@civic/auth 0.3.2-beta.1 → 0.3.2-beta.3

package/dist/src/shared/hooks/useRefresh.js

@@ -1,38 +0,0 @@
-import { LocalStorageAdapter } from "@/browser/storage.js";
-import { useEffect, useMemo, useState } from "react";
-import { GenericAuthenticationRefresher } from "../lib/GenericAuthenticationRefresher.js";
-import { useCivicAuthConfig } from "./useCivicAuthConfig.js";
-const useRefresh = (session) => {
-    const authConfig = useCivicAuthConfig();
-    const storage = useMemo(() => new LocalStorageAdapter(), []);
-    // setup token autorefresh
-    const [refresher, setRefresher] = useState(undefined);
-    useEffect(() => {
-        if (!authConfig)
-            return;
-        const abortController = new AbortController();
-        const currentRefresher = refresher;
-        GenericAuthenticationRefresher.build({ ...authConfig }, storage).then((newRefresher) => {
-            if (abortController.signal.aborted)
-                return;
-            currentRefresher?.clearAutorefresh();
-            setRefresher(newRefresher);
-        });
-        return () => {
-            abortController.abort();
-            currentRefresher?.clearAutorefresh();
-        };
-        // eslint-disable-next-line react-hooks/exhaustive-deps
-    }, [authConfig, storage]); // Only depend on what actually changes
-    useEffect(() => {
-        if (session?.authenticated) {
-            refresher?.setupAutorefresh();
-        }
-        else {
-            refresher?.clearAutorefresh();
-        }
-        return () => refresher?.clearAutorefresh();
-    }, [refresher, session?.authenticated]);
-};
-export { useRefresh };
-//# sourceMappingURL=useRefresh.js.map

package/dist/src/shared/hooks/useRefresh.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useRefresh.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useRefresh.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACrD,OAAO,EAAE,8BAA8B,EAAE,MAAM,0CAA0C,CAAC;AAC1F,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAG7D,MAAM,UAAU,GAAG,CAAC,OAA2B,EAAE,EAAE;IACjD,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;IACxC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC,IAAI,mBAAmB,EAAE,EAAE,EAAE,CAAC,CAAC;IAE7D,0BAA0B;IAC1B,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAExC,SAAS,CAAC,CAAC;IAEb,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU;YAAE,OAAO;QACxB,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAC9C,MAAM,gBAAgB,GAAG,SAAS,CAAC;QAEnC,8BAA8B,CAAC,KAAK,CAAC,EAAE,GAAG,UAAU,EAAE,EAAE,OAAO,CAAC,CAAC,IAAI,CACnE,CAAC,YAAY,EAAE,EAAE;YACf,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO;gBAAE,OAAO;YAE3C,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;YACrC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC7B,CAAC,CACF,CAAC;QAEF,OAAO,GAAG,EAAE;YACV,eAAe,CAAC,KAAK,EAAE,CAAC;YACxB,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;QACvC,CAAC,CAAC;QACF,uDAAuD;IACzD,CAAC,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAElE,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,aAAa,EAAE,CAAC;YAC3B,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;QAED,OAAO,GAAG,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,CAAC;IAC7C,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;AAC1C,CAAC,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC","sourcesContent":["import { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { useEffect, useMemo, useState } from \"react\";\nimport { GenericAuthenticationRefresher } from \"../lib/GenericAuthenticationRefresher.js\";\nimport { useCivicAuthConfig } from \"./useCivicAuthConfig.js\";\nimport type { SessionData } from \"@/types.js\";\n\nconst useRefresh = (session: SessionData | null) => {\n  const authConfig = useCivicAuthConfig();\n  const storage = useMemo(() => new LocalStorageAdapter(), []);\n\n  // setup token autorefresh\n  const [refresher, setRefresher] = useState<\n    GenericAuthenticationRefresher | undefined\n  >(undefined);\n\n  useEffect(() => {\n    if (!authConfig) return;\n    const abortController = new AbortController();\n    const currentRefresher = refresher;\n\n    GenericAuthenticationRefresher.build({ ...authConfig }, storage).then(\n      (newRefresher) => {\n        if (abortController.signal.aborted) return;\n\n        currentRefresher?.clearAutorefresh();\n        setRefresher(newRefresher);\n      },\n    );\n\n    return () => {\n      abortController.abort();\n      currentRefresher?.clearAutorefresh();\n    };\n    // eslint-disable-next-line react-hooks/exhaustive-deps\n  }, [authConfig, storage]); // Only depend on what actually changes\n\n  useEffect(() => {\n    if (session?.authenticated) {\n      refresher?.setupAutorefresh();\n    } else {\n      refresher?.clearAutorefresh();\n    }\n\n    return () => refresher?.clearAutorefresh();\n  }, [refresher, session?.authenticated]);\n};\n\nexport { useRefresh };\n"]}

package/dist/src/shared/hooks/useSession.d.ts

@@ -1,3 +0,0 @@
-declare const useSession: () => import("@/shared/providers/SessionProvider.js").SessionProviderOutput;
-export { useSession };
-//# sourceMappingURL=useSession.d.ts.map

package/dist/src/shared/hooks/useSession.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useSession.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useSession.ts"],"names":[],"mappings":"AAKA,QAAA,MAAM,UAAU,6EAMf,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC"}

package/dist/src/shared/hooks/useSession.js

@@ -1,13 +0,0 @@
-"use client";
-import { useContext } from "react";
-import { SessionContext } from "@/shared/providers/SessionProvider.js";
-// TokenProvider will use this internal context to access session
-const useSession = () => {
-    const context = useContext(SessionContext);
-    if (!context) {
-        throw new Error("useSession must be used within an SessionProvider");
-    }
-    return context;
-};
-export { useSession };
-//# sourceMappingURL=useSession.js.map

package/dist/src/shared/hooks/useSession.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useSession.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useSession.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,cAAc,EAAE,MAAM,uCAAuC,CAAC;AAEvE,iEAAiE;AACjE,MAAM,UAAU,GAAG,GAAG,EAAE;IACtB,MAAM,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { SessionContext } from \"@/shared/providers/SessionProvider.js\";\n\n// TokenProvider will use this internal context to access session\nconst useSession = () => {\n  const context = useContext(SessionContext);\n  if (!context) {\n    throw new Error(\"useSession must be used within an SessionProvider\");\n  }\n  return context;\n};\n\nexport { useSession };\n"]}

package/dist/src/shared/hooks/useSignIn.d.ts

@@ -1,15 +0,0 @@
-import type { DisplayMode } from "@/types.js";
-import { type PKCEConsumer } from "@/services/types.js";
-type SignInProps = {
-    pkceConsumer?: PKCEConsumer;
-    preSignOut?: () => Promise<void>;
-    postSignOut?: () => Promise<void>;
-    displayMode: DisplayMode;
-};
-declare const useSignIn: ({ pkceConsumer, preSignOut, postSignOut, displayMode, }: SignInProps) => {
-    signIn: () => Promise<void>;
-    signOut: () => Promise<void>;
-    displayMode: DisplayMode;
-};
-export { useSignIn };
-//# sourceMappingURL=useSignIn.d.ts.map

package/dist/src/shared/hooks/useSignIn.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useSignIn.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAG9C,OAAO,EAAc,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAKpE,KAAK,WAAW,GAAG;IACjB,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IACjC,WAAW,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAClC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AACF,QAAA,MAAM,SAAS,4DAKZ,WAAW;kBAkEyB,OAAO,CAAC,IAAI,CAAC;;;CAsEnD,CAAC;AACF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/src/shared/hooks/useSignIn.js

@@ -1,126 +0,0 @@
-import { BrowserAuthenticationInitiator } from "@/services/AuthenticationService.js";
-import { BrowserPublicClientPKCEProducer } from "@/services/PKCE.js";
-import { useCivicAuthConfig } from "@/shared/hooks/useCivicAuthConfig.js";
-import { useIframe } from "@/shared/hooks/useIframe.js";
-import { useCallback, useEffect, useMemo } from "react";
-import { PopupError } from "@/services/types.js";
-import { useSession } from "./useSession.js";
-import { LocalStorageAdapter } from "@/browser/storage.js";
-import { clearTokens, clearUser } from "../lib/util.js";
-const useSignIn = ({ pkceConsumer, preSignOut, postSignOut, displayMode, }) => {
-    const civicAuthConfig = useCivicAuthConfig();
-    const { iframeRef, logoutIframeRef, setIframeIsVisible, setLogoutIframeIsVisible, } = useIframe();
-    const { data: session } = useSession();
-    const authInitiator = useMemo(() => {
-        if (!civicAuthConfig) {
-            return null;
-        }
-        const { clientId, redirectUrl, logoutUrl, logoutRedirectUrl, nonce, oauthServer, endpoints, scopes, } = civicAuthConfig;
-        return new BrowserAuthenticationInitiator({
-            pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side
-            clientId,
-            redirectUrl,
-            logoutUrl,
-            logoutRedirectUrl,
-            scopes,
-            displayMode,
-            oauthServer,
-            endpointOverrides: endpoints,
-            nonce,
-        });
-    }, [civicAuthConfig, displayMode, pkceConsumer]);
-    useEffect(() => {
-        return () => {
-            if (authInitiator) {
-                authInitiator.cleanup();
-            }
-        };
-    }, [authInitiator]);
-    // This effect is used to clear the tokens and user when the user signs out after a redirect
-    useEffect(() => {
-        const params = new URLSearchParams(window.location.search);
-        const state = params.get("state");
-        const localStorage = new LocalStorageAdapter();
-        localStorage.get("logout_state").then((storedLogoutState) => {
-            if (state && state === storedLogoutState) {
-                // Clear storage
-                clearTokens(localStorage);
-                clearUser(localStorage);
-                LocalStorageAdapter.emitter.emit("signOut");
-                // Clean up storage and URL
-                sessionStorage.removeItem("logout_state");
-                const cleanUrl = window.location.href.split("?")[0];
-                window.history.replaceState({}, document.title, cleanUrl);
-            }
-        });
-    }, []);
-    const signIn = useCallback(async () => {
-        if (!authInitiator)
-            return;
-        authInitiator.setDisplayMode(displayMode);
-        if (displayMode === "iframe") {
-            setIframeIsVisible(true);
-        }
-        const useIframeRef = iframeRef?.current || null;
-        await authInitiator.signIn(useIframeRef).catch((error) => {
-            console.log("signIn error", {
-                error,
-                isPopupError: error instanceof PopupError,
-            });
-            // if we've tried to open a popup and it has failed, then fallback to redirect mode
-            if (error instanceof PopupError) {
-                setIframeIsVisible(false); // hide the iframe
-                authInitiator.cleanup(); // clear any event listeners from before
-                authInitiator.setDisplayMode("redirect"); // switch to redirect mode
-                authInitiator.signIn(useIframeRef); // retry the sign in
-            }
-        });
-    }, [authInitiator, displayMode, iframeRef, setIframeIsVisible]);
-    const signOut = useCallback(async () => {
-        const idToken = session?.idToken;
-        if (!authInitiator)
-            return;
-        if (displayMode === "iframe") {
-            setIframeIsVisible(false);
-            setLogoutIframeIsVisible(true);
-        }
-        try {
-            await preSignOut?.();
-            const useIframeRef = logoutIframeRef?.current || null;
-            await authInitiator.signOut(idToken, useIframeRef).catch((error) => {
-                console.log("signOut error", {
-                    error,
-                    isPopupError: error instanceof PopupError,
-                });
-                // Same popup fallback as signIn
-                if (error instanceof PopupError) {
-                    setLogoutIframeIsVisible(false);
-                    authInitiator.cleanup();
-                    authInitiator.setDisplayMode("redirect");
-                    authInitiator.signOut(idToken, useIframeRef);
-                }
-            });
-        }
-        catch (error) {
-            console.error("Signout error:", error);
-        }
-        setLogoutIframeIsVisible(false);
-        await postSignOut?.();
-    }, [
-        session?.idToken,
-        authInitiator,
-        displayMode,
-        setLogoutIframeIsVisible,
-        postSignOut,
-        setIframeIsVisible,
-        preSignOut,
-        logoutIframeRef,
-    ]);
-    return {
-        signIn,
-        signOut,
-        displayMode,
-    };
-};
-export { useSignIn };
-//# sourceMappingURL=useSignIn.js.map

package/dist/src/shared/hooks/useSignIn.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAE1E,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AACxD,OAAO,EAAE,UAAU,EAAqB,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAQxD,MAAM,SAAS,GAAG,CAAC,EACjB,YAAY,EACZ,UAAU,EACV,WAAW,EACX,WAAW,GACC,EAAE,EAAE;IAChB,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;IAC7C,MAAM,EACJ,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,wBAAwB,GACzB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IAEvC,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,EAAE;QACjC,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,SAAS,EACT,iBAAiB,EACjB,KAAK,EACL,WAAW,EACX,SAAS,EACT,MAAM,GACP,GAAG,eAAe,CAAC;QACpB,OAAO,IAAI,8BAA8B,CAAC;YACxC,YAAY,EAAE,YAAY,IAAI,IAAI,+BAA+B,EAAE,EAAE,kDAAkD;YACvH,QAAQ;YACR,WAAW;YACX,SAAS;YACT,iBAAiB;YACjB,MAAM;YACN,WAAW;YACX,WAAW;YACX,iBAAiB,EAAE,SAAS;YAC5B,KAAK;SACN,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC;IAEjD,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,EAAE,CAAC;YAC1B,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,4FAA4F;IAC5F,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YAC1D,IAAI,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;gBACzC,gBAAgB;gBAChB,WAAW,CAAC,YAAY,CAAC,CAAC;gBAC1B,SAAS,CAAC,YAAY,CAAC,CAAC;gBACxB,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAE5C,2BAA2B;gBAC3B,cAAc,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;gBAC1C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACnD,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QACD,MAAM,YAAY,GAAG,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;QAChD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACvD,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE;gBAC1B,KAAK;gBACL,YAAY,EAAE,KAAK,YAAY,UAAU;aAC1C,CAAC,CAAC;YACH,mFAAmF;YACnF,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;gBAC7C,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,wCAAwC;gBACjE,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,0BAA0B;gBACpE,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,oBAAoB;YAC1D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAEhE,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QACjC,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,EAAE,EAAE,CAAC;YAErB,MAAM,YAAY,GAAG,eAAe,EAAE,OAAO,IAAI,IAAI,CAAC;YACtD,MAAM,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE;oBAC3B,KAAK;oBACL,YAAY,EAAE,KAAK,YAAY,UAAU;iBAC1C,CAAC,CAAC;gBACH,gCAAgC;gBAChC,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;oBAChC,wBAAwB,CAAC,KAAK,CAAC,CAAC;oBAChC,aAAa,CAAC,OAAO,EAAE,CAAC;oBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBACzC,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;QACzC,CAAC;QACD,wBAAwB,CAAC,KAAK,CAAC,CAAC;QAChC,MAAM,WAAW,EAAE,EAAE,CAAC;IACxB,CAAC,EAAE;QACD,OAAO,EAAE,OAAO;QAChB,aAAa;QACb,WAAW;QACX,wBAAwB;QACxB,WAAW;QACX,kBAAkB;QAClB,UAAU;QACV,eAAe;KAChB,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;KACZ,CAAC;AACJ,CAAC,CAAC;AACF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import { BrowserAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport type { DisplayMode } from \"@/types.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCallback, useEffect, useMemo } from \"react\";\nimport { PopupError, type PKCEConsumer } from \"@/services/types.js\";\nimport { useSession } from \"./useSession.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { clearTokens, clearUser } from \"../lib/util.js\";\n\ntype SignInProps = {\n  pkceConsumer?: PKCEConsumer;\n  preSignOut?: () => Promise<void>;\n  postSignOut?: () => Promise<void>;\n  displayMode: DisplayMode;\n};\nconst useSignIn = ({\n  pkceConsumer,\n  preSignOut,\n  postSignOut,\n  displayMode,\n}: SignInProps) => {\n  const civicAuthConfig = useCivicAuthConfig();\n  const {\n    iframeRef,\n    logoutIframeRef,\n    setIframeIsVisible,\n    setLogoutIframeIsVisible,\n  } = useIframe();\n  const { data: session } = useSession();\n\n  const authInitiator = useMemo(() => {\n    if (!civicAuthConfig) {\n      return null;\n    }\n    const {\n      clientId,\n      redirectUrl,\n      logoutUrl,\n      logoutRedirectUrl,\n      nonce,\n      oauthServer,\n      endpoints,\n      scopes,\n    } = civicAuthConfig;\n    return new BrowserAuthenticationInitiator({\n      pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side\n      clientId,\n      redirectUrl,\n      logoutUrl,\n      logoutRedirectUrl,\n      scopes,\n      displayMode,\n      oauthServer,\n      endpointOverrides: endpoints,\n      nonce,\n    });\n  }, [civicAuthConfig, displayMode, pkceConsumer]);\n\n  useEffect(() => {\n    return () => {\n      if (authInitiator) {\n        authInitiator.cleanup();\n      }\n    };\n  }, [authInitiator]);\n\n  // This effect is used to clear the tokens and user when the user signs out after a redirect\n  useEffect(() => {\n    const params = new URLSearchParams(window.location.search);\n    const state = params.get(\"state\");\n    const localStorage = new LocalStorageAdapter();\n    localStorage.get(\"logout_state\").then((storedLogoutState) => {\n      if (state && state === storedLogoutState) {\n        // Clear storage\n        clearTokens(localStorage);\n        clearUser(localStorage);\n        LocalStorageAdapter.emitter.emit(\"signOut\");\n\n        // Clean up storage and URL\n        sessionStorage.removeItem(\"logout_state\");\n        const cleanUrl = window.location.href.split(\"?\")[0];\n        window.history.replaceState({}, document.title, cleanUrl);\n      }\n    });\n  }, []);\n\n  const signIn = useCallback(async (): Promise<void> => {\n    if (!authInitiator) return;\n\n    authInitiator.setDisplayMode(displayMode);\n    if (displayMode === \"iframe\") {\n      setIframeIsVisible(true);\n    }\n    const useIframeRef = iframeRef?.current || null;\n    await authInitiator.signIn(useIframeRef).catch((error) => {\n      console.log(\"signIn error\", {\n        error,\n        isPopupError: error instanceof PopupError,\n      });\n      // if we've tried to open a popup and it has failed, then fallback to redirect mode\n      if (error instanceof PopupError) {\n        setIframeIsVisible(false); // hide the iframe\n        authInitiator.cleanup(); // clear any event listeners from before\n        authInitiator.setDisplayMode(\"redirect\"); // switch to redirect mode\n        authInitiator.signIn(useIframeRef); // retry the sign in\n      }\n    });\n  }, [authInitiator, displayMode, iframeRef, setIframeIsVisible]);\n\n  const signOut = useCallback(async () => {\n    const idToken = session?.idToken;\n    if (!authInitiator) return;\n\n    if (displayMode === \"iframe\") {\n      setIframeIsVisible(false);\n      setLogoutIframeIsVisible(true);\n    }\n\n    try {\n      await preSignOut?.();\n\n      const useIframeRef = logoutIframeRef?.current || null;\n      await authInitiator.signOut(idToken, useIframeRef).catch((error) => {\n        console.log(\"signOut error\", {\n          error,\n          isPopupError: error instanceof PopupError,\n        });\n        // Same popup fallback as signIn\n        if (error instanceof PopupError) {\n          setLogoutIframeIsVisible(false);\n          authInitiator.cleanup();\n          authInitiator.setDisplayMode(\"redirect\");\n          authInitiator.signOut(idToken, useIframeRef);\n        }\n      });\n    } catch (error) {\n      console.error(\"Signout error:\", error);\n    }\n    setLogoutIframeIsVisible(false);\n    await postSignOut?.();\n  }, [\n    session?.idToken,\n    authInitiator,\n    displayMode,\n    setLogoutIframeIsVisible,\n    postSignOut,\n    setIframeIsVisible,\n    preSignOut,\n    logoutIframeRef,\n  ]);\n\n  return {\n    signIn,\n    signOut,\n    displayMode,\n  };\n};\nexport { useSignIn };\n"]}

package/dist/src/shared/hooks/useToken.d.ts

@@ -1,3 +0,0 @@
-declare const useToken: () => import("@/shared/providers/TokenProvider.js").TokenContextType;
-export { useToken };
-//# sourceMappingURL=useToken.d.ts.map

package/dist/src/shared/hooks/useToken.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useToken.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useToken.ts"],"names":[],"mappings":"AAIA,QAAA,MAAM,QAAQ,sEAQb,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,CAAC"}

package/dist/src/shared/hooks/useToken.js

@@ -1,12 +0,0 @@
-"use client";
-import { useContext } from "react";
-import { TokenContext } from "@/shared/providers/TokenProvider.js";
-const useToken = () => {
-    const context = useContext(TokenContext);
-    if (!context) {
-        throw new Error("useToken must be used within a TokenProvider");
-    }
-    return context;
-};
-export { useToken };
-//# sourceMappingURL=useToken.js.map

package/dist/src/shared/hooks/useToken.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useToken.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useToken.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,qCAAqC,CAAC;AAEnE,MAAM,QAAQ,GAAG,GAAG,EAAE;IACpB,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IAEzC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { TokenContext } from \"@/shared/providers/TokenProvider.js\";\n\nconst useToken = () => {\n  const context = useContext(TokenContext);\n\n  if (!context) {\n    throw new Error(\"useToken must be used within a TokenProvider\");\n  }\n\n  return context;\n};\n\nexport { useToken };\n"]}

package/dist/src/shared/hooks/useWindowFocused.d.ts

@@ -1,5 +0,0 @@
-declare const useWindowFocused: () => {
-    isWindowFocused: boolean;
-};
-export { useWindowFocused };
-//# sourceMappingURL=useWindowFocused.d.ts.map

package/dist/src/shared/hooks/useWindowFocused.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"useWindowFocused.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useWindowFocused.ts"],"names":[],"mappings":"AAEA,QAAA,MAAM,gBAAgB;;CAmBrB,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC"}

package/dist/src/shared/hooks/useWindowFocused.js

@@ -1,21 +0,0 @@
-import { useEffect, useState } from "react";
-const useWindowFocused = () => {
-    const [isWindowFocused, setIsWindowFocused] = useState(true);
-    useEffect(() => {
-        const handleFocus = () => {
-            setIsWindowFocused(true);
-        };
-        const handleBlur = () => {
-            setIsWindowFocused(false);
-        };
-        window.addEventListener("focus", handleFocus);
-        window.addEventListener("blur", handleBlur);
-        return () => {
-            window.removeEventListener("focus", handleFocus);
-            window.removeEventListener("blur", handleBlur);
-        };
-    }, []);
-    return { isWindowFocused };
-};
-export { useWindowFocused };
-//# sourceMappingURL=useWindowFocused.js.map

package/dist/src/shared/hooks/useWindowFocused.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"useWindowFocused.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useWindowFocused.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAE5C,MAAM,gBAAgB,GAAG,GAAG,EAAE;IAC5B,MAAM,CAAC,eAAe,EAAE,kBAAkB,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7D,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,WAAW,GAAG,GAAG,EAAE;YACvB,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC,CAAC;QAEF,MAAM,UAAU,GAAG,GAAG,EAAE;YACtB,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC5B,CAAC,CAAC;QACF,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC9C,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAE5C,OAAO,GAAG,EAAE;YACV,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YACjD,MAAM,CAAC,mBAAmB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QACjD,CAAC,CAAC;IACJ,CAAC,EAAE,EAAE,CAAC,CAAC;IACP,OAAO,EAAE,eAAe,EAAE,CAAC;AAC7B,CAAC,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC","sourcesContent":["import { useEffect, useState } from \"react\";\n\nconst useWindowFocused = () => {\n  const [isWindowFocused, setIsWindowFocused] = useState(true);\n  useEffect(() => {\n    const handleFocus = () => {\n      setIsWindowFocused(true);\n    };\n\n    const handleBlur = () => {\n      setIsWindowFocused(false);\n    };\n    window.addEventListener(\"focus\", handleFocus);\n    window.addEventListener(\"blur\", handleBlur);\n\n    return () => {\n      window.removeEventListener(\"focus\", handleFocus);\n      window.removeEventListener(\"blur\", handleBlur);\n    };\n  }, []);\n  return { isWindowFocused };\n};\nexport { useWindowFocused };\n"]}

package/dist/src/shared/index.d.ts

@@ -1,5 +0,0 @@
-import { VERSION } from "./version.js";
-export { VERSION };
-export declare const getVersion: () => string;
-export declare const printVersion: () => void;
-//# sourceMappingURL=index.d.ts.map

package/dist/src/shared/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,CAAC;AAEnB,eAAO,MAAM,UAAU,cAAgB,CAAC;AAExC,eAAO,MAAM,YAAY,YAWxB,CAAC"}

package/dist/src/shared/index.js

@@ -1,16 +0,0 @@
-import { VERSION } from "./version.js";
-export { VERSION };
-let versionPrinted = false;
-export const getVersion = () => VERSION;
-// print the version to the browser
-export const printVersion = () => {
-    if (!versionPrinted) {
-        versionPrinted = true;
-        if (getVersion() &&
-            typeof window !== "undefined" &&
-            typeof document !== "undefined") {
-            console.log(getVersion());
-        }
-    }
-};
-//# sourceMappingURL=index.js.map

package/dist/src/shared/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,CAAC;AACnB,IAAI,cAAc,GAAG,KAAK,CAAC;AAC3B,MAAM,CAAC,MAAM,UAAU,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC;AACxC,mCAAmC;AACnC,MAAM,CAAC,MAAM,YAAY,GAAG,GAAG,EAAE;IAC/B,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,cAAc,GAAG,IAAI,CAAC;QACtB,IACE,UAAU,EAAE;YACZ,OAAO,MAAM,KAAK,WAAW;YAC7B,OAAO,QAAQ,KAAK,WAAW,EAC/B,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;AACH,CAAC,CAAC","sourcesContent":["import { VERSION } from \"./version.js\";\nexport { VERSION };\nlet versionPrinted = false;\nexport const getVersion = () => VERSION;\n// print the version to the browser\nexport const printVersion = () => {\n  if (!versionPrinted) {\n    versionPrinted = true;\n    if (\n      getVersion() &&\n      typeof window !== \"undefined\" &&\n      typeof document !== \"undefined\"\n    ) {\n      console.log(getVersion());\n    }\n  }\n};\n"]}

package/dist/src/shared/lib/GenericAuthenticationRefresher.d.ts

@@ -1,20 +0,0 @@
-import type { AuthenticationRefresher } from "@/services/types.js";
-import type { AuthStorage, Endpoints, OIDCTokenResponseBody } from "@/types.js";
-import type { AuthConfig } from "@/server/config.js";
-export declare class GenericAuthenticationRefresher implements AuthenticationRefresher {
-    private authConfig;
-    private storage;
-    private endpointOverrides?;
-    private oauth2client;
-    private endpoints;
-    private refreshTimeout;
-    private constructor();
-    get oauthServer(): string;
-    init(): Promise<this>;
-    static build(authConfig: AuthConfig, storage: AuthStorage, endpointOverrides?: Partial<Endpoints>): Promise<GenericAuthenticationRefresher>;
-    refreshTokens(): Promise<OIDCTokenResponseBody>;
-    private handleRefresh;
-    setupAutorefresh(): Promise<void>;
-    clearAutorefresh(): void;
-}
-//# sourceMappingURL=GenericAuthenticationRefresher.d.ts.map

package/dist/src/shared/lib/GenericAuthenticationRefresher.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"GenericAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/GenericAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAMhF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAIrD,qBAAa,8BAA+B,YAAW,uBAAuB;IAM1E,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,iBAAiB,CAAC;IAP5B,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;IACzC,OAAO,CAAC,cAAc,CAA6B;IAEnD,OAAO;IAMP,IAAI,WAAW,IAAI,MAAM,CAExB;IAEK,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAkBd,KAAK,CAChB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GACrC,OAAO,CAAC,8BAA8B,CAAC;IAWpC,aAAa;YAiBL,aAAa;IAWrB,gBAAgB;IAkBtB,gBAAgB;CAKjB"}

package/dist/src/shared/lib/GenericAuthenticationRefresher.js

@@ -1,73 +0,0 @@
-import { getEndpointsWithOverrides, retrieveTokens, storeTokens, } from "@/shared/lib/util.js";
-import { OAuth2Client } from "oslo/oauth2";
-import { DEFAULT_AUTH_SERVER } from "@/constants.js";
-export class GenericAuthenticationRefresher {
-    authConfig;
-    storage;
-    endpointOverrides;
-    oauth2client;
-    endpoints;
-    refreshTimeout;
-    constructor(authConfig, storage, endpointOverrides) {
-        this.authConfig = authConfig;
-        this.storage = storage;
-        this.endpointOverrides = endpointOverrides;
-    }
-    get oauthServer() {
-        return this.authConfig.oauthServer || DEFAULT_AUTH_SERVER;
-    }
-    async init() {
-        // resolve oauth config
-        this.endpoints = await getEndpointsWithOverrides(this.oauthServer, this.endpointOverrides);
-        this.oauth2client = new OAuth2Client(this.authConfig.clientId, this.endpoints.auth, this.endpoints.token, {
-            redirectURI: this.authConfig.redirectUrl,
-        });
-        return this;
-    }
-    static async build(authConfig, storage, endpointOverrides) {
-        const refresher = new GenericAuthenticationRefresher(authConfig, storage, endpointOverrides);
-        await refresher.init();
-        return refresher;
-    }
-    async refreshTokens() {
-        if (!this.oauth2client)
-            await this.init();
-        const tokens = await retrieveTokens(this.storage);
-        if (!tokens?.refresh_token)
-            throw new Error("No refresh token available");
-        const oauth2Client = this.oauth2client;
-        const refreshedTokens = await oauth2Client.refreshAccessToken(tokens.refresh_token);
-        await storeTokens(this.storage, refreshedTokens);
-        return tokens;
-    }
-    async handleRefresh() {
-        try {
-            await this.refreshTokens();
-            await this.setupAutorefresh(); // Reset the timeout after successful refresh
-            console.log("Autorefreshed tokens");
-        }
-        catch (error) {
-            console.error("Failed to refresh tokens:", error);
-        }
-    }
-    async setupAutorefresh() {
-        // Clear any existing timeout
-        this.clearAutorefresh();
-        // get expires_in
-        const tokens = await retrieveTokens(this.storage);
-        const expires_in = tokens?.expires_in || 60;
-        // Calculate time until expiry (subtract 30 seconds as buffer)
-        const bufferTimeMs = 30 * 1000; // 30 seconds in milliseconds
-        const expiresInMs = expires_in * 1000; // Convert to milliseconds
-        const refreshTimeMs = Math.max(0, expiresInMs - bufferTimeMs);
-        this.refreshTimeout = setTimeout(() => {
-            this.handleRefresh();
-        }, refreshTimeMs);
-    }
-    clearAutorefresh() {
-        if (this.refreshTimeout) {
-            clearTimeout(this.refreshTimeout);
-        }
-    }
-}
-//# sourceMappingURL=GenericAuthenticationRefresher.js.map

package/dist/src/shared/lib/GenericAuthenticationRefresher.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"GenericAuthenticationRefresher.js","sourceRoot":"","sources":["../../../../src/shared/lib/GenericAuthenticationRefresher.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,yBAAyB,EACzB,cAAc,EACd,WAAW,GACZ,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,MAAM,OAAO,8BAA8B;IAM/B;IACA;IACA;IAPF,YAAY,CAA2B;IACvC,SAAS,CAAwB;IACjC,cAAc,CAA6B;IAEnD,YACU,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAFtC,eAAU,GAAV,UAAU,CAAY;QACtB,YAAO,GAAP,OAAO,CAAa;QACpB,sBAAiB,GAAjB,iBAAiB,CAAqB;IAC7C,CAAC;IAEJ,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,IAAI,mBAAmB,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,yBAAyB,CAC9C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,iBAAiB,CACvB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,IAAI,CAAC,UAAU,CAAC,QAAQ,EACxB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW;SACzC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAEtC,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAClD,UAAU,EACV,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QAEvB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAE1C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,MAAM,EAAE,aAAa;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAE1E,MAAM,YAAY,GAAG,IAAI,CAAC,YAAa,CAAC;QACxC,MAAM,eAAe,GACnB,MAAM,YAAY,CAAC,kBAAkB,CACnC,MAAM,CAAC,aAAa,CACrB,CAAC;QAEJ,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAEjD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,aAAa;QACzB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAC3B,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,6CAA6C;YAE5E,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB;QACpB,6BAA6B;QAC7B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,iBAAiB;QACjB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,EAAE,UAAU,IAAI,EAAE,CAAC;QAE5C,8DAA8D;QAC9D,MAAM,YAAY,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,6BAA6B;QAC7D,MAAM,WAAW,GAAG,UAAU,GAAG,IAAI,CAAC,CAAC,0BAA0B;QACjE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,YAAY,CAAC,CAAC;QAE9D,IAAI,CAAC,cAAc,GAAG,UAAU,CAAC,GAAG,EAAE;YACpC,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,CAAC,EAAE,aAAa,CAAC,CAAC;IACpB,CAAC;IAED,gBAAgB;QACd,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;CACF","sourcesContent":["import type { AuthenticationRefresher } from \"@/services/types.js\";\nimport type { AuthStorage, Endpoints, OIDCTokenResponseBody } from \"@/types.js\";\nimport {\n  getEndpointsWithOverrides,\n  retrieveTokens,\n  storeTokens,\n} from \"@/shared/lib/util.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nexport class GenericAuthenticationRefresher implements AuthenticationRefresher {\n  private oauth2client: OAuth2Client | undefined;\n  private endpoints: Endpoints | undefined;\n  private refreshTimeout: NodeJS.Timeout | undefined;\n\n  private constructor(\n    private authConfig: AuthConfig,\n    private storage: AuthStorage,\n    private endpointOverrides?: Partial<Endpoints>,\n  ) {}\n\n  get oauthServer(): string {\n    return this.authConfig.oauthServer || DEFAULT_AUTH_SERVER;\n  }\n\n  async init(): Promise<this> {\n    // resolve oauth config\n    this.endpoints = await getEndpointsWithOverrides(\n      this.oauthServer,\n      this.endpointOverrides,\n    );\n    this.oauth2client = new OAuth2Client(\n      this.authConfig.clientId,\n      this.endpoints.auth,\n      this.endpoints.token,\n      {\n        redirectURI: this.authConfig.redirectUrl,\n      },\n    );\n\n    return this;\n  }\n\n  static async build(\n    authConfig: AuthConfig,\n    storage: AuthStorage,\n    endpointOverrides?: Partial<Endpoints>,\n  ): Promise<GenericAuthenticationRefresher> {\n    const refresher = new GenericAuthenticationRefresher(\n      authConfig,\n      storage,\n      endpointOverrides,\n    );\n    await refresher.init();\n\n    return refresher;\n  }\n\n  async refreshTokens() {\n    if (!this.oauth2client) await this.init();\n\n    const tokens = await retrieveTokens(this.storage);\n    if (!tokens?.refresh_token) throw new Error(\"No refresh token available\");\n\n    const oauth2Client = this.oauth2client!;\n    const refreshedTokens =\n      await oauth2Client.refreshAccessToken<OIDCTokenResponseBody>(\n        tokens.refresh_token,\n      );\n\n    await storeTokens(this.storage, refreshedTokens);\n\n    return tokens;\n  }\n\n  private async handleRefresh() {\n    try {\n      await this.refreshTokens();\n      await this.setupAutorefresh(); // Reset the timeout after successful refresh\n\n      console.log(\"Autorefreshed tokens\");\n    } catch (error) {\n      console.error(\"Failed to refresh tokens:\", error);\n    }\n  }\n\n  async setupAutorefresh() {\n    // Clear any existing timeout\n    this.clearAutorefresh();\n\n    // get expires_in\n    const tokens = await retrieveTokens(this.storage);\n    const expires_in = tokens?.expires_in || 60;\n\n    // Calculate time until expiry (subtract 30 seconds as buffer)\n    const bufferTimeMs = 30 * 1000; // 30 seconds in milliseconds\n    const expiresInMs = expires_in * 1000; // Convert to milliseconds\n    const refreshTimeMs = Math.max(0, expiresInMs - bufferTimeMs);\n\n    this.refreshTimeout = setTimeout(() => {\n      this.handleRefresh();\n    }, refreshTimeMs);\n  }\n\n  clearAutorefresh() {\n    if (this.refreshTimeout) {\n      clearTimeout(this.refreshTimeout);\n    }\n  }\n}\n"]}

package/dist/src/shared/lib/UserSession.d.ts

@@ -1,12 +0,0 @@
-import type { AuthStorage, User } from "@/types.js";
-export interface UserSession {
-    get(): Promise<User | null>;
-    set(user: User): Promise<void>;
-}
-export declare class GenericUserSession implements UserSession {
-    readonly storage: AuthStorage;
-    constructor(storage: AuthStorage);
-    get(): Promise<User | null>;
-    set(user: User | null): Promise<void>;
-}
-//# sourceMappingURL=UserSession.d.ts.map

package/dist/src/shared/lib/UserSession.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserSession.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/UserSession.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAsB,IAAI,EAAE,MAAM,YAAY,CAAC;AAIxE,MAAM,WAAW,WAAW;IAC1B,GAAG,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAChC;AAED,qBAAa,kBAAmB,YAAW,WAAW;IACxC,QAAQ,CAAC,OAAO,EAAE,WAAW;gBAApB,OAAO,EAAE,WAAW;IAEnC,GAAG,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAK3B,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;CAO5C"}

package/dist/src/shared/lib/UserSession.js

@@ -1,20 +0,0 @@
-import { UserStorage } from "@/shared/lib/types.js";
-import { convertForwardedTokenFormat } from "@/lib/jwt.js";
-export class GenericUserSession {
-    storage;
-    constructor(storage) {
-        this.storage = storage;
-    }
-    async get() {
-        const user = await this.storage.get(UserStorage.USER);
-        return user ? JSON.parse(user) : null;
-    }
-    async set(user) {
-        const forwardedTokens = user?.forwardedTokens
-            ? convertForwardedTokenFormat(user?.forwardedTokens)
-            : null;
-        const value = user ? JSON.stringify({ ...user, forwardedTokens }) : "";
-        await this.storage.set(UserStorage.USER, value);
-    }
-}
-//# sourceMappingURL=UserSession.js.map

package/dist/src/shared/lib/UserSession.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserSession.js","sourceRoot":"","sources":["../../../../src/shared/lib/UserSession.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAO3D,MAAM,OAAO,kBAAkB;IACR;IAArB,YAAqB,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;IAAG,CAAC;IAE7C,KAAK,CAAC,GAAG;QACP,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,IAAiB;QACzB,MAAM,eAAe,GAAG,IAAI,EAAE,eAAe;YAC3C,CAAC,CAAC,2BAA2B,CAAC,IAAI,EAAE,eAAqC,CAAC;YAC1E,CAAC,CAAC,IAAI,CAAC;QACT,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAClD,CAAC;CACF","sourcesContent":["import type { AuthStorage, ForwardedTokensJWT, User } from \"@/types.js\";\nimport { UserStorage } from \"@/shared/lib/types.js\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\n\nexport interface UserSession {\n  get(): Promise<User | null>;\n  set(user: User): Promise<void>;\n}\n\nexport class GenericUserSession implements UserSession {\n  constructor(readonly storage: AuthStorage) {}\n\n  async get(): Promise<User | null> {\n    const user = await this.storage.get(UserStorage.USER);\n    return user ? JSON.parse(user) : null;\n  }\n\n  async set(user: User | null): Promise<void> {\n    const forwardedTokens = user?.forwardedTokens\n      ? convertForwardedTokenFormat(user?.forwardedTokens as ForwardedTokensJWT)\n      : null;\n    const value = user ? JSON.stringify({ ...user, forwardedTokens }) : \"\";\n    await this.storage.set(UserStorage.USER, value);\n  }\n}\n"]}

package/dist/src/shared/lib/session.d.ts

@@ -1,3 +0,0 @@
-import { type AuthStorage, type User } from "@/types.js";
-export declare function getUser(storage: AuthStorage): Promise<User | null>;
-//# sourceMappingURL=session.d.ts.map

package/dist/src/shared/lib/session.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAEA,OAAO,EAAa,KAAK,WAAW,EAAE,KAAK,IAAI,EAAE,MAAM,YAAY,CAAC;AAcpE,wBAAsB,OAAO,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAQxE"}

package/dist/src/shared/lib/session.js

@@ -1,21 +0,0 @@
-import { retrieveTokens } from "@/shared/lib/util.js";
-import { parseJWT } from "oslo/jwt";
-import { tokenKeys } from "@/types.js";
-// Function to omit keys from an object
-const omitKeys = (keys, obj) => {
-    const result = { ...obj };
-    keys.forEach((key) => {
-        delete result[key];
-    });
-    return result;
-};
-export async function getUser(storage) {
-    const tokens = await retrieveTokens(storage);
-    if (!tokens)
-        return null;
-    const parsedToken = parseJWT(tokens.id_token)?.payload;
-    // Assumes all information is in the ID token
-    // remove the token keys from the user object to stop it getting too large
-    return parsedToken ? omitKeys(tokenKeys, parsedToken) : null;
-}
-//# sourceMappingURL=session.js.map

package/dist/src/shared/lib/session.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,SAAS,EAA+B,MAAM,YAAY,CAAC;AAEpE,uCAAuC;AACvC,MAAM,QAAQ,GAAG,CACf,IAAS,EACT,GAAM,EACM,EAAE;IACd,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC;IAC1B,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;QACnB,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,OAAoB;IAChD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,OAAe,CAAC;IAC/D,6CAA6C;IAC7C,0EAA0E;IAC1E,OAAO,WAAW,CAAC,CAAC,CAAE,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAU,CAAC,CAAC,CAAC,IAAI,CAAC;AACzE,CAAC","sourcesContent":["import { retrieveTokens } from \"@/shared/lib/util.js\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { tokenKeys, type AuthStorage, type User } from \"@/types.js\";\n\n// Function to omit keys from an object\nconst omitKeys = <K extends keyof T, T extends Record<string, unknown>>(\n  keys: K[],\n  obj: T,\n): Omit<T, K> => {\n  const result = { ...obj };\n  keys.forEach((key) => {\n    delete result[key];\n  });\n  return result;\n};\n\nexport async function getUser(storage: AuthStorage): Promise<User | null> {\n  const tokens = await retrieveTokens(storage);\n  if (!tokens) return null;\n\n  const parsedToken = parseJWT(tokens.id_token)?.payload as User;\n  // Assumes all information is in the ID token\n  // remove the token keys from the user object to stop it getting too large\n  return parsedToken ? (omitKeys(tokenKeys, parsedToken) as User) : null;\n}\n"]}

package/dist/src/shared/lib/storage.d.ts

@@ -1,25 +0,0 @@
-import type { AuthStorage, SessionData, UnknownObject, User } from "@/types.js";
-type SameSiteOption = "strict" | "lax" | "none";
-export interface SessionStorage {
-    get(): SessionData;
-    getUser(): User<UnknownObject> | null;
-    set(data: Partial<SessionData>): void;
-    setUser(data: User<UnknownObject> | null): void;
-    clear(): void;
-}
-export type CookieStorageSettings = {
-    httpOnly: boolean;
-    secure: boolean;
-    sameSite: SameSiteOption;
-    expires: Date;
-    path: string;
-};
-export declare const DEFAULT_COOKIE_DURATION: number;
-export declare abstract class CookieStorage implements AuthStorage {
-    protected settings: CookieStorageSettings;
-    protected constructor(settings?: Partial<CookieStorageSettings>);
-    abstract get(key: string): Promise<string | null>;
-    abstract set(key: string, value: string): Promise<void>;
-}
-export {};
-//# sourceMappingURL=storage.d.ts.map

package/dist/src/shared/lib/storage.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/storage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEhF,KAAK,cAAc,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEhD,MAAM,WAAW,cAAc;IAC7B,GAAG,IAAI,WAAW,CAAC;IACnB,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IACtC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC;IACtC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;IAChD,KAAK,IAAI,IAAI,CAAC;CACf;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,IAAI,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,eAAO,MAAM,uBAAuB,QAAU,CAAC;AAE/C,8BAAsB,aAAc,YAAW,WAAW;IACxD,SAAS,CAAC,QAAQ,EAAE,qBAAqB,CAAC;IAC1C,SAAS,aAAa,QAAQ,GAAE,OAAO,CAAC,qBAAqB,CAAM;IAanE,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IACjD,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CACxD"}

package/dist/src/shared/lib/storage.js

@@ -1,17 +0,0 @@
-export const DEFAULT_COOKIE_DURATION = 60 * 15; // 15 minutes
-export class CookieStorage {
-    settings;
-    constructor(settings = {}) {
-        this.settings = {
-            httpOnly: settings.httpOnly ?? true,
-            secure: settings.secure ?? true,
-            // the callback request comes the auth server
-            // 'lax' ensures the code_verifier cookie is sent with the request
-            sameSite: settings.sameSite ?? "lax",
-            expires: settings.expires ??
-                new Date(Date.now() + 1000 * DEFAULT_COOKIE_DURATION),
-            path: settings.path ?? "/",
-        };
-    }
-}
-//# sourceMappingURL=storage.js.map

package/dist/src/shared/lib/storage.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"storage.js","sourceRoot":"","sources":["../../../../src/shared/lib/storage.ts"],"names":[],"mappings":"AAoBA,MAAM,CAAC,MAAM,uBAAuB,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,aAAa;AAE7D,MAAM,OAAgB,aAAa;IACvB,QAAQ,CAAwB;IAC1C,YAAsB,WAA2C,EAAE;QACjE,IAAI,CAAC,QAAQ,GAAG;YACd,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,IAAI;YACnC,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,IAAI;YAC/B,6CAA6C;YAC7C,kEAAkE;YAClE,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,KAAK;YACpC,OAAO,EACL,QAAQ,CAAC,OAAO;gBAChB,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,uBAAuB,CAAC;YACvD,IAAI,EAAE,QAAQ,CAAC,IAAI,IAAI,GAAG;SAC3B,CAAC;IACJ,CAAC;CAGF","sourcesContent":["import type { AuthStorage, SessionData, UnknownObject, User } from \"@/types.js\";\n\ntype SameSiteOption = \"strict\" | \"lax\" | \"none\";\n\nexport interface SessionStorage {\n  get(): SessionData;\n  getUser(): User<UnknownObject> | null;\n  set(data: Partial<SessionData>): void;\n  setUser(data: User<UnknownObject> | null): void;\n  clear(): void;\n}\n\nexport type CookieStorageSettings = {\n  httpOnly: boolean;\n  secure: boolean;\n  sameSite: SameSiteOption;\n  expires: Date;\n  path: string;\n};\n\nexport const DEFAULT_COOKIE_DURATION = 60 * 15; // 15 minutes\n\nexport abstract class CookieStorage implements AuthStorage {\n  protected settings: CookieStorageSettings;\n  protected constructor(settings: Partial<CookieStorageSettings> = {}) {\n    this.settings = {\n      httpOnly: settings.httpOnly ?? true,\n      secure: settings.secure ?? true,\n      // the callback request comes the auth server\n      // 'lax' ensures the code_verifier cookie is sent with the request\n      sameSite: settings.sameSite ?? \"lax\",\n      expires:\n        settings.expires ??\n        new Date(Date.now() + 1000 * DEFAULT_COOKIE_DURATION),\n      path: settings.path ?? \"/\",\n    };\n  }\n  abstract get(key: string): Promise<string | null>;\n  abstract set(key: string, value: string): Promise<void>;\n}\n"]}