@civic/auth 0.3.1-beta.1 → 0.3.2-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +5 -0
- package/dist/cjs/constants.d.ts +2 -1
- package/dist/cjs/constants.d.ts.map +1 -1
- package/dist/cjs/constants.js +9 -1
- package/dist/cjs/constants.js.map +1 -1
- package/dist/cjs/nextjs/index.d.ts +2 -2
- package/dist/cjs/nextjs/index.d.ts.map +1 -1
- package/dist/cjs/nextjs/index.js.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.d.ts +1 -5
- package/dist/cjs/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.js +5 -45
- package/dist/cjs/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/cjs/reactjs/components/ButtonContentOrLoader.d.ts +1 -1
- package/dist/cjs/reactjs/components/ButtonContentOrLoader.d.ts.map +1 -1
- package/dist/cjs/reactjs/components/ButtonContentOrLoader.js +16 -23
- package/dist/cjs/reactjs/components/ButtonContentOrLoader.js.map +1 -1
- package/dist/cjs/reactjs/components/SignInButton.d.ts +4 -3
- package/dist/cjs/reactjs/components/SignInButton.d.ts.map +1 -1
- package/dist/cjs/reactjs/components/SignInButton.js +5 -9
- package/dist/cjs/reactjs/components/SignInButton.js.map +1 -1
- package/dist/cjs/reactjs/components/SignOutButton.d.ts +4 -3
- package/dist/cjs/reactjs/components/SignOutButton.d.ts.map +1 -1
- package/dist/cjs/reactjs/components/SignOutButton.js +4 -8
- package/dist/cjs/reactjs/components/SignOutButton.js.map +1 -1
- package/dist/cjs/reactjs/components/UserButton.d.ts +6 -3
- package/dist/cjs/reactjs/components/UserButton.d.ts.map +1 -1
- package/dist/cjs/reactjs/components/UserButton.js +69 -109
- package/dist/cjs/reactjs/components/UserButton.js.map +1 -1
- package/dist/cjs/reactjs/providers/AuthProvider.d.ts +1 -2
- package/dist/cjs/reactjs/providers/AuthProvider.d.ts.map +1 -1
- package/dist/cjs/reactjs/providers/AuthProvider.js +3 -37
- package/dist/cjs/reactjs/providers/AuthProvider.js.map +1 -1
- package/dist/cjs/reactjs/providers/CivicAuthProvider.d.ts +1 -2
- package/dist/cjs/reactjs/providers/CivicAuthProvider.d.ts.map +1 -1
- package/dist/cjs/reactjs/providers/CivicAuthProvider.js +4 -13
- package/dist/cjs/reactjs/providers/CivicAuthProvider.js.map +1 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts +1 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js +3 -35
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/cjs/services/UserinfoService.d.ts +5 -0
- package/dist/cjs/services/UserinfoService.d.ts.map +1 -0
- package/dist/cjs/services/UserinfoService.js +15 -0
- package/dist/cjs/services/UserinfoService.js.map +1 -0
- package/dist/cjs/shared/components/BlockDisplay.d.ts +1 -2
- package/dist/cjs/shared/components/BlockDisplay.d.ts.map +1 -1
- package/dist/cjs/shared/components/BlockDisplay.js +4 -8
- package/dist/cjs/shared/components/BlockDisplay.js.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframe.js +16 -17
- package/dist/cjs/shared/components/CivicAuthIframe.js.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframeContainer.d.ts +2 -2
- package/dist/cjs/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframeContainer.js +29 -68
- package/dist/cjs/shared/components/CivicAuthIframeContainer.js.map +1 -1
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.d.ts +1 -2
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.d.ts.map +1 -1
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.js +9 -15
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.js.map +1 -1
- package/dist/cjs/shared/components/CloseIcon.d.ts +1 -2
- package/dist/cjs/shared/components/CloseIcon.d.ts.map +1 -1
- package/dist/cjs/shared/components/CloseIcon.js +2 -7
- package/dist/cjs/shared/components/CloseIcon.js.map +1 -1
- package/dist/cjs/shared/components/IFrameAndLoading.d.ts +1 -2
- package/dist/cjs/shared/components/IFrameAndLoading.d.ts.map +1 -1
- package/dist/cjs/shared/components/IFrameAndLoading.js +5 -47
- package/dist/cjs/shared/components/IFrameAndLoading.js.map +1 -1
- package/dist/cjs/shared/components/LoadingIcon.d.ts +1 -2
- package/dist/cjs/shared/components/LoadingIcon.d.ts.map +1 -1
- package/dist/cjs/shared/components/LoadingIcon.js +19 -27
- package/dist/cjs/shared/components/LoadingIcon.js.map +1 -1
- package/dist/cjs/shared/components/SVGLoading.js +11 -24
- package/dist/cjs/shared/components/SVGLoading.js.map +1 -1
- package/dist/cjs/shared/lib/UserSession.d.ts +4 -2
- package/dist/cjs/shared/lib/UserSession.d.ts.map +1 -1
- package/dist/cjs/shared/lib/UserSession.js.map +1 -1
- package/dist/cjs/shared/lib/session.d.ts +2 -2
- package/dist/cjs/shared/lib/session.d.ts.map +1 -1
- package/dist/cjs/shared/lib/session.js +11 -6
- package/dist/cjs/shared/lib/session.js.map +1 -1
- package/dist/cjs/shared/lib/types.d.ts +1 -0
- package/dist/cjs/shared/lib/types.d.ts.map +1 -1
- package/dist/cjs/shared/lib/types.js +2 -1
- package/dist/cjs/shared/lib/types.js.map +1 -1
- package/dist/cjs/shared/lib/util.d.ts.map +1 -1
- package/dist/cjs/shared/lib/util.js +6 -5
- package/dist/cjs/shared/lib/util.js.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.d.ts +1 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.js +3 -35
- package/dist/cjs/shared/providers/CivicAuthConfigContext.js.map +1 -1
- package/dist/cjs/shared/providers/IframeProvider.d.ts +1 -1
- package/dist/cjs/shared/providers/IframeProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/IframeProvider.js +4 -36
- package/dist/cjs/shared/providers/IframeProvider.js.map +1 -1
- package/dist/cjs/shared/providers/SessionProvider.d.ts +1 -1
- package/dist/cjs/shared/providers/SessionProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/SessionProvider.js +4 -36
- package/dist/cjs/shared/providers/SessionProvider.js.map +1 -1
- package/dist/cjs/shared/providers/TokenProvider.d.ts +1 -1
- package/dist/cjs/shared/providers/TokenProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/TokenProvider.js +5 -40
- package/dist/cjs/shared/providers/TokenProvider.js.map +1 -1
- package/dist/cjs/shared/providers/UserProvider.d.ts +3 -3
- package/dist/cjs/shared/providers/UserProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/UserProvider.js +4 -36
- package/dist/cjs/shared/providers/UserProvider.js.map +1 -1
- package/dist/cjs/shared/version.d.ts +1 -1
- package/dist/cjs/shared/version.js +1 -1
- package/dist/cjs/shared/version.js.map +1 -1
- package/dist/cjs/types.d.ts +4 -14
- package/dist/cjs/types.d.ts.map +1 -1
- package/dist/cjs/types.js +0 -1
- package/dist/cjs/types.js.map +1 -1
- package/dist/esm/constants.d.ts +2 -1
- package/dist/esm/constants.d.ts.map +1 -1
- package/dist/esm/constants.js +8 -1
- package/dist/esm/constants.js.map +1 -1
- package/dist/esm/nextjs/index.d.ts +2 -2
- package/dist/esm/nextjs/index.d.ts.map +1 -1
- package/dist/esm/nextjs/index.js.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.d.ts +1 -5
- package/dist/esm/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.js +4 -11
- package/dist/esm/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/esm/reactjs/components/ButtonContentOrLoader.d.ts +1 -1
- package/dist/esm/reactjs/components/ButtonContentOrLoader.d.ts.map +1 -1
- package/dist/esm/reactjs/components/ButtonContentOrLoader.js +16 -19
- package/dist/esm/reactjs/components/ButtonContentOrLoader.js.map +1 -1
- package/dist/esm/reactjs/components/SignInButton.d.ts +4 -3
- package/dist/esm/reactjs/components/SignInButton.d.ts.map +1 -1
- package/dist/esm/reactjs/components/SignInButton.js +5 -6
- package/dist/esm/reactjs/components/SignInButton.js.map +1 -1
- package/dist/esm/reactjs/components/SignOutButton.d.ts +4 -3
- package/dist/esm/reactjs/components/SignOutButton.d.ts.map +1 -1
- package/dist/esm/reactjs/components/SignOutButton.js +5 -5
- package/dist/esm/reactjs/components/SignOutButton.js.map +1 -1
- package/dist/esm/reactjs/components/UserButton.d.ts +6 -3
- package/dist/esm/reactjs/components/UserButton.d.ts.map +1 -1
- package/dist/esm/reactjs/components/UserButton.js +69 -76
- package/dist/esm/reactjs/components/UserButton.js.map +1 -1
- package/dist/esm/reactjs/providers/AuthProvider.d.ts +1 -2
- package/dist/esm/reactjs/providers/AuthProvider.d.ts.map +1 -1
- package/dist/esm/reactjs/providers/AuthProvider.js +2 -3
- package/dist/esm/reactjs/providers/AuthProvider.js.map +1 -1
- package/dist/esm/reactjs/providers/CivicAuthProvider.d.ts +1 -2
- package/dist/esm/reactjs/providers/CivicAuthProvider.d.ts.map +1 -1
- package/dist/esm/reactjs/providers/CivicAuthProvider.js +4 -9
- package/dist/esm/reactjs/providers/CivicAuthProvider.js.map +1 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts +1 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js +2 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/esm/shared/components/BlockDisplay.d.ts +1 -2
- package/dist/esm/shared/components/BlockDisplay.d.ts.map +1 -1
- package/dist/esm/shared/components/BlockDisplay.js +4 -4
- package/dist/esm/shared/components/BlockDisplay.js.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframe.js +16 -17
- package/dist/esm/shared/components/CivicAuthIframe.js.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframeContainer.d.ts +2 -2
- package/dist/esm/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframeContainer.js +28 -34
- package/dist/esm/shared/components/CivicAuthIframeContainer.js.map +1 -1
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.d.ts +1 -2
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.d.ts.map +1 -1
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.js +9 -11
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.js.map +1 -1
- package/dist/esm/shared/components/CloseIcon.d.ts +1 -2
- package/dist/esm/shared/components/CloseIcon.d.ts.map +1 -1
- package/dist/esm/shared/components/CloseIcon.js +2 -3
- package/dist/esm/shared/components/CloseIcon.js.map +1 -1
- package/dist/esm/shared/components/IFrameAndLoading.d.ts +1 -2
- package/dist/esm/shared/components/IFrameAndLoading.d.ts.map +1 -1
- package/dist/esm/shared/components/IFrameAndLoading.js +4 -13
- package/dist/esm/shared/components/IFrameAndLoading.js.map +1 -1
- package/dist/esm/shared/components/LoadingIcon.d.ts +1 -2
- package/dist/esm/shared/components/LoadingIcon.d.ts.map +1 -1
- package/dist/esm/shared/components/LoadingIcon.js +19 -23
- package/dist/esm/shared/components/LoadingIcon.js.map +1 -1
- package/dist/esm/shared/components/SVGLoading.js +11 -20
- package/dist/esm/shared/components/SVGLoading.js.map +1 -1
- package/dist/esm/shared/lib/UserSession.d.ts +4 -2
- package/dist/esm/shared/lib/UserSession.d.ts.map +1 -1
- package/dist/esm/shared/lib/UserSession.js.map +1 -1
- package/dist/esm/shared/lib/session.d.ts +2 -2
- package/dist/esm/shared/lib/session.d.ts.map +1 -1
- package/dist/esm/shared/lib/session.js +11 -6
- package/dist/esm/shared/lib/session.js.map +1 -1
- package/dist/esm/shared/lib/types.d.ts +1 -0
- package/dist/esm/shared/lib/types.d.ts.map +1 -1
- package/dist/esm/shared/lib/types.js +1 -0
- package/dist/esm/shared/lib/types.js.map +1 -1
- package/dist/esm/shared/lib/util.d.ts.map +1 -1
- package/dist/esm/shared/lib/util.js +7 -6
- package/dist/esm/shared/lib/util.js.map +1 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.d.ts +1 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.js +2 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.js.map +1 -1
- package/dist/esm/shared/providers/IframeProvider.d.ts +1 -1
- package/dist/esm/shared/providers/IframeProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/IframeProvider.js +3 -2
- package/dist/esm/shared/providers/IframeProvider.js.map +1 -1
- package/dist/esm/shared/providers/SessionProvider.d.ts +1 -1
- package/dist/esm/shared/providers/SessionProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/SessionProvider.js +3 -2
- package/dist/esm/shared/providers/SessionProvider.js.map +1 -1
- package/dist/esm/shared/providers/TokenProvider.d.ts +1 -1
- package/dist/esm/shared/providers/TokenProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/TokenProvider.js +4 -6
- package/dist/esm/shared/providers/TokenProvider.js.map +1 -1
- package/dist/esm/shared/providers/UserProvider.d.ts +3 -3
- package/dist/esm/shared/providers/UserProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/UserProvider.js +3 -2
- package/dist/esm/shared/providers/UserProvider.js.map +1 -1
- package/dist/esm/shared/version.d.ts +1 -1
- package/dist/esm/shared/version.js +1 -1
- package/dist/esm/shared/version.js.map +1 -1
- package/dist/esm/types.d.ts +4 -14
- package/dist/esm/types.d.ts.map +1 -1
- package/dist/esm/types.js +0 -1
- package/dist/esm/types.js.map +1 -1
- package/dist/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/tsconfig.esm.tsbuildinfo +1 -1
- package/package.json +2 -1
- package/dist/cjs/reactjs/components/LoadingSpinner.d.ts +0 -7
- package/dist/cjs/reactjs/components/LoadingSpinner.d.ts.map +0 -1
- package/dist/cjs/reactjs/components/LoadingSpinner.js +0 -33
- package/dist/cjs/reactjs/components/LoadingSpinner.js.map +0 -1
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import { AUTH_SERVER_SESSION, OAuthTokens } from "./types.js";
|
|
1
|
+
import { AUTH_SERVER_LEGACY_SESSION, AUTH_SERVER_SESSION, OAuthTokens, } from "./types.js";
|
|
2
2
|
import { OAuth2Client } from "oslo/oauth2";
|
|
3
3
|
import { getIssuerVariations, getOauthEndpoints } from "../../lib/oauth.js";
|
|
4
4
|
import * as jose from "jose";
|
|
5
5
|
import { withoutUndefined } from "../../utils.js";
|
|
6
6
|
import { GenericUserSession } from "../../shared/lib/UserSession.js";
|
|
7
|
-
import {
|
|
7
|
+
import { decodeJwt } from "jose";
|
|
8
8
|
/**
|
|
9
9
|
* Given a PKCE code verifier, derive the code challenge using SHA
|
|
10
10
|
*/
|
|
@@ -80,10 +80,10 @@ export async function exchangeTokens(code, state, pkceProducer, oauth2Client, oa
|
|
|
80
80
|
return tokens;
|
|
81
81
|
}
|
|
82
82
|
export async function setAccessTokenExpiresAt(storage, tokens) {
|
|
83
|
-
// try to extract
|
|
84
|
-
const parsedAccessToken =
|
|
85
|
-
if (parsedAccessToken
|
|
86
|
-
await storage.set(OAuthTokens.ACCESS_TOKEN_EXPIRES_AT, parsedAccessToken.
|
|
83
|
+
// try to extract absolute expiry time from access token but fallback to calculation if not possible
|
|
84
|
+
const parsedAccessToken = decodeJwt(tokens.access_token);
|
|
85
|
+
if (parsedAccessToken?.exp) {
|
|
86
|
+
await storage.set(OAuthTokens.ACCESS_TOKEN_EXPIRES_AT, parsedAccessToken.exp.toString());
|
|
87
87
|
}
|
|
88
88
|
else if (tokens.expires_in) {
|
|
89
89
|
const now = Math.floor(new Date().getTime() / 1000);
|
|
@@ -110,6 +110,7 @@ export async function clearTokens(storage) {
|
|
|
110
110
|
}
|
|
111
111
|
export async function clearAuthServerSession(storage) {
|
|
112
112
|
await storage.delete(AUTH_SERVER_SESSION);
|
|
113
|
+
await storage.delete(AUTH_SERVER_LEGACY_SESSION);
|
|
113
114
|
}
|
|
114
115
|
export async function clearUser(storage) {
|
|
115
116
|
const userSession = new GenericUserSession(storage);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AAEpC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACzD,aAAa,CAAC,YAAY,CAAC,MAAM,CAC/B,0BAA0B,EAC1B,MAAM,CAAC,WAAW,CACnB,CAAC;IACF,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GACV,MAAM,YAAY,CAAC,yBAAyB,CAAwB,IAAI,EAAE;QACxE,YAAY;KACb,CAAC,CAAC;IAEL,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,OAAoB,EACpB,MAA6B;IAE7B,mGAAmG;IACnG,MAAM,iBAAiB,GAAG,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACxD,IAAI,iBAAiB,IAAI,iBAAiB,EAAE,SAAS,EAAE,CAAC;QACtD,MAAM,OAAO,CAAC,GAAG,CACf,WAAW,CAAC,uBAAuB,EACnC,iBAAiB,CAAC,SAAS,EAAE,OAAO,EAAE,CAAC,QAAQ,EAAE,CAClD,CAAC;IACJ,CAAC;SAAM,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QACpD,MAAM,OAAO,CAAC,GAAG,CACf,WAAW,CAAC,uBAAuB,EACnC,CAAC,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,QAAQ,EAAE,CACrC,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,4GAA4G;IAC5G,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACrE,CAAC;IACD,MAAM,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACtE,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,OAAoB;IAC/D,MAAM,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;AAC5C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAClE,MAAM,oBAAoB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC5C,WAAW,CAAC,uBAAuB,CACpC,CAAC;IAEF,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE1C,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,WAAW;QACzB,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,uBAAuB,EACrB,oBAAoB,KAAK,IAAI;YAC3B,CAAC,CAAC,QAAQ,CAAC,oBAAoB,EAAE,EAAE,CAAC;YACpC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KAC7C,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,OAAoB;IAEpB,OAAO,MAAM,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,uBAAuB,CAAC,CAAC,CAAC;AACxE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,SAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,IAAI,EACJ;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,IAAI,EACJ;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;KACpC,CACF,CAAC;IAEF,OAAO,gBAAgB,CAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,mBAAmB,CAAC,OAAO;QACzC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n JWTPayload,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport { AUTH_SERVER_SESSION, OAuthTokens } from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { parseJWT } from \"oslo/jwt\";\n\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n redirectUrl: string;\n idToken: string;\n state: string;\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const endSessionUrl = new URL(endpoints.endsession);\n endSessionUrl.searchParams.append(\"client_id\", config.clientId);\n endSessionUrl.searchParams.append(\"id_token_hint\", config.idToken);\n endSessionUrl.searchParams.append(\"state\", config.state);\n endSessionUrl.searchParams.append(\n \"post_logout_redirect_uri\",\n config.redirectUrl,\n );\n return endSessionUrl;\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens =\n await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(code, {\n codeVerifier,\n });\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n\nexport async function setAccessTokenExpiresAt(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // try to extract absolut expiry time from access token but fallback to calculation if not possible\n const parsedAccessToken = parseJWT(tokens.access_token);\n if (parsedAccessToken && parsedAccessToken?.expiresAt) {\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n parsedAccessToken.expiresAt?.getTime().toString(),\n );\n } else if (tokens.expires_in) {\n const now = Math.floor(new Date().getTime() / 1000);\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n (now + tokens.expires_in).toString(),\n );\n } else {\n throw new Error(\"Cannot determine access token expiry!\");\n }\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )\n await storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);\n await storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);\n if (tokens.refresh_token) {\n await storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);\n }\n await setAccessTokenExpiresAt(storage, tokens);\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n const clearOAuthPromises = Object.values(OAuthTokens).map(async (key) => {\n await storage.delete(key);\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearAuthServerSession(storage: AuthStorage) {\n await storage.delete(AUTH_SERVER_SESSION);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n await userSession.clear();\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<OIDCTokenResponseBody | null> {\n const idToken = await storage.get(OAuthTokens.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokens.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokens.REFRESH_TOKEN);\n const accessTokenExpiresAt = await storage.get(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n );\n\n if (!idToken || !accessToken) return null;\n\n return {\n id_token: idToken,\n access_token: accessToken,\n refresh_token: refreshToken ?? undefined,\n access_token_expires_at:\n accessTokenExpiresAt !== null\n ? parseInt(accessTokenExpiresAt, 10)\n : undefined, // Convert string to number\n };\n}\n\nexport async function retrieveAccessTokenExpiresAt(\n storage: AuthStorage,\n): Promise<number> {\n return Number(await storage.get(OAuthTokens.ACCESS_TOKEN_EXPIRES_AT));\n}\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n endpoints: Endpoints,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n\n // validate the ID token\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // validate the access token\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenResponse.payload,\n refresh_token: tokens.refresh_token,\n });\n}\n"]}
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,WAAW,GACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,SAAS,EAAmB,MAAM,MAAM,CAAC;AAElD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACzD,aAAa,CAAC,YAAY,CAAC,MAAM,CAC/B,0BAA0B,EAC1B,MAAM,CAAC,WAAW,CACnB,CAAC;IACF,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GACV,MAAM,YAAY,CAAC,yBAAyB,CAAwB,IAAI,EAAE;QACxE,YAAY;KACb,CAAC,CAAC;IAEL,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,OAAoB,EACpB,MAA6B;IAE7B,oGAAoG;IACpG,MAAM,iBAAiB,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACzD,IAAI,iBAAiB,EAAE,GAAG,EAAE,CAAC;QAC3B,MAAM,OAAO,CAAC,GAAG,CACf,WAAW,CAAC,uBAAuB,EACnC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,EAAE,CACjC,CAAC;IACJ,CAAC;SAAM,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QACpD,MAAM,OAAO,CAAC,GAAG,CACf,WAAW,CAAC,uBAAuB,EACnC,CAAC,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,QAAQ,EAAE,CACrC,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,4GAA4G;IAC5G,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACrE,CAAC;IACD,MAAM,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACtE,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,OAAoB;IAC/D,MAAM,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IAC1C,MAAM,OAAO,CAAC,MAAM,CAAC,0BAA0B,CAAC,CAAC;AACnD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAClE,MAAM,oBAAoB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC5C,WAAW,CAAC,uBAAuB,CACpC,CAAC;IAEF,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE1C,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,WAAW;QACzB,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,uBAAuB,EACrB,oBAAoB,KAAK,IAAI;YAC3B,CAAC,CAAC,QAAQ,CAAC,oBAAoB,EAAE,EAAE,CAAC;YACpC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KAC7C,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,OAAoB;IAEpB,OAAO,MAAM,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,uBAAuB,CAAC,CAAC,CAAC;AACxE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,SAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,IAAI,EACJ;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,IAAI,EACJ;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;KACpC,CACF,CAAC;IAEF,OAAO,gBAAgB,CAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,mBAAmB,CAAC,OAAO;QACzC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport {\n AUTH_SERVER_LEGACY_SESSION,\n AUTH_SERVER_SESSION,\n OAuthTokens,\n} from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { decodeJwt, type JWTPayload } from \"jose\";\n\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n redirectUrl: string;\n idToken: string;\n state: string;\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const endSessionUrl = new URL(endpoints.endsession);\n endSessionUrl.searchParams.append(\"client_id\", config.clientId);\n endSessionUrl.searchParams.append(\"id_token_hint\", config.idToken);\n endSessionUrl.searchParams.append(\"state\", config.state);\n endSessionUrl.searchParams.append(\n \"post_logout_redirect_uri\",\n config.redirectUrl,\n );\n return endSessionUrl;\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens =\n await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(code, {\n codeVerifier,\n });\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n\nexport async function setAccessTokenExpiresAt(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // try to extract absolute expiry time from access token but fallback to calculation if not possible\n const parsedAccessToken = decodeJwt(tokens.access_token);\n if (parsedAccessToken?.exp) {\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n parsedAccessToken.exp.toString(),\n );\n } else if (tokens.expires_in) {\n const now = Math.floor(new Date().getTime() / 1000);\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n (now + tokens.expires_in).toString(),\n );\n } else {\n throw new Error(\"Cannot determine access token expiry!\");\n }\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )\n await storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);\n await storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);\n if (tokens.refresh_token) {\n await storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);\n }\n await setAccessTokenExpiresAt(storage, tokens);\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n const clearOAuthPromises = Object.values(OAuthTokens).map(async (key) => {\n await storage.delete(key);\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearAuthServerSession(storage: AuthStorage) {\n await storage.delete(AUTH_SERVER_SESSION);\n await storage.delete(AUTH_SERVER_LEGACY_SESSION);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n await userSession.clear();\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<OIDCTokenResponseBody | null> {\n const idToken = await storage.get(OAuthTokens.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokens.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokens.REFRESH_TOKEN);\n const accessTokenExpiresAt = await storage.get(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n );\n\n if (!idToken || !accessToken) return null;\n\n return {\n id_token: idToken,\n access_token: accessToken,\n refresh_token: refreshToken ?? undefined,\n access_token_expires_at:\n accessTokenExpiresAt !== null\n ? parseInt(accessTokenExpiresAt, 10)\n : undefined, // Convert string to number\n };\n}\n\nexport async function retrieveAccessTokenExpiresAt(\n storage: AuthStorage,\n): Promise<number> {\n return Number(await storage.get(OAuthTokens.ACCESS_TOKEN_EXPIRES_AT));\n}\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n endpoints: Endpoints,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n\n // validate the ID token\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // validate the access token\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenResponse.payload,\n refresh_token: tokens.refresh_token,\n });\n}\n"]}
|
|
@@ -14,6 +14,6 @@ type CivicAuthConfigContextType = {
|
|
|
14
14
|
logoutCallbackUrl?: string;
|
|
15
15
|
};
|
|
16
16
|
declare const CivicAuthConfigContext: React.Context<CivicAuthConfig>;
|
|
17
|
-
declare const CivicAuthConfigProvider: ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, nonce, challengeUrl, refreshUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, }: CivicAuthConfigContextType) =>
|
|
17
|
+
declare const CivicAuthConfigProvider: ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, nonce, challengeUrl, refreshUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, }: CivicAuthConfigContextType) => import("@emotion/react/jsx-runtime").JSX.Element;
|
|
18
18
|
export { CivicAuthConfigProvider, CivicAuthConfigContext };
|
|
19
19
|
//# sourceMappingURL=CivicAuthConfigContext.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CivicAuthConfigContext.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAA0B,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAGtE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAIvD,KAAK,0BAA0B,GAAG;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF,QAAA,MAAM,sBAAsB,gCAAgD,CAAC;AAE7E,QAAA,MAAM,uBAAuB,uKAW1B,0BAA0B,
|
|
1
|
+
{"version":3,"file":"CivicAuthConfigContext.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAA0B,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAGtE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAIvD,KAAK,0BAA0B,GAAG;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF,QAAA,MAAM,sBAAsB,gCAAgD,CAAC;AAE7E,QAAA,MAAM,uBAAuB,uKAW1B,0BAA0B,qDAsD5B,CAAC;AAEF,OAAO,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
"use client";
|
|
2
|
+
import { jsx as _jsx } from "@emotion/react/jsx-runtime";
|
|
2
3
|
import { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from "../../constants.js";
|
|
3
4
|
import React, { createContext, useMemo } from "react";
|
|
4
5
|
import { useOAuthEndpoints } from "../../shared/hooks/useOAuthEndpoints.js";
|
|
@@ -48,7 +49,7 @@ const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl:
|
|
|
48
49
|
scopes,
|
|
49
50
|
logoutRedirectUrl,
|
|
50
51
|
]);
|
|
51
|
-
return (
|
|
52
|
+
return (_jsx(CivicAuthConfigContext.Provider, { value: value, children: children }));
|
|
52
53
|
};
|
|
53
54
|
export { CivicAuthConfigProvider, CivicAuthConfigContext };
|
|
54
55
|
//# sourceMappingURL=CivicAuthConfigContext.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CivicAuthConfigContext.js","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC
|
|
1
|
+
{"version":3,"file":"CivicAuthConfigContext.js","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AACb,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACrE,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,OAAO,EAAkB,MAAM,OAAO,CAAC;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,qCAAqC,CAAC;AACxE,OAAO,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAGhE,MAAM,aAAa,GAAoB,IAAI,CAAC;AAe5C,gEAAgE;AAChE,MAAM,sBAAsB,GAAG,aAAa,CAAkB,aAAa,CAAC,CAAC;AAE7E,MAAM,uBAAuB,GAAG,CAAC,EAC/B,QAAQ,EACR,WAAW,EACX,QAAQ,EACR,WAAW,EAAE,gBAAgB,EAC7B,KAAK,EACL,YAAY,EACZ,UAAU,EACV,SAAS,EACT,MAAM,EACN,iBAAiB,EAAE,sBAAsB,GACd,EAAE,EAAE;IAC/B,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IAEnC,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,EAAE;QAC/B,MAAM,MAAM,GAAG,gBAAgB,IAAI,UAAU,CAAC;QAC9C,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC,EAAE,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAEjD,MAAM,iBAAiB,GAAG,OAAO,CAAC,GAAG,EAAE;QACrC,MAAM,MAAM,GAAG,sBAAsB,IAAI,UAAU,CAAC;QACpD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC,EAAE,CAAC,UAAU,EAAE,sBAAsB,CAAC,CAAC,CAAC;IAEzC,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CACH,SAAS;QACP,CAAC,CAAC;YACE,QAAQ;YACR,WAAW;YACX,WAAW,EAAE,WAAW,IAAI,mBAAmB;YAC/C,SAAS;YACT,KAAK;YACL,YAAY;YACZ,UAAU;YACV,SAAS;YACT,MAAM,EAAE,MAAM,IAAI,cAAc;YAChC,iBAAiB;SAClB;QACH,CAAC,CAAC,IAAI,EACV;QACE,QAAQ;QACR,WAAW;QACX,WAAW;QACX,SAAS;QACT,KAAK;QACL,YAAY;QACZ,UAAU;QACV,SAAS;QACT,MAAM;QACN,iBAAiB;KAClB,CACF,CAAC;IACF,OAAO,CACL,KAAC,sBAAsB,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAC1C,QAAQ,GACuB,CACnC,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from \"@/constants.js\";\nimport React, { createContext, useMemo, type ReactNode } from \"react\";\nimport { useOAuthEndpoints } from \"@/shared/hooks/useOAuthEndpoints.js\";\nimport { useCurrentUrl } from \"@/shared/hooks/useCurrentUrl.js\";\nimport type { CivicAuthConfig } from \"../lib/types.js\";\n\nconst defaultConfig: CivicAuthConfig = null;\n\ntype CivicAuthConfigContextType = {\n children: ReactNode;\n oauthServer?: string;\n clientId: string;\n scopes?: string[];\n redirectUrl?: string;\n logoutRedirectUrl?: string;\n nonce?: string;\n challengeUrl?: string;\n refreshUrl?: string;\n logoutUrl?: string;\n logoutCallbackUrl?: string;\n};\n// Context for exposing Config specifically to the TokenProvider\nconst CivicAuthConfigContext = createContext<CivicAuthConfig>(defaultConfig);\n\nconst CivicAuthConfigProvider = ({\n children,\n oauthServer,\n clientId,\n redirectUrl: inputRedirectUrl,\n nonce,\n challengeUrl,\n refreshUrl,\n logoutUrl,\n scopes,\n logoutRedirectUrl: inputLogoutRedirectUrl,\n}: CivicAuthConfigContextType) => {\n const currentUrl = useCurrentUrl();\n\n const redirectUrl = useMemo(() => {\n const useUrl = inputRedirectUrl || currentUrl;\n if (useUrl) {\n return `${useUrl.split(\"?\")[0]}`;\n }\n return \"\";\n }, [currentUrl, inputRedirectUrl]);\n const endpoints = useOAuthEndpoints(oauthServer);\n\n const logoutRedirectUrl = useMemo(() => {\n const useUrl = inputLogoutRedirectUrl || currentUrl;\n if (useUrl) {\n return `${useUrl.split(\"?\")[0]}`;\n }\n return \"\";\n }, [currentUrl, inputLogoutRedirectUrl]);\n\n const value = useMemo(\n () =>\n endpoints\n ? {\n clientId,\n redirectUrl,\n oauthServer: oauthServer || DEFAULT_AUTH_SERVER,\n endpoints,\n nonce,\n challengeUrl,\n refreshUrl,\n logoutUrl,\n scopes: scopes || DEFAULT_SCOPES,\n logoutRedirectUrl,\n }\n : null,\n [\n clientId,\n redirectUrl,\n oauthServer,\n endpoints,\n nonce,\n challengeUrl,\n refreshUrl,\n logoutUrl,\n scopes,\n logoutRedirectUrl,\n ],\n );\n return (\n <CivicAuthConfigContext.Provider value={value}>\n {children}\n </CivicAuthConfigContext.Provider>\n );\n};\n\nexport { CivicAuthConfigProvider, CivicAuthConfigContext };\n"]}
|
|
@@ -18,7 +18,7 @@ type IframeContextType = {
|
|
|
18
18
|
children: ReactNode;
|
|
19
19
|
iframeMode?: IframeMode;
|
|
20
20
|
};
|
|
21
|
-
declare const IframeProvider: ({ children, iframeMode, }: IframeContextType) =>
|
|
21
|
+
declare const IframeProvider: ({ children, iframeMode, }: IframeContextType) => import("@emotion/react/jsx-runtime").JSX.Element;
|
|
22
22
|
export type { IframeContextType };
|
|
23
23
|
export { IframeProvider, IframeContext };
|
|
24
24
|
//# sourceMappingURL=IframeProvider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"IframeProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/IframeProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,OAAO,CAAC;AAC5E,OAAO,KAA0C,MAAM,OAAO,CAAC;AAE/D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,MAAM,MAAM,oBAAoB,GAAG;IACjC,SAAS,EAAE,SAAS,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC;IAC/C,eAAe,EAAE,SAAS,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC;IACrD,kBAAkB,EAAE,QAAQ,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;IACtD,gBAAgB,EAAE,QAAQ,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;IACpD,aAAa,EAAE,OAAO,CAAC;IACvB,wBAAwB,EAAE,QAAQ,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5D,eAAe,EAAE,OAAO,CAAC;IACzB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,YAAY,EAAE,OAAO,CAAC;CACvB,CAAC;AAeF,QAAA,MAAM,aAAa,qCAAqD,CAAC;AAEzE,KAAK,iBAAiB,GAAG;IACvB,QAAQ,EAAE,SAAS,CAAC;IACpB,UAAU,CAAC,EAAE,UAAU,CAAC;CACzB,CAAC;AAEF,QAAA,MAAM,cAAc,8BAGjB,iBAAiB,
|
|
1
|
+
{"version":3,"file":"IframeProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/IframeProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,OAAO,CAAC;AAC5E,OAAO,KAA0C,MAAM,OAAO,CAAC;AAE/D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,MAAM,MAAM,oBAAoB,GAAG;IACjC,SAAS,EAAE,SAAS,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC;IAC/C,eAAe,EAAE,SAAS,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC;IACrD,kBAAkB,EAAE,QAAQ,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;IACtD,gBAAgB,EAAE,QAAQ,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;IACpD,aAAa,EAAE,OAAO,CAAC;IACvB,wBAAwB,EAAE,QAAQ,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5D,eAAe,EAAE,OAAO,CAAC;IACzB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,YAAY,EAAE,OAAO,CAAC;CACvB,CAAC;AAeF,QAAA,MAAM,aAAa,qCAAqD,CAAC;AAEzE,KAAK,iBAAiB,GAAG;IACvB,QAAQ,EAAE,SAAS,CAAC;IACpB,UAAU,CAAC,EAAE,UAAU,CAAC;CACzB,CAAC;AAEF,QAAA,MAAM,cAAc,8BAGjB,iBAAiB,qDA2BnB,CAAC;AAEF,YAAY,EAAE,iBAAiB,EAAE,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
"use client";
|
|
2
|
+
import { jsx as _jsx } from "@emotion/react/jsx-runtime";
|
|
2
3
|
import React, { createContext, useRef, useState } from "react";
|
|
3
4
|
import { useIsInIframe } from "../../shared/hooks/useIsInIframe.js";
|
|
4
5
|
const defaultIframe = {
|
|
@@ -23,7 +24,7 @@ const IframeProvider = ({ children, iframeMode = "modal", }) => {
|
|
|
23
24
|
const [iframeAborted, setIframeAborted] = useState(false);
|
|
24
25
|
const [logoutIframeIsVisible, setLogoutIframeIsVisible] = useState(false);
|
|
25
26
|
const renderIframe = iframeMode === "modal" && !isInIframe;
|
|
26
|
-
return (
|
|
27
|
+
return (_jsx(IframeContext.Provider, { value: {
|
|
27
28
|
iframeRef,
|
|
28
29
|
logoutIframeRef,
|
|
29
30
|
setIframeIsVisible,
|
|
@@ -34,7 +35,7 @@ const IframeProvider = ({ children, iframeMode = "modal", }) => {
|
|
|
34
35
|
logoutIframeIsVisible,
|
|
35
36
|
iframeMode,
|
|
36
37
|
renderIframe,
|
|
37
|
-
}
|
|
38
|
+
}, children: children }));
|
|
38
39
|
};
|
|
39
40
|
export { IframeProvider, IframeContext };
|
|
40
41
|
//# sourceMappingURL=IframeProvider.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"IframeProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/IframeProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC
|
|
1
|
+
{"version":3,"file":"IframeProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/IframeProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAehE,MAAM,aAAa,GAAyB;IAC1C,SAAS,EAAE,IAAI;IACf,eAAe,EAAE,IAAI;IACrB,kBAAkB,EAAE,GAAG,EAAE,GAAE,CAAC;IAC5B,gBAAgB,EAAE,GAAG,EAAE,GAAE,CAAC;IAC1B,wBAAwB,EAAE,GAAG,EAAE,GAAE,CAAC;IAClC,eAAe,EAAE,KAAK;IACtB,aAAa,EAAE,KAAK;IACpB,qBAAqB,EAAE,KAAK;IAC5B,UAAU,EAAE,OAAO;IACnB,YAAY,EAAE,KAAK;CACpB,CAAC;AAEF,gEAAgE;AAChE,MAAM,aAAa,GAAG,aAAa,CAAuB,aAAa,CAAC,CAAC;AAOzE,MAAM,cAAc,GAAG,CAAC,EACtB,QAAQ,EACR,UAAU,GAAG,OAAO,GACF,EAAE,EAAE;IACtB,MAAM,SAAS,GAAG,MAAM,CAAoB,IAAI,CAAC,CAAC;IAClD,MAAM,eAAe,GAAG,MAAM,CAAoB,IAAI,CAAC,CAAC;IACxD,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,MAAM,CAAC,eAAe,EAAE,kBAAkB,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC9D,MAAM,CAAC,aAAa,EAAE,gBAAgB,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1D,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE1E,MAAM,YAAY,GAAG,UAAU,KAAK,OAAO,IAAI,CAAC,UAAU,CAAC;IAC3D,OAAO,CACL,KAAC,aAAa,CAAC,QAAQ,IACrB,KAAK,EAAE;YACL,SAAS;YACT,eAAe;YACf,kBAAkB;YAClB,aAAa;YACb,gBAAgB;YAChB,wBAAwB;YACxB,eAAe;YACf,qBAAqB;YACrB,UAAU;YACV,YAAY;SACb,YAEA,QAAQ,GACc,CAC1B,CAAC;AACJ,CAAC,CAAC;AAGF,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,CAAC","sourcesContent":["\"use client\";\nimport type { Dispatch, ReactNode, RefObject, SetStateAction } from \"react\";\nimport React, { createContext, useRef, useState } from \"react\";\nimport { useIsInIframe } from \"@/shared/hooks/useIsInIframe.js\";\nimport type { IframeMode } from \"@/types.js\";\n\nexport type IframeProviderOutput = {\n iframeRef: RefObject<HTMLIFrameElement> | null;\n logoutIframeRef: RefObject<HTMLIFrameElement> | null;\n setIframeIsVisible: Dispatch<SetStateAction<boolean>>;\n setIframeAborted: Dispatch<SetStateAction<boolean>>;\n iframeAborted: boolean;\n setLogoutIframeIsVisible: Dispatch<SetStateAction<boolean>>;\n iframeIsVisible: boolean;\n logoutIframeIsVisible: boolean;\n iframeMode: IframeMode;\n renderIframe: boolean;\n};\nconst defaultIframe: IframeProviderOutput = {\n iframeRef: null,\n logoutIframeRef: null,\n setIframeIsVisible: () => {},\n setIframeAborted: () => {},\n setLogoutIframeIsVisible: () => {},\n iframeIsVisible: false,\n iframeAborted: false,\n logoutIframeIsVisible: false,\n iframeMode: \"modal\",\n renderIframe: false,\n};\n\n// Context for exposing Iframe specifically to the TokenProvider\nconst IframeContext = createContext<IframeProviderOutput>(defaultIframe);\n\ntype IframeContextType = {\n children: ReactNode;\n iframeMode?: IframeMode;\n};\n\nconst IframeProvider = ({\n children,\n iframeMode = \"modal\",\n}: IframeContextType) => {\n const iframeRef = useRef<HTMLIFrameElement>(null);\n const logoutIframeRef = useRef<HTMLIFrameElement>(null);\n const isInIframe = useIsInIframe();\n const [iframeIsVisible, setIframeIsVisible] = useState(false);\n const [iframeAborted, setIframeAborted] = useState(false);\n const [logoutIframeIsVisible, setLogoutIframeIsVisible] = useState(false);\n\n const renderIframe = iframeMode === \"modal\" && !isInIframe;\n return (\n <IframeContext.Provider\n value={{\n iframeRef,\n logoutIframeRef,\n setIframeIsVisible,\n iframeAborted,\n setIframeAborted,\n setLogoutIframeIsVisible,\n iframeIsVisible,\n logoutIframeIsVisible,\n iframeMode,\n renderIframe,\n }}\n >\n {children}\n </IframeContext.Provider>\n );\n};\n\nexport type { IframeContextType };\nexport { IframeProvider, IframeContext };\n"]}
|
|
@@ -13,7 +13,7 @@ type SessionContextType = {
|
|
|
13
13
|
error?: Error | null;
|
|
14
14
|
isLoading: boolean;
|
|
15
15
|
};
|
|
16
|
-
declare const SessionProvider: ({ children, ...props }: SessionContextType) =>
|
|
16
|
+
declare const SessionProvider: ({ children, ...props }: SessionContextType) => import("@emotion/react/jsx-runtime").JSX.Element;
|
|
17
17
|
export type { SessionContextType };
|
|
18
18
|
export { SessionProvider, SessionContext };
|
|
19
19
|
//# sourceMappingURL=SessionProvider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SessionProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/SessionProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAwB,MAAM,OAAO,CAAC;AAE7C,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IACzB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAaF,QAAA,MAAM,cAAc,sCAAuD,CAAC;AAE5E,KAAK,kBAAkB,GAAG;IACxB,QAAQ,EAAE,SAAS,CAAC;IACpB,IAAI,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC1B,KAAK,CAAC,EAAE,KAAK,GAAG,IAAI,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF,QAAA,MAAM,eAAe,2BAA4B,kBAAkB,
|
|
1
|
+
{"version":3,"file":"SessionProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/SessionProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAwB,MAAM,OAAO,CAAC;AAE7C,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IACzB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAaF,QAAA,MAAM,cAAc,sCAAuD,CAAC;AAE5E,KAAK,kBAAkB,GAAG;IACxB,QAAQ,EAAE,SAAS,CAAC;IACpB,IAAI,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC1B,KAAK,CAAC,EAAE,KAAK,GAAG,IAAI,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF,QAAA,MAAM,eAAe,2BAA4B,kBAAkB,qDAYlE,CAAC;AAEF,YAAY,EAAE,kBAAkB,EAAE,CAAC;AACnC,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
"use client";
|
|
2
|
+
import { jsx as _jsx } from "@emotion/react/jsx-runtime";
|
|
2
3
|
import React, { createContext } from "react";
|
|
3
4
|
const defaultSession = {
|
|
4
5
|
data: {
|
|
@@ -13,11 +14,11 @@ const defaultSession = {
|
|
|
13
14
|
// Context for exposing session specifically to the TokenProvider
|
|
14
15
|
const SessionContext = createContext(defaultSession);
|
|
15
16
|
const SessionProvider = ({ children, ...props }) => {
|
|
16
|
-
return (
|
|
17
|
+
return (_jsx(SessionContext.Provider, { value: {
|
|
17
18
|
...props,
|
|
18
19
|
data: props.data || null,
|
|
19
20
|
error: props.error || null,
|
|
20
|
-
}
|
|
21
|
+
}, children: children }));
|
|
21
22
|
};
|
|
22
23
|
export { SessionProvider, SessionContext };
|
|
23
24
|
//# sourceMappingURL=SessionProvider.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SessionProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/SessionProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC
|
|
1
|
+
{"version":3,"file":"SessionProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/SessionProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAGb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,OAAO,CAAC;AAO7C,MAAM,cAAc,GAA0B;IAC5C,IAAI,EAAE;QACJ,aAAa,EAAE,KAAK;QACpB,OAAO,EAAE,SAAS;QAClB,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,QAAQ;KACtB;IACD,KAAK,EAAE,IAAI;IACX,SAAS,EAAE,KAAK;CACjB,CAAC;AAEF,iEAAiE;AACjE,MAAM,cAAc,GAAG,aAAa,CAAwB,cAAc,CAAC,CAAC;AAS5E,MAAM,eAAe,GAAG,CAAC,EAAE,QAAQ,EAAE,GAAG,KAAK,EAAsB,EAAE,EAAE;IACrE,OAAO,CACL,KAAC,cAAc,CAAC,QAAQ,IACtB,KAAK,EAAE;YACL,GAAG,KAAK;YACR,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,IAAI;YACxB,KAAK,EAAE,KAAK,CAAC,KAAK,IAAI,IAAI;SAC3B,YAEA,QAAQ,GACe,CAC3B,CAAC;AACJ,CAAC,CAAC;AAGF,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC","sourcesContent":["\"use client\";\nimport type { SessionData } from \"@/types.js\";\nimport type { ReactNode } from \"react\";\nimport React, { createContext } from \"react\";\n\nexport type SessionProviderOutput = {\n data: SessionData | null;\n error: Error | null;\n isLoading: boolean;\n};\nconst defaultSession: SessionProviderOutput = {\n data: {\n authenticated: false,\n idToken: undefined,\n accessToken: undefined,\n displayMode: \"iframe\",\n },\n error: null,\n isLoading: false,\n};\n\n// Context for exposing session specifically to the TokenProvider\nconst SessionContext = createContext<SessionProviderOutput>(defaultSession);\n\ntype SessionContextType = {\n children: ReactNode;\n data?: SessionData | null;\n error?: Error | null;\n isLoading: boolean;\n};\n\nconst SessionProvider = ({ children, ...props }: SessionContextType) => {\n return (\n <SessionContext.Provider\n value={{\n ...props,\n data: props.data || null,\n error: props.error || null,\n }}\n >\n {children}\n </SessionContext.Provider>\n );\n};\n\nexport type { SessionContextType };\nexport { SessionProvider, SessionContext };\n"]}
|
|
@@ -11,7 +11,7 @@ type TokenContextType = {
|
|
|
11
11
|
declare const TokenContext: React.Context<TokenContextType | undefined>;
|
|
12
12
|
declare const TokenProvider: ({ children }: {
|
|
13
13
|
children: ReactNode;
|
|
14
|
-
}) =>
|
|
14
|
+
}) => import("@emotion/react/jsx-runtime").JSX.Element;
|
|
15
15
|
export type { TokenContextType };
|
|
16
16
|
export { TokenProvider, TokenContext };
|
|
17
17
|
//# sourceMappingURL=TokenProvider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAiC,MAAM,OAAO,CAAC;AAEtD,OAAO,KAAK,EAAE,eAAe,
|
|
1
|
+
{"version":3,"file":"TokenProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAiC,MAAM,OAAO,CAAC;AAEtD,OAAO,KAAK,EAAE,eAAe,EAAkB,MAAM,YAAY,CAAC;AAIlE,KAAK,gBAAgB,GAAG;IACtB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,eAAe,EAAE,eAAe,CAAC;IACjC,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB,CAAC;AAEF,QAAA,MAAM,YAAY,6CAAyD,CAAC;AAE5E,QAAA,MAAM,aAAa,iBAAkB;IAAE,QAAQ,EAAE,SAAS,CAAA;CAAE,qDAkC3D,CAAC;AAEF,YAAY,EAAE,gBAAgB,EAAE,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
"use client";
|
|
2
|
+
import { jsx as _jsx } from "@emotion/react/jsx-runtime";
|
|
2
3
|
import React, { createContext, useMemo } from "react";
|
|
3
4
|
import { useSession } from "../../shared/hooks/useSession.js";
|
|
4
|
-
import { parseJWT } from "oslo/jwt";
|
|
5
5
|
import { convertForwardedTokenFormat } from "../../lib/jwt.js";
|
|
6
|
+
import { decodeJwt } from "jose";
|
|
6
7
|
const TokenContext = createContext(undefined);
|
|
7
8
|
const TokenProvider = ({ children }) => {
|
|
8
9
|
const { isLoading, error: authError } = useSession();
|
|
@@ -10,10 +11,7 @@ const TokenProvider = ({ children }) => {
|
|
|
10
11
|
const decodeTokens = useMemo(() => {
|
|
11
12
|
if (!session?.idToken)
|
|
12
13
|
return null;
|
|
13
|
-
const
|
|
14
|
-
if (!parsedJWT)
|
|
15
|
-
return null;
|
|
16
|
-
const { forwardedTokens } = parsedJWT.payload;
|
|
14
|
+
const { forwardedTokens } = decodeJwt(session.idToken);
|
|
17
15
|
return forwardedTokens
|
|
18
16
|
? convertForwardedTokenFormat(forwardedTokens)
|
|
19
17
|
: null;
|
|
@@ -31,7 +29,7 @@ const TokenProvider = ({ children }) => {
|
|
|
31
29
|
isLoading,
|
|
32
30
|
authError,
|
|
33
31
|
]);
|
|
34
|
-
return (
|
|
32
|
+
return (_jsx(TokenContext.Provider, { value: value, children: children }));
|
|
35
33
|
};
|
|
36
34
|
export { TokenProvider, TokenContext };
|
|
37
35
|
//# sourceMappingURL=TokenProvider.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC
|
|
1
|
+
{"version":3,"file":"TokenProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAE1D,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAUjC,MAAM,YAAY,GAAG,aAAa,CAA+B,SAAS,CAAC,CAAC;AAE5E,MAAM,aAAa,GAAG,CAAC,EAAE,QAAQ,EAA2B,EAAE,EAAE;IAC9D,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,UAAU,EAAE,CAAC;IACrD,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IAEvC,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,EAAE;QAChC,IAAI,CAAC,OAAO,EAAE,OAAO;YAAE,OAAO,IAAI,CAAC;QAEnC,MAAM,EAAE,eAAe,EAAE,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,CAAmB,CAAC;QAEzE,OAAO,eAAe;YACpB,CAAC,CAAC,2BAA2B,CAAC,eAAe,CAAC;YAC9C,CAAC,CAAC,IAAI,CAAC;IACX,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAEvB,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC;QACL,WAAW,EAAE,OAAO,EAAE,WAAW,IAAI,IAAI;QACzC,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,IAAI;QACjC,eAAe,EAAE,YAAY,IAAI,EAAE;QACnC,SAAS;QACT,KAAK,EAAE,SAAyB;KACjC,CAAC,EACF;QACE,OAAO,EAAE,WAAW;QACpB,OAAO,EAAE,OAAO;QAChB,YAAY;QACZ,SAAS;QACT,SAAS;KACV,CACF,CAAC;IAEF,OAAO,CACL,KAAC,YAAY,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAAyB,CACxE,CAAC;AACJ,CAAC,CAAC;AAGF,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC","sourcesContent":["\"use client\";\nimport type { ReactNode } from \"react\";\nimport React, { createContext, useMemo } from \"react\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { ForwardedTokens, IdTokenPayload } from \"@/types.js\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\nimport { decodeJwt } from \"jose\";\n\ntype TokenContextType = {\n accessToken: string | null;\n idToken: string | null;\n forwardedTokens: ForwardedTokens;\n isLoading: boolean;\n error: Error | null;\n};\n\nconst TokenContext = createContext<TokenContextType | undefined>(undefined);\n\nconst TokenProvider = ({ children }: { children: ReactNode }) => {\n const { isLoading, error: authError } = useSession();\n const { data: session } = useSession();\n\n const decodeTokens = useMemo(() => {\n if (!session?.idToken) return null;\n\n const { forwardedTokens } = decodeJwt(session.idToken) as IdTokenPayload;\n\n return forwardedTokens\n ? convertForwardedTokenFormat(forwardedTokens)\n : null;\n }, [session?.idToken]);\n\n const value = useMemo(\n () => ({\n accessToken: session?.accessToken || null,\n idToken: session?.idToken || null,\n forwardedTokens: decodeTokens || {},\n isLoading,\n error: authError as Error | null,\n }),\n [\n session?.accessToken,\n session?.idToken,\n decodeTokens,\n isLoading,\n authError,\n ],\n );\n\n return (\n <TokenContext.Provider value={value}>{children}</TokenContext.Provider>\n );\n};\n\nexport type { TokenContextType };\nexport { TokenProvider, TokenContext };\n"]}
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import React from "react";
|
|
2
2
|
import type { ReactNode } from "react";
|
|
3
|
-
import type { JWT } from "oslo/jwt";
|
|
4
3
|
import type { AuthStatus, AuthStorage, DisplayMode, ForwardedTokens, User } from "../../types.js";
|
|
5
4
|
import type { AuthContextType } from "../../shared/providers/AuthContext.js";
|
|
6
|
-
type
|
|
5
|
+
import type { JWTPayload } from "jose";
|
|
6
|
+
type UserContent = Record<string, unknown> & JWTPayload;
|
|
7
7
|
type UserContextType<T extends UserContent = UserContent> = {
|
|
8
8
|
user: User<T> | null;
|
|
9
9
|
} & {
|
|
@@ -20,7 +20,7 @@ declare const UserProvider: <T extends UserContent>({ children, storage, user: i
|
|
|
20
20
|
authStatus: AuthStatus;
|
|
21
21
|
signIn: (displayMode?: DisplayMode) => Promise<void>;
|
|
22
22
|
displayMode: DisplayMode;
|
|
23
|
-
}) =>
|
|
23
|
+
}) => import("@emotion/react/jsx-runtime").JSX.Element;
|
|
24
24
|
export type { UserContextType };
|
|
25
25
|
export { UserProvider, UserContext };
|
|
26
26
|
//# sourceMappingURL=UserProvider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAA0D,MAAM,OAAO,CAAC;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"UserProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAA0D,MAAM,OAAO,CAAC;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAK,EACV,UAAU,EACV,WAAW,EACX,WAAW,EACX,eAAe,EACf,IAAI,EACL,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAGzE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,CAAC;AACxD,KAAK,eAAe,CAAC,CAAC,SAAS,WAAW,GAAG,WAAW,IAAI;IAC1D,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;CACtB,GAAG;IACF,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC,GAAG,IAAI,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;AAE7C,QAAA,MAAM,WAAW,oDAA8C,CAAC;AAEhE,QAAA,MAAM,YAAY,GAAI,CAAC,SAAS,WAAW,qFAQxC;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,WAAW,CAAC;IACrB,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,WAAW,EAAE,WAAW,CAAC;CAC1B,qDAgEA,CAAC;AAEF,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
"use client";
|
|
2
|
+
import { jsx as _jsx } from "@emotion/react/jsx-runtime";
|
|
2
3
|
import React, { createContext, useCallback, useEffect, useState } from "react";
|
|
3
4
|
import { useSession } from "../../shared/hooks/useSession.js";
|
|
4
5
|
import { GenericUserSession } from "../../shared/lib/UserSession.js";
|
|
@@ -49,7 +50,7 @@ const UserProvider = ({ children, storage, user: inputUser, signOut, authStatus,
|
|
|
49
50
|
// If the user is passed in, we just use that.
|
|
50
51
|
// We should not split user state management across multiple contexts
|
|
51
52
|
const userValue = user ?? inputUser;
|
|
52
|
-
return (
|
|
53
|
+
return (_jsx(UserContext.Provider, { value: {
|
|
53
54
|
...tokens,
|
|
54
55
|
user: userValue,
|
|
55
56
|
isLoading,
|
|
@@ -58,7 +59,7 @@ const UserProvider = ({ children, storage, user: inputUser, signOut, authStatus,
|
|
|
58
59
|
signOut,
|
|
59
60
|
authStatus,
|
|
60
61
|
displayMode: displayMode || "iframe",
|
|
61
|
-
}
|
|
62
|
+
}, children: children }));
|
|
62
63
|
};
|
|
63
64
|
export { UserProvider, UserContext };
|
|
64
65
|
//# sourceMappingURL=UserProvider.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC
|
|
1
|
+
{"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAS/E,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAE1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAYhD,MAAM,WAAW,GAAG,aAAa,CAAyB,IAAI,CAAC,CAAC;AAEhE,MAAM,YAAY,GAAG,CAAwB,EAC3C,QAAQ,EACR,OAAO,EACP,IAAI,EAAE,SAAS,EACf,OAAO,EACP,UAAU,EACV,MAAM,EACN,WAAW,GASZ,EAAE,EAAE;IACH,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,GAAG,UAAU,EAAE,CAAC;IAClE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IACvC,MAAM,MAAM,GAAG,QAAQ,EAAE,CAAC;IAC1B,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAU,KAAK,CAAC,CAAC;IAC/D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAC/D,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAiB,SAAS,CAAC,CAAC;IAE5D,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,IAA6B,EAAE;QAChE,IAAI,CAAC,OAAO,EAAE,OAAO;YAAE,OAAO,IAAI,CAAC;QACnC,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAI,OAAO,CAAC,CAAC;QACvD,OAAO,WAAW,CAAC,GAAG,EAAE,CAAC;IAC3B,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAEhC,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;YACrB,cAAc,CAAC,IAAI,CAAC,CAAC;YACrB,SAAS,EAAE;iBACR,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBACb,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACnB,sGAAsG;oBACtG,sEAAsE;oBACtE,2EAA2E;oBAC3E,OAAO,IAAI,IAAI,QAAQ,CAAC;gBAC1B,CAAC,CAAC,CAAC;YACL,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACf,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,YAAY,CAAC,KAAK,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC;IACH,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAElC,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC;IAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;IAErC,mEAAmE;IACnE,+DAA+D;IAC/D,kEAAkE;IAClE,oEAAoE;IACpE,mEAAmE;IACnE,8CAA8C;IAC9C,qEAAqE;IACrE,MAAM,SAAS,GAAG,IAAI,IAAI,SAAS,CAAC;IAEpC,OAAO,CACL,KAAC,WAAW,CAAC,QAAQ,IACnB,KAAK,EAAE;YACL,GAAG,MAAM;YACT,IAAI,EAAE,SAAS;YACf,SAAS;YACT,KAAK;YACL,MAAM;YACN,OAAO;YACP,UAAU;YACV,WAAW,EAAE,WAAW,IAAI,QAAQ;SACrC,YAEA,QAAQ,GACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAIF,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC","sourcesContent":["\"use client\";\n\nimport React, { createContext, useCallback, useEffect, useState } from \"react\";\nimport type { ReactNode } from \"react\";\nimport type {\n AuthStatus,\n AuthStorage,\n DisplayMode,\n ForwardedTokens,\n User,\n} from \"@/types.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { AuthContextType } from \"@/shared/providers/AuthContext.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { useToken } from \"../hooks/useToken.js\";\nimport type { JWTPayload } from \"jose\";\n\ntype UserContent = Record<string, unknown> & JWTPayload;\ntype UserContextType<T extends UserContent = UserContent> = {\n user: User<T> | null;\n} & {\n accessToken?: string | null;\n idToken?: string | null;\n forwardedTokens?: ForwardedTokens;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends UserContent>({\n children,\n storage,\n user: inputUser,\n signOut,\n authStatus,\n signIn,\n displayMode,\n}: {\n children: ReactNode;\n storage: AuthStorage;\n user: User<T> | null;\n signOut: () => Promise<void>;\n authStatus: AuthStatus;\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n displayMode: DisplayMode;\n}) => {\n const { error: authError, isLoading: authLoading } = useSession();\n const { data: session } = useSession();\n const tokens = useToken();\n const [userLoading, setUserLoading] = useState<boolean>(false);\n const [userError, setUserError] = useState<Error | null>(null);\n const [user, setUser] = useState<User<T> | null>(inputUser);\n\n const fetchUser = useCallback(async (): Promise<User<T> | null> => {\n if (!session?.idToken) return null;\n const userSession = new GenericUserSession<T>(storage);\n return userSession.get();\n }, [session?.idToken, storage]);\n\n useEffect(() => {\n if (session?.idToken) {\n setUserLoading(true);\n fetchUser()\n .then((user) => {\n setUserLoading(false);\n setUser((prevUser) => {\n // we only want to update the user if it's set - if a user is passed in, don't assume it is wrong here\n // it could be just the fetchUser returned null for some other reason.\n // TODO consider cleaning this up in general to avoid needing context here.\n return user ?? prevUser;\n });\n })\n .catch((error) => {\n setUserLoading(false);\n setUserError(error);\n });\n } else {\n setUser(null);\n }\n }, [fetchUser, session?.idToken]);\n\n const isLoading = authLoading || userLoading;\n const error = authError ?? userError;\n\n // While we are passing a user as a prop _and_ storing it in state,\n // there is the case where the user is not set in the state yet\n // (setState is called but the rerender has not yet happened), but\n // is passed as a prop. In this case, we want to use the prop value.\n // A better solution is to avoid having multiple layers of context.\n // If the user is passed in, we just use that.\n // We should not split user state management across multiple contexts\n const userValue = user ?? inputUser;\n\n return (\n <UserContext.Provider\n value={{\n ...tokens,\n user: userValue,\n isLoading,\n error,\n signIn,\n signOut,\n authStatus,\n displayMode: displayMode || \"iframe\",\n }}\n >\n {children}\n </UserContext.Provider>\n );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n"]}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare const VERSION = "@civic/auth:0.3.
|
|
1
|
+
export declare const VERSION = "@civic/auth:0.3.2-beta.0";
|
|
2
2
|
//# sourceMappingURL=version.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.3.
|
|
1
|
+
{"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.3.2-beta.0\";\n"]}
|
package/dist/esm/types.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { TokenResponseBody } from "oslo/oauth2";
|
|
2
|
-
import type {
|
|
2
|
+
import type { JWTPayload } from "jose";
|
|
3
3
|
type UnknownObject = Record<string, unknown>;
|
|
4
4
|
type EmptyObject = Record<string, never>;
|
|
5
5
|
export declare enum AuthStatus {
|
|
@@ -80,13 +80,6 @@ type ForwardedTokensJWT = Record<string, {
|
|
|
80
80
|
refresh_token?: string;
|
|
81
81
|
scope?: string;
|
|
82
82
|
}>;
|
|
83
|
-
type JWTPayload = JWT["payload"] & {
|
|
84
|
-
iss: string;
|
|
85
|
-
aud: string;
|
|
86
|
-
sub: string;
|
|
87
|
-
iat: number;
|
|
88
|
-
exp: number;
|
|
89
|
-
};
|
|
90
83
|
type IdTokenPayload = JWTPayload & {
|
|
91
84
|
forwardedTokens?: ForwardedTokensJWT;
|
|
92
85
|
email?: string;
|
|
@@ -95,10 +88,7 @@ type IdTokenPayload = JWTPayload & {
|
|
|
95
88
|
nonce: string;
|
|
96
89
|
at_hash: string;
|
|
97
90
|
};
|
|
98
|
-
|
|
99
|
-
payload: IdTokenPayload;
|
|
100
|
-
};
|
|
101
|
-
declare const tokenKeys: string[];
|
|
91
|
+
declare const tokenKeys: readonly ["sub", "idToken", "accessToken", "refreshToken", "forwardedTokens"];
|
|
102
92
|
export type OAuthTokens = {
|
|
103
93
|
idToken?: string;
|
|
104
94
|
accessToken?: string;
|
|
@@ -116,7 +106,7 @@ type BaseUser = {
|
|
|
116
106
|
picture?: string;
|
|
117
107
|
updated_at?: Date;
|
|
118
108
|
};
|
|
119
|
-
type User<T extends
|
|
109
|
+
type User<T extends Record<string, unknown> = Record<string, never>> = BaseUser & (T | BaseUser);
|
|
120
110
|
type OpenIdConfiguration = {
|
|
121
111
|
authorization_endpoint: string;
|
|
122
112
|
claims_parameter_supported: boolean;
|
|
@@ -158,7 +148,7 @@ export type IframeAuthMessage = {
|
|
|
158
148
|
error?: string;
|
|
159
149
|
};
|
|
160
150
|
};
|
|
161
|
-
export type { LoginPostMessage, AuthSessionService, TokenService, UserInfoService, ResourceService, AuthRequest, Tokens, Endpoints, Config, SessionData, OIDCTokenResponseBody, ParsedTokens, BaseUser, User, DisplayMode, UnknownObject, EmptyObject, ForwardedTokens, ForwardedTokensJWT,
|
|
151
|
+
export type { LoginPostMessage, AuthSessionService, TokenService, UserInfoService, ResourceService, AuthRequest, Tokens, Endpoints, Config, SessionData, OIDCTokenResponseBody, ParsedTokens, BaseUser, User, DisplayMode, UnknownObject, EmptyObject, ForwardedTokens, ForwardedTokensJWT, IdTokenPayload, OpenIdConfiguration, };
|
|
162
152
|
export { tokenKeys };
|
|
163
153
|
export interface AuthStorage {
|
|
164
154
|
get(key: string): Promise<string | null>;
|
package/dist/esm/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC,KAAK,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAC7C,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;AAEzC,oBAAY,UAAU;IACpB,aAAa,kBAAkB;IAC/B,eAAe,oBAAoB;IACnC,cAAc,mBAAmB;IACjC,KAAK,UAAU;IACf,WAAW,gBAAgB;CAC5B;AAED,KAAK,WAAW,GAAG,QAAQ,GAAG,UAAU,GAAG,SAAS,GAAG,YAAY,CAAC;AAGpE,UAAU,kBAAkB;IAE1B,oBAAoB,CAClB,gBAAgB,EAAE,MAAM,EACxB,WAAW,EAAE,WAAW,GACvB,IAAI,CAAC;IAER,mBAAmB,CACjB,MAAM,EAAE,MAAM,EAAE,EAChB,mBAAmB,EAAE,WAAW,EAChC,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnB,MAAM,CACJ,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,MAAM,EAAE,EAChB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAEzD,cAAc,IAAI,WAAW,CAAC;IAE9B,iBAAiB,CAAC,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,kBAAkB,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;CAChD;AAGD,UAAU,YAAY;IACpB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IACzD,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC3D;AAGD,UAAU,eAAe;IACvB,WAAW,CAAC,CAAC,SAAS,aAAa,EACjC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,GAAG,IAAI,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;CAC5B;AAGD,UAAU,eAAe;IACvB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7D;AAGD,KAAK,WAAW,GAAG;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,MAAM,GAAG;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,SAAS,CAAC;CACvB,CAAC;AAEF,KAAK,WAAW,GAAG;IACjB,aAAa,EAAE,OAAO,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,qBAAqB,GAAG,iBAAiB,GAAG;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,uBAAuB,CAAC,EAAE,MAAM,CAAC;CAClC,CAAC;AAEF,KAAK,YAAY,GAAG;IAClB,QAAQ,EAAE,UAAU,CAAC;IACrB,YAAY,EAAE,UAAU,CAAC;IACzB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAGF,KAAK,eAAe,GAAG,MAAM,CAC3B,MAAM,EACN;IACE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CACF,CAAC;AAGF,KAAK,kBAAkB,GAAG,MAAM,CAC9B,MAAM,EACN;IACE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CACF,CAAC;AAEF,KAAK,cAAc,GAAG,UAAU,GAAG;IACjC,eAAe,CAAC,EAAE,kBAAkB,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,QAAA,MAAM,SAAS,+EAML,CAAC;AAEX,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,KAAK,MAAM,GAAG;KACX,CAAC,IAAI,CAAC,OAAO,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,iBAAiB,GAC1D,eAAe,GACf,MAAM;CACX,CAAC;AAGF,KAAK,QAAQ,GAAG;IACd,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,IAAI,CAAC;CACnB,CAAC;AAEF,KAAK,IAAI,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IACjE,QAAQ,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC;AAE5B,KAAK,mBAAmB,GAAG;IACzB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,0BAA0B,EAAE,OAAO,CAAC;IACpC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,gCAAgC,EAAE,MAAM,EAAE,CAAC;IAC3C,oBAAoB,EAAE,MAAM,CAAC;IAC7B,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C,EAAE,OAAO,CAAC;IACxD,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,uBAAuB,EAAE,MAAM,EAAE,CAAC;IAClC,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,gDAAgD,EAAE,MAAM,EAAE,CAAC;IAC3D,cAAc,EAAE,MAAM,CAAC;IACvB,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,qCAAqC,EAAE,MAAM,CAAC;IAC9C,2BAA2B,EAAE,OAAO,CAAC;IACrC,+BAA+B,EAAE,OAAO,CAAC;IACzC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAC;CACjC,CAAC;AAEF,KAAK,gBAAgB,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,MAAM,EAAE,eAAe,CAAC;IACxB,IAAI,EAAE,YAAY,GAAG,sBAAsB,CAAC;IAC5C,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH,CAAC;AAEF,YAAY,EACV,gBAAgB,EAChB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,eAAe,EACf,WAAW,EACX,MAAM,EACN,SAAS,EACT,MAAM,EACN,WAAW,EACX,qBAAqB,EACrB,YAAY,EACZ,QAAQ,EACR,IAAI,EACJ,WAAW,EACX,aAAa,EACb,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,cAAc,EACd,mBAAmB,GACpB,CAAC;AACF,OAAO,EAAE,SAAS,EAAE,CAAC;AACrB,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpC;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,OAAO,CAAC"}
|
package/dist/esm/types.js
CHANGED
package/dist/esm/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAMA,MAAM,CAAN,IAAY,UAMX;AAND,WAAY,UAAU;IACpB,6CAA+B,CAAA;IAC/B,iDAAmC,CAAA;IACnC,+CAAiC,CAAA;IACjC,6BAAe,CAAA;IACf,yCAA2B,CAAA;AAC7B,CAAC,EANW,UAAU,KAAV,UAAU,QAMrB;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAMA,MAAM,CAAN,IAAY,UAMX;AAND,WAAY,UAAU;IACpB,6CAA+B,CAAA;IAC/B,iDAAmC,CAAA;IACnC,+CAAiC,CAAA;IACjC,6BAAe,CAAA;IACf,yCAA2B,CAAA;AAC7B,CAAC,EANW,UAAU,KAAV,UAAU,QAMrB;AAgID,MAAM,SAAS,GAAG;IAChB,KAAK;IACL,SAAS;IACT,aAAa;IACb,cAAc;IACd,iBAAiB;CACT,CAAC;AA+FX,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import type { TokenResponseBody } from \"oslo/oauth2\";\nimport type { JWTPayload } from \"jose\";\n\ntype UnknownObject = Record<string, unknown>;\ntype EmptyObject = Record<string, never>;\n\nexport enum AuthStatus {\n AUTHENTICATED = \"authenticated\",\n UNAUTHENTICATED = \"unauthenticated\",\n AUTHENTICATING = \"authenticating\",\n ERROR = \"error\",\n SIGNING_OUT = \"signing_out\",\n}\n// Display modes for the auth flow\ntype DisplayMode = \"iframe\" | \"redirect\" | \"new_tab\" | \"custom_tab\";\n\n// Combined Auth and Session Service\ninterface AuthSessionService {\n // TODO DK NOTES: Should be in BrowserAuthSessionService, not relevant on backend\n loadAuthorizationUrl(\n authorizationURL: string,\n displayMode: DisplayMode,\n ): void;\n // TODO DK NOTES: overrideDisplayMode parameter not appropriate here - also - do we need both this and the above in the interface?\n getAuthorizationUrl(\n scopes: string[],\n overrideDisplayMode: DisplayMode,\n nonce?: string,\n ): Promise<string>;\n // TODO DK NOTES: display mode should be in browser version only. Also, do we need this and the above two in the top-level interface?\n signIn(\n displayMode: DisplayMode,\n scopes: string[],\n nonce?: string,\n ): Promise<void>;\n // TODO DK NOTES: Input should be an auth code - do not assume it comes via an url\n tokenExchange(responseUrl: string): Promise<SessionData>;\n // TODO DK NOTES: Should be async for flexibility\n getSessionData(): SessionData;\n // TODO DK NOTES: Should be async for flexibility\n updateSessionData(data: SessionData): void;\n getUserInfoService(): Promise<UserInfoService>;\n}\n\n// Token Service\ninterface TokenService {\n exchangeCodeForTokens(authCode: string): Promise<Tokens>;\n validateIdToken(idToken: string, nonce: string): boolean;\n refreshAccessToken(refreshToken: string): Promise<Tokens>;\n}\n\n// User Info Service\ninterface UserInfoService {\n getUserInfo<T extends UnknownObject>(\n accessToken: string,\n idToken: string | null,\n ): Promise<User<T> | null>;\n}\n\n// Resource Service\ninterface ResourceService {\n getProtectedResource(accessToken: string): Promise<unknown>;\n}\n\n// Auth Request (for internal use in AuthSessionService)\ntype AuthRequest = {\n clientId: string;\n redirectUri: string;\n state: string;\n nonce: string;\n scope: string;\n};\n\ntype Endpoints = {\n jwks: string;\n auth: string;\n token: string;\n userinfo: string;\n challenge?: string;\n endsession: string;\n};\n\ntype Config = {\n oauthServer: string;\n endpoints?: Endpoints;\n};\n\ntype SessionData = {\n authenticated: boolean; // TODO can this be inferred from the presence of the tokens?\n state?: string;\n accessToken?: string;\n refreshToken?: string;\n idToken?: string;\n accessTokenExpiresAt?: number;\n codeVerifier?: string;\n displayMode?: DisplayMode;\n openerUrl?: string;\n};\n\ntype OIDCTokenResponseBody = TokenResponseBody & {\n id_token: string;\n access_token_expires_at?: number;\n};\n\ntype ParsedTokens = {\n id_token: JWTPayload;\n access_token: JWTPayload;\n refresh_token?: string;\n};\n\n// The format we expose to the frontend via hooks\ntype ForwardedTokens = Record<\n string,\n {\n idToken?: string;\n accessToken?: string;\n refreshToken?: string;\n }\n>;\n\n// The format in the JWT payload\ntype ForwardedTokensJWT = Record<\n string,\n {\n id_token?: string;\n access_token?: string;\n refresh_token?: string;\n scope?: string;\n }\n>;\n\ntype IdTokenPayload = JWTPayload & {\n forwardedTokens?: ForwardedTokensJWT;\n email?: string;\n name?: string;\n picture?: string;\n nonce: string;\n at_hash: string;\n};\n\nconst tokenKeys = [\n \"sub\",\n \"idToken\",\n \"accessToken\",\n \"refreshToken\",\n \"forwardedTokens\",\n] as const;\n\nexport type OAuthTokens = {\n idToken?: string;\n accessToken?: string;\n refreshToken?: string;\n};\n// Derive the Tokens type from the array\ntype Tokens = {\n [K in (typeof tokenKeys)[number]]: K extends \"forwardedTokens\"\n ? ForwardedTokens\n : string;\n};\n\n// Base user interface\ntype BaseUser = {\n id: string;\n email?: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n picture?: string;\n updated_at?: Date;\n};\n\ntype User<T extends Record<string, unknown> = Record<string, never>> =\n BaseUser & (T | BaseUser);\n\ntype OpenIdConfiguration = {\n authorization_endpoint: string;\n claims_parameter_supported: boolean;\n claims_supported: string[];\n code_challenge_methods_supported: string[];\n end_session_endpoint: string;\n grant_types_supported: string[];\n issuer: string;\n jwks_uri: string;\n authorization_response_iss_parameter_supported: boolean;\n response_modes_supported: string[];\n response_types_supported: string[];\n scopes_supported: string[];\n subject_types_supported: string[];\n token_endpoint_auth_methods_supported: string[];\n token_endpoint_auth_signing_alg_values_supported: string[];\n token_endpoint: string;\n id_token_signing_alg_values_supported: string[];\n pushed_authorization_request_endpoint: string;\n request_parameter_supported: boolean;\n request_uri_parameter_supported: boolean;\n userinfo_endpoint: string;\n claim_types_supported: string[];\n};\n\ntype LoginPostMessage = {\n source: string;\n type: string;\n clientId: string;\n data: {\n url: string;\n };\n};\n\nexport type IframeAuthMessage = {\n source: \"civicloginApp\";\n type: \"auth_error\" | \"auth_error_try_again\";\n clientId: string;\n data: {\n url?: string;\n error?: string;\n };\n};\n\nexport type {\n LoginPostMessage,\n AuthSessionService,\n TokenService,\n UserInfoService,\n ResourceService,\n AuthRequest,\n Tokens,\n Endpoints,\n Config,\n SessionData,\n OIDCTokenResponseBody,\n ParsedTokens,\n BaseUser,\n User,\n DisplayMode,\n UnknownObject,\n EmptyObject,\n ForwardedTokens,\n ForwardedTokensJWT,\n IdTokenPayload,\n OpenIdConfiguration,\n};\nexport { tokenKeys };\nexport interface AuthStorage {\n get(key: string): Promise<string | null>;\n set(key: string, value: string): Promise<void>;\n delete(key: string): Promise<void>;\n}\n\nexport type IframeMode = \"embedded\" | \"modal\";\n"]}
|