@civic/auth 0.6.0 → 0.6.1-beta.1

package/dist/vanillajs/auth/OAuthCallbackHandler.js

@@ -0,0 +1,143 @@
+/**
+ * OAuth Callback Handler for Vanilla JavaScript Applications
+ *
+ * This module provides functionality for handling OAuth redirect/callback pages in vanilla JavaScript
+ * applications using the Civic Auth system. It processes the OAuth authorization code flow completion
+ * by exchanging authorization codes for access tokens and managing the authentication state.
+ *
+ * Key responsibilities:
+ * - Process OAuth callback URL parameters (code, state)
+ * - Exchange authorization codes for access tokens using PKCE
+ * - Store tokens and user session data using shared utilities
+ * - Create DOM signals for iframe-based authentication flows
+ * - Handle error states and cleanup during the OAuth flow
+ *
+ * This module works in conjunction with:
+ * - CivicAuth class for initiating OAuth flows
+ * - SignalObserver for detecting authentication completion in iframes
+ * - Shared token storage utilities for consistent state management
+ *
+ * @example
+ * ```typescript
+ * // In an OAuth callback page
+ * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';
+ *
+ * const handled = await handleOAuthRedirectPage({
+ *   clientId: 'your-client-id',
+ *   redirectUrl: 'https://your-app.com/callback',
+ *   oauthServer: 'https://auth.civic.com/oauth/',
+ *   textSignals: {
+ *     success: 'Authentication successful!',
+ *     error: 'Authentication failed!'
+ *   },
+ *   storageAdapter: new LocalStorageAdapter()
+ * });
+ * ```
+ */
+import { exchangeTokens, buildOauth2Client, getEndpointsWithOverrides, storeTokens as sharedStoreTokens, } from "../../shared/lib/util.js";
+import { getUser } from "../../shared/lib/session.js";
+import { GenericUserSession } from "../../shared/lib/UserSession.js";
+import { CodeVerifier } from "../../shared/lib/types.js";
+import { getCurrentLogger } from "../utils/logger.js";
+import { GenericPublicClientPKCEProducer } from "../../services/PKCE.js";
+/**
+ * Store tokens using the shared utilities from /shared/lib
+ * This ensures consistency with the React implementation and also handles user session storage
+ */
+export async function storeTokens(tokens, storageAdapter, loggerInstance = getCurrentLogger()) {
+    try {
+        // Use shared storeTokens utility for consistent token storage
+        await sharedStoreTokens(storageAdapter, tokens);
+        // Get user info using shared utilities
+        const user = await getUser(storageAdapter);
+        if (user) {
+            // Store user session using shared utilities
+            const userSession = new GenericUserSession(storageAdapter);
+            await userSession.set(user);
+            loggerInstance.info("CivicAuth: Tokens and user info stored successfully using shared utilities.");
+            return user;
+        }
+        else {
+            loggerInstance.warn("CivicAuth: Failed to extract user info from tokens.");
+            return null;
+        }
+    }
+    catch (error) {
+        loggerInstance.error("CivicAuth: Error storing tokens:", error);
+        throw error;
+    }
+}
+/**
+ * Handle OAuth redirect page processing for vanilla JavaScript applications.
+ * This function processes the OAuth callback URL parameters and exchanges the authorization code for tokens.
+ *
+ * @param config - Configuration object for handling the OAuth redirect
+ * @param config.clientId - OAuth client ID
+ * @param config.redirectUrl - URL to redirect to after authentication
+ * @param config.oauthServer - OAuth server base URL
+ * @param config.textSignals - Text signals for success and error states
+ * @param config.storageAdapter - Storage adapter for persisting auth state (required)
+ * @param config.logger - Optional logger instance
+ * @returns Promise<boolean> - Returns true if callback was handled, false otherwise
+ *
+ * @example
+ * ```typescript
+ * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';
+ *
+ * const handled = await handleOAuthRedirectPage({
+ *   clientId: 'your-client-id',
+ *   redirectUrl: 'https://your-app.com/callback',
+ *   oauthServer: 'https://auth.civic.com/oauth/',
+ *   textSignals: {
+ *     success: 'Authentication successful!',
+ *     error: 'Authentication failed!'
+ *   },
+ *   storageAdapter: new LocalStorageAdapter()
+ * });
+ * ```
+ */
+export async function handleOAuthRedirectPage(config) {
+    const loggerInstance = config.logger || getCurrentLogger();
+    const urlParams = new URLSearchParams(window.location.search);
+    const code = urlParams.get("code");
+    const state = urlParams.get("state");
+    if (code && state) {
+        loggerInstance.info("CivicAuth: OAuth callback detected with code:", code);
+        // Use the provided storage adapter from config
+        const storage = config.storageAdapter;
+        const pkceProducer = new GenericPublicClientPKCEProducer(storage);
+        try {
+            const endpoints = await getEndpointsWithOverrides(config.oauthServer);
+            const oauth2Client = buildOauth2Client(config.clientId, config.redirectUrl, endpoints);
+            const tokenResponse = await exchangeTokens(code, state, pkceProducer, oauth2Client, config.oauthServer, endpoints);
+            // Get userInfo from storeTokens using shared utilities
+            const userInfo = await storeTokens(tokenResponse, storage, loggerInstance);
+            loggerInstance.info("CivicAuth: Tokens stored successfully using shared utilities.");
+            const signalElement = document.createElement("div");
+            signalElement.id = "civic-auth-success-signal";
+            signalElement.textContent = config.textSignals.success;
+            if (userInfo) {
+                // Embed userInfo if available
+                signalElement.setAttribute("data-user-info", JSON.stringify(userInfo));
+            }
+            signalElement.style.display = "none";
+            document.body.appendChild(signalElement);
+            loggerInstance.info("CivicAuth: Appended success signal to body.");
+            // Clean up the code verifier using shared utilities
+            await storage.delete(CodeVerifier.COOKIE_NAME);
+        }
+        catch (error) {
+            loggerInstance.error("CivicAuth: Token exchange error:", error);
+            const errorSignalElement = document.createElement("div");
+            errorSignalElement.id = "civic-auth-error-signal";
+            const errorMessage = error instanceof Error ? error.message : "Unknown error";
+            errorSignalElement.textContent = `${config.textSignals.error} (Error: ${errorMessage})`;
+            errorSignalElement.style.display = "none";
+            document.body.appendChild(errorSignalElement);
+            return true;
+        }
+        return true;
+    }
+    return false;
+}
+//# sourceMappingURL=OAuthCallbackHandler.js.map

package/dist/vanillajs/auth/OAuthCallbackHandler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"OAuthCallbackHandler.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/OAuthCallbackHandler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AAEH,OAAO,EACL,cAAc,EACd,iBAAiB,EACjB,yBAAyB,EACzB,WAAW,IAAI,iBAAiB,GACjC,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AAGzE;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAA6B,EAC7B,cAA2B,EAC3B,cAAc,GAAG,gBAAgB,EAAE;IAEnC,IAAI,CAAC;QACH,8DAA8D;QAC9D,MAAM,iBAAiB,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAEhD,uCAAuC;QACvC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,CAAC;QAC3C,IAAI,IAAI,EAAE,CAAC;YACT,4CAA4C;YAC5C,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,cAAc,CAAC,CAAC;YAC3D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC5B,cAAc,CAAC,IAAI,CACjB,6EAA6E,CAC9E,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;aAAM,CAAC;YACN,cAAc,CAAC,IAAI,CACjB,qDAAqD,CACtD,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,cAAc,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QAChE,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAcD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,MAAiC;IAEjC,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC;IAC3D,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC9D,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErC,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC;QAClB,cAAc,CAAC,IAAI,CAAC,+CAA+C,EAAE,IAAI,CAAC,CAAC;QAE3E,+CAA+C;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,cAAc,CAAC;QACtC,MAAM,YAAY,GAAG,IAAI,+BAA+B,CAAC,OAAO,CAAC,CAAC;QAElE,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACtE,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;YAEF,MAAM,aAAa,GAAG,MAAM,cAAc,CACxC,IAAI,EACJ,KAAK,EACL,YAAY,EACZ,YAAY,EACZ,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;YAEF,uDAAuD;YACvD,MAAM,QAAQ,GAAG,MAAM,WAAW,CAChC,aAAa,EACb,OAAO,EACP,cAAc,CACf,CAAC;YACF,cAAc,CAAC,IAAI,CACjB,+DAA+D,CAChE,CAAC;YAEF,MAAM,aAAa,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YACpD,aAAa,CAAC,EAAE,GAAG,2BAA2B,CAAC;YAC/C,aAAa,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC;YACvD,IAAI,QAAQ,EAAE,CAAC;gBACb,8BAA8B;gBAC9B,aAAa,CAAC,YAAY,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;YACzE,CAAC;YACD,aAAa,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;YACrC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;YACzC,cAAc,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;YAEnE,oDAAoD;YACpD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,cAAc,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;YAChE,MAAM,kBAAkB,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YACzD,kBAAkB,CAAC,EAAE,GAAG,yBAAyB,CAAC;YAClD,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC3D,kBAAkB,CAAC,WAAW,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,KAAK,YAAY,YAAY,GAAG,CAAC;YACxF,kBAAkB,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;YAC1C,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC;YAC9C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC","sourcesContent":["/**\n * OAuth Callback Handler for Vanilla JavaScript Applications\n *\n * This module provides functionality for handling OAuth redirect/callback pages in vanilla JavaScript\n * applications using the Civic Auth system. It processes the OAuth authorization code flow completion\n * by exchanging authorization codes for access tokens and managing the authentication state.\n *\n * Key responsibilities:\n * - Process OAuth callback URL parameters (code, state)\n * - Exchange authorization codes for access tokens using PKCE\n * - Store tokens and user session data using shared utilities\n * - Create DOM signals for iframe-based authentication flows\n * - Handle error states and cleanup during the OAuth flow\n *\n * This module works in conjunction with:\n * - CivicAuth class for initiating OAuth flows\n * - SignalObserver for detecting authentication completion in iframes\n * - Shared token storage utilities for consistent state management\n *\n * @example\n * ```typescript\n * // In an OAuth callback page\n * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';\n *\n * const handled = await handleOAuthRedirectPage({\n *   clientId: 'your-client-id',\n *   redirectUrl: 'https://your-app.com/callback',\n *   oauthServer: 'https://auth.civic.com/oauth/',\n *   textSignals: {\n *     success: 'Authentication successful!',\n *     error: 'Authentication failed!'\n *   },\n *   storageAdapter: new LocalStorageAdapter()\n * });\n * ```\n */\n\nimport {\n  exchangeTokens,\n  buildOauth2Client,\n  getEndpointsWithOverrides,\n  storeTokens as sharedStoreTokens,\n} from \"../../shared/lib/util.js\";\nimport { getUser } from \"../../shared/lib/session.js\";\nimport { GenericUserSession } from \"../../shared/lib/UserSession.js\";\nimport { CodeVerifier } from \"../../shared/lib/types.js\";\nimport { getCurrentLogger } from \"../utils/logger.js\";\nimport { GenericPublicClientPKCEProducer } from \"../../services/PKCE.js\";\nimport type { AuthStorage, OIDCTokenResponseBody } from \"../../types.js\";\n\n/**\n * Store tokens using the shared utilities from /shared/lib\n * This ensures consistency with the React implementation and also handles user session storage\n */\nexport async function storeTokens(\n  tokens: OIDCTokenResponseBody,\n  storageAdapter: AuthStorage,\n  loggerInstance = getCurrentLogger(),\n): Promise<object | null> {\n  try {\n    // Use shared storeTokens utility for consistent token storage\n    await sharedStoreTokens(storageAdapter, tokens);\n\n    // Get user info using shared utilities\n    const user = await getUser(storageAdapter);\n    if (user) {\n      // Store user session using shared utilities\n      const userSession = new GenericUserSession(storageAdapter);\n      await userSession.set(user);\n      loggerInstance.info(\n        \"CivicAuth: Tokens and user info stored successfully using shared utilities.\",\n      );\n      return user;\n    } else {\n      loggerInstance.warn(\n        \"CivicAuth: Failed to extract user info from tokens.\",\n      );\n      return null;\n    }\n  } catch (error) {\n    loggerInstance.error(\"CivicAuth: Error storing tokens:\", error);\n    throw error;\n  }\n}\n\nexport interface HandleOAuthRedirectConfig {\n  clientId: string;\n  redirectUrl: string;\n  oauthServer: string;\n  textSignals: {\n    success: string;\n    error: string;\n  };\n  storageAdapter: AuthStorage;\n  logger?: ReturnType<typeof getCurrentLogger>;\n}\n\n/**\n * Handle OAuth redirect page processing for vanilla JavaScript applications.\n * This function processes the OAuth callback URL parameters and exchanges the authorization code for tokens.\n *\n * @param config - Configuration object for handling the OAuth redirect\n * @param config.clientId - OAuth client ID\n * @param config.redirectUrl - URL to redirect to after authentication\n * @param config.oauthServer - OAuth server base URL\n * @param config.textSignals - Text signals for success and error states\n * @param config.storageAdapter - Storage adapter for persisting auth state (required)\n * @param config.logger - Optional logger instance\n * @returns Promise<boolean> - Returns true if callback was handled, false otherwise\n *\n * @example\n * ```typescript\n * import { handleOAuthRedirectPage, LocalStorageAdapter } from '@civic/auth/vanillajs';\n *\n * const handled = await handleOAuthRedirectPage({\n *   clientId: 'your-client-id',\n *   redirectUrl: 'https://your-app.com/callback',\n *   oauthServer: 'https://auth.civic.com/oauth/',\n *   textSignals: {\n *     success: 'Authentication successful!',\n *     error: 'Authentication failed!'\n *   },\n *   storageAdapter: new LocalStorageAdapter()\n * });\n * ```\n */\nexport async function handleOAuthRedirectPage(\n  config: HandleOAuthRedirectConfig,\n): Promise<boolean> {\n  const loggerInstance = config.logger || getCurrentLogger();\n  const urlParams = new URLSearchParams(window.location.search);\n  const code = urlParams.get(\"code\");\n  const state = urlParams.get(\"state\");\n\n  if (code && state) {\n    loggerInstance.info(\"CivicAuth: OAuth callback detected with code:\", code);\n\n    // Use the provided storage adapter from config\n    const storage = config.storageAdapter;\n    const pkceProducer = new GenericPublicClientPKCEProducer(storage);\n\n    try {\n      const endpoints = await getEndpointsWithOverrides(config.oauthServer);\n      const oauth2Client = buildOauth2Client(\n        config.clientId,\n        config.redirectUrl,\n        endpoints,\n      );\n\n      const tokenResponse = await exchangeTokens(\n        code,\n        state,\n        pkceProducer,\n        oauth2Client,\n        config.oauthServer,\n        endpoints,\n      );\n\n      // Get userInfo from storeTokens using shared utilities\n      const userInfo = await storeTokens(\n        tokenResponse,\n        storage,\n        loggerInstance,\n      );\n      loggerInstance.info(\n        \"CivicAuth: Tokens stored successfully using shared utilities.\",\n      );\n\n      const signalElement = document.createElement(\"div\");\n      signalElement.id = \"civic-auth-success-signal\";\n      signalElement.textContent = config.textSignals.success;\n      if (userInfo) {\n        // Embed userInfo if available\n        signalElement.setAttribute(\"data-user-info\", JSON.stringify(userInfo));\n      }\n      signalElement.style.display = \"none\";\n      document.body.appendChild(signalElement);\n      loggerInstance.info(\"CivicAuth: Appended success signal to body.\");\n\n      // Clean up the code verifier using shared utilities\n      await storage.delete(CodeVerifier.COOKIE_NAME);\n    } catch (error) {\n      loggerInstance.error(\"CivicAuth: Token exchange error:\", error);\n      const errorSignalElement = document.createElement(\"div\");\n      errorSignalElement.id = \"civic-auth-error-signal\";\n      const errorMessage =\n        error instanceof Error ? error.message : \"Unknown error\";\n      errorSignalElement.textContent = `${config.textSignals.error} (Error: ${errorMessage})`;\n      errorSignalElement.style.display = \"none\";\n      document.body.appendChild(errorSignalElement);\n      return true;\n    }\n    return true;\n  }\n  return false;\n}\n"]}

package/dist/vanillajs/auth/SessionManager.d.ts

@@ -1,17 +1,48 @@
-import type { StorageAdapter } from "../storage/StorageAdapter.js";
+import type { AuthStorage } from "../../types.js";
 import type { AuthenticationEvents } from "./AuthenticationEvents.js";
 import type { User, Session } from "../types/index.js";
+import type { AuthConfig } from "../../server/config.js";
 export declare class SessionManager {
     private storage;
     private events;
-    private currentSession;
-    constructor(storageAdapter: StorageAdapter, events: AuthenticationEvents);
-    loadSession(): Promise<void>;
-    setSession(session: Session): Promise<void>;
-    clearSession(): Promise<void>;
-    getUser(): Promise<User | null>;
-    getSession(): Promise<Session | null>;
+    private tokenRefresher?;
+    private logger;
+    constructor(storageAdapter: AuthStorage, events: AuthenticationEvents);
+    /**
+     * Initialize the session manager with auth configuration to enable token refresh
+     */
+    initializeWithAuthConfig(authConfig: AuthConfig): Promise<void>;
+    /**
+     * Build current session from shared lib storage
+     */
+    getCurrentSession(): Promise<Session | null>;
+    /**
+     * Check if user is authenticated using shared lib utilities
+     */
     isAuthenticated(): Promise<boolean>;
-    refreshToken(): Promise<Session | null>;
+    /**
+     * Get current user from shared lib storage
+     */
+    getCurrentUser(): Promise<User | null>;
+    /**
+     * Clear all authentication data using shared lib utilities
+     */
+    clearSession(): Promise<void>;
+    /**
+     * Manually trigger token refresh
+     */
+    refreshTokens(): Promise<void>;
+    /**
+     * Get token refresher state for debugging
+     */
+    getTokenRefresherState(): {
+        isInitialized: boolean;
+        isAuthenticated: boolean;
+        isAutoRefreshActive: boolean;
+    } | null;
+    /**
+     * Clean up resources when session manager is destroyed
+     */
+    destroy(): Promise<void>;
 }
 //# sourceMappingURL=SessionManager.d.ts.map

package/dist/vanillajs/auth/SessionManager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SessionManager.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAMvD,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,cAAc,CAAwB;gBAElC,cAAc,EAAE,cAAc,EAAE,MAAM,EAAE,oBAAoB;IAMlE,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;IAsB5B,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAS3C,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ7B,OAAO,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAK/B,UAAU,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAIrC,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAanC,YAAY,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;CAqB9C"}
+{"version":3,"file":"SessionManager.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAIvD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAKzD,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,MAAM,CAAsB;gBAExB,cAAc,EAAE,WAAW,EAAE,MAAM,EAAE,oBAAoB;IAQrE;;OAEG;IACG,wBAAwB,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IA0BrE;;OAEG;IACG,iBAAiB,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAyBlD;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAKzC;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAS5C;;OAEG;IACG,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAmBnC;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAUpC;;OAEG;IACH,sBAAsB,IAAI;QACxB,aAAa,EAAE,OAAO,CAAC;QACvB,eAAe,EAAE,OAAO,CAAC;QACzB,mBAAmB,EAAE,OAAO,CAAC;KAC9B,GAAG,IAAI;IAIR;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;CAK/B"}

package/dist/vanillajs/auth/SessionManager.js

@@ -1,86 +1,121 @@
 import { AuthEvent } from "../types/index.js";
-import { loggers } from "../utils/logger.js";
-const SESSION_STORAGE_KEY = "civic_auth_session";
+import { getCurrentLogger } from "../utils/logger.js";
+import { TokenRefresher } from "./TokenRefresher.js";
+import { retrieveTokens, clearTokens } from "../../shared/lib/util.js";
+import { getUser } from "../../shared/lib/session.js";
+import { GenericUserSession } from "../../shared/lib/UserSession.js";
 export class SessionManager {
     storage;
     events;
-    currentSession = null;
+    tokenRefresher;
+    logger = getCurrentLogger();
     constructor(storageAdapter, events) {
         this.storage = storageAdapter;
         this.events = events;
-        this.loadSession(); // Initial load
+        this.logger.info("SessionManager initialized with shared lib token storage");
     }
-    async loadSession() {
+    /**
+     * Initialize the session manager with auth configuration to enable token refresh
+     */
+    async initializeWithAuthConfig(authConfig) {
         try {
-            const storedSession = await this.storage.getItem(SESSION_STORAGE_KEY);
-            if (storedSession) {
-                this.currentSession = JSON.parse(storedSession);
-                // TODO: Add validation, token expiry checks here
-                if (this.currentSession?.user) {
-                    this.events.emit(AuthEvent.USER_SESSION_CHANGED, this.currentSession.user);
-                }
-            }
+            // Initialize token refresher
+            this.tokenRefresher = new TokenRefresher(this.storage, this.events, authConfig);
+            await this.tokenRefresher.initialize(authConfig);
+            // Set current authentication state
+            const isAuthenticated = await this.isAuthenticated();
+            this.tokenRefresher.setAuthenticationState(isAuthenticated);
+            this.logger.info("SessionManager initialized with token refresh capability");
         }
         catch (error) {
-            loggers.session("SessionManager: Error loading session from storage", error);
-            this.currentSession = null;
+            this.logger.error("Failed to initialize SessionManager with auth config:", error);
+            this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);
         }
     }
-    async setSession(session) {
-        this.currentSession = session;
-        await this.storage.setItem(SESSION_STORAGE_KEY, JSON.stringify(session));
-        if (session.user) {
-            this.events.emit(AuthEvent.USER_SESSION_CHANGED, session.user);
+    /**
+     * Build current session from shared lib storage
+     */
+    async getCurrentSession() {
+        try {
+            const tokens = await retrieveTokens(this.storage);
+            const user = await this.getCurrentUser();
+            if (!tokens?.id_token || !user) {
+                this.logger.warn("No id_token or user available, cannot create session");
+                return null;
+            }
+            return {
+                user,
+                accessToken: tokens.access_token,
+                idToken: tokens.id_token,
+                refreshToken: tokens.refresh_token ?? undefined,
+                expiresAt: tokens.access_token_expires_at ?? undefined,
+            };
+        }
+        catch (error) {
+            this.logger.error("Failed to load session from shared storage:", error);
+            return null;
         }
-        // TODO: schedule token refresh if applicable based on session.expiresAt
-    }
-    async clearSession() {
-        this.currentSession = null;
-        await this.storage.removeItem(SESSION_STORAGE_KEY);
-        this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);
-        // TODO: cancel any scheduled token refresh
-        loggers.session("SessionManager: Session cleared.");
-    }
-    async getUser() {
-        // Potentially refresh or validate session before returning user
-        return this.currentSession?.user || null;
-    }
-    async getSession() {
-        return this.currentSession;
     }
+    /**
+     * Check if user is authenticated using shared lib utilities
+     */
     async isAuthenticated() {
-        // Add more sophisticated checks, e.g., token validation, expiry
-        // For now, just checks if a user object exists in the session
-        if (!this.currentSession || !this.currentSession.idToken) {
-            return false;
-        }
-        // Placeholder: In a real scenario, validate token (e.g. using TokenService)
-        // const tokenService = new TokenService(); // Or get as dependency
-        // return tokenService.isValid(this.currentSession.accessToken);
-        return !!this.currentSession.user;
+        const tokens = await retrieveTokens(this.storage);
+        return !!tokens?.id_token;
     }
-    // Placeholder for token refresh logic
-    async refreshToken() {
-        this.events.emit(AuthEvent.TOKEN_REFRESH_STARTED);
+    /**
+     * Get current user from shared lib storage
+     */
+    async getCurrentUser() {
         try {
-            // Actual refresh logic would go here (e.g., call an API with refresh token)
-            // For now, just a placeholder that does nothing or simulates a failure/success
-            loggers.session("SessionManager: refreshToken() not implemented.");
-            // const newSession = await ApiService.refreshToken(this.currentSession.refreshToken);
-            // if (newSession) {
-            //   await this.setSession(newSession);
-            //   this.events.emit(AuthEvent.TOKEN_REFRESH_COMPLETE, newSession.user);
-            //   return newSession;
-            // }
-            throw new Error("Refresh token flow not implemented.");
+            return await getUser(this.storage);
         }
         catch (error) {
-            loggers.session("SessionManager: Token refresh failed", error);
-            this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);
-            // Potentially clear session if refresh fails critically
-            // await this.clearSession();
+            this.logger.error("Failed to get user from shared storage:", error);
             return null;
         }
     }
+    /**
+     * Clear all authentication data using shared lib utilities
+     */
+    async clearSession() {
+        try {
+            await clearTokens(this.storage);
+            // Clear user session using shared utilities
+            const userSession = new GenericUserSession(this.storage);
+            await userSession.clear();
+            // Stop token refresher when session is cleared
+            this.tokenRefresher?.setAuthenticationState(false);
+            this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);
+            this.logger.info("Session cleared using shared lib utilities");
+        }
+        catch (error) {
+            this.logger.error("Failed to clear session:", error);
+            throw error;
+        }
+    }
+    /**
+     * Manually trigger token refresh
+     */
+    async refreshTokens() {
+        if (!this.tokenRefresher) {
+            throw new Error("Token refresher not initialized. Call initializeWithAuthConfig first.");
+        }
+        return this.tokenRefresher.refreshTokens();
+    }
+    /**
+     * Get token refresher state for debugging
+     */
+    getTokenRefresherState() {
+        return this.tokenRefresher?.getState() || null;
+    }
+    /**
+     * Clean up resources when session manager is destroyed
+     */
+    async destroy() {
+        await this.tokenRefresher?.destroy();
+        this.tokenRefresher = undefined;
+        this.logger.info("SessionManager destroyed");
+    }
 }
 //# sourceMappingURL=SessionManager.js.map

package/dist/vanillajs/auth/SessionManager.js.map

@@ -1 +1 @@
-{"version":3,"file":"SessionManager.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAE7C,MAAM,mBAAmB,GAAG,oBAAoB,CAAC;AAEjD,MAAM,OAAO,cAAc;IACjB,OAAO,CAAiB;IACxB,MAAM,CAAuB;IAC7B,cAAc,GAAmB,IAAI,CAAC;IAE9C,YAAY,cAA8B,EAAE,MAA4B;QACtE,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,eAAe;IACrC,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;YACtE,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;gBAChD,iDAAiD;gBACjD,IAAI,IAAI,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC;oBAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,SAAS,CAAC,oBAAoB,EAC9B,IAAI,CAAC,cAAc,CAAC,IAAI,CACzB,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,OAAO,CACb,oDAAoD,EACpD,KAAK,CACN,CAAC;YACF,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,OAAgB;QAC/B,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC;QAC9B,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,mBAAmB,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QACzE,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,oBAAoB,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QACjE,CAAC;QACD,wEAAwE;IAC1E,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC3B,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC;QACvD,2CAA2C;QAC3C,OAAO,CAAC,OAAO,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,OAAO;QACX,gEAAgE;QAChE,OAAO,IAAI,CAAC,cAAc,EAAE,IAAI,IAAI,IAAI,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,UAAU;QACd,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,gEAAgE;QAChE,8DAA8D;QAC9D,IAAI,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YACzD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,4EAA4E;QAC5E,mEAAmE;QACnE,gEAAgE;QAChE,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC;IACpC,CAAC;IAED,sCAAsC;IACtC,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;QAClD,IAAI,CAAC;YACH,4EAA4E;YAC5E,+EAA+E;YAC/E,OAAO,CAAC,OAAO,CAAC,iDAAiD,CAAC,CAAC;YACnE,sFAAsF;YACtF,oBAAoB;YACpB,uCAAuC;YACvC,yEAAyE;YACzE,uBAAuB;YACvB,IAAI;YACJ,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,OAAO,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;YAC/D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;YACvD,wDAAwD;YACxD,6BAA6B;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF","sourcesContent":["import type { StorageAdapter } from \"../storage/StorageAdapter.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport type { User, Session } from \"../types/index.js\"; // Assuming Session might be used internally\nimport { AuthEvent } from \"../types/index.js\";\nimport { loggers } from \"../utils/logger.js\";\n\nconst SESSION_STORAGE_KEY = \"civic_auth_session\";\n\nexport class SessionManager {\n  private storage: StorageAdapter;\n  private events: AuthenticationEvents;\n  private currentSession: Session | null = null;\n\n  constructor(storageAdapter: StorageAdapter, events: AuthenticationEvents) {\n    this.storage = storageAdapter;\n    this.events = events;\n    this.loadSession(); // Initial load\n  }\n\n  async loadSession(): Promise<void> {\n    try {\n      const storedSession = await this.storage.getItem(SESSION_STORAGE_KEY);\n      if (storedSession) {\n        this.currentSession = JSON.parse(storedSession);\n        // TODO: Add validation, token expiry checks here\n        if (this.currentSession?.user) {\n          this.events.emit(\n            AuthEvent.USER_SESSION_CHANGED,\n            this.currentSession.user,\n          );\n        }\n      }\n    } catch (error) {\n      loggers.session(\n        \"SessionManager: Error loading session from storage\",\n        error,\n      );\n      this.currentSession = null;\n    }\n  }\n\n  async setSession(session: Session): Promise<void> {\n    this.currentSession = session;\n    await this.storage.setItem(SESSION_STORAGE_KEY, JSON.stringify(session));\n    if (session.user) {\n      this.events.emit(AuthEvent.USER_SESSION_CHANGED, session.user);\n    }\n    // TODO: schedule token refresh if applicable based on session.expiresAt\n  }\n\n  async clearSession(): Promise<void> {\n    this.currentSession = null;\n    await this.storage.removeItem(SESSION_STORAGE_KEY);\n    this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);\n    // TODO: cancel any scheduled token refresh\n    loggers.session(\"SessionManager: Session cleared.\");\n  }\n\n  async getUser(): Promise<User | null> {\n    // Potentially refresh or validate session before returning user\n    return this.currentSession?.user || null;\n  }\n\n  async getSession(): Promise<Session | null> {\n    return this.currentSession;\n  }\n\n  async isAuthenticated(): Promise<boolean> {\n    // Add more sophisticated checks, e.g., token validation, expiry\n    // For now, just checks if a user object exists in the session\n    if (!this.currentSession || !this.currentSession.idToken) {\n      return false;\n    }\n    // Placeholder: In a real scenario, validate token (e.g. using TokenService)\n    // const tokenService = new TokenService(); // Or get as dependency\n    // return tokenService.isValid(this.currentSession.accessToken);\n    return !!this.currentSession.user;\n  }\n\n  // Placeholder for token refresh logic\n  async refreshToken(): Promise<Session | null> {\n    this.events.emit(AuthEvent.TOKEN_REFRESH_STARTED);\n    try {\n      // Actual refresh logic would go here (e.g., call an API with refresh token)\n      // For now, just a placeholder that does nothing or simulates a failure/success\n      loggers.session(\"SessionManager: refreshToken() not implemented.\");\n      // const newSession = await ApiService.refreshToken(this.currentSession.refreshToken);\n      // if (newSession) {\n      //   await this.setSession(newSession);\n      //   this.events.emit(AuthEvent.TOKEN_REFRESH_COMPLETE, newSession.user);\n      //   return newSession;\n      // }\n      throw new Error(\"Refresh token flow not implemented.\");\n    } catch (error) {\n      loggers.session(\"SessionManager: Token refresh failed\", error);\n      this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n      // Potentially clear session if refresh fails critically\n      // await this.clearSession();\n      return null;\n    }\n  }\n}\n"]}
+{"version":3,"file":"SessionManager.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvE,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,MAAM,OAAO,cAAc;IACjB,OAAO,CAAc;IACrB,MAAM,CAAuB;IAC7B,cAAc,CAAkB;IAChC,MAAM,GAAG,gBAAgB,EAAE,CAAC;IAEpC,YAAY,cAA2B,EAAE,MAA4B;QACnE,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,wBAAwB,CAAC,UAAsB;QACnD,IAAI,CAAC;YACH,6BAA6B;YAC7B,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CACtC,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,MAAM,EACX,UAAU,CACX,CAAC;YACF,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YAEjD,mCAAmC;YACnC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;YACrD,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC;YAE5D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uDAAuD,EACvD,KAAK,CACN,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB;QACrB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAEzC,IAAI,CAAC,MAAM,EAAE,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sDAAsD,CACvD,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,OAAO,EAAE,MAAM,CAAC,QAAQ;gBACxB,YAAY,EAAE,MAAM,CAAC,aAAa,IAAI,SAAS;gBAC/C,SAAS,EAAE,MAAM,CAAC,uBAAuB,IAAI,SAAS;aACvD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;YACxE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC;YACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;YACpE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC;YACH,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEhC,4CAA4C;YAC5C,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;YAE1B,+CAA+C;YAC/C,IAAI,CAAC,cAAc,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAEnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC;YACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QACjE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;YACrD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,sBAAsB;QAKpB,OAAO,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,CAAC;QACrC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC/C,CAAC;CACF","sourcesContent":["import type { AuthStorage } from \"../../types.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport type { User, Session } from \"../types/index.js\"; // Assuming Session might be used internally\nimport { AuthEvent } from \"../types/index.js\";\nimport { getCurrentLogger } from \"../utils/logger.js\";\nimport { TokenRefresher } from \"./TokenRefresher.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\nimport { retrieveTokens, clearTokens } from \"../../shared/lib/util.js\";\nimport { getUser } from \"../../shared/lib/session.js\";\nimport { GenericUserSession } from \"../../shared/lib/UserSession.js\";\n\nexport class SessionManager {\n  private storage: AuthStorage;\n  private events: AuthenticationEvents;\n  private tokenRefresher?: TokenRefresher;\n  private logger = getCurrentLogger();\n\n  constructor(storageAdapter: AuthStorage, events: AuthenticationEvents) {\n    this.storage = storageAdapter;\n    this.events = events;\n    this.logger.info(\n      \"SessionManager initialized with shared lib token storage\",\n    );\n  }\n\n  /**\n   * Initialize the session manager with auth configuration to enable token refresh\n   */\n  async initializeWithAuthConfig(authConfig: AuthConfig): Promise<void> {\n    try {\n      // Initialize token refresher\n      this.tokenRefresher = new TokenRefresher(\n        this.storage,\n        this.events,\n        authConfig,\n      );\n      await this.tokenRefresher.initialize(authConfig);\n\n      // Set current authentication state\n      const isAuthenticated = await this.isAuthenticated();\n      this.tokenRefresher.setAuthenticationState(isAuthenticated);\n\n      this.logger.info(\n        \"SessionManager initialized with token refresh capability\",\n      );\n    } catch (error) {\n      this.logger.error(\n        \"Failed to initialize SessionManager with auth config:\",\n        error,\n      );\n      this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n    }\n  }\n\n  /**\n   * Build current session from shared lib storage\n   */\n  async getCurrentSession(): Promise<Session | null> {\n    try {\n      const tokens = await retrieveTokens(this.storage);\n      const user = await this.getCurrentUser();\n\n      if (!tokens?.id_token || !user) {\n        this.logger.warn(\n          \"No id_token or user available, cannot create session\",\n        );\n        return null;\n      }\n\n      return {\n        user,\n        accessToken: tokens.access_token,\n        idToken: tokens.id_token,\n        refreshToken: tokens.refresh_token ?? undefined,\n        expiresAt: tokens.access_token_expires_at ?? undefined,\n      };\n    } catch (error) {\n      this.logger.error(\"Failed to load session from shared storage:\", error);\n      return null;\n    }\n  }\n\n  /**\n   * Check if user is authenticated using shared lib utilities\n   */\n  async isAuthenticated(): Promise<boolean> {\n    const tokens = await retrieveTokens(this.storage);\n    return !!tokens?.id_token;\n  }\n\n  /**\n   * Get current user from shared lib storage\n   */\n  async getCurrentUser(): Promise<User | null> {\n    try {\n      return await getUser(this.storage);\n    } catch (error) {\n      this.logger.error(\"Failed to get user from shared storage:\", error);\n      return null;\n    }\n  }\n\n  /**\n   * Clear all authentication data using shared lib utilities\n   */\n  async clearSession(): Promise<void> {\n    try {\n      await clearTokens(this.storage);\n\n      // Clear user session using shared utilities\n      const userSession = new GenericUserSession(this.storage);\n      await userSession.clear();\n\n      // Stop token refresher when session is cleared\n      this.tokenRefresher?.setAuthenticationState(false);\n\n      this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);\n      this.logger.info(\"Session cleared using shared lib utilities\");\n    } catch (error) {\n      this.logger.error(\"Failed to clear session:\", error);\n      throw error;\n    }\n  }\n\n  /**\n   * Manually trigger token refresh\n   */\n  async refreshTokens(): Promise<void> {\n    if (!this.tokenRefresher) {\n      throw new Error(\n        \"Token refresher not initialized. Call initializeWithAuthConfig first.\",\n      );\n    }\n\n    return this.tokenRefresher.refreshTokens();\n  }\n\n  /**\n   * Get token refresher state for debugging\n   */\n  getTokenRefresherState(): {\n    isInitialized: boolean;\n    isAuthenticated: boolean;\n    isAutoRefreshActive: boolean;\n  } | null {\n    return this.tokenRefresher?.getState() || null;\n  }\n\n  /**\n   * Clean up resources when session manager is destroyed\n   */\n  async destroy(): Promise<void> {\n    await this.tokenRefresher?.destroy();\n    this.tokenRefresher = undefined;\n    this.logger.info(\"SessionManager destroyed\");\n  }\n}\n"]}

package/dist/vanillajs/auth/TokenRefresher.d.ts

@@ -0,0 +1,54 @@
+import type { AuthStorage } from "../../types.js";
+import type { AuthenticationEvents } from "./AuthenticationEvents.js";
+import type { AuthConfig } from "../../server/config.js";
+/**
+ * TokenRefresher handles automatic token refresh for vanilla.js implementation
+ * Inspired by the React useRefresh hook and BrowserAuthenticationRefresher
+ */
+export declare class TokenRefresher {
+    private refresher?;
+    private storage;
+    private events;
+    private authConfig?;
+    private isAuthenticated;
+    private isDestroyed;
+    private logger;
+    constructor(storage: AuthStorage, events: AuthenticationEvents, authConfig?: AuthConfig);
+    /**
+     * Initialize the token refresher with auth configuration
+     */
+    initialize(authConfig: AuthConfig): Promise<void>;
+    /**
+     * Set authentication state and manage auto-refresh accordingly
+     */
+    setAuthenticationState(isAuthenticated: boolean): void;
+    /**
+     * Manually refresh tokens
+     */
+    refreshTokens(): Promise<void>;
+    /**
+     * Start automatic token refresh
+     */
+    private startAutoRefresh;
+    /**
+     * Stop automatic token refresh
+     */
+    private stopAutoRefresh;
+    /**
+     * Clean up resources
+     */
+    cleanup(): Promise<void>;
+    /**
+     * Destroy the token refresher permanently
+     */
+    destroy(): Promise<void>;
+    /**
+     * Get current refresh state
+     */
+    getState(): {
+        isInitialized: boolean;
+        isAuthenticated: boolean;
+        isAutoRefreshActive: boolean;
+    };
+}
+//# sourceMappingURL=TokenRefresher.d.ts.map

package/dist/vanillajs/auth/TokenRefresher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"TokenRefresher.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/TokenRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAMtE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAIzD;;;GAGG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,SAAS,CAAC,CAAiC;IACnD,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,UAAU,CAAC,CAAa;IAChC,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,WAAW,CAAkB;IACrC,OAAO,CAAC,MAAM,CAAsB;gBAGlC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,oBAAoB,EAC5B,UAAU,CAAC,EAAE,UAAU;IASzB;;OAEG;IACG,UAAU,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAoDvD;;OAEG;IACH,sBAAsB,CAAC,eAAe,EAAE,OAAO,GAAG,IAAI;IAgBtD;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAuBpC;;OAEG;YACW,gBAAgB;IAwB9B;;OAEG;IACH,OAAO,CAAC,eAAe;IAOvB;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAW9B;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAM9B;;OAEG;IACH,QAAQ,IAAI;QACV,aAAa,EAAE,OAAO,CAAC;QACvB,eAAe,EAAE,OAAO,CAAC;QACzB,mBAAmB,EAAE,OAAO,CAAC;KAC9B;CAOF"}