@civic/auth 0.2.4 → 0.2.5-alpha.1

package/dist/src/lib/postMessage.d.ts

@@ -1,4 +0,0 @@
-import type { LoginPostMessage } from "@/types.js";
-declare const validateLoginAppPostMessage: (event: LoginPostMessage, clientId: string) => boolean;
-export { validateLoginAppPostMessage };
-//# sourceMappingURL=postMessage.d.ts.map

package/dist/src/lib/postMessage.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"postMessage.d.ts","sourceRoot":"","sources":["../../../src/lib/postMessage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAEnD,QAAA,MAAM,2BAA2B,UACxB,gBAAgB,YACb,MAAM,KACf,OAcF,CAAC;AAEF,OAAO,EAAE,2BAA2B,EAAE,CAAC"}

package/dist/src/lib/postMessage.js

@@ -1,15 +0,0 @@
-const validateLoginAppPostMessage = (event, clientId) => {
-    const caseEvent = event;
-    // console.log("caseEvent", caseEvent);
-    if (!caseEvent.clientId ||
-        !caseEvent.data.url ||
-        !caseEvent.source ||
-        !caseEvent.type ||
-        caseEvent.clientId !== clientId ||
-        caseEvent.source !== "civicloginApp") {
-        return false;
-    }
-    return true;
-};
-export { validateLoginAppPostMessage };
-//# sourceMappingURL=postMessage.js.map

package/dist/src/lib/postMessage.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"postMessage.js","sourceRoot":"","sources":["../../../src/lib/postMessage.ts"],"names":[],"mappings":"AAEA,MAAM,2BAA2B,GAAG,CAClC,KAAuB,EACvB,QAAgB,EACP,EAAE;IACX,MAAM,SAAS,GAAG,KAAyB,CAAC;IAC5C,uCAAuC;IACvC,IACE,CAAC,SAAS,CAAC,QAAQ;QACnB,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG;QACnB,CAAC,SAAS,CAAC,MAAM;QACjB,CAAC,SAAS,CAAC,IAAI;QACf,SAAS,CAAC,QAAQ,KAAK,QAAQ;QAC/B,SAAS,CAAC,MAAM,KAAK,eAAe,EACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,OAAO,EAAE,2BAA2B,EAAE,CAAC","sourcesContent":["import type { LoginPostMessage } from \"@/types.js\";\n\nconst validateLoginAppPostMessage = (\n  event: LoginPostMessage,\n  clientId: string,\n): boolean => {\n  const caseEvent = event as LoginPostMessage;\n  // console.log(\"caseEvent\", caseEvent);\n  if (\n    !caseEvent.clientId ||\n    !caseEvent.data.url ||\n    !caseEvent.source ||\n    !caseEvent.type ||\n    caseEvent.clientId !== clientId ||\n    caseEvent.source !== \"civicloginApp\"\n  ) {\n    return false;\n  }\n  return true;\n};\n\nexport { validateLoginAppPostMessage };\n"]}

package/dist/src/lib/windowUtil.d.ts

@@ -1,4 +0,0 @@
-declare const isWindowInIframe: (window: Window) => boolean;
-declare const removeParamsWithoutReload: (paramsToRemove: string[]) => void;
-export { isWindowInIframe, removeParamsWithoutReload };
-//# sourceMappingURL=windowUtil.d.ts.map

package/dist/src/lib/windowUtil.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"windowUtil.d.ts","sourceRoot":"","sources":["../../../src/lib/windowUtil.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,gBAAgB,WAAY,MAAM,KAAG,OAc1C,CAAC;AAEF,QAAA,MAAM,yBAAyB,mBAAoB,MAAM,EAAE,SAW1D,CAAC;AAEF,OAAO,EAAE,gBAAgB,EAAE,yBAAyB,EAAE,CAAC"}

package/dist/src/lib/windowUtil.js

@@ -1,31 +0,0 @@
-const isWindowInIframe = (window) => {
-    if (typeof window !== "undefined") {
-        // use the window width to determine if we're in an iframe or not
-        try {
-            if (window?.frameElement?.id === "civic-auth-iframe") {
-                return true;
-            }
-            // eslint-disable-next-line @typescript-eslint/no-unused-vars
-        }
-        catch (_e) {
-            // If we get an error, we're not in an iframe
-            return false;
-        }
-    }
-    return false;
-};
-const removeParamsWithoutReload = (paramsToRemove) => {
-    const url = new URL(window.location.href);
-    paramsToRemove.forEach((param) => {
-        url.searchParams.delete(param);
-    });
-    try {
-        window.history.replaceState({}, "", url);
-        window.dispatchEvent(new Event("popstate"));
-    }
-    catch (error) {
-        console.warn("window.history.replaceState failed", error);
-    }
-};
-export { isWindowInIframe, removeParamsWithoutReload };
-//# sourceMappingURL=windowUtil.js.map

package/dist/src/lib/windowUtil.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"windowUtil.js","sourceRoot":"","sources":["../../../src/lib/windowUtil.ts"],"names":[],"mappings":"AAAA,MAAM,gBAAgB,GAAG,CAAC,MAAc,EAAW,EAAE;IACnD,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,iEAAiE;QACjE,IAAI,CAAC;YACH,IAAI,MAAM,EAAE,YAAY,EAAE,EAAE,KAAK,mBAAmB,EAAE,CAAC;gBACrD,OAAO,IAAI,CAAC;YACd,CAAC;YACD,6DAA6D;QAC/D,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,6CAA6C;YAC7C,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,CAAC,cAAwB,EAAE,EAAE;IAC7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC1C,cAAc,CAAC,OAAO,CAAC,CAAC,KAAa,EAAE,EAAE;QACvC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;QACzC,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC;IAC9C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;IAC5D,CAAC;AACH,CAAC,CAAC;AAEF,OAAO,EAAE,gBAAgB,EAAE,yBAAyB,EAAE,CAAC","sourcesContent":["const isWindowInIframe = (window: Window): boolean => {\n  if (typeof window !== \"undefined\") {\n    // use the window width to determine if we're in an iframe or not\n    try {\n      if (window?.frameElement?.id === \"civic-auth-iframe\") {\n        return true;\n      }\n      // eslint-disable-next-line @typescript-eslint/no-unused-vars\n    } catch (_e) {\n      // If we get an error, we're not in an iframe\n      return false;\n    }\n  }\n  return false;\n};\n\nconst removeParamsWithoutReload = (paramsToRemove: string[]) => {\n  const url = new URL(window.location.href);\n  paramsToRemove.forEach((param: string) => {\n    url.searchParams.delete(param);\n  });\n  try {\n    window.history.replaceState({}, \"\", url);\n    window.dispatchEvent(new Event(\"popstate\"));\n  } catch (error) {\n    console.warn(\"window.history.replaceState failed\", error);\n  }\n};\n\nexport { isWindowInIframe, removeParamsWithoutReload };\n"]}

package/dist/src/nextjs/GetUser.d.ts

@@ -1,6 +0,0 @@
-/**
- * Used on the server-side to get the user object from the cookie
- */
-import type { User } from "@/types.js";
-export declare const getUser: () => Promise<User | null>;
-//# sourceMappingURL=GetUser.d.ts.map

package/dist/src/nextjs/GetUser.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"GetUser.d.ts","sourceRoot":"","sources":["../../../src/nextjs/GetUser.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAIvC,eAAO,MAAM,OAAO,QAAa,OAAO,CAAC,IAAI,GAAG,IAAI,CAGnD,CAAC"}

package/dist/src/nextjs/GetUser.js

@@ -1,7 +0,0 @@
-import { NextjsClientStorage } from "@/nextjs/cookies.js";
-import { getUser as getSessionUser } from "@/shared/lib/session.js";
-export const getUser = async () => {
-    const clientStorage = new NextjsClientStorage();
-    return getSessionUser(clientStorage);
-};
-//# sourceMappingURL=GetUser.js.map

package/dist/src/nextjs/GetUser.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"GetUser.js","sourceRoot":"","sources":["../../../src/nextjs/GetUser.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,OAAO,IAAI,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAEpE,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,IAA0B,EAAE;IACtD,MAAM,aAAa,GAAG,IAAI,mBAAmB,EAAE,CAAC;IAChD,OAAO,cAAc,CAAC,aAAa,CAAC,CAAC;AACvC,CAAC,CAAC","sourcesContent":["/**\n * Used on the server-side to get the user object from the cookie\n */\nimport type { User } from \"@/types.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\nimport { getUser as getSessionUser } from \"@/shared/lib/session.js\";\n\nexport const getUser = async (): Promise<User | null> => {\n  const clientStorage = new NextjsClientStorage();\n  return getSessionUser(clientStorage);\n};\n"]}

package/dist/src/nextjs/config.d.ts

@@ -1,181 +0,0 @@
-import type { NextConfig } from "next";
-import { type CookieConfig, type TokensCookieConfig } from "@/shared/lib/types.js";
-export type CookiesConfigObject = {
-    tokens: TokensCookieConfig;
-    user: CookieConfig;
-};
-export type AuthConfigWithDefaults = {
-    clientId: string;
-    oauthServer: string;
-    callbackUrl: string;
-    loginUrl: string;
-    logoutUrl: string;
-    logoutCallbackUrl: string;
-    challengeUrl: string;
-    include: string[];
-    exclude: string[];
-    cookies: CookiesConfigObject;
-};
-export type AuthConfig = Partial<AuthConfigWithDefaults>;
-export type DefinedAuthConfig = AuthConfigWithDefaults;
-/**
- * Default configuration values that will be used if not overridden
- */
-export declare const defaultAuthConfig: Omit<AuthConfigWithDefaults, "clientId">;
-/**
- * Resolves the authentication configuration by combining:
- * 1. Default values
- * 2. Environment variables (set internally by the plugin)
- * 3. Explicitly passed configuration
- *
- * Note: Developers should not set _civic_auth_* environment variables directly.
- * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:
- *
- * @example
- * ```js
- * // next.config.js
- * export default createCivicAuthPlugin({
- *   callbackUrl: '/custom/callback',
- * })
- * ```
- */
-export declare const resolveAuthConfig: (config?: AuthConfig) => AuthConfigWithDefaults;
-/**
- * Creates a Next.js plugin that handles auth configuration.
- *
- * This is the main configuration point for the auth system.
- * Do not set _civic_auth_* environment variables directly - instead,
- * pass your configuration here:
- *
- * @example
- * ```js
- * // next.config.js
- * export default createCivicAuthPlugin({
- *   clientId: 'my-client-id',
- *   callbackUrl: '/custom/callback',
- *   loginUrl: '/custom/login',
- *   logoutUrl: '/custom/logout',
- *   logoutCallbackUrl: '/custom/logoutcallback',
- *   include: ['/protected/*'],
- *   exclude: ['/public/*']
- * })
- * ```
- *
- * The plugin sets internal environment variables that are used by
- * the auth system. These variables should not be set manually.
- */
-export declare const createCivicAuthPlugin: (authConfig: AuthConfig & Pick<Required<AuthConfig>, "clientId">) => (nextConfig?: NextConfig) => {
-    env: {
-        _civic_auth_client_id: string;
-        _civic_oauth_server: string;
-        _civic_auth_callback_url: string;
-        _civic_auth_challenge_url: string;
-        _civic_auth_login_url: string;
-        _civic_auth_logout_url: string;
-        _civic_auth_logout_callback_url: string;
-        _civic_auth_includes: string;
-        _civic_auth_excludes: string;
-        _civic_auth_cookie_config: string;
-    };
-    exportPathMap?: (defaultMap: import("next/dist/server/config-shared.js").ExportPathMap, ctx: {
-        dev: boolean;
-        dir: string;
-        outDir: string | null;
-        distDir: string;
-        buildId: string;
-    }) => Promise<import("next/dist/server/config-shared.js").ExportPathMap> | import("next/dist/server/config-shared.js").ExportPathMap;
-    i18n?: import("next/dist/server/config-shared.js").I18NConfig | null;
-    eslint?: import("next/dist/server/config-shared.js").ESLintConfig;
-    typescript?: import("next/dist/server/config-shared.js").TypeScriptConfig;
-    headers?: () => Promise<import("next/dist/lib/load-custom-routes.js").Header[]>;
-    rewrites?: () => Promise<import("next/dist/lib/load-custom-routes.js").Rewrite[] | {
-        beforeFiles: import("next/dist/lib/load-custom-routes.js").Rewrite[];
-        afterFiles: import("next/dist/lib/load-custom-routes.js").Rewrite[];
-        fallback: import("next/dist/lib/load-custom-routes.js").Rewrite[];
-    }>;
-    redirects?: () => Promise<import("next/dist/lib/load-custom-routes.js").Redirect[]>;
-    excludeDefaultMomentLocales?: boolean;
-    webpack?: import("next/dist/server/config-shared.js").NextJsWebpackConfig | null;
-    trailingSlash?: boolean;
-    distDir?: string;
-    cleanDistDir?: boolean;
-    assetPrefix?: string;
-    cacheHandler?: string | undefined;
-    cacheMaxMemorySize?: number;
-    useFileSystemPublicRoutes?: boolean;
-    generateBuildId?: () => string | null | Promise<string | null>;
-    generateEtags?: boolean;
-    pageExtensions?: string[];
-    compress?: boolean;
-    analyticsId?: string;
-    poweredByHeader?: boolean;
-    images?: import("next/dist/shared/lib/image-config.js").ImageConfig;
-    devIndicators?: {
-        buildActivity?: boolean;
-        buildActivityPosition?: "bottom-right" | "bottom-left" | "top-right" | "top-left";
-    };
-    onDemandEntries?: {
-        maxInactiveAge?: number;
-        pagesBufferLength?: number;
-    };
-    amp?: {
-        canonicalBase?: string;
-    };
-    deploymentId?: string;
-    basePath?: string;
-    sassOptions?: {
-        [key: string]: any;
-    };
-    productionBrowserSourceMaps?: boolean;
-    optimizeFonts?: boolean;
-    reactProductionProfiling?: boolean;
-    reactStrictMode?: boolean | null;
-    publicRuntimeConfig?: {
-        [key: string]: any;
-    };
-    serverRuntimeConfig?: {
-        [key: string]: any;
-    };
-    httpAgentOptions?: {
-        keepAlive?: boolean;
-    };
-    outputFileTracing?: boolean;
-    staticPageGenerationTimeout?: number;
-    crossOrigin?: "anonymous" | "use-credentials";
-    swcMinify?: boolean;
-    compiler?: {
-        reactRemoveProperties?: boolean | {
-            properties?: string[];
-        };
-        relay?: {
-            src: string;
-            artifactDirectory?: string;
-            language?: "typescript" | "javascript" | "flow";
-            eagerEsModules?: boolean;
-        };
-        removeConsole?: boolean | {
-            exclude?: string[];
-        };
-        styledComponents?: boolean | import("next/dist/server/config-shared.js").StyledComponentsConfig;
-        emotion?: boolean | import("next/dist/server/config-shared.js").EmotionConfig;
-        styledJsx?: boolean | {
-            useLightningcss?: boolean;
-        };
-    };
-    output?: "standalone" | "export";
-    transpilePackages?: string[];
-    skipMiddlewareUrlNormalize?: boolean;
-    skipTrailingSlashRedirect?: boolean;
-    modularizeImports?: Record<string, {
-        transform: string | Record<string, string>;
-        preventFullImport?: boolean;
-        skipDefaultConversion?: boolean;
-    }>;
-    logging?: {
-        fetches?: {
-            fullUrl?: boolean;
-        };
-    };
-    experimental?: import("next/dist/server/config-shared.js").ExperimentalConfig;
-};
-//# sourceMappingURL=config.d.ts.map

package/dist/src/nextjs/config.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,EAEL,KAAK,YAAY,EAEjB,KAAK,kBAAkB,EACxB,MAAM,uBAAuB,CAAC;AAK/B,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,kBAAkB,CAAC;IAC3B,IAAI,EAAE,YAAY,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,mBAAmB,CAAC;CAC9B,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAEzD,MAAM,MAAM,iBAAiB,GAAG,sBAAsB,CAAC;AAGvD;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,IAAI,CAAC,sBAAsB,EAAE,UAAU,CA8DtE,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,YACpB,UAAU,KACjB,sBA2CF,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,qBAAqB,eACpB,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC,mBAE1C,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;qBAyBk9a,CAAC;6BAAsG,CAAC;;;sBAAke,CAAC;yBAA4H,CAAC;;;qBAA+H,CAAC;;;;;;;;;;;;;;;;;;iBAA8pE,CAAC;;;;;;;6BAAg6C,CAAC;sBAAoC,CAAC;;aAAoC,CAAC;;6BAA0D,CAAC;oBAA8B,CAAC;0BAAkE,CAAC;;qBAA2C,CAAC;mBAAiC,CAAC;;wBAA+C,CAAC;eAAmD,CAAC;iBAA4C,CAAC;2BAAyC,CAAC;;;;;;;;;yBAA4zC,CAAC;6BAAwC,CAAC;;;eAAkD,CAAC;mBAAuB,CAAC;;;;CAD3xnB,CAAC"}

package/dist/src/nextjs/config.js

@@ -1,177 +0,0 @@
-import { loggers } from "@/lib/logger.js";
-import { withoutUndefined } from "@/utils.js";
-import { CodeVerifier, OAuthTokens, } from "@/shared/lib/types.js";
-import { DEFAULT_AUTH_SERVER } from "@/constants.js";
-const logger = loggers.nextjs.handlers.auth;
-const defaultServerSecure = !(process.env.NODE_ENV === "development");
-/**
- * Default configuration values that will be used if not overridden
- */
-export const defaultAuthConfig = {
-    oauthServer: DEFAULT_AUTH_SERVER,
-    callbackUrl: "/api/auth/callback",
-    challengeUrl: "/api/auth/challenge",
-    logoutUrl: "/api/auth/logout",
-    logoutCallbackUrl: "/api/auth/logoutcallback",
-    loginUrl: "/",
-    include: ["/*"],
-    exclude: [],
-    cookies: {
-        tokens: {
-            [OAuthTokens.ID_TOKEN]: {
-                secure: defaultServerSecure,
-                httpOnly: true,
-                sameSite: "strict",
-                path: "/",
-            },
-            [OAuthTokens.ACCESS_TOKEN]: {
-                secure: defaultServerSecure,
-                httpOnly: true,
-                sameSite: "strict",
-                path: "/",
-            },
-            [OAuthTokens.REFRESH_TOKEN]: {
-                secure: defaultServerSecure,
-                httpOnly: true,
-                sameSite: "strict",
-                path: "/",
-            },
-            [OAuthTokens.EXPIRES_IN]: {
-                secure: defaultServerSecure,
-                httpOnly: true,
-                sameSite: "strict",
-                path: "/",
-            },
-            [OAuthTokens.TIMESTAMP]: {
-                secure: defaultServerSecure,
-                httpOnly: true,
-                sameSite: "strict",
-                path: "/",
-            },
-            [CodeVerifier.COOKIE_NAME]: {
-                secure: defaultServerSecure,
-                httpOnly: true,
-                sameSite: "strict",
-                path: "/",
-            },
-            [CodeVerifier.APP_URL]: {
-                secure: defaultServerSecure,
-                httpOnly: true,
-                sameSite: "strict",
-                path: "/",
-            },
-        },
-        user: {
-            secure: defaultServerSecure,
-            httpOnly: false,
-            sameSite: "strict",
-            path: "/",
-            maxAge: 60 * 60, // 1 hour
-        },
-    },
-};
-/**
- * Resolves the authentication configuration by combining:
- * 1. Default values
- * 2. Environment variables (set internally by the plugin)
- * 3. Explicitly passed configuration
- *
- * Note: Developers should not set _civic_auth_* environment variables directly.
- * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:
- *
- * @example
- * ```js
- * // next.config.js
- * export default createCivicAuthPlugin({
- *   callbackUrl: '/custom/callback',
- * })
- * ```
- */
-export const resolveAuthConfig = (config = {}) => {
-    // Read configuration that was set by the plugin via environment variables
-    const configFromEnv = withoutUndefined({
-        clientId: process.env._civic_auth_client_id,
-        oauthServer: process.env._civic_oauth_server,
-        callbackUrl: process.env._civic_auth_callback_url,
-        challengeUrl: process.env._civic_auth_challenge_url,
-        loginUrl: process.env._civic_auth_login_url,
-        logoutUrl: process.env._civic_auth_logout_url,
-        logoutCallbackUrl: process.env._civic_auth_logout_callback_url,
-        include: process.env._civic_auth_includes?.split(","),
-        exclude: process.env._civic_auth_excludes?.split(","),
-        cookies: process.env._civic_auth_cookie_config
-            ? JSON.parse(process.env._civic_auth_cookie_config)
-            : undefined,
-    });
-    const mergedConfig = {
-        ...defaultAuthConfig,
-        ...configFromEnv, // Apply plugin-set config
-        ...config, // Override with directly passed config
-        cookies: {
-            tokens: {
-                ...defaultAuthConfig.cookies.tokens,
-                ...(configFromEnv?.cookies?.tokens || {}),
-                ...(config.cookies?.tokens || {}),
-            },
-            user: {
-                ...defaultAuthConfig.cookies.user,
-                ...(configFromEnv?.cookies?.user || {}),
-                ...(config.cookies?.user || {}),
-            },
-        },
-    };
-    logger.debug("Config from environment:", JSON.stringify(configFromEnv, null, 2));
-    logger.debug("Resolved config:", JSON.stringify(mergedConfig, null, 2));
-    if (mergedConfig.clientId === undefined) {
-        throw new Error("Civic Auth client ID is required");
-    }
-    return mergedConfig;
-};
-/**
- * Creates a Next.js plugin that handles auth configuration.
- *
- * This is the main configuration point for the auth system.
- * Do not set _civic_auth_* environment variables directly - instead,
- * pass your configuration here:
- *
- * @example
- * ```js
- * // next.config.js
- * export default createCivicAuthPlugin({
- *   clientId: 'my-client-id',
- *   callbackUrl: '/custom/callback',
- *   loginUrl: '/custom/login',
- *   logoutUrl: '/custom/logout',
- *   logoutCallbackUrl: '/custom/logoutcallback',
- *   include: ['/protected/*'],
- *   exclude: ['/public/*']
- * })
- * ```
- *
- * The plugin sets internal environment variables that are used by
- * the auth system. These variables should not be set manually.
- */
-export const createCivicAuthPlugin = (authConfig) => {
-    return (nextConfig) => {
-        logger.debug("createCivicAuthPlugin nextConfig", JSON.stringify(nextConfig, null, 2));
-        const resolvedConfig = resolveAuthConfig({ ...authConfig });
-        return {
-            ...nextConfig,
-            env: {
-                ...nextConfig?.env,
-                // Internal environment variables - do not set these manually
-                _civic_auth_client_id: resolvedConfig.clientId,
-                _civic_oauth_server: resolvedConfig.oauthServer,
-                _civic_auth_callback_url: resolvedConfig.callbackUrl,
-                _civic_auth_challenge_url: resolvedConfig.challengeUrl,
-                _civic_auth_login_url: resolvedConfig.loginUrl,
-                _civic_auth_logout_url: resolvedConfig.logoutUrl,
-                _civic_auth_logout_callback_url: resolvedConfig.logoutCallbackUrl,
-                _civic_auth_includes: resolvedConfig.include.join(","),
-                _civic_auth_excludes: resolvedConfig.exclude.join(","),
-                _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),
-            },
-        };
-    };
-};
-//# sourceMappingURL=config.js.map

package/dist/src/nextjs/config.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EACL,YAAY,EAEZ,WAAW,GAEZ,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAwB5C,MAAM,mBAAmB,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC;AACtE;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA6C;IACzE,WAAW,EAAE,mBAAmB;IAChC,WAAW,EAAE,oBAAoB;IACjC,YAAY,EAAE,qBAAqB;IACnC,SAAS,EAAE,kBAAkB;IAC7B,iBAAiB,EAAE,0BAA0B;IAC7C,QAAQ,EAAE,GAAG;IACb,OAAO,EAAE,CAAC,IAAI,CAAC;IACf,OAAO,EAAE,EAAE;IACX,OAAO,EAAE;QACP,MAAM,EAAE;YACN,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE;gBAC3B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE;gBACxB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE;gBACvB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,YAAY,CAAC,WAAW,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;SACF;QACD,IAAI,EAAE;YACJ,MAAM,EAAE,mBAAmB;YAC3B,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,GAAG;YACT,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,SAAS;SAC3B;KACF;CACF,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,SAAqB,EAAE,EACC,EAAE;IAC1B,0EAA0E;IAC1E,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC5C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;QACjD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACnD,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;QAC7C,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,+BAA+B;QAC9D,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;YAC5C,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC;YACnD,CAAC,CAAC,SAAS;KACd,CAAe,CAAC;IACjB,MAAM,YAAY,GAAG;QACnB,GAAG,iBAAiB;QACpB,GAAG,aAAa,EAAE,0BAA0B;QAC5C,GAAG,MAAM,EAAE,uCAAuC;QAClD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM;gBACnC,GAAG,CAAC,aAAa,EAAE,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC;gBACzC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC;aAClC;YACD,IAAI,EAAE;gBACJ,GAAG,iBAAiB,CAAC,OAAO,CAAC,IAAI;gBACjC,GAAG,CAAC,aAAa,EAAE,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC;gBACvC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC;aAChC;SACF;KACF,CAAC;IAEF,MAAM,CAAC,KAAK,CACV,0BAA0B,EAC1B,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CACvC,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACxE,IAAI,YAAY,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,YAA6D,CAAC;AACvE,CAAC,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACnC,UAA+D,EAC/D,EAAE;IACF,OAAO,CAAC,UAAuB,EAAE,EAAE;QACjC,MAAM,CAAC,KAAK,CACV,kCAAkC,EAClC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CACpC,CAAC;QACF,MAAM,cAAc,GAAG,iBAAiB,CAAC,EAAE,GAAG,UAAU,EAAE,CAAC,CAAC;QAC5D,OAAO;YACL,GAAG,UAAU;YACb,GAAG,EAAE;gBACH,GAAG,UAAU,EAAE,GAAG;gBAClB,6DAA6D;gBAC7D,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,mBAAmB,EAAE,cAAc,CAAC,WAAW;gBAC/C,wBAAwB,EAAE,cAAc,CAAC,WAAW;gBACpD,yBAAyB,EAAE,cAAc,CAAC,YAAY;gBACtD,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,sBAAsB,EAAE,cAAc,CAAC,SAAS;gBAChD,+BAA+B,EAAE,cAAc,CAAC,iBAAiB;gBACjE,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC;aAClE;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC,CAAC","sourcesContent":["/* eslint-disable turbo/no-undeclared-env-vars */\nimport type { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger.js\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport {\n  CodeVerifier,\n  type CookieConfig,\n  OAuthTokens,\n  type TokensCookieConfig,\n} from \"@/shared/lib/types.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport type CookiesConfigObject = {\n  tokens: TokensCookieConfig;\n  user: CookieConfig;\n};\n\nexport type AuthConfigWithDefaults = {\n  clientId: string;\n  oauthServer: string;\n  callbackUrl: string;\n  loginUrl: string;\n  logoutUrl: string;\n  logoutCallbackUrl: string;\n  challengeUrl: string;\n  include: string[];\n  exclude: string[];\n  cookies: CookiesConfigObject;\n};\n\nexport type AuthConfig = Partial<AuthConfigWithDefaults>;\n\nexport type DefinedAuthConfig = AuthConfigWithDefaults;\n\nconst defaultServerSecure = !(process.env.NODE_ENV === \"development\");\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n  oauthServer: DEFAULT_AUTH_SERVER,\n  callbackUrl: \"/api/auth/callback\",\n  challengeUrl: \"/api/auth/challenge\",\n  logoutUrl: \"/api/auth/logout\",\n  logoutCallbackUrl: \"/api/auth/logoutcallback\",\n  loginUrl: \"/\",\n  include: [\"/*\"],\n  exclude: [],\n  cookies: {\n    tokens: {\n      [OAuthTokens.ID_TOKEN]: {\n        secure: defaultServerSecure,\n        httpOnly: true,\n        sameSite: \"strict\",\n        path: \"/\",\n      },\n      [OAuthTokens.ACCESS_TOKEN]: {\n        secure: defaultServerSecure,\n        httpOnly: true,\n        sameSite: \"strict\",\n        path: \"/\",\n      },\n      [OAuthTokens.REFRESH_TOKEN]: {\n        secure: defaultServerSecure,\n        httpOnly: true,\n        sameSite: \"strict\",\n        path: \"/\",\n      },\n      [OAuthTokens.EXPIRES_IN]: {\n        secure: defaultServerSecure,\n        httpOnly: true,\n        sameSite: \"strict\",\n        path: \"/\",\n      },\n      [OAuthTokens.TIMESTAMP]: {\n        secure: defaultServerSecure,\n        httpOnly: true,\n        sameSite: \"strict\",\n        path: \"/\",\n      },\n      [CodeVerifier.COOKIE_NAME]: {\n        secure: defaultServerSecure,\n        httpOnly: true,\n        sameSite: \"strict\",\n        path: \"/\",\n      },\n      [CodeVerifier.APP_URL]: {\n        secure: defaultServerSecure,\n        httpOnly: true,\n        sameSite: \"strict\",\n        path: \"/\",\n      },\n    },\n    user: {\n      secure: defaultServerSecure,\n      httpOnly: false,\n      sameSite: \"strict\",\n      path: \"/\",\n      maxAge: 60 * 60, // 1 hour\n    },\n  },\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n *   callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n  config: AuthConfig = {},\n): AuthConfigWithDefaults => {\n  // Read configuration that was set by the plugin via environment variables\n  const configFromEnv = withoutUndefined({\n    clientId: process.env._civic_auth_client_id,\n    oauthServer: process.env._civic_oauth_server,\n    callbackUrl: process.env._civic_auth_callback_url,\n    challengeUrl: process.env._civic_auth_challenge_url,\n    loginUrl: process.env._civic_auth_login_url,\n    logoutUrl: process.env._civic_auth_logout_url,\n    logoutCallbackUrl: process.env._civic_auth_logout_callback_url,\n    include: process.env._civic_auth_includes?.split(\",\"),\n    exclude: process.env._civic_auth_excludes?.split(\",\"),\n    cookies: process.env._civic_auth_cookie_config\n      ? JSON.parse(process.env._civic_auth_cookie_config)\n      : undefined,\n  }) as AuthConfig;\n  const mergedConfig = {\n    ...defaultAuthConfig,\n    ...configFromEnv, // Apply plugin-set config\n    ...config, // Override with directly passed config\n    cookies: {\n      tokens: {\n        ...defaultAuthConfig.cookies.tokens,\n        ...(configFromEnv?.cookies?.tokens || {}),\n        ...(config.cookies?.tokens || {}),\n      },\n      user: {\n        ...defaultAuthConfig.cookies.user,\n        ...(configFromEnv?.cookies?.user || {}),\n        ...(config.cookies?.user || {}),\n      },\n    },\n  };\n\n  logger.debug(\n    \"Config from environment:\",\n    JSON.stringify(configFromEnv, null, 2),\n  );\n  logger.debug(\"Resolved config:\", JSON.stringify(mergedConfig, null, 2));\n  if (mergedConfig.clientId === undefined) {\n    throw new Error(\"Civic Auth client ID is required\");\n  }\n  return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n *   clientId: 'my-client-id',\n *   callbackUrl: '/custom/callback',\n *   loginUrl: '/custom/login',\n *   logoutUrl: '/custom/logout',\n *   logoutCallbackUrl: '/custom/logoutcallback',\n *   include: ['/protected/*'],\n *   exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (\n  authConfig: AuthConfig & Pick<Required<AuthConfig>, \"clientId\">,\n) => {\n  return (nextConfig?: NextConfig) => {\n    logger.debug(\n      \"createCivicAuthPlugin nextConfig\",\n      JSON.stringify(nextConfig, null, 2),\n    );\n    const resolvedConfig = resolveAuthConfig({ ...authConfig });\n    return {\n      ...nextConfig,\n      env: {\n        ...nextConfig?.env,\n        // Internal environment variables - do not set these manually\n        _civic_auth_client_id: resolvedConfig.clientId,\n        _civic_oauth_server: resolvedConfig.oauthServer,\n        _civic_auth_callback_url: resolvedConfig.callbackUrl,\n        _civic_auth_challenge_url: resolvedConfig.challengeUrl,\n        _civic_auth_login_url: resolvedConfig.loginUrl,\n        _civic_auth_logout_url: resolvedConfig.logoutUrl,\n        _civic_auth_logout_callback_url: resolvedConfig.logoutCallbackUrl,\n        _civic_auth_includes: resolvedConfig.include.join(\",\"),\n        _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n        _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n      },\n    };\n  };\n};\n"]}

package/dist/src/nextjs/cookies.d.ts

@@ -1,30 +0,0 @@
-import type { SessionData, UnknownObject, User } from "@/types.js";
-import type { AuthConfig } from "@/nextjs/config.js";
-import type { CodeVerifier, OAuthTokens, TokensCookieConfig } from "@/shared/lib/types.js";
-import { CookieStorage, type CookieStorageSettings } from "@/shared/lib/storage.js";
-/**
- * Creates HTTP-only cookies for authentication tokens
- */
-declare const createTokenCookies: (response: Response, sessionData: SessionData, config: AuthConfig) => void;
-/**
- * Creates a client-readable cookie with user info
- */
-declare const createUserInfoCookie: (response: Response, user: User<UnknownObject> | null, sessionData: SessionData, config: AuthConfig) => void;
-/**
- * Clears all authentication cookies
- */
-declare const clearAuthCookies: (config: AuthConfig) => Promise<void>;
-type KeySetter = OAuthTokens | CodeVerifier;
-declare class NextjsCookieStorage extends CookieStorage {
-    readonly config: Partial<TokensCookieConfig>;
-    constructor(config?: Partial<TokensCookieConfig>);
-    get(key: string): Promise<string | null>;
-    set(key: KeySetter, value: string): Promise<void>;
-}
-declare class NextjsClientStorage extends CookieStorage {
-    constructor(config?: Partial<CookieStorageSettings>);
-    get(key: string): Promise<string | null>;
-    set(key: string, value: string): Promise<void>;
-}
-export { createTokenCookies, createUserInfoCookie, clearAuthCookies, NextjsCookieStorage, NextjsClientStorage, };
-//# sourceMappingURL=cookies.d.ts.map

package/dist/src/nextjs/cookies.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/nextjs/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAIrD,OAAO,KAAK,EACV,YAAY,EAEZ,WAAW,EACX,kBAAkB,EACnB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,aAAa,EACb,KAAK,qBAAqB,EAC3B,MAAM,yBAAyB,CAAC;AAEjC;;GAEG;AACH,QAAA,MAAM,kBAAkB,aACZ,QAAQ,eACL,WAAW,UAChB,UAAU,SA4BnB,CAAC;AAcF;;GAEG;AACH,QAAA,MAAM,oBAAoB,aACd,QAAQ,QACZ,IAAI,CAAC,aAAa,CAAC,GAAG,IAAI,eACnB,WAAW,UAChB,UAAU,SAyBnB,CAAC;AAEF;;GAEG;AACH,QAAA,MAAM,gBAAgB,WAAkB,UAAU,kBASjD,CAAC;AAEF,KAAK,SAAS,GAAG,WAAW,GAAG,YAAY,CAAC;AAC5C,cAAM,mBAAoB,SAAQ,aAAa;IACjC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,kBAAkB,CAAC;gBAAnC,MAAM,GAAE,OAAO,CAAC,kBAAkB,CAAM;IAOvD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKxC,GAAG,CAAC,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAOxD;AAED,cAAM,mBAAoB,SAAQ,aAAa;gBACjC,MAAM,GAAE,OAAO,CAAC,qBAAqB,CAAM;IAQjD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKxC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAIrD;AAED,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,gBAAgB,EAChB,mBAAmB,EACnB,mBAAmB,GACpB,CAAC"}

package/dist/src/nextjs/cookies.js

@@ -1,112 +0,0 @@
-import { cookies } from "next/headers.js";
-import { GenericUserSession } from "@/shared/lib/UserSession.js";
-import { clearTokens } from "@/shared/lib/util.js";
-import { CookieStorage, } from "@/shared/lib/storage.js";
-/**
- * Creates HTTP-only cookies for authentication tokens
- */
-const createTokenCookies = (response, sessionData, config) => {
-    const maxAge = sessionData.expiresIn ?? 3600;
-    const cookieOptions = {
-        ...config.cookies?.tokens,
-        maxAge,
-    };
-    if (sessionData.accessToken) {
-        setCookie(response, "access_token", sessionData.accessToken, {
-            ...cookieOptions,
-            httpOnly: true,
-        });
-    }
-    if (sessionData.idToken) {
-        setCookie(response, "id_token", sessionData.idToken, {
-            ...cookieOptions,
-            httpOnly: true,
-        });
-    }
-    if (sessionData.refreshToken) {
-        setCookie(response, "refresh_token", sessionData.refreshToken, {
-            ...cookieOptions,
-            httpOnly: true,
-        });
-    }
-};
-const setCookie = (response, key, value, cookieData) => {
-    response.headers.set("Set-Cookie", `${key}=${value}; Path=${cookieData.path}; Domain=${cookieData.domain}; Max-Age=${cookieData.maxAge}; Secure; HttpOnly; SameSite=${cookieData.sameSite}`);
-};
-/**
- * Creates a client-readable cookie with user info
- */
-const createUserInfoCookie = (response, user, sessionData, config) => {
-    if (!user) {
-        // unset the "user" cookie
-        setCookie(response, "user", "", {
-            ...config.cookies?.user,
-            maxAge: 0,
-        });
-        return;
-    }
-    const maxAge = sessionData.expiresIn ?? 3600;
-    // TODO select fields to include in the user cookie
-    const frontendUser = {
-        ...user,
-    };
-    // TODO make call to get user info from the
-    // auth server /userinfo endpoint when it's available
-    // then add to the default claims above
-    setCookie(response, "user", JSON.stringify(frontendUser), {
-        ...config.cookies?.user,
-        maxAge,
-    });
-};
-/**
- * Clears all authentication cookies
- */
-const clearAuthCookies = async (config) => {
-    // clear session, and tokens
-    const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens);
-    await clearTokens(cookieStorage);
-    // clear user
-    const clientStorage = new NextjsClientStorage();
-    const userSession = new GenericUserSession(clientStorage);
-    await userSession.set(null);
-};
-class NextjsCookieStorage extends CookieStorage {
-    config;
-    constructor(config = {}) {
-        super({
-            secure: true,
-            httpOnly: true,
-        });
-        this.config = config;
-    }
-    async get(key) {
-        const cookieStore = await cookies();
-        return cookieStore.get(key)?.value || null;
-    }
-    async set(key, value) {
-        const cookieStore = await cookies();
-        const cookieSettings = this.config?.[key] || {
-            ...this.settings,
-        };
-        cookieStore.set(key, value, cookieSettings);
-    }
-}
-class NextjsClientStorage extends CookieStorage {
-    constructor(config = {}) {
-        super({
-            ...config,
-            secure: false,
-            httpOnly: false,
-        });
-    }
-    async get(key) {
-        const cookieStore = await cookies();
-        return cookieStore.get(key)?.value || null;
-    }
-    async set(key, value) {
-        const cookieStore = await cookies();
-        cookieStore.set(key, value, this.settings);
-    }
-}
-export { createTokenCookies, createUserInfoCookie, clearAuthCookies, NextjsCookieStorage, NextjsClientStorage, };
-//# sourceMappingURL=cookies.js.map