@civic/auth 0.3.1 → 0.3.2-beta.1

package/dist/src/shared/hooks/useIsInIframe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useIsInIframe.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useIsInIframe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAE5C,MAAM,aAAa,GAAG,GAAG,EAAE;IACzB,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACnD,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,MAAM,aAAa,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC1D,aAAa,CAAC,aAAa,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAC;IACP,OAAO,UAAU,CAAC;AACpB,CAAC,CAAC;AACF,OAAO,EAAE,aAAa,EAAE,CAAC","sourcesContent":["import { isWindowInIframe } from \"@/lib/windowUtil.js\";\nimport { useEffect, useState } from \"react\";\n\nconst useIsInIframe = () => {\n  const [isInIframe, setIsInIframe] = useState(true);\n  useEffect(() => {\n    if (typeof globalThis.window !== \"undefined\") {\n      const isInIframeVal = isWindowInIframe(globalThis.window);\n      setIsInIframe(isInIframeVal);\n    }\n  }, []);\n  return isInIframe;\n};\nexport { useIsInIframe };\n"]}

package/dist/src/shared/hooks/useOAuthEndpoints.d.ts

@@ -0,0 +1,4 @@
+import type { Endpoints } from "@/types.js";
+declare const useOAuthEndpoints: (oauthServer?: string) => Endpoints | null;
+export { useOAuthEndpoints };
+//# sourceMappingURL=useOAuthEndpoints.d.ts.map

package/dist/src/shared/hooks/useOAuthEndpoints.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useOAuthEndpoints.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useOAuthEndpoints.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAG5C,QAAA,MAAM,iBAAiB,iBAAkB,MAAM,qBAW9C,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,CAAC"}

package/dist/src/shared/hooks/useOAuthEndpoints.js

@@ -0,0 +1,14 @@
+import { DEFAULT_AUTH_SERVER } from "@/constants.js";
+import { getOauthEndpoints } from "@/lib/oauth.js";
+import { useEffect, useState } from "react";
+const useOAuthEndpoints = (oauthServer) => {
+    const [endpoints, setEndpoints] = useState(null);
+    useEffect(() => {
+        getOauthEndpoints(oauthServer || DEFAULT_AUTH_SERVER).then((retrievedEndpoints) => {
+            setEndpoints(retrievedEndpoints);
+        });
+    }, [oauthServer]);
+    return endpoints;
+};
+export { useOAuthEndpoints };
+//# sourceMappingURL=useOAuthEndpoints.js.map

package/dist/src/shared/hooks/useOAuthEndpoints.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useOAuthEndpoints.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useOAuthEndpoints.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAEnD,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAE5C,MAAM,iBAAiB,GAAG,CAAC,WAAoB,EAAE,EAAE;IACjD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAmB,IAAI,CAAC,CAAC;IACnE,SAAS,CAAC,GAAG,EAAE;QACb,iBAAiB,CAAC,WAAW,IAAI,mBAAmB,CAAC,CAAC,IAAI,CACxD,CAAC,kBAAkB,EAAE,EAAE;YACrB,YAAY,CAAC,kBAAkB,CAAC,CAAC;QACnC,CAAC,CACF,CAAC;IACJ,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAElB,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,CAAC","sourcesContent":["import { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\nimport { getOauthEndpoints } from \"@/lib/oauth.js\";\nimport type { Endpoints } from \"@/types.js\";\nimport { useEffect, useState } from \"react\";\n\nconst useOAuthEndpoints = (oauthServer?: string) => {\n  const [endpoints, setEndpoints] = useState<Endpoints | null>(null);\n  useEffect(() => {\n    getOauthEndpoints(oauthServer || DEFAULT_AUTH_SERVER).then(\n      (retrievedEndpoints) => {\n        setEndpoints(retrievedEndpoints);\n      },\n    );\n  }, [oauthServer]);\n\n  return endpoints;\n};\n\nexport { useOAuthEndpoints };\n"]}

package/dist/src/shared/hooks/useRefresh.d.ts

@@ -0,0 +1,4 @@
+import type { SessionData } from "@/types.js";
+declare const useRefresh: (session: SessionData | null) => void;
+export { useRefresh };
+//# sourceMappingURL=useRefresh.d.ts.map

package/dist/src/shared/hooks/useRefresh.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useRefresh.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useRefresh.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C,QAAA,MAAM,UAAU,YAAa,WAAW,GAAG,IAAI,SAuC9C,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC"}

package/dist/src/shared/hooks/useRefresh.js

@@ -0,0 +1,38 @@
+import { LocalStorageAdapter } from "@/browser/storage.js";
+import { useEffect, useMemo, useState } from "react";
+import { GenericAuthenticationRefresher } from "../lib/GenericAuthenticationRefresher.js";
+import { useCivicAuthConfig } from "./useCivicAuthConfig.js";
+const useRefresh = (session) => {
+    const authConfig = useCivicAuthConfig();
+    const storage = useMemo(() => new LocalStorageAdapter(), []);
+    // setup token autorefresh
+    const [refresher, setRefresher] = useState(undefined);
+    useEffect(() => {
+        if (!authConfig)
+            return;
+        const abortController = new AbortController();
+        const currentRefresher = refresher;
+        GenericAuthenticationRefresher.build({ ...authConfig }, storage).then((newRefresher) => {
+            if (abortController.signal.aborted)
+                return;
+            currentRefresher?.clearAutorefresh();
+            setRefresher(newRefresher);
+        });
+        return () => {
+            abortController.abort();
+            currentRefresher?.clearAutorefresh();
+        };
+        // eslint-disable-next-line react-hooks/exhaustive-deps
+    }, [authConfig, storage]); // Only depend on what actually changes
+    useEffect(() => {
+        if (session?.authenticated) {
+            refresher?.setupAutorefresh();
+        }
+        else {
+            refresher?.clearAutorefresh();
+        }
+        return () => refresher?.clearAutorefresh();
+    }, [refresher, session?.authenticated]);
+};
+export { useRefresh };
+//# sourceMappingURL=useRefresh.js.map

package/dist/src/shared/hooks/useRefresh.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useRefresh.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useRefresh.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACrD,OAAO,EAAE,8BAA8B,EAAE,MAAM,0CAA0C,CAAC;AAC1F,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAG7D,MAAM,UAAU,GAAG,CAAC,OAA2B,EAAE,EAAE;IACjD,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;IACxC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC,IAAI,mBAAmB,EAAE,EAAE,EAAE,CAAC,CAAC;IAE7D,0BAA0B;IAC1B,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAExC,SAAS,CAAC,CAAC;IAEb,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU;YAAE,OAAO;QACxB,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAC9C,MAAM,gBAAgB,GAAG,SAAS,CAAC;QAEnC,8BAA8B,CAAC,KAAK,CAAC,EAAE,GAAG,UAAU,EAAE,EAAE,OAAO,CAAC,CAAC,IAAI,CACnE,CAAC,YAAY,EAAE,EAAE;YACf,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO;gBAAE,OAAO;YAE3C,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;YACrC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC7B,CAAC,CACF,CAAC;QAEF,OAAO,GAAG,EAAE;YACV,eAAe,CAAC,KAAK,EAAE,CAAC;YACxB,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;QACvC,CAAC,CAAC;QACF,uDAAuD;IACzD,CAAC,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAElE,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,aAAa,EAAE,CAAC;YAC3B,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;QAED,OAAO,GAAG,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,CAAC;IAC7C,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;AAC1C,CAAC,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC","sourcesContent":["import { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { useEffect, useMemo, useState } from \"react\";\nimport { GenericAuthenticationRefresher } from \"../lib/GenericAuthenticationRefresher.js\";\nimport { useCivicAuthConfig } from \"./useCivicAuthConfig.js\";\nimport type { SessionData } from \"@/types.js\";\n\nconst useRefresh = (session: SessionData | null) => {\n  const authConfig = useCivicAuthConfig();\n  const storage = useMemo(() => new LocalStorageAdapter(), []);\n\n  // setup token autorefresh\n  const [refresher, setRefresher] = useState<\n    GenericAuthenticationRefresher | undefined\n  >(undefined);\n\n  useEffect(() => {\n    if (!authConfig) return;\n    const abortController = new AbortController();\n    const currentRefresher = refresher;\n\n    GenericAuthenticationRefresher.build({ ...authConfig }, storage).then(\n      (newRefresher) => {\n        if (abortController.signal.aborted) return;\n\n        currentRefresher?.clearAutorefresh();\n        setRefresher(newRefresher);\n      },\n    );\n\n    return () => {\n      abortController.abort();\n      currentRefresher?.clearAutorefresh();\n    };\n    // eslint-disable-next-line react-hooks/exhaustive-deps\n  }, [authConfig, storage]); // Only depend on what actually changes\n\n  useEffect(() => {\n    if (session?.authenticated) {\n      refresher?.setupAutorefresh();\n    } else {\n      refresher?.clearAutorefresh();\n    }\n\n    return () => refresher?.clearAutorefresh();\n  }, [refresher, session?.authenticated]);\n};\n\nexport { useRefresh };\n"]}

package/dist/src/shared/hooks/useSession.d.ts

@@ -0,0 +1,3 @@
+declare const useSession: () => import("@/shared/providers/SessionProvider.js").SessionProviderOutput;
+export { useSession };
+//# sourceMappingURL=useSession.d.ts.map

package/dist/src/shared/hooks/useSession.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useSession.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useSession.ts"],"names":[],"mappings":"AAKA,QAAA,MAAM,UAAU,6EAMf,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC"}

package/dist/src/shared/hooks/useSession.js

@@ -0,0 +1,13 @@
+"use client";
+import { useContext } from "react";
+import { SessionContext } from "@/shared/providers/SessionProvider.js";
+// TokenProvider will use this internal context to access session
+const useSession = () => {
+    const context = useContext(SessionContext);
+    if (!context) {
+        throw new Error("useSession must be used within an SessionProvider");
+    }
+    return context;
+};
+export { useSession };
+//# sourceMappingURL=useSession.js.map

package/dist/src/shared/hooks/useSession.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useSession.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useSession.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,cAAc,EAAE,MAAM,uCAAuC,CAAC;AAEvE,iEAAiE;AACjE,MAAM,UAAU,GAAG,GAAG,EAAE;IACtB,MAAM,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { SessionContext } from \"@/shared/providers/SessionProvider.js\";\n\n// TokenProvider will use this internal context to access session\nconst useSession = () => {\n  const context = useContext(SessionContext);\n  if (!context) {\n    throw new Error(\"useSession must be used within an SessionProvider\");\n  }\n  return context;\n};\n\nexport { useSession };\n"]}

package/dist/src/shared/hooks/useSignIn.d.ts

@@ -0,0 +1,15 @@
+import type { DisplayMode } from "@/types.js";
+import { type PKCEConsumer } from "@/services/types.js";
+type SignInProps = {
+    pkceConsumer?: PKCEConsumer;
+    preSignOut?: () => Promise<void>;
+    postSignOut?: () => Promise<void>;
+    displayMode: DisplayMode;
+};
+declare const useSignIn: ({ pkceConsumer, preSignOut, postSignOut, displayMode, }: SignInProps) => {
+    signIn: () => Promise<void>;
+    signOut: () => Promise<void>;
+    displayMode: DisplayMode;
+};
+export { useSignIn };
+//# sourceMappingURL=useSignIn.d.ts.map

package/dist/src/shared/hooks/useSignIn.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useSignIn.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAG9C,OAAO,EAAc,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAKpE,KAAK,WAAW,GAAG;IACjB,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IACjC,WAAW,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAClC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AACF,QAAA,MAAM,SAAS,4DAKZ,WAAW;kBAkEyB,OAAO,CAAC,IAAI,CAAC;;;CAsEnD,CAAC;AACF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/src/shared/hooks/useSignIn.js

@@ -0,0 +1,126 @@
+import { BrowserAuthenticationInitiator } from "@/services/AuthenticationService.js";
+import { BrowserPublicClientPKCEProducer } from "@/services/PKCE.js";
+import { useCivicAuthConfig } from "@/shared/hooks/useCivicAuthConfig.js";
+import { useIframe } from "@/shared/hooks/useIframe.js";
+import { useCallback, useEffect, useMemo } from "react";
+import { PopupError } from "@/services/types.js";
+import { useSession } from "./useSession.js";
+import { LocalStorageAdapter } from "@/browser/storage.js";
+import { clearTokens, clearUser } from "../lib/util.js";
+const useSignIn = ({ pkceConsumer, preSignOut, postSignOut, displayMode, }) => {
+    const civicAuthConfig = useCivicAuthConfig();
+    const { iframeRef, logoutIframeRef, setIframeIsVisible, setLogoutIframeIsVisible, } = useIframe();
+    const { data: session } = useSession();
+    const authInitiator = useMemo(() => {
+        if (!civicAuthConfig) {
+            return null;
+        }
+        const { clientId, redirectUrl, logoutUrl, logoutRedirectUrl, nonce, oauthServer, endpoints, scopes, } = civicAuthConfig;
+        return new BrowserAuthenticationInitiator({
+            pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side
+            clientId,
+            redirectUrl,
+            logoutUrl,
+            logoutRedirectUrl,
+            scopes,
+            displayMode,
+            oauthServer,
+            endpointOverrides: endpoints,
+            nonce,
+        });
+    }, [civicAuthConfig, displayMode, pkceConsumer]);
+    useEffect(() => {
+        return () => {
+            if (authInitiator) {
+                authInitiator.cleanup();
+            }
+        };
+    }, [authInitiator]);
+    // This effect is used to clear the tokens and user when the user signs out after a redirect
+    useEffect(() => {
+        const params = new URLSearchParams(window.location.search);
+        const state = params.get("state");
+        const localStorage = new LocalStorageAdapter();
+        localStorage.get("logout_state").then((storedLogoutState) => {
+            if (state && state === storedLogoutState) {
+                // Clear storage
+                clearTokens(localStorage);
+                clearUser(localStorage);
+                LocalStorageAdapter.emitter.emit("signOut");
+                // Clean up storage and URL
+                sessionStorage.removeItem("logout_state");
+                const cleanUrl = window.location.href.split("?")[0];
+                window.history.replaceState({}, document.title, cleanUrl);
+            }
+        });
+    }, []);
+    const signIn = useCallback(async () => {
+        if (!authInitiator)
+            return;
+        authInitiator.setDisplayMode(displayMode);
+        if (displayMode === "iframe") {
+            setIframeIsVisible(true);
+        }
+        const useIframeRef = iframeRef?.current || null;
+        await authInitiator.signIn(useIframeRef).catch((error) => {
+            console.log("signIn error", {
+                error,
+                isPopupError: error instanceof PopupError,
+            });
+            // if we've tried to open a popup and it has failed, then fallback to redirect mode
+            if (error instanceof PopupError) {
+                setIframeIsVisible(false); // hide the iframe
+                authInitiator.cleanup(); // clear any event listeners from before
+                authInitiator.setDisplayMode("redirect"); // switch to redirect mode
+                authInitiator.signIn(useIframeRef); // retry the sign in
+            }
+        });
+    }, [authInitiator, displayMode, iframeRef, setIframeIsVisible]);
+    const signOut = useCallback(async () => {
+        const idToken = session?.idToken;
+        if (!authInitiator)
+            return;
+        if (displayMode === "iframe") {
+            setIframeIsVisible(false);
+            setLogoutIframeIsVisible(true);
+        }
+        try {
+            await preSignOut?.();
+            const useIframeRef = logoutIframeRef?.current || null;
+            await authInitiator.signOut(idToken, useIframeRef).catch((error) => {
+                console.log("signOut error", {
+                    error,
+                    isPopupError: error instanceof PopupError,
+                });
+                // Same popup fallback as signIn
+                if (error instanceof PopupError) {
+                    setLogoutIframeIsVisible(false);
+                    authInitiator.cleanup();
+                    authInitiator.setDisplayMode("redirect");
+                    authInitiator.signOut(idToken, useIframeRef);
+                }
+            });
+        }
+        catch (error) {
+            console.error("Signout error:", error);
+        }
+        setLogoutIframeIsVisible(false);
+        await postSignOut?.();
+    }, [
+        session?.idToken,
+        authInitiator,
+        displayMode,
+        setLogoutIframeIsVisible,
+        postSignOut,
+        setIframeIsVisible,
+        preSignOut,
+        logoutIframeRef,
+    ]);
+    return {
+        signIn,
+        signOut,
+        displayMode,
+    };
+};
+export { useSignIn };
+//# sourceMappingURL=useSignIn.js.map

package/dist/src/shared/hooks/useSignIn.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAE1E,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AACxD,OAAO,EAAE,UAAU,EAAqB,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAQxD,MAAM,SAAS,GAAG,CAAC,EACjB,YAAY,EACZ,UAAU,EACV,WAAW,EACX,WAAW,GACC,EAAE,EAAE;IAChB,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;IAC7C,MAAM,EACJ,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,wBAAwB,GACzB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IAEvC,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,EAAE;QACjC,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,SAAS,EACT,iBAAiB,EACjB,KAAK,EACL,WAAW,EACX,SAAS,EACT,MAAM,GACP,GAAG,eAAe,CAAC;QACpB,OAAO,IAAI,8BAA8B,CAAC;YACxC,YAAY,EAAE,YAAY,IAAI,IAAI,+BAA+B,EAAE,EAAE,kDAAkD;YACvH,QAAQ;YACR,WAAW;YACX,SAAS;YACT,iBAAiB;YACjB,MAAM;YACN,WAAW;YACX,WAAW;YACX,iBAAiB,EAAE,SAAS;YAC5B,KAAK;SACN,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC;IAEjD,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,EAAE,CAAC;YAC1B,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,4FAA4F;IAC5F,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YAC1D,IAAI,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;gBACzC,gBAAgB;gBAChB,WAAW,CAAC,YAAY,CAAC,CAAC;gBAC1B,SAAS,CAAC,YAAY,CAAC,CAAC;gBACxB,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAE5C,2BAA2B;gBAC3B,cAAc,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;gBAC1C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACnD,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QACD,MAAM,YAAY,GAAG,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;QAChD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACvD,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE;gBAC1B,KAAK;gBACL,YAAY,EAAE,KAAK,YAAY,UAAU;aAC1C,CAAC,CAAC;YACH,mFAAmF;YACnF,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;gBAC7C,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,wCAAwC;gBACjE,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,0BAA0B;gBACpE,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,oBAAoB;YAC1D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAEhE,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QACjC,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,EAAE,EAAE,CAAC;YAErB,MAAM,YAAY,GAAG,eAAe,EAAE,OAAO,IAAI,IAAI,CAAC;YACtD,MAAM,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE;oBAC3B,KAAK;oBACL,YAAY,EAAE,KAAK,YAAY,UAAU;iBAC1C,CAAC,CAAC;gBACH,gCAAgC;gBAChC,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;oBAChC,wBAAwB,CAAC,KAAK,CAAC,CAAC;oBAChC,aAAa,CAAC,OAAO,EAAE,CAAC;oBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBACzC,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;QACzC,CAAC;QACD,wBAAwB,CAAC,KAAK,CAAC,CAAC;QAChC,MAAM,WAAW,EAAE,EAAE,CAAC;IACxB,CAAC,EAAE;QACD,OAAO,EAAE,OAAO;QAChB,aAAa;QACb,WAAW;QACX,wBAAwB;QACxB,WAAW;QACX,kBAAkB;QAClB,UAAU;QACV,eAAe;KAChB,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;KACZ,CAAC;AACJ,CAAC,CAAC;AACF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import { BrowserAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport type { DisplayMode } from \"@/types.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCallback, useEffect, useMemo } from \"react\";\nimport { PopupError, type PKCEConsumer } from \"@/services/types.js\";\nimport { useSession } from \"./useSession.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { clearTokens, clearUser } from \"../lib/util.js\";\n\ntype SignInProps = {\n  pkceConsumer?: PKCEConsumer;\n  preSignOut?: () => Promise<void>;\n  postSignOut?: () => Promise<void>;\n  displayMode: DisplayMode;\n};\nconst useSignIn = ({\n  pkceConsumer,\n  preSignOut,\n  postSignOut,\n  displayMode,\n}: SignInProps) => {\n  const civicAuthConfig = useCivicAuthConfig();\n  const {\n    iframeRef,\n    logoutIframeRef,\n    setIframeIsVisible,\n    setLogoutIframeIsVisible,\n  } = useIframe();\n  const { data: session } = useSession();\n\n  const authInitiator = useMemo(() => {\n    if (!civicAuthConfig) {\n      return null;\n    }\n    const {\n      clientId,\n      redirectUrl,\n      logoutUrl,\n      logoutRedirectUrl,\n      nonce,\n      oauthServer,\n      endpoints,\n      scopes,\n    } = civicAuthConfig;\n    return new BrowserAuthenticationInitiator({\n      pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side\n      clientId,\n      redirectUrl,\n      logoutUrl,\n      logoutRedirectUrl,\n      scopes,\n      displayMode,\n      oauthServer,\n      endpointOverrides: endpoints,\n      nonce,\n    });\n  }, [civicAuthConfig, displayMode, pkceConsumer]);\n\n  useEffect(() => {\n    return () => {\n      if (authInitiator) {\n        authInitiator.cleanup();\n      }\n    };\n  }, [authInitiator]);\n\n  // This effect is used to clear the tokens and user when the user signs out after a redirect\n  useEffect(() => {\n    const params = new URLSearchParams(window.location.search);\n    const state = params.get(\"state\");\n    const localStorage = new LocalStorageAdapter();\n    localStorage.get(\"logout_state\").then((storedLogoutState) => {\n      if (state && state === storedLogoutState) {\n        // Clear storage\n        clearTokens(localStorage);\n        clearUser(localStorage);\n        LocalStorageAdapter.emitter.emit(\"signOut\");\n\n        // Clean up storage and URL\n        sessionStorage.removeItem(\"logout_state\");\n        const cleanUrl = window.location.href.split(\"?\")[0];\n        window.history.replaceState({}, document.title, cleanUrl);\n      }\n    });\n  }, []);\n\n  const signIn = useCallback(async (): Promise<void> => {\n    if (!authInitiator) return;\n\n    authInitiator.setDisplayMode(displayMode);\n    if (displayMode === \"iframe\") {\n      setIframeIsVisible(true);\n    }\n    const useIframeRef = iframeRef?.current || null;\n    await authInitiator.signIn(useIframeRef).catch((error) => {\n      console.log(\"signIn error\", {\n        error,\n        isPopupError: error instanceof PopupError,\n      });\n      // if we've tried to open a popup and it has failed, then fallback to redirect mode\n      if (error instanceof PopupError) {\n        setIframeIsVisible(false); // hide the iframe\n        authInitiator.cleanup(); // clear any event listeners from before\n        authInitiator.setDisplayMode(\"redirect\"); // switch to redirect mode\n        authInitiator.signIn(useIframeRef); // retry the sign in\n      }\n    });\n  }, [authInitiator, displayMode, iframeRef, setIframeIsVisible]);\n\n  const signOut = useCallback(async () => {\n    const idToken = session?.idToken;\n    if (!authInitiator) return;\n\n    if (displayMode === \"iframe\") {\n      setIframeIsVisible(false);\n      setLogoutIframeIsVisible(true);\n    }\n\n    try {\n      await preSignOut?.();\n\n      const useIframeRef = logoutIframeRef?.current || null;\n      await authInitiator.signOut(idToken, useIframeRef).catch((error) => {\n        console.log(\"signOut error\", {\n          error,\n          isPopupError: error instanceof PopupError,\n        });\n        // Same popup fallback as signIn\n        if (error instanceof PopupError) {\n          setLogoutIframeIsVisible(false);\n          authInitiator.cleanup();\n          authInitiator.setDisplayMode(\"redirect\");\n          authInitiator.signOut(idToken, useIframeRef);\n        }\n      });\n    } catch (error) {\n      console.error(\"Signout error:\", error);\n    }\n    setLogoutIframeIsVisible(false);\n    await postSignOut?.();\n  }, [\n    session?.idToken,\n    authInitiator,\n    displayMode,\n    setLogoutIframeIsVisible,\n    postSignOut,\n    setIframeIsVisible,\n    preSignOut,\n    logoutIframeRef,\n  ]);\n\n  return {\n    signIn,\n    signOut,\n    displayMode,\n  };\n};\nexport { useSignIn };\n"]}

package/dist/src/shared/hooks/useToken.d.ts

@@ -0,0 +1,3 @@
+declare const useToken: () => import("@/shared/providers/TokenProvider.js").TokenContextType;
+export { useToken };
+//# sourceMappingURL=useToken.d.ts.map

package/dist/src/shared/hooks/useToken.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useToken.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useToken.ts"],"names":[],"mappings":"AAIA,QAAA,MAAM,QAAQ,sEAQb,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,CAAC"}

package/dist/src/shared/hooks/useToken.js

@@ -0,0 +1,12 @@
+"use client";
+import { useContext } from "react";
+import { TokenContext } from "@/shared/providers/TokenProvider.js";
+const useToken = () => {
+    const context = useContext(TokenContext);
+    if (!context) {
+        throw new Error("useToken must be used within a TokenProvider");
+    }
+    return context;
+};
+export { useToken };
+//# sourceMappingURL=useToken.js.map

package/dist/src/shared/hooks/useToken.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useToken.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useToken.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,qCAAqC,CAAC;AAEnE,MAAM,QAAQ,GAAG,GAAG,EAAE;IACpB,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IAEzC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { TokenContext } from \"@/shared/providers/TokenProvider.js\";\n\nconst useToken = () => {\n  const context = useContext(TokenContext);\n\n  if (!context) {\n    throw new Error(\"useToken must be used within a TokenProvider\");\n  }\n\n  return context;\n};\n\nexport { useToken };\n"]}

package/dist/src/shared/hooks/useWindowFocused.d.ts

@@ -0,0 +1,5 @@
+declare const useWindowFocused: () => {
+    isWindowFocused: boolean;
+};
+export { useWindowFocused };
+//# sourceMappingURL=useWindowFocused.d.ts.map

package/dist/src/shared/hooks/useWindowFocused.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useWindowFocused.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useWindowFocused.ts"],"names":[],"mappings":"AAEA,QAAA,MAAM,gBAAgB;;CAmBrB,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC"}

package/dist/src/shared/hooks/useWindowFocused.js

@@ -0,0 +1,21 @@
+import { useEffect, useState } from "react";
+const useWindowFocused = () => {
+    const [isWindowFocused, setIsWindowFocused] = useState(true);
+    useEffect(() => {
+        const handleFocus = () => {
+            setIsWindowFocused(true);
+        };
+        const handleBlur = () => {
+            setIsWindowFocused(false);
+        };
+        window.addEventListener("focus", handleFocus);
+        window.addEventListener("blur", handleBlur);
+        return () => {
+            window.removeEventListener("focus", handleFocus);
+            window.removeEventListener("blur", handleBlur);
+        };
+    }, []);
+    return { isWindowFocused };
+};
+export { useWindowFocused };
+//# sourceMappingURL=useWindowFocused.js.map

package/dist/src/shared/hooks/useWindowFocused.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useWindowFocused.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useWindowFocused.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAE5C,MAAM,gBAAgB,GAAG,GAAG,EAAE;IAC5B,MAAM,CAAC,eAAe,EAAE,kBAAkB,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7D,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,WAAW,GAAG,GAAG,EAAE;YACvB,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC,CAAC;QAEF,MAAM,UAAU,GAAG,GAAG,EAAE;YACtB,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC5B,CAAC,CAAC;QACF,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC9C,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAE5C,OAAO,GAAG,EAAE;YACV,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YACjD,MAAM,CAAC,mBAAmB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QACjD,CAAC,CAAC;IACJ,CAAC,EAAE,EAAE,CAAC,CAAC;IACP,OAAO,EAAE,eAAe,EAAE,CAAC;AAC7B,CAAC,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC","sourcesContent":["import { useEffect, useState } from \"react\";\n\nconst useWindowFocused = () => {\n  const [isWindowFocused, setIsWindowFocused] = useState(true);\n  useEffect(() => {\n    const handleFocus = () => {\n      setIsWindowFocused(true);\n    };\n\n    const handleBlur = () => {\n      setIsWindowFocused(false);\n    };\n    window.addEventListener(\"focus\", handleFocus);\n    window.addEventListener(\"blur\", handleBlur);\n\n    return () => {\n      window.removeEventListener(\"focus\", handleFocus);\n      window.removeEventListener(\"blur\", handleBlur);\n    };\n  }, []);\n  return { isWindowFocused };\n};\nexport { useWindowFocused };\n"]}

package/dist/src/shared/index.d.ts

@@ -0,0 +1,5 @@
+import { VERSION } from "./version.js";
+export { VERSION };
+export declare const getVersion: () => string;
+export declare const printVersion: () => void;
+//# sourceMappingURL=index.d.ts.map

package/dist/src/shared/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,CAAC;AAEnB,eAAO,MAAM,UAAU,cAAgB,CAAC;AAExC,eAAO,MAAM,YAAY,YAWxB,CAAC"}

package/dist/src/shared/index.js

@@ -0,0 +1,16 @@
+import { VERSION } from "./version.js";
+export { VERSION };
+let versionPrinted = false;
+export const getVersion = () => VERSION;
+// print the version to the browser
+export const printVersion = () => {
+    if (!versionPrinted) {
+        versionPrinted = true;
+        if (getVersion() &&
+            typeof window !== "undefined" &&
+            typeof document !== "undefined") {
+            console.log(getVersion());
+        }
+    }
+};
+//# sourceMappingURL=index.js.map

package/dist/src/shared/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,CAAC;AACnB,IAAI,cAAc,GAAG,KAAK,CAAC;AAC3B,MAAM,CAAC,MAAM,UAAU,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC;AACxC,mCAAmC;AACnC,MAAM,CAAC,MAAM,YAAY,GAAG,GAAG,EAAE;IAC/B,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,cAAc,GAAG,IAAI,CAAC;QACtB,IACE,UAAU,EAAE;YACZ,OAAO,MAAM,KAAK,WAAW;YAC7B,OAAO,QAAQ,KAAK,WAAW,EAC/B,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;AACH,CAAC,CAAC","sourcesContent":["import { VERSION } from \"./version.js\";\nexport { VERSION };\nlet versionPrinted = false;\nexport const getVersion = () => VERSION;\n// print the version to the browser\nexport const printVersion = () => {\n  if (!versionPrinted) {\n    versionPrinted = true;\n    if (\n      getVersion() &&\n      typeof window !== \"undefined\" &&\n      typeof document !== \"undefined\"\n    ) {\n      console.log(getVersion());\n    }\n  }\n};\n"]}

package/dist/src/shared/lib/GenericAuthenticationRefresher.d.ts

@@ -0,0 +1,20 @@
+import type { AuthenticationRefresher } from "@/services/types.js";
+import type { AuthStorage, Endpoints, OIDCTokenResponseBody } from "@/types.js";
+import type { AuthConfig } from "@/server/config.js";
+export declare class GenericAuthenticationRefresher implements AuthenticationRefresher {
+    private authConfig;
+    private storage;
+    private endpointOverrides?;
+    private oauth2client;
+    private endpoints;
+    private refreshTimeout;
+    private constructor();
+    get oauthServer(): string;
+    init(): Promise<this>;
+    static build(authConfig: AuthConfig, storage: AuthStorage, endpointOverrides?: Partial<Endpoints>): Promise<GenericAuthenticationRefresher>;
+    refreshTokens(): Promise<OIDCTokenResponseBody>;
+    private handleRefresh;
+    setupAutorefresh(): Promise<void>;
+    clearAutorefresh(): void;
+}
+//# sourceMappingURL=GenericAuthenticationRefresher.d.ts.map

package/dist/src/shared/lib/GenericAuthenticationRefresher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GenericAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/GenericAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAMhF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAIrD,qBAAa,8BAA+B,YAAW,uBAAuB;IAM1E,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,iBAAiB,CAAC;IAP5B,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;IACzC,OAAO,CAAC,cAAc,CAA6B;IAEnD,OAAO;IAMP,IAAI,WAAW,IAAI,MAAM,CAExB;IAEK,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAkBd,KAAK,CAChB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GACrC,OAAO,CAAC,8BAA8B,CAAC;IAWpC,aAAa;YAiBL,aAAa;IAWrB,gBAAgB;IAkBtB,gBAAgB;CAKjB"}

package/dist/src/shared/lib/GenericAuthenticationRefresher.js

@@ -0,0 +1,73 @@
+import { getEndpointsWithOverrides, retrieveTokens, storeTokens, } from "@/shared/lib/util.js";
+import { OAuth2Client } from "oslo/oauth2";
+import { DEFAULT_AUTH_SERVER } from "@/constants.js";
+export class GenericAuthenticationRefresher {
+    authConfig;
+    storage;
+    endpointOverrides;
+    oauth2client;
+    endpoints;
+    refreshTimeout;
+    constructor(authConfig, storage, endpointOverrides) {
+        this.authConfig = authConfig;
+        this.storage = storage;
+        this.endpointOverrides = endpointOverrides;
+    }
+    get oauthServer() {
+        return this.authConfig.oauthServer || DEFAULT_AUTH_SERVER;
+    }
+    async init() {
+        // resolve oauth config
+        this.endpoints = await getEndpointsWithOverrides(this.oauthServer, this.endpointOverrides);
+        this.oauth2client = new OAuth2Client(this.authConfig.clientId, this.endpoints.auth, this.endpoints.token, {
+            redirectURI: this.authConfig.redirectUrl,
+        });
+        return this;
+    }
+    static async build(authConfig, storage, endpointOverrides) {
+        const refresher = new GenericAuthenticationRefresher(authConfig, storage, endpointOverrides);
+        await refresher.init();
+        return refresher;
+    }
+    async refreshTokens() {
+        if (!this.oauth2client)
+            await this.init();
+        const tokens = await retrieveTokens(this.storage);
+        if (!tokens?.refresh_token)
+            throw new Error("No refresh token available");
+        const oauth2Client = this.oauth2client;
+        const refreshedTokens = await oauth2Client.refreshAccessToken(tokens.refresh_token);
+        await storeTokens(this.storage, refreshedTokens);
+        return tokens;
+    }
+    async handleRefresh() {
+        try {
+            await this.refreshTokens();
+            await this.setupAutorefresh(); // Reset the timeout after successful refresh
+            console.log("Autorefreshed tokens");
+        }
+        catch (error) {
+            console.error("Failed to refresh tokens:", error);
+        }
+    }
+    async setupAutorefresh() {
+        // Clear any existing timeout
+        this.clearAutorefresh();
+        // get expires_in
+        const tokens = await retrieveTokens(this.storage);
+        const expires_in = tokens?.expires_in || 60;
+        // Calculate time until expiry (subtract 30 seconds as buffer)
+        const bufferTimeMs = 30 * 1000; // 30 seconds in milliseconds
+        const expiresInMs = expires_in * 1000; // Convert to milliseconds
+        const refreshTimeMs = Math.max(0, expiresInMs - bufferTimeMs);
+        this.refreshTimeout = setTimeout(() => {
+            this.handleRefresh();
+        }, refreshTimeMs);
+    }
+    clearAutorefresh() {
+        if (this.refreshTimeout) {
+            clearTimeout(this.refreshTimeout);
+        }
+    }
+}
+//# sourceMappingURL=GenericAuthenticationRefresher.js.map

package/dist/src/shared/lib/GenericAuthenticationRefresher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"GenericAuthenticationRefresher.js","sourceRoot":"","sources":["../../../../src/shared/lib/GenericAuthenticationRefresher.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,yBAAyB,EACzB,cAAc,EACd,WAAW,GACZ,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,MAAM,OAAO,8BAA8B;IAM/B;IACA;IACA;IAPF,YAAY,CAA2B;IACvC,SAAS,CAAwB;IACjC,cAAc,CAA6B;IAEnD,YACU,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAFtC,eAAU,GAAV,UAAU,CAAY;QACtB,YAAO,GAAP,OAAO,CAAa;QACpB,sBAAiB,GAAjB,iBAAiB,CAAqB;IAC7C,CAAC;IAEJ,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,IAAI,mBAAmB,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,yBAAyB,CAC9C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,iBAAiB,CACvB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,IAAI,CAAC,UAAU,CAAC,QAAQ,EACxB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW;SACzC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAEtC,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAClD,UAAU,EACV,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QAEvB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAE1C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,MAAM,EAAE,aAAa;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAE1E,MAAM,YAAY,GAAG,IAAI,CAAC,YAAa,CAAC;QACxC,MAAM,eAAe,GACnB,MAAM,YAAY,CAAC,kBAAkB,CACnC,MAAM,CAAC,aAAa,CACrB,CAAC;QAEJ,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAEjD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,aAAa;QACzB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAC3B,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,6CAA6C;YAE5E,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB;QACpB,6BAA6B;QAC7B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,iBAAiB;QACjB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,EAAE,UAAU,IAAI,EAAE,CAAC;QAE5C,8DAA8D;QAC9D,MAAM,YAAY,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,6BAA6B;QAC7D,MAAM,WAAW,GAAG,UAAU,GAAG,IAAI,CAAC,CAAC,0BAA0B;QACjE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,YAAY,CAAC,CAAC;QAE9D,IAAI,CAAC,cAAc,GAAG,UAAU,CAAC,GAAG,EAAE;YACpC,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,CAAC,EAAE,aAAa,CAAC,CAAC;IACpB,CAAC;IAED,gBAAgB;QACd,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;CACF","sourcesContent":["import type { AuthenticationRefresher } from \"@/services/types.js\";\nimport type { AuthStorage, Endpoints, OIDCTokenResponseBody } from \"@/types.js\";\nimport {\n  getEndpointsWithOverrides,\n  retrieveTokens,\n  storeTokens,\n} from \"@/shared/lib/util.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nexport class GenericAuthenticationRefresher implements AuthenticationRefresher {\n  private oauth2client: OAuth2Client | undefined;\n  private endpoints: Endpoints | undefined;\n  private refreshTimeout: NodeJS.Timeout | undefined;\n\n  private constructor(\n    private authConfig: AuthConfig,\n    private storage: AuthStorage,\n    private endpointOverrides?: Partial<Endpoints>,\n  ) {}\n\n  get oauthServer(): string {\n    return this.authConfig.oauthServer || DEFAULT_AUTH_SERVER;\n  }\n\n  async init(): Promise<this> {\n    // resolve oauth config\n    this.endpoints = await getEndpointsWithOverrides(\n      this.oauthServer,\n      this.endpointOverrides,\n    );\n    this.oauth2client = new OAuth2Client(\n      this.authConfig.clientId,\n      this.endpoints.auth,\n      this.endpoints.token,\n      {\n        redirectURI: this.authConfig.redirectUrl,\n      },\n    );\n\n    return this;\n  }\n\n  static async build(\n    authConfig: AuthConfig,\n    storage: AuthStorage,\n    endpointOverrides?: Partial<Endpoints>,\n  ): Promise<GenericAuthenticationRefresher> {\n    const refresher = new GenericAuthenticationRefresher(\n      authConfig,\n      storage,\n      endpointOverrides,\n    );\n    await refresher.init();\n\n    return refresher;\n  }\n\n  async refreshTokens() {\n    if (!this.oauth2client) await this.init();\n\n    const tokens = await retrieveTokens(this.storage);\n    if (!tokens?.refresh_token) throw new Error(\"No refresh token available\");\n\n    const oauth2Client = this.oauth2client!;\n    const refreshedTokens =\n      await oauth2Client.refreshAccessToken<OIDCTokenResponseBody>(\n        tokens.refresh_token,\n      );\n\n    await storeTokens(this.storage, refreshedTokens);\n\n    return tokens;\n  }\n\n  private async handleRefresh() {\n    try {\n      await this.refreshTokens();\n      await this.setupAutorefresh(); // Reset the timeout after successful refresh\n\n      console.log(\"Autorefreshed tokens\");\n    } catch (error) {\n      console.error(\"Failed to refresh tokens:\", error);\n    }\n  }\n\n  async setupAutorefresh() {\n    // Clear any existing timeout\n    this.clearAutorefresh();\n\n    // get expires_in\n    const tokens = await retrieveTokens(this.storage);\n    const expires_in = tokens?.expires_in || 60;\n\n    // Calculate time until expiry (subtract 30 seconds as buffer)\n    const bufferTimeMs = 30 * 1000; // 30 seconds in milliseconds\n    const expiresInMs = expires_in * 1000; // Convert to milliseconds\n    const refreshTimeMs = Math.max(0, expiresInMs - bufferTimeMs);\n\n    this.refreshTimeout = setTimeout(() => {\n      this.handleRefresh();\n    }, refreshTimeMs);\n  }\n\n  clearAutorefresh() {\n    if (this.refreshTimeout) {\n      clearTimeout(this.refreshTimeout);\n    }\n  }\n}\n"]}

package/dist/src/shared/lib/UserSession.d.ts

@@ -0,0 +1,12 @@
+import type { AuthStorage, User } from "@/types.js";
+export interface UserSession {
+    get(): Promise<User | null>;
+    set(user: User): Promise<void>;
+}
+export declare class GenericUserSession implements UserSession {
+    readonly storage: AuthStorage;
+    constructor(storage: AuthStorage);
+    get(): Promise<User | null>;
+    set(user: User | null): Promise<void>;
+}
+//# sourceMappingURL=UserSession.d.ts.map

package/dist/src/shared/lib/UserSession.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserSession.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/UserSession.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAsB,IAAI,EAAE,MAAM,YAAY,CAAC;AAIxE,MAAM,WAAW,WAAW;IAC1B,GAAG,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAChC;AAED,qBAAa,kBAAmB,YAAW,WAAW;IACxC,QAAQ,CAAC,OAAO,EAAE,WAAW;gBAApB,OAAO,EAAE,WAAW;IAEnC,GAAG,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAK3B,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;CAO5C"}

package/dist/src/shared/lib/UserSession.js

@@ -0,0 +1,20 @@
+import { UserStorage } from "@/shared/lib/types.js";
+import { convertForwardedTokenFormat } from "@/lib/jwt.js";
+export class GenericUserSession {
+    storage;
+    constructor(storage) {
+        this.storage = storage;
+    }
+    async get() {
+        const user = await this.storage.get(UserStorage.USER);
+        return user ? JSON.parse(user) : null;
+    }
+    async set(user) {
+        const forwardedTokens = user?.forwardedTokens
+            ? convertForwardedTokenFormat(user?.forwardedTokens)
+            : null;
+        const value = user ? JSON.stringify({ ...user, forwardedTokens }) : "";
+        await this.storage.set(UserStorage.USER, value);
+    }
+}
+//# sourceMappingURL=UserSession.js.map

package/dist/src/shared/lib/UserSession.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserSession.js","sourceRoot":"","sources":["../../../../src/shared/lib/UserSession.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAO3D,MAAM,OAAO,kBAAkB;IACR;IAArB,YAAqB,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;IAAG,CAAC;IAE7C,KAAK,CAAC,GAAG;QACP,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,IAAiB;QACzB,MAAM,eAAe,GAAG,IAAI,EAAE,eAAe;YAC3C,CAAC,CAAC,2BAA2B,CAAC,IAAI,EAAE,eAAqC,CAAC;YAC1E,CAAC,CAAC,IAAI,CAAC;QACT,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAClD,CAAC;CACF","sourcesContent":["import type { AuthStorage, ForwardedTokensJWT, User } from \"@/types.js\";\nimport { UserStorage } from \"@/shared/lib/types.js\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\n\nexport interface UserSession {\n  get(): Promise<User | null>;\n  set(user: User): Promise<void>;\n}\n\nexport class GenericUserSession implements UserSession {\n  constructor(readonly storage: AuthStorage) {}\n\n  async get(): Promise<User | null> {\n    const user = await this.storage.get(UserStorage.USER);\n    return user ? JSON.parse(user) : null;\n  }\n\n  async set(user: User | null): Promise<void> {\n    const forwardedTokens = user?.forwardedTokens\n      ? convertForwardedTokenFormat(user?.forwardedTokens as ForwardedTokensJWT)\n      : null;\n    const value = user ? JSON.stringify({ ...user, forwardedTokens }) : \"\";\n    await this.storage.set(UserStorage.USER, value);\n  }\n}\n"]}

package/dist/src/shared/lib/session.d.ts

@@ -0,0 +1,3 @@
+import { type AuthStorage, type User } from "@/types.js";
+export declare function getUser(storage: AuthStorage): Promise<User | null>;
+//# sourceMappingURL=session.d.ts.map

package/dist/src/shared/lib/session.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAEA,OAAO,EAAa,KAAK,WAAW,EAAE,KAAK,IAAI,EAAE,MAAM,YAAY,CAAC;AAcpE,wBAAsB,OAAO,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAQxE"}

package/dist/src/shared/lib/session.js

@@ -0,0 +1,21 @@
+import { retrieveTokens } from "@/shared/lib/util.js";
+import { parseJWT } from "oslo/jwt";
+import { tokenKeys } from "@/types.js";
+// Function to omit keys from an object
+const omitKeys = (keys, obj) => {
+    const result = { ...obj };
+    keys.forEach((key) => {
+        delete result[key];
+    });
+    return result;
+};
+export async function getUser(storage) {
+    const tokens = await retrieveTokens(storage);
+    if (!tokens)
+        return null;
+    const parsedToken = parseJWT(tokens.id_token)?.payload;
+    // Assumes all information is in the ID token
+    // remove the token keys from the user object to stop it getting too large
+    return parsedToken ? omitKeys(tokenKeys, parsedToken) : null;
+}
+//# sourceMappingURL=session.js.map

package/dist/src/shared/lib/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,SAAS,EAA+B,MAAM,YAAY,CAAC;AAEpE,uCAAuC;AACvC,MAAM,QAAQ,GAAG,CACf,IAAS,EACT,GAAM,EACM,EAAE;IACd,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC;IAC1B,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;QACnB,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,OAAoB;IAChD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,OAAe,CAAC;IAC/D,6CAA6C;IAC7C,0EAA0E;IAC1E,OAAO,WAAW,CAAC,CAAC,CAAE,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAU,CAAC,CAAC,CAAC,IAAI,CAAC;AACzE,CAAC","sourcesContent":["import { retrieveTokens } from \"@/shared/lib/util.js\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { tokenKeys, type AuthStorage, type User } from \"@/types.js\";\n\n// Function to omit keys from an object\nconst omitKeys = <K extends keyof T, T extends Record<string, unknown>>(\n  keys: K[],\n  obj: T,\n): Omit<T, K> => {\n  const result = { ...obj };\n  keys.forEach((key) => {\n    delete result[key];\n  });\n  return result;\n};\n\nexport async function getUser(storage: AuthStorage): Promise<User | null> {\n  const tokens = await retrieveTokens(storage);\n  if (!tokens) return null;\n\n  const parsedToken = parseJWT(tokens.id_token)?.payload as User;\n  // Assumes all information is in the ID token\n  // remove the token keys from the user object to stop it getting too large\n  return parsedToken ? (omitKeys(tokenKeys, parsedToken) as User) : null;\n}\n"]}

package/dist/src/shared/lib/storage.d.ts

@@ -0,0 +1,25 @@
+import type { AuthStorage, SessionData, UnknownObject, User } from "@/types.js";
+type SameSiteOption = "strict" | "lax" | "none";
+export interface SessionStorage {
+    get(): SessionData;
+    getUser(): User<UnknownObject> | null;
+    set(data: Partial<SessionData>): void;
+    setUser(data: User<UnknownObject> | null): void;
+    clear(): void;
+}
+export type CookieStorageSettings = {
+    httpOnly: boolean;
+    secure: boolean;
+    sameSite: SameSiteOption;
+    expires: Date;
+    path: string;
+};
+export declare const DEFAULT_COOKIE_DURATION: number;
+export declare abstract class CookieStorage implements AuthStorage {
+    protected settings: CookieStorageSettings;
+    protected constructor(settings?: Partial<CookieStorageSettings>);
+    abstract get(key: string): Promise<string | null>;
+    abstract set(key: string, value: string): Promise<void>;
+}
+export {};
+//# sourceMappingURL=storage.d.ts.map

package/dist/src/shared/lib/storage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/storage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEhF,KAAK,cAAc,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEhD,MAAM,WAAW,cAAc;IAC7B,GAAG,IAAI,WAAW,CAAC;IACnB,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IACtC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC;IACtC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;IAChD,KAAK,IAAI,IAAI,CAAC;CACf;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,IAAI,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,eAAO,MAAM,uBAAuB,QAAU,CAAC;AAE/C,8BAAsB,aAAc,YAAW,WAAW;IACxD,SAAS,CAAC,QAAQ,EAAE,qBAAqB,CAAC;IAC1C,SAAS,aAAa,QAAQ,GAAE,OAAO,CAAC,qBAAqB,CAAM;IAanE,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IACjD,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CACxD"}