@civic/auth 0.3.5-beta.0 → 0.3.5-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (84) hide show
  1. package/CHANGELOG.md +2 -1
  2. package/dist/cjs/constants.d.ts +3 -1
  3. package/dist/cjs/constants.d.ts.map +1 -1
  4. package/dist/cjs/constants.js +5 -1
  5. package/dist/cjs/constants.js.map +1 -1
  6. package/dist/cjs/lib/postMessage.d.ts.map +1 -1
  7. package/dist/cjs/lib/postMessage.js +0 -1
  8. package/dist/cjs/lib/postMessage.js.map +1 -1
  9. package/dist/cjs/services/AuthenticationService.d.ts +4 -2
  10. package/dist/cjs/services/AuthenticationService.d.ts.map +1 -1
  11. package/dist/cjs/services/AuthenticationService.js +29 -13
  12. package/dist/cjs/services/AuthenticationService.js.map +1 -1
  13. package/dist/cjs/shared/components/BlockDisplay.d.ts.map +1 -1
  14. package/dist/cjs/shared/components/BlockDisplay.js +7 -2
  15. package/dist/cjs/shared/components/BlockDisplay.js.map +1 -1
  16. package/dist/cjs/shared/components/CivicAuthIframe.d.ts.map +1 -1
  17. package/dist/cjs/shared/components/CivicAuthIframe.js +3 -7
  18. package/dist/cjs/shared/components/CivicAuthIframe.js.map +1 -1
  19. package/dist/cjs/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
  20. package/dist/cjs/shared/components/CivicAuthIframeContainer.js +9 -9
  21. package/dist/cjs/shared/components/CivicAuthIframeContainer.js.map +1 -1
  22. package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.d.ts.map +1 -1
  23. package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.js +0 -1
  24. package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.js.map +1 -1
  25. package/dist/cjs/shared/components/SVGLoading.d.ts +3 -1
  26. package/dist/cjs/shared/components/SVGLoading.d.ts.map +1 -1
  27. package/dist/cjs/shared/components/SVGLoading.js +4 -4
  28. package/dist/cjs/shared/components/SVGLoading.js.map +1 -1
  29. package/dist/cjs/shared/hooks/useSignIn.d.ts.map +1 -1
  30. package/dist/cjs/shared/hooks/useSignIn.js +4 -2
  31. package/dist/cjs/shared/hooks/useSignIn.js.map +1 -1
  32. package/dist/cjs/shared/providers/IframeProvider.d.ts +1 -0
  33. package/dist/cjs/shared/providers/IframeProvider.d.ts.map +1 -1
  34. package/dist/cjs/shared/providers/IframeProvider.js +18 -0
  35. package/dist/cjs/shared/providers/IframeProvider.js.map +1 -1
  36. package/dist/cjs/shared/version.d.ts +1 -1
  37. package/dist/cjs/shared/version.js +1 -1
  38. package/dist/cjs/shared/version.js.map +1 -1
  39. package/dist/cjs/types.d.ts +6 -2
  40. package/dist/cjs/types.d.ts.map +1 -1
  41. package/dist/cjs/types.js.map +1 -1
  42. package/dist/esm/constants.d.ts +3 -1
  43. package/dist/esm/constants.d.ts.map +1 -1
  44. package/dist/esm/constants.js +3 -1
  45. package/dist/esm/constants.js.map +1 -1
  46. package/dist/esm/lib/postMessage.d.ts.map +1 -1
  47. package/dist/esm/lib/postMessage.js +0 -1
  48. package/dist/esm/lib/postMessage.js.map +1 -1
  49. package/dist/esm/services/AuthenticationService.d.ts +4 -2
  50. package/dist/esm/services/AuthenticationService.d.ts.map +1 -1
  51. package/dist/esm/services/AuthenticationService.js +29 -13
  52. package/dist/esm/services/AuthenticationService.js.map +1 -1
  53. package/dist/esm/shared/components/BlockDisplay.d.ts.map +1 -1
  54. package/dist/esm/shared/components/BlockDisplay.js +7 -3
  55. package/dist/esm/shared/components/BlockDisplay.js.map +1 -1
  56. package/dist/esm/shared/components/CivicAuthIframe.d.ts.map +1 -1
  57. package/dist/esm/shared/components/CivicAuthIframe.js +3 -7
  58. package/dist/esm/shared/components/CivicAuthIframe.js.map +1 -1
  59. package/dist/esm/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
  60. package/dist/esm/shared/components/CivicAuthIframeContainer.js +9 -9
  61. package/dist/esm/shared/components/CivicAuthIframeContainer.js.map +1 -1
  62. package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.d.ts.map +1 -1
  63. package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.js +0 -1
  64. package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.js.map +1 -1
  65. package/dist/esm/shared/components/SVGLoading.d.ts +3 -1
  66. package/dist/esm/shared/components/SVGLoading.d.ts.map +1 -1
  67. package/dist/esm/shared/components/SVGLoading.js +4 -4
  68. package/dist/esm/shared/components/SVGLoading.js.map +1 -1
  69. package/dist/esm/shared/hooks/useSignIn.d.ts.map +1 -1
  70. package/dist/esm/shared/hooks/useSignIn.js +5 -3
  71. package/dist/esm/shared/hooks/useSignIn.js.map +1 -1
  72. package/dist/esm/shared/providers/IframeProvider.d.ts +1 -0
  73. package/dist/esm/shared/providers/IframeProvider.d.ts.map +1 -1
  74. package/dist/esm/shared/providers/IframeProvider.js +19 -1
  75. package/dist/esm/shared/providers/IframeProvider.js.map +1 -1
  76. package/dist/esm/shared/version.d.ts +1 -1
  77. package/dist/esm/shared/version.js +1 -1
  78. package/dist/esm/shared/version.js.map +1 -1
  79. package/dist/esm/types.d.ts +6 -2
  80. package/dist/esm/types.d.ts.map +1 -1
  81. package/dist/esm/types.js.map +1 -1
  82. package/dist/tsconfig.cjs.tsbuildinfo +1 -1
  83. package/dist/tsconfig.esm.tsbuildinfo +1 -1
  84. package/package.json +2 -1
package/CHANGELOG.md CHANGED
@@ -1,7 +1,8 @@
1
1
  # 0.3.5 NextJS middleware redirect fix + Iframe padding + use-client fixes
2
- - remove padding on iframe wrapper: the login-app must handle its own padding
2
+ - remove padding and background colours on iframe wrapper: the login-app must handle its own padding and background colour to support light/dark mode
3
3
  - fix issue where 'use client' was required to use the CivicProvider in react apps
4
4
  - fix NextJS middleware so that visiting a page with an expired idToken doesn't trigger a redirect loop
5
+ - accept design options messages from the login-app via postMessage in order to set the color-mode for the iframe chrome
5
6
 
6
7
  # 0.3.4 Refresh bugfix, Update User type
7
8
  - Update User type to correctly support type extensions
package/dist/cjs/constants.d.ts CHANGED
@@ -8,5 +8,7 @@ declare const DEFAULT_DISPLAY_MODE = "iframe";
8
8
  declare const JWT_PAYLOAD_KNOWN_CLAIM_KEYS: readonly ["iss", "aud", "sub", "iat", "exp"];
9
9
  declare const AUTOREFRESH_TIMEOUT_NAME = "civicAuthAutorefreshTimeout";
10
10
  declare const REFRESH_IN_PROGRESS = "civicAuthRefreshInProgress";
11
- export { DEFAULT_SCOPES, DEFAULT_OAUTH_GET_PARAMS, DEFAULT_DISPLAY_MODE, DEFAULT_AUTH_SERVER, DEFAULT_EXPIRES_IN, TOKEN_EXCHANGE_TRIGGER_TEXT, TOKEN_EXCHANGE_SUCCESS_TEXT, JWT_PAYLOAD_KNOWN_CLAIM_KEYS, AUTOREFRESH_TIMEOUT_NAME, REFRESH_IN_PROGRESS, };
11
+ declare const DARK_BACKGROUND_COLOR = "rgb(30, 41, 59)";
12
+ declare const LIGHT_BACKGROUND_COLOR = "white";
13
+ export { DEFAULT_SCOPES, DEFAULT_OAUTH_GET_PARAMS, DEFAULT_DISPLAY_MODE, DEFAULT_AUTH_SERVER, DEFAULT_EXPIRES_IN, TOKEN_EXCHANGE_TRIGGER_TEXT, TOKEN_EXCHANGE_SUCCESS_TEXT, JWT_PAYLOAD_KNOWN_CLAIM_KEYS, AUTOREFRESH_TIMEOUT_NAME, REFRESH_IN_PROGRESS, DARK_BACKGROUND_COLOR, LIGHT_BACKGROUND_COLOR, };
12
14
  //# sourceMappingURL=constants.d.ts.map
package/dist/cjs/constants.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,cAAc,UAMnB,CAAC;AACF,QAAA,MAAM,mBAAmB,iCAAiC,CAAC;AAE3D,QAAA,MAAM,wBAAwB,UAA2B,CAAC;AAE1D,QAAA,MAAM,kBAAkB,OAAO,CAAC;AAIhC,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,oBAAoB,WAAW,CAAC;AACtC,QAAA,MAAM,4BAA4B,8CAMxB,CAAC;AAEX,QAAA,MAAM,wBAAwB,gCAAgC,CAAC;AAC/D,QAAA,MAAM,mBAAmB,+BAA+B,CAAC;AAEzD,OAAO,EACL,cAAc,EACd,wBAAwB,EACxB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,EAC3B,4BAA4B,EAC5B,wBAAwB,EACxB,mBAAmB,GACpB,CAAC"}
1
+ {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,cAAc,UAMnB,CAAC;AACF,QAAA,MAAM,mBAAmB,iCAAiC,CAAC;AAE3D,QAAA,MAAM,wBAAwB,UAA2B,CAAC;AAE1D,QAAA,MAAM,kBAAkB,OAAO,CAAC;AAIhC,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,oBAAoB,WAAW,CAAC;AACtC,QAAA,MAAM,4BAA4B,8CAMxB,CAAC;AAEX,QAAA,MAAM,wBAAwB,gCAAgC,CAAC;AAC/D,QAAA,MAAM,mBAAmB,+BAA+B,CAAC;AAEzD,QAAA,MAAM,qBAAqB,oBAAoB,CAAC;AAChD,QAAA,MAAM,sBAAsB,UAAU,CAAC;AACvC,OAAO,EACL,cAAc,EACd,wBAAwB,EACxB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,EAC3B,4BAA4B,EAC5B,wBAAwB,EACxB,mBAAmB,EACnB,qBAAqB,EACrB,sBAAsB,GACvB,CAAC"}
package/dist/cjs/constants.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.REFRESH_IN_PROGRESS = exports.AUTOREFRESH_TIMEOUT_NAME = exports.JWT_PAYLOAD_KNOWN_CLAIM_KEYS = exports.TOKEN_EXCHANGE_SUCCESS_TEXT = exports.TOKEN_EXCHANGE_TRIGGER_TEXT = exports.DEFAULT_EXPIRES_IN = exports.DEFAULT_AUTH_SERVER = exports.DEFAULT_DISPLAY_MODE = exports.DEFAULT_OAUTH_GET_PARAMS = exports.DEFAULT_SCOPES = void 0;
3
+ exports.LIGHT_BACKGROUND_COLOR = exports.DARK_BACKGROUND_COLOR = exports.REFRESH_IN_PROGRESS = exports.AUTOREFRESH_TIMEOUT_NAME = exports.JWT_PAYLOAD_KNOWN_CLAIM_KEYS = exports.TOKEN_EXCHANGE_SUCCESS_TEXT = exports.TOKEN_EXCHANGE_TRIGGER_TEXT = exports.DEFAULT_EXPIRES_IN = exports.DEFAULT_AUTH_SERVER = exports.DEFAULT_DISPLAY_MODE = exports.DEFAULT_OAUTH_GET_PARAMS = exports.DEFAULT_SCOPES = void 0;
4
4
  const DEFAULT_SCOPES = [
5
5
  "openid",
6
6
  "profile",
@@ -35,4 +35,8 @@ const AUTOREFRESH_TIMEOUT_NAME = "civicAuthAutorefreshTimeout";
35
35
  exports.AUTOREFRESH_TIMEOUT_NAME = AUTOREFRESH_TIMEOUT_NAME;
36
36
  const REFRESH_IN_PROGRESS = "civicAuthRefreshInProgress";
37
37
  exports.REFRESH_IN_PROGRESS = REFRESH_IN_PROGRESS;
38
+ const DARK_BACKGROUND_COLOR = "rgb(30, 41, 59)";
39
+ exports.DARK_BACKGROUND_COLOR = DARK_BACKGROUND_COLOR;
40
+ const LIGHT_BACKGROUND_COLOR = "white";
41
+ exports.LIGHT_BACKGROUND_COLOR = LIGHT_BACKGROUND_COLOR;
38
42
  //# sourceMappingURL=constants.js.map
package/dist/cjs/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";;;AAAA,MAAM,cAAc,GAAG;IACrB,QAAQ;IACR,SAAS;IACT,OAAO;IACP,iBAAiB;IACjB,gBAAgB;CACjB,CAAC;AA0BA,wCAAc;AAzBhB,MAAM,mBAAmB,GAAG,8BAA8B,CAAC;AA4BzD,kDAAmB;AA1BrB,MAAM,wBAAwB,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAwBxD,4DAAwB;AAtB1B,MAAM,kBAAkB,GAAG,IAAI,CAAC,CAAC,oBAAoB;AAyBnD,gDAAkB;AAvBpB,uHAAuH;AACvH,kFAAkF;AAClF,MAAM,2BAA2B,GAAG,gCAAgC,CAAC;AAsBnE,kEAA2B;AApB7B,MAAM,2BAA2B,GAAG,gCAAgC,CAAC;AAqBnE,kEAA2B;AAnB7B,MAAM,oBAAoB,GAAG,QAAQ,CAAC;AAepC,oDAAoB;AAdtB,MAAM,4BAA4B,GAAG;IACnC,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;CACG,CAAC;AAaT,oEAA4B;AAX9B,MAAM,wBAAwB,GAAG,6BAA6B,CAAC;AAY7D,4DAAwB;AAX1B,MAAM,mBAAmB,GAAG,4BAA4B,CAAC;AAYvD,kDAAmB","sourcesContent":["const DEFAULT_SCOPES = [\n \"openid\",\n \"profile\",\n \"email\",\n \"forwardedTokens\",\n \"offline_access\",\n];\nconst DEFAULT_AUTH_SERVER = \"https://auth.civic.com/oauth\";\n\nconst DEFAULT_OAUTH_GET_PARAMS = [\"code\", \"state\", \"iss\"];\n\nconst DEFAULT_EXPIRES_IN = 3600; // 1 hour in seconds\n\n// The server's callback handler renders this text if it needs the front-end to make an additional token exchange call,\n// for the iframe case where cookies are not sent along with the initial redirect.\nconst TOKEN_EXCHANGE_TRIGGER_TEXT = \"sameDomainCodeExchangeRequired\";\n\nconst TOKEN_EXCHANGE_SUCCESS_TEXT = \"serverSideTokenExchangeSuccess\";\n\nconst DEFAULT_DISPLAY_MODE = \"iframe\";\nconst JWT_PAYLOAD_KNOWN_CLAIM_KEYS = [\n \"iss\",\n \"aud\",\n \"sub\",\n \"iat\",\n \"exp\",\n] as const;\n\nconst AUTOREFRESH_TIMEOUT_NAME = \"civicAuthAutorefreshTimeout\";\nconst REFRESH_IN_PROGRESS = \"civicAuthRefreshInProgress\";\n\nexport {\n DEFAULT_SCOPES,\n DEFAULT_OAUTH_GET_PARAMS,\n DEFAULT_DISPLAY_MODE,\n DEFAULT_AUTH_SERVER,\n DEFAULT_EXPIRES_IN,\n TOKEN_EXCHANGE_TRIGGER_TEXT,\n TOKEN_EXCHANGE_SUCCESS_TEXT,\n JWT_PAYLOAD_KNOWN_CLAIM_KEYS,\n AUTOREFRESH_TIMEOUT_NAME,\n REFRESH_IN_PROGRESS,\n};\n"]}
1
+ {"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";;;AAAA,MAAM,cAAc,GAAG;IACrB,QAAQ;IACR,SAAS;IACT,OAAO;IACP,iBAAiB;IACjB,gBAAgB;CACjB,CAAC;AA4BA,wCAAc;AA3BhB,MAAM,mBAAmB,GAAG,8BAA8B,CAAC;AA8BzD,kDAAmB;AA5BrB,MAAM,wBAAwB,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AA0BxD,4DAAwB;AAxB1B,MAAM,kBAAkB,GAAG,IAAI,CAAC,CAAC,oBAAoB;AA2BnD,gDAAkB;AAzBpB,uHAAuH;AACvH,kFAAkF;AAClF,MAAM,2BAA2B,GAAG,gCAAgC,CAAC;AAwBnE,kEAA2B;AAtB7B,MAAM,2BAA2B,GAAG,gCAAgC,CAAC;AAuBnE,kEAA2B;AArB7B,MAAM,oBAAoB,GAAG,QAAQ,CAAC;AAiBpC,oDAAoB;AAhBtB,MAAM,4BAA4B,GAAG;IACnC,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;CACG,CAAC;AAeT,oEAA4B;AAb9B,MAAM,wBAAwB,GAAG,6BAA6B,CAAC;AAc7D,4DAAwB;AAb1B,MAAM,mBAAmB,GAAG,4BAA4B,CAAC;AAcvD,kDAAmB;AAZrB,MAAM,qBAAqB,GAAG,iBAAiB,CAAC;AAa9C,sDAAqB;AAZvB,MAAM,sBAAsB,GAAG,OAAO,CAAC;AAarC,wDAAsB","sourcesContent":["const DEFAULT_SCOPES = [\n \"openid\",\n \"profile\",\n \"email\",\n \"forwardedTokens\",\n \"offline_access\",\n];\nconst DEFAULT_AUTH_SERVER = \"https://auth.civic.com/oauth\";\n\nconst DEFAULT_OAUTH_GET_PARAMS = [\"code\", \"state\", \"iss\"];\n\nconst DEFAULT_EXPIRES_IN = 3600; // 1 hour in seconds\n\n// The server's callback handler renders this text if it needs the front-end to make an additional token exchange call,\n// for the iframe case where cookies are not sent along with the initial redirect.\nconst TOKEN_EXCHANGE_TRIGGER_TEXT = \"sameDomainCodeExchangeRequired\";\n\nconst TOKEN_EXCHANGE_SUCCESS_TEXT = \"serverSideTokenExchangeSuccess\";\n\nconst DEFAULT_DISPLAY_MODE = \"iframe\";\nconst JWT_PAYLOAD_KNOWN_CLAIM_KEYS = [\n \"iss\",\n \"aud\",\n \"sub\",\n \"iat\",\n \"exp\",\n] as const;\n\nconst AUTOREFRESH_TIMEOUT_NAME = \"civicAuthAutorefreshTimeout\";\nconst REFRESH_IN_PROGRESS = \"civicAuthRefreshInProgress\";\n\nconst DARK_BACKGROUND_COLOR = \"rgb(30, 41, 59)\";\nconst LIGHT_BACKGROUND_COLOR = \"white\";\nexport {\n DEFAULT_SCOPES,\n DEFAULT_OAUTH_GET_PARAMS,\n DEFAULT_DISPLAY_MODE,\n DEFAULT_AUTH_SERVER,\n DEFAULT_EXPIRES_IN,\n TOKEN_EXCHANGE_TRIGGER_TEXT,\n TOKEN_EXCHANGE_SUCCESS_TEXT,\n JWT_PAYLOAD_KNOWN_CLAIM_KEYS,\n AUTOREFRESH_TIMEOUT_NAME,\n REFRESH_IN_PROGRESS,\n DARK_BACKGROUND_COLOR,\n LIGHT_BACKGROUND_COLOR,\n};\n"]}
package/dist/cjs/lib/postMessage.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"postMessage.d.ts","sourceRoot":"","sources":["../../../src/lib/postMessage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAEnD,QAAA,MAAM,2BAA2B,UACxB,gBAAgB,YACb,MAAM,KACf,OAaF,CAAC;AAEF,OAAO,EAAE,2BAA2B,EAAE,CAAC"}
1
+ {"version":3,"file":"postMessage.d.ts","sourceRoot":"","sources":["../../../src/lib/postMessage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAEnD,QAAA,MAAM,2BAA2B,UACxB,gBAAgB,YACb,MAAM,KACf,OAYF,CAAC;AAEF,OAAO,EAAE,2BAA2B,EAAE,CAAC"}
package/dist/cjs/lib/postMessage.js CHANGED
@@ -4,7 +4,6 @@ exports.validateLoginAppPostMessage = void 0;
4
4
  const validateLoginAppPostMessage = (event, clientId) => {
5
5
  const caseEvent = event;
6
6
  if (!caseEvent.clientId ||
7
- !caseEvent.data.url ||
8
7
  !caseEvent.source ||
9
8
  !caseEvent.type ||
10
9
  caseEvent.clientId !== clientId ||
package/dist/cjs/lib/postMessage.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"postMessage.js","sourceRoot":"","sources":["../../../src/lib/postMessage.ts"],"names":[],"mappings":";;;AAEA,MAAM,2BAA2B,GAAG,CAClC,KAAuB,EACvB,QAAgB,EACP,EAAE;IACX,MAAM,SAAS,GAAG,KAAyB,CAAC;IAC5C,IACE,CAAC,SAAS,CAAC,QAAQ;QACnB,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG;QACnB,CAAC,SAAS,CAAC,MAAM;QACjB,CAAC,SAAS,CAAC,IAAI;QACf,SAAS,CAAC,QAAQ,KAAK,QAAQ;QAC/B,SAAS,CAAC,MAAM,KAAK,eAAe,EACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEO,kEAA2B","sourcesContent":["import type { LoginPostMessage } from \"@/types.js\";\n\nconst validateLoginAppPostMessage = (\n event: LoginPostMessage,\n clientId: string,\n): boolean => {\n const caseEvent = event as LoginPostMessage;\n if (\n !caseEvent.clientId ||\n !caseEvent.data.url ||\n !caseEvent.source ||\n !caseEvent.type ||\n caseEvent.clientId !== clientId ||\n caseEvent.source !== \"civicloginApp\"\n ) {\n return false;\n }\n return true;\n};\n\nexport { validateLoginAppPostMessage };\n"]}
1
+ {"version":3,"file":"postMessage.js","sourceRoot":"","sources":["../../../src/lib/postMessage.ts"],"names":[],"mappings":";;;AAEA,MAAM,2BAA2B,GAAG,CAClC,KAAuB,EACvB,QAAgB,EACP,EAAE;IACX,MAAM,SAAS,GAAG,KAAyB,CAAC;IAC5C,IACE,CAAC,SAAS,CAAC,QAAQ;QACnB,CAAC,SAAS,CAAC,MAAM;QACjB,CAAC,SAAS,CAAC,IAAI;QACf,SAAS,CAAC,QAAQ,KAAK,QAAQ;QAC/B,SAAS,CAAC,MAAM,KAAK,eAAe,EACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEO,kEAA2B","sourcesContent":["import type { LoginPostMessage } from \"@/types.js\";\n\nconst validateLoginAppPostMessage = (\n event: LoginPostMessage,\n clientId: string,\n): boolean => {\n const caseEvent = event as LoginPostMessage;\n if (\n !caseEvent.clientId ||\n !caseEvent.source ||\n !caseEvent.type ||\n caseEvent.clientId !== clientId ||\n caseEvent.source !== \"civicloginApp\"\n ) {\n return false;\n }\n return true;\n};\n\nexport { validateLoginAppPostMessage };\n"]}
package/dist/cjs/services/AuthenticationService.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { DisplayMode, Endpoints, OIDCTokenResponseBody, SessionData } from "../types.js";
1
+ import type { DisplayMode, Endpoints, LoginAppDesignOptions, OIDCTokenResponseBody, SessionData } from "../types.js";
2
2
  import { BrowserPublicClientPKCEProducer } from "../services/PKCE.js";
3
3
  import type { AuthenticationInitiator, AuthenticationResolver, PKCEConsumer } from "../services/types.js";
4
4
  export type GenericAuthenticationInitiatorConfig = {
@@ -38,14 +38,16 @@ export type BrowserAuthenticationInitiatorConfig = Omit<GenericAuthenticationIni
38
38
  * })
39
39
  */
40
40
  export declare class BrowserAuthenticationInitiator implements AuthenticationInitiator {
41
+ readonly setDesignOptions: (value: LoginAppDesignOptions) => void;
41
42
  private postMessageHandler;
42
43
  protected config: BrowserAuthenticationInitiatorConfig;
43
44
  setDisplayMode(displayMode: DisplayMode): void;
44
45
  get displayMode(): DisplayMode;
45
46
  get isServerTokenExchange(): boolean;
46
47
  get state(): string;
47
- constructor(config: typeof this.config);
48
+ constructor(config: typeof this.config, setDesignOptions?: (value: LoginAppDesignOptions) => void);
48
49
  handleLoginAppPopupFailed(redirectUrl: string): Promise<void>;
50
+ handleLoginAppDesignUpdate(options: LoginAppDesignOptions): Promise<void>;
49
51
  signIn(iframeRef: HTMLIFrameElement | null): Promise<URL>;
50
52
  protected handleIframeUrlChange(iframe: HTMLIFrameElement, expectedUrl: string): Promise<void>;
51
53
  signOut(idToken: string | undefined, iframeRef: HTMLIFrameElement | null): Promise<URL>;
package/dist/cjs/services/AuthenticationService.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EAGT,qBAAqB,EACrB,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,+BAA+B,EAEhC,MAAM,oBAAoB,CAAC;AAe5B,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACb,MAAM,qBAAqB,CAAC;AAS7B,MAAM,MAAM,oCAAoC,GAAG;IACjD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,oCAAoC,GAAG,IAAI,CACrD,oCAAoC,EACpC,OAAO,CACR,GAAG;IACF,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAE1B,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,OAAO,CAAC,kBAAkB,CAAgD;IAE1E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;IAEhD,cAAc,CAAC,WAAW,EAAE,WAAW;IAI9C,IAAI,WAAW,gBAEd;IAED,IAAI,qBAAqB,YAExB;IACD,IAAI,KAAK,WAER;gBACW,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAIhC,yBAAyB,CAAC,WAAW,EAAE,MAAM;IAU7C,MAAM,CAAC,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IAiD/D,SAAS,CAAC,qBAAqB,CAC7B,MAAM,EAAE,iBAAiB,EACzB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,IAAI,CAAC;IAqDV,OAAO,CACX,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAClC,OAAO,CAAC,GAAG,CAAC;IAwEf,OAAO;CAKR;AAED;;;GAGG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;gBAE3C,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAMhC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC;IAItB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CAM7C;AAED,KAAK,2BAA2B,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IACvC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,8BAA8B;IAQ5E,SAAS,CAAC,YAAY;IAPxB,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;gBAIvC,MAAM,EAAE,2BAA2B,EAEzB,YAAY,kCAAwC;IAY1D,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqBrB,aAAa,CACjB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IA0C3B,cAAc,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAc7C,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC;IAiC/C,qBAAqB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;WAOxC,KAAK,CAChB,MAAM,EAAE,2BAA2B,GAClC,OAAO,CAAC,sBAAsB,CAAC;CAMnC"}
1
+ {"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EAET,qBAAqB,EAErB,qBAAqB,EACrB,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,+BAA+B,EAEhC,MAAM,oBAAoB,CAAC;AAe5B,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACb,MAAM,qBAAqB,CAAC;AAS7B,MAAM,MAAM,oCAAoC,GAAG;IACjD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,oCAAoC,GAAG,IAAI,CACrD,oCAAoC,EACpC,OAAO,CACR,GAAG;IACF,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAE1B,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAKF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAqB1E,QAAQ,CAAC,gBAAgB,UA7CW,qBAAqB;IAyB3D,OAAO,CAAC,kBAAkB,CAAgD;IAE1E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;IAEhD,cAAc,CAAC,WAAW,EAAE,WAAW;IAI9C,IAAI,WAAW,gBAEd;IAED,IAAI,qBAAqB,YAExB;IACD,IAAI,KAAK,WAER;gBAEC,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM,EACjB,gBAAgB,WA7CW,qBAAqB,SA6CN;IAiC/C,yBAAyB,CAAC,WAAW,EAAE,MAAM;IAQ7C,0BAA0B,CAAC,OAAO,EAAE,qBAAqB;IAMzD,MAAM,CAAC,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IAiC/D,SAAS,CAAC,qBAAqB,CAC7B,MAAM,EAAE,iBAAiB,EACzB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,IAAI,CAAC;IAqDV,OAAO,CACX,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAClC,OAAO,CAAC,GAAG,CAAC;IAwEf,OAAO;CAKR;AAED;;;GAGG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;gBAE3C,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAMhC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC;IAItB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CAM7C;AAED,KAAK,2BAA2B,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IACvC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,8BAA8B;IAQ5E,SAAS,CAAC,YAAY;IAPxB,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;gBAIvC,MAAM,EAAE,2BAA2B,EAEzB,YAAY,kCAAwC;IAY1D,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqBrB,aAAa,CACjB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IA0C3B,cAAc,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAc7C,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC;IAiC/C,qBAAqB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;WAOxC,KAAK,CAChB,MAAM,EAAE,2BAA2B,GAClC,OAAO,CAAC,sBAAsB,CAAC;CAMnC"}
package/dist/cjs/services/AuthenticationService.js CHANGED
@@ -14,6 +14,9 @@ const postMessage_js_1 = require("../lib/postMessage.js");
14
14
  const session_js_1 = require("../shared/lib/session.js");
15
15
  const UserSession_js_1 = require("../shared/lib/UserSession.js");
16
16
  const iframeUtils_js_1 = require("../shared/lib/iframeUtils.js");
17
+ const defaultSetDesignOptions = (value) => {
18
+ localStorage.setItem("loginAppDesign", JSON.stringify(value));
19
+ };
17
20
  /**
18
21
  * An authentication initiator that works on a browser. Since this is just triggering
19
22
  * login and logout, session data is not stored here.
@@ -36,6 +39,7 @@ const iframeUtils_js_1 = require("../shared/lib/iframeUtils.js");
36
39
  * })
37
40
  */
38
41
  class BrowserAuthenticationInitiator {
42
+ setDesignOptions;
39
43
  postMessageHandler = null;
40
44
  config;
41
45
  setDisplayMode(displayMode) {
@@ -50,13 +54,37 @@ class BrowserAuthenticationInitiator {
50
54
  get state() {
51
55
  return (0, oauth_js_1.generateState)(this.config.displayMode, this.isServerTokenExchange);
52
56
  }
53
- constructor(config) {
57
+ constructor(config, setDesignOptions = defaultSetDesignOptions) {
58
+ this.setDesignOptions = setDesignOptions;
54
59
  this.config = config;
60
+ this.postMessageHandler = (event) => {
61
+ const thisURL = new URL(window.location.href);
62
+ if (event.origin.endsWith("civic.com") ||
63
+ thisURL.hostname === "localhost") {
64
+ if (!(0, postMessage_js_1.validateLoginAppPostMessage)(event.data, this.config.clientId)) {
65
+ return;
66
+ }
67
+ const loginMessage = event.data;
68
+ if (loginMessage.type === "generatePopupFailed") {
69
+ this.handleLoginAppPopupFailed(loginMessage.data.url);
70
+ return;
71
+ }
72
+ if (loginMessage.type === "design") {
73
+ // TODO handle the design message
74
+ this.handleLoginAppDesignUpdate(loginMessage.data);
75
+ return;
76
+ }
77
+ }
78
+ };
79
+ window.addEventListener("message", this.postMessageHandler);
55
80
  }
56
81
  async handleLoginAppPopupFailed(redirectUrl) {
57
82
  console.warn("Login app popup failed open a popup, using redirect mode instead...", redirectUrl);
58
83
  window.location.href = redirectUrl;
59
84
  }
85
+ async handleLoginAppDesignUpdate(options) {
86
+ this.setDesignOptions(options);
87
+ }
60
88
  // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url
61
89
  // and then use the display mode to decide how to send the user there
62
90
  async signIn(iframeRef) {
@@ -64,18 +92,6 @@ class BrowserAuthenticationInitiator {
64
92
  ...this.config,
65
93
  state: this.state,
66
94
  });
67
- this.postMessageHandler = (event) => {
68
- const thisURL = new URL(window.location.href);
69
- if (event.origin.endsWith("civic.com") ||
70
- thisURL.hostname === "localhost") {
71
- if (!(0, postMessage_js_1.validateLoginAppPostMessage)(event.data, this.config.clientId)) {
72
- return;
73
- }
74
- const loginMessage = event.data;
75
- this.handleLoginAppPopupFailed(loginMessage.data.url);
76
- }
77
- };
78
- window.addEventListener("message", this.postMessageHandler);
79
95
  if (this.config.displayMode === "iframe") {
80
96
  const ref = (0, iframeUtils_js_1.getIframeRef)(iframeRef);
81
97
  ref.setAttribute("src", url.toString());
package/dist/cjs/services/AuthenticationService.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationService.js","sourceRoot":"","sources":["../../../src/services/AuthenticationService.ts"],"names":[],"mappings":";AAAA,8EAA8E;;;AAU9E,gDAG4B;AAC5B,kDAU8B;AAC9B,6CAAqE;AACrE,wCAA2C;AAC3C,qDAA2D;AAM3D,kDAAiD;AACjD,uDAAgE;AAChE,iDAA0D;AAC1D,yDAAmE;AACnE,wDAAkD;AAClD,gEAAiE;AACjE,gEAA2D;AAyB3D;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAa,8BAA8B;IACjC,kBAAkB,GAA2C,IAAI,CAAC;IAEhE,MAAM,CAAuC;IAEhD,cAAc,CAAC,WAAwB;QAC5C,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;IACxC,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;IACjC,CAAC;IAED,IAAI,qBAAqB;QACvB,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,YAAY,wCAA8B,CAAC;IAC5E,CAAC;IACD,IAAI,KAAK;QACP,OAAO,IAAA,wBAAa,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAC5E,CAAC;IACD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,WAAmB;QACjD,OAAO,CAAC,IAAI,CACV,qEAAqE,EACrE,WAAW,CACZ,CAAC;QACF,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;IACrC,CAAC;IAED,uGAAuG;IACvG,qEAAqE;IACrE,KAAK,CAAC,MAAM,CAAC,SAAmC;QAC9C,MAAM,GAAG,GAAG,MAAM,IAAA,+BAAqB,EAAC;YACtC,GAAG,IAAI,CAAC,MAAM;YACd,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,IAAI,CAAC,kBAAkB,GAAG,CAAC,KAAmB,EAAE,EAAE;YAChD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9C,IACE,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAClC,OAAO,CAAC,QAAQ,KAAK,WAAW,EAChC,CAAC;gBACD,IAAI,CAAC,IAAA,4CAA2B,EAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACnE,OAAO;gBACT,CAAC;gBACD,MAAM,YAAY,GAAG,KAAK,CAAC,IAAwB,CAAC;gBACpD,IAAI,CAAC,yBAAyB,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACxD,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAE5D,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,IAAA,6BAAY,EAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,qBAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;gBACD,uEAAuE;YACzE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,qBAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAES,qBAAqB,CAC7B,MAAyB,EACzB,WAAmB;QAEnB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,QAAQ,GAA+B,SAAS,CAAC;YACrD,IAAI,OAAO,GAA+B,SAAS,CAAC;YAEpD,MAAM,cAAc,GAAG,CAAC,KAAmB,EAAE,EAAE;gBAC7C,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,aAAa,EAAE,CAAC;oBAC1C,6DAA6D;oBAC7D,OAAO;gBACT,CAAC;gBAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAyB,CAAC;gBAEhD,IACE,OAAO,CAAC,MAAM,KAAK,eAAe;oBAClC,CAAC,OAAO,CAAC,IAAI,KAAK,YAAY;wBAC5B,OAAO,CAAC,IAAI,KAAK,sBAAsB,CAAC,EAC1C,CAAC;oBACD,aAAa,CAAC,QAAQ,CAAC,CAAC;oBACxB,YAAY,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;oBACtD,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC,CAAC;oBACjE,OAAO;gBACT,CAAC;YACH,CAAC,CAAC;YAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YAEnD,qDAAqD;YACrD,MAAM,WAAW,GAAG,GAAG,EAAE;gBACvB,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC;oBACvD,IAAI,UAAU,EAAE,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;wBACtC,aAAa,CAAC,QAAQ,CAAC,CAAC;wBACxB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;wBACtD,OAAO,EAAE,CAAC;oBACZ,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,6BAA6B;gBAC/B,CAAC;YACH,CAAC,CAAC;YAEF,QAAQ,GAAG,WAAW,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAEzC,2BAA2B;YAC3B,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;gBACxB,aAAa,CAAC,QAAQ,CAAC,CAAC;gBACxB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;gBACtD,MAAM,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;YAC7D,CAAC,EAAE,KAAK,CAAC,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CACX,OAA2B,EAC3B,SAAmC;QAEnC,IAAI,GAAG,CAAC;QACR,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBAC3B,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,CAAC;YACD,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7D,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YACD,GAAG,GAAG,MAAM,IAAA,gCAAsB,EAAC;gBACjC,GAAG,IAAI,CAAC,MAAM;gBACd,OAAO;gBACP,KAAK;gBACL,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aAC3C,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,IAAA,6BAAY,EAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YAExC,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;YACvE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;gBACzC,yDAAyD;gBACzD,mEAAmE;gBACnE,+BAA+B;gBAC/B,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;oBAC/B,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACrE,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;oBACxC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBAC1D,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,2CAA2C;YAC3C,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAChC,MAAM,YAAY,GAAG,IAAI,gCAAmB,EAAE,CAAC;gBAC/C,MAAM,IAAA,qBAAW,EAAC,YAAY,CAAC,CAAC;gBAChC,MAAM,IAAA,mBAAS,EAAC,YAAY,CAAC,CAAC;gBAC9B,gCAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,MAAM,YAAY,GAAG,IAAI,gCAAmB,EAAE,CAAC;YAC/C,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;YACxC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,qBAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,qBAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,OAAO;QACL,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;CACF;AA1ND,wEA0NC;AAED;;;GAGG;AACH,MAAa,8BAA8B;IAC/B,MAAM,CAAuC;IAEvD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,uGAAuG;IACvG,4BAA4B;IAC5B,KAAK,CAAC,MAAM;QACV,OAAO,IAAA,+BAAqB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,OAAe;QAC3B,OAAO,IAAA,gCAAsB,EAAC;YAC5B,GAAG,IAAI,CAAC,MAAM;YACd,OAAO;SACR,CAAC,CAAC;IACL,CAAC;CACF;AAnBD,wEAmBC;AAaD;;;GAGG;AACH,MAAa,4BAA6B,SAAQ,8BAA8B;IAQlE;IAPJ,YAAY,CAA2B;IACvC,SAAS,CAAwB;IAEzC,0EAA0E;IAC1E,YACE,MAAmC;IACnC,6FAA6F;IACnF,eAAe,IAAI,yCAA+B,EAAE;QAE9D,KAAK,CAAC;YACJ,GAAG,MAAM;YACT,yDAAyD;YACzD,YAAY,EAAE,YAAY;SAC3B,CAAC,CAAC;QANO,iBAAY,GAAZ,YAAY,CAAwC;IAOhE,CAAC;IAED,kFAAkF;IAClF,oGAAoG;IACpG,kDAAkD;IAClD,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,IAAA,mCAAyB,EAC9C,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,qBAAY,CAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,wBAAwB;IACxB,uEAAuE;IACvE,uCAAuC;IACvC,KAAK,CAAC,aAAa,CACjB,IAAY,EACZ,KAAa;QAEb,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;QAC/D,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAEzE,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAc,EACjC,IAAI,EACJ,KAAK,EACL,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,YAAa,EAAE,8CAA8C;QAClE,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,SAAU,CAChB,CAAC;QACF,MAAM,aAAa,GAAG,IAAI,gCAAmB,EAAE,CAAC;QAChD,MAAM,IAAA,qBAAW,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACzC,MAAM,IAAI,GAAG,MAAM,IAAA,oBAAO,EAAC,aAAa,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,aAAa,CAAC,CAAC;QAC1D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5B,gCAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3C,uCAAuC;QACvC,MAAM,iBAAiB,GAAG,IAAA,+BAAoB,EAC5C,KAAK,EACL,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;QAEF,IAAI,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACpC,yBAAyB;YACzB,MAAM,CAAC,gBAAgB,CAAC,cAAc,EAAE,GAAG,EAAE;gBAC3C,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;YAC1B,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC;QACD,8GAA8G;QAC9G,IAAA,yCAAyB,EAAC,uCAAwB,CAAC,CAAC;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,0CAA0C;IAC1C,KAAK,CAAC,cAAc;QAClB,MAAM,WAAW,GAAG,MAAM,IAAA,wBAAc,EAAC,IAAI,gCAAmB,EAAE,CAAC,CAAC;QAEpE,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,OAAO;YACL,aAAa,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ;YACrC,OAAO,EAAE,WAAW,CAAC,QAAQ;YAC7B,WAAW,EAAE,WAAW,CAAC,YAAY;YACrC,YAAY,EAAE,WAAW,CAAC,aAAa;YACvC,oBAAoB,EAAE,WAAW,CAAC,uBAAuB;SAC1D,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,uBAAuB;QAC3B,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAChD,IAAI,CAAC,WAAW,EAAE,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;gBACtD,MAAM,sBAAsB,GAAG,EAAE,GAAG,WAAW,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;gBACxE,gDAAgD;gBAChD,OAAO,sBAAsB,CAAC;YAChC,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,YAAY;gBAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAE7D,4DAA4D;YAC5D,MAAM,IAAA,8BAAoB,EACxB;gBACE,YAAY,EAAE,WAAW,CAAC,WAAW;gBACrC,QAAQ,EAAE,WAAW,CAAC,OAAO;gBAC7B,aAAa,EAAE,WAAW,CAAC,YAAY;gBACvC,uBAAuB,EAAE,WAAW,CAAC,oBAAoB;aAC1D,EACD,IAAI,CAAC,SAAU,EACf,IAAI,CAAC,YAAa,EAClB,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;YACF,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;YAC1D,MAAM,sBAAsB,GAAG;gBAC7B,aAAa,EAAE,KAAK;aACrB,CAAC;YACF,MAAM,IAAA,qBAAW,EAAC,IAAI,gCAAmB,EAAE,CAAC,CAAC;YAC7C,OAAO,sBAAsB,CAAC;QAChC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC;IACpC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,MAAmC;QAEnC,MAAM,QAAQ,GAAG,IAAI,4BAA4B,CAAC,MAAM,CAAC,CAAC;QAC1D,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEtB,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AApJD,oEAoJC","sourcesContent":["// Proposals for revised versions of the SessionService AKA AuthSessionService\n\nimport type {\n DisplayMode,\n Endpoints,\n IframeAuthMessage,\n LoginPostMessage,\n OIDCTokenResponseBody,\n SessionData,\n} from \"@/types.js\";\nimport {\n BrowserPublicClientPKCEProducer,\n ConfidentialClientPKCEConsumer,\n} from \"@/services/PKCE.js\";\nimport {\n clearTokens,\n clearUser,\n exchangeTokens,\n generateOauthLoginUrl,\n generateOauthLogoutUrl,\n getEndpointsWithOverrides,\n retrieveTokens,\n storeTokens,\n validateOauth2Tokens,\n} from \"@/shared/lib/util.js\";\nimport { displayModeFromState, generateState } from \"@/lib/oauth.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport type {\n AuthenticationInitiator,\n AuthenticationResolver,\n PKCEConsumer,\n} from \"@/services/types.js\";\nimport { PopupError } from \"@/services/types.js\";\nimport { removeParamsWithoutReload } from \"@/lib/windowUtil.js\";\nimport { DEFAULT_OAUTH_GET_PARAMS } from \"@/constants.js\";\nimport { validateLoginAppPostMessage } from \"@/lib/postMessage.js\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { getIframeRef } from \"@/shared/lib/iframeUtils.js\";\n\nexport type GenericAuthenticationInitiatorConfig = {\n clientId: string;\n redirectUrl: string;\n state: string;\n scopes: string[];\n oauthServer: string;\n nonce?: string;\n // the endpoints to use for the login (if not obtained from the auth server)\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n};\n\nexport type BrowserAuthenticationInitiatorConfig = Omit<\n GenericAuthenticationInitiatorConfig,\n \"state\"\n> & {\n logoutUrl?: string;\n logoutRedirectUrl: string;\n // determines whether to trigger the login/logout in an iframe, a new browser window, or redirect the current one.\n displayMode: DisplayMode;\n};\n\n/**\n * An authentication initiator that works on a browser. Since this is just triggering\n * login and logout, session data is not stored here.\n * An associated AuthenticationResolver would be needed to get the session data.\n * Storage is needed for the code verifier, this is the domain of the PKCEConsumer\n * The storage used by the PKCEConsumer should be available to the AuthenticationResolver.\n *\n * Example usage:\n *\n * 1) Client-only SPA -eg a react app with no server:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side\n * ... other config\n * })\n *\n * 2) Client-side of a client/server app - eg a react app with a backend:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new ConfidentialClientPKCEConsumer(\"https://myserver.com/pkce\"), // get the challenge from the server\n * ... other config\n * })\n */\nexport class BrowserAuthenticationInitiator implements AuthenticationInitiator {\n private postMessageHandler: null | ((event: MessageEvent) => void) = null;\n\n protected config: BrowserAuthenticationInitiatorConfig;\n\n public setDisplayMode(displayMode: DisplayMode) {\n this.config.displayMode = displayMode;\n }\n\n get displayMode() {\n return this.config.displayMode;\n }\n\n get isServerTokenExchange() {\n return this.config.pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n }\n get state() {\n return generateState(this.config.displayMode, this.isServerTokenExchange);\n }\n constructor(config: typeof this.config) {\n this.config = config;\n }\n\n async handleLoginAppPopupFailed(redirectUrl: string) {\n console.warn(\n \"Login app popup failed open a popup, using redirect mode instead...\",\n redirectUrl,\n );\n window.location.href = redirectUrl;\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and then use the display mode to decide how to send the user there\n async signIn(iframeRef: HTMLIFrameElement | null): Promise<URL> {\n const url = await generateOauthLoginUrl({\n ...this.config,\n state: this.state,\n });\n\n this.postMessageHandler = (event: MessageEvent) => {\n const thisURL = new URL(window.location.href);\n if (\n event.origin.endsWith(\"civic.com\") ||\n thisURL.hostname === \"localhost\"\n ) {\n if (!validateLoginAppPostMessage(event.data, this.config.clientId)) {\n return;\n }\n const loginMessage = event.data as LoginPostMessage;\n this.handleLoginAppPopupFailed(loginMessage.data.url);\n }\n };\n\n window.addEventListener(\"message\", this.postMessageHandler);\n\n if (this.config.displayMode === \"iframe\") {\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n }\n\n if (this.config.displayMode === \"redirect\") {\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n // TODO handle the 'onclose' event to clean up and reset the authStatus\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n protected handleIframeUrlChange(\n iframe: HTMLIFrameElement,\n expectedUrl: string,\n ): Promise<void> {\n return new Promise((resolve, reject) => {\n let interval: NodeJS.Timeout | undefined = undefined;\n let timeout: NodeJS.Timeout | undefined = undefined;\n\n const messageHandler = (event: MessageEvent) => {\n if (event.source !== iframe.contentWindow) {\n // This message did not originate from the iframe. Ignore it.\n return;\n }\n\n const message = event.data as IframeAuthMessage;\n\n if (\n message.source === \"civicloginApp\" &&\n (message.type === \"auth_error\" ||\n message.type === \"auth_error_try_again\")\n ) {\n clearInterval(interval);\n clearTimeout(timeout);\n window.removeEventListener(\"message\", messageHandler);\n reject(new Error(message.data.error || \"Authentication failed\"));\n return;\n }\n };\n\n window.addEventListener(\"message\", messageHandler);\n\n // Keep the existing URL check logic for success case\n const checkIframe = () => {\n try {\n const currentUrl = iframe.contentWindow?.location.href;\n if (currentUrl?.includes(expectedUrl)) {\n clearInterval(interval);\n window.removeEventListener(\"message\", messageHandler);\n resolve();\n }\n } catch {\n // Ignore cross-origin errors\n }\n };\n\n interval = setInterval(checkIframe, 100);\n\n // Timeout after 10 seconds\n timeout = setTimeout(() => {\n clearInterval(interval);\n window.removeEventListener(\"message\", messageHandler);\n reject(new Error(\"Timeout waiting for iframe URL change\"));\n }, 10000);\n });\n }\n\n async signOut(\n idToken: string | undefined,\n iframeRef: HTMLIFrameElement | null,\n ): Promise<URL> {\n let url;\n const state = this.state;\n if (this.isServerTokenExchange) {\n if (!this.config.logoutUrl) {\n throw new Error(\"logoutUrl is required for server token exchange\");\n }\n url = new URL(this.config.logoutUrl, window.location.origin);\n url.searchParams.append(\"state\", state);\n } else {\n if (!idToken) {\n throw new Error(\"idToken is required for non-server token exchange\");\n }\n url = await generateOauthLogoutUrl({\n ...this.config,\n idToken,\n state,\n redirectUrl: this.config.logoutRedirectUrl,\n });\n }\n\n if (this.config.displayMode === \"iframe\") {\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n\n try {\n await this.handleIframeUrlChange(ref, this.config.logoutRedirectUrl);\n } catch (error) {\n console.log(\"Failed to sign out\", error);\n // on logout error, trigger the logout-callback directly,\n // if it is a logout from the server, so the the session is cleared\n // and user can still sign out.\n if (this.isServerTokenExchange) {\n url = new URL(this.config.logoutRedirectUrl, window.location.origin);\n url.searchParams.append(\"state\", state);\n url.searchParams.append(\"appUrl\", window.location.origin);\n ref.setAttribute(\"src\", url.toString());\n }\n }\n\n // Clear storage after successful detection\n if (!this.isServerTokenExchange) {\n const localStorage = new LocalStorageAdapter();\n await clearTokens(localStorage);\n await clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n }\n }\n\n if (this.config.displayMode === \"redirect\") {\n const localStorage = new LocalStorageAdapter();\n localStorage.set(\"logout_state\", state);\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n cleanup() {\n if (this.postMessageHandler) {\n window.removeEventListener(\"message\", this.postMessageHandler);\n }\n }\n}\n\n/** A general-purpose authentication initiator, that just generates urls, but lets\n * the caller decide how to use them. This is useful for server-side applications\n * that may serve this URL to their front-ends or just call them directly\n */\nexport class GenericAuthenticationInitiator implements AuthenticationInitiator {\n protected config: GenericAuthenticationInitiatorConfig;\n\n constructor(config: typeof this.config) {\n this.config = config;\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and simply return the url\n async signIn(): Promise<URL> {\n return generateOauthLoginUrl(this.config);\n }\n\n async signOut(idToken: string): Promise<URL> {\n return generateOauthLogoutUrl({\n ...this.config,\n idToken,\n });\n }\n}\n\ntype BrowserAuthenticationConfig = {\n clientId: string;\n redirectUrl: string;\n logoutUrl?: string;\n logoutRedirectUrl: string;\n scopes: string[];\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n displayMode: DisplayMode;\n};\n\n/**\n * An authentication resolver that can run on the browser (i.e. a public client)\n * It uses PKCE for security. PKCE and Session data are stored in local storage\n */\nexport class BrowserAuthenticationService extends BrowserAuthenticationInitiator {\n private oauth2client: OAuth2Client | undefined;\n private endpoints: Endpoints | undefined;\n\n // TODO WIP - perhaps we want to keep resolver and initiator separate here\n constructor(\n config: BrowserAuthenticationConfig,\n // Since we are running fully on the client, we produce as well as consume the PKCE challenge\n protected pkceProducer = new BrowserPublicClientPKCEProducer(),\n ) {\n super({\n ...config,\n // Store and retrieve the PKCE challenge in local storage\n pkceConsumer: pkceProducer,\n });\n }\n\n // TODO too much code duplication here between the browser and the server variant.\n // Suggestion for refactor: Standardise the config for AuthenticationResolvers and create a one-shot\n // function for generating an oauth2client from it\n async init(): Promise<this> {\n // resolve oauth config\n this.endpoints = await getEndpointsWithOverrides(\n this.config.oauthServer,\n this.config.endpointOverrides,\n );\n this.oauth2client = new OAuth2Client(\n this.config.clientId,\n this.endpoints.auth,\n this.endpoints.token,\n {\n redirectURI: this.config.redirectUrl,\n },\n );\n\n return this;\n }\n\n // Two responsibilities:\n // 1. resolve the auth code to get the tokens (should use library code)\n // 2. store the tokens in local storage\n async tokenExchange(\n code: string,\n state: string,\n ): Promise<OIDCTokenResponseBody> {\n if (!this.oauth2client) await this.init();\n const codeVerifier = await this.pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in storage\");\n\n // exchange auth code for tokens\n const tokens = await exchangeTokens(\n code,\n state,\n this.pkceProducer,\n this.oauth2client!, // clean up types here to avoid the ! operator\n this.config.oauthServer,\n this.endpoints!, // clean up types here to avoid the ! operator\n );\n const clientStorage = new LocalStorageAdapter();\n await storeTokens(clientStorage, tokens);\n const user = await getUser(clientStorage);\n if (!user) {\n throw new Error(\"Failed to get user info\");\n }\n const userSession = new GenericUserSession(clientStorage);\n await userSession.set(user);\n LocalStorageAdapter.emitter.emit(\"signIn\");\n // cleanup the browser window if needed\n const parsedDisplayMode = displayModeFromState(\n state,\n this.config.displayMode,\n );\n\n if (parsedDisplayMode === \"new_tab\") {\n // Close the popup window\n window.addEventListener(\"beforeunload\", () => {\n window?.opener?.focus();\n });\n window.close();\n }\n // these are the default oAuth params that get added to the URL in redirect which we want to remove if present\n removeParamsWithoutReload(DEFAULT_OAUTH_GET_PARAMS);\n return tokens;\n }\n\n // Get the session data from local storage\n async getSessionData(): Promise<SessionData | null> {\n const storageData = await retrieveTokens(new LocalStorageAdapter());\n\n if (!storageData) return null;\n\n return {\n authenticated: !!storageData.id_token,\n idToken: storageData.id_token,\n accessToken: storageData.access_token,\n refreshToken: storageData.refresh_token,\n accessTokenExpiresAt: storageData.access_token_expires_at,\n };\n }\n\n async validateExistingSession(): Promise<SessionData> {\n try {\n const sessionData = await this.getSessionData();\n if (!sessionData?.idToken || !sessionData.accessToken) {\n const unAuthenticatedSession = { ...sessionData, authenticated: false };\n // await clearTokens(new LocalStorageAdapter());\n return unAuthenticatedSession;\n }\n if (!this.endpoints || !this.oauth2client) await this.init();\n\n // this function will throw if any of the tokens are invalid\n await validateOauth2Tokens(\n {\n access_token: sessionData.accessToken,\n id_token: sessionData.idToken,\n refresh_token: sessionData.refreshToken,\n access_token_expires_at: sessionData.accessTokenExpiresAt,\n },\n this.endpoints!,\n this.oauth2client!,\n this.config.oauthServer,\n );\n return sessionData;\n } catch (error) {\n console.warn(\"Failed to validate existing tokens\", error);\n const unAuthenticatedSession = {\n authenticated: false,\n };\n await clearTokens(new LocalStorageAdapter());\n return unAuthenticatedSession;\n }\n }\n\n async getEndSessionEndpoint(): Promise<string | null> {\n if (!this.endpoints) {\n return null;\n }\n return this.endpoints?.endsession;\n }\n\n static async build(\n config: BrowserAuthenticationConfig,\n ): Promise<AuthenticationResolver> {\n const resolver = new BrowserAuthenticationService(config);\n await resolver.init();\n\n return resolver;\n }\n}\n"]}
1
+ {"version":3,"file":"AuthenticationService.js","sourceRoot":"","sources":["../../../src/services/AuthenticationService.ts"],"names":[],"mappings":";AAAA,8EAA8E;;;AAW9E,gDAG4B;AAC5B,kDAU8B;AAC9B,6CAAqE;AACrE,wCAA2C;AAC3C,qDAA2D;AAM3D,kDAAiD;AACjD,uDAAgE;AAChE,iDAA0D;AAC1D,yDAAmE;AACnE,wDAAkD;AAClD,gEAAiE;AACjE,gEAA2D;AAyB3D,MAAM,uBAAuB,GAAG,CAAC,KAA4B,EAAE,EAAE;IAC/D,YAAY,CAAC,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AAChE,CAAC,CAAC;AACF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAa,8BAA8B;IAqB9B;IApBH,kBAAkB,GAA2C,IAAI,CAAC;IAEhE,MAAM,CAAuC;IAEhD,cAAc,CAAC,WAAwB;QAC5C,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;IACxC,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;IACjC,CAAC;IAED,IAAI,qBAAqB;QACvB,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,YAAY,wCAA8B,CAAC;IAC5E,CAAC;IACD,IAAI,KAAK;QACP,OAAO,IAAA,wBAAa,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAC5E,CAAC;IACD,YACE,MAA0B,EACjB,mBAAmB,uBAAuB;QAA1C,qBAAgB,GAAhB,gBAAgB,CAA0B;QAEnD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,IAAI,CAAC,kBAAkB,GAAG,CAAC,KAAmB,EAAE,EAAE;YAChD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9C,IACE,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAClC,OAAO,CAAC,QAAQ,KAAK,WAAW,EAChC,CAAC;gBACD,IAAI,CAAC,IAAA,4CAA2B,EAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACnE,OAAO;gBACT,CAAC;gBACD,MAAM,YAAY,GAAG,KAAK,CAAC,IAAwB,CAAC;gBACpD,IAAI,YAAY,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;oBAChD,IAAI,CAAC,yBAAyB,CAC3B,YAAY,CAAC,IAAwB,CAAC,GAAG,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;gBACD,IAAI,YAAY,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACnC,iCAAiC;oBACjC,IAAI,CAAC,0BAA0B,CAC7B,YAAY,CAAC,IAA6B,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,WAAmB;QACjD,OAAO,CAAC,IAAI,CACV,qEAAqE,EACrE,WAAW,CACZ,CAAC;QACF,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,0BAA0B,CAAC,OAA8B;QAC7D,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,uGAAuG;IACvG,qEAAqE;IACrE,KAAK,CAAC,MAAM,CAAC,SAAmC;QAC9C,MAAM,GAAG,GAAG,MAAM,IAAA,+BAAqB,EAAC;YACtC,GAAG,IAAI,CAAC,MAAM;YACd,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,IAAA,6BAAY,EAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,qBAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;gBACD,uEAAuE;YACzE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,qBAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAES,qBAAqB,CAC7B,MAAyB,EACzB,WAAmB;QAEnB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,QAAQ,GAA+B,SAAS,CAAC;YACrD,IAAI,OAAO,GAA+B,SAAS,CAAC;YAEpD,MAAM,cAAc,GAAG,CAAC,KAAmB,EAAE,EAAE;gBAC7C,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,aAAa,EAAE,CAAC;oBAC1C,6DAA6D;oBAC7D,OAAO;gBACT,CAAC;gBAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAyB,CAAC;gBAEhD,IACE,OAAO,CAAC,MAAM,KAAK,eAAe;oBAClC,CAAC,OAAO,CAAC,IAAI,KAAK,YAAY;wBAC5B,OAAO,CAAC,IAAI,KAAK,sBAAsB,CAAC,EAC1C,CAAC;oBACD,aAAa,CAAC,QAAQ,CAAC,CAAC;oBACxB,YAAY,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;oBACtD,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC,CAAC;oBACjE,OAAO;gBACT,CAAC;YACH,CAAC,CAAC;YAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YAEnD,qDAAqD;YACrD,MAAM,WAAW,GAAG,GAAG,EAAE;gBACvB,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC;oBACvD,IAAI,UAAU,EAAE,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;wBACtC,aAAa,CAAC,QAAQ,CAAC,CAAC;wBACxB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;wBACtD,OAAO,EAAE,CAAC;oBACZ,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,6BAA6B;gBAC/B,CAAC;YACH,CAAC,CAAC;YAEF,QAAQ,GAAG,WAAW,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAEzC,2BAA2B;YAC3B,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;gBACxB,aAAa,CAAC,QAAQ,CAAC,CAAC;gBACxB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;gBACtD,MAAM,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;YAC7D,CAAC,EAAE,KAAK,CAAC,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CACX,OAA2B,EAC3B,SAAmC;QAEnC,IAAI,GAAG,CAAC;QACR,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBAC3B,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,CAAC;YACD,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7D,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YACD,GAAG,GAAG,MAAM,IAAA,gCAAsB,EAAC;gBACjC,GAAG,IAAI,CAAC,MAAM;gBACd,OAAO;gBACP,KAAK;gBACL,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aAC3C,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,IAAA,6BAAY,EAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YAExC,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;YACvE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;gBACzC,yDAAyD;gBACzD,mEAAmE;gBACnE,+BAA+B;gBAC/B,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;oBAC/B,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACrE,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;oBACxC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBAC1D,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,2CAA2C;YAC3C,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAChC,MAAM,YAAY,GAAG,IAAI,gCAAmB,EAAE,CAAC;gBAC/C,MAAM,IAAA,qBAAW,EAAC,YAAY,CAAC,CAAC;gBAChC,MAAM,IAAA,mBAAS,EAAC,YAAY,CAAC,CAAC;gBAC9B,gCAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,MAAM,YAAY,GAAG,IAAI,gCAAmB,EAAE,CAAC;YAC/C,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;YACxC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,qBAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,qBAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,OAAO;QACL,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;CACF;AA7OD,wEA6OC;AAED;;;GAGG;AACH,MAAa,8BAA8B;IAC/B,MAAM,CAAuC;IAEvD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,uGAAuG;IACvG,4BAA4B;IAC5B,KAAK,CAAC,MAAM;QACV,OAAO,IAAA,+BAAqB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,OAAe;QAC3B,OAAO,IAAA,gCAAsB,EAAC;YAC5B,GAAG,IAAI,CAAC,MAAM;YACd,OAAO;SACR,CAAC,CAAC;IACL,CAAC;CACF;AAnBD,wEAmBC;AAaD;;;GAGG;AACH,MAAa,4BAA6B,SAAQ,8BAA8B;IAQlE;IAPJ,YAAY,CAA2B;IACvC,SAAS,CAAwB;IAEzC,0EAA0E;IAC1E,YACE,MAAmC;IACnC,6FAA6F;IACnF,eAAe,IAAI,yCAA+B,EAAE;QAE9D,KAAK,CAAC;YACJ,GAAG,MAAM;YACT,yDAAyD;YACzD,YAAY,EAAE,YAAY;SAC3B,CAAC,CAAC;QANO,iBAAY,GAAZ,YAAY,CAAwC;IAOhE,CAAC;IAED,kFAAkF;IAClF,oGAAoG;IACpG,kDAAkD;IAClD,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,IAAA,mCAAyB,EAC9C,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,qBAAY,CAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,wBAAwB;IACxB,uEAAuE;IACvE,uCAAuC;IACvC,KAAK,CAAC,aAAa,CACjB,IAAY,EACZ,KAAa;QAEb,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;QAC/D,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAEzE,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAc,EACjC,IAAI,EACJ,KAAK,EACL,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,YAAa,EAAE,8CAA8C;QAClE,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,SAAU,CAChB,CAAC;QACF,MAAM,aAAa,GAAG,IAAI,gCAAmB,EAAE,CAAC;QAChD,MAAM,IAAA,qBAAW,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACzC,MAAM,IAAI,GAAG,MAAM,IAAA,oBAAO,EAAC,aAAa,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,aAAa,CAAC,CAAC;QAC1D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5B,gCAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3C,uCAAuC;QACvC,MAAM,iBAAiB,GAAG,IAAA,+BAAoB,EAC5C,KAAK,EACL,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;QAEF,IAAI,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACpC,yBAAyB;YACzB,MAAM,CAAC,gBAAgB,CAAC,cAAc,EAAE,GAAG,EAAE;gBAC3C,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;YAC1B,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC;QACD,8GAA8G;QAC9G,IAAA,yCAAyB,EAAC,uCAAwB,CAAC,CAAC;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,0CAA0C;IAC1C,KAAK,CAAC,cAAc;QAClB,MAAM,WAAW,GAAG,MAAM,IAAA,wBAAc,EAAC,IAAI,gCAAmB,EAAE,CAAC,CAAC;QAEpE,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,OAAO;YACL,aAAa,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ;YACrC,OAAO,EAAE,WAAW,CAAC,QAAQ;YAC7B,WAAW,EAAE,WAAW,CAAC,YAAY;YACrC,YAAY,EAAE,WAAW,CAAC,aAAa;YACvC,oBAAoB,EAAE,WAAW,CAAC,uBAAuB;SAC1D,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,uBAAuB;QAC3B,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAChD,IAAI,CAAC,WAAW,EAAE,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;gBACtD,MAAM,sBAAsB,GAAG,EAAE,GAAG,WAAW,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;gBACxE,gDAAgD;gBAChD,OAAO,sBAAsB,CAAC;YAChC,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,YAAY;gBAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAE7D,4DAA4D;YAC5D,MAAM,IAAA,8BAAoB,EACxB;gBACE,YAAY,EAAE,WAAW,CAAC,WAAW;gBACrC,QAAQ,EAAE,WAAW,CAAC,OAAO;gBAC7B,aAAa,EAAE,WAAW,CAAC,YAAY;gBACvC,uBAAuB,EAAE,WAAW,CAAC,oBAAoB;aAC1D,EACD,IAAI,CAAC,SAAU,EACf,IAAI,CAAC,YAAa,EAClB,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;YACF,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;YAC1D,MAAM,sBAAsB,GAAG;gBAC7B,aAAa,EAAE,KAAK;aACrB,CAAC;YACF,MAAM,IAAA,qBAAW,EAAC,IAAI,gCAAmB,EAAE,CAAC,CAAC;YAC7C,OAAO,sBAAsB,CAAC;QAChC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC;IACpC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,MAAmC;QAEnC,MAAM,QAAQ,GAAG,IAAI,4BAA4B,CAAC,MAAM,CAAC,CAAC;QAC1D,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEtB,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AApJD,oEAoJC","sourcesContent":["// Proposals for revised versions of the SessionService AKA AuthSessionService\n\nimport type {\n DisplayMode,\n Endpoints,\n IframeAuthMessage,\n LoginAppDesignOptions,\n LoginPostMessage,\n OIDCTokenResponseBody,\n SessionData,\n} from \"@/types.js\";\nimport {\n BrowserPublicClientPKCEProducer,\n ConfidentialClientPKCEConsumer,\n} from \"@/services/PKCE.js\";\nimport {\n clearTokens,\n clearUser,\n exchangeTokens,\n generateOauthLoginUrl,\n generateOauthLogoutUrl,\n getEndpointsWithOverrides,\n retrieveTokens,\n storeTokens,\n validateOauth2Tokens,\n} from \"@/shared/lib/util.js\";\nimport { displayModeFromState, generateState } from \"@/lib/oauth.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport type {\n AuthenticationInitiator,\n AuthenticationResolver,\n PKCEConsumer,\n} from \"@/services/types.js\";\nimport { PopupError } from \"@/services/types.js\";\nimport { removeParamsWithoutReload } from \"@/lib/windowUtil.js\";\nimport { DEFAULT_OAUTH_GET_PARAMS } from \"@/constants.js\";\nimport { validateLoginAppPostMessage } from \"@/lib/postMessage.js\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { getIframeRef } from \"@/shared/lib/iframeUtils.js\";\n\nexport type GenericAuthenticationInitiatorConfig = {\n clientId: string;\n redirectUrl: string;\n state: string;\n scopes: string[];\n oauthServer: string;\n nonce?: string;\n // the endpoints to use for the login (if not obtained from the auth server)\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n};\n\nexport type BrowserAuthenticationInitiatorConfig = Omit<\n GenericAuthenticationInitiatorConfig,\n \"state\"\n> & {\n logoutUrl?: string;\n logoutRedirectUrl: string;\n // determines whether to trigger the login/logout in an iframe, a new browser window, or redirect the current one.\n displayMode: DisplayMode;\n};\n\nconst defaultSetDesignOptions = (value: LoginAppDesignOptions) => {\n localStorage.setItem(\"loginAppDesign\", JSON.stringify(value));\n};\n/**\n * An authentication initiator that works on a browser. Since this is just triggering\n * login and logout, session data is not stored here.\n * An associated AuthenticationResolver would be needed to get the session data.\n * Storage is needed for the code verifier, this is the domain of the PKCEConsumer\n * The storage used by the PKCEConsumer should be available to the AuthenticationResolver.\n *\n * Example usage:\n *\n * 1) Client-only SPA -eg a react app with no server:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side\n * ... other config\n * })\n *\n * 2) Client-side of a client/server app - eg a react app with a backend:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new ConfidentialClientPKCEConsumer(\"https://myserver.com/pkce\"), // get the challenge from the server\n * ... other config\n * })\n */\nexport class BrowserAuthenticationInitiator implements AuthenticationInitiator {\n private postMessageHandler: null | ((event: MessageEvent) => void) = null;\n\n protected config: BrowserAuthenticationInitiatorConfig;\n\n public setDisplayMode(displayMode: DisplayMode) {\n this.config.displayMode = displayMode;\n }\n\n get displayMode() {\n return this.config.displayMode;\n }\n\n get isServerTokenExchange() {\n return this.config.pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n }\n get state() {\n return generateState(this.config.displayMode, this.isServerTokenExchange);\n }\n constructor(\n config: typeof this.config,\n readonly setDesignOptions = defaultSetDesignOptions,\n ) {\n this.config = config;\n\n this.postMessageHandler = (event: MessageEvent) => {\n const thisURL = new URL(window.location.href);\n if (\n event.origin.endsWith(\"civic.com\") ||\n thisURL.hostname === \"localhost\"\n ) {\n if (!validateLoginAppPostMessage(event.data, this.config.clientId)) {\n return;\n }\n const loginMessage = event.data as LoginPostMessage;\n if (loginMessage.type === \"generatePopupFailed\") {\n this.handleLoginAppPopupFailed(\n (loginMessage.data as { url: string }).url,\n );\n return;\n }\n if (loginMessage.type === \"design\") {\n // TODO handle the design message\n this.handleLoginAppDesignUpdate(\n loginMessage.data as LoginAppDesignOptions,\n );\n return;\n }\n }\n };\n\n window.addEventListener(\"message\", this.postMessageHandler);\n }\n\n async handleLoginAppPopupFailed(redirectUrl: string) {\n console.warn(\n \"Login app popup failed open a popup, using redirect mode instead...\",\n redirectUrl,\n );\n window.location.href = redirectUrl;\n }\n\n async handleLoginAppDesignUpdate(options: LoginAppDesignOptions) {\n this.setDesignOptions(options);\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and then use the display mode to decide how to send the user there\n async signIn(iframeRef: HTMLIFrameElement | null): Promise<URL> {\n const url = await generateOauthLoginUrl({\n ...this.config,\n state: this.state,\n });\n\n if (this.config.displayMode === \"iframe\") {\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n }\n\n if (this.config.displayMode === \"redirect\") {\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n // TODO handle the 'onclose' event to clean up and reset the authStatus\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n protected handleIframeUrlChange(\n iframe: HTMLIFrameElement,\n expectedUrl: string,\n ): Promise<void> {\n return new Promise((resolve, reject) => {\n let interval: NodeJS.Timeout | undefined = undefined;\n let timeout: NodeJS.Timeout | undefined = undefined;\n\n const messageHandler = (event: MessageEvent) => {\n if (event.source !== iframe.contentWindow) {\n // This message did not originate from the iframe. Ignore it.\n return;\n }\n\n const message = event.data as IframeAuthMessage;\n\n if (\n message.source === \"civicloginApp\" &&\n (message.type === \"auth_error\" ||\n message.type === \"auth_error_try_again\")\n ) {\n clearInterval(interval);\n clearTimeout(timeout);\n window.removeEventListener(\"message\", messageHandler);\n reject(new Error(message.data.error || \"Authentication failed\"));\n return;\n }\n };\n\n window.addEventListener(\"message\", messageHandler);\n\n // Keep the existing URL check logic for success case\n const checkIframe = () => {\n try {\n const currentUrl = iframe.contentWindow?.location.href;\n if (currentUrl?.includes(expectedUrl)) {\n clearInterval(interval);\n window.removeEventListener(\"message\", messageHandler);\n resolve();\n }\n } catch {\n // Ignore cross-origin errors\n }\n };\n\n interval = setInterval(checkIframe, 100);\n\n // Timeout after 10 seconds\n timeout = setTimeout(() => {\n clearInterval(interval);\n window.removeEventListener(\"message\", messageHandler);\n reject(new Error(\"Timeout waiting for iframe URL change\"));\n }, 10000);\n });\n }\n\n async signOut(\n idToken: string | undefined,\n iframeRef: HTMLIFrameElement | null,\n ): Promise<URL> {\n let url;\n const state = this.state;\n if (this.isServerTokenExchange) {\n if (!this.config.logoutUrl) {\n throw new Error(\"logoutUrl is required for server token exchange\");\n }\n url = new URL(this.config.logoutUrl, window.location.origin);\n url.searchParams.append(\"state\", state);\n } else {\n if (!idToken) {\n throw new Error(\"idToken is required for non-server token exchange\");\n }\n url = await generateOauthLogoutUrl({\n ...this.config,\n idToken,\n state,\n redirectUrl: this.config.logoutRedirectUrl,\n });\n }\n\n if (this.config.displayMode === \"iframe\") {\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n\n try {\n await this.handleIframeUrlChange(ref, this.config.logoutRedirectUrl);\n } catch (error) {\n console.log(\"Failed to sign out\", error);\n // on logout error, trigger the logout-callback directly,\n // if it is a logout from the server, so the the session is cleared\n // and user can still sign out.\n if (this.isServerTokenExchange) {\n url = new URL(this.config.logoutRedirectUrl, window.location.origin);\n url.searchParams.append(\"state\", state);\n url.searchParams.append(\"appUrl\", window.location.origin);\n ref.setAttribute(\"src\", url.toString());\n }\n }\n\n // Clear storage after successful detection\n if (!this.isServerTokenExchange) {\n const localStorage = new LocalStorageAdapter();\n await clearTokens(localStorage);\n await clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n }\n }\n\n if (this.config.displayMode === \"redirect\") {\n const localStorage = new LocalStorageAdapter();\n localStorage.set(\"logout_state\", state);\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n cleanup() {\n if (this.postMessageHandler) {\n window.removeEventListener(\"message\", this.postMessageHandler);\n }\n }\n}\n\n/** A general-purpose authentication initiator, that just generates urls, but lets\n * the caller decide how to use them. This is useful for server-side applications\n * that may serve this URL to their front-ends or just call them directly\n */\nexport class GenericAuthenticationInitiator implements AuthenticationInitiator {\n protected config: GenericAuthenticationInitiatorConfig;\n\n constructor(config: typeof this.config) {\n this.config = config;\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and simply return the url\n async signIn(): Promise<URL> {\n return generateOauthLoginUrl(this.config);\n }\n\n async signOut(idToken: string): Promise<URL> {\n return generateOauthLogoutUrl({\n ...this.config,\n idToken,\n });\n }\n}\n\ntype BrowserAuthenticationConfig = {\n clientId: string;\n redirectUrl: string;\n logoutUrl?: string;\n logoutRedirectUrl: string;\n scopes: string[];\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n displayMode: DisplayMode;\n};\n\n/**\n * An authentication resolver that can run on the browser (i.e. a public client)\n * It uses PKCE for security. PKCE and Session data are stored in local storage\n */\nexport class BrowserAuthenticationService extends BrowserAuthenticationInitiator {\n private oauth2client: OAuth2Client | undefined;\n private endpoints: Endpoints | undefined;\n\n // TODO WIP - perhaps we want to keep resolver and initiator separate here\n constructor(\n config: BrowserAuthenticationConfig,\n // Since we are running fully on the client, we produce as well as consume the PKCE challenge\n protected pkceProducer = new BrowserPublicClientPKCEProducer(),\n ) {\n super({\n ...config,\n // Store and retrieve the PKCE challenge in local storage\n pkceConsumer: pkceProducer,\n });\n }\n\n // TODO too much code duplication here between the browser and the server variant.\n // Suggestion for refactor: Standardise the config for AuthenticationResolvers and create a one-shot\n // function for generating an oauth2client from it\n async init(): Promise<this> {\n // resolve oauth config\n this.endpoints = await getEndpointsWithOverrides(\n this.config.oauthServer,\n this.config.endpointOverrides,\n );\n this.oauth2client = new OAuth2Client(\n this.config.clientId,\n this.endpoints.auth,\n this.endpoints.token,\n {\n redirectURI: this.config.redirectUrl,\n },\n );\n\n return this;\n }\n\n // Two responsibilities:\n // 1. resolve the auth code to get the tokens (should use library code)\n // 2. store the tokens in local storage\n async tokenExchange(\n code: string,\n state: string,\n ): Promise<OIDCTokenResponseBody> {\n if (!this.oauth2client) await this.init();\n const codeVerifier = await this.pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in storage\");\n\n // exchange auth code for tokens\n const tokens = await exchangeTokens(\n code,\n state,\n this.pkceProducer,\n this.oauth2client!, // clean up types here to avoid the ! operator\n this.config.oauthServer,\n this.endpoints!, // clean up types here to avoid the ! operator\n );\n const clientStorage = new LocalStorageAdapter();\n await storeTokens(clientStorage, tokens);\n const user = await getUser(clientStorage);\n if (!user) {\n throw new Error(\"Failed to get user info\");\n }\n const userSession = new GenericUserSession(clientStorage);\n await userSession.set(user);\n LocalStorageAdapter.emitter.emit(\"signIn\");\n // cleanup the browser window if needed\n const parsedDisplayMode = displayModeFromState(\n state,\n this.config.displayMode,\n );\n\n if (parsedDisplayMode === \"new_tab\") {\n // Close the popup window\n window.addEventListener(\"beforeunload\", () => {\n window?.opener?.focus();\n });\n window.close();\n }\n // these are the default oAuth params that get added to the URL in redirect which we want to remove if present\n removeParamsWithoutReload(DEFAULT_OAUTH_GET_PARAMS);\n return tokens;\n }\n\n // Get the session data from local storage\n async getSessionData(): Promise<SessionData | null> {\n const storageData = await retrieveTokens(new LocalStorageAdapter());\n\n if (!storageData) return null;\n\n return {\n authenticated: !!storageData.id_token,\n idToken: storageData.id_token,\n accessToken: storageData.access_token,\n refreshToken: storageData.refresh_token,\n accessTokenExpiresAt: storageData.access_token_expires_at,\n };\n }\n\n async validateExistingSession(): Promise<SessionData> {\n try {\n const sessionData = await this.getSessionData();\n if (!sessionData?.idToken || !sessionData.accessToken) {\n const unAuthenticatedSession = { ...sessionData, authenticated: false };\n // await clearTokens(new LocalStorageAdapter());\n return unAuthenticatedSession;\n }\n if (!this.endpoints || !this.oauth2client) await this.init();\n\n // this function will throw if any of the tokens are invalid\n await validateOauth2Tokens(\n {\n access_token: sessionData.accessToken,\n id_token: sessionData.idToken,\n refresh_token: sessionData.refreshToken,\n access_token_expires_at: sessionData.accessTokenExpiresAt,\n },\n this.endpoints!,\n this.oauth2client!,\n this.config.oauthServer,\n );\n return sessionData;\n } catch (error) {\n console.warn(\"Failed to validate existing tokens\", error);\n const unAuthenticatedSession = {\n authenticated: false,\n };\n await clearTokens(new LocalStorageAdapter());\n return unAuthenticatedSession;\n }\n }\n\n async getEndSessionEndpoint(): Promise<string | null> {\n if (!this.endpoints) {\n return null;\n }\n return this.endpoints?.endsession;\n }\n\n static async build(\n config: BrowserAuthenticationConfig,\n ): Promise<AuthenticationResolver> {\n const resolver = new BrowserAuthenticationService(config);\n await resolver.init();\n\n return resolver;\n }\n}\n"]}
package/dist/cjs/shared/components/BlockDisplay.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"BlockDisplay.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/BlockDisplay.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAGvC,QAAA,MAAM,YAAY,iBAAkB;IAAE,QAAQ,EAAE,SAAS,CAAA;CAAE,qDAgC1D,CAAC;AACF,OAAO,EAAE,YAAY,EAAE,CAAC"}
1
+ {"version":3,"file":"BlockDisplay.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/BlockDisplay.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAIvC,QAAA,MAAM,YAAY,iBAAkB;IAAE,QAAQ,EAAE,SAAS,CAAA;CAAE,qDAmC1D,CAAC;AACF,OAAO,EAAE,YAAY,EAAE,CAAC"}
package/dist/cjs/shared/components/BlockDisplay.js CHANGED
@@ -2,7 +2,12 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.BlockDisplay = void 0;
4
4
  const jsx_runtime_1 = require("@emotion/react/jsx-runtime");
5
+ const useIframe_js_1 = require("../hooks/useIframe.js");
6
+ const useIsInIframe_js_1 = require("../hooks/useIsInIframe.js");
5
7
  const BlockDisplay = ({ children }) => {
8
+ const isInIframe = (0, useIsInIframe_js_1.useIsInIframe)();
9
+ const { backgroundColor } = (0, useIframe_js_1.useIframe)();
10
+ const useBackgroundColor = isInIframe ? backgroundColor : "white";
6
11
  return ((0, jsx_runtime_1.jsx)("div", { id: "iframe-block-display-wrapper", style: {
7
12
  position: "relative",
8
13
  left: 0,
@@ -13,14 +18,14 @@ const BlockDisplay = ({ children }) => {
13
18
  width: "100vw",
14
19
  alignItems: "center",
15
20
  justifyContent: "center",
16
- backgroundColor: "white",
21
+ backgroundColor: useBackgroundColor,
17
22
  }, children: (0, jsx_runtime_1.jsx)("div", { id: "iframe-block-display", style: {
18
23
  position: "absolute",
19
24
  inset: 0,
20
25
  display: "flex",
21
26
  alignItems: "center",
22
27
  justifyContent: "center",
23
- backgroundColor: "white",
28
+ backgroundColor: useBackgroundColor,
24
29
  }, children: children }) }));
25
30
  };
26
31
  exports.BlockDisplay = BlockDisplay;
package/dist/cjs/shared/components/BlockDisplay.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"BlockDisplay.js","sourceRoot":"","sources":["../../../../src/shared/components/BlockDisplay.tsx"],"names":[],"mappings":";;;;AAGA,MAAM,YAAY,GAAG,CAAC,EAAE,QAAQ,EAA2B,EAAE,EAAE;IAC7D,OAAO,CACL,gCACE,EAAE,EAAC,8BAA8B,EACjC,KAAK,EAAE;YACL,QAAQ,EAAE,UAAU;YACpB,IAAI,EAAE,CAAC;YACP,GAAG,EAAE,CAAC;YACN,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,MAAM;YACf,MAAM,EAAE,OAAO;YACf,KAAK,EAAE,OAAO;YACd,UAAU,EAAE,QAAQ;YACpB,cAAc,EAAE,QAAQ;YACxB,eAAe,EAAE,OAAO;SACzB,YAED,gCACE,EAAE,EAAC,sBAAsB,EACzB,KAAK,EAAE;gBACL,QAAQ,EAAE,UAAU;gBACpB,KAAK,EAAE,CAAC;gBACR,OAAO,EAAE,MAAM;gBACf,UAAU,EAAE,QAAQ;gBACpB,cAAc,EAAE,QAAQ;gBACxB,eAAe,EAAE,OAAO;aACzB,YAEA,QAAQ,GACL,GACF,CACP,CAAC;AACJ,CAAC,CAAC;AACO,oCAAY","sourcesContent":["import type { ReactNode } from \"react\";\nimport React from \"react\";\n\nconst BlockDisplay = ({ children }: { children: ReactNode }) => {\n return (\n <div\n id=\"iframe-block-display-wrapper\"\n style={{\n position: \"relative\",\n left: 0,\n top: 0,\n zIndex: 50,\n display: \"flex\",\n height: \"100vh\",\n width: \"100vw\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor: \"white\",\n }}\n >\n <div\n id=\"iframe-block-display\"\n style={{\n position: \"absolute\",\n inset: 0,\n display: \"flex\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor: \"white\",\n }}\n >\n {children}\n </div>\n </div>\n );\n};\nexport { BlockDisplay };\n"]}
1
+ {"version":3,"file":"BlockDisplay.js","sourceRoot":"","sources":["../../../../src/shared/components/BlockDisplay.tsx"],"names":[],"mappings":";;;;AACA,wDAAkD;AAClD,gEAA0D;AAE1D,MAAM,YAAY,GAAG,CAAC,EAAE,QAAQ,EAA2B,EAAE,EAAE;IAC7D,MAAM,UAAU,GAAG,IAAA,gCAAa,GAAE,CAAC;IACnC,MAAM,EAAE,eAAe,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IACxC,MAAM,kBAAkB,GAAG,UAAU,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC;IAClE,OAAO,CACL,gCACE,EAAE,EAAC,8BAA8B,EACjC,KAAK,EAAE;YACL,QAAQ,EAAE,UAAU;YACpB,IAAI,EAAE,CAAC;YACP,GAAG,EAAE,CAAC;YACN,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,MAAM;YACf,MAAM,EAAE,OAAO;YACf,KAAK,EAAE,OAAO;YACd,UAAU,EAAE,QAAQ;YACpB,cAAc,EAAE,QAAQ;YACxB,eAAe,EAAE,kBAAkB;SACpC,YAED,gCACE,EAAE,EAAC,sBAAsB,EACzB,KAAK,EAAE;gBACL,QAAQ,EAAE,UAAU;gBACpB,KAAK,EAAE,CAAC;gBACR,OAAO,EAAE,MAAM;gBACf,UAAU,EAAE,QAAQ;gBACpB,cAAc,EAAE,QAAQ;gBACxB,eAAe,EAAE,kBAAkB;aACpC,YAEA,QAAQ,GACL,GACF,CACP,CAAC;AACJ,CAAC,CAAC;AACO,oCAAY","sourcesContent":["import type { ReactNode } from \"react\";\nimport { useIframe } from \"../hooks/useIframe.js\";\nimport { useIsInIframe } from \"../hooks/useIsInIframe.js\";\n\nconst BlockDisplay = ({ children }: { children: ReactNode }) => {\n const isInIframe = useIsInIframe();\n const { backgroundColor } = useIframe();\n const useBackgroundColor = isInIframe ? backgroundColor : \"white\";\n return (\n <div\n id=\"iframe-block-display-wrapper\"\n style={{\n position: \"relative\",\n left: 0,\n top: 0,\n zIndex: 50,\n display: \"flex\",\n height: \"100vh\",\n width: \"100vw\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor: useBackgroundColor,\n }}\n >\n <div\n id=\"iframe-block-display\"\n style={{\n position: \"absolute\",\n inset: 0,\n display: \"flex\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor: useBackgroundColor,\n }}\n >\n {children}\n </div>\n </div>\n );\n};\nexport { BlockDisplay };\n"]}
package/dist/cjs/shared/components/CivicAuthIframe.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthIframe.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframe.tsx"],"names":[],"mappings":"AACA,OAAO,KAAqB,MAAM,OAAO,CAAC;AAK1C,KAAK,oBAAoB,GAAG;IAC1B,MAAM,CAAC,EAAE,MAAM,IAAI,CAAC;IACpB,EAAE,EAAE,MAAM,CAAC;CACZ,CAAC;AAIF,QAAA,MAAM,eAAe,gGAyCpB,CAAC;AAIF,YAAY,EAAE,oBAAoB,EAAE,CAAC;AAErC,OAAO,EAAE,eAAe,EAAE,CAAC"}
1
+ {"version":3,"file":"CivicAuthIframe.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframe.tsx"],"names":[],"mappings":"AACA,OAAO,KAAqB,MAAM,OAAO,CAAC;AAK1C,KAAK,oBAAoB,GAAG;IAC1B,MAAM,CAAC,EAAE,MAAM,IAAI,CAAC;IACpB,EAAE,EAAE,MAAM,CAAC;CACZ,CAAC;AAEF,QAAA,MAAM,eAAe,gGA2CpB,CAAC;AAIF,YAAY,EAAE,oBAAoB,EAAE,CAAC;AAErC,OAAO,EAAE,eAAe,EAAE,CAAC"}
package/dist/cjs/shared/components/CivicAuthIframe.js CHANGED
@@ -43,20 +43,16 @@ const react_1 = __importStar(require("react"));
43
43
  const react_2 = __importDefault(require("@iframe-resizer/react"));
44
44
  const SVGLoading_js_1 = __importDefault(require("./SVGLoading.js"));
45
45
  const useIframe_js_1 = require("../hooks/useIframe.js");
46
- // TODO handle dark/light mode
47
- const darkMode = false; // set dark mode to false
48
46
  const CivicAuthIframe = (0, react_1.forwardRef)(({ onLoad, id }, ref) => {
49
47
  const [isLoaded, setIsLoaded] = react_1.default.useState(false);
50
- const { iframeMode } = (0, useIframe_js_1.useIframe)();
51
- return ((0, jsx_runtime_1.jsxs)("div", { children: [isLoaded ? null : ((0, jsx_runtime_1.jsx)("div", { children: iframeMode !== "embedded" && (0, jsx_runtime_1.jsx)(SVGLoading_js_1.default, {}) })), (0, jsx_runtime_1.jsx)(react_2.default, { inPageLinks: true, license: "1jy4dww5qzv-s54r73oxcn-v59f4kfgfz", id: id, forwardRef: ref, "data-testid": "civic-auth-iframe-with-resizer", style: {
48
+ const { iframeMode, backgroundColor } = (0, useIframe_js_1.useIframe)();
49
+ return ((0, jsx_runtime_1.jsxs)("div", { children: [isLoaded ? null : ((0, jsx_runtime_1.jsx)("span", { "data-testid": "iframe-shimmer-loader", children: iframeMode !== "embedded" && ((0, jsx_runtime_1.jsx)(SVGLoading_js_1.default, { backgroundColor: backgroundColor })) })), (0, jsx_runtime_1.jsx)(react_2.default, { inPageLinks: true, license: "1jy4dww5qzv-s54r73oxcn-v59f4kfgfz", id: id, forwardRef: ref, "data-testid": "civic-auth-iframe-with-resizer", style: {
52
50
  // we don't want the letterbox effect in embedded mode
53
51
  height: iframeMode !== "embedded" ? "26px" : "24rem",
54
52
  width: "100%",
55
53
  border: "none",
56
54
  minWidth: "100%",
57
- backgroundColor: darkMode
58
- ? "rgb(30, 41, 59)"
59
- : "rgb(255, 255, 255)", // switch background color based on dark mode
55
+ backgroundColor,
60
56
  transition: "height 0.25s ease",
61
57
  pointerEvents: "auto",
62
58
  borderRadius: "24px",
package/dist/cjs/shared/components/CivicAuthIframe.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthIframe.js","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframe.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb,+CAA0C;AAC1C,kEAAkD;AAClD,oEAAyC;AACzC,wDAAkD;AAOlD,8BAA8B;AAC9B,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,yBAAyB;AACjD,MAAM,eAAe,GAAG,IAAA,kBAAU,EAChC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE;IACtB,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,eAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACtD,MAAM,EAAE,UAAU,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IACnC,OAAO,CACL,4CACG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CACjB,0CAAM,UAAU,KAAK,UAAU,IAAI,uBAAC,uBAAU,KAAG,GAAO,CACzD,EACD,uBAAC,eAAa,IACZ,WAAW,QACX,OAAO,EAAC,mCAAmC,EAC3C,EAAE,EAAE,EAAE,EACN,UAAU,EAAE,GAAG,iBACF,gCAAgC,EAC7C,KAAK,EAAE;oBACL,sDAAsD;oBACtD,MAAM,EAAE,UAAU,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO;oBACpD,KAAK,EAAE,MAAM;oBACb,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,MAAM;oBAChB,eAAe,EAAE,QAAQ;wBACvB,CAAC,CAAC,iBAAiB;wBACnB,CAAC,CAAC,oBAAoB,EAAE,6CAA6C;oBACvE,UAAU,EAAE,mBAAmB;oBAC/B,aAAa,EAAE,MAAM;oBACrB,YAAY,EAAE,MAAM;iBACrB,EACD,WAAW,EAAE,KAAK,EAClB,MAAM,EAAE,GAAG,EAAE;oBACX,WAAW,CAAC,IAAI,CAAC,CAAC;oBAClB,MAAM,EAAE,EAAE,CAAC;gBACb,CAAC,EACD,KAAK,EAAC,0BAA0B,EAChC,eAAe,QACf,SAAS,EAAC,UAAU,EACpB,cAAc,EAAE,CAAC,GACjB,IACE,CACP,CAAC;AACJ,CAAC,CACF,CAAC;AAMO,0CAAe;AAJxB,eAAe,CAAC,WAAW,GAAG,iBAAiB,CAAC","sourcesContent":["\"use client\";\nimport React, { forwardRef } from \"react\";\nimport IframeResizer from \"@iframe-resizer/react\";\nimport SVGLoading from \"./SVGLoading.js\";\nimport { useIframe } from \"../hooks/useIframe.js\";\n\ntype CivicAuthIframeProps = {\n onLoad?: () => void;\n id: string;\n};\n\n// TODO handle dark/light mode\nconst darkMode = false; // set dark mode to false\nconst CivicAuthIframe = forwardRef<HTMLIFrameElement, CivicAuthIframeProps>(\n ({ onLoad, id }, ref) => {\n const [isLoaded, setIsLoaded] = React.useState(false);\n const { iframeMode } = useIframe();\n return (\n <div>\n {isLoaded ? null : (\n <div>{iframeMode !== \"embedded\" && <SVGLoading />}</div>\n )}\n <IframeResizer\n inPageLinks\n license=\"1jy4dww5qzv-s54r73oxcn-v59f4kfgfz\"\n id={id}\n forwardRef={ref}\n data-testid={\"civic-auth-iframe-with-resizer\"}\n style={{\n // we don't want the letterbox effect in embedded mode\n height: iframeMode !== \"embedded\" ? \"26px\" : \"24rem\",\n width: \"100%\",\n border: \"none\",\n minWidth: \"100%\",\n backgroundColor: darkMode\n ? \"rgb(30, 41, 59)\"\n : \"rgb(255, 255, 255)\", // switch background color based on dark mode\n transition: \"height 0.25s ease\",\n pointerEvents: \"auto\",\n borderRadius: \"24px\",\n }}\n checkOrigin={false}\n onLoad={() => {\n setIsLoaded(true);\n onLoad?.();\n }}\n allow=\"camera; screen-wake-lock\"\n allowFullScreen\n direction=\"vertical\"\n warningTimeout={0}\n />\n </div>\n );\n },\n);\n\nCivicAuthIframe.displayName = \"CivicAuthIframe\";\n\nexport type { CivicAuthIframeProps };\n\nexport { CivicAuthIframe };\n"]}
1
+ {"version":3,"file":"CivicAuthIframe.js","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframe.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb,+CAA0C;AAC1C,kEAAkD;AAClD,oEAAyC;AACzC,wDAAkD;AAOlD,MAAM,eAAe,GAAG,IAAA,kBAAU,EAChC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE;IACtB,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,eAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACtD,MAAM,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IACpD,OAAO,CACL,4CACG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CACjB,gDAAkB,uBAAuB,YACtC,UAAU,KAAK,UAAU,IAAI,CAC5B,uBAAC,uBAAU,IAAC,eAAe,EAAE,eAAe,GAAI,CACjD,GACI,CACR,EACD,uBAAC,eAAa,IACZ,WAAW,QACX,OAAO,EAAC,mCAAmC,EAC3C,EAAE,EAAE,EAAE,EACN,UAAU,EAAE,GAAG,iBACF,gCAAgC,EAC7C,KAAK,EAAE;oBACL,sDAAsD;oBACtD,MAAM,EAAE,UAAU,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO;oBACpD,KAAK,EAAE,MAAM;oBACb,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,MAAM;oBAChB,eAAe;oBACf,UAAU,EAAE,mBAAmB;oBAC/B,aAAa,EAAE,MAAM;oBACrB,YAAY,EAAE,MAAM;iBACrB,EACD,WAAW,EAAE,KAAK,EAClB,MAAM,EAAE,GAAG,EAAE;oBACX,WAAW,CAAC,IAAI,CAAC,CAAC;oBAClB,MAAM,EAAE,EAAE,CAAC;gBACb,CAAC,EACD,KAAK,EAAC,0BAA0B,EAChC,eAAe,QACf,SAAS,EAAC,UAAU,EACpB,cAAc,EAAE,CAAC,GACjB,IACE,CACP,CAAC;AACJ,CAAC,CACF,CAAC;AAMO,0CAAe;AAJxB,eAAe,CAAC,WAAW,GAAG,iBAAiB,CAAC","sourcesContent":["\"use client\";\nimport React, { forwardRef } from \"react\";\nimport IframeResizer from \"@iframe-resizer/react\";\nimport SVGLoading from \"./SVGLoading.js\";\nimport { useIframe } from \"../hooks/useIframe.js\";\n\ntype CivicAuthIframeProps = {\n onLoad?: () => void;\n id: string;\n};\n\nconst CivicAuthIframe = forwardRef<HTMLIFrameElement, CivicAuthIframeProps>(\n ({ onLoad, id }, ref) => {\n const [isLoaded, setIsLoaded] = React.useState(false);\n const { iframeMode, backgroundColor } = useIframe();\n return (\n <div>\n {isLoaded ? null : (\n <span data-testid=\"iframe-shimmer-loader\">\n {iframeMode !== \"embedded\" && (\n <SVGLoading backgroundColor={backgroundColor} />\n )}\n </span>\n )}\n <IframeResizer\n inPageLinks\n license=\"1jy4dww5qzv-s54r73oxcn-v59f4kfgfz\"\n id={id}\n forwardRef={ref}\n data-testid={\"civic-auth-iframe-with-resizer\"}\n style={{\n // we don't want the letterbox effect in embedded mode\n height: iframeMode !== \"embedded\" ? \"26px\" : \"24rem\",\n width: \"100%\",\n border: \"none\",\n minWidth: \"100%\",\n backgroundColor,\n transition: \"height 0.25s ease\",\n pointerEvents: \"auto\",\n borderRadius: \"24px\",\n }}\n checkOrigin={false}\n onLoad={() => {\n setIsLoaded(true);\n onLoad?.();\n }}\n allow=\"camera; screen-wake-lock\"\n allowFullScreen\n direction=\"vertical\"\n warningTimeout={0}\n />\n </div>\n );\n },\n);\n\nCivicAuthIframe.displayName = \"CivicAuthIframe\";\n\nexport type { CivicAuthIframeProps };\n\nexport { CivicAuthIframe };\n"]}
package/dist/cjs/shared/components/CivicAuthIframeContainer.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthIframeContainer.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframeContainer.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAmD,MAAM,OAAO,CAAC;AAUxE,KAAK,6BAA6B,GAAG;IACnC,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B,CAAC;AAWF,wBAAgB,YAAY,CAAC,EAC3B,QAAQ,EACR,OAAO,EACP,aAAa,GACd,EAAE;IACD,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,aAAa,EAAE,OAAO,CAAC;CACxB,oDAiFA;AAED,QAAA,MAAM,wBAAwB,kCAG3B,6BAA6B,qDA8G/B,CAAC;AAEF,YAAY,EAAE,6BAA6B,EAAE,CAAC;AAE9C,OAAO,EAAE,wBAAwB,EAAE,CAAC"}
1
+ {"version":3,"file":"CivicAuthIframeContainer.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframeContainer.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAmD,MAAM,OAAO,CAAC;AAUxE,KAAK,6BAA6B,GAAG;IACnC,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B,CAAC;AAeF,wBAAgB,YAAY,CAAC,EAC3B,QAAQ,EACR,OAAO,EACP,aAAa,GACd,EAAE;IACD,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,aAAa,EAAE,OAAO,CAAC;CACxB,oDAkFA;AAED,QAAA,MAAM,wBAAwB,kCAG3B,6BAA6B,qDA8G/B,CAAC;AAEF,YAAY,EAAE,6BAA6B,EAAE,CAAC;AAE9C,OAAO,EAAE,wBAAwB,EAAE,CAAC"}
package/dist/cjs/shared/components/CivicAuthIframeContainer.js CHANGED
@@ -14,24 +14,22 @@ const index_js_2 = require("../../shared/hooks/index.js");
14
14
  const index_js_3 = require("../../shared/hooks/index.js");
15
15
  const iframeUtils_js_1 = require("../lib/iframeUtils.js");
16
16
  function NoChrome({ children, }) {
17
- return (0, jsx_runtime_1.jsx)("div", { style: { position: "relative" }, children: children });
17
+ return ((0, jsx_runtime_1.jsx)("div", { "data-testid": "civic-iframe-no-chrome", style: { position: "relative" }, children: children }));
18
18
  }
19
19
  function IframeChrome({ children, onClose, isFrameLoaded, }) {
20
- const { setIframeAborted, iframeMode } = (0, index_js_1.useIframe)();
20
+ const { setIframeAborted, iframeMode, backgroundColor } = (0, index_js_1.useIframe)();
21
21
  const iframeContainerStyleOverrides = iframeMode === "embedded"
22
22
  ? {
23
23
  paddingTop: "1.5rem",
24
- paddingBottom: "1.5rem",
25
24
  borderRadius: "1.5rem",
26
25
  }
27
26
  : {
28
27
  ...(isFrameLoaded
29
28
  ? {
30
29
  paddingTop: "1.5rem",
31
- paddingBottom: "1.5rem",
32
30
  borderRadius: "1.5rem",
33
31
  }
34
- : { borderRadius: "0.5rem" }),
32
+ : { borderRadius: "0.5rem", paddingTop: "0" }),
35
33
  };
36
34
  return ((0, jsx_runtime_1.jsx)("div", { style: {
37
35
  position: "fixed", // Change to fixed to stay in viewport
@@ -48,12 +46,14 @@ function IframeChrome({ children, onClose, isFrameLoaded, }) {
48
46
  }, onClick: () => {
49
47
  setIframeAborted(true);
50
48
  onClose?.();
51
- }, children: (0, jsx_runtime_1.jsxs)("div", { style: {
49
+ }, children: (0, jsx_runtime_1.jsxs)("div", { "data-testid": "iframe-chrome", style: {
52
50
  position: "relative",
53
51
  overflow: "hidden",
54
- backgroundColor: "white",
52
+ backgroundColor,
55
53
  paddingLeft: "0",
56
54
  paddingRight: "0",
55
+ paddingBottom: "0",
56
+ // paddingTop gets added in style overrides
57
57
  ...iframeContainerStyleOverrides,
58
58
  boxShadow: "0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05)",
59
59
  minWidth: "20rem",
@@ -78,7 +78,7 @@ const CivicAuthIframeContainer = ({ onClose, closeOnRedirect = true, }) => {
78
78
  const config = (0, index_js_2.useCivicAuthConfig)();
79
79
  const [tokenExchangeUrl, setTokenExchangeUrl] = (0, react_1.useState)(null);
80
80
  const { doTokenExchange } = (0, index_js_3.useClientTokenExchangeSession)();
81
- const { iframeRef, iframeMode } = (0, index_js_1.useIframe)();
81
+ const { iframeRef, iframeMode, backgroundColor } = (0, index_js_1.useIframe)();
82
82
  (0, react_1.useEffect)(() => {
83
83
  if (tokenExchangeUrl) {
84
84
  doTokenExchange?.(tokenExchangeUrl);
@@ -152,7 +152,7 @@ const CivicAuthIframeContainer = ({ onClose, closeOnRedirect = true, }) => {
152
152
  display: "flex",
153
153
  alignItems: "center",
154
154
  justifyContent: "center",
155
- backgroundColor: "white",
155
+ backgroundColor,
156
156
  borderRadius: "24px",
157
157
  }, children: (0, jsx_runtime_1.jsx)(LoadingIcon_js_1.LoadingIcon, {}) })) : null, (0, jsx_runtime_1.jsx)(CivicAuthIframe_js_1.CivicAuthIframe, { ref: iframeRef, id: "civic-auth-iframe", onLoad: handleIframeLoad })] }));
158
158
  };
package/dist/cjs/shared/components/CivicAuthIframeContainer.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthIframeContainer.js","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframeContainer.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;AA0Bb,oCAyFC;;AAjHD,iCAAwE;AACxE,uEAAiE;AACjE,mEAA6D;AAC7D,+EAAyE;AACzE,sDAAoD;AACpD,iDAA6D;AAC7D,sDAA6D;AAC7D,sDAAwE;AACxE,0DAAqD;AAOrD,SAAS,QAAQ,CAAC,EAChB,QAAQ,GAIT;IACC,OAAO,gCAAK,KAAK,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,YAAG,QAAQ,GAAO,CAAC;AAChE,CAAC;AAED,SAAgB,YAAY,CAAC,EAC3B,QAAQ,EACR,OAAO,EACP,aAAa,GAKd;IACC,MAAM,EAAE,gBAAgB,EAAE,UAAU,EAAE,GAAG,IAAA,oBAAS,GAAE,CAAC;IAErD,MAAM,6BAA6B,GACjC,UAAU,KAAK,UAAU;QACvB,CAAC,CAAC;YACE,UAAU,EAAE,QAAQ;YACpB,aAAa,EAAE,QAAQ;YACvB,YAAY,EAAE,QAAQ;SACvB;QACH,CAAC,CAAC;YACE,GAAG,CAAC,aAAa;gBACf,CAAC,CAAC;oBACE,UAAU,EAAE,QAAQ;oBACpB,aAAa,EAAE,QAAQ;oBACvB,YAAY,EAAE,QAAQ;iBACvB;gBACH,CAAC,CAAC,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC;SAChC,CAAC;IACR,OAAO,CACL,gCACE,KAAK,EAAE;YACL,QAAQ,EAAE,OAAO,EAAE,sCAAsC;YACzD,IAAI,EAAE,CAAC;YACP,GAAG,EAAE,CAAC;YACN,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,MAAM;YACf,MAAM,EAAE,OAAO;YACf,KAAK,EAAE,OAAO;YACd,UAAU,EAAE,QAAQ;YACpB,cAAc,EAAE,QAAQ;YACxB,eAAe,EAAE,uBAAuB,EAAE,mCAAmC;YAC7E,cAAc,EAAE,WAAW,EAAE,2CAA2C;SACzE,EACD,OAAO,EAAE,GAAG,EAAE;YACZ,gBAAgB,CAAC,IAAI,CAAC,CAAC;YACvB,OAAO,EAAE,EAAE,CAAC;QACd,CAAC,YAED,iCACE,KAAK,EAAE;gBACL,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,eAAe,EAAE,OAAO;gBACxB,WAAW,EAAE,GAAG;gBAChB,YAAY,EAAE,GAAG;gBACjB,GAAG,6BAA6B;gBAChC,SAAS,EACP,yEAAyE;gBAC3E,QAAQ,EAAE,OAAO;aAClB,EACD,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,EAAE,aAElC,aAAa,IAAI,CAChB,mCACE,KAAK,EAAE;wBACL,QAAQ,EAAE,UAAU;wBACpB,KAAK,EAAE,MAAM;wBACb,GAAG,EAAE,MAAM;wBACX,OAAO,EAAE,MAAM;wBACf,MAAM,EAAE,SAAS;wBACjB,UAAU,EAAE,QAAQ;wBACpB,cAAc,EAAE,QAAQ;wBACxB,MAAM,EAAE,MAAM;wBACd,eAAe,EAAE,aAAa;wBAC9B,OAAO,EAAE,SAAS;wBAClB,KAAK,EAAE,SAAS;qBACjB,EACD,OAAO,EAAE,GAAG,EAAE;wBACZ,gBAAgB,CAAC,IAAI,CAAC,CAAC;wBACvB,OAAO,EAAE,EAAE,CAAC;oBACd,CAAC,YAED,uBAAC,wBAAS,KAAG,GACN,CACV,EAEA,QAAQ,IACL,GACF,CACP,CAAC;AACJ,CAAC;AAED,MAAM,wBAAwB,GAAG,CAAC,EAChC,OAAO,EACP,eAAe,GAAG,IAAI,GACQ,EAAE,EAAE;IAClC,MAAM,MAAM,GAAG,IAAA,6BAAkB,GAAE,CAAC;IACpC,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IAC9E,MAAM,EAAE,eAAe,EAAE,GAAG,IAAA,wCAA6B,GAAE,CAAC;IAC5D,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,IAAA,oBAAS,GAAE,CAAC;IAE9C,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,gBAAgB,EAAE,CAAC;YACrB,eAAe,EAAE,CAAC,gBAAgB,CAAC,CAAC;QACtC,CAAC;IACH,CAAC,EAAE,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAAC,CAAC;IAExC,MAAM,gBAAgB,GAAG,IAAA,mBAAW,EAAC,GAAG,EAAE;QACxC,IAAI,CAAC,MAAM;YAAE,OAAO;QACpB,IAAI,SAAS,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;YACnC,MAAM,GAAG,GAAG,IAAA,6BAAY,EAAC,SAAS,CAAC,OAAO,CAAE,CAAC;YAC7C,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,IAAI,CAAC;oBACH,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAClD,+EAA+E;oBAC/E,IAAI,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;wBAC7C,MAAM,UAAU,GAAG,GAAG,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;wBAE7D,mFAAmF;wBACnF,kFAAkF;wBAClF,mHAAmH;wBACnH,uJAAuJ;wBACvJ,+EAA+E;wBAC/E,IAAI,UAAU,CAAC,QAAQ,CAAC,0CAA2B,CAAC,EAAE,CAAC;4BACrD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC;4BAC/C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC;4BACnD,KAAK,CACH,GAAG,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,QAAQ,EAAE,WAAW,MAAM,EAAE,CAC9D,CAAC;wBACJ,CAAC;6BAAM,CAAC;4BACN,mFAAmF;4BACnF,qCAAqC;4BACrC,6CAA6C;4BAC7C,mBAAmB,CAAC,SAAS,CAAC,CAAC;wBACjC,CAAC;wBAED,IAAI,eAAe;4BAAE,OAAO,EAAE,EAAE,CAAC;wBACjC,OAAO,IAAI,CAAC,CAAC,iCAAiC;oBAChD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,2CAA2C;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC,CAAC,gCAAgC;IAChD,CAAC,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IAElD,MAAM,UAAU,GAAG,IAAA,cAAM,GAAkB,CAAC;IAE5C,MAAM,YAAY,GAAG,IAAA,mBAAW,EAC9B,CAAC,KAAoB,EAAE,EAAE;QACvB,IAAI,KAAK,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,EAAE,CAAC;QACd,CAAC;IACH,CAAC,EACD,CAAC,OAAO,CAAC,CACV,CAAC;IAEF,gBAAgB;IAChB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;QAEjD,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IAC1E,MAAM,gBAAgB,GAAG,IAAA,mBAAW,EAAC,GAAG,EAAE;QACxC,wBAAwB,CAAC,IAAI,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAEhC,MAAM,YAAY,GAAG,gBAAgB,EAAE,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;QAC1C,IAAI,YAAY,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QACpC,CAAC;IACH,CAAC,EAAE,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC,CAAC;IAEnC,MAAM,gBAAgB,GAAG,UAAU,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC;IAE7E,MAAM,eAAe,GAAG,CAAC,qBAAqB,IAAI,UAAU,KAAK,UAAU,CAAC;IAC5E,OAAO,CACL,wBAAC,gBAAgB,IAAC,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,qBAAqB,aACrE,eAAe,CAAC,CAAC,CAAC,CACjB,gCACE,EAAE,EAAC,iCAAiC,EACpC,KAAK,EAAE;oBACL,QAAQ,EAAE,UAAU;oBACpB,KAAK,EAAE,CAAC;oBACR,OAAO,EAAE,MAAM;oBACf,UAAU,EAAE,QAAQ;oBACpB,cAAc,EAAE,QAAQ;oBACxB,eAAe,EAAE,OAAO;oBACxB,YAAY,EAAE,MAAM;iBACrB,YAED,uBAAC,4BAAW,KAAG,GACX,CACP,CAAC,CAAC,CAAC,IAAI,EACR,uBAAC,oCAAe,IACd,GAAG,EAAE,SAAS,EACd,EAAE,EAAE,mBAAmB,EACvB,MAAM,EAAE,gBAAgB,GACxB,IACe,CACpB,CAAC;AACJ,CAAC,CAAC;AAIO,4DAAwB","sourcesContent":["\"use client\";\n\nimport React, { useCallback, useEffect, useRef, useState } from \"react\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\nimport { CloseIcon } from \"@/shared/components/CloseIcon.js\";\nimport { CivicAuthIframe } from \"@/shared/components/CivicAuthIframe.js\";\nimport { useIframe } from \"@/shared/hooks/index.js\";\nimport { TOKEN_EXCHANGE_TRIGGER_TEXT } from \"@/constants.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/index.js\";\nimport { useClientTokenExchangeSession } from \"@/shared/hooks/index.js\";\nimport { getIframeRef } from \"../lib/iframeUtils.js\";\n\ntype CivicAuthIframeContainerProps = {\n onClose?: () => void;\n closeOnRedirect?: boolean;\n};\n\nfunction NoChrome({\n children,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return <div style={{ position: \"relative\" }}>{children}</div>;\n}\n\nexport function IframeChrome({\n children,\n onClose,\n isFrameLoaded,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n isFrameLoaded: boolean;\n}) {\n const { setIframeAborted, iframeMode } = useIframe();\n\n const iframeContainerStyleOverrides =\n iframeMode === \"embedded\"\n ? {\n paddingTop: \"1.5rem\",\n paddingBottom: \"1.5rem\",\n borderRadius: \"1.5rem\",\n }\n : {\n ...(isFrameLoaded\n ? {\n paddingTop: \"1.5rem\",\n paddingBottom: \"1.5rem\",\n borderRadius: \"1.5rem\",\n }\n : { borderRadius: \"0.5rem\" }),\n };\n return (\n <div\n style={{\n position: \"fixed\", // Change to fixed to stay in viewport\n left: 0,\n top: 0,\n zIndex: 50,\n display: \"flex\",\n height: \"100vh\",\n width: \"100vw\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor: \"rgba(17, 24, 39, 0.5)\", // Semi-transparent dark background\n backdropFilter: \"blur(4px)\", // Optional: adds slight blur to background\n }}\n onClick={() => {\n setIframeAborted(true);\n onClose?.();\n }}\n >\n <div\n style={{\n position: \"relative\",\n overflow: \"hidden\",\n backgroundColor: \"white\",\n paddingLeft: \"0\",\n paddingRight: \"0\",\n ...iframeContainerStyleOverrides,\n boxShadow:\n \"0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05)\",\n minWidth: \"20rem\",\n }}\n onClick={(e) => e.stopPropagation()}\n >\n {isFrameLoaded && (\n <button\n style={{\n position: \"absolute\",\n right: \"1rem\",\n top: \"1rem\",\n display: \"flex\",\n cursor: \"pointer\",\n alignItems: \"center\",\n justifyContent: \"center\",\n border: \"none\",\n backgroundColor: \"transparent\",\n padding: \"0.25rem\",\n color: \"#9ca3af\",\n }}\n onClick={() => {\n setIframeAborted(true);\n onClose?.();\n }}\n >\n <CloseIcon />\n </button>\n )}\n\n {children}\n </div>\n </div>\n );\n}\n\nconst CivicAuthIframeContainer = ({\n onClose,\n closeOnRedirect = true,\n}: CivicAuthIframeContainerProps) => {\n const config = useCivicAuthConfig();\n const [tokenExchangeUrl, setTokenExchangeUrl] = useState<string | null>(null);\n const { doTokenExchange } = useClientTokenExchangeSession();\n const { iframeRef, iframeMode } = useIframe();\n\n useEffect(() => {\n if (tokenExchangeUrl) {\n doTokenExchange?.(tokenExchangeUrl);\n }\n }, [doTokenExchange, tokenExchangeUrl]);\n\n const processIframeUrl = useCallback(() => {\n if (!config) return;\n if (iframeRef && iframeRef.current) {\n const ref = getIframeRef(iframeRef.current)!;\n if (ref.contentWindow) {\n try {\n const iframeUrl = ref.contentWindow.location.href;\n // we know that oauth has finished when the iframe redirects to our redirectUrl\n if (iframeUrl.startsWith(config.redirectUrl)) {\n const iframeBody = ref.contentWindow.document.body.innerHTML;\n\n // If we're doing a server token exchange, we need to call the server a second time\n // using a fetch so that we're on the same domain and cookies can be sent and read\n // The server will use the presence of the code_verifier cookie to determine whether to do a token exchange or not.\n // On the initial (3rd party) redirect from the auth server, the cookie won't be sent, so the server-side callback route will just render a blank page,\n // and we'll do the exchange request from here, which will include the cookies.\n if (iframeBody.includes(TOKEN_EXCHANGE_TRIGGER_TEXT)) {\n const params = new URL(iframeUrl).searchParams;\n const appUrl = globalThis.window?.location?.origin;\n fetch(\n `${config.redirectUrl}?${params.toString()}&appUrl=${appUrl}`,\n );\n } else {\n // if we're doing token-exchange in the client, we can just set the authResponseUrl\n // to be handled by the auth provider\n // iframeRef.current.setAttribute(\"src\", \"\");\n setTokenExchangeUrl(iframeUrl);\n }\n\n if (closeOnRedirect) onClose?.();\n return true; // Successfully processed the URL\n }\n } catch {\n // ignore errors while waiting for redirect\n }\n }\n }\n return false; // Haven't processed the URL yet\n }, [closeOnRedirect, config, iframeRef, onClose]);\n\n const intervalId = useRef<NodeJS.Timeout>();\n\n const handleEscape = useCallback(\n (event: KeyboardEvent) => {\n if (event.key === \"Escape\") {\n onClose?.();\n }\n },\n [onClose],\n );\n\n // handle Escape\n useEffect(() => {\n window.addEventListener(\"keydown\", handleEscape);\n\n return () => window.removeEventListener(\"keydown\", handleEscape);\n });\n\n const [isIframeContentLoaded, setIsIframeContentLoaded] = useState(false);\n const handleIframeLoad = useCallback(() => {\n setIsIframeContentLoaded(true);\n console.log(\"handleIframeLoad\");\n\n const iframeHasUrl = processIframeUrl();\n console.log(\"iframeHasUrl\", iframeHasUrl);\n if (iframeHasUrl && intervalId.current) {\n clearInterval(intervalId.current);\n }\n }, [processIframeUrl, intervalId]);\n\n const WrapperComponent = iframeMode === \"embedded\" ? NoChrome : IframeChrome;\n\n const showLoadingIcon = !isIframeContentLoaded && iframeMode === \"embedded\";\n return (\n <WrapperComponent onClose={onClose} isFrameLoaded={isIframeContentLoaded}>\n {showLoadingIcon ? (\n <div\n id=\"civic-auth-loading-icon-wrapper\"\n style={{\n position: \"absolute\",\n inset: 0,\n display: \"flex\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor: \"white\",\n borderRadius: \"24px\",\n }}\n >\n <LoadingIcon />\n </div>\n ) : null}\n <CivicAuthIframe\n ref={iframeRef}\n id={\"civic-auth-iframe\"}\n onLoad={handleIframeLoad}\n />\n </WrapperComponent>\n );\n};\n\nexport type { CivicAuthIframeContainerProps };\n\nexport { CivicAuthIframeContainer };\n"]}
1
+ {"version":3,"file":"CivicAuthIframeContainer.js","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthIframeContainer.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;AA8Bb,oCA0FC;;AAtHD,iCAAwE;AACxE,uEAAiE;AACjE,mEAA6D;AAC7D,+EAAyE;AACzE,sDAAoD;AACpD,iDAA6D;AAC7D,sDAA6D;AAC7D,sDAAwE;AACxE,0DAAqD;AAOrD,SAAS,QAAQ,CAAC,EAChB,QAAQ,GAIT;IACC,OAAO,CACL,+CAAiB,wBAAwB,EAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,YACtE,QAAQ,GACL,CACP,CAAC;AACJ,CAAC;AAED,SAAgB,YAAY,CAAC,EAC3B,QAAQ,EACR,OAAO,EACP,aAAa,GAKd;IACC,MAAM,EAAE,gBAAgB,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,IAAA,oBAAS,GAAE,CAAC;IAEtE,MAAM,6BAA6B,GACjC,UAAU,KAAK,UAAU;QACvB,CAAC,CAAC;YACE,UAAU,EAAE,QAAQ;YACpB,YAAY,EAAE,QAAQ;SACvB;QACH,CAAC,CAAC;YACE,GAAG,CAAC,aAAa;gBACf,CAAC,CAAC;oBACE,UAAU,EAAE,QAAQ;oBACpB,YAAY,EAAE,QAAQ;iBACvB;gBACH,CAAC,CAAC,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;SACjD,CAAC;IACR,OAAO,CACL,gCACE,KAAK,EAAE;YACL,QAAQ,EAAE,OAAO,EAAE,sCAAsC;YACzD,IAAI,EAAE,CAAC;YACP,GAAG,EAAE,CAAC;YACN,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,MAAM;YACf,MAAM,EAAE,OAAO;YACf,KAAK,EAAE,OAAO;YACd,UAAU,EAAE,QAAQ;YACpB,cAAc,EAAE,QAAQ;YACxB,eAAe,EAAE,uBAAuB,EAAE,mCAAmC;YAC7E,cAAc,EAAE,WAAW,EAAE,2CAA2C;SACzE,EACD,OAAO,EAAE,GAAG,EAAE;YACZ,gBAAgB,CAAC,IAAI,CAAC,CAAC;YACvB,OAAO,EAAE,EAAE,CAAC;QACd,CAAC,YAED,gDACc,eAAe,EAC3B,KAAK,EAAE;gBACL,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,eAAe;gBACf,WAAW,EAAE,GAAG;gBAChB,YAAY,EAAE,GAAG;gBACjB,aAAa,EAAE,GAAG;gBAClB,2CAA2C;gBAC3C,GAAG,6BAA6B;gBAChC,SAAS,EACP,yEAAyE;gBAC3E,QAAQ,EAAE,OAAO;aAClB,EACD,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,EAAE,aAElC,aAAa,IAAI,CAChB,mCACE,KAAK,EAAE;wBACL,QAAQ,EAAE,UAAU;wBACpB,KAAK,EAAE,MAAM;wBACb,GAAG,EAAE,MAAM;wBACX,OAAO,EAAE,MAAM;wBACf,MAAM,EAAE,SAAS;wBACjB,UAAU,EAAE,QAAQ;wBACpB,cAAc,EAAE,QAAQ;wBACxB,MAAM,EAAE,MAAM;wBACd,eAAe,EAAE,aAAa;wBAC9B,OAAO,EAAE,SAAS;wBAClB,KAAK,EAAE,SAAS;qBACjB,EACD,OAAO,EAAE,GAAG,EAAE;wBACZ,gBAAgB,CAAC,IAAI,CAAC,CAAC;wBACvB,OAAO,EAAE,EAAE,CAAC;oBACd,CAAC,YAED,uBAAC,wBAAS,KAAG,GACN,CACV,EAEA,QAAQ,IACL,GACF,CACP,CAAC;AACJ,CAAC;AAED,MAAM,wBAAwB,GAAG,CAAC,EAChC,OAAO,EACP,eAAe,GAAG,IAAI,GACQ,EAAE,EAAE;IAClC,MAAM,MAAM,GAAG,IAAA,6BAAkB,GAAE,CAAC;IACpC,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IAC9E,MAAM,EAAE,eAAe,EAAE,GAAG,IAAA,wCAA6B,GAAE,CAAC;IAC5D,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,IAAA,oBAAS,GAAE,CAAC;IAE/D,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,gBAAgB,EAAE,CAAC;YACrB,eAAe,EAAE,CAAC,gBAAgB,CAAC,CAAC;QACtC,CAAC;IACH,CAAC,EAAE,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAAC,CAAC;IAExC,MAAM,gBAAgB,GAAG,IAAA,mBAAW,EAAC,GAAG,EAAE;QACxC,IAAI,CAAC,MAAM;YAAE,OAAO;QACpB,IAAI,SAAS,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;YACnC,MAAM,GAAG,GAAG,IAAA,6BAAY,EAAC,SAAS,CAAC,OAAO,CAAE,CAAC;YAC7C,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,IAAI,CAAC;oBACH,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAClD,+EAA+E;oBAC/E,IAAI,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;wBAC7C,MAAM,UAAU,GAAG,GAAG,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;wBAE7D,mFAAmF;wBACnF,kFAAkF;wBAClF,mHAAmH;wBACnH,uJAAuJ;wBACvJ,+EAA+E;wBAC/E,IAAI,UAAU,CAAC,QAAQ,CAAC,0CAA2B,CAAC,EAAE,CAAC;4BACrD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC;4BAC/C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC;4BACnD,KAAK,CACH,GAAG,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,QAAQ,EAAE,WAAW,MAAM,EAAE,CAC9D,CAAC;wBACJ,CAAC;6BAAM,CAAC;4BACN,mFAAmF;4BACnF,qCAAqC;4BACrC,6CAA6C;4BAC7C,mBAAmB,CAAC,SAAS,CAAC,CAAC;wBACjC,CAAC;wBAED,IAAI,eAAe;4BAAE,OAAO,EAAE,EAAE,CAAC;wBACjC,OAAO,IAAI,CAAC,CAAC,iCAAiC;oBAChD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,2CAA2C;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC,CAAC,gCAAgC;IAChD,CAAC,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IAElD,MAAM,UAAU,GAAG,IAAA,cAAM,GAAkB,CAAC;IAE5C,MAAM,YAAY,GAAG,IAAA,mBAAW,EAC9B,CAAC,KAAoB,EAAE,EAAE;QACvB,IAAI,KAAK,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,EAAE,CAAC;QACd,CAAC;IACH,CAAC,EACD,CAAC,OAAO,CAAC,CACV,CAAC;IAEF,gBAAgB;IAChB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;QAEjD,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IAC1E,MAAM,gBAAgB,GAAG,IAAA,mBAAW,EAAC,GAAG,EAAE;QACxC,wBAAwB,CAAC,IAAI,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAEhC,MAAM,YAAY,GAAG,gBAAgB,EAAE,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;QAC1C,IAAI,YAAY,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QACpC,CAAC;IACH,CAAC,EAAE,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC,CAAC;IAEnC,MAAM,gBAAgB,GAAG,UAAU,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC;IAE7E,MAAM,eAAe,GAAG,CAAC,qBAAqB,IAAI,UAAU,KAAK,UAAU,CAAC;IAC5E,OAAO,CACL,wBAAC,gBAAgB,IAAC,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,qBAAqB,aACrE,eAAe,CAAC,CAAC,CAAC,CACjB,gCACE,EAAE,EAAC,iCAAiC,EACpC,KAAK,EAAE;oBACL,QAAQ,EAAE,UAAU;oBACpB,KAAK,EAAE,CAAC;oBACR,OAAO,EAAE,MAAM;oBACf,UAAU,EAAE,QAAQ;oBACpB,cAAc,EAAE,QAAQ;oBACxB,eAAe;oBACf,YAAY,EAAE,MAAM;iBACrB,YAED,uBAAC,4BAAW,KAAG,GACX,CACP,CAAC,CAAC,CAAC,IAAI,EACR,uBAAC,oCAAe,IACd,GAAG,EAAE,SAAS,EACd,EAAE,EAAE,mBAAmB,EACvB,MAAM,EAAE,gBAAgB,GACxB,IACe,CACpB,CAAC;AACJ,CAAC,CAAC;AAIO,4DAAwB","sourcesContent":["\"use client\";\n\nimport React, { useCallback, useEffect, useRef, useState } from \"react\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\nimport { CloseIcon } from \"@/shared/components/CloseIcon.js\";\nimport { CivicAuthIframe } from \"@/shared/components/CivicAuthIframe.js\";\nimport { useIframe } from \"@/shared/hooks/index.js\";\nimport { TOKEN_EXCHANGE_TRIGGER_TEXT } from \"@/constants.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/index.js\";\nimport { useClientTokenExchangeSession } from \"@/shared/hooks/index.js\";\nimport { getIframeRef } from \"../lib/iframeUtils.js\";\n\ntype CivicAuthIframeContainerProps = {\n onClose?: () => void;\n closeOnRedirect?: boolean;\n};\n\nfunction NoChrome({\n children,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n}) {\n return (\n <div data-testid=\"civic-iframe-no-chrome\" style={{ position: \"relative\" }}>\n {children}\n </div>\n );\n}\n\nexport function IframeChrome({\n children,\n onClose,\n isFrameLoaded,\n}: {\n children: React.ReactNode;\n onClose?: () => void;\n isFrameLoaded: boolean;\n}) {\n const { setIframeAborted, iframeMode, backgroundColor } = useIframe();\n\n const iframeContainerStyleOverrides =\n iframeMode === \"embedded\"\n ? {\n paddingTop: \"1.5rem\",\n borderRadius: \"1.5rem\",\n }\n : {\n ...(isFrameLoaded\n ? {\n paddingTop: \"1.5rem\",\n borderRadius: \"1.5rem\",\n }\n : { borderRadius: \"0.5rem\", paddingTop: \"0\" }),\n };\n return (\n <div\n style={{\n position: \"fixed\", // Change to fixed to stay in viewport\n left: 0,\n top: 0,\n zIndex: 50,\n display: \"flex\",\n height: \"100vh\",\n width: \"100vw\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor: \"rgba(17, 24, 39, 0.5)\", // Semi-transparent dark background\n backdropFilter: \"blur(4px)\", // Optional: adds slight blur to background\n }}\n onClick={() => {\n setIframeAborted(true);\n onClose?.();\n }}\n >\n <div\n data-testid=\"iframe-chrome\"\n style={{\n position: \"relative\",\n overflow: \"hidden\",\n backgroundColor,\n paddingLeft: \"0\",\n paddingRight: \"0\",\n paddingBottom: \"0\",\n // paddingTop gets added in style overrides\n ...iframeContainerStyleOverrides,\n boxShadow:\n \"0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05)\",\n minWidth: \"20rem\",\n }}\n onClick={(e) => e.stopPropagation()}\n >\n {isFrameLoaded && (\n <button\n style={{\n position: \"absolute\",\n right: \"1rem\",\n top: \"1rem\",\n display: \"flex\",\n cursor: \"pointer\",\n alignItems: \"center\",\n justifyContent: \"center\",\n border: \"none\",\n backgroundColor: \"transparent\",\n padding: \"0.25rem\",\n color: \"#9ca3af\",\n }}\n onClick={() => {\n setIframeAborted(true);\n onClose?.();\n }}\n >\n <CloseIcon />\n </button>\n )}\n\n {children}\n </div>\n </div>\n );\n}\n\nconst CivicAuthIframeContainer = ({\n onClose,\n closeOnRedirect = true,\n}: CivicAuthIframeContainerProps) => {\n const config = useCivicAuthConfig();\n const [tokenExchangeUrl, setTokenExchangeUrl] = useState<string | null>(null);\n const { doTokenExchange } = useClientTokenExchangeSession();\n const { iframeRef, iframeMode, backgroundColor } = useIframe();\n\n useEffect(() => {\n if (tokenExchangeUrl) {\n doTokenExchange?.(tokenExchangeUrl);\n }\n }, [doTokenExchange, tokenExchangeUrl]);\n\n const processIframeUrl = useCallback(() => {\n if (!config) return;\n if (iframeRef && iframeRef.current) {\n const ref = getIframeRef(iframeRef.current)!;\n if (ref.contentWindow) {\n try {\n const iframeUrl = ref.contentWindow.location.href;\n // we know that oauth has finished when the iframe redirects to our redirectUrl\n if (iframeUrl.startsWith(config.redirectUrl)) {\n const iframeBody = ref.contentWindow.document.body.innerHTML;\n\n // If we're doing a server token exchange, we need to call the server a second time\n // using a fetch so that we're on the same domain and cookies can be sent and read\n // The server will use the presence of the code_verifier cookie to determine whether to do a token exchange or not.\n // On the initial (3rd party) redirect from the auth server, the cookie won't be sent, so the server-side callback route will just render a blank page,\n // and we'll do the exchange request from here, which will include the cookies.\n if (iframeBody.includes(TOKEN_EXCHANGE_TRIGGER_TEXT)) {\n const params = new URL(iframeUrl).searchParams;\n const appUrl = globalThis.window?.location?.origin;\n fetch(\n `${config.redirectUrl}?${params.toString()}&appUrl=${appUrl}`,\n );\n } else {\n // if we're doing token-exchange in the client, we can just set the authResponseUrl\n // to be handled by the auth provider\n // iframeRef.current.setAttribute(\"src\", \"\");\n setTokenExchangeUrl(iframeUrl);\n }\n\n if (closeOnRedirect) onClose?.();\n return true; // Successfully processed the URL\n }\n } catch {\n // ignore errors while waiting for redirect\n }\n }\n }\n return false; // Haven't processed the URL yet\n }, [closeOnRedirect, config, iframeRef, onClose]);\n\n const intervalId = useRef<NodeJS.Timeout>();\n\n const handleEscape = useCallback(\n (event: KeyboardEvent) => {\n if (event.key === \"Escape\") {\n onClose?.();\n }\n },\n [onClose],\n );\n\n // handle Escape\n useEffect(() => {\n window.addEventListener(\"keydown\", handleEscape);\n\n return () => window.removeEventListener(\"keydown\", handleEscape);\n });\n\n const [isIframeContentLoaded, setIsIframeContentLoaded] = useState(false);\n const handleIframeLoad = useCallback(() => {\n setIsIframeContentLoaded(true);\n console.log(\"handleIframeLoad\");\n\n const iframeHasUrl = processIframeUrl();\n console.log(\"iframeHasUrl\", iframeHasUrl);\n if (iframeHasUrl && intervalId.current) {\n clearInterval(intervalId.current);\n }\n }, [processIframeUrl, intervalId]);\n\n const WrapperComponent = iframeMode === \"embedded\" ? NoChrome : IframeChrome;\n\n const showLoadingIcon = !isIframeContentLoaded && iframeMode === \"embedded\";\n return (\n <WrapperComponent onClose={onClose} isFrameLoaded={isIframeContentLoaded}>\n {showLoadingIcon ? (\n <div\n id=\"civic-auth-loading-icon-wrapper\"\n style={{\n position: \"absolute\",\n inset: 0,\n display: \"flex\",\n alignItems: \"center\",\n justifyContent: \"center\",\n backgroundColor,\n borderRadius: \"24px\",\n }}\n >\n <LoadingIcon />\n </div>\n ) : null}\n <CivicAuthIframe\n ref={iframeRef}\n id={\"civic-auth-iframe\"}\n onLoad={handleIframeLoad}\n />\n </WrapperComponent>\n );\n};\n\nexport type { CivicAuthIframeContainerProps };\n\nexport { CivicAuthIframeContainer };\n"]}
package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthLogoutIframeContainer.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthLogoutIframeContainer.tsx"],"names":[],"mappings":"AAQA,KAAK,mCAAmC,GAAG;IACzC,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC;AAEF,QAAA,MAAM,8BAA8B,mBAEjC,mCAAmC,qDA2BrC,CAAC;AAEF,OAAO,EAAE,8BAA8B,EAAE,CAAC"}
1
+ {"version":3,"file":"CivicAuthLogoutIframeContainer.d.ts","sourceRoot":"","sources":["../../../../src/shared/components/CivicAuthLogoutIframeContainer.tsx"],"names":[],"mappings":"AAQA,KAAK,mCAAmC,GAAG;IACzC,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC;AAEF,QAAA,MAAM,8BAA8B,mBAEjC,mCAAmC,qDA0BrC,CAAC;AAEF,OAAO,EAAE,8BAA8B,EAAE,CAAC"}
package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.js CHANGED
@@ -15,7 +15,6 @@ const CivicAuthLogoutIframeContainer = ({ isLoading = false, }) => {
15
15
  display: "flex",
16
16
  alignItems: "center",
17
17
  justifyContent: "center",
18
- backgroundColor: "white",
19
18
  }, children: (0, jsx_runtime_1.jsx)(LoadingIcon_js_1.LoadingIcon, {}) })) : null, (0, jsx_runtime_1.jsx)(CivicAuthIframe_js_1.CivicAuthIframe, { ref: logoutIframeRef, id: "civic-auth-logout-iframe", onLoad: () => { } })] }));
20
19
  };
21
20
  exports.CivicAuthLogoutIframeContainer = CivicAuthLogoutIframeContainer;