@civic/auth 0.6.0-beta.3 → 0.6.1-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/dist/shared/components/CivicAuthIframeContainer.js +1 -1
  2. package/dist/shared/components/CivicAuthIframeContainer.js.map +1 -1
  3. package/dist/shared/lib/BrowserAuthenticationRefresher.d.ts +7 -1
  4. package/dist/shared/lib/BrowserAuthenticationRefresher.d.ts.map +1 -1
  5. package/dist/shared/lib/BrowserAuthenticationRefresher.js +15 -2
  6. package/dist/shared/lib/BrowserAuthenticationRefresher.js.map +1 -1
  7. package/dist/shared/lib/util.d.ts +1 -1
  8. package/dist/shared/lib/util.d.ts.map +1 -1
  9. package/dist/shared/lib/util.js +6 -1
  10. package/dist/shared/lib/util.js.map +1 -1
  11. package/dist/shared/version.d.ts +1 -1
  12. package/dist/shared/version.js +1 -1
  13. package/dist/shared/version.js.map +1 -1
  14. package/dist/vanillajs/auth/AuthenticationEvents.d.ts +11 -0
  15. package/dist/vanillajs/auth/AuthenticationEvents.d.ts.map +1 -0
  16. package/dist/vanillajs/auth/AuthenticationEvents.js +36 -0
  17. package/dist/vanillajs/auth/AuthenticationEvents.js.map +1 -0
  18. package/dist/vanillajs/auth/CivicAuth.d.ts +205 -0
  19. package/dist/vanillajs/auth/CivicAuth.d.ts.map +1 -0
  20. package/dist/vanillajs/auth/CivicAuth.js +689 -0
  21. package/dist/vanillajs/auth/CivicAuth.js.map +1 -0
  22. package/dist/vanillajs/auth/OAuthCallbackHandler.d.ts +90 -0
  23. package/dist/vanillajs/auth/OAuthCallbackHandler.d.ts.map +1 -0
  24. package/dist/vanillajs/auth/OAuthCallbackHandler.js +143 -0
  25. package/dist/vanillajs/auth/OAuthCallbackHandler.js.map +1 -0
  26. package/dist/vanillajs/auth/SessionManager.d.ts +48 -0
  27. package/dist/vanillajs/auth/SessionManager.d.ts.map +1 -0
  28. package/dist/vanillajs/auth/SessionManager.js +121 -0
  29. package/dist/vanillajs/auth/SessionManager.js.map +1 -0
  30. package/dist/vanillajs/auth/TokenRefresher.d.ts +54 -0
  31. package/dist/vanillajs/auth/TokenRefresher.d.ts.map +1 -0
  32. package/dist/vanillajs/auth/TokenRefresher.js +166 -0
  33. package/dist/vanillajs/auth/TokenRefresher.js.map +1 -0
  34. package/dist/vanillajs/iframe/IframeManager.d.ts +82 -0
  35. package/dist/vanillajs/iframe/IframeManager.d.ts.map +1 -0
  36. package/dist/vanillajs/iframe/IframeManager.js +487 -0
  37. package/dist/vanillajs/iframe/IframeManager.js.map +1 -0
  38. package/dist/vanillajs/iframe/IframeResizer.d.ts +15 -0
  39. package/dist/vanillajs/iframe/IframeResizer.d.ts.map +1 -0
  40. package/dist/vanillajs/iframe/IframeResizer.js +127 -0
  41. package/dist/vanillajs/iframe/IframeResizer.js.map +1 -0
  42. package/dist/vanillajs/iframe/SignalObserver.d.ts +33 -0
  43. package/dist/vanillajs/iframe/SignalObserver.d.ts.map +1 -0
  44. package/dist/vanillajs/iframe/SignalObserver.js +162 -0
  45. package/dist/vanillajs/iframe/SignalObserver.js.map +1 -0
  46. package/dist/vanillajs/index.d.ts +17 -0
  47. package/dist/vanillajs/index.d.ts.map +1 -0
  48. package/dist/vanillajs/index.js +18 -0
  49. package/dist/vanillajs/index.js.map +1 -0
  50. package/dist/vanillajs/services/ApiService.d.ts +22 -0
  51. package/dist/vanillajs/services/ApiService.d.ts.map +1 -0
  52. package/dist/vanillajs/services/ApiService.js +82 -0
  53. package/dist/vanillajs/services/ApiService.js.map +1 -0
  54. package/dist/vanillajs/types/index.d.ts +28 -0
  55. package/dist/vanillajs/types/index.d.ts.map +1 -0
  56. package/dist/vanillajs/types/index.js +14 -0
  57. package/dist/vanillajs/types/index.js.map +1 -0
  58. package/dist/vanillajs/ui/LoadingComponents.d.ts +51 -0
  59. package/dist/vanillajs/ui/LoadingComponents.d.ts.map +1 -0
  60. package/dist/vanillajs/ui/LoadingComponents.js +363 -0
  61. package/dist/vanillajs/ui/LoadingComponents.js.map +1 -0
  62. package/dist/vanillajs/utils/auth-utils.d.ts +13 -0
  63. package/dist/vanillajs/utils/auth-utils.d.ts.map +1 -0
  64. package/dist/vanillajs/utils/auth-utils.js +15 -0
  65. package/dist/vanillajs/utils/auth-utils.js.map +1 -0
  66. package/dist/vanillajs/utils/logger.d.ts +29 -0
  67. package/dist/vanillajs/utils/logger.d.ts.map +1 -0
  68. package/dist/vanillajs/utils/logger.js +62 -0
  69. package/dist/vanillajs/utils/logger.js.map +1 -0
  70. package/package.json +1 -1
package/dist/vanillajs/auth/CivicAuth.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CivicAuth.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/CivicAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAEpE,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAEtD,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AACzE,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAE3D;;GAEG;AACH,MAAM,CAAN,IAAY,kBAQX;AARD,WAAY,kBAAkB;IAC5B,yDAAmC,CAAA;IACnC,iDAA2B,CAAA;IAC3B,6EAAuD,CAAA;IACvD,iEAA2C,CAAA;IAC3C,mEAA6C,CAAA;IAC7C,6DAAuC,CAAA;IACvC,yDAAmC,CAAA;AACrC,CAAC,EARW,kBAAkB,KAAlB,kBAAkB,QAQ7B;AAED;;GAEG;AACH,MAAM,SAAS,GAAG;IAChB,iBAAiB,EAAE,mBAAmB;IACtC,4BAA4B,EAAE,KAAK,EAAE,aAAa;IAClD,iBAAiB,EAAE,2BAA2B;IAC9C,eAAe,EAAE,yBAAyB;CAClC,CAAC;AAcX,MAAM,cAAe,SAAQ,KAAK;IAGd;IAFlB,YACE,OAAe,EACC,IAAwB;QAExC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,SAAI,GAAJ,IAAI,CAAoB;QAGxC,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAqDD;;GAEG;AACH,SAAS,yBAAyB,CAChC,MAA6B;IAQ7B,MAAM,aAAa,GAAkB;QACnC,OAAO,EAAE,IAAI;QACb,SAAS,EAAE,QAAQ;QACnB,KAAK,EAAE,OAAgB;QACvB,GAAG,MAAM,CAAC,OAAO;KAClB,CAAC;IAEF,OAAO;QACL,GAAG,MAAM;QACT,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,QAAQ;QAC3C,kBAAkB,EAChB,MAAM,CAAC,kBAAkB,IAAI,SAAS,CAAC,4BAA4B;QACrE,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,SAAS,CAAC,iBAAiB;QACxD,OAAO,EAAE,aAAa;QACtB,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,IAAI,mBAAmB,EAAE;KACnE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,SAAS;IACpB;;;;;;OAMG;IACK,MAAM,CAMZ;IACM,aAAa,CAAqB;IAClC,QAAQ,CAAoB;IAC5B,WAAW,CAAuB;IAClC,kBAAkB,CAA+B;IACjD,iBAAiB,CAA4B;IAC7C,wBAAwB,CAAU;IAClC,mBAAmB,CAAiC;IACpD,OAAO,CAAc;IACrB,SAAS,CAAa;IACtB,MAAM,CAAkC;IACxC,cAAc,CAAkB;IAChC,aAAa,CAAiB;IAEtC;;;;;;OAMG;IACH,YAAoB,MAA6B;QAC/C,+BAA+B;QAC/B,IAAI,CAAC,MAAM,GAAG,yBAAyB,CAAC,MAAM,CAAC,CAAC;QAEhD,oCAAoC;QACpC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAEtC,oCAAoC;QACpC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC;YACjC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,IAAI,QAAQ,CAAC;YAC5D,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;QACxC,CAAC;aAAM,CAAC;YACN,iDAAiD;YACjD,IAAI,CAAC,MAAM,GAAG;gBACZ,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;gBACf,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;gBACd,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;gBACd,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;aAChB,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE9B,2EAA2E;QAC3E,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;QAE1C,mDAAmD;QACnD,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAClB,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QACxE,CAAC;QAED,kCAAkC;QAClC,MAAM,eAAe,GAAG;YACtB,EAAE,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE;YAC3C,EAAE,GAAG,EAAE,wBAAwB,EAAE,KAAK,EAAE,MAAM,CAAC,sBAAsB,EAAE;YACvE,EAAE,GAAG,EAAE,qBAAqB,EAAE,KAAK,EAAE,MAAM,CAAC,WAAW,EAAE,OAAO,EAAE;SACnE,CAAC;QAEF,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,eAAe,EAAE,CAAC;YAC7C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,cAAc,CACtB,cAAc,GAAG,eAAe,EAChC,kBAAkB,CAAC,eAAe,CACnC,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjE,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CACxB,MAA6B;QAE7B,MAAM,QAAQ,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACtB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,IAAI;QAChB,IAAI,CAAC;YACH,oDAAoD;YACpD,IAAI,CAAC,SAAS,GAAG;gBACf,IAAI,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,MAAM;gBAC7C,KAAK,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,OAAO;gBAC/C,IAAI,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,MAAM;gBAC7C,QAAQ,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,UAAU;gBACrD,UAAU,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,YAAY;aAC1D,CAAC;YAEF,+DAA+D;YAC/D,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,UAAU,GAAG;oBACjB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;oBACpC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;oBAC3C,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;oBAC1B,SAAS,EAAE,IAAI,CAAC,SAAS;iBAC1B,CAAC;gBACF,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC;YACjE,CAAC;YAED,sCAAsC;YACtC,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC7D,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9B,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK;gBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;gBACf,CAAC,CAAC,qCAAqC,CAAC;YAC5C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,YAAY;aACrB,CAAC,CAAC;YACH,MAAM,IAAI,cAAc,CAAC,YAAY,EAAE,kBAAkB,CAAC,WAAW,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,mBAAmB;QACzB,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CACrC,IAAI,CAAC,MAAM,CAAC,sBAAsB,CACnC,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,8BAA8B,IAAI,CAAC,MAAM,CAAC,sBAAsB,aAAa,CAC9E,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;IAC5C,CAAC;IAED;;;;OAIG;IACK,0BAA0B,CAChC,SAAsB;QAEtB,kCAAkC;QAClC,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yCAAyC,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CACzE,CAAC;YACF,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;QACvC,CAAC;QAED,mEAAmE;QACnE,MAAM,aAAa,GAAG,SAAS,CAAC,qBAAqB,EAAE,CAAC;QACxD,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;QAE3D,2BAA2B;QAC3B,MAAM,cAAc,GAAG,aAAa,CAAC,KAAK,CAAC;QAC3C,MAAM,eAAe,GAAG,aAAa,CAAC,MAAM,CAAC;QAE7C,uFAAuF;QACvF,MAAM,qBAAqB,GACzB,eAAe,CAAC,QAAQ,KAAK,OAAO;YACpC,CAAC,cAAc,IAAI,MAAM,CAAC,UAAU,GAAG,GAAG;gBACxC,eAAe,IAAI,MAAM,CAAC,WAAW,GAAG,GAAG,CAAC,CAAC;QAEjD,6EAA6E;QAC7E,MAAM,kBAAkB,GAAG,GAAG,CAAC,CAAC,sCAAsC;QACtE,MAAM,mBAAmB,GAAG,GAAG,CAAC,CAAC,4CAA4C;QAE7E,oDAAoD;QACpD,IAAI,qBAAqB,EAAE,CAAC;YAC1B,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,kEAAkE,EAClE,EAAE,cAAc,EAAE,eAAe,EAAE,QAAQ,EAAE,eAAe,CAAC,QAAQ,EAAE,CACxE,CAAC;YACF,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IACE,cAAc,GAAG,kBAAkB;YACnC,eAAe,GAAG,mBAAmB,EACrC,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,0CAA0C,cAAc,IAAI,eAAe,qBAAqB,EAChG;gBACE,cAAc;gBACd,eAAe;gBACf,kBAAkB;gBAClB,mBAAmB;aACpB,CACF,CAAC;YACF,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,mFAAmF;QACnF,MAAM,gBAAgB,GACpB,cAAc,IAAI,kBAAkB;YACpC,eAAe,IAAI,mBAAmB,CAAC;QACzC,MAAM,oBAAoB,GACxB,eAAe,CAAC,QAAQ,KAAK,UAAU;YACvC,eAAe,CAAC,QAAQ,KAAK,QAAQ;YACrC,eAAe,CAAC,QAAQ,KAAK,EAAE,CAAC;QAElC,IAAI,gBAAgB,IAAI,oBAAoB,EAAE,CAAC;YAC7C,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,gEAAgE,EAChE,EAAE,cAAc,EAAE,eAAe,EAAE,QAAQ,EAAE,eAAe,CAAC,QAAQ,EAAE,CACxE,CAAC;YACF,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,iEAAiE;QACjE,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,2EAA2E,EAC3E,EAAE,cAAc,EAAE,eAAe,EAAE,QAAQ,EAAE,eAAe,CAAC,QAAQ,EAAE,CACxE,CAAC;QACF,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,YAAY;QACxB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,IAAI,cAAc,CACtB,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;QACJ,CAAC;QAED,kDAAkD;QAClD,MAAM,YAAY,GAAG,IAAI,+BAA+B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvE,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,gBAAgB,EAAE,CAAC;QAC5D,MAAM,KAAK,GACT,IAAI,CAAC,MAAM,CAAC,YAAY;YACxB,aAAa,CAAC;gBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;aACjD,CAAC,CAAC;QAEL,OAAO,YAAY,CAAC;YAClB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,aAAa;YACb,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;SAC3B,CAAC,CAAC;IACL,CAAC;IAEO,mBAAmB,CAAC,KAAmB;QAC7C,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;QACtE,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;QAE/C,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,cAAc,CAAC,EAAE,CAAC;YACtD,OAAO;QACT,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAEO,kBAAkB,CACxB,KAAmB,EACnB,cAAsB;QAEtB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE;YACnD,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,MAAM;YAC9B,mBAAmB,EAAE,IAAI,CAAC,aAAa,EAAE,aAAa;YACtD,oBAAoB,EAAE,cAAc;SACrC,CAAC,CAAC;IACL,CAAC;IAEO,oBAAoB,CAC1B,KAAmB,EACnB,cAAsB;QAEtB,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,KAAK,cAAc,CAAC;QACtD,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,KAAK,IAAI,CAAC,aAAa,EAAE,aAAa,CAAC;QAEzE,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE;gBAC1D,cAAc,EAAE,KAAK,CAAC,MAAM;gBAC5B,cAAc;gBACd,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;aACnC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE;gBAC1D,gBAAgB,EAAE,CAAC,CAAC,KAAK,CAAC,MAAM;gBAChC,8BAA8B,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa;gBACnE,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;aACnC,CAAC,CAAC;QACL,CAAC;QAED,OAAO,aAAa,IAAI,aAAa,CAAC;IACxC,CAAC;IAEO,kBAAkB,CAAC,KAAmB;QAC5C,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,2DAA2D,EAC3D;YACE,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;SACnC,CACF,CAAC;QAEF,MAAM,OAAO,GAAG,KAAK,CAAC,IAAmB,CAAC;QAC1C,MAAM,WAAW,GAAG,OAAO,EAAE,IAAI,CAAC;QAElC,QAAQ,WAAW,EAAE,CAAC;YACpB,KAAK,cAAc;gBACjB,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;gBAChC,MAAM;YACR,KAAK,YAAY;gBACf,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;gBAC9B,MAAM;YACR;gBACE,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,6EAA6E,EAC7E,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CACrB,CAAC;QACN,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,IAAiB;QACzC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE;YACnD,MAAM,EAAE,yCAAyC;YACjD,IAAI;SACL,CAAC,CAAC;QACH,IAAI,CAAC,kBAAkB,EAAE,CAAE,IAAI,EAAE,IAAmB,IAAI,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;IAEO,eAAe,CAAC,IAAiB;QACvC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;YAChD,MAAM,EAAE,uCAAuC;YAC/C,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QACH,IAAI,CAAC,iBAAiB,EAAE,CACtB,IAAI,cAAc,CAChB,IAAI,EAAE,MAAM,IAAI,uCAAuC,EACvD,kBAAkB,CAAC,eAAe,CACnC,CACF,CAAC;QACF,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;IAEO,mBAAmB,CAAC,SAAmB;QAC7C,MAAM,cAAc,GAAG,IAAI,cAAc,CACvC;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,EACD,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,iBAAiB,EACtB,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,CACrB,CAAC;QAEF,cAAc,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAClC,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAC5B,WAAmB,EACnB,MAA8B;QAE9B,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QACvD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,0EAA0E,EAC1E,kBAAkB,CAAC,WAAW,CAC/B,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,KAAK,CAAC,OAAO;aACtB,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,CAAC,CAAC;QAChB,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAC5B,WAAmB,EACnB,MAA8B;QAE9B,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,qCAAqC,EACrC,kBAAkB,CAAC,mBAAmB,CACvC,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,CAAC,KAAK,CAAC,CAAC;YACd,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE;YACvD,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,SAAS,EAAE,EAAE;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;SAC/B,CAAC,CAAC;QAEH,sDAAsD;QACtD,0FAA0F;QAC1F,MAAM,iBAAiB,GAAG,IAAI,CAAC,0BAA0B,CAAC,SAAS,CAAC,CAAC;QAErE,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,2DAA2D,iBAAiB,EAAE,CAC/E,CAAC;QAEF,qDAAqD;QACrD,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;YACrC,SAAS,EAAE,SAAS;YACpB,WAAW,EAAE,iBAAiB;YAC9B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,OAAO,EAAE,GAAG,EAAE;gBACZ,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,sFAAsF,CACvF,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;oBAChD,MAAM,EAAE,kCAAkC;iBAC3C,CAAC,CAAC;gBACH,MAAM,CACJ,IAAI,cAAc,CAChB,kCAAkC,EAClC,kBAAkB,CAAC,oBAAoB,CACxC,CACF,CAAC;gBACF,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC;SACF,CAAC,CAAC;QAEH,wCAAwC;QACxC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QAElE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;YAClD,MAAM,EAAE,oCAAoC;SAC7C,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,GAAG,EAAE;YAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE;gBAChC,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;gBAClC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACrC,wBAAwB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;qBAC9D,MAAM;aACV,CAAC,CAAC;YAEH,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,CAAC;gBACvC,MAAM,QAAQ,GAAG,iDAAiD,CAAC;gBACnE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;oBAC1B,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;iBACnC,CAAC,CAAC;gBACH,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAC,OAAO,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YAED,6DAA6D;YAC7D,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBAC7B,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBAC7D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,yEAAyE,EACzE;oBACE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oBACpC,gBAAgB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;iBACjE,CACF,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,kEAAkE,CACnE,CAAC;YACJ,CAAC;YAED,uCAAuC;YACvC,IAAI,CAAC;gBACH,MAAM,iBAAiB,GACrB,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAEjD,IAAI,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC1D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6EAA6E,CAC9E,CAAC;oBAEF,IACE,IAAI,CAAC,aAAa,CAAC,eAAe;wBAClC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,IAAI,EACvC,CAAC;wBACD,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;oBAC/D,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE;oBAC9C,KAAK;oBACL,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;iBACnC,CAAC,CAAC;gBACH,gEAAgE;gBAChE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uEAAuE,EACvE;oBACE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oBACpC,gBAAgB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;iBACjE,CACF,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;QAEF,IAAI,CAAC,aAAa,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE;gBACrC,KAAK;gBACL,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;gBAClC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;aACtC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,mBAAmB;gBAC3B,KAAK,EAAE,KAAK;aACb,CAAC,CAAC;YACH,MAAM,CAAC,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC;YAC5C,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,mBAAmB;QACvB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,KAAK,CAAC,OAAO;aACtB,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,CACjE,CAAC;YACF,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAE9C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE;YAClD,oBAAoB,EAAE,WAAW;YACjC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;SACnD,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,GAAG,IAAI,OAAO,CAAa,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC7D,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC;YAClC,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC;YAEhC,iCAAiC;YACjC,QAAQ,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBAChC,KAAK,UAAU;oBACb,mDAAmD;oBACnD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;oBACnC,MAAM;gBAER,KAAK,SAAS;oBACZ,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;oBAC3C,MAAM;gBAER,KAAK,QAAQ,CAAC;gBACd;oBACE,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;oBAC3C,MAAM;YACV,CAAC;YAED,uCAAuC;YACvC,IACE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBAC9B,IAAI,CAAC,MAAM,CAAC,kBAAkB,GAAG,CAAC,EAClC,CAAC;gBACD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE;oBACrD,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;oBAClD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;iBACrC,CAAC,CAAC;gBACH,IAAI,CAAC,wBAAwB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;oBACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;wBAC3C,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;wBACpC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;qBACtC,CAAC,CAAC;oBACH,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;wBAChD,MAAM,EAAE,0BAA0B;qBACnC,CAAC,CAAC;oBACH,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC;oBAC/C,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjB,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;YACrC,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QAE7D,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACrD,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;YAC3B,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;QAC5B,CAAC;QAED,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC7B,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAChE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAChD,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;QACjC,CAAC;QAED,2EAA2E;QAC3E,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;QACjC,CAAC;QAED,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,IAAI,CAAC,wBAAwB,GAAG,SAAS,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;QACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;IACrC,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,MAAM,uBAAuB,CAAC;gBACpD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBAC3C,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,WAAW,EAAE;oBACX,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO;oBACxC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,IAAI,uBAAuB;iBAChE;gBACD,cAAc,EAAE,IAAI,CAAC,OAAO;aAC7B,CAAC,CAAC;YAEH,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,aAAa,GAAG,QAAQ,CAAC,cAAc,CAC3C,SAAS,CAAC,iBAAiB,CAC5B,CAAC;gBACF,MAAM,WAAW,GAAG,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;gBAEvE,IAAI,aAAa,EAAE,CAAC;oBAClB,IAAI,QAAQ,GAAG,IAAI,CAAC;oBACpB,MAAM,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC,gBAAgB,CAAC,CAAC;oBAClE,IAAI,YAAY,EAAE,CAAC;wBACjB,IAAI,CAAC;4BACH,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;wBACtC,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;wBAC7D,CAAC;oBACH,CAAC;oBACD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE;wBACnD,MAAM,EAAE,iCAAiC;wBACzC,IAAI,EAAE,QAAQ;qBACf,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,WAAW,EAAE,CAAC;oBACvB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;wBAChD,MAAM,EAAE,WAAW,CAAC,WAAW,IAAI,+BAA+B;qBACnE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EACJ,KAAK,YAAY,KAAK;oBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;oBACf,CAAC,CAAC,+BAA+B;aACtC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB;QAC5B,OAAO,IAAI,CAAC,cAAc,EAAE,iBAAiB,EAAE,IAAI,IAAI,CAAC;IAC1D,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe;QAC1B,OAAO,IAAI,CAAC,cAAc,EAAE,eAAe,EAAE,IAAI,KAAK,CAAC;IACzD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QACzB,OAAO,IAAI,CAAC,cAAc,EAAE,cAAc,EAAE,IAAI,IAAI,CAAC;IACvD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY;QACvB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,aAAa;QACxB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACI,sBAAsB;QAC3B,OAAO,IAAI,CAAC,cAAc,EAAE,sBAAsB,EAAE,IAAI,IAAI,CAAC;IAC/D,CAAC;IAED;;;OAGG;IACI,oBAAoB,CAAC,IAA0B;QACpD,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED;;;OAGG;IACI,oBAAoB;QACzB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;IACvC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,OAAO;QAClB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,MAAM,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,CAAC;QACrC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAC1C,CAAC;CACF","sourcesContent":["import { AuthEvent } from \"../types/index.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport { LocalStorageAdapter } from \"../../browser/storage.js\";\nimport { handleOAuthRedirectPage } from \"./OAuthCallbackHandler.js\";\nimport type { Endpoints, DisplayMode, AuthStorage } from \"../../types.js\";\nimport { buildAuthUrl } from \"../utils/auth-utils.js\";\nimport type { AuthResult, Session } from \"../types/index.js\";\nimport {\n createLogger,\n configureLogging,\n setCurrentLogger,\n} from \"../utils/logger.js\";\nimport { SignalObserver } from \"../iframe/SignalObserver.js\";\nimport { GenericPublicClientPKCEProducer } from \"../../services/PKCE.js\";\nimport { generateState } from \"../../lib/oauth.js\";\nimport { SessionManager } from \"./SessionManager.js\";\nimport { IframeManager } from \"../iframe/IframeManager.js\";\n\n/**\n * Error codes for CivicAuth errors\n */\nexport enum CivicAuthErrorCode {\n CONFIG_REQUIRED = \"CONFIG_REQUIRED\",\n INIT_FAILED = \"INIT_FAILED\",\n ENDPOINTS_NOT_INITIALIZED = \"ENDPOINTS_NOT_INITIALIZED\",\n CONTAINER_NOT_FOUND = \"CONTAINER_NOT_FOUND\",\n AUTH_PROCESS_TIMEOUT = \"AUTH_PROCESS_TIMEOUT\",\n IFRAME_LOAD_ERROR = \"IFRAME_LOAD_ERROR\",\n INVALID_MESSAGE = \"INVALID_MESSAGE\",\n}\n\n/**\n * Constants for the auth client\n */\nconst CONSTANTS = {\n DEFAULT_IFRAME_ID: \"civic-auth-iframe\",\n DEFAULT_AUTH_PROCESS_TIMEOUT: 60000, // 60 seconds\n SUCCESS_SIGNAL_ID: \"civic-auth-success-signal\",\n ERROR_SIGNAL_ID: \"civic-auth-error-signal\",\n} as const;\n\n/**\n * Message types for postMessage communication\n */\ntype AuthMessageType = \"auth_success\" | \"auth_error\";\n\ninterface AuthMessage {\n type: AuthMessageType;\n detail?: string;\n data?: unknown;\n error?: unknown;\n}\n\nclass CivicAuthError extends Error {\n constructor(\n message: string,\n public readonly code: CivicAuthErrorCode,\n ) {\n super(message);\n this.name = \"CivicAuthError\";\n }\n}\n\n/**\n * Configuration options for the CivicAuth client\n */\nexport interface CivicAuthClientConfig {\n /** OAuth client ID */\n clientId: string;\n /** URL to redirect to after authentication */\n redirectUrl: string;\n /** Base URL of the OAuth server */\n oauthServerBaseUrl: string;\n /** Array of OAuth scopes to request */\n scopes: string[];\n /** HTML element or element ID where the auth iframe will be mounted */\n targetContainerElement: HTMLElement | string;\n /** Text signals for success and error states */\n textSignals: {\n /** Text to display on successful authentication */\n success: string;\n /** Optional text to display on authentication error */\n error?: string;\n };\n /** Display mode for the authentication UI */\n displayMode?: DisplayMode;\n /** Display mode for iframe rendering - modal (full-screen overlay) or embedded (within container) */\n iframeDisplayMode?: \"modal\" | \"embedded\";\n /**\n * Timeout duration in milliseconds for the entire authentication process.\n * If the authentication process takes longer than this duration, it will be cancelled\n * and an error will be thrown.\n */\n authProcessTimeout?: number;\n /** Event handlers for authentication events */\n events?: AuthenticationEvents;\n /** Custom ID for the auth iframe */\n iframeId?: string;\n /** Custom storage adapter for auth state - uses shared AuthStorage interface */\n storageAdapter?: AuthStorage;\n /** OAuth prompt parameter */\n prompt?: string;\n /** Initial state for OAuth flow */\n initialState?: string;\n /** Logging configuration */\n logging?: LoggingConfig;\n}\n\nexport interface LoggingConfig {\n enabled: boolean;\n namespace?: string;\n level?: \"debug\" | \"info\" | \"warn\" | \"error\";\n}\n\n/**\n * Process the configuration with defaults\n */\nfunction processConfigWithDefaults(\n config: CivicAuthClientConfig,\n): CivicAuthClientConfig & {\n storageAdapter: AuthStorage;\n logging: LoggingConfig;\n displayMode: DisplayMode;\n authProcessTimeout: number;\n iframeId: string;\n} {\n const loggingConfig: LoggingConfig = {\n enabled: true,\n namespace: \"iframe\",\n level: \"debug\" as const,\n ...config.logging,\n };\n\n return {\n ...config,\n displayMode: config.displayMode || \"iframe\",\n authProcessTimeout:\n config.authProcessTimeout || CONSTANTS.DEFAULT_AUTH_PROCESS_TIMEOUT,\n iframeId: config.iframeId || CONSTANTS.DEFAULT_IFRAME_ID,\n logging: loggingConfig,\n storageAdapter: config.storageAdapter || new LocalStorageAdapter(),\n };\n}\n\n/**\n * CivicAuth client for handling OAuth authentication\n */\nexport class CivicAuth {\n /**\n * Internal configuration with all optional properties resolved to required ones.\n *\n * We extend CivicAuthClientConfig rather than making these properties required\n * in the public interface to maintain better DX (optional properties) while\n * ensuring type safety internally after defaults are applied.\n */\n private config: CivicAuthClientConfig & {\n storageAdapter: AuthStorage;\n logging: LoggingConfig;\n displayMode: DisplayMode;\n authProcessTimeout: number;\n iframeId: string;\n };\n private iframeElement?: HTMLIFrameElement;\n private observer?: MutationObserver;\n private authPromise?: Promise<AuthResult>;\n private authPromiseResolve?: (value: AuthResult) => void;\n private authPromiseReject?: (reason?: Error) => void;\n private authProcessTimeoutHandle?: number;\n private messageEventHandler?: (event: MessageEvent) => void;\n private storage: AuthStorage;\n private endpoints?: Endpoints;\n private logger: ReturnType<typeof createLogger>;\n private sessionManager?: SessionManager;\n private iframeManager?: IframeManager;\n\n /**\n * Private constructor for CivicAuth.\n * Use {@link CivicAuth.create} to create a new instance.\n * @param config - Configuration options for the auth client\n * @throws {CivicAuthError} If required configuration is missing\n * @private\n */\n private constructor(config: CivicAuthClientConfig) {\n // Process config with defaults\n this.config = processConfigWithDefaults(config);\n\n // Configure logging based on config\n configureLogging(this.config.logging);\n\n // Initialize logger based on config\n if (this.config.logging?.enabled) {\n const namespace = this.config.logging.namespace || \"iframe\";\n this.logger = createLogger(namespace);\n } else {\n // Create a no-op logger when logging is disabled\n this.logger = {\n debug: () => {},\n info: () => {},\n warn: () => {},\n error: () => {},\n };\n }\n\n // Set this logger as the current logger\n setCurrentLogger(this.logger);\n\n // Use the storage adapter from processed config (guaranteed to be present)\n this.storage = this.config.storageAdapter;\n\n // Initialize SessionManager if events are provided\n if (config.events) {\n this.sessionManager = new SessionManager(this.storage, config.events);\n }\n\n // Validate required configuration\n const requiredConfigs = [\n { key: \"clientId\", value: config.clientId },\n { key: \"targetContainerElement\", value: config.targetContainerElement },\n { key: \"textSignals.success\", value: config.textSignals?.success },\n ];\n\n for (const { key, value } of requiredConfigs) {\n if (!value) {\n throw new CivicAuthError(\n `CivicAuth: ${key} is required.`,\n CivicAuthErrorCode.CONFIG_REQUIRED,\n );\n }\n }\n\n this.messageEventHandler = this.handleIframeMessage.bind(this);\n }\n\n /**\n * Creates and initializes a new instance of CivicAuth.\n * This is the recommended way to create a CivicAuth instance.\n *\n * @param config - Configuration options for the auth client\n * @returns A promise that resolves with the initialized CivicAuth instance\n * @throws {CivicAuthError} If initialization fails or required configuration is missing\n *\n * @example\n * ```typescript\n * const auth = await CivicAuth.create({\n * clientId: \"your-client-id\",\n * redirectUrl: \"https://your-app.com/callback\",\n * oauthServerBaseUrl: \"https://auth-server.com/\",\n * scopes: [\"openid\", \"profile\"],\n * targetContainerElement: \"auth-container\",\n * textSignals: {\n * success: \"Authentication successful!\"\n * }\n * });\n * ```\n */\n public static async create(\n config: CivicAuthClientConfig,\n ): Promise<CivicAuth> {\n const instance = new CivicAuth(config);\n await instance.init();\n return instance;\n }\n\n /**\n * Initializes the auth client and checks for callback handling\n * @throws {CivicAuthError} If initialization fails\n */\n private async init(): Promise<void> {\n try {\n // Get OAuth endpoints from well-known configuration\n this.endpoints = {\n auth: `${this.config.oauthServerBaseUrl}auth`,\n token: `${this.config.oauthServerBaseUrl}token`,\n jwks: `${this.config.oauthServerBaseUrl}jwks`,\n userinfo: `${this.config.oauthServerBaseUrl}userinfo`,\n endsession: `${this.config.oauthServerBaseUrl}endsession`,\n };\n\n // Initialize SessionManager with auth config for token refresh\n if (this.sessionManager) {\n const authConfig = {\n clientId: this.config.clientId,\n redirectUrl: this.config.redirectUrl,\n oauthServer: this.config.oauthServerBaseUrl,\n scopes: this.config.scopes,\n endpoints: this.endpoints,\n };\n await this.sessionManager.initializeWithAuthConfig(authConfig);\n }\n\n // Check if we're on the callback page\n if (window.location.href.startsWith(this.config.redirectUrl)) {\n await this.handleCallback();\n }\n } catch (error) {\n const errorMessage =\n error instanceof Error\n ? error.message\n : \"Failed to initialize authentication\";\n this.logger.error(\"Failed to initialize CivicAuth:\", { error });\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: errorMessage,\n });\n throw new CivicAuthError(errorMessage, CivicAuthErrorCode.INIT_FAILED);\n }\n }\n\n /**\n * Gets the container element for the auth iframe\n * @returns The container element or null if not found\n */\n private getContainerElement(): HTMLElement | null {\n if (typeof this.config.targetContainerElement === \"string\") {\n const element = document.getElementById(\n this.config.targetContainerElement,\n );\n if (!element) {\n this.logger.warn(\n `Container element with ID \"${this.config.targetContainerElement}\" not found`,\n );\n }\n return element;\n }\n return this.config.targetContainerElement;\n }\n\n /**\n * Determines the appropriate iframe display mode based on container characteristics\n * @param container The HTML element that will contain the iframe\n * @returns \"modal\" for full-screen overlay or \"embedded\" for in-container display\n */\n private determineIframeDisplayMode(\n container: HTMLElement,\n ): \"modal\" | \"embedded\" {\n // Use explicit config if provided\n if (this.config.iframeDisplayMode) {\n this.logger.debug(\n `Using configured iframe display mode: ${this.config.iframeDisplayMode}`,\n );\n return this.config.iframeDisplayMode;\n }\n\n // Analyze container characteristics to determine best display mode\n const containerRect = container.getBoundingClientRect();\n const containerStyles = window.getComputedStyle(container);\n\n // Get container dimensions\n const containerWidth = containerRect.width;\n const containerHeight = containerRect.height;\n\n // Check if container is positioned in a way that suggests it's meant for modal display\n const isFullScreenContainer =\n containerStyles.position === \"fixed\" &&\n (containerWidth >= window.innerWidth * 0.9 ||\n containerHeight >= window.innerHeight * 0.9);\n\n // Modal mode thresholds - if container is too small, use modal for better UX\n const MIN_EMBEDDED_WIDTH = 320; // Same as modal content wrapper width\n const MIN_EMBEDDED_HEIGHT = 400; // Reasonable minimum for embedded auth flow\n\n // Determine mode based on container characteristics\n if (isFullScreenContainer) {\n this.logger.debug(\n \"Container appears to be full-screen positioned, using modal mode\",\n { containerWidth, containerHeight, position: containerStyles.position },\n );\n return \"modal\";\n }\n\n if (\n containerWidth < MIN_EMBEDDED_WIDTH ||\n containerHeight < MIN_EMBEDDED_HEIGHT\n ) {\n this.logger.debug(\n `Container too small for embedded mode (${containerWidth}x${containerHeight}), using modal mode`,\n {\n containerWidth,\n containerHeight,\n MIN_EMBEDDED_WIDTH,\n MIN_EMBEDDED_HEIGHT,\n },\n );\n return \"modal\";\n }\n\n // Check if container has sufficient space and is properly positioned for embedding\n const hasAdequateSpace =\n containerWidth >= MIN_EMBEDDED_WIDTH &&\n containerHeight >= MIN_EMBEDDED_HEIGHT;\n const isEmbeddablePosition =\n containerStyles.position === \"relative\" ||\n containerStyles.position === \"static\" ||\n containerStyles.position === \"\";\n\n if (hasAdequateSpace && isEmbeddablePosition) {\n this.logger.debug(\n \"Container has adequate space and positioning for embedded mode\",\n { containerWidth, containerHeight, position: containerStyles.position },\n );\n return \"embedded\";\n }\n\n // Default to modal mode if container characteristics are unclear\n this.logger.debug(\n \"Container characteristics unclear, defaulting to modal mode for better UX\",\n { containerWidth, containerHeight, position: containerStyles.position },\n );\n return \"modal\";\n }\n\n /**\n * Builds the authentication URL with PKCE challenge\n * @returns The complete authentication URL\n * @throws {CivicAuthError} If endpoints are not initialized\n */\n private async buildAuthUrl(): Promise<string> {\n if (!this.endpoints) {\n throw new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n }\n\n // Use storage directly since it's now AuthStorage\n const pkceProducer = new GenericPublicClientPKCEProducer(this.storage);\n const codeChallenge = await pkceProducer.getCodeChallenge();\n const state =\n this.config.initialState ||\n generateState({\n displayMode: this.config.displayMode || \"iframe\",\n });\n\n return buildAuthUrl({\n endpoints: this.endpoints,\n clientId: this.config.clientId,\n redirectUrl: this.config.redirectUrl,\n scopes: this.config.scopes,\n codeChallenge,\n state,\n prompt: this.config.prompt,\n });\n }\n\n private handleIframeMessage(event: MessageEvent): void {\n const expectedOrigin = new URL(this.config.oauthServerBaseUrl).origin;\n this.logIncomingMessage(event, expectedOrigin);\n\n if (!this.isValidMessageSource(event, expectedOrigin)) {\n return;\n }\n\n this.handleValidMessage(event);\n }\n\n private logIncomingMessage(\n event: MessageEvent,\n expectedOrigin: string,\n ): void {\n this.logger.debug(\"Global window received message:\", {\n data: event.data,\n origin: event.origin,\n sourceProvided: !!event.source,\n iframeContentWindow: this.iframeElement?.contentWindow,\n expectedIframeOrigin: expectedOrigin,\n });\n }\n\n private isValidMessageSource(\n event: MessageEvent,\n expectedOrigin: string,\n ): boolean {\n const isValidOrigin = event.origin === expectedOrigin;\n const isValidSource = event.source === this.iframeElement?.contentWindow;\n\n if (!isValidOrigin) {\n this.logger.warn(\"Ignored message from unexpected origin.\", {\n receivedOrigin: event.origin,\n expectedOrigin,\n iframeSrc: this.iframeElement?.src,\n });\n }\n\n if (!isValidSource) {\n this.logger.warn(\"Ignored message from unexpected source.\", {\n isSourceProvided: !!event.source,\n isIframeContentWindowAvailable: !!this.iframeElement?.contentWindow,\n iframeSrc: this.iframeElement?.src,\n });\n }\n\n return isValidOrigin && isValidSource;\n }\n\n private handleValidMessage(event: MessageEvent): void {\n this.logger.info(\n \"Message from configured iframe source and origin received\",\n {\n data: event.data,\n iframeSrc: this.iframeElement?.src,\n },\n );\n\n const message = event.data as AuthMessage;\n const messageType = message?.type;\n\n switch (messageType) {\n case \"auth_success\":\n this.handleAuthSuccess(message);\n break;\n case \"auth_error\":\n this.handleAuthError(message);\n break;\n default:\n this.logger.debug(\n \"Message from iframe did not match expected types (auth_success, auth_error)\",\n { data: event.data },\n );\n }\n }\n\n private handleAuthSuccess(data: AuthMessage): void {\n this.config.events?.emit(AuthEvent.SIGN_IN_COMPLETE, {\n detail: \"Success signal received via postMessage\",\n data,\n });\n this.authPromiseResolve?.((data?.data as AuthResult) || {});\n this.cleanup();\n }\n\n private handleAuthError(data: AuthMessage): void {\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Error signal received via postMessage\",\n error: data,\n });\n this.authPromiseReject?.(\n new CivicAuthError(\n data?.detail || \"Error signal received via postMessage\",\n CivicAuthErrorCode.INVALID_MESSAGE,\n ),\n );\n this.cleanup();\n }\n\n private setupSignalObserver(iframeDoc: Document): void {\n const signalObserver = new SignalObserver(\n {\n textSignals: this.config.textSignals,\n events: this.config.events,\n logger: this.logger,\n },\n this.authPromiseResolve,\n this.authPromiseReject,\n () => this.cleanup(),\n );\n\n signalObserver.setup(iframeDoc);\n }\n\n private async handleNewTabAuth(\n fullAuthUrl: string,\n reject: (error: Error) => void,\n ): Promise<void> {\n const popupWindow = window.open(fullAuthUrl, \"_blank\");\n if (!popupWindow) {\n const error = new CivicAuthError(\n \"Failed to open popup window. Please check your browser's popup settings.\",\n CivicAuthErrorCode.INIT_FAILED,\n );\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: error.message,\n });\n reject(error);\n }\n }\n\n private async handleIframeAuth(\n fullAuthUrl: string,\n reject: (error: Error) => void,\n ): Promise<void> {\n const container = this.getContainerElement();\n if (!container) {\n const error = new CivicAuthError(\n \"Target container element not found.\",\n CivicAuthErrorCode.CONTAINER_NOT_FOUND,\n );\n this.logger.error(error.message);\n reject(error);\n return;\n }\n\n this.logger.debug(\"Creating iframe with modal backdrop\", {\n url: fullAuthUrl,\n containerId: container?.id,\n iframeId: this.config.iframeId,\n origin: window.location.origin,\n });\n\n // Determine the actual display mode for IframeManager\n // For iframe displayMode, we need to decide between modal and embedded based on container\n const iframeDisplayMode = this.determineIframeDisplayMode(container);\n\n this.logger.debug(\n `🎯 CivicAuth: Creating IframeManager with display mode: ${iframeDisplayMode}`,\n );\n\n // Create IframeManager with appropriate display mode\n this.iframeManager = new IframeManager({\n container: container,\n displayMode: iframeDisplayMode,\n iframeId: this.config.iframeId,\n onClose: () => {\n this.logger.debug(\n \"Authentication close requested by user (backdrop click, close button, or Escape key)\",\n );\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication cancelled by user\",\n });\n reject(\n new CivicAuthError(\n \"Authentication cancelled by user\",\n CivicAuthErrorCode.AUTH_PROCESS_TIMEOUT,\n ),\n );\n this.cleanup();\n },\n });\n\n // Create the iframe using IframeManager\n this.iframeElement = this.iframeManager.createIframe(fullAuthUrl);\n\n this.config.events?.emit(AuthEvent.SIGN_IN_STARTED, {\n detail: \"Iframe created with modal backdrop\",\n });\n\n this.iframeElement.onload = () => {\n this.logger.info(\"Iframe loaded\", {\n iframeSrc: this.iframeElement?.src,\n currentOrigin: window.location.origin,\n expectedAuthServerOrigin: new URL(this.config.oauthServerBaseUrl)\n .origin,\n });\n\n if (!this.iframeElement?.contentWindow) {\n const errorMsg = \"Iframe content window not available after load.\";\n this.logger.error(errorMsg, {\n iframeSrc: this.iframeElement?.src,\n });\n reject(new Error(errorMsg));\n this.cleanup();\n return;\n }\n\n // Set up postMessage listener for cross-origin communication\n if (this.messageEventHandler) {\n window.addEventListener(\"message\", this.messageEventHandler);\n this.logger.info(\n \"Added cross-origin message event listener for auth server communication\",\n {\n parentOrigin: window.location.origin,\n authServerOrigin: new URL(this.config.oauthServerBaseUrl).origin,\n },\n );\n } else {\n this.logger.error(\n \"messageEventHandler was not defined when trying to add listener.\",\n );\n }\n\n // Try to detect redirect to our domain\n try {\n const currentIframeHref =\n this.iframeElement.contentWindow.location.href;\n\n if (currentIframeHref.startsWith(this.config.redirectUrl)) {\n this.logger.info(\n \"Iframe has navigated to redirectUrl (same-origin). Setting up DOM observer.\",\n );\n\n if (\n this.iframeElement.contentDocument &&\n this.iframeElement.contentDocument.body\n ) {\n this.setupSignalObserver(this.iframeElement.contentDocument);\n }\n }\n } catch (error) {\n this.logger.error(\"Error checking iframe href\", {\n error,\n iframeSrc: this.iframeElement?.src,\n });\n // This is expected when the iframe is on the auth server domain\n this.logger.info(\n \"Iframe is on auth server domain - using postMessage for communication\",\n {\n parentOrigin: window.location.origin,\n authServerOrigin: new URL(this.config.oauthServerBaseUrl).origin,\n },\n );\n }\n };\n\n this.iframeElement.onerror = (event) => {\n this.logger.error(\"Iframe load error\", {\n event,\n iframeSrc: this.iframeElement?.src,\n currentOrigin: window.location.origin,\n });\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Iframe load error\",\n error: event,\n });\n reject(new Error(\"Iframe failed to load.\"));\n this.cleanup();\n };\n }\n\n /**\n * Starts the authentication process\n * @returns A promise that resolves with the authentication result\n * @throws {CivicAuthError} If authentication fails or times out\n */\n async startAuthentication(): Promise<AuthResult> {\n if (!this.endpoints) {\n const error = new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: error.message,\n });\n throw error;\n }\n\n if (this.authPromise) {\n this.logger.info(\n \"Authentication already in progress, returning existing promise\",\n );\n return this.authPromise;\n }\n\n const fullAuthUrl = await this.buildAuthUrl();\n\n this.logger.info(\"Starting authentication process\", {\n constructedIframeUrl: fullAuthUrl,\n displayMode: this.config.displayMode,\n authProcessTimeout: this.config.authProcessTimeout,\n });\n\n this.authPromise = new Promise<AuthResult>((resolve, reject) => {\n this.authPromiseResolve = resolve;\n this.authPromiseReject = reject;\n\n // Handle different display modes\n switch (this.config.displayMode) {\n case \"redirect\":\n // For redirect mode, just navigate to the auth URL\n window.location.href = fullAuthUrl;\n break;\n\n case \"new_tab\":\n this.handleNewTabAuth(fullAuthUrl, reject);\n break;\n\n case \"iframe\":\n default:\n this.handleIframeAuth(fullAuthUrl, reject);\n break;\n }\n\n // Set up timeout for all display modes\n if (\n this.config.authProcessTimeout &&\n this.config.authProcessTimeout > 0\n ) {\n this.logger.debug(\"Setting up authentication timeout\", {\n authProcessTimeout: this.config.authProcessTimeout,\n displayMode: this.config.displayMode,\n });\n this.authProcessTimeoutHandle = window.setTimeout(() => {\n this.logger.warn(\"Authentication timed out\", {\n displayMode: this.config.displayMode,\n currentOrigin: window.location.origin,\n });\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication timed out\",\n });\n reject(new Error(\"Authentication timed out.\"));\n this.cleanup();\n }, this.config.authProcessTimeout);\n }\n });\n\n return this.authPromise;\n }\n\n /**\n * Cleans up resources and event listeners\n */\n public cleanup(): void {\n this.logger.info(\"Cleaning up iframe authentication client\");\n\n if (this.observer) {\n this.logger.debug(\"Disconnecting mutation observer\");\n this.observer.disconnect();\n this.observer = undefined;\n }\n\n if (this.messageEventHandler) {\n window.removeEventListener(\"message\", this.messageEventHandler);\n this.logger.debug(\"Removed 'message' event listener from window.\");\n }\n\n if (this.iframeManager) {\n this.logger.debug(\"Cleaning up iframe manager\");\n this.iframeManager.cleanup();\n this.iframeManager = undefined;\n }\n\n // Reset iframe element reference (actual removal handled by IframeManager)\n if (this.iframeElement) {\n this.iframeElement = undefined;\n }\n\n if (this.authProcessTimeoutHandle) {\n this.logger.debug(\"Clearing authentication process timeout\");\n window.clearTimeout(this.authProcessTimeoutHandle);\n this.authProcessTimeoutHandle = undefined;\n }\n\n this.logger.debug(\"Resetting promise state\");\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n }\n\n private async handleCallback(): Promise<void> {\n try {\n const callbackHandled = await handleOAuthRedirectPage({\n clientId: this.config.clientId,\n oauthServer: this.config.oauthServerBaseUrl,\n redirectUrl: this.config.redirectUrl,\n textSignals: {\n success: this.config.textSignals.success,\n error: this.config.textSignals.error || \"Authentication failed\",\n },\n storageAdapter: this.storage,\n });\n\n if (callbackHandled) {\n const successSignal = document.getElementById(\n CONSTANTS.SUCCESS_SIGNAL_ID,\n );\n const errorSignal = document.getElementById(CONSTANTS.ERROR_SIGNAL_ID);\n\n if (successSignal) {\n let userInfo = null;\n const userInfoAttr = successSignal.getAttribute(\"data-user-info\");\n if (userInfoAttr) {\n try {\n userInfo = JSON.parse(userInfoAttr);\n } catch (error) {\n this.logger.error(\"Failed to parse user info:\", { error });\n }\n }\n this.config.events?.emit(AuthEvent.SIGN_IN_COMPLETE, {\n detail: \"Callback processed successfully\",\n user: userInfo,\n });\n } else if (errorSignal) {\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: errorSignal.textContent || \"Unknown error during callback\",\n });\n }\n }\n } catch (error) {\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail:\n error instanceof Error\n ? error.message\n : \"Unknown error during callback\",\n });\n }\n }\n\n /**\n * Get the current session\n */\n public async getCurrentSession(): Promise<Session | null> {\n return this.sessionManager?.getCurrentSession() || null;\n }\n\n /**\n * Check if user is authenticated\n */\n public async isAuthenticated(): Promise<boolean> {\n return this.sessionManager?.isAuthenticated() || false;\n }\n\n /**\n * Get the current user\n */\n public async getCurrentUser() {\n return this.sessionManager?.getCurrentUser() || null;\n }\n\n /**\n * Clear the current session\n */\n public async clearSession(): Promise<void> {\n if (!this.sessionManager) {\n throw new Error(\n \"SessionManager not initialized. Provide events in config.\",\n );\n }\n return this.sessionManager.clearSession();\n }\n\n /**\n * Manually refresh tokens\n */\n public async refreshTokens(): Promise<void> {\n if (!this.sessionManager) {\n throw new Error(\n \"SessionManager not initialized. Provide events in config.\",\n );\n }\n return this.sessionManager.refreshTokens();\n }\n\n /**\n * Get token refresher state for debugging\n */\n public getTokenRefresherState() {\n return this.sessionManager?.getTokenRefresherState() || null;\n }\n\n /**\n * Update the iframe display mode\n * @param mode - The display mode to use for the iframe\n */\n public setIframeDisplayMode(mode: \"modal\" | \"embedded\"): void {\n this.config.iframeDisplayMode = mode;\n this.logger.debug(`Iframe display mode updated to: ${mode}`);\n }\n\n /**\n * Get the current iframe display mode\n * @returns The current iframe display mode\n */\n public getIframeDisplayMode(): \"modal\" | \"embedded\" | undefined {\n return this.config.iframeDisplayMode;\n }\n\n /**\n * Destroy the auth client and clean up all resources\n */\n public async destroy(): Promise<void> {\n this.cleanup();\n await this.sessionManager?.destroy();\n this.sessionManager = undefined;\n this.logger.info(\"CivicAuth destroyed\");\n }\n}\n"]}
package/dist/vanillajs/auth/OAuthCallbackHandler.d.ts ADDED
@@ -0,0 +1,90 @@
1
+ /**
2
+ * OAuth Callback Handler for Vanilla JavaScript Applications
3
+ *
4
+ * This module provides functionality for handling OAuth redirect/callback pages in vanilla JavaScript
5
+ * applications using the Civic Auth system. It processes the OAuth authorization code flow completion
6
+ * by exchanging authorization codes for access tokens and managing the authentication state.
7
+ *
8
+ * Key responsibilities:
9
+ * - Process OAuth callback URL parameters (code, state)
10
+ * - Exchange authorization codes for access tokens using PKCE
11
+ * - Store tokens and user session data using shared utilities
12
+ * - Create DOM signals for iframe-based authentication flows
13
+ * - Handle error states and cleanup during the OAuth flow
14
+ *
15
+ * This module works in conjunction with:
16
+ * - CivicAuth class for initiating OAuth flows
17
+ * - SignalObserver for detecting authentication completion in iframes
18
+ * - Shared token storage utilities for consistent state management
19
+ *
20
+ * @example
21
+ * ```typescript
22
+ * // In an OAuth callback page
23
+ * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';
24
+ *
25
+ * const handled = await handleOAuthRedirectPage({
26
+ * clientId: 'your-client-id',
27
+ * redirectUrl: 'https://your-app.com/callback',
28
+ * oauthServer: 'https://auth.civic.com/oauth/',
29
+ * textSignals: {
30
+ * success: 'Authentication successful!',
31
+ * error: 'Authentication failed!'
32
+ * },
33
+ * storageAdapter: new LocalStorageAdapter()
34
+ * });
35
+ * ```
36
+ */
37
+ import { getCurrentLogger } from "../utils/logger.js";
38
+ import type { AuthStorage, OIDCTokenResponseBody } from "../../types.js";
39
+ /**
40
+ * Store tokens using the shared utilities from /shared/lib
41
+ * This ensures consistency with the React implementation and also handles user session storage
42
+ */
43
+ export declare function storeTokens(tokens: OIDCTokenResponseBody, storageAdapter: AuthStorage, loggerInstance?: {
44
+ debug: (message: string, ...args: unknown[]) => void;
45
+ info: (message: string, ...args: unknown[]) => void;
46
+ warn: (message: string, ...args: unknown[]) => void;
47
+ error: (message: string, ...args: unknown[]) => void;
48
+ }): Promise<object | null>;
49
+ export interface HandleOAuthRedirectConfig {
50
+ clientId: string;
51
+ redirectUrl: string;
52
+ oauthServer: string;
53
+ textSignals: {
54
+ success: string;
55
+ error: string;
56
+ };
57
+ storageAdapter: AuthStorage;
58
+ logger?: ReturnType<typeof getCurrentLogger>;
59
+ }
60
+ /**
61
+ * Handle OAuth redirect page processing for vanilla JavaScript applications.
62
+ * This function processes the OAuth callback URL parameters and exchanges the authorization code for tokens.
63
+ *
64
+ * @param config - Configuration object for handling the OAuth redirect
65
+ * @param config.clientId - OAuth client ID
66
+ * @param config.redirectUrl - URL to redirect to after authentication
67
+ * @param config.oauthServer - OAuth server base URL
68
+ * @param config.textSignals - Text signals for success and error states
69
+ * @param config.storageAdapter - Storage adapter for persisting auth state (required)
70
+ * @param config.logger - Optional logger instance
71
+ * @returns Promise<boolean> - Returns true if callback was handled, false otherwise
72
+ *
73
+ * @example
74
+ * ```typescript
75
+ * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';
76
+ *
77
+ * const handled = await handleOAuthRedirectPage({
78
+ * clientId: 'your-client-id',
79
+ * redirectUrl: 'https://your-app.com/callback',
80
+ * oauthServer: 'https://auth.civic.com/oauth/',
81
+ * textSignals: {
82
+ * success: 'Authentication successful!',
83
+ * error: 'Authentication failed!'
84
+ * },
85
+ * storageAdapter: new LocalStorageAdapter()
86
+ * });
87
+ * ```
88
+ */
89
+ export declare function handleOAuthRedirectPage(config: HandleOAuthRedirectConfig): Promise<boolean>;
90
+ //# sourceMappingURL=OAuthCallbackHandler.d.ts.map
package/dist/vanillajs/auth/OAuthCallbackHandler.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"OAuthCallbackHandler.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/OAuthCallbackHandler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AAWH,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,KAAK,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,wBAAsB,WAAW,CAC/B,MAAM,EAAE,qBAAqB,EAC7B,cAAc,EAAE,WAAW,EAC3B,cAAc;;;;;CAAqB,GAClC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAyBxB;AAED,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE;QACX,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IACF,cAAc,EAAE,WAAW,CAAC;IAC5B,MAAM,CAAC,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC;CAC9C;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,wBAAsB,uBAAuB,CAC3C,MAAM,EAAE,yBAAyB,GAChC,OAAO,CAAC,OAAO,CAAC,CAmElB"}
package/dist/vanillajs/auth/OAuthCallbackHandler.js ADDED
@@ -0,0 +1,143 @@
1
+ /**
2
+ * OAuth Callback Handler for Vanilla JavaScript Applications
3
+ *
4
+ * This module provides functionality for handling OAuth redirect/callback pages in vanilla JavaScript
5
+ * applications using the Civic Auth system. It processes the OAuth authorization code flow completion
6
+ * by exchanging authorization codes for access tokens and managing the authentication state.
7
+ *
8
+ * Key responsibilities:
9
+ * - Process OAuth callback URL parameters (code, state)
10
+ * - Exchange authorization codes for access tokens using PKCE
11
+ * - Store tokens and user session data using shared utilities
12
+ * - Create DOM signals for iframe-based authentication flows
13
+ * - Handle error states and cleanup during the OAuth flow
14
+ *
15
+ * This module works in conjunction with:
16
+ * - CivicAuth class for initiating OAuth flows
17
+ * - SignalObserver for detecting authentication completion in iframes
18
+ * - Shared token storage utilities for consistent state management
19
+ *
20
+ * @example
21
+ * ```typescript
22
+ * // In an OAuth callback page
23
+ * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';
24
+ *
25
+ * const handled = await handleOAuthRedirectPage({
26
+ * clientId: 'your-client-id',
27
+ * redirectUrl: 'https://your-app.com/callback',
28
+ * oauthServer: 'https://auth.civic.com/oauth/',
29
+ * textSignals: {
30
+ * success: 'Authentication successful!',
31
+ * error: 'Authentication failed!'
32
+ * },
33
+ * storageAdapter: new LocalStorageAdapter()
34
+ * });
35
+ * ```
36
+ */
37
+ import { exchangeTokens, buildOauth2Client, getEndpointsWithOverrides, storeTokens as sharedStoreTokens, } from "../../shared/lib/util.js";
38
+ import { getUser } from "../../shared/lib/session.js";
39
+ import { GenericUserSession } from "../../shared/lib/UserSession.js";
40
+ import { CodeVerifier } from "../../shared/lib/types.js";
41
+ import { getCurrentLogger } from "../utils/logger.js";
42
+ import { GenericPublicClientPKCEProducer } from "../../services/PKCE.js";
43
+ /**
44
+ * Store tokens using the shared utilities from /shared/lib
45
+ * This ensures consistency with the React implementation and also handles user session storage
46
+ */
47
+ export async function storeTokens(tokens, storageAdapter, loggerInstance = getCurrentLogger()) {
48
+ try {
49
+ // Use shared storeTokens utility for consistent token storage
50
+ await sharedStoreTokens(storageAdapter, tokens);
51
+ // Get user info using shared utilities
52
+ const user = await getUser(storageAdapter);
53
+ if (user) {
54
+ // Store user session using shared utilities
55
+ const userSession = new GenericUserSession(storageAdapter);
56
+ await userSession.set(user);
57
+ loggerInstance.info("CivicAuth: Tokens and user info stored successfully using shared utilities.");
58
+ return user;
59
+ }
60
+ else {
61
+ loggerInstance.warn("CivicAuth: Failed to extract user info from tokens.");
62
+ return null;
63
+ }
64
+ }
65
+ catch (error) {
66
+ loggerInstance.error("CivicAuth: Error storing tokens:", error);
67
+ throw error;
68
+ }
69
+ }
70
+ /**
71
+ * Handle OAuth redirect page processing for vanilla JavaScript applications.
72
+ * This function processes the OAuth callback URL parameters and exchanges the authorization code for tokens.
73
+ *
74
+ * @param config - Configuration object for handling the OAuth redirect
75
+ * @param config.clientId - OAuth client ID
76
+ * @param config.redirectUrl - URL to redirect to after authentication
77
+ * @param config.oauthServer - OAuth server base URL
78
+ * @param config.textSignals - Text signals for success and error states
79
+ * @param config.storageAdapter - Storage adapter for persisting auth state (required)
80
+ * @param config.logger - Optional logger instance
81
+ * @returns Promise<boolean> - Returns true if callback was handled, false otherwise
82
+ *
83
+ * @example
84
+ * ```typescript
85
+ * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';
86
+ *
87
+ * const handled = await handleOAuthRedirectPage({
88
+ * clientId: 'your-client-id',
89
+ * redirectUrl: 'https://your-app.com/callback',
90
+ * oauthServer: 'https://auth.civic.com/oauth/',
91
+ * textSignals: {
92
+ * success: 'Authentication successful!',
93
+ * error: 'Authentication failed!'
94
+ * },
95
+ * storageAdapter: new LocalStorageAdapter()
96
+ * });
97
+ * ```
98
+ */
99
+ export async function handleOAuthRedirectPage(config) {
100
+ const loggerInstance = config.logger || getCurrentLogger();
101
+ const urlParams = new URLSearchParams(window.location.search);
102
+ const code = urlParams.get("code");
103
+ const state = urlParams.get("state");
104
+ if (code && state) {
105
+ loggerInstance.info("CivicAuth: OAuth callback detected with code:", code);
106
+ // Use the provided storage adapter from config
107
+ const storage = config.storageAdapter;
108
+ const pkceProducer = new GenericPublicClientPKCEProducer(storage);
109
+ try {
110
+ const endpoints = await getEndpointsWithOverrides(config.oauthServer);
111
+ const oauth2Client = buildOauth2Client(config.clientId, config.redirectUrl, endpoints);
112
+ const tokenResponse = await exchangeTokens(code, state, pkceProducer, oauth2Client, config.oauthServer, endpoints);
113
+ // Get userInfo from storeTokens using shared utilities
114
+ const userInfo = await storeTokens(tokenResponse, storage, loggerInstance);
115
+ loggerInstance.info("CivicAuth: Tokens stored successfully using shared utilities.");
116
+ const signalElement = document.createElement("div");
117
+ signalElement.id = "civic-auth-success-signal";
118
+ signalElement.textContent = config.textSignals.success;
119
+ if (userInfo) {
120
+ // Embed userInfo if available
121
+ signalElement.setAttribute("data-user-info", JSON.stringify(userInfo));
122
+ }
123
+ signalElement.style.display = "none";
124
+ document.body.appendChild(signalElement);
125
+ loggerInstance.info("CivicAuth: Appended success signal to body.");
126
+ // Clean up the code verifier using shared utilities
127
+ await storage.delete(CodeVerifier.COOKIE_NAME);
128
+ }
129
+ catch (error) {
130
+ loggerInstance.error("CivicAuth: Token exchange error:", error);
131
+ const errorSignalElement = document.createElement("div");
132
+ errorSignalElement.id = "civic-auth-error-signal";
133
+ const errorMessage = error instanceof Error ? error.message : "Unknown error";
134
+ errorSignalElement.textContent = `${config.textSignals.error} (Error: ${errorMessage})`;
135
+ errorSignalElement.style.display = "none";
136
+ document.body.appendChild(errorSignalElement);
137
+ return true;
138
+ }
139
+ return true;
140
+ }
141
+ return false;
142
+ }
143
+ //# sourceMappingURL=OAuthCallbackHandler.js.map
package/dist/vanillajs/auth/OAuthCallbackHandler.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"OAuthCallbackHandler.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/OAuthCallbackHandler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AAEH,OAAO,EACL,cAAc,EACd,iBAAiB,EACjB,yBAAyB,EACzB,WAAW,IAAI,iBAAiB,GACjC,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AAGzE;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAA6B,EAC7B,cAA2B,EAC3B,cAAc,GAAG,gBAAgB,EAAE;IAEnC,IAAI,CAAC;QACH,8DAA8D;QAC9D,MAAM,iBAAiB,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAEhD,uCAAuC;QACvC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,CAAC;QAC3C,IAAI,IAAI,EAAE,CAAC;YACT,4CAA4C;YAC5C,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,cAAc,CAAC,CAAC;YAC3D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC5B,cAAc,CAAC,IAAI,CACjB,6EAA6E,CAC9E,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;aAAM,CAAC;YACN,cAAc,CAAC,IAAI,CACjB,qDAAqD,CACtD,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,cAAc,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QAChE,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAcD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,MAAiC;IAEjC,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC;IAC3D,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC9D,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC;QAClB,cAAc,CAAC,IAAI,CAAC,+CAA+C,EAAE,IAAI,CAAC,CAAC;QAE3E,+CAA+C;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,cAAc,CAAC;QACtC,MAAM,YAAY,GAAG,IAAI,+BAA+B,CAAC,OAAO,CAAC,CAAC;QAElE,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACtE,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;YAEF,MAAM,aAAa,GAAG,MAAM,cAAc,CACxC,IAAI,EACJ,KAAK,EACL,YAAY,EACZ,YAAY,EACZ,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;YAEF,uDAAuD;YACvD,MAAM,QAAQ,GAAG,MAAM,WAAW,CAChC,aAAa,EACb,OAAO,EACP,cAAc,CACf,CAAC;YACF,cAAc,CAAC,IAAI,CACjB,+DAA+D,CAChE,CAAC;YAEF,MAAM,aAAa,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YACpD,aAAa,CAAC,EAAE,GAAG,2BAA2B,CAAC;YAC/C,aAAa,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC;YACvD,IAAI,QAAQ,EAAE,CAAC;gBACb,8BAA8B;gBAC9B,aAAa,CAAC,YAAY,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;YACzE,CAAC;YACD,aAAa,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;YACrC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;YACzC,cAAc,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;YAEnE,oDAAoD;YACpD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,cAAc,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;YAChE,MAAM,kBAAkB,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YACzD,kBAAkB,CAAC,EAAE,GAAG,yBAAyB,CAAC;YAClD,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC3D,kBAAkB,CAAC,WAAW,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,KAAK,YAAY,YAAY,GAAG,CAAC;YACxF,kBAAkB,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;YAC1C,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC;YAC9C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC","sourcesContent":["/**\n * OAuth Callback Handler for Vanilla JavaScript Applications\n *\n * This module provides functionality for handling OAuth redirect/callback pages in vanilla JavaScript\n * applications using the Civic Auth system. It processes the OAuth authorization code flow completion\n * by exchanging authorization codes for access tokens and managing the authentication state.\n *\n * Key responsibilities:\n * - Process OAuth callback URL parameters (code, state)\n * - Exchange authorization codes for access tokens using PKCE\n * - Store tokens and user session data using shared utilities\n * - Create DOM signals for iframe-based authentication flows\n * - Handle error states and cleanup during the OAuth flow\n *\n * This module works in conjunction with:\n * - CivicAuth class for initiating OAuth flows\n * - SignalObserver for detecting authentication completion in iframes\n * - Shared token storage utilities for consistent state management\n *\n * @example\n * ```typescript\n * // In an OAuth callback page\n * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';\n *\n * const handled = await handleOAuthRedirectPage({\n * clientId: 'your-client-id',\n * redirectUrl: 'https://your-app.com/callback',\n * oauthServer: 'https://auth.civic.com/oauth/',\n * textSignals: {\n * success: 'Authentication successful!',\n * error: 'Authentication failed!'\n * },\n * storageAdapter: new LocalStorageAdapter()\n * });\n * ```\n */\n\nimport {\n exchangeTokens,\n buildOauth2Client,\n getEndpointsWithOverrides,\n storeTokens as sharedStoreTokens,\n} from \"../../shared/lib/util.js\";\nimport { getUser } from \"../../shared/lib/session.js\";\nimport { GenericUserSession } from \"../../shared/lib/UserSession.js\";\nimport { CodeVerifier } from \"../../shared/lib/types.js\";\nimport { getCurrentLogger } from \"../utils/logger.js\";\nimport { GenericPublicClientPKCEProducer } from \"../../services/PKCE.js\";\nimport type { AuthStorage, OIDCTokenResponseBody } from \"../../types.js\";\n\n/**\n * Store tokens using the shared utilities from /shared/lib\n * This ensures consistency with the React implementation and also handles user session storage\n */\nexport async function storeTokens(\n tokens: OIDCTokenResponseBody,\n storageAdapter: AuthStorage,\n loggerInstance = getCurrentLogger(),\n): Promise<object | null> {\n try {\n // Use shared storeTokens utility for consistent token storage\n await sharedStoreTokens(storageAdapter, tokens);\n\n // Get user info using shared utilities\n const user = await getUser(storageAdapter);\n if (user) {\n // Store user session using shared utilities\n const userSession = new GenericUserSession(storageAdapter);\n await userSession.set(user);\n loggerInstance.info(\n \"CivicAuth: Tokens and user info stored successfully using shared utilities.\",\n );\n return user;\n } else {\n loggerInstance.warn(\n \"CivicAuth: Failed to extract user info from tokens.\",\n );\n return null;\n }\n } catch (error) {\n loggerInstance.error(\"CivicAuth: Error storing tokens:\", error);\n throw error;\n }\n}\n\nexport interface HandleOAuthRedirectConfig {\n clientId: string;\n redirectUrl: string;\n oauthServer: string;\n textSignals: {\n success: string;\n error: string;\n };\n storageAdapter: AuthStorage;\n logger?: ReturnType<typeof getCurrentLogger>;\n}\n\n/**\n * Handle OAuth redirect page processing for vanilla JavaScript applications.\n * This function processes the OAuth callback URL parameters and exchanges the authorization code for tokens.\n *\n * @param config - Configuration object for handling the OAuth redirect\n * @param config.clientId - OAuth client ID\n * @param config.redirectUrl - URL to redirect to after authentication\n * @param config.oauthServer - OAuth server base URL\n * @param config.textSignals - Text signals for success and error states\n * @param config.storageAdapter - Storage adapter for persisting auth state (required)\n * @param config.logger - Optional logger instance\n * @returns Promise<boolean> - Returns true if callback was handled, false otherwise\n *\n * @example\n * ```typescript\n * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';\n *\n * const handled = await handleOAuthRedirectPage({\n * clientId: 'your-client-id',\n * redirectUrl: 'https://your-app.com/callback',\n * oauthServer: 'https://auth.civic.com/oauth/',\n * textSignals: {\n * success: 'Authentication successful!',\n * error: 'Authentication failed!'\n * },\n * storageAdapter: new LocalStorageAdapter()\n * });\n * ```\n */\nexport async function handleOAuthRedirectPage(\n config: HandleOAuthRedirectConfig,\n): Promise<boolean> {\n const loggerInstance = config.logger || getCurrentLogger();\n const urlParams = new URLSearchParams(window.location.search);\n const code = urlParams.get(\"code\");\n const state = urlParams.get(\"state\");\n\n if (code && state) {\n loggerInstance.info(\"CivicAuth: OAuth callback detected with code:\", code);\n\n // Use the provided storage adapter from config\n const storage = config.storageAdapter;\n const pkceProducer = new GenericPublicClientPKCEProducer(storage);\n\n try {\n const endpoints = await getEndpointsWithOverrides(config.oauthServer);\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n\n const tokenResponse = await exchangeTokens(\n code,\n state,\n pkceProducer,\n oauth2Client,\n config.oauthServer,\n endpoints,\n );\n\n // Get userInfo from storeTokens using shared utilities\n const userInfo = await storeTokens(\n tokenResponse,\n storage,\n loggerInstance,\n );\n loggerInstance.info(\n \"CivicAuth: Tokens stored successfully using shared utilities.\",\n );\n\n const signalElement = document.createElement(\"div\");\n signalElement.id = \"civic-auth-success-signal\";\n signalElement.textContent = config.textSignals.success;\n if (userInfo) {\n // Embed userInfo if available\n signalElement.setAttribute(\"data-user-info\", JSON.stringify(userInfo));\n }\n signalElement.style.display = \"none\";\n document.body.appendChild(signalElement);\n loggerInstance.info(\"CivicAuth: Appended success signal to body.\");\n\n // Clean up the code verifier using shared utilities\n await storage.delete(CodeVerifier.COOKIE_NAME);\n } catch (error) {\n loggerInstance.error(\"CivicAuth: Token exchange error:\", error);\n const errorSignalElement = document.createElement(\"div\");\n errorSignalElement.id = \"civic-auth-error-signal\";\n const errorMessage =\n error instanceof Error ? error.message : \"Unknown error\";\n errorSignalElement.textContent = `${config.textSignals.error} (Error: ${errorMessage})`;\n errorSignalElement.style.display = \"none\";\n document.body.appendChild(errorSignalElement);\n return true;\n }\n return true;\n }\n return false;\n}\n"]}
package/dist/vanillajs/auth/SessionManager.d.ts ADDED
@@ -0,0 +1,48 @@
1
+ import type { AuthStorage } from "../../types.js";
2
+ import type { AuthenticationEvents } from "./AuthenticationEvents.js";
3
+ import type { User, Session } from "../types/index.js";
4
+ import type { AuthConfig } from "../../server/config.js";
5
+ export declare class SessionManager {
6
+ private storage;
7
+ private events;
8
+ private tokenRefresher?;
9
+ private logger;
10
+ constructor(storageAdapter: AuthStorage, events: AuthenticationEvents);
11
+ /**
12
+ * Initialize the session manager with auth configuration to enable token refresh
13
+ */
14
+ initializeWithAuthConfig(authConfig: AuthConfig): Promise<void>;
15
+ /**
16
+ * Build current session from shared lib storage
17
+ */
18
+ getCurrentSession(): Promise<Session | null>;
19
+ /**
20
+ * Check if user is authenticated using shared lib utilities
21
+ */
22
+ isAuthenticated(): Promise<boolean>;
23
+ /**
24
+ * Get current user from shared lib storage
25
+ */
26
+ getCurrentUser(): Promise<User | null>;
27
+ /**
28
+ * Clear all authentication data using shared lib utilities
29
+ */
30
+ clearSession(): Promise<void>;
31
+ /**
32
+ * Manually trigger token refresh
33
+ */
34
+ refreshTokens(): Promise<void>;
35
+ /**
36
+ * Get token refresher state for debugging
37
+ */
38
+ getTokenRefresherState(): {
39
+ isInitialized: boolean;
40
+ isAuthenticated: boolean;
41
+ isAutoRefreshActive: boolean;
42
+ } | null;
43
+ /**
44
+ * Clean up resources when session manager is destroyed
45
+ */
46
+ destroy(): Promise<void>;
47
+ }
48
+ //# sourceMappingURL=SessionManager.d.ts.map
package/dist/vanillajs/auth/SessionManager.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"SessionManager.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAIvD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAKzD,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,MAAM,CAAsB;gBAExB,cAAc,EAAE,WAAW,EAAE,MAAM,EAAE,oBAAoB;IAQrE;;OAEG;IACG,wBAAwB,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IA0BrE;;OAEG;IACG,iBAAiB,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAyBlD;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAKzC;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAS5C;;OAEG;IACG,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAmBnC;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAUpC;;OAEG;IACH,sBAAsB,IAAI;QACxB,aAAa,EAAE,OAAO,CAAC;QACvB,eAAe,EAAE,OAAO,CAAC;QACzB,mBAAmB,EAAE,OAAO,CAAC;KAC9B,GAAG,IAAI;IAIR;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;CAK/B"}
package/dist/vanillajs/auth/SessionManager.js ADDED
@@ -0,0 +1,121 @@
1
+ import { AuthEvent } from "../types/index.js";
2
+ import { getCurrentLogger } from "../utils/logger.js";
3
+ import { TokenRefresher } from "./TokenRefresher.js";
4
+ import { retrieveTokens, clearTokens } from "../../shared/lib/util.js";
5
+ import { getUser } from "../../shared/lib/session.js";
6
+ import { GenericUserSession } from "../../shared/lib/UserSession.js";
7
+ export class SessionManager {
8
+ storage;
9
+ events;
10
+ tokenRefresher;
11
+ logger = getCurrentLogger();
12
+ constructor(storageAdapter, events) {
13
+ this.storage = storageAdapter;
14
+ this.events = events;
15
+ this.logger.info("SessionManager initialized with shared lib token storage");
16
+ }
17
+ /**
18
+ * Initialize the session manager with auth configuration to enable token refresh
19
+ */
20
+ async initializeWithAuthConfig(authConfig) {
21
+ try {
22
+ // Initialize token refresher
23
+ this.tokenRefresher = new TokenRefresher(this.storage, this.events, authConfig);
24
+ await this.tokenRefresher.initialize(authConfig);
25
+ // Set current authentication state
26
+ const isAuthenticated = await this.isAuthenticated();
27
+ this.tokenRefresher.setAuthenticationState(isAuthenticated);
28
+ this.logger.info("SessionManager initialized with token refresh capability");
29
+ }
30
+ catch (error) {
31
+ this.logger.error("Failed to initialize SessionManager with auth config:", error);
32
+ this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);
33
+ }
34
+ }
35
+ /**
36
+ * Build current session from shared lib storage
37
+ */
38
+ async getCurrentSession() {
39
+ try {
40
+ const tokens = await retrieveTokens(this.storage);
41
+ const user = await this.getCurrentUser();
42
+ if (!tokens?.id_token || !user) {
43
+ this.logger.warn("No id_token or user available, cannot create session");
44
+ return null;
45
+ }
46
+ return {
47
+ user,
48
+ accessToken: tokens.access_token,
49
+ idToken: tokens.id_token,
50
+ refreshToken: tokens.refresh_token ?? undefined,
51
+ expiresAt: tokens.access_token_expires_at ?? undefined,
52
+ };
53
+ }
54
+ catch (error) {
55
+ this.logger.error("Failed to load session from shared storage:", error);
56
+ return null;
57
+ }
58
+ }
59
+ /**
60
+ * Check if user is authenticated using shared lib utilities
61
+ */
62
+ async isAuthenticated() {
63
+ const tokens = await retrieveTokens(this.storage);
64
+ return !!tokens?.id_token;
65
+ }
66
+ /**
67
+ * Get current user from shared lib storage
68
+ */
69
+ async getCurrentUser() {
70
+ try {
71
+ return await getUser(this.storage);
72
+ }
73
+ catch (error) {
74
+ this.logger.error("Failed to get user from shared storage:", error);
75
+ return null;
76
+ }
77
+ }
78
+ /**
79
+ * Clear all authentication data using shared lib utilities
80
+ */
81
+ async clearSession() {
82
+ try {
83
+ await clearTokens(this.storage);
84
+ // Clear user session using shared utilities
85
+ const userSession = new GenericUserSession(this.storage);
86
+ await userSession.clear();
87
+ // Stop token refresher when session is cleared
88
+ this.tokenRefresher?.setAuthenticationState(false);
89
+ this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);
90
+ this.logger.info("Session cleared using shared lib utilities");
91
+ }
92
+ catch (error) {
93
+ this.logger.error("Failed to clear session:", error);
94
+ throw error;
95
+ }
96
+ }
97
+ /**
98
+ * Manually trigger token refresh
99
+ */
100
+ async refreshTokens() {
101
+ if (!this.tokenRefresher) {
102
+ throw new Error("Token refresher not initialized. Call initializeWithAuthConfig first.");
103
+ }
104
+ return this.tokenRefresher.refreshTokens();
105
+ }
106
+ /**
107
+ * Get token refresher state for debugging
108
+ */
109
+ getTokenRefresherState() {
110
+ return this.tokenRefresher?.getState() || null;
111
+ }
112
+ /**
113
+ * Clean up resources when session manager is destroyed
114
+ */
115
+ async destroy() {
116
+ await this.tokenRefresher?.destroy();
117
+ this.tokenRefresher = undefined;
118
+ this.logger.info("SessionManager destroyed");
119
+ }
120
+ }
121
+ //# sourceMappingURL=SessionManager.js.map
package/dist/vanillajs/auth/SessionManager.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"SessionManager.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvE,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,MAAM,OAAO,cAAc;IACjB,OAAO,CAAc;IACrB,MAAM,CAAuB;IAC7B,cAAc,CAAkB;IAChC,MAAM,GAAG,gBAAgB,EAAE,CAAC;IAEpC,YAAY,cAA2B,EAAE,MAA4B;QACnE,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,wBAAwB,CAAC,UAAsB;QACnD,IAAI,CAAC;YACH,6BAA6B;YAC7B,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CACtC,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,MAAM,EACX,UAAU,CACX,CAAC;YACF,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YAEjD,mCAAmC;YACnC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;YACrD,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC;YAE5D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uDAAuD,EACvD,KAAK,CACN,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB;QACrB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAEzC,IAAI,CAAC,MAAM,EAAE,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sDAAsD,CACvD,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,OAAO,EAAE,MAAM,CAAC,QAAQ;gBACxB,YAAY,EAAE,MAAM,CAAC,aAAa,IAAI,SAAS;gBAC/C,SAAS,EAAE,MAAM,CAAC,uBAAuB,IAAI,SAAS;aACvD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;YACxE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC;YACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;YACpE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC;YACH,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEhC,4CAA4C;YAC5C,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;YAE1B,+CAA+C;YAC/C,IAAI,CAAC,cAAc,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAEnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC;YACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QACjE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;YACrD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,sBAAsB;QAKpB,OAAO,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,CAAC;QACrC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC/C,CAAC;CACF","sourcesContent":["import type { AuthStorage } from \"../../types.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport type { User, Session } from \"../types/index.js\"; // Assuming Session might be used internally\nimport { AuthEvent } from \"../types/index.js\";\nimport { getCurrentLogger } from \"../utils/logger.js\";\nimport { TokenRefresher } from \"./TokenRefresher.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\nimport { retrieveTokens, clearTokens } from \"../../shared/lib/util.js\";\nimport { getUser } from \"../../shared/lib/session.js\";\nimport { GenericUserSession } from \"../../shared/lib/UserSession.js\";\n\nexport class SessionManager {\n private storage: AuthStorage;\n private events: AuthenticationEvents;\n private tokenRefresher?: TokenRefresher;\n private logger = getCurrentLogger();\n\n constructor(storageAdapter: AuthStorage, events: AuthenticationEvents) {\n this.storage = storageAdapter;\n this.events = events;\n this.logger.info(\n \"SessionManager initialized with shared lib token storage\",\n );\n }\n\n /**\n * Initialize the session manager with auth configuration to enable token refresh\n */\n async initializeWithAuthConfig(authConfig: AuthConfig): Promise<void> {\n try {\n // Initialize token refresher\n this.tokenRefresher = new TokenRefresher(\n this.storage,\n this.events,\n authConfig,\n );\n await this.tokenRefresher.initialize(authConfig);\n\n // Set current authentication state\n const isAuthenticated = await this.isAuthenticated();\n this.tokenRefresher.setAuthenticationState(isAuthenticated);\n\n this.logger.info(\n \"SessionManager initialized with token refresh capability\",\n );\n } catch (error) {\n this.logger.error(\n \"Failed to initialize SessionManager with auth config:\",\n error,\n );\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n }\n }\n\n /**\n * Build current session from shared lib storage\n */\n async getCurrentSession(): Promise<Session | null> {\n try {\n const tokens = await retrieveTokens(this.storage);\n const user = await this.getCurrentUser();\n\n if (!tokens?.id_token || !user) {\n this.logger.warn(\n \"No id_token or user available, cannot create session\",\n );\n return null;\n }\n\n return {\n user,\n accessToken: tokens.access_token,\n idToken: tokens.id_token,\n refreshToken: tokens.refresh_token ?? undefined,\n expiresAt: tokens.access_token_expires_at ?? undefined,\n };\n } catch (error) {\n this.logger.error(\"Failed to load session from shared storage:\", error);\n return null;\n }\n }\n\n /**\n * Check if user is authenticated using shared lib utilities\n */\n async isAuthenticated(): Promise<boolean> {\n const tokens = await retrieveTokens(this.storage);\n return !!tokens?.id_token;\n }\n\n /**\n * Get current user from shared lib storage\n */\n async getCurrentUser(): Promise<User | null> {\n try {\n return await getUser(this.storage);\n } catch (error) {\n this.logger.error(\"Failed to get user from shared storage:\", error);\n return null;\n }\n }\n\n /**\n * Clear all authentication data using shared lib utilities\n */\n async clearSession(): Promise<void> {\n try {\n await clearTokens(this.storage);\n\n // Clear user session using shared utilities\n const userSession = new GenericUserSession(this.storage);\n await userSession.clear();\n\n // Stop token refresher when session is cleared\n this.tokenRefresher?.setAuthenticationState(false);\n\n this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);\n this.logger.info(\"Session cleared using shared lib utilities\");\n } catch (error) {\n this.logger.error(\"Failed to clear session:\", error);\n throw error;\n }\n }\n\n /**\n * Manually trigger token refresh\n */\n async refreshTokens(): Promise<void> {\n if (!this.tokenRefresher) {\n throw new Error(\n \"Token refresher not initialized. Call initializeWithAuthConfig first.\",\n );\n }\n\n return this.tokenRefresher.refreshTokens();\n }\n\n /**\n * Get token refresher state for debugging\n */\n getTokenRefresherState(): {\n isInitialized: boolean;\n isAuthenticated: boolean;\n isAutoRefreshActive: boolean;\n } | null {\n return this.tokenRefresher?.getState() || null;\n }\n\n /**\n * Clean up resources when session manager is destroyed\n */\n async destroy(): Promise<void> {\n await this.tokenRefresher?.destroy();\n this.tokenRefresher = undefined;\n this.logger.info(\"SessionManager destroyed\");\n }\n}\n"]}
package/dist/vanillajs/auth/TokenRefresher.d.ts ADDED
@@ -0,0 +1,54 @@
1
+ import type { AuthStorage } from "../../types.js";
2
+ import type { AuthenticationEvents } from "./AuthenticationEvents.js";
3
+ import type { AuthConfig } from "../../server/config.js";
4
+ /**
5
+ * TokenRefresher handles automatic token refresh for vanilla.js implementation
6
+ * Inspired by the React useRefresh hook and BrowserAuthenticationRefresher
7
+ */
8
+ export declare class TokenRefresher {
9
+ private refresher?;
10
+ private storage;
11
+ private events;
12
+ private authConfig?;
13
+ private isAuthenticated;
14
+ private isDestroyed;
15
+ private logger;
16
+ constructor(storage: AuthStorage, events: AuthenticationEvents, authConfig?: AuthConfig);
17
+ /**
18
+ * Initialize the token refresher with auth configuration
19
+ */
20
+ initialize(authConfig: AuthConfig): Promise<void>;
21
+ /**
22
+ * Set authentication state and manage auto-refresh accordingly
23
+ */
24
+ setAuthenticationState(isAuthenticated: boolean): void;
25
+ /**
26
+ * Manually refresh tokens
27
+ */
28
+ refreshTokens(): Promise<void>;
29
+ /**
30
+ * Start automatic token refresh
31
+ */
32
+ private startAutoRefresh;
33
+ /**
34
+ * Stop automatic token refresh
35
+ */
36
+ private stopAutoRefresh;
37
+ /**
38
+ * Clean up resources
39
+ */
40
+ cleanup(): Promise<void>;
41
+ /**
42
+ * Destroy the token refresher permanently
43
+ */
44
+ destroy(): Promise<void>;
45
+ /**
46
+ * Get current refresh state
47
+ */
48
+ getState(): {
49
+ isInitialized: boolean;
50
+ isAuthenticated: boolean;
51
+ isAutoRefreshActive: boolean;
52
+ };
53
+ }
54
+ //# sourceMappingURL=TokenRefresher.d.ts.map
package/dist/vanillajs/auth/TokenRefresher.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"TokenRefresher.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/TokenRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAMtE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAIzD;;;GAGG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,SAAS,CAAC,CAAiC;IACnD,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,UAAU,CAAC,CAAa;IAChC,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,WAAW,CAAkB;IACrC,OAAO,CAAC,MAAM,CAAsB;gBAGlC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,oBAAoB,EAC5B,UAAU,CAAC,EAAE,UAAU;IASzB;;OAEG;IACG,UAAU,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAoDvD;;OAEG;IACH,sBAAsB,CAAC,eAAe,EAAE,OAAO,GAAG,IAAI;IAgBtD;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAuBpC;;OAEG;YACW,gBAAgB;IAwB9B;;OAEG;IACH,OAAO,CAAC,eAAe;IAOvB;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAW9B;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAM9B;;OAEG;IACH,QAAQ,IAAI;QACV,aAAa,EAAE,OAAO,CAAC;QACvB,eAAe,EAAE,OAAO,CAAC;QACzB,mBAAmB,EAAE,OAAO,CAAC;KAC9B;CAOF"}