npm - @civic/auth - Versions diffs - 0.2.2-beta.5 → 0.2.2-beta.7 - Mend

@civic/auth 0.2.2-beta.5 → 0.2.2-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (608) hide show

package/dist/src/types.d.ts DELETED Viewed

@@ -1,148 +0,0 @@
-import type { TokenResponseBody } from "oslo/oauth2";
-import type { JWT } from "oslo/jwt";
-type UnknownObject = Record<string, unknown>;
-type EmptyObject = Record<string, never>;
-type DisplayMode = "iframe" | "redirect" | "new_tab" | "custom_tab";
-interface AuthSessionService {
-    loadAuthorizationUrl(authorizationURL: string, displayMode: DisplayMode): void;
-    getAuthorizationUrl(scopes: string[], overrideDisplayMode: DisplayMode, nonce?: string): Promise<string>;
-    signIn(displayMode: DisplayMode, scopes: string[], nonce?: string): Promise<void>;
-    tokenExchange(responseUrl: string): Promise<SessionData>;
-    getSessionData(): SessionData;
-    updateSessionData(data: SessionData): void;
-    getUserInfoService(): Promise<UserInfoService>;
-}
-interface TokenService {
-    exchangeCodeForTokens(authCode: string): Promise<Tokens>;
-    validateIdToken(idToken: string, nonce: string): boolean;
-    refreshAccessToken(refreshToken: string): Promise<Tokens>;
-}
-interface UserInfoService {
-    getUserInfo<T extends UnknownObject>(accessToken: string, idToken: string | null): Promise<User<T> | null>;
-}
-interface ResourceService {
-    getProtectedResource(accessToken: string): Promise<unknown>;
-}
-type AuthRequest = {
-    clientId: string;
-    redirectUri: string;
-    state: string;
-    nonce: string;
-    scope: string;
-};
-type Endpoints = {
-    jwks: string;
-    auth: string;
-    token: string;
-    userinfo: string;
-    challenge?: string;
-    endsession: string;
-};
-type Config = {
-    oauthServer: string;
-    endpoints?: Endpoints;
-};
-type SessionData = {
-    authenticated: boolean;
-    state?: string;
-    accessToken?: string;
-    refreshToken?: string;
-    idToken?: string;
-    timestamp?: number;
-    expiresIn?: number;
-    codeVerifier?: string;
-    displayMode?: DisplayMode;
-    openerUrl?: string;
-};
-type OIDCTokenResponseBody = TokenResponseBody & {
-    id_token: string;
-    timestamp?: number;
-};
-type ParsedTokens = {
-    id_token: JWTPayload;
-    access_token: JWTPayload;
-    refresh_token?: string;
-};
-type ForwardedTokens = Record<string, {
-    idToken?: string;
-    accessToken?: string;
-    refreshToken?: string;
-}>;
-type ForwardedTokensJWT = Record<string, {
-    id_token?: string;
-    access_token?: string;
-    refresh_token?: string;
-    scope?: string;
-}>;
-type JWTPayload = JWT["payload"] & {
-    iss: string;
-    aud: string;
-    sub: string;
-    iat: number;
-    exp: number;
-};
-type IdTokenPayload = JWTPayload & {
-    forwardedTokens?: ForwardedTokensJWT;
-    email?: string;
-    name?: string;
-    picture?: string;
-    nonce: string;
-    at_hash: string;
-};
-type IdToken = Omit<JWT, "payload"> & {
-    payload: IdTokenPayload;
-};
-declare const tokenKeys: string[];
-type Tokens = {
-    [K in (typeof tokenKeys)[number]]: K extends "forwardedTokens" ? ForwardedTokens : string;
-};
-type BaseUser = {
-    id: string;
-    email?: string;
-    name?: string;
-    given_name?: string;
-    family_name?: string;
-    picture?: string;
-    updated_at?: Date;
-};
-type User<T extends UnknownObject = EmptyObject> = BaseUser & T;
-type OpenIdConfiguration = {
-    authorization_endpoint: string;
-    claims_parameter_supported: boolean;
-    claims_supported: string[];
-    code_challenge_methods_supported: string[];
-    end_session_endpoint: string;
-    grant_types_supported: string[];
-    issuer: string;
-    jwks_uri: string;
-    authorization_response_iss_parameter_supported: boolean;
-    response_modes_supported: string[];
-    response_types_supported: string[];
-    scopes_supported: string[];
-    subject_types_supported: string[];
-    token_endpoint_auth_methods_supported: string[];
-    token_endpoint_auth_signing_alg_values_supported: string[];
-    token_endpoint: string;
-    id_token_signing_alg_values_supported: string[];
-    pushed_authorization_request_endpoint: string;
-    request_parameter_supported: boolean;
-    request_uri_parameter_supported: boolean;
-    userinfo_endpoint: string;
-    claim_types_supported: string[];
-};
-type LoginPostMessage = {
-    source: string;
-    type: string;
-    clientId: string;
-    data: {
-        url: string;
-    };
-};
-export type { LoginPostMessage, AuthSessionService, TokenService, UserInfoService, ResourceService, AuthRequest, Tokens, Endpoints, Config, SessionData, OIDCTokenResponseBody, ParsedTokens, BaseUser, User, DisplayMode, UnknownObject, EmptyObject, ForwardedTokens, ForwardedTokensJWT, JWTPayload, IdTokenPayload, IdToken, OpenIdConfiguration, };
-export { tokenKeys };
-export interface AuthStorage {
-    get(key: string): Promise<string | null>;
-    set(key: string, value: string): Promise<void>;
-}
-export type IframeMode = "embedded" | "modal";
-//# sourceMappingURL=types.d.ts.map

package/dist/src/types.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAEpC,KAAK,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAC7C,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;AAGzC,KAAK,WAAW,GAAG,QAAQ,GAAG,UAAU,GAAG,SAAS,GAAG,YAAY,CAAC;AAGpE,UAAU,kBAAkB;IAE1B,oBAAoB,CAClB,gBAAgB,EAAE,MAAM,EACxB,WAAW,EAAE,WAAW,GACvB,IAAI,CAAC;IAER,mBAAmB,CACjB,MAAM,EAAE,MAAM,EAAE,EAChB,mBAAmB,EAAE,WAAW,EAChC,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnB,MAAM,CACJ,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,MAAM,EAAE,EAChB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAEzD,cAAc,IAAI,WAAW,CAAC;IAE9B,iBAAiB,CAAC,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,kBAAkB,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;CAChD;AAGD,UAAU,YAAY;IACpB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IACzD,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC3D;AAGD,UAAU,eAAe;IACvB,WAAW,CAAC,CAAC,SAAS,aAAa,EACjC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,GAAG,IAAI,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;CAC5B;AAGD,UAAU,eAAe;IACvB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7D;AAGD,KAAK,WAAW,GAAG;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,MAAM,GAAG;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,SAAS,CAAC;CACvB,CAAC;AAEF,KAAK,WAAW,GAAG;IACjB,aAAa,EAAE,OAAO,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,qBAAqB,GAAG,iBAAiB,GAAG;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,YAAY,GAAG;IAClB,QAAQ,EAAE,UAAU,CAAC;IACrB,YAAY,EAAE,UAAU,CAAC;IACzB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAGF,KAAK,eAAe,GAAG,MAAM,CAC3B,MAAM,EACN;IACE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CACF,CAAC;AAGF,KAAK,kBAAkB,GAAG,MAAM,CAC9B,MAAM,EACN;IACE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CACF,CAAC;AAEF,KAAK,UAAU,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,KAAK,cAAc,GAAG,UAAU,GAAG;IACjC,eAAe,CAAC,EAAE,kBAAkB,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,KAAK,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG;IACpC,OAAO,EAAE,cAAc,CAAC;CACzB,CAAC;AAGF,QAAA,MAAM,SAAS,UAAgE,CAAC;AAGhF,KAAK,MAAM,GAAG;KACX,CAAC,IAAI,CAAC,OAAO,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,iBAAiB,GAC1D,eAAe,GACf,MAAM;CACX,CAAC;AAGF,KAAK,QAAQ,GAAG;IACd,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,IAAI,CAAC;CACnB,CAAC;AAEF,KAAK,IAAI,CAAC,CAAC,SAAS,aAAa,GAAG,WAAW,IAAI,QAAQ,GAAG,CAAC,CAAC;AAEhE,KAAK,mBAAmB,GAAG;IACzB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,0BAA0B,EAAE,OAAO,CAAC;IACpC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,gCAAgC,EAAE,MAAM,EAAE,CAAC;IAC3C,oBAAoB,EAAE,MAAM,CAAC;IAC7B,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C,EAAE,OAAO,CAAC;IACxD,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,uBAAuB,EAAE,MAAM,EAAE,CAAC;IAClC,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,gDAAgD,EAAE,MAAM,EAAE,CAAC;IAC3D,cAAc,EAAE,MAAM,CAAC;IACvB,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,qCAAqC,EAAE,MAAM,CAAC;IAC9C,2BAA2B,EAAE,OAAO,CAAC;IACrC,+BAA+B,EAAE,OAAO,CAAC;IACzC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAC;CACjC,CAAC;AAEF,KAAK,gBAAgB,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;CACH,CAAC;AACF,YAAY,EACV,gBAAgB,EAChB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,eAAe,EACf,WAAW,EACX,MAAM,EACN,SAAS,EACT,MAAM,EACN,WAAW,EACX,qBAAqB,EACrB,YAAY,EACZ,QAAQ,EACR,IAAI,EACJ,WAAW,EACX,aAAa,EACb,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,cAAc,EACd,OAAO,EACP,mBAAmB,GACpB,CAAC;AACF,OAAO,EAAE,SAAS,EAAE,CAAC;AACrB,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAChD;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,OAAO,CAAC"}

package/dist/src/types.js DELETED Viewed

@@ -1,4 +0,0 @@
-// eslint-disable-next-line @typescript-eslint/no-unused-vars
-const tokenKeys = ["idToken", "accessToken", "refreshToken", "forwardedTokens"];
-export { tokenKeys };
-//# sourceMappingURL=types.js.map

package/dist/src/types.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAkJA,6DAA6D;AAC7D,MAAM,SAAS,GAAG,CAAC,SAAS,EAAE,aAAa,EAAE,cAAc,EAAE,iBAAiB,CAAC,CAAC;AAgFhF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import type { TokenResponseBody } from \"oslo/oauth2\";\nimport type { JWT } from \"oslo/jwt\";\n\ntype UnknownObject = Record<string, unknown>;\ntype EmptyObject = Record<string, never>;\n\n// Display modes for the auth flow\ntype DisplayMode = \"iframe\" | \"redirect\" | \"new_tab\" | \"custom_tab\";\n\n// Combined Auth and Session Service\ninterface AuthSessionService {\n // TODO DK NOTES: Should be in BrowserAuthSessionService, not relevant on backend\n loadAuthorizationUrl(\n authorizationURL: string,\n displayMode: DisplayMode,\n ): void;\n // TODO DK NOTES: overrideDisplayMode parameter not appropriate here - also - do we need both this and the above in the interface?\n getAuthorizationUrl(\n scopes: string[],\n overrideDisplayMode: DisplayMode,\n nonce?: string,\n ): Promise<string>;\n // TODO DK NOTES: display mode should be in browser version only. Also, do we need this and the above two in the top-level interface?\n signIn(\n displayMode: DisplayMode,\n scopes: string[],\n nonce?: string,\n ): Promise<void>;\n // TODO DK NOTES: Input should be an auth code - do not assume it comes via an url\n tokenExchange(responseUrl: string): Promise<SessionData>;\n // TODO DK NOTES: Should be async for flexibility\n getSessionData(): SessionData;\n // TODO DK NOTES: Should be async for flexibility\n updateSessionData(data: SessionData): void;\n getUserInfoService(): Promise<UserInfoService>;\n}\n\n// Token Service\ninterface TokenService {\n exchangeCodeForTokens(authCode: string): Promise<Tokens>;\n validateIdToken(idToken: string, nonce: string): boolean;\n refreshAccessToken(refreshToken: string): Promise<Tokens>;\n}\n\n// User Info Service\ninterface UserInfoService {\n getUserInfo<T extends UnknownObject>(\n accessToken: string,\n idToken: string | null,\n ): Promise<User<T> | null>;\n}\n\n// Resource Service\ninterface ResourceService {\n getProtectedResource(accessToken: string): Promise<unknown>;\n}\n\n// Auth Request (for internal use in AuthSessionService)\ntype AuthRequest = {\n clientId: string;\n redirectUri: string;\n state: string;\n nonce: string;\n scope: string;\n};\n\ntype Endpoints = {\n jwks: string;\n auth: string;\n token: string;\n userinfo: string;\n challenge?: string;\n endsession: string;\n};\n\ntype Config = {\n oauthServer: string;\n endpoints?: Endpoints;\n};\n\ntype SessionData = {\n authenticated: boolean; // TODO can this be inferred from the presence of the tokens?\n state?: string;\n accessToken?: string;\n refreshToken?: string;\n idToken?: string;\n timestamp?: number;\n expiresIn?: number;\n codeVerifier?: string;\n displayMode?: DisplayMode;\n openerUrl?: string;\n};\n\ntype OIDCTokenResponseBody = TokenResponseBody & {\n id_token: string;\n timestamp?: number;\n};\n\ntype ParsedTokens = {\n id_token: JWTPayload;\n access_token: JWTPayload;\n refresh_token?: string;\n};\n\n// The format we expose to the frontend via hooks\ntype ForwardedTokens = Record<\n string,\n {\n idToken?: string;\n accessToken?: string;\n refreshToken?: string;\n }\n>;\n\n// The format in the JWT payload\ntype ForwardedTokensJWT = Record<\n string,\n {\n id_token?: string;\n access_token?: string;\n refresh_token?: string;\n scope?: string;\n }\n>;\n\ntype JWTPayload = JWT[\"payload\"] & {\n iss: string;\n aud: string;\n sub: string;\n iat: number;\n exp: number;\n};\n\ntype IdTokenPayload = JWTPayload & {\n forwardedTokens?: ForwardedTokensJWT;\n email?: string;\n name?: string;\n picture?: string;\n nonce: string;\n at_hash: string;\n};\n\ntype IdToken = Omit<JWT, \"payload\"> & {\n payload: IdTokenPayload;\n};\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nconst tokenKeys = [\"idToken\", \"accessToken\", \"refreshToken\", \"forwardedTokens\"];\n\n// Derive the Tokens type from the array\ntype Tokens = {\n [K in (typeof tokenKeys)[number]]: K extends \"forwardedTokens\"\n ? ForwardedTokens\n : string;\n};\n\n// Base user interface\ntype BaseUser = {\n id: string;\n email?: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n picture?: string;\n updated_at?: Date;\n};\n\ntype User<T extends UnknownObject = EmptyObject> = BaseUser & T;\n\ntype OpenIdConfiguration = {\n authorization_endpoint: string;\n claims_parameter_supported: boolean;\n claims_supported: string[];\n code_challenge_methods_supported: string[];\n end_session_endpoint: string;\n grant_types_supported: string[];\n issuer: string;\n jwks_uri: string;\n authorization_response_iss_parameter_supported: boolean;\n response_modes_supported: string[];\n response_types_supported: string[];\n scopes_supported: string[];\n subject_types_supported: string[];\n token_endpoint_auth_methods_supported: string[];\n token_endpoint_auth_signing_alg_values_supported: string[];\n token_endpoint: string;\n id_token_signing_alg_values_supported: string[];\n pushed_authorization_request_endpoint: string;\n request_parameter_supported: boolean;\n request_uri_parameter_supported: boolean;\n userinfo_endpoint: string;\n claim_types_supported: string[];\n};\n\ntype LoginPostMessage = {\n source: string;\n type: string;\n clientId: string;\n data: {\n url: string;\n };\n};\nexport type {\n LoginPostMessage,\n AuthSessionService,\n TokenService,\n UserInfoService,\n ResourceService,\n AuthRequest,\n Tokens,\n Endpoints,\n Config,\n SessionData,\n OIDCTokenResponseBody,\n ParsedTokens,\n BaseUser,\n User,\n DisplayMode,\n UnknownObject,\n EmptyObject,\n ForwardedTokens,\n ForwardedTokensJWT,\n JWTPayload,\n IdTokenPayload,\n IdToken,\n OpenIdConfiguration,\n};\nexport { tokenKeys };\nexport interface AuthStorage {\n get(key: string): Promise<string | null>;\n set(key: string, value: string): Promise<void>;\n}\n\nexport type IframeMode = \"embedded\" | \"modal\";\n"]}

package/dist/src/utils.d.ts DELETED Viewed

@@ -1,15 +0,0 @@
-/**
- * Checks if a popup window is blocked by the browser.
- *
- * This function attempts to open a small popup window and then checks if it was successfully created.
- * If the popup is blocked by the browser, the function returns `true`. Otherwise, it returns `false`.
- *
- * @returns {boolean} - `true` if the popup is blocked, `false` otherwise.
- */
-declare const isPopupBlocked: () => boolean;
-type WithoutUndefined<T> = {
-    [K in keyof T as undefined extends T[K] ? never : K]: T[K];
-};
-export declare const withoutUndefined: <T extends { [K in keyof T]: unknown; }>(obj: T) => WithoutUndefined<T>;
-export { isPopupBlocked };
-//# sourceMappingURL=utils.d.ts.map

package/dist/src/utils.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,QAAA,MAAM,cAAc,QAAO,OAsB1B,CAAC;AAOF,KAAK,gBAAgB,CAAC,CAAC,IAAI;KACxB,CAAC,IAAI,MAAM,CAAC,IAAI,SAAS,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAC3D,CAAC;AACF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,OAAO,GAAE,OAC/D,CAAC,KACL,gBAAgB,CAAC,CAAC,CAapB,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,CAAC"}

package/dist/src/utils.js DELETED Viewed

@@ -1,43 +0,0 @@
-/**
- * Checks if a popup window is blocked by the browser.
- *
- * This function attempts to open a small popup window and then checks if it was successfully created.
- * If the popup is blocked by the browser, the function returns `true`. Otherwise, it returns `false`.
- *
- * @returns {boolean} - `true` if the popup is blocked, `false` otherwise.
- */
-const isPopupBlocked = () => {
-    // First we try to open a small popup window. It either returns a window object or null.
-    const popup = window.open("", "", "width=1,height=1");
-    // If window.open() returns null, popup is definitely blocked
-    if (!popup) {
-        return true;
-    }
-    try {
-        // Try to access a property of the popup to check if it's usable
-        if (typeof popup.closed === "undefined") {
-            throw new Error("Popup is blocked");
-        }
-    }
-    catch {
-        // Accessing the popup's properties throws an error if the popup is blocked
-        return true;
-    }
-    // Close the popup immediately if it was opened
-    popup.close();
-    return false;
-};
-export const withoutUndefined = (obj) => {
-    const result = {};
-    for (const key in obj) {
-        if (obj[key] !== undefined) {
-            // TypeScript needs assurance that key is a valid key in WithoutUndefined<T>
-            // We use type assertion here
-            // eslint-disable-next-line @typescript-eslint/no-explicit-any
-            result[key] = obj[key];
-        }
-    }
-    return result;
-};
-export { isPopupBlocked };
-//# sourceMappingURL=utils.js.map

package/dist/src/utils.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,MAAM,cAAc,GAAG,GAAY,EAAE;IACnC,wFAAwF;IACxF,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,kBAAkB,CAAC,CAAC;IAEtD,6DAA6D;IAC7D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,gEAAgE;QAChE,IAAI,OAAO,KAAK,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2EAA2E;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,+CAA+C;IAC/C,KAAK,CAAC,KAAK,EAAE,CAAC;IACd,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAUF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,GAAM,EACe,EAAE;IACvB,MAAM,MAAM,GAAG,EAAyB,CAAC;IAEzC,KAAK,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;QACtB,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;YAC3B,4EAA4E;YAC5E,6BAA6B;YAC7B,8DAA8D;YAC7D,MAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,CAAC","sourcesContent":["/**\n * Checks if a popup window is blocked by the browser.\n *\n * This function attempts to open a small popup window and then checks if it was successfully created.\n * If the popup is blocked by the browser, the function returns `true`. Otherwise, it returns `false`.\n *\n * @returns {boolean} - `true` if the popup is blocked, `false` otherwise.\n */\nconst isPopupBlocked = (): boolean => {\n // First we try to open a small popup window. It either returns a window object or null.\n const popup = window.open(\"\", \"\", \"width=1,height=1\");\n\n // If window.open() returns null, popup is definitely blocked\n if (!popup) {\n return true;\n }\n\n try {\n // Try to access a property of the popup to check if it's usable\n if (typeof popup.closed === \"undefined\") {\n throw new Error(\"Popup is blocked\");\n }\n } catch {\n // Accessing the popup's properties throws an error if the popup is blocked\n return true;\n }\n\n // Close the popup immediately if it was opened\n popup.close();\n return false;\n};\n\n// This type narrows T as far as it can by:\n// - removing all keys where the value is `undefined`\n// - making keys that are not undefined required\n// So, for example: given { a: string | undefined, b: string | undefined },\n// if you pass in { a: \"foo\" }, it returns an object of type: { a: string }\ntype WithoutUndefined<T> = {\n [K in keyof T as undefined extends T[K] ? never : K]: T[K];\n};\nexport const withoutUndefined = <T extends { [K in keyof T]: unknown }>(\n obj: T,\n): WithoutUndefined<T> => {\n const result = {} as WithoutUndefined<T>;\n\n for (const key in obj) {\n if (obj[key] !== undefined) {\n // TypeScript needs assurance that key is a valid key in WithoutUndefined<T>\n // We use type assertion here\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n (result as any)[key] = obj[key];\n }\n }\n\n return result;\n};\n\nexport { isPopupBlocked };\n"]}

package/dist/src/version.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export declare const VERSION = "@civic/auth:0.1.4-beta.5";
2	- //# sourceMappingURL=version.d.ts.map

package/dist/src/version.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,OAAO,6BAA6B,CAAC"}

package/dist/src/version.js DELETED Viewed

@@ -1,3 +0,0 @@
-// This is an auto-generated file. Do not edit.
-export const VERSION = "@civic/auth:0.1.4-beta.5";
-//# sourceMappingURL=version.js.map

package/dist/src/version.js.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.1.4-beta.5\";\n"]}

package/dist/test/integration/sdk.test.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import "@testing-library/jest-dom";
2	- //# sourceMappingURL=sdk.test.d.ts.map

package/dist/test/integration/sdk.test.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"sdk.test.d.ts","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAoBA,OAAO,2BAA2B,CAAC"}

package/dist/test/integration/sdk.test.js DELETED Viewed

@@ -1,237 +0,0 @@
-import React from "react";
-import { OAuth2Client } from "oslo/oauth2";
-import { useAuth, useUser } from "@/reactjs/hooks/index.js";
-import { CivicAuthProvider } from "@/reactjs/providers/index.js";
-import { render, screen, act, fireEvent, waitFor, } from "@testing-library/react";
-import { describe, it, expect, beforeEach, vi, afterEach, } from "vitest";
-import "@testing-library/jest-dom";
-import * as jose from "jose";
-import tokensFixture from "../support/tokens.json" assert { type: "json" };
-import * as oauthLib from "@/lib/oauth.js";
-import { CodeVerifier } from "@/shared/lib/types.js";
-const validTokens = { ...tokensFixture.local.validTokens };
-// Mock Component to test OAuth flow with useAuth
-const MockOAuthComponent = () => {
-    const { signIn, isAuthenticated, signOut } = useAuth();
-    const { user } = useUser();
-    const handleLogin = async () => {
-        try {
-            await signIn();
-            alert("Login Redirect Initiated");
-        }
-        catch {
-            alert("Login Failed");
-        }
-    };
-    const handleLogout = async () => {
-        await signOut();
-        alert("Logout Initiated");
-    };
-    return (React.createElement("div", null,
-        React.createElement("button", { onClick: handleLogin }, "Login"),
-        React.createElement("button", { onClick: handleLogout }, "Logout"),
-        user && (React.createElement("p", { "data-testid": "user-email" },
-            "User:",
-            user.email)),
-        isAuthenticated && (React.createElement("p", { "data-testid": "session" }, "Session authenticated:true"))));
-};
-describe("OAuth login", () => {
-    const clientId = "test-client-id";
-    let mockOAuth2Client;
-    let originalWindowLocation;
-    afterEach(vi.clearAllMocks);
-    const getOauthEndpointsMock = vi.spyOn(oauthLib, "getOauthEndpoints").mockResolvedValue({
-        auth: "http://localhost:3001/oauth/auth",
-        token: "http://localhost:3001/oauth/token",
-        jwks: "http://localhost:3001/oauth/jwks",
-        userinfo: "http://localhost:3001/oauth/userinfo",
-        endsession: "http://localhost:3001/oauth/endsession",
-    });
-    vi.mock("oslo/oauth2", () => ({
-        OAuth2Client: vi.fn(),
-        generateCodeVerifier: vi.fn(() => "mock-code-verifier"),
-        generateState: vi.fn(() => "mock-state"),
-    }));
-    vi.mock("jose", () => ({
-        jwtVerify: vi.fn(),
-        createRemoteJWKSet: vi.fn(),
-    }));
-    beforeEach(() => {
-        vi.clearAllMocks();
-        vi.resetModules();
-        // Setup mock implementations
-        mockOAuth2Client = {
-            createAuthorizationURL: vi.fn(),
-            validateAuthorizationCode: vi.fn(),
-            refreshAccessToken: vi.fn(),
-            clientId: "test-client-id",
-        };
-        vi.mocked(OAuth2Client).mockImplementation(() => mockOAuth2Client);
-        // Setup jose mocks
-        const mockJWKS = {
-            getKey: vi.fn().mockResolvedValue({ alg: "RS256" }),
-        };
-        vi.mocked(jose.createRemoteJWKSet).mockReturnValue(mockJWKS);
-        vi.mocked(jose.jwtVerify).mockResolvedValue({
-            payload: { sub: "user123", name: "Test User", email: "test@example.com" },
-            protectedHeader: { alg: "RS256" },
-        });
-        originalWindowLocation = window.location;
-        window.location = { href: "" };
-        global.alert = vi.fn();
-        // Mock window.open to prevent errors.
-        vi.spyOn(window, "open").mockReturnValue(null);
-    });
-    afterEach(() => {
-        window.location = originalWindowLocation;
-    });
-    it("should set the correct auth url for login with redirect", async () => {
-        const windowAssign = vi.fn();
-        const redirectUri = "http://localhost:3001/callback";
-        vi.mocked(mockOAuth2Client.createAuthorizationURL).mockResolvedValue(new URL("http://localhost:3001/oauth/auth?response_type=code&client_id=" +
-            clientId +
-            "&redirect_uri=" +
-            encodeURIComponent(redirectUri) +
-            "&scope=openid%20profile%20email&state=mock-state&code_challenge=mock-code-challenge&code_challenge_method=S256"));
-        window.location = {
-            ...originalWindowLocation,
-            assign: windowAssign,
-            replace: vi.fn(),
-            reload: vi.fn(),
-        };
-        act(() => {
-            render(React.createElement(CivicAuthProvider, { displayMode: "redirect", clientId: clientId, redirectUrl: redirectUri, config: {
-                    oauthServer: "http://localhost:3001",
-                } },
-                React.createElement(MockOAuthComponent, null)));
-        });
-        await waitFor(() => {
-            expect(getOauthEndpointsMock).toHaveBeenCalledWith("http://localhost:3001");
-        });
-        // Trigger the login button click, which initiates the OAuth flow
-        await act(async () => {
-            fireEvent.click(screen.getByText("Login"));
-        });
-        await waitFor(() => {
-            // Confirm that the sdk set the window.location.href to the auth url
-            const url = new URL(window.location.href);
-            expect(url.origin + url.pathname).toEqual("http://localhost:3001/oauth/auth");
-            expect(url.searchParams.get("response_type")).toEqual("code");
-            expect(url.searchParams.get("client_id")).toEqual(clientId);
-            expect(url.searchParams.get("redirect_uri")).toEqual(redirectUri);
-            expect(url.searchParams.get("scope")).toEqual("openid profile email");
-            expect(url.searchParams.get("state")).toBeTruthy(); // Ensure state is present
-            expect(url.searchParams.get("code_challenge")).toBeTruthy(); // Ensure code_challenge is present
-            expect(url.searchParams.get("code_challenge_method")).toEqual("S256");
-            expect(screen.queryByTestId("session")).not.toBeInTheDocument();
-        });
-    });
-    it("should initiate code exchange, validate tokens, and derive user from ID token", async () => {
-        const redirectUri = "http://localhost:3001/callback";
-        // Mock ID token with user information
-        const mockIdToken = validTokens.idToken;
-        const mockAccessToken = validTokens.accessToken;
-        // Mock oslo token exchange
-        const mockTokens = {
-            access_token: mockAccessToken,
-            id_token: mockIdToken,
-            refresh_token: "mock-refresh-token",
-            expires_in: 3600,
-        };
-        vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue(mockTokens);
-        // Prime storage and simulate redirect
-        await act(async () => {
-            localStorage.setItem(CodeVerifier.COOKIE_NAME, "mock-code-verifier");
-            window.location.pathname = "test-pathName";
-            // Configure window.location to simulate redirect
-            Object.defineProperty(window, "location", {
-                value: {
-                    ...window.location,
-                    origin: "http://mock-origin",
-                },
-                writable: true,
-            });
-            window.location.href = `${redirectUri}?code=test-code&state=mock-state`;
-            // Render the AuthProvider with the mock OAuth component
-            render(React.createElement(CivicAuthProvider, { clientId: clientId, redirectUrl: redirectUri, config: {
-                    oauthServer: "http://localhost:3001",
-                } },
-                React.createElement(MockOAuthComponent, null)));
-        });
-        await waitFor(() => {
-            expect(getOauthEndpointsMock).toHaveBeenCalledWith("http://localhost:3001");
-        });
-        await waitFor(() => {
-            expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith("test-code", {
-                codeVerifier: "mock-code-verifier",
-            });
-        });
-        // Check that jose.jwtVerify was called for id_token validation
-        await waitFor(() => {
-            expect(jose.jwtVerify).toHaveBeenCalledWith(mockIdToken, expect.any(Object), {
-                issuer: ["http://localhost:3001", "http://localhost:3001/"],
-                audience: clientId,
-            });
-        });
-        // Check that jose.jwtVerify was called for access_token validation
-        await waitFor(() => {
-            expect(jose.jwtVerify).toHaveBeenCalledWith(mockAccessToken, expect.any(Object), {
-                issuer: ["http://localhost:3001", "http://localhost:3001/"],
-            });
-        });
-        // Check that the authenticated flag is set in the session
-        await waitFor(() => {
-            expect(screen.queryByTestId("session")).toHaveTextContent("Session authenticated:true");
-        });
-        // Check that the user info derived from the ID token is displayed
-        await waitFor(() => {
-            expect(screen.queryByTestId("user-email")).toHaveTextContent("User:ghost@civic.com");
-        });
-    });
-    it("should handle signout flow correctly", async () => {
-        const windowAssign = vi.fn();
-        const redirectUri = "http://localhost:3000/";
-        // Mock successful authentication first
-        vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue({
-            access_token: validTokens.accessToken,
-            refresh_token: "mock-refresh-token",
-            expires_in: 3600,
-        });
-        window.location = {
-            ...originalWindowLocation,
-            assign: windowAssign,
-            replace: vi.fn(),
-            reload: vi.fn(),
-        };
-        render(React.createElement(CivicAuthProvider, { displayMode: "redirect", clientId: clientId, redirectUrl: redirectUri, config: {
-                oauthServer: "http://localhost:3001",
-            } },
-            React.createElement(MockOAuthComponent, null)));
-        // Simulate successful login
-        await act(async () => {
-            localStorage.setItem(CodeVerifier.COOKIE_NAME, "mock-code-verifier");
-            window.location.href = `${redirectUri}?code=test-code&state=mock-state`;
-        });
-        // Wait for authentication to complete
-        await waitFor(() => {
-            expect(screen.queryByTestId("session")).toHaveTextContent("Session authenticated:true");
-        });
-        // Now test the signout
-        const signOutUrl = new URL("http://localhost:3001/oauth/endsession");
-        signOutUrl.searchParams.append("client_id", clientId);
-        signOutUrl.searchParams.append("id_token_hint", validTokens.idToken);
-        signOutUrl.searchParams.append("post_logout_redirect_uri", redirectUri);
-        await act(async () => {
-            fireEvent.click(screen.getByText("Logout"));
-            await new Promise(resolve => setTimeout(resolve, 0));
-        });
-        await waitFor(() => {
-            const url = new URL(window.location.href);
-            expect(url.origin + url.pathname).toEqual("http://localhost:3001/oauth/endsession");
-            expect(url.searchParams.get("client_id")).toEqual(clientId);
-            expect(url.searchParams.get("id_token_hint")).toEqual(validTokens.idToken);
-            expect(url.searchParams.get("post_logout_redirect_uri")).toEqual(redirectUri);
-        });
-    });
-});
-//# sourceMappingURL=sdk.test.js.map

package/dist/test/integration/sdk.test.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"sdk.test.js","sourceRoot":"","sources":["../../../test/integration/sdk.test.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EACL,MAAM,EACN,MAAM,EACN,GAAG,EACH,SAAS,EACT,OAAO,GACR,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,QAAQ,EACR,EAAE,EACF,MAAM,EACN,UAAU,EACV,EAAE,EACF,SAAS,GAEV,MAAM,QAAQ,CAAC;AAChB,OAAO,2BAA2B,CAAC;AACnC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,aAAa,MAAM,wBAAwB,CAAC,SAAS,IAAI,EAAE,MAAM,EAAE,CAAC;AAC3E,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,MAAM,WAAW,GAAG,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;AAC3D,iDAAiD;AACjD,MAAM,kBAAkB,GAAG,GAAG,EAAE;IAC9B,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,CAAC;IACvD,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,EAAE,CAAC;IAE3B,MAAM,WAAW,GAAG,KAAK,IAAI,EAAE;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,EAAE,CAAC;YACf,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,KAAK,CAAC,cAAc,CAAC,CAAC;QACxB,CAAC;IACH,CAAC,CAAC;IAEF,MAAM,YAAY,GAAG,KAAK,IAAI,EAAE;QAC9B,MAAM,OAAO,EAAE,CAAC;QAChB,KAAK,CAAC,kBAAkB,CAAC,CAAC;IAC5B,CAAC,CAAC;IAEF,OAAO,CACL;QACE,gCAAQ,OAAO,EAAE,WAAW,YAAgB;QAC5C,gCAAQ,OAAO,EAAE,YAAY,aAAiB;QAC7C,IAAI,IAAI,CACP,0CAAe,YAAY;;YAExB,IAAI,CAAC,KAAK,CACT,CACL;QACA,eAAe,IAAI,CAClB,0CAAe,SAAS,iCAA+B,CACxD,CACG,CACP,CAAC;AACJ,CAAC,CAAC;AAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,IAAI,gBAA8B,CAAC;IACnC,IAAI,sBAAgC,CAAC;IAErC,SAAS,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;IAE5B,MAAM,qBAAqB,GAEvB,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC,iBAAiB,CAAC;QAC5D,IAAI,EAAE,kCAAkC;QACxC,KAAK,EAAE,mCAAmC;QAC1C,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,sCAAsC;QAChD,UAAU,EAAE,wCAAwC;KACrD,CAAC,CAAC;IAEH,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;QAC5B,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;QACrB,oBAAoB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;QACvD,aAAa,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;KACzC,CAAC,CAAC,CAAC;IAEJ,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACrB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;KAC5B,CAAC,CAAC,CAAC;IAEJ,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,YAAY,EAAE,CAAC;QAElB,6BAA6B;QAC7B,gBAAgB,GAAG;YACjB,sBAAsB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC/B,yBAAyB,EAAE,EAAE,CAAC,EAAE,EAAE;YAClC,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE;YAC3B,QAAQ,EAAE,gBAAgB;SACA,CAAC;QAC7B,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,QAAQ,GAAG;YACf,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpD,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,eAAe,CAAC,QAAe,CAAC,CAAC;QACpE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC;YAC1C,OAAO,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE;YACzE,eAAe,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE;SACmB,CAAC,CAAC;QAExD,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC;QACzC,MAAM,CAAC,QAAQ,GAAG,EAAE,IAAI,EAAE,EAAE,EAAc,CAAC;QAC3C,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACvB,sCAAsC;QACtC,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,CAAC,QAAQ,GAAG,sBAAsB,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,gCAAgC,CAAC;QACrD,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,CAAC,iBAAiB,CAClE,IAAI,GAAG,CACL,gEAAgE;YAC9D,QAAQ;YACR,gBAAgB;YAChB,kBAAkB,CAAC,WAAW,CAAC;YAC/B,gHAAgH,CACnH,CACF,CAAC;QAEF,MAAM,CAAC,QAAQ,GAAG;YAChB,GAAG,sBAAsB;YACzB,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,EAAE,CAAC,EAAE,EAAE;YAChB,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;SAChB,CAAC;QAEF,GAAG,CAAC,GAAG,EAAE;YACP,MAAM,CACJ,oBAAC,iBAAiB,IAChB,WAAW,EAAC,UAAU,EACtB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;oBACN,WAAW,EAAE,uBAAuB;iBACrC;gBAED,oBAAC,kBAAkB,OAAG,CACJ,CACrB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,qBAAqB,CAAC,CAAC,oBAAoB,CAChD,uBAAuB,CACxB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,iEAAiE;QACjE,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,oEAAoE;YACpE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,OAAO,CACvC,kCAAkC,CACnC,CAAC;YACF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YAC9D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC5D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YAClE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;YACtE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,0BAA0B;YAC9E,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,mCAAmC;YAChG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACtE,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAClE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+EAA+E,EAAE,KAAK,IAAI,EAAE;QAC7F,MAAM,WAAW,GAAG,gCAAgC,CAAC;QAErD,sCAAsC;QACtC,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC;QACxC,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,CAAC;QAEhD,2BAA2B;QAC3B,MAAM,UAAU,GAAG;YACjB,YAAY,EAAE,eAAe;YAC7B,QAAQ,EAAE,WAAW;YACrB,aAAa,EAAE,oBAAoB;YACnC,UAAU,EAAE,IAAI;SACjB,CAAC;QACF,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,iBAAiB,CACrE,UAAU,CACX,CAAC;QAEF,sCAAsC;QACtC,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,EAAE,oBAAoB,CAAC,CAAC;YACrE,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,eAAe,CAAC;YAE3C,iDAAiD;YACjD,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,UAAU,EAAE;gBACxC,KAAK,EAAE;oBACL,GAAG,MAAM,CAAC,QAAQ;oBAClB,MAAM,EAAE,oBAAoB;iBAC7B;gBACD,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,WAAW,kCAAkC,CAAC;YAExE,wDAAwD;YACxD,MAAM,CACJ,oBAAC,iBAAiB,IAChB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;oBACN,WAAW,EAAE,uBAAuB;iBACrC;gBAED,oBAAC,kBAAkB,OAAG,CACJ,CACrB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,qBAAqB,CAAC,CAAC,oBAAoB,CAChD,uBAAuB,CACxB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,oBAAoB,CACrE,WAAW,EACX;gBACE,YAAY,EAAE,oBAAoB;aACnC,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,+DAA+D;QAC/D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,WAAW,EACX,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;gBAC3D,QAAQ,EAAE,QAAQ;aACnB,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,mEAAmE;QACnE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzC,eAAe,EACf,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAClB;gBACE,MAAM,EAAE,CAAC,uBAAuB,EAAE,wBAAwB,CAAC;aAC5D,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,0DAA0D;QAC1D,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CACvD,4BAA4B,CAC7B,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,kEAAkE;QAClE,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,iBAAiB,CAC1D,sBAAsB,CACvB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;QACpD,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,wBAAwB,CAAC;QAE7C,uCAAuC;QACvC,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CAAC,iBAAiB,CAAC;YACtE,YAAY,EAAE,WAAW,CAAC,WAAW;YACrC,aAAa,EAAE,oBAAoB;YACnC,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;QAEH,MAAM,CAAC,QAAQ,GAAG;YAChB,GAAG,sBAAsB;YACzB,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,EAAE,CAAC,EAAE,EAAE;YAChB,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;SAChB,CAAC;QAEF,MAAM,CACJ,oBAAC,iBAAiB,IAChB,WAAW,EAAC,UAAU,EACtB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE;gBACN,WAAW,EAAE,uBAAuB;aACrC;YAED,oBAAC,kBAAkB,OAAG,CACJ,CACrB,CAAC;QAEF,4BAA4B;QAC5B,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,EAAE,oBAAoB,CAAC,CAAC;YACrE,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,WAAW,kCAAkC,CAAC;QAC1E,CAAC,CAAC,CAAC;QAEH,sCAAsC;QACtC,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CACvD,4BAA4B,CAC7B,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,uBAAuB;QACvB,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,wCAAwC,CAAC,CAAC;QACrE,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QACtD,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;QACrE,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,0BAA0B,EAAE,WAAW,CAAC,CAAC;QAExE,MAAM,GAAG,CAAC,KAAK,IAAI,EAAE;YACnB,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC5C,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,EAAE;YACjB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,wCAAwC,CAAC,CAAC;YACpF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC5D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAC3E,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAChF,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC","sourcesContent":["import React from \"react\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { useAuth, useUser } from \"@/reactjs/hooks/index.js\";\nimport { CivicAuthProvider } from \"@/reactjs/providers/index.js\";\nimport {\n render,\n screen,\n act,\n fireEvent,\n waitFor,\n} from \"@testing-library/react\";\nimport {\n describe,\n it,\n expect,\n beforeEach,\n vi,\n afterEach,\n type MockInstance,\n} from \"vitest\";\nimport \"@testing-library/jest-dom\";\nimport * as jose from \"jose\";\nimport tokensFixture from \"../support/tokens.json\" assert { type: \"json\" };\nimport * as oauthLib from \"@/lib/oauth.js\";\nimport type { JWTVerifyResult, ResolvedKey } from \"jose\";\nimport type { Endpoints } from \"@/types.js\";\nimport { CodeVerifier } from \"@/shared/lib/types.js\";\n\nconst validTokens = { ...tokensFixture.local.validTokens };\n// Mock Component to test OAuth flow with useAuth\nconst MockOAuthComponent = () => {\n const { signIn, isAuthenticated, signOut } = useAuth();\n const { user } = useUser();\n\n const handleLogin = async () => {\n try {\n await signIn();\n alert(\"Login Redirect Initiated\");\n } catch {\n alert(\"Login Failed\");\n }\n };\n\n const handleLogout = async () => {\n await signOut();\n alert(\"Logout Initiated\");\n };\n\n return (\n <div>\n <button onClick={handleLogin}>Login</button>\n <button onClick={handleLogout}>Logout</button>\n {user && (\n <p data-testid=\"user-email\">\n User:\n {user.email}\n </p>\n )}\n {isAuthenticated && (\n <p data-testid=\"session\">Session authenticated:true</p>\n )}\n </div>\n );\n};\n\ndescribe(\"OAuth login\", () => {\n const clientId = \"test-client-id\";\n let mockOAuth2Client: OAuth2Client;\n let originalWindowLocation: Location;\n\n afterEach(vi.clearAllMocks);\n\n const getOauthEndpointsMock: MockInstance<\n (oauthServer: string) => Promise<Endpoints>\n > = vi.spyOn(oauthLib, \"getOauthEndpoints\").mockResolvedValue({\n auth: \"http://localhost:3001/oauth/auth\",\n token: \"http://localhost:3001/oauth/token\",\n jwks: \"http://localhost:3001/oauth/jwks\",\n userinfo: \"http://localhost:3001/oauth/userinfo\",\n endsession: \"http://localhost:3001/oauth/endsession\",\n });\n\n vi.mock(\"oslo/oauth2\", () => ({\n OAuth2Client: vi.fn(),\n generateCodeVerifier: vi.fn(() => \"mock-code-verifier\"),\n generateState: vi.fn(() => \"mock-state\"),\n }));\n\n vi.mock(\"jose\", () => ({\n jwtVerify: vi.fn(),\n createRemoteJWKSet: vi.fn(),\n }));\n\n beforeEach(() => {\n vi.clearAllMocks();\n vi.resetModules();\n\n // Setup mock implementations\n mockOAuth2Client = {\n createAuthorizationURL: vi.fn(),\n validateAuthorizationCode: vi.fn(),\n refreshAccessToken: vi.fn(),\n clientId: \"test-client-id\",\n } as unknown as OAuth2Client;\n vi.mocked(OAuth2Client).mockImplementation(() => mockOAuth2Client);\n\n // Setup jose mocks\n const mockJWKS = {\n getKey: vi.fn().mockResolvedValue({ alg: \"RS256\" }),\n };\n vi.mocked(jose.createRemoteJWKSet).mockReturnValue(mockJWKS as any);\n vi.mocked(jose.jwtVerify).mockResolvedValue({\n payload: { sub: \"user123\", name: \"Test User\", email: \"test@example.com\" },\n protectedHeader: { alg: \"RS256\" },\n } as unknown as JWTVerifyResult<unknown> & ResolvedKey);\n\n originalWindowLocation = window.location;\n window.location = { href: \"\" } as Location;\n global.alert = vi.fn();\n // Mock window.open to prevent errors.\n vi.spyOn(window, \"open\").mockReturnValue(null);\n });\n\n afterEach(() => {\n window.location = originalWindowLocation;\n });\n\n it(\"should set the correct auth url for login with redirect\", async () => {\n const windowAssign = vi.fn();\n const redirectUri = \"http://localhost:3001/callback\";\n vi.mocked(mockOAuth2Client.createAuthorizationURL).mockResolvedValue(\n new URL(\n \"http://localhost:3001/oauth/auth?response_type=code&client_id=\" +\n clientId +\n \"&redirect_uri=\" +\n encodeURIComponent(redirectUri) +\n \"&scope=openid%20profile%20email&state=mock-state&code_challenge=mock-code-challenge&code_challenge_method=S256\",\n ),\n );\n\n window.location = {\n ...originalWindowLocation,\n assign: windowAssign,\n replace: vi.fn(),\n reload: vi.fn(),\n };\n\n act(() => {\n render(\n <CivicAuthProvider\n displayMode=\"redirect\"\n clientId={clientId}\n redirectUrl={redirectUri}\n config={{\n oauthServer: \"http://localhost:3001\",\n }}\n >\n <MockOAuthComponent />\n </CivicAuthProvider>,\n );\n });\n\n await waitFor(() => {\n expect(getOauthEndpointsMock).toHaveBeenCalledWith(\n \"http://localhost:3001\",\n );\n });\n\n // Trigger the login button click, which initiates the OAuth flow\n await act(async () => {\n fireEvent.click(screen.getByText(\"Login\"));\n });\n\n await waitFor(() => {\n // Confirm that the sdk set the window.location.href to the auth url\n const url = new URL(window.location.href);\n expect(url.origin + url.pathname).toEqual(\n \"http://localhost:3001/oauth/auth\",\n );\n expect(url.searchParams.get(\"response_type\")).toEqual(\"code\");\n expect(url.searchParams.get(\"client_id\")).toEqual(clientId);\n expect(url.searchParams.get(\"redirect_uri\")).toEqual(redirectUri);\n expect(url.searchParams.get(\"scope\")).toEqual(\"openid profile email\");\n expect(url.searchParams.get(\"state\")).toBeTruthy(); // Ensure state is present\n expect(url.searchParams.get(\"code_challenge\")).toBeTruthy(); // Ensure code_challenge is present\n expect(url.searchParams.get(\"code_challenge_method\")).toEqual(\"S256\");\n expect(screen.queryByTestId(\"session\")).not.toBeInTheDocument();\n });\n });\n\n it(\"should initiate code exchange, validate tokens, and derive user from ID token\", async () => {\n const redirectUri = \"http://localhost:3001/callback\";\n\n // Mock ID token with user information\n const mockIdToken = validTokens.idToken;\n const mockAccessToken = validTokens.accessToken;\n\n // Mock oslo token exchange\n const mockTokens = {\n access_token: mockAccessToken,\n id_token: mockIdToken,\n refresh_token: \"mock-refresh-token\",\n expires_in: 3600,\n };\n vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue(\n mockTokens,\n );\n\n // Prime storage and simulate redirect\n await act(async () => {\n localStorage.setItem(CodeVerifier.COOKIE_NAME, \"mock-code-verifier\");\n window.location.pathname = \"test-pathName\";\n\n // Configure window.location to simulate redirect\n Object.defineProperty(window, \"location\", {\n value: {\n ...window.location,\n origin: \"http://mock-origin\",\n },\n writable: true,\n });\n window.location.href = `${redirectUri}?code=test-code&state=mock-state`;\n\n // Render the AuthProvider with the mock OAuth component\n render(\n <CivicAuthProvider\n clientId={clientId}\n redirectUrl={redirectUri}\n config={{\n oauthServer: \"http://localhost:3001\",\n }}\n >\n <MockOAuthComponent />\n </CivicAuthProvider>,\n );\n });\n\n await waitFor(() => {\n expect(getOauthEndpointsMock).toHaveBeenCalledWith(\n \"http://localhost:3001\",\n );\n });\n\n await waitFor(() => {\n expect(mockOAuth2Client.validateAuthorizationCode).toHaveBeenCalledWith(\n \"test-code\",\n {\n codeVerifier: \"mock-code-verifier\",\n },\n );\n });\n\n // Check that jose.jwtVerify was called for id_token validation\n await waitFor(() => {\n expect(jose.jwtVerify).toHaveBeenCalledWith(\n mockIdToken,\n expect.any(Object),\n {\n issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n audience: clientId,\n },\n );\n });\n\n // Check that jose.jwtVerify was called for access_token validation\n await waitFor(() => {\n expect(jose.jwtVerify).toHaveBeenCalledWith(\n mockAccessToken,\n expect.any(Object),\n {\n issuer: [\"http://localhost:3001\", \"http://localhost:3001/\"],\n },\n );\n });\n\n // Check that the authenticated flag is set in the session\n await waitFor(() => {\n expect(screen.queryByTestId(\"session\")).toHaveTextContent(\n \"Session authenticated:true\",\n );\n });\n\n // Check that the user info derived from the ID token is displayed\n await waitFor(() => {\n expect(screen.queryByTestId(\"user-email\")).toHaveTextContent(\n \"User:ghost@civic.com\",\n );\n });\n });\n\n it(\"should handle signout flow correctly\", async () => {\n const windowAssign = vi.fn();\n const redirectUri = \"http://localhost:3000/\";\n \n // Mock successful authentication first\n vi.mocked(mockOAuth2Client.validateAuthorizationCode).mockResolvedValue({\n access_token: validTokens.accessToken,\n refresh_token: \"mock-refresh-token\",\n expires_in: 3600,\n });\n\n window.location = {\n ...originalWindowLocation,\n assign: windowAssign,\n replace: vi.fn(),\n reload: vi.fn(),\n };\n\n render(\n <CivicAuthProvider\n displayMode=\"redirect\"\n clientId={clientId}\n redirectUrl={redirectUri}\n config={{\n oauthServer: \"http://localhost:3001\",\n }}\n >\n <MockOAuthComponent />\n </CivicAuthProvider>\n );\n\n // Simulate successful login\n await act(async () => {\n localStorage.setItem(CodeVerifier.COOKIE_NAME, \"mock-code-verifier\");\n window.location.href = `${redirectUri}?code=test-code&state=mock-state`;\n });\n\n // Wait for authentication to complete\n await waitFor(() => {\n expect(screen.queryByTestId(\"session\")).toHaveTextContent(\n \"Session authenticated:true\"\n );\n });\n\n // Now test the signout\n const signOutUrl = new URL(\"http://localhost:3001/oauth/endsession\");\n signOutUrl.searchParams.append(\"client_id\", clientId);\n signOutUrl.searchParams.append(\"id_token_hint\", validTokens.idToken);\n signOutUrl.searchParams.append(\"post_logout_redirect_uri\", redirectUri);\n\n await act(async () => {\n fireEvent.click(screen.getByText(\"Logout\"));\n await new Promise(resolve => setTimeout(resolve, 0));\n });\n\n await waitFor(() => {\n const url = new URL(window.location.href);\n expect(url.origin + url.pathname).toEqual(\"http://localhost:3001/oauth/endsession\");\n expect(url.searchParams.get(\"client_id\")).toEqual(clientId);\n expect(url.searchParams.get(\"id_token_hint\")).toEqual(validTokens.idToken);\n expect(url.searchParams.get(\"post_logout_redirect_uri\")).toEqual(redirectUri);\n });\n });\n});\n"]}

package/dist/test/support/fixtures.d.ts DELETED Viewed

@@ -1,26 +0,0 @@
-declare const oauthWellKnownResponse: {
-    authorization_endpoint: string;
-    claims_parameter_supported: boolean;
-    claims_supported: string[];
-    code_challenge_methods_supported: string[];
-    end_session_endpoint: string;
-    grant_types_supported: string[];
-    issuer: string;
-    jwks_uri: string;
-    authorization_response_iss_parameter_supported: boolean;
-    response_modes_supported: string[];
-    response_types_supported: string[];
-    scopes_supported: string[];
-    subject_types_supported: string[];
-    token_endpoint_auth_methods_supported: string[];
-    token_endpoint_auth_signing_alg_values_supported: string[];
-    token_endpoint: string;
-    id_token_signing_alg_values_supported: string[];
-    pushed_authorization_request_endpoint: string;
-    request_parameter_supported: boolean;
-    request_uri_parameter_supported: boolean;
-    userinfo_endpoint: string;
-    claim_types_supported: string[];
-};
-export { oauthWellKnownResponse };
-//# sourceMappingURL=fixtures.d.ts.map

package/dist/test/support/fixtures.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"fixtures.d.ts","sourceRoot":"","sources":["../../../test/support/fixtures.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;CAqD3B,CAAC;AAEF,OAAO,EAAE,sBAAsB,EAAE,CAAC"}