@civic/auth 0.4.2-beta.1 → 0.4.3-alpha.0

package/dist/cjs/reactjs/hooks/useUser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useUser.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/hooks/useUser.ts"],"names":[],"mappings":"AAEA,OAAO,EAEL,KAAK,eAAe,EACrB,MAAM,oCAAoC,CAAC;AAE5C,QAAA,MAAM,OAAO,GACX,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,+BAC9B,eAAe,CAAC,CAAC,CAQrB,CAAC;AAEF,OAAO,EAAE,OAAO,EAAE,CAAC"}

package/dist/cjs/reactjs/hooks/useUser.js

@@ -0,0 +1,15 @@
+"use strict";
+"use client";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.useUser = void 0;
+const react_1 = require("react");
+const UserProvider_js_1 = require("../../shared/providers/UserProvider.js");
+const useUser = () => {
+    const context = (0, react_1.useContext)(UserProvider_js_1.UserContext);
+    if (!context) {
+        throw new Error("useUser must be used within a UserProvider");
+    }
+    return context;
+};
+exports.useUser = useUser;
+//# sourceMappingURL=useUser.js.map

package/dist/cjs/reactjs/hooks/useUser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useUser.js","sourceRoot":"","sources":["../../../../src/reactjs/hooks/useUser.ts"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;AACb,iCAAmC;AACnC,wEAG4C;AAE5C,MAAM,OAAO,GAAG,GAEQ,EAAE;IACxB,MAAM,OAAO,GAAG,IAAA,kBAAU,EAAC,6BAAW,CAAC,CAAC;IAExC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,OAAO,OAA6B,CAAC;AACvC,CAAC,CAAC;AAEO,0BAAO","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport {\n  UserContext,\n  type UserContextType,\n} from \"@/shared/providers/UserProvider.js\";\n\nconst useUser = <\n  T extends Record<string, unknown> = Record<string, never>,\n>(): UserContextType<T> => {\n  const context = useContext(UserContext);\n\n  if (!context) {\n    throw new Error(\"useUser must be used within a UserProvider\");\n  }\n\n  return context as UserContextType<T>;\n};\n\nexport { useUser };\n"]}

package/dist/cjs/reactjs/index.d.ts

@@ -0,0 +1,6 @@
+export * from "../reactjs/hooks/index.js";
+export { CivicAuthProvider, type CivicAuthProviderProps, } from "../reactjs/providers/index.js";
+export type { AuthContextType, TokenContextType, UserContextType, } from "../reactjs/providers/index.js";
+export { CivicAuthIframeContainer } from "../shared/components/CivicAuthIframeContainer.js";
+export { UserButton, SignInButton, SignOutButton, } from "../reactjs/components/index.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/cjs/reactjs/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/reactjs/index.ts"],"names":[],"mappings":"AAMA,cAAc,0BAA0B,CAAC;AACzC,OAAO,EACL,iBAAiB,EACjB,KAAK,sBAAsB,GAC5B,MAAM,8BAA8B,CAAC;AACtC,YAAY,EACV,eAAe,EACf,gBAAgB,EAChB,eAAe,GAChB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,wBAAwB,EAAE,MAAM,iDAAiD,CAAC;AAC3F,OAAO,EACL,UAAU,EACV,YAAY,EACZ,aAAa,GACd,MAAM,+BAA+B,CAAC"}

package/dist/cjs/reactjs/index.js

@@ -0,0 +1,32 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SignOutButton = exports.SignInButton = exports.UserButton = exports.CivicAuthIframeContainer = exports.CivicAuthProvider = void 0;
+// These are the default exports of the project.
+// They are limited by design to ensure that the public API does not expose any internal implementation details.
+// Do not change this without thinking carefully about the impact on the client-facing public API.
+const index_js_1 = require("../shared/index.js");
+(0, index_js_1.printVersion)();
+__exportStar(require("../reactjs/hooks/index.js"), exports);
+var index_js_2 = require("../reactjs/providers/index.js");
+Object.defineProperty(exports, "CivicAuthProvider", { enumerable: true, get: function () { return index_js_2.CivicAuthProvider; } });
+var CivicAuthIframeContainer_js_1 = require("../shared/components/CivicAuthIframeContainer.js");
+Object.defineProperty(exports, "CivicAuthIframeContainer", { enumerable: true, get: function () { return CivicAuthIframeContainer_js_1.CivicAuthIframeContainer; } });
+var index_js_3 = require("../reactjs/components/index.js");
+Object.defineProperty(exports, "UserButton", { enumerable: true, get: function () { return index_js_3.UserButton; } });
+Object.defineProperty(exports, "SignInButton", { enumerable: true, get: function () { return index_js_3.SignInButton; } });
+Object.defineProperty(exports, "SignOutButton", { enumerable: true, get: function () { return index_js_3.SignOutButton; } });
+//# sourceMappingURL=index.js.map

package/dist/cjs/reactjs/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/reactjs/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,gDAAgD;AAChD,gHAAgH;AAChH,kGAAkG;AAClG,gDAAiD;AACjD,IAAA,uBAAY,GAAE,CAAC;AAEf,2DAAyC;AACzC,yDAGsC;AAFpC,6GAAA,iBAAiB,OAAA;AAQnB,+FAA2F;AAAlF,uIAAA,wBAAwB,OAAA;AACjC,0DAIuC;AAHrC,sGAAA,UAAU,OAAA;AACV,wGAAA,YAAY,OAAA;AACZ,yGAAA,aAAa,OAAA","sourcesContent":["// These are the default exports of the project.\n// They are limited by design to ensure that the public API does not expose any internal implementation details.\n// Do not change this without thinking carefully about the impact on the client-facing public API.\nimport { printVersion } from \"@/shared/index.js\";\nprintVersion();\n\nexport * from \"@/reactjs/hooks/index.js\";\nexport {\n  CivicAuthProvider,\n  type CivicAuthProviderProps,\n} from \"@/reactjs/providers/index.js\";\nexport type {\n  AuthContextType,\n  TokenContextType,\n  UserContextType,\n} from \"@/reactjs/providers/index.js\";\nexport { CivicAuthIframeContainer } from \"@/shared/components/CivicAuthIframeContainer.js\";\nexport {\n  UserButton,\n  SignInButton,\n  SignOutButton,\n} from \"@/reactjs/components/index.js\";\n"]}

package/dist/cjs/reactjs/providers/AuthProvider.d.ts

@@ -0,0 +1,10 @@
+import { type SessionData } from "../../types.js";
+import type { PKCEConsumer } from "../../services/types.js";
+import type { AuthProviderProps } from "../../shared/providers/types.js";
+export type InternalAuthProviderProps = AuthProviderProps & {
+    sessionData?: SessionData;
+    pkceConsumer?: PKCEConsumer;
+};
+declare const AuthProvider: ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode, displayMode, }: InternalAuthProviderProps) => import("@emotion/react/jsx-runtime").JSX.Element;
+export { AuthProvider };
+//# sourceMappingURL=AuthProvider.d.ts.map

package/dist/cjs/reactjs/providers/AuthProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/providers/AuthProvider.tsx"],"names":[],"mappings":"AAGA,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAMxD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAgBrE,MAAM,MAAM,yBAAyB,GAAG,iBAAiB,GAAG;IAC1D,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B,CAAC;AAEF,QAAA,MAAM,YAAY,8EAOf,yBAAyB,qDA8F3B,CAAC;AAEF,OAAO,EAAE,YAAY,EAAE,CAAC"}

package/dist/cjs/reactjs/providers/AuthProvider.js

@@ -0,0 +1,99 @@
+"use strict";
+"use client";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthProvider = void 0;
+const jsx_runtime_1 = require("@emotion/react/jsx-runtime");
+const react_1 = require("react");
+const AuthContext_js_1 = require("../../shared/providers/AuthContext.js");
+const useSignIn_js_1 = require("../../shared/hooks/useSignIn.js");
+const useIframe_js_1 = require("../../shared/hooks/useIframe.js");
+const useCivicAuthConfig_js_1 = require("../../shared/hooks/useCivicAuthConfig.js");
+const useSession_js_1 = require("../../shared/hooks/useSession.js");
+const IFrameAndLoading_js_1 = require("../../shared/components/IFrameAndLoading.js");
+const useIsInIframe_js_1 = require("../../shared/hooks/useIsInIframe.js");
+const useCurrentUrl_js_1 = require("../../shared/hooks/useCurrentUrl.js");
+const useRefresh_js_1 = require("../../shared/hooks/useRefresh.js");
+// Global this object setup
+let globalThisObject;
+if (typeof window !== "undefined") {
+    globalThisObject = window;
+}
+else if (typeof global !== "undefined") {
+    globalThisObject = global;
+}
+else {
+    globalThisObject = Function("return this")();
+}
+globalThisObject.globalThis = globalThisObject;
+const AuthProvider = ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode = "modal", displayMode = "iframe", }) => {
+    const authConfig = (0, useCivicAuthConfig_js_1.useCivicAuthConfig)();
+    const { redirectUrl } = authConfig || {};
+    const { iframeRef } = (0, useIframe_js_1.useIframe)();
+    const currentUrl = (0, useCurrentUrl_js_1.useCurrentUrl)();
+    const { signIn, signOut, authStatus, startSignIn } = (0, useSignIn_js_1.useSignIn)({
+        preSignOut: onSignOut,
+        pkceConsumer,
+        displayMode,
+    });
+    const [localSessionData, setLocalSessionData] = (0, react_1.useState)();
+    const { data: session, error: tokenExchangeError, isLoading: tokenExchangeInProgress, } = (0, useSession_js_1.useSession)();
+    (0, react_1.useEffect)(() => {
+        if (session) {
+            setLocalSessionData(session);
+            if (session.authenticated) {
+                onSignIn?.();
+            }
+        }
+    }, [onSignIn, session]);
+    const isAuthenticated = (0, react_1.useMemo)(() => {
+        return !!localSessionData?.idToken;
+    }, [localSessionData]);
+    (0, react_1.useEffect)(() => {
+        if (redirectUrl &&
+            !isAuthenticated &&
+            iframeRef?.current &&
+            displayMode === "iframe" &&
+            !currentUrl?.includes("code=")) {
+            startSignIn();
+        }
+    }, [
+        currentUrl,
+        iframeMode,
+        redirectUrl,
+        isAuthenticated,
+        iframeRef,
+        displayMode,
+        startSignIn,
+    ]);
+    const isInIframe = (0, useIsInIframe_js_1.useIsInIframe)();
+    // if the SDK loads in an iframe, we show the loading spinner as the iframe
+    // will be waiting to be minimized
+    const isLoading = tokenExchangeInProgress || !authConfig || isInIframe;
+    const { error: refreshError } = (0, useRefresh_js_1.useRefresh)(session);
+    (0, react_1.useEffect)(() => {
+        if (refreshError) {
+            console.error("Error refreshing token, signingOut...", refreshError);
+            signOut();
+        }
+    }, [refreshError, signOut]);
+    const value = (0, react_1.useMemo)(() => ({
+        isLoading,
+        error: tokenExchangeError,
+        signOut,
+        authStatus,
+        isAuthenticated,
+        signIn,
+        displayMode,
+    }), [
+        isLoading,
+        tokenExchangeError,
+        signOut,
+        authStatus,
+        isAuthenticated,
+        signIn,
+        displayMode,
+    ]);
+    return ((0, jsx_runtime_1.jsxs)(AuthContext_js_1.AuthContext.Provider, { value: value, children: [(0, jsx_runtime_1.jsx)(IFrameAndLoading_js_1.IFrameAndLoading, { error: tokenExchangeError, isLoading: isLoading }), children] }));
+};
+exports.AuthProvider = AuthProvider;
+//# sourceMappingURL=AuthProvider.js.map

package/dist/cjs/reactjs/providers/AuthProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthProvider.js","sourceRoot":"","sources":["../../../../src/reactjs/providers/AuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,iCAA4D;AAE5D,sEAAgE;AAEhE,8DAAwD;AACxD,8DAAwD;AACxD,gFAA0E;AAC1E,gEAA0D;AAC1D,iFAA2E;AAE3E,sEAAgE;AAChE,sEAAgE;AAChE,gEAA0D;AAE1D,2BAA2B;AAC3B,IAAI,gBAAgB,CAAC;AACrB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IAClC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IACzC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,CAAC;IACN,gBAAgB,GAAG,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;AAC/C,CAAC;AACD,gBAAgB,CAAC,UAAU,GAAG,gBAAgB,CAAC;AAO/C,MAAM,YAAY,GAAG,CAAC,EACpB,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,YAAY,EACZ,UAAU,GAAG,OAAO,EACpB,WAAW,GAAG,QAAQ,GACI,EAAE,EAAE;IAC9B,MAAM,UAAU,GAAG,IAAA,0CAAkB,GAAE,CAAC;IACxC,MAAM,EAAE,WAAW,EAAE,GAAG,UAAU,IAAI,EAAE,CAAC;IACzC,MAAM,EAAE,SAAS,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IAClC,MAAM,UAAU,GAAG,IAAA,gCAAa,GAAE,CAAC;IACnC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,IAAA,wBAAS,EAAC;QAC7D,UAAU,EAAE,SAAS;QACrB,YAAY;QACZ,WAAW;KACZ,CAAC,CAAC;IAEH,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,GAC3C,IAAA,gBAAQ,GAAsB,CAAC;IAEjC,MAAM,EACJ,IAAI,EAAE,OAAO,EACb,KAAK,EAAE,kBAAkB,EACzB,SAAS,EAAE,uBAAuB,GACnC,GAAG,IAAA,0BAAU,GAAE,CAAC;IAEjB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,CAAC;YACZ,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAC7B,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC1B,QAAQ,EAAE,EAAE,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IAExB,MAAM,eAAe,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE;QACnC,OAAO,CAAC,CAAC,gBAAgB,EAAE,OAAO,CAAC;IACrC,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAEvB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IACE,WAAW;YACX,CAAC,eAAe;YAChB,SAAS,EAAE,OAAO;YAClB,WAAW,KAAK,QAAQ;YACxB,CAAC,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,EAC9B,CAAC;YACD,WAAW,EAAE,CAAC;QAChB,CAAC;IACH,CAAC,EAAE;QACD,UAAU;QACV,UAAU;QACV,WAAW;QACX,eAAe;QACf,SAAS;QACT,WAAW;QACX,WAAW;KACZ,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,IAAA,gCAAa,GAAE,CAAC;IACnC,2EAA2E;IAC3E,kCAAkC;IAClC,MAAM,SAAS,GAAG,uBAAuB,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC;IAEvE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,IAAA,0BAAU,EAAC,OAAO,CAAC,CAAC;IAEpD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,CAAC,KAAK,CAAC,uCAAuC,EAAE,YAAY,CAAC,CAAC;YACrE,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC,EAAE,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;IAE5B,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CAAC,CAAC;QACL,SAAS;QACT,KAAK,EAAE,kBAAkC;QACzC,OAAO;QACP,UAAU;QACV,eAAe;QACf,MAAM;QACN,WAAW;KACZ,CAAC,EACF;QACE,SAAS;QACT,kBAAkB;QAClB,OAAO;QACP,UAAU;QACV,eAAe;QACf,MAAM;QACN,WAAW;KACZ,CACF,CAAC;IAEF,OAAO,CACL,wBAAC,4BAAW,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,aAChC,uBAAC,sCAAgB,IAAC,KAAK,EAAE,kBAAkB,EAAE,SAAS,EAAE,SAAS,GAAI,EACpE,QAAQ,IACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAEO,oCAAY","sourcesContent":["\"use client\";\n\nimport React, { useEffect, useMemo, useState } from \"react\";\nimport { type SessionData } from \"@/types.js\";\nimport { AuthContext } from \"@/shared/providers/AuthContext.js\";\nimport type { PKCEConsumer } from \"@/services/types.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\nimport type { AuthProviderProps } from \"@/shared/providers/types.js\";\nimport { useIsInIframe } from \"@/shared/hooks/useIsInIframe.js\";\nimport { useCurrentUrl } from \"@/shared/hooks/useCurrentUrl.js\";\nimport { useRefresh } from \"@/shared/hooks/useRefresh.js\";\n\n// Global this object setup\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n  globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n  globalThisObject = global;\n} else {\n  globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nexport type InternalAuthProviderProps = AuthProviderProps & {\n  sessionData?: SessionData;\n  pkceConsumer?: PKCEConsumer;\n};\n\nconst AuthProvider = ({\n  children,\n  onSignIn,\n  onSignOut,\n  pkceConsumer,\n  iframeMode = \"modal\",\n  displayMode = \"iframe\",\n}: InternalAuthProviderProps) => {\n  const authConfig = useCivicAuthConfig();\n  const { redirectUrl } = authConfig || {};\n  const { iframeRef } = useIframe();\n  const currentUrl = useCurrentUrl();\n  const { signIn, signOut, authStatus, startSignIn } = useSignIn({\n    preSignOut: onSignOut,\n    pkceConsumer,\n    displayMode,\n  });\n\n  const [localSessionData, setLocalSessionData] =\n    useState<SessionData | null>();\n\n  const {\n    data: session,\n    error: tokenExchangeError,\n    isLoading: tokenExchangeInProgress,\n  } = useSession();\n\n  useEffect(() => {\n    if (session) {\n      setLocalSessionData(session);\n      if (session.authenticated) {\n        onSignIn?.();\n      }\n    }\n  }, [onSignIn, session]);\n\n  const isAuthenticated = useMemo(() => {\n    return !!localSessionData?.idToken;\n  }, [localSessionData]);\n\n  useEffect(() => {\n    if (\n      redirectUrl &&\n      !isAuthenticated &&\n      iframeRef?.current &&\n      displayMode === \"iframe\" &&\n      !currentUrl?.includes(\"code=\")\n    ) {\n      startSignIn();\n    }\n  }, [\n    currentUrl,\n    iframeMode,\n    redirectUrl,\n    isAuthenticated,\n    iframeRef,\n    displayMode,\n    startSignIn,\n  ]);\n\n  const isInIframe = useIsInIframe();\n  // if the SDK loads in an iframe, we show the loading spinner as the iframe\n  // will be waiting to be minimized\n  const isLoading = tokenExchangeInProgress || !authConfig || isInIframe;\n\n  const { error: refreshError } = useRefresh(session);\n\n  useEffect(() => {\n    if (refreshError) {\n      console.error(\"Error refreshing token, signingOut...\", refreshError);\n      signOut();\n    }\n  }, [refreshError, signOut]);\n\n  const value = useMemo(\n    () => ({\n      isLoading,\n      error: tokenExchangeError as Error | null,\n      signOut,\n      authStatus,\n      isAuthenticated,\n      signIn,\n      displayMode,\n    }),\n    [\n      isLoading,\n      tokenExchangeError,\n      signOut,\n      authStatus,\n      isAuthenticated,\n      signIn,\n      displayMode,\n    ],\n  );\n\n  return (\n    <AuthContext.Provider value={value}>\n      <IFrameAndLoading error={tokenExchangeError} isLoading={isLoading} />\n      {children}\n    </AuthContext.Provider>\n  );\n};\n\nexport { AuthProvider };\n"]}

package/dist/cjs/reactjs/providers/CivicAuthProvider.d.ts

@@ -0,0 +1,5 @@
+import type { AuthProviderProps } from "../../shared/providers/types.js";
+type CivicAuthProviderProps = Omit<AuthProviderProps, "pkceConsumer">;
+declare const CivicAuthProvider: ({ children, ...props }: CivicAuthProviderProps) => import("@emotion/react/jsx-runtime").JSX.Element;
+export { CivicAuthProvider, type CivicAuthProviderProps };
+//# sourceMappingURL=CivicAuthProvider.d.ts.map

package/dist/cjs/reactjs/providers/CivicAuthProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CivicAuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/providers/CivicAuthProvider.tsx"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAErE,KAAK,sBAAsB,GAAG,IAAI,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC;AAqCtE,QAAA,MAAM,iBAAiB,2BAA4B,sBAAsB,qDAgBxE,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,KAAK,sBAAsB,EAAE,CAAC"}

package/dist/cjs/reactjs/providers/CivicAuthProvider.js

@@ -0,0 +1,29 @@
+"use strict";
+"use client";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CivicAuthProvider = void 0;
+const jsx_runtime_1 = require("@emotion/react/jsx-runtime");
+const AuthProvider_js_1 = require("../../reactjs/providers/AuthProvider.js");
+const PKCE_js_1 = require("../../services/PKCE.js");
+const UserProvider_js_1 = require("../../shared/providers/UserProvider.js");
+const storage_js_1 = require("../../browser/storage.js");
+const CivicAuthConfigContext_js_1 = require("../../shared/providers/CivicAuthConfigContext.js");
+const IframeProvider_js_1 = require("../../shared/providers/IframeProvider.js");
+const ClientTokenExchangeSessionProvider_js_1 = require("../../reactjs/providers/ClientTokenExchangeSessionProvider.js");
+const SessionProvider_js_1 = require("../../shared/providers/SessionProvider.js");
+const useClientTokenExchangeSession_js_1 = require("../../reactjs/hooks/useClientTokenExchangeSession.js");
+const TokenProvider_js_1 = require("../../shared/providers/TokenProvider.js");
+const useAuth_js_1 = require("../../shared/hooks/useAuth.js");
+const WrapperUserProvider = ({ children }) => {
+    const { signIn, signOut, displayMode, authStatus } = (0, useAuth_js_1.useAuth)();
+    return ((0, jsx_runtime_1.jsx)(UserProvider_js_1.UserProvider, { storage: new storage_js_1.LocalStorageAdapter(), signIn: signIn, signOut: signOut, user: null, authStatus: authStatus, displayMode: displayMode, children: children }));
+};
+const WrapperSessionAuthProvider = ({ children, ...props }) => {
+    const sessionData = (0, useClientTokenExchangeSession_js_1.useClientTokenExchangeSession)();
+    return ((0, jsx_runtime_1.jsx)(SessionProvider_js_1.SessionProvider, { ...sessionData, children: (0, jsx_runtime_1.jsx)(IframeProvider_js_1.IframeProvider, { iframeMode: props.iframeMode, children: (0, jsx_runtime_1.jsx)(AuthProvider_js_1.AuthProvider, { ...props, pkceConsumer: new PKCE_js_1.BrowserPublicClientPKCEProducer(), children: (0, jsx_runtime_1.jsx)(TokenProvider_js_1.TokenProvider, { children: (0, jsx_runtime_1.jsx)(WrapperUserProvider, { children: children }) }) }) }) }));
+};
+const CivicAuthProvider = ({ children, ...props }) => {
+    return ((0, jsx_runtime_1.jsx)(CivicAuthConfigContext_js_1.CivicAuthConfigProvider, { oauthServer: props?.config?.oauthServer, clientId: props?.clientId, redirectUrl: props?.redirectUrl, nonce: props?.nonce, logoutRedirectUrl: props?.logoutRedirectUrl, children: (0, jsx_runtime_1.jsx)(ClientTokenExchangeSessionProvider_js_1.ClientTokenExchangeSessionProvider, { children: (0, jsx_runtime_1.jsx)(WrapperSessionAuthProvider, { ...props, children: children }) }) }));
+};
+exports.CivicAuthProvider = CivicAuthProvider;
+//# sourceMappingURL=CivicAuthProvider.js.map

package/dist/cjs/reactjs/providers/CivicAuthProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CivicAuthProvider.js","sourceRoot":"","sources":["../../../../src/reactjs/providers/CivicAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,yEAAmE;AACnE,gDAAqE;AACrE,wEAAkE;AAClE,qDAA2D;AAC3D,4FAAuF;AACvF,4EAAsE;AACtE,qHAA+G;AAC/G,8EAAwE;AACxE,uGAAiG;AACjG,0EAAoE;AACpE,0DAAoD;AAKpD,MAAM,mBAAmB,GAAG,CAAC,EAAE,QAAQ,EAAiC,EAAE,EAAE;IAC1E,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,GAAG,IAAA,oBAAO,GAAE,CAAC;IAC/D,OAAO,CACL,uBAAC,8BAAY,IACX,OAAO,EAAE,IAAI,gCAAmB,EAAE,EAClC,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,IAAI,EACV,UAAU,EAAE,UAAU,EACtB,WAAW,EAAE,WAAW,YAEvB,QAAQ,GACI,CAChB,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,0BAA0B,GAAG,CAAC,EAClC,QAAQ,EACR,GAAG,KAAK,EACe,EAAE,EAAE;IAC3B,MAAM,WAAW,GAAG,IAAA,gEAA6B,GAAE,CAAC;IACpD,OAAO,CACL,uBAAC,oCAAe,OAAK,WAAW,YAC9B,uBAAC,kCAAc,IAAC,UAAU,EAAE,KAAK,CAAC,UAAU,YAC1C,uBAAC,8BAAY,OACP,KAAK,EACT,YAAY,EAAE,IAAI,yCAA+B,EAAE,YAEnD,uBAAC,gCAAa,cACZ,uBAAC,mBAAmB,cAAE,QAAQ,GAAuB,GACvC,GACH,GACA,GACD,CACnB,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,iBAAiB,GAAG,CAAC,EAAE,QAAQ,EAAE,GAAG,KAAK,EAA0B,EAAE,EAAE;IAC3E,OAAO,CACL,uBAAC,mDAAuB,IACtB,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EACvC,QAAQ,EAAE,KAAK,EAAE,QAAQ,EACzB,WAAW,EAAE,KAAK,EAAE,WAAW,EAC/B,KAAK,EAAE,KAAK,EAAE,KAAK,EACnB,iBAAiB,EAAE,KAAK,EAAE,iBAAiB,YAE3C,uBAAC,0EAAkC,cACjC,uBAAC,0BAA0B,OAAK,KAAK,YAClC,QAAQ,GACkB,GACM,GACb,CAC3B,CAAC;AACJ,CAAC,CAAC;AAEO,8CAAiB","sourcesContent":["\"use client\";\nimport React from \"react\";\nimport { AuthProvider } from \"@/reactjs/providers/AuthProvider.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { UserProvider } from \"@/shared/providers/UserProvider.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { CivicAuthConfigProvider } from \"@/shared/providers/CivicAuthConfigContext.js\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider.js\";\nimport { ClientTokenExchangeSessionProvider } from \"@/reactjs/providers/ClientTokenExchangeSessionProvider.js\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider.js\";\nimport { useClientTokenExchangeSession } from \"@/reactjs/hooks/useClientTokenExchangeSession.js\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider.js\";\nimport { useAuth } from \"@/shared/hooks/useAuth.js\";\nimport type { AuthProviderProps } from \"@/shared/providers/types.js\";\n\ntype CivicAuthProviderProps = Omit<AuthProviderProps, \"pkceConsumer\">;\n\nconst WrapperUserProvider = ({ children }: { children: React.ReactNode }) => {\n  const { signIn, signOut, displayMode, authStatus } = useAuth();\n  return (\n    <UserProvider\n      storage={new LocalStorageAdapter()}\n      signIn={signIn}\n      signOut={signOut}\n      user={null}\n      authStatus={authStatus}\n      displayMode={displayMode}\n    >\n      {children}\n    </UserProvider>\n  );\n};\nconst WrapperSessionAuthProvider = ({\n  children,\n  ...props\n}: CivicAuthProviderProps) => {\n  const sessionData = useClientTokenExchangeSession();\n  return (\n    <SessionProvider {...sessionData}>\n      <IframeProvider iframeMode={props.iframeMode}>\n        <AuthProvider\n          {...props}\n          pkceConsumer={new BrowserPublicClientPKCEProducer()}\n        >\n          <TokenProvider>\n            <WrapperUserProvider>{children}</WrapperUserProvider>\n          </TokenProvider>\n        </AuthProvider>\n      </IframeProvider>\n    </SessionProvider>\n  );\n};\nconst CivicAuthProvider = ({ children, ...props }: CivicAuthProviderProps) => {\n  return (\n    <CivicAuthConfigProvider\n      oauthServer={props?.config?.oauthServer}\n      clientId={props?.clientId}\n      redirectUrl={props?.redirectUrl}\n      nonce={props?.nonce}\n      logoutRedirectUrl={props?.logoutRedirectUrl}\n    >\n      <ClientTokenExchangeSessionProvider>\n        <WrapperSessionAuthProvider {...props}>\n          {children}\n        </WrapperSessionAuthProvider>\n      </ClientTokenExchangeSessionProvider>\n    </CivicAuthConfigProvider>\n  );\n};\n\nexport { CivicAuthProvider, type CivicAuthProviderProps };\n"]}

package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts

@@ -0,0 +1,17 @@
+import type { ReactNode } from "react";
+import React from "react";
+import type { SessionData } from "../../types.js";
+export type ClientTokenExchangeSessionProviderOutput = {
+    data: SessionData | null;
+    error: Error | null;
+    isLoading: boolean;
+    doTokenExchange: null | ((url: string) => Promise<void>);
+};
+declare const ClientTokenExchangeSessionContext: React.Context<ClientTokenExchangeSessionProviderOutput>;
+type ClientTokenExchangeSessionContextType = {
+    children: ReactNode;
+};
+declare const ClientTokenExchangeSessionProvider: ({ children, }: ClientTokenExchangeSessionContextType) => import("@emotion/react/jsx-runtime").JSX.Element;
+export type { ClientTokenExchangeSessionContextType as SessionContextType };
+export { ClientTokenExchangeSessionProvider, ClientTokenExchangeSessionContext, };
+//# sourceMappingURL=ClientTokenExchangeSessionProvider.d.ts.map

package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ClientTokenExchangeSessionProvider.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/providers/ClientTokenExchangeSessionProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAON,MAAM,OAAO,CAAC;AAIf,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAQ9C,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IACzB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,IAAI,GAAG,CAAC,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;CAC1D,CAAC;AAcF,QAAA,MAAM,iCAAiC,yDACkC,CAAC;AAE1E,KAAK,qCAAqC,GAAG;IAC3C,QAAQ,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,QAAA,MAAM,kCAAkC,kBAErC,qCAAqC,qDAmJvC,CAAC;AAEF,YAAY,EAAE,qCAAqC,IAAI,kBAAkB,EAAE,CAAC;AAC5E,OAAO,EACL,kCAAkC,EAClC,iCAAiC,GAClC,CAAC"}

package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js

@@ -0,0 +1,146 @@
+"use strict";
+"use client";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ClientTokenExchangeSessionContext = exports.ClientTokenExchangeSessionProvider = void 0;
+const jsx_runtime_1 = require("@emotion/react/jsx-runtime");
+const react_1 = require("react");
+const AuthenticationService_js_1 = require("../../services/AuthenticationService.js");
+const windowUtil_js_1 = require("../../lib/windowUtil.js");
+const index_js_1 = require("../../shared/hooks/index.js");
+const storage_js_1 = require("../../browser/storage.js");
+const defaultSession = {
+    data: {
+        authenticated: false,
+        idToken: undefined,
+        accessToken: undefined,
+        displayMode: "iframe",
+    },
+    error: null,
+    isLoading: false,
+    doTokenExchange: null,
+};
+// Context for exposing session specifically to the TokenProvider
+const ClientTokenExchangeSessionContext = (0, react_1.createContext)(defaultSession);
+exports.ClientTokenExchangeSessionContext = ClientTokenExchangeSessionContext;
+const ClientTokenExchangeSessionProvider = ({ children, }) => {
+    const authConfig = (0, index_js_1.useCivicAuthConfig)();
+    const [authService, setAuthService] = (0, react_1.useState)();
+    const [error, setError] = (0, react_1.useState)(null);
+    const [isLoading, setIsLoading] = (0, react_1.useState)(false);
+    const [session, setSession] = (0, react_1.useState)(null);
+    const { isWindowFocused } = (0, index_js_1.useWindowFocused)();
+    const currentUrl = (0, index_js_1.useCurrentUrl)();
+    // Add a ref to track processed codes
+    const processedCodes = (0, react_1.useRef)(new Set());
+    (0, react_1.useEffect)(() => {
+        if (!currentUrl || !authConfig)
+            return;
+        const { redirectUrl, clientId, oauthServer, scopes, logoutRedirectUrl, logoutUrl, } = authConfig;
+        AuthenticationService_js_1.BrowserAuthenticationService.build({
+            clientId,
+            redirectUrl,
+            logoutRedirectUrl,
+            logoutUrl,
+            oauthServer,
+            scopes,
+            displayMode: "iframe",
+        }).then(setAuthService);
+    }, [currentUrl, authConfig]);
+    const isInIframe = (0, windowUtil_js_1.isWindowInIframe)(globalThis.window);
+    const doTokenExchange = (0, react_1.useCallback)(async (inUrl) => {
+        if (!authService)
+            return;
+        const url = new URL(inUrl);
+        const code = url.searchParams.get("code");
+        const state = url.searchParams.get("state");
+        // Create a unique key for this code/state combination
+        const exchangeKey = `${code}:${state}`;
+        // If we've already processed this code, skip it
+        if (processedCodes.current.has(exchangeKey)) {
+            console.log("Token exchange already processed for this code");
+            return;
+        }
+        if (code && state) {
+            try {
+                // Mark this code as processed before starting the exchange
+                processedCodes.current.add(exchangeKey);
+                setIsLoading(true);
+                await authService.tokenExchange(code, state);
+            }
+            catch (error) {
+                setError(error);
+                setSession({ authenticated: false });
+            }
+            setIsLoading(false);
+        }
+    }, [authService]);
+    const onSignIn = (0, react_1.useCallback)(async () => {
+        if (!authService)
+            return;
+        const session = await authService.getSessionData();
+        setSession(session);
+    }, [authService]);
+    const onSignOut = (0, react_1.useCallback)(() => {
+        setSession(null);
+    }, []);
+    (0, react_1.useEffect)(() => {
+        storage_js_1.LocalStorageAdapter.emitter.on("signIn", onSignIn);
+        storage_js_1.LocalStorageAdapter.emitter.on("signOut", onSignOut);
+        return () => {
+            storage_js_1.LocalStorageAdapter.emitter.off("signIn", onSignIn);
+            storage_js_1.LocalStorageAdapter.emitter.off("signOut", onSignOut);
+        };
+    }, [onSignIn, onSignOut]);
+    (0, react_1.useEffect)(() => {
+        if (!authConfig) {
+            setIsLoading(true);
+        }
+        else {
+            setIsLoading(false);
+        }
+    }, [authConfig]);
+    // Handle page load or refocus
+    (0, react_1.useEffect)(() => {
+        if (!authConfig || !authService || !currentUrl || isInIframe || isLoading) {
+            return;
+        }
+        const abortController = new AbortController();
+        const onPageLoad = async () => {
+            // if we have existing tokens, then validate them and return the session data
+            // otherwise check if we have a code in the url and exchange it for tokens
+            // if we have neither, return undefined
+            const existingSessionData = await authService.validateExistingSession();
+            if (existingSessionData.authenticated) {
+                setSession(existingSessionData);
+                return;
+            }
+            if (abortController.signal.aborted ||
+                !new URL(currentUrl).searchParams.get("code")) {
+                return;
+            }
+            await doTokenExchange(currentUrl);
+        };
+        onPageLoad();
+        return () => {
+            abortController.abort();
+        };
+    }, [
+        authConfig,
+        authService,
+        currentUrl,
+        doTokenExchange,
+        isInIframe,
+        isLoading,
+        isWindowFocused,
+        session?.authenticated,
+    ]);
+    const value = (0, react_1.useMemo)(() => ({
+        data: session,
+        error,
+        isLoading,
+        doTokenExchange: authService ? doTokenExchange : null,
+    }), [session, error, isLoading, authService, doTokenExchange]);
+    return ((0, jsx_runtime_1.jsx)(ClientTokenExchangeSessionContext.Provider, { value: value, children: children }));
+};
+exports.ClientTokenExchangeSessionProvider = ClientTokenExchangeSessionProvider;
+//# sourceMappingURL=ClientTokenExchangeSessionProvider.js.map

package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ClientTokenExchangeSessionProvider.js","sourceRoot":"","sources":["../../../../src/reactjs/providers/ClientTokenExchangeSessionProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,iCAOe;AACf,kFAAmF;AAEnF,uDAAuD;AAEvD,sDAIiC;AACjC,qDAA2D;AAQ3D,MAAM,cAAc,GAA6C;IAC/D,IAAI,EAAE;QACJ,aAAa,EAAE,KAAK;QACpB,OAAO,EAAE,SAAS;QAClB,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,QAAQ;KACtB;IACD,KAAK,EAAE,IAAI;IACX,SAAS,EAAE,KAAK;IAChB,eAAe,EAAE,IAAI;CACtB,CAAC;AAEF,iEAAiE;AACjE,MAAM,iCAAiC,GACrC,IAAA,qBAAa,EAA2C,cAAc,CAAC,CAAC;AAgKxE,8EAAiC;AA1JnC,MAAM,kCAAkC,GAAG,CAAC,EAC1C,QAAQ,GAC8B,EAAE,EAAE;IAC1C,MAAM,UAAU,GAAG,IAAA,6BAAkB,GAAE,CAAC;IACxC,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,GAA0B,CAAC;IACzE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,IAAA,gBAAQ,EAAe,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IAClD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,IAAA,gBAAQ,EAAqB,IAAI,CAAC,CAAC;IACjE,MAAM,EAAE,eAAe,EAAE,GAAG,IAAA,2BAAgB,GAAE,CAAC;IAC/C,MAAM,UAAU,GAAG,IAAA,wBAAa,GAAE,CAAC;IAEnC,qCAAqC;IACrC,MAAM,cAAc,GAAG,IAAA,cAAM,EAAC,IAAI,GAAG,EAAU,CAAC,CAAC;IAEjD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU;YAAE,OAAO;QAEvC,MAAM,EACJ,WAAW,EACX,QAAQ,EACR,WAAW,EACX,MAAM,EACN,iBAAiB,EACjB,SAAS,GACV,GAAG,UAAU,CAAC;QACf,uDAA4B,CAAC,KAAK,CAAC;YACjC,QAAQ;YACR,WAAW;YACX,iBAAiB;YACjB,SAAS;YACT,WAAW;YACX,MAAM;YACN,WAAW,EAAE,QAAQ;SACtB,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1B,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;IAE7B,MAAM,UAAU,GAAG,IAAA,gCAAgB,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAEvD,MAAM,eAAe,GAAG,IAAA,mBAAW,EACjC,KAAK,EAAE,KAAa,EAAE,EAAE;QACtB,IAAI,CAAC,WAAW;YAAE,OAAO;QACzB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE5C,sDAAsD;QACtD,MAAM,WAAW,GAAG,GAAG,IAAI,IAAI,KAAK,EAAE,CAAC;QAEvC,gDAAgD;QAChD,IAAI,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;YAC9D,OAAO;QACT,CAAC;QAED,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC;YAClB,IAAI,CAAC;gBACH,2DAA2D;gBAC3D,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACxC,YAAY,CAAC,IAAI,CAAC,CAAC;gBACnB,MAAM,WAAW,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,QAAQ,CAAC,KAAc,CAAC,CAAC;gBACzB,UAAU,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC,CAAC;YACvC,CAAC;YACD,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC,EACD,CAAC,WAAW,CAAC,CACd,CAAC;IAEF,MAAM,QAAQ,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACtC,IAAI,CAAC,WAAW;YAAE,OAAO;QACzB,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,cAAc,EAAE,CAAC;QACnD,UAAU,CAAC,OAAO,CAAC,CAAC;IACtB,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAElB,MAAM,SAAS,GAAG,IAAA,mBAAW,EAAC,GAAG,EAAE;QACjC,UAAU,CAAC,IAAI,CAAC,CAAC;IACnB,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,gCAAmB,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACnD,gCAAmB,CAAC,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACrD,OAAO,GAAG,EAAE;YACV,gCAAmB,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YACpD,gCAAmB,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACxD,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC;IAE1B,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,YAAY,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;IACjB,8BAA8B;IAC9B,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,IAAI,CAAC,UAAU,IAAI,UAAU,IAAI,SAAS,EAAE,CAAC;YAC1E,OAAO;QACT,CAAC;QACD,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAC9C,MAAM,UAAU,GAAG,KAAK,IAAI,EAAE;YAC5B,6EAA6E;YAC7E,0EAA0E;YAC1E,uCAAuC;YACvC,MAAM,mBAAmB,GAAG,MAAM,WAAW,CAAC,uBAAuB,EAAE,CAAC;YACxE,IAAI,mBAAmB,CAAC,aAAa,EAAE,CAAC;gBACtC,UAAU,CAAC,mBAAmB,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YACD,IACE,eAAe,CAAC,MAAM,CAAC,OAAO;gBAC9B,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAC7C,CAAC;gBACD,OAAO;YACT,CAAC;YACD,MAAM,eAAe,CAAC,UAAU,CAAC,CAAC;QACpC,CAAC,CAAC;QACF,UAAU,EAAE,CAAC;QACb,OAAO,GAAG,EAAE;YACV,eAAe,CAAC,KAAK,EAAE,CAAC;QAC1B,CAAC,CAAC;IACJ,CAAC,EAAE;QACD,UAAU;QACV,WAAW;QACX,UAAU;QACV,eAAe;QACf,UAAU;QACV,SAAS;QACT,eAAe;QACf,OAAO,EAAE,aAAa;KACvB,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CAAC,CAAC;QACL,IAAI,EAAE,OAAO;QACb,KAAK;QACL,SAAS;QACT,eAAe,EAAE,WAAW,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI;KACtD,CAAC,EACF,CAAC,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAC1D,CAAC;IAEF,OAAO,CACL,uBAAC,iCAAiC,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YACrD,QAAQ,GACkC,CAC9C,CAAC;AACJ,CAAC,CAAC;AAIA,gFAAkC","sourcesContent":["\"use client\";\nimport type { ReactNode } from \"react\";\nimport React, {\n  createContext,\n  useCallback,\n  useEffect,\n  useMemo,\n  useState,\n  useRef,\n} from \"react\";\nimport { BrowserAuthenticationService } from \"@/services/AuthenticationService.js\";\nimport type { AuthenticationResolver } from \"@/services/types.js\";\nimport { isWindowInIframe } from \"@/lib/windowUtil.js\";\nimport type { SessionData } from \"@/types.js\";\nimport {\n  useCurrentUrl,\n  useCivicAuthConfig,\n  useWindowFocused,\n} from \"@/shared/hooks/index.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\n\nexport type ClientTokenExchangeSessionProviderOutput = {\n  data: SessionData | null;\n  error: Error | null;\n  isLoading: boolean;\n  doTokenExchange: null | ((url: string) => Promise<void>);\n};\nconst defaultSession: ClientTokenExchangeSessionProviderOutput = {\n  data: {\n    authenticated: false,\n    idToken: undefined,\n    accessToken: undefined,\n    displayMode: \"iframe\",\n  },\n  error: null,\n  isLoading: false,\n  doTokenExchange: null,\n};\n\n// Context for exposing session specifically to the TokenProvider\nconst ClientTokenExchangeSessionContext =\n  createContext<ClientTokenExchangeSessionProviderOutput>(defaultSession);\n\ntype ClientTokenExchangeSessionContextType = {\n  children: ReactNode;\n};\n\nconst ClientTokenExchangeSessionProvider = ({\n  children,\n}: ClientTokenExchangeSessionContextType) => {\n  const authConfig = useCivicAuthConfig();\n  const [authService, setAuthService] = useState<AuthenticationResolver>();\n  const [error, setError] = useState<Error | null>(null);\n  const [isLoading, setIsLoading] = useState(false);\n  const [session, setSession] = useState<SessionData | null>(null);\n  const { isWindowFocused } = useWindowFocused();\n  const currentUrl = useCurrentUrl();\n\n  // Add a ref to track processed codes\n  const processedCodes = useRef(new Set<string>());\n\n  useEffect(() => {\n    if (!currentUrl || !authConfig) return;\n\n    const {\n      redirectUrl,\n      clientId,\n      oauthServer,\n      scopes,\n      logoutRedirectUrl,\n      logoutUrl,\n    } = authConfig;\n    BrowserAuthenticationService.build({\n      clientId,\n      redirectUrl,\n      logoutRedirectUrl,\n      logoutUrl,\n      oauthServer,\n      scopes,\n      displayMode: \"iframe\",\n    }).then(setAuthService);\n  }, [currentUrl, authConfig]);\n\n  const isInIframe = isWindowInIframe(globalThis.window);\n\n  const doTokenExchange = useCallback(\n    async (inUrl: string) => {\n      if (!authService) return;\n      const url = new URL(inUrl);\n      const code = url.searchParams.get(\"code\");\n      const state = url.searchParams.get(\"state\");\n\n      // Create a unique key for this code/state combination\n      const exchangeKey = `${code}:${state}`;\n\n      // If we've already processed this code, skip it\n      if (processedCodes.current.has(exchangeKey)) {\n        console.log(\"Token exchange already processed for this code\");\n        return;\n      }\n\n      if (code && state) {\n        try {\n          // Mark this code as processed before starting the exchange\n          processedCodes.current.add(exchangeKey);\n          setIsLoading(true);\n          await authService.tokenExchange(code, state);\n        } catch (error) {\n          setError(error as Error);\n          setSession({ authenticated: false });\n        }\n        setIsLoading(false);\n      }\n    },\n    [authService],\n  );\n\n  const onSignIn = useCallback(async () => {\n    if (!authService) return;\n    const session = await authService.getSessionData();\n    setSession(session);\n  }, [authService]);\n\n  const onSignOut = useCallback(() => {\n    setSession(null);\n  }, []);\n\n  useEffect(() => {\n    LocalStorageAdapter.emitter.on(\"signIn\", onSignIn);\n    LocalStorageAdapter.emitter.on(\"signOut\", onSignOut);\n    return () => {\n      LocalStorageAdapter.emitter.off(\"signIn\", onSignIn);\n      LocalStorageAdapter.emitter.off(\"signOut\", onSignOut);\n    };\n  }, [onSignIn, onSignOut]);\n\n  useEffect(() => {\n    if (!authConfig) {\n      setIsLoading(true);\n    } else {\n      setIsLoading(false);\n    }\n  }, [authConfig]);\n  // Handle page load or refocus\n  useEffect(() => {\n    if (!authConfig || !authService || !currentUrl || isInIframe || isLoading) {\n      return;\n    }\n    const abortController = new AbortController();\n    const onPageLoad = async () => {\n      // if we have existing tokens, then validate them and return the session data\n      // otherwise check if we have a code in the url and exchange it for tokens\n      // if we have neither, return undefined\n      const existingSessionData = await authService.validateExistingSession();\n      if (existingSessionData.authenticated) {\n        setSession(existingSessionData);\n        return;\n      }\n      if (\n        abortController.signal.aborted ||\n        !new URL(currentUrl).searchParams.get(\"code\")\n      ) {\n        return;\n      }\n      await doTokenExchange(currentUrl);\n    };\n    onPageLoad();\n    return () => {\n      abortController.abort();\n    };\n  }, [\n    authConfig,\n    authService,\n    currentUrl,\n    doTokenExchange,\n    isInIframe,\n    isLoading,\n    isWindowFocused,\n    session?.authenticated,\n  ]);\n\n  const value = useMemo(\n    () => ({\n      data: session,\n      error,\n      isLoading,\n      doTokenExchange: authService ? doTokenExchange : null,\n    }),\n    [session, error, isLoading, authService, doTokenExchange],\n  );\n\n  return (\n    <ClientTokenExchangeSessionContext.Provider value={value}>\n      {children}\n    </ClientTokenExchangeSessionContext.Provider>\n  );\n};\n\nexport type { ClientTokenExchangeSessionContextType as SessionContextType };\nexport {\n  ClientTokenExchangeSessionProvider,\n  ClientTokenExchangeSessionContext,\n};\n"]}

package/dist/cjs/reactjs/providers/index.d.ts

@@ -0,0 +1,8 @@
+export { UserProvider, UserContext, type UserContextType, } from "../../shared/providers/UserProvider.js";
+export { TokenProvider, TokenContext, type TokenContextType, } from "../../shared/providers/TokenProvider.js";
+export { AuthProvider } from "../../reactjs/providers/AuthProvider.js";
+export { SessionProvider, SessionContext, type SessionContextType, } from "../../shared/providers/SessionProvider.js";
+export { CivicAuthProvider, type CivicAuthProviderProps, } from "../../reactjs/providers/CivicAuthProvider.js";
+export { AuthContext } from "../../shared/providers/AuthContext.js";
+export type { AuthContextType } from "../../shared/providers/AuthContext.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/cjs/reactjs/providers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/providers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EACZ,WAAW,EACX,KAAK,eAAe,GACrB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EACL,aAAa,EACb,YAAY,EACZ,KAAK,gBAAgB,GACtB,MAAM,qCAAqC,CAAC;AAE7C,OAAO,EAAE,YAAY,EAAE,MAAM,qCAAqC,CAAC;AAEnE,OAAO,EACL,eAAe,EACf,cAAc,EACd,KAAK,kBAAkB,GACxB,MAAM,uCAAuC,CAAC;AAE/C,OAAO,EACL,iBAAiB,EACjB,KAAK,sBAAsB,GAC5B,MAAM,0CAA0C,CAAC;AAElD,OAAO,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAChE,YAAY,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC"}

package/dist/cjs/reactjs/providers/index.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthContext = exports.CivicAuthProvider = exports.SessionContext = exports.SessionProvider = exports.AuthProvider = exports.TokenContext = exports.TokenProvider = exports.UserContext = exports.UserProvider = void 0;
+var UserProvider_js_1 = require("../../shared/providers/UserProvider.js");
+Object.defineProperty(exports, "UserProvider", { enumerable: true, get: function () { return UserProvider_js_1.UserProvider; } });
+Object.defineProperty(exports, "UserContext", { enumerable: true, get: function () { return UserProvider_js_1.UserContext; } });
+var TokenProvider_js_1 = require("../../shared/providers/TokenProvider.js");
+Object.defineProperty(exports, "TokenProvider", { enumerable: true, get: function () { return TokenProvider_js_1.TokenProvider; } });
+Object.defineProperty(exports, "TokenContext", { enumerable: true, get: function () { return TokenProvider_js_1.TokenContext; } });
+var AuthProvider_js_1 = require("../../reactjs/providers/AuthProvider.js");
+Object.defineProperty(exports, "AuthProvider", { enumerable: true, get: function () { return AuthProvider_js_1.AuthProvider; } });
+var SessionProvider_js_1 = require("../../shared/providers/SessionProvider.js");
+Object.defineProperty(exports, "SessionProvider", { enumerable: true, get: function () { return SessionProvider_js_1.SessionProvider; } });
+Object.defineProperty(exports, "SessionContext", { enumerable: true, get: function () { return SessionProvider_js_1.SessionContext; } });
+var CivicAuthProvider_js_1 = require("../../reactjs/providers/CivicAuthProvider.js");
+Object.defineProperty(exports, "CivicAuthProvider", { enumerable: true, get: function () { return CivicAuthProvider_js_1.CivicAuthProvider; } });
+var AuthContext_js_1 = require("../../shared/providers/AuthContext.js");
+Object.defineProperty(exports, "AuthContext", { enumerable: true, get: function () { return AuthContext_js_1.AuthContext; } });
+//# sourceMappingURL=index.js.map

package/dist/cjs/reactjs/providers/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/reactjs/providers/index.ts"],"names":[],"mappings":";;;AAAA,sEAI4C;AAH1C,+GAAA,YAAY,OAAA;AACZ,8GAAA,WAAW,OAAA;AAIb,wEAI6C;AAH3C,iHAAA,aAAa,OAAA;AACb,gHAAA,YAAY,OAAA;AAId,uEAAmE;AAA1D,+GAAA,YAAY,OAAA;AAErB,4EAI+C;AAH7C,qHAAA,eAAe,OAAA;AACf,oHAAA,cAAc,OAAA;AAIhB,iFAGkD;AAFhD,yHAAA,iBAAiB,OAAA;AAInB,oEAAgE;AAAvD,6GAAA,WAAW,OAAA","sourcesContent":["export {\n  UserProvider,\n  UserContext,\n  type UserContextType,\n} from \"@/shared/providers/UserProvider.js\";\n\nexport {\n  TokenProvider,\n  TokenContext,\n  type TokenContextType,\n} from \"@/shared/providers/TokenProvider.js\";\n\nexport { AuthProvider } from \"@/reactjs/providers/AuthProvider.js\";\n\nexport {\n  SessionProvider,\n  SessionContext,\n  type SessionContextType,\n} from \"@/shared/providers/SessionProvider.js\";\n\nexport {\n  CivicAuthProvider,\n  type CivicAuthProviderProps,\n} from \"@/reactjs/providers/CivicAuthProvider.js\";\n\nexport { AuthContext } from \"@/shared/providers/AuthContext.js\";\nexport type { AuthContextType } from \"@/shared/providers/AuthContext.js\";\n"]}

package/dist/cjs/server/ServerAuthenticationResolver.d.ts

@@ -0,0 +1,20 @@
+import type { AuthStorage, Endpoints, OIDCTokenResponseBody, SessionData } from "../types.js";
+import type { AuthConfig } from "../server/config.js";
+import type { AuthenticationResolver } from "../services/types.ts";
+export declare class ServerAuthenticationResolver implements AuthenticationResolver {
+    readonly authConfig: AuthConfig;
+    readonly storage: AuthStorage;
+    readonly endpointOverrides?: Partial<Endpoints> | undefined;
+    private pkceProducer;
+    private oauth2client;
+    private endpoints;
+    private constructor();
+    validateExistingSession(): Promise<SessionData>;
+    get oauthServer(): string;
+    init(): Promise<this>;
+    tokenExchange(code: string, state: string): Promise<OIDCTokenResponseBody>;
+    getSessionData(): Promise<SessionData | null>;
+    getEndSessionEndpoint(): Promise<string | null>;
+    static build(authConfig: AuthConfig, storage: AuthStorage, endpointOverrides?: Partial<Endpoints>): Promise<AuthenticationResolver>;
+}
+//# sourceMappingURL=ServerAuthenticationResolver.d.ts.map

package/dist/cjs/server/ServerAuthenticationResolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServerAuthenticationResolver.d.ts","sourceRoot":"","sources":["../../../src/server/ServerAuthenticationResolver.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,qBAAqB,EACrB,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAOrD,OAAO,KAAK,EAAE,sBAAsB,EAAgB,MAAM,qBAAqB,CAAC;AAGhF,qBAAa,4BAA6B,YAAW,sBAAsB;IAMvE,QAAQ,CAAC,UAAU,EAAE,UAAU;IAC/B,QAAQ,CAAC,OAAO,EAAE,WAAW;IAC7B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC;IAPjD,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;IAEzC,OAAO;IAOP,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC;IAI/C,IAAI,WAAW,IAAI,MAAM,CAExB;IAEK,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAkBrB,aAAa,CACjB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IAoB3B,cAAc,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAa7C,qBAAqB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;WAOxC,KAAK,CAChB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GACrC,OAAO,CAAC,sBAAsB,CAAC;CAUnC"}

package/dist/cjs/server/ServerAuthenticationResolver.js

@@ -0,0 +1,71 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ServerAuthenticationResolver = void 0;
+const PKCE_js_1 = require("../services/PKCE.js");
+const oauth2_1 = require("oslo/oauth2");
+const util_js_1 = require("../shared/lib/util.js");
+const constants_js_1 = require("../constants.js");
+class ServerAuthenticationResolver {
+    authConfig;
+    storage;
+    endpointOverrides;
+    pkceProducer;
+    oauth2client;
+    endpoints;
+    constructor(authConfig, storage, endpointOverrides) {
+        this.authConfig = authConfig;
+        this.storage = storage;
+        this.endpointOverrides = endpointOverrides;
+        this.pkceProducer = new PKCE_js_1.GenericPublicClientPKCEProducer(storage);
+    }
+    validateExistingSession() {
+        throw new Error("Method not implemented.");
+    }
+    get oauthServer() {
+        return this.authConfig.oauthServer || constants_js_1.DEFAULT_AUTH_SERVER;
+    }
+    async init() {
+        // resolve oauth config
+        this.endpoints = await (0, util_js_1.getEndpointsWithOverrides)(this.oauthServer, this.endpointOverrides);
+        this.oauth2client = new oauth2_1.OAuth2Client(this.authConfig.clientId, this.endpoints.auth, this.endpoints.token, {
+            redirectURI: this.authConfig.redirectUrl,
+        });
+        return this;
+    }
+    async tokenExchange(code, state) {
+        if (!this.oauth2client)
+            await this.init();
+        const codeVerifier = await this.pkceProducer.getCodeVerifier();
+        if (!codeVerifier)
+            throw new Error("Code verifier not found in storage");
+        // exchange auth code for tokens
+        const tokens = await (0, util_js_1.exchangeTokens)(code, state, this.pkceProducer, this.oauth2client, // clean up types here to avoid the ! operator
+        this.oauthServer, this.endpoints);
+        await (0, util_js_1.storeServerTokens)(this.storage, tokens);
+        return tokens;
+    }
+    async getSessionData() {
+        const storageData = await (0, util_js_1.retrieveTokens)(this.storage);
+        if (!storageData)
+            return null;
+        return {
+            authenticated: !!storageData.id_token,
+            idToken: storageData.id_token,
+            accessToken: storageData.access_token,
+            refreshToken: storageData.refresh_token,
+        };
+    }
+    async getEndSessionEndpoint() {
+        if (!this.endpoints) {
+            return null;
+        }
+        return this.endpoints.endsession;
+    }
+    static async build(authConfig, storage, endpointOverrides) {
+        const resolver = new ServerAuthenticationResolver(authConfig, storage, endpointOverrides);
+        await resolver.init();
+        return resolver;
+    }
+}
+exports.ServerAuthenticationResolver = ServerAuthenticationResolver;
+//# sourceMappingURL=ServerAuthenticationResolver.js.map

package/dist/cjs/server/ServerAuthenticationResolver.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServerAuthenticationResolver.js","sourceRoot":"","sources":["../../../src/server/ServerAuthenticationResolver.ts"],"names":[],"mappings":";;;AAAA,gDAAqE;AACrE,wCAA2C;AAQ3C,kDAK8B;AAE9B,iDAAqD;AAErD,MAAa,4BAA4B;IAM5B;IACA;IACA;IAPH,YAAY,CAAe;IAC3B,YAAY,CAA2B;IACvC,SAAS,CAAwB;IAEzC,YACW,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAFtC,eAAU,GAAV,UAAU,CAAY;QACtB,YAAO,GAAP,OAAO,CAAa;QACpB,sBAAiB,GAAjB,iBAAiB,CAAqB;QAE/C,IAAI,CAAC,YAAY,GAAG,IAAI,yCAA+B,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IACD,uBAAuB;QACrB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,IAAI,kCAAmB,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,IAAA,mCAAyB,EAC9C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,iBAAiB,CACvB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,qBAAY,CAClC,IAAI,CAAC,UAAU,CAAC,QAAQ,EACxB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW;SACzC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,IAAY,EACZ,KAAa;QAEb,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;QAC/D,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAEzE,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAc,EACjC,IAAI,EACJ,KAAK,EACL,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,YAAa,EAAE,8CAA8C;QAClE,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,SAAU,CAChB,CAAC;QAEF,MAAM,IAAA,2BAAiB,EAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE9C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,WAAW,GAAG,MAAM,IAAA,wBAAc,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEvD,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,OAAO;YACL,aAAa,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ;YACrC,OAAO,EAAE,WAAW,CAAC,QAAQ;YAC7B,WAAW,EAAE,WAAW,CAAC,YAAY;YACrC,YAAY,EAAE,WAAW,CAAC,aAAa;SACxC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC;IACnC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,UAAsB,EACtB,OAAoB,EACpB,iBAAsC;QAEtC,MAAM,QAAQ,GAAG,IAAI,4BAA4B,CAC/C,UAAU,EACV,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEtB,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AA/FD,oEA+FC","sourcesContent":["import { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport type {\n  AuthStorage,\n  Endpoints,\n  OIDCTokenResponseBody,\n  SessionData,\n} from \"@/types.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport {\n  exchangeTokens,\n  getEndpointsWithOverrides,\n  retrieveTokens,\n  storeServerTokens,\n} from \"@/shared/lib/util.js\";\nimport type { AuthenticationResolver, PKCEProducer } from \"@/services/types.ts\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nexport class ServerAuthenticationResolver implements AuthenticationResolver {\n  private pkceProducer: PKCEProducer;\n  private oauth2client: OAuth2Client | undefined;\n  private endpoints: Endpoints | undefined;\n\n  private constructor(\n    readonly authConfig: AuthConfig,\n    readonly storage: AuthStorage,\n    readonly endpointOverrides?: Partial<Endpoints>,\n  ) {\n    this.pkceProducer = new GenericPublicClientPKCEProducer(storage);\n  }\n  validateExistingSession(): Promise<SessionData> {\n    throw new Error(\"Method not implemented.\");\n  }\n\n  get oauthServer(): string {\n    return this.authConfig.oauthServer || DEFAULT_AUTH_SERVER;\n  }\n\n  async init(): Promise<this> {\n    // resolve oauth config\n    this.endpoints = await getEndpointsWithOverrides(\n      this.oauthServer,\n      this.endpointOverrides,\n    );\n    this.oauth2client = new OAuth2Client(\n      this.authConfig.clientId,\n      this.endpoints.auth,\n      this.endpoints.token,\n      {\n        redirectURI: this.authConfig.redirectUrl,\n      },\n    );\n\n    return this;\n  }\n\n  async tokenExchange(\n    code: string,\n    state: string,\n  ): Promise<OIDCTokenResponseBody> {\n    if (!this.oauth2client) await this.init();\n    const codeVerifier = await this.pkceProducer.getCodeVerifier();\n    if (!codeVerifier) throw new Error(\"Code verifier not found in storage\");\n\n    // exchange auth code for tokens\n    const tokens = await exchangeTokens(\n      code,\n      state,\n      this.pkceProducer,\n      this.oauth2client!, // clean up types here to avoid the ! operator\n      this.oauthServer,\n      this.endpoints!, // clean up types here to avoid the ! operator\n    );\n\n    await storeServerTokens(this.storage, tokens);\n\n    return tokens;\n  }\n\n  async getSessionData(): Promise<SessionData | null> {\n    const storageData = await retrieveTokens(this.storage);\n\n    if (!storageData) return null;\n\n    return {\n      authenticated: !!storageData.id_token,\n      idToken: storageData.id_token,\n      accessToken: storageData.access_token,\n      refreshToken: storageData.refresh_token,\n    };\n  }\n\n  async getEndSessionEndpoint(): Promise<string | null> {\n    if (!this.endpoints) {\n      return null;\n    }\n    return this.endpoints.endsession;\n  }\n\n  static async build(\n    authConfig: AuthConfig,\n    storage: AuthStorage,\n    endpointOverrides?: Partial<Endpoints>,\n  ): Promise<AuthenticationResolver> {\n    const resolver = new ServerAuthenticationResolver(\n      authConfig,\n      storage,\n      endpointOverrides,\n    );\n    await resolver.init();\n\n    return resolver;\n  }\n}\n"]}

package/dist/cjs/server/config.d.ts

@@ -0,0 +1,11 @@
+import type { Endpoints } from "../types.ts";
+export type AuthConfig = {
+    clientId: string;
+    redirectUrl: string;
+    oauthServer?: string;
+    challengeUrl?: string;
+    refreshUrl?: string;
+    endpointOverrides?: Partial<Endpoints> | undefined;
+    postLogoutRedirectUrl?: string;
+};
+//# sourceMappingURL=config.d.ts.map