRejectedValue(\n new Error(\"Refresh failed\"),\n );\n\n const consoleSpy = vi\n .spyOn(console, \"error\")\n .mockImplementation(() => {});\n\n await refresher.setupAutorefresh();\n\n // Fast-forward time to trigger the refresh\n vi.advanceTimersByTime(3570000);\n await vi.runAllTimersAsync();\n\n expect(consoleSpy).toHaveBeenCalledWith(\n \"Failed to refresh tokens:\",\n expect.any(Error),\n );\n });\n });\n});\n"]}

package/dist/test/unit/shared/GenericStandaloneAuthenticationRefresher.text.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=GenericStandaloneAuthenticationRefresher.text.d.ts.map