@civic/auth 0.6.0 → 0.6.1-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/dist/nextjs/config.d.ts.map +1 -1
  2. package/dist/nextjs/config.js +3 -1
  3. package/dist/nextjs/config.js.map +1 -1
  4. package/dist/nextjs/hooks/useUserCookie.d.ts.map +1 -1
  5. package/dist/nextjs/hooks/useUserCookie.js.map +1 -1
  6. package/dist/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
  7. package/dist/nextjs/providers/NextAuthProvider.js +1 -0
  8. package/dist/nextjs/providers/NextAuthProvider.js.map +1 -1
  9. package/dist/shared/components/CivicAuthIframeContainer.js +1 -1
  10. package/dist/shared/components/CivicAuthIframeContainer.js.map +1 -1
  11. package/dist/shared/hooks/useSignIn.d.ts +9 -4
  12. package/dist/shared/hooks/useSignIn.d.ts.map +1 -1
  13. package/dist/shared/hooks/useSignIn.js +75 -42
  14. package/dist/shared/hooks/useSignIn.js.map +1 -1
  15. package/dist/shared/lib/BrowserAuthenticationRefresher.d.ts +7 -1
  16. package/dist/shared/lib/BrowserAuthenticationRefresher.d.ts.map +1 -1
  17. package/dist/shared/lib/BrowserAuthenticationRefresher.js +15 -2
  18. package/dist/shared/lib/BrowserAuthenticationRefresher.js.map +1 -1
  19. package/dist/shared/lib/util.d.ts +1 -1
  20. package/dist/shared/lib/util.d.ts.map +1 -1
  21. package/dist/shared/lib/util.js +6 -1
  22. package/dist/shared/lib/util.js.map +1 -1
  23. package/dist/shared/providers/AuthContext.d.ts +7 -2
  24. package/dist/shared/providers/AuthContext.d.ts.map +1 -1
  25. package/dist/shared/providers/AuthContext.js.map +1 -1
  26. package/dist/shared/providers/UserProvider.d.ts +5 -1
  27. package/dist/shared/providers/UserProvider.d.ts.map +1 -1
  28. package/dist/shared/providers/UserProvider.js.map +1 -1
  29. package/dist/shared/version.d.ts +1 -1
  30. package/dist/shared/version.d.ts.map +1 -1
  31. package/dist/shared/version.js +1 -1
  32. package/dist/shared/version.js.map +1 -1
  33. package/dist/vanillajs/auth/AuthenticationEvents.d.ts.map +1 -1
  34. package/dist/vanillajs/auth/AuthenticationEvents.js +2 -2
  35. package/dist/vanillajs/auth/AuthenticationEvents.js.map +1 -1
  36. package/dist/vanillajs/auth/CivicAuth.d.ts +111 -92
  37. package/dist/vanillajs/auth/CivicAuth.d.ts.map +1 -1
  38. package/dist/vanillajs/auth/CivicAuth.js +474 -321
  39. package/dist/vanillajs/auth/CivicAuth.js.map +1 -1
  40. package/dist/vanillajs/auth/SessionManager.d.ts +40 -9
  41. package/dist/vanillajs/auth/SessionManager.d.ts.map +1 -1
  42. package/dist/vanillajs/auth/SessionManager.js +96 -61
  43. package/dist/vanillajs/auth/SessionManager.js.map +1 -1
  44. package/dist/vanillajs/auth/TokenRefresher.d.ts +54 -0
  45. package/dist/vanillajs/auth/TokenRefresher.d.ts.map +1 -0
  46. package/dist/vanillajs/auth/TokenRefresher.js +166 -0
  47. package/dist/vanillajs/auth/TokenRefresher.js.map +1 -0
  48. package/dist/vanillajs/auth/config/ConfigProcessor.d.ts +6 -0
  49. package/dist/vanillajs/auth/config/ConfigProcessor.d.ts.map +1 -0
  50. package/dist/vanillajs/auth/config/ConfigProcessor.js +59 -0
  51. package/dist/vanillajs/auth/config/ConfigProcessor.js.map +1 -0
  52. package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts +40 -0
  53. package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts.map +1 -0
  54. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js +388 -0
  55. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js.map +1 -0
  56. package/dist/vanillajs/auth/handlers/MessageHandler.d.ts +170 -0
  57. package/dist/vanillajs/auth/handlers/MessageHandler.d.ts.map +1 -0
  58. package/dist/vanillajs/auth/handlers/MessageHandler.js +367 -0
  59. package/dist/vanillajs/auth/handlers/MessageHandler.js.map +1 -0
  60. package/dist/vanillajs/auth/handlers/OAuthCallbackHandler.d.ts +90 -0
  61. package/dist/vanillajs/auth/handlers/OAuthCallbackHandler.d.ts.map +1 -0
  62. package/dist/vanillajs/auth/handlers/OAuthCallbackHandler.js +301 -0
  63. package/dist/vanillajs/auth/handlers/OAuthCallbackHandler.js.map +1 -0
  64. package/dist/vanillajs/auth/handlers/PopupHandler.d.ts +108 -0
  65. package/dist/vanillajs/auth/handlers/PopupHandler.d.ts.map +1 -0
  66. package/dist/vanillajs/auth/handlers/PopupHandler.js +333 -0
  67. package/dist/vanillajs/auth/handlers/PopupHandler.js.map +1 -0
  68. package/dist/vanillajs/auth/types/AuthTypes.d.ts +128 -0
  69. package/dist/vanillajs/auth/types/AuthTypes.d.ts.map +1 -0
  70. package/dist/vanillajs/auth/types/AuthTypes.js +40 -0
  71. package/dist/vanillajs/auth/types/AuthTypes.js.map +1 -0
  72. package/dist/vanillajs/iframe/IframeManager.d.ts +115 -0
  73. package/dist/vanillajs/iframe/IframeManager.d.ts.map +1 -0
  74. package/dist/vanillajs/iframe/IframeManager.js +614 -0
  75. package/dist/vanillajs/iframe/IframeManager.js.map +1 -0
  76. package/dist/vanillajs/iframe/IframeResizer.d.ts +15 -0
  77. package/dist/vanillajs/iframe/IframeResizer.d.ts.map +1 -0
  78. package/dist/vanillajs/iframe/IframeResizer.js +127 -0
  79. package/dist/vanillajs/iframe/IframeResizer.js.map +1 -0
  80. package/dist/vanillajs/index.d.ts +8 -7
  81. package/dist/vanillajs/index.d.ts.map +1 -1
  82. package/dist/vanillajs/index.js +10 -7
  83. package/dist/vanillajs/index.js.map +1 -1
  84. package/dist/vanillajs/services/ApiService.d.ts.map +1 -1
  85. package/dist/vanillajs/services/ApiService.js +2 -2
  86. package/dist/vanillajs/services/ApiService.js.map +1 -1
  87. package/dist/vanillajs/types/index.d.ts +17 -12
  88. package/dist/vanillajs/types/index.d.ts.map +1 -1
  89. package/dist/vanillajs/types/index.js +15 -10
  90. package/dist/vanillajs/types/index.js.map +1 -1
  91. package/dist/vanillajs/ui/LoadingComponents.d.ts +51 -0
  92. package/dist/vanillajs/ui/LoadingComponents.d.ts.map +1 -0
  93. package/dist/vanillajs/ui/LoadingComponents.js +363 -0
  94. package/dist/vanillajs/ui/LoadingComponents.js.map +1 -0
  95. package/dist/vanillajs/utils/auth-utils.d.ts +2 -1
  96. package/dist/vanillajs/utils/auth-utils.d.ts.map +1 -1
  97. package/dist/vanillajs/utils/auth-utils.js +6 -3
  98. package/dist/vanillajs/utils/auth-utils.js.map +1 -1
  99. package/dist/vanillajs/utils/logger.d.ts +16 -15
  100. package/dist/vanillajs/utils/logger.d.ts.map +1 -1
  101. package/dist/vanillajs/utils/logger.js +35 -19
  102. package/dist/vanillajs/utils/logger.js.map +1 -1
  103. package/package.json +1 -1
  104. package/dist/vanillajs/iframe/domUtils.d.ts +0 -4
  105. package/dist/vanillajs/iframe/domUtils.d.ts.map +0 -1
  106. package/dist/vanillajs/iframe/domUtils.js +0 -25
  107. package/dist/vanillajs/iframe/domUtils.js.map +0 -1
  108. package/dist/vanillajs/storage/BrowserCookieStorageAdapter.d.ts +0 -19
  109. package/dist/vanillajs/storage/BrowserCookieStorageAdapter.d.ts.map +0 -1
  110. package/dist/vanillajs/storage/BrowserCookieStorageAdapter.js +0 -101
  111. package/dist/vanillajs/storage/BrowserCookieStorageAdapter.js.map +0 -1
  112. package/dist/vanillajs/storage/BrowserLocalStorageAdapter.d.ts +0 -9
  113. package/dist/vanillajs/storage/BrowserLocalStorageAdapter.d.ts.map +0 -1
  114. package/dist/vanillajs/storage/BrowserLocalStorageAdapter.js +0 -36
  115. package/dist/vanillajs/storage/BrowserLocalStorageAdapter.js.map +0 -1
  116. package/dist/vanillajs/storage/InMemoryStorageAdapter.d.ts +0 -9
  117. package/dist/vanillajs/storage/InMemoryStorageAdapter.d.ts.map +0 -1
  118. package/dist/vanillajs/storage/InMemoryStorageAdapter.js +0 -16
  119. package/dist/vanillajs/storage/InMemoryStorageAdapter.js.map +0 -1
  120. package/dist/vanillajs/storage/StorageAdapter.d.ts +0 -15
  121. package/dist/vanillajs/storage/StorageAdapter.d.ts.map +0 -1
  122. package/dist/vanillajs/storage/StorageAdapter.js +0 -16
  123. package/dist/vanillajs/storage/StorageAdapter.js.map +0 -1
  124. package/dist/vanillajs/utils/page-handlers.d.ts +0 -29
  125. package/dist/vanillajs/utils/page-handlers.d.ts.map +0 -1
  126. package/dist/vanillajs/utils/page-handlers.js +0 -165
  127. package/dist/vanillajs/utils/page-handlers.js.map +0 -1
package/dist/shared/hooks/useSignIn.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,EACL,UAAU,GAGX,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AAChE,OAAO,EAAE,UAAU,EAAqB,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AAmBxE,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,4BAA4B;AAEtE;;GAEG;AACH,MAAM,SAAS,GAAG,CAChB,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,KAAkB;IACpE,WAAW,EAAE,QAAQ;CACtB,EACD,EAAE;IACF,4BAA4B;IAC5B,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;IAC7C,MAAM,EACJ,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,wBAAwB,EACxB,aAAa,EACb,gBAAgB,GACjB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IACvC,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAAC;IACtD,MAAM,CAAC,EAAE,eAAe,CAAC,GAAG,eAAe,CACzC,gBAAgB,EAChB,EAAE,SAAS,EAAE,MAAM,EAAE,CACtB,CAAC;IAEF,0BAA0B;IAC1B,MAAM,UAAU,GAAG,MAAM,CAAgB,IAAI,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,MAAM,CAAa,UAAU,CAAC,eAAe,CAAC,CAAC;IACrE,MAAM,cAAc,GAAG,MAAM,CAAU,KAAK,CAAC,CAAC;IAE9C,mBAAmB;IACnB,MAAM,gBAAgB,GAAG,MAAM,EAAiB,CAAC;IACjD,MAAM,gBAAgB,GAAG,MAAM,CAE7B,IAAI,CAAC,CAAC;IACR,MAAM,eAAe,GAAG,MAAM,CAAmC,IAAI,CAAC,CAAC;IAEvE,iBAAiB;IACjB,MAAM,WAAW,GAAG,MAAM,CAGvB;QACD,oBAAoB,EAAE,IAAI;QAC1B,iBAAiB,EAAE,IAAI;KACxB,CAAC,CAAC;IAEH,wDAAwD;IACxD,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,EAAE;QAC5C,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAC7B,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YACxC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,aAAa,CAAC;YACjD,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAC/B,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAE3B,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC;YAC/B,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YAErC,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,MAAM,mBAAmB,GAAG,WAAW,CACrC,CAAC,KAAY,EAAE,YAAwB,UAAU,CAAC,KAAK,EAAE,EAAE;QACzD,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAE/B,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC;YAC/B,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAC/B,aAAa,CAAC,SAAS,CAAC,CAAC;YAEzB,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EACD,CAAC,aAAa,CAAC,CAChB,CAAC;IAEF,kCAAkC;IAClC,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,EAAE;QACjC,IAAI,CAAC,eAAe;YAAE,OAAO,IAAI,CAAC;QAElC,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,SAAS,EACT,eAAe,EACf,iBAAiB,EACjB,KAAK,EACL,WAAW,EACX,SAAS,EACT,MAAM,GACP,GAAG,eAAe,CAAC;QAEpB,OAAO,IAAI,8BAA8B,CACvC;YACE,YAAY,EAAE,YAAY,IAAI,IAAI,+BAA+B,EAAE;YACnE,QAAQ;YACR,WAAW;YACX,eAAe;YACf,SAAS;YACT,iBAAiB;YACjB,MAAM;YACN,WAAW;YACX,WAAW;YACX,iBAAiB,EAAE,SAAS;YAC5B,KAAK;SACN,EACD,eAAe,CAChB,CAAC;IACJ,CAAC,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC;IAElE,4CAA4C;IAC5C,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,EAAE,CAAC;YAC1B,CAAC;YACD,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,8BAA8B;IAC9B,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YACxD,IAAI,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;gBACzC,gBAAgB;gBAChB,WAAW,CAAC,YAAY,CAAC,CAAC;gBAC1B,SAAS,CAAC,YAAY,CAAC,CAAC;gBACxB,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAE5C,2BAA2B;gBAC3B,cAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;gBACxC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,qBAAqB;IACrB,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACxD,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,4CAA4C;QAC5C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACpD,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;YACnC,eAAe,CAAC,OAAO,GAAG,MAAM,CAAC;QACnC,CAAC,CAAC,CAAC;QACH,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;QAEnC,sFAAsF;QACtF,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;YAC3B,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,iCAAiC;QACjC,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,UAAU,CAAC,aAAa;gBAC3B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;YAE3B,KAAK,UAAU,CAAC,eAAe,CAAC;YAChC,KAAK,UAAU,CAAC,KAAK;gBACnB,MAAM;YAER,KAAK,UAAU,CAAC,cAAc;gBAC5B,+DAA+D;gBAC/D,OAAO,OAAO,CAAC;YAEjB;gBACE,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CAAC,8BAA8B,UAAU,EAAE,CAAC,CACtD,CAAC;QACN,CAAC;QAED,4BAA4B;QAC5B,cAAc,CAAC,OAAO,GAAG,IAAI,CAAC;QAE9B,6BAA6B;QAC7B,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,wDAAwD;YACxD,aAAa,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;YACzC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC;YAClD,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAE1C,uEAAuE;YACvE,UAAU,CAAC,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;gBAC1C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,mBAAmB,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC,EAAE,kBAAkB,CAAC,CAAC;YAEvB,mCAAmC;YACnC,MAAM,YAAY,GAAG,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;YAEhD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,qCAAqC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAE/B,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,sCAAsC;gBACtC,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC1B,aAAa,CAAC,OAAO,EAAE,CAAC;gBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;gBACzC,IAAI,CAAC;oBACH,uCAAuC;oBACvC,MAAM,aAAa,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC,CAAC;gBACzD,CAAC;gBAAC,OAAO,UAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CACX,+CAA+C,EAC/C,UAAU,CACX,CAAC;oBACF,mBAAmB,CACjB,UAAU,YAAY,KAAK;wBACzB,CAAC,CAAC,UAAU;wBACZ,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAClC,CAAC;oBACF,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,mBAAmB,CACjB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;gBACF,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC,EAAE;QACD,aAAa;QACb,WAAW;QACX,SAAS;QACT,kBAAkB;QAClB,UAAU;QACV,aAAa;QACb,mBAAmB;KACpB,CAAC,CAAC;IAEH,wBAAwB;IACxB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACnD,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,WAAW,EAAE,CAAC;IACvB,CAAC,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAEnD,kBAAkB;IAClB,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QACjC,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,aAAa,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACtC,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,EAAE,EAAE,CAAC;YAErB,MAAM,YAAY,GAAG,eAAe,EAAE,OAAO,IAAI,IAAI,CAAC;YACtD,MAAM,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjE,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBAChC,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE;oBAC7B,KAAK;oBACL,YAAY,EAAE,KAAK,YAAY,UAAU;iBAC1C,CAAC,CAAC;gBAEH,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;oBAChC,wBAAwB,CAAC,KAAK,CAAC,CAAC;oBAChC,aAAa,CAAC,OAAO,EAAE,CAAC;oBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBACzC,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,iBAAiB;gBACjE,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC,EAAE;QACD,OAAO,EAAE,OAAO;QAChB,aAAa;QACb,WAAW;QACX,wBAAwB;QACxB,kBAAkB;QAClB,UAAU;QACV,eAAe;QACf,aAAa;KACd,CAAC,CAAC;IAEH,mDAAmD;IACnD,SAAS,CAAC,GAAG,EAAE;QACb,0CAA0C;QAC1C,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC;QAEnC,kBAAkB;QAClB,WAAW,CAAC,OAAO,GAAG;YACpB,oBAAoB,EAAE,GAAG,EAAE;gBACzB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,oBAAoB,EAAE,CAAC;gBACzB,CAAC;YACH,CAAC;YACD,iBAAiB,EAAE,CAAC,KAAuB,EAAE,EAAE;gBAC7C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC;oBACjC,mBAAmB,CACjB,KAAK,YAAY,KAAK;wBACpB,CAAC,CAAC,KAAK;wBACP,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,gBAAgB,CAAC,CACjD,CAAC;gBACJ,CAAC;YACH,CAAC;SACF,CAAC;QAEF,kDAAkD;QAClD,IACE,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,WAAW,CAAC,OAAO,CAAC,oBAAoB;YACxC,WAAW,CAAC,OAAO,CAAC,iBAAiB,EACrC,CAAC;YACD,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACF,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;QACJ,CAAC;aAAM,IACL,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,UAAU,CAAC,OAAO,KAAK,IAAI,EAC3B,CAAC;YACD,oDAAoD;YACpD,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,oBAAoB;QACpB,OAAO,GAAG,EAAE;YACV,IAAI,WAAW,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;gBAC7C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACJ,CAAC;YACD,IAAI,WAAW,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;gBAC1C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,UAAU,EAAE,oBAAoB,EAAE,mBAAmB,CAAC,CAAC,CAAC;IAE5D,qDAAqD;IACrD,SAAS,CAAC,GAAG,EAAE;QACb,8EAA8E;QAC9E,IACE,OAAO,EAAE,aAAa;YACtB,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,aAAa,EAClD,CAAC;YACD,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YAExC,mDAAmD;YACnD,IACE,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc;gBACnD,gBAAgB,CAAC,OAAO,EACxB,CAAC;gBACD,oBAAoB,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,WAAW,KAAK,QAAQ,IAAI,aAAa,EAAE,CAAC;YAC9C,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACxB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;gBACxD,mBAAmB,CACjB,IAAI,KAAK,CAAC,yBAAyB,CAAC,EACpC,UAAU,CAAC,eAAe,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IACE,CAAC,OAAO,EAAE,aAAa;YACvB,CAAC,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC,QAAQ,CAC3D,aAAa,CAAC,OAAO,CACtB,EACD,CAAC;YACD,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,eAAe,EAAE,CAAC;gBACzD,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC,EAAE;QACD,WAAW;QACX,aAAa;QACb,OAAO,EAAE,aAAa;QACtB,gBAAgB;QAChB,oBAAoB;QACpB,mBAAmB;QACnB,aAAa;KACd,CAAC,CAAC;IAEH,2BAA2B;IAC3B,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,UAAU,KAAK,UAAU,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC;YACrE,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC1C,WAAW,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxB,wBAAwB,CAAC,KAAK,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,EAAE;QACD,OAAO;QACP,WAAW;QACX,wBAAwB;QACxB,UAAU;QACV,aAAa;KACd,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;QACX,UAAU;QACV,WAAW;KACZ,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import { BrowserAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport {\n AuthStatus,\n type DisplayMode,\n type LoginAppDesignOptions,\n} from \"@/types.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCallback, useEffect, useMemo, useRef } from \"react\";\nimport { PopupError, type PKCEConsumer } from \"@/services/types.js\";\nimport { useSession } from \"./useSession.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { clearTokens, clearUser } from \"../lib/util.js\";\nimport { useLocalStorage } from \"usehooks-ts\";\nimport { LOGOUT_STATE } from \"@/constants.js\";\nimport { useAuthStatus } from \"@/shared/providers/AuthStatusContext.js\";\n\ntype SignInProps = {\n pkceConsumer?: PKCEConsumer;\n preSignOut?: () => Promise<void>;\n postSignOut?: () => Promise<void>;\n displayMode: DisplayMode;\n};\n\ntype SignInError = Error | { message: string; [key: string]: unknown };\n\ninterface SignInEventDetail {\n error: SignInError;\n}\n\ninterface SignInErrorEvent {\n detail: SignInEventDetail;\n}\n\nconst SIGN_IN_TIMEOUT_MS = 9 * 60 * 1000; // 9 minutes in milliseconds\n\n/**\n * Hook to manage authentication flow.\n */\nconst useSignIn = (\n { pkceConsumer, preSignOut, postSignOut, displayMode }: SignInProps = {\n displayMode: \"iframe\",\n },\n) => {\n // Config and external state\n const civicAuthConfig = useCivicAuthConfig();\n const {\n iframeRef,\n logoutIframeRef,\n setIframeIsVisible,\n setLogoutIframeIsVisible,\n iframeAborted,\n setIframeAborted,\n } = useIframe();\n const { data: session } = useSession();\n const { authStatus, setAuthStatus } = useAuthStatus();\n const [, setDesignOption] = useLocalStorage<LoginAppDesignOptions>(\n `loginAppDesign`,\n { colorMode: \"auto\" },\n );\n\n // Internal state tracking\n const timeoutRef = useRef<number | null>(null);\n const authStatusRef = useRef<AuthStatus>(AuthStatus.UNAUTHENTICATED);\n const isSigningInRef = useRef<boolean>(false);\n\n // Promise handling\n const signInPromiseRef = useRef<Promise<void>>();\n const signInResolveRef = useRef<\n ((value: void | PromiseLike<void>) => void) | null\n >(null);\n const signInRejectRef = useRef<((reason: Error) => void) | null>(null);\n\n // Event handlers\n const handlersRef = useRef<{\n handleSignInComplete: (() => void) | null;\n handleSignInError: ((event: SignInErrorEvent) => void) | null;\n }>({\n handleSignInComplete: null,\n handleSignInError: null,\n });\n\n // Helper to resolve/reject sign-in promise with cleanup\n const resolveSignInPromise = useCallback(() => {\n if (signInResolveRef.current) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n authStatusRef.current = AuthStatus.AUTHENTICATED;\n isSigningInRef.current = false;\n signInResolveRef.current();\n\n // Clean up after resolving\n signInResolveRef.current = null;\n signInRejectRef.current = null;\n signInPromiseRef.current = undefined;\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n }, [setAuthStatus]);\n\n const rejectSignInPromise = useCallback(\n (error: Error, newStatus: AuthStatus = AuthStatus.ERROR) => {\n if (signInRejectRef.current) {\n signInRejectRef.current(error);\n\n // Clean up after rejecting\n signInResolveRef.current = null;\n signInRejectRef.current = null;\n signInPromiseRef.current = undefined;\n isSigningInRef.current = false;\n setAuthStatus(newStatus);\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n },\n [setAuthStatus],\n );\n\n // Create authentication initiator\n const authInitiator = useMemo(() => {\n if (!civicAuthConfig) return null;\n\n const {\n clientId,\n redirectUrl,\n logoutUrl,\n loginSuccessUrl,\n logoutRedirectUrl,\n nonce,\n oauthServer,\n endpoints,\n scopes,\n } = civicAuthConfig;\n\n return new BrowserAuthenticationInitiator(\n {\n pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(),\n clientId,\n redirectUrl,\n loginSuccessUrl,\n logoutUrl,\n logoutRedirectUrl,\n scopes,\n displayMode,\n oauthServer,\n endpointOverrides: endpoints,\n nonce,\n },\n setDesignOption,\n );\n }, [civicAuthConfig, displayMode, pkceConsumer, setDesignOption]);\n\n // Cleanup resources when component unmounts\n useEffect(() => {\n return () => {\n if (authInitiator) {\n authInitiator.cleanup();\n }\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n };\n }, [authInitiator]);\n\n // Handle logout state cleanup\n useEffect(() => {\n const params = new URLSearchParams(window.location.search);\n const state = params.get(\"state\");\n const localStorage = new LocalStorageAdapter();\n localStorage.get(LOGOUT_STATE).then((storedLogoutState) => {\n if (state && state === storedLogoutState) {\n // Clear storage\n clearTokens(localStorage);\n clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n\n // Clean up storage and URL\n sessionStorage.removeItem(LOGOUT_STATE);\n const cleanUrl = window.location.href.split(\"?\")[0];\n window.history.replaceState({}, document.title, cleanUrl);\n }\n });\n }, []);\n\n // Main sign-in logic\n const startSignIn = useCallback(async (): Promise<void> => {\n if (!authInitiator) return;\n\n // Create the promise and store its handlers\n const promise = new Promise<void>((resolve, reject) => {\n signInResolveRef.current = resolve;\n signInRejectRef.current = reject;\n });\n signInPromiseRef.current = promise;\n\n // Check if sign-in is already in progress using the ref, if so, return signIn promise\n if (isSigningInRef.current) {\n return promise;\n }\n\n // State machine for sign-in flow\n switch (authStatus) {\n case AuthStatus.AUTHENTICATED:\n return Promise.resolve();\n\n case AuthStatus.UNAUTHENTICATED:\n case AuthStatus.ERROR:\n break;\n\n case AuthStatus.AUTHENTICATING:\n // if we're already authenticating, return the existing promise\n return promise;\n\n default:\n return Promise.reject(\n new Error(`Invalid state for sign-in: ${authStatus}`),\n );\n }\n\n // Set signing in flag first\n isSigningInRef.current = true;\n\n // Clear any existing timeout\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n try {\n // Set authenticating status before any async operations\n setAuthStatus(AuthStatus.AUTHENTICATING);\n authStatusRef.current = AuthStatus.AUTHENTICATING;\n authInitiator.setDisplayMode(displayMode);\n\n // Set a timeout to reject the promise if authentication takes too long\n timeoutRef.current = window.setTimeout(() => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n rejectSignInPromise(new Error(\"Sign-in timeout\"));\n }\n }, SIGN_IN_TIMEOUT_MS);\n\n // Start the authentication process\n const useIframeRef = iframeRef?.current || null;\n\n await authInitiator.signIn(useIframeRef);\n } catch (error) {\n // Reset the signing in flag on error\n isSigningInRef.current = false;\n\n if (error instanceof PopupError) {\n // Fallback to redirect if popup fails\n setIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n try {\n // Call signIn again with redirect mode\n await authInitiator.signIn(iframeRef?.current || null);\n } catch (retryError) {\n console.error(\n \"[useSignIn] Redirect sign-in initiation error\",\n retryError,\n );\n rejectSignInPromise(\n retryError instanceof Error\n ? retryError\n : new Error(String(retryError)),\n );\n return promise;\n }\n } else {\n rejectSignInPromise(\n error instanceof Error ? error : new Error(String(error)),\n );\n return promise;\n }\n }\n\n return promise;\n }, [\n authInitiator,\n displayMode,\n iframeRef,\n setIframeIsVisible,\n authStatus,\n setAuthStatus,\n rejectSignInPromise,\n ]);\n\n // Public sign-in method\n const signIn = useCallback(async (): Promise<void> => {\n if (displayMode === \"iframe\") {\n setIframeIsVisible(true);\n }\n return startSignIn();\n }, [startSignIn, displayMode, setIframeIsVisible]);\n\n // Sign-out method\n const signOut = useCallback(async () => {\n const idToken = session?.idToken;\n if (!authInitiator) return;\n\n setAuthStatus(AuthStatus.SIGNING_OUT);\n if (displayMode === \"iframe\") {\n setIframeIsVisible(false);\n setLogoutIframeIsVisible(true);\n }\n\n try {\n await preSignOut?.();\n\n const useIframeRef = logoutIframeRef?.current || null;\n await authInitiator.signOut(idToken, useIframeRef).catch((error) => {\n setAuthStatus(AuthStatus.ERROR);\n console.error(\"signOut error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n\n if (error instanceof PopupError) {\n setLogoutIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n authInitiator.signOut(idToken, useIframeRef); // Retry sign out\n }\n });\n } catch (error) {\n console.error(\"Signout error:\", error);\n setAuthStatus(AuthStatus.ERROR);\n }\n }, [\n session?.idToken,\n authInitiator,\n displayMode,\n setLogoutIframeIsVisible,\n setIframeIsVisible,\n preSignOut,\n logoutIframeRef,\n setAuthStatus,\n ]);\n\n // Set up event listeners for authentication status\n useEffect(() => {\n // Update the ref with current auth status\n authStatusRef.current = authStatus;\n\n // Define handlers\n handlersRef.current = {\n handleSignInComplete: () => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n resolveSignInPromise();\n }\n },\n handleSignInError: (event: SignInErrorEvent) => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n const error = event.detail.error;\n rejectSignInPromise(\n error instanceof Error\n ? error\n : new Error(error.message || \"Sign-in failed\"),\n );\n }\n },\n };\n\n // Add listeners only when in authenticating state\n if (\n authStatus === AuthStatus.AUTHENTICATING &&\n handlersRef.current.handleSignInComplete &&\n handlersRef.current.handleSignInError\n ) {\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n } else if (\n authStatus !== AuthStatus.AUTHENTICATING &&\n timeoutRef.current !== null\n ) {\n // Clean up timeout when not in authenticating state\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n // Cleanup listeners\n return () => {\n if (handlersRef.current.handleSignInComplete) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n }\n if (handlersRef.current.handleSignInError) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n }\n };\n }, [authStatus, resolveSignInPromise, rejectSignInPromise]);\n\n // Effect to handle session updates and iframe aborts\n useEffect(() => {\n // If session becomes authenticated, update state and resolve pending promises\n if (\n session?.authenticated &&\n authStatusRef.current !== AuthStatus.AUTHENTICATED\n ) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n\n // If we have a pending sign-in promise, resolve it\n if (\n authStatusRef.current === AuthStatus.AUTHENTICATING &&\n signInResolveRef.current\n ) {\n resolveSignInPromise();\n }\n }\n\n // Handle iframe abortion\n if (displayMode === \"iframe\" && iframeAborted) {\n setIframeAborted(false);\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n rejectSignInPromise(\n new Error(\"Sign-in aborted by user\"),\n AuthStatus.UNAUTHENTICATED,\n );\n }\n }\n\n // Update unauthenticated state when session is absent\n if (\n !session?.authenticated &&\n ![AuthStatus.AUTHENTICATING, AuthStatus.SIGNING_OUT].includes(\n authStatusRef.current,\n )\n ) {\n if (authStatusRef.current !== AuthStatus.UNAUTHENTICATED) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n }\n }\n }, [\n displayMode,\n iframeAborted,\n session?.authenticated,\n setIframeAborted,\n resolveSignInPromise,\n rejectSignInPromise,\n setAuthStatus,\n ]);\n\n // Handle logout completion\n useEffect(() => {\n if (authStatus === AuthStatus.SIGNING_OUT && !session?.authenticated) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n postSignOut?.().then(() => {\n setLogoutIframeIsVisible(false);\n });\n }\n }, [\n session,\n postSignOut,\n setLogoutIframeIsVisible,\n authStatus,\n setAuthStatus,\n ]);\n\n return {\n signIn,\n signOut,\n startSignIn,\n authStatus,\n displayMode,\n };\n};\n\nexport { useSignIn };\n"]}
1
+ {"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,EACL,UAAU,GAKX,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AAChE,OAAO,EAAE,UAAU,EAAqB,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AAyBxE,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,4BAA4B;AAEtE;;GAEG;AACH,MAAM,SAAS,GAAG,CAChB,EACE,YAAY,EACZ,UAAU,EACV,WAAW,EACX,WAAW,EACX,OAAO,MACQ;IACf,WAAW,EAAE,QAAQ;CACtB,EACD,EAAE;IACF,4BAA4B;IAC5B,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;IAC7C,MAAM,EACJ,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,wBAAwB,EACxB,aAAa,EACb,gBAAgB,GACjB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IACvC,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAAC;IACtD,MAAM,CAAC,EAAE,eAAe,CAAC,GAAG,eAAe,CACzC,gBAAgB,EAChB,EAAE,SAAS,EAAE,MAAM,EAAE,CACtB,CAAC;IAEF,0BAA0B;IAC1B,MAAM,UAAU,GAAG,MAAM,CAAgB,IAAI,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,MAAM,CAAa,UAAU,CAAC,eAAe,CAAC,CAAC;IACrE,MAAM,cAAc,GAAG,MAAM,CAAU,KAAK,CAAC,CAAC;IAE9C,mBAAmB;IACnB,MAAM,gBAAgB,GAAG,MAAM,EAAyB,CAAC;IACzD,MAAM,gBAAgB,GAAG,MAAM,CAE7B,IAAI,CAAC,CAAC;IAER,iBAAiB;IACjB,MAAM,WAAW,GAAG,MAAM,CAGvB;QACD,oBAAoB,EAAE,IAAI;QAC1B,iBAAiB,EAAE,IAAI;KACxB,CAAC,CAAC;IAEH,iDAAiD;IACjD,MAAM,+BAA+B,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QAC7D,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAC7B,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YACxC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,aAAa,CAAC;YACjD,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAE/B,6BAA6B;YAC7B,IAAI,IAAI,GAAgB,IAAI,CAAC;YAC7B,IAAI,CAAC;gBACH,IAAI,GAAG,MAAM,OAAO,CAAC,OAAO,IAAI,IAAI,mBAAmB,EAAE,CAAC,CAAC;YAC7D,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CACV,wDAAwD,EACxD,KAAK,CACN,CAAC;YACJ,CAAC;YAED,gBAAgB,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YAEhD,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YAErC,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAC;IAE7B,+CAA+C;IAC/C,MAAM,6BAA6B,GAAG,WAAW,CAC/C,CAAC,KAAY,EAAE,YAAwB,UAAU,CAAC,KAAK,EAAE,EAAE;QACzD,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAC7B,sDAAsD;YACtD,gBAAgB,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;YAEhD,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAC/B,aAAa,CAAC,SAAS,CAAC,CAAC;YAEzB,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EACD,CAAC,aAAa,CAAC,CAChB,CAAC;IAEF,kCAAkC;IAClC,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,EAAE;QACjC,IAAI,CAAC,eAAe;YAAE,OAAO,IAAI,CAAC;QAElC,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,SAAS,EACT,eAAe,EACf,iBAAiB,EACjB,KAAK,EACL,WAAW,EACX,SAAS,EACT,MAAM,GACP,GAAG,eAAe,CAAC;QAEpB,OAAO,IAAI,8BAA8B,CACvC;YACE,YAAY,EAAE,YAAY,IAAI,IAAI,+BAA+B,EAAE;YACnE,QAAQ;YACR,WAAW;YACX,eAAe;YACf,SAAS;YACT,iBAAiB;YACjB,MAAM;YACN,WAAW;YACX,WAAW;YACX,iBAAiB,EAAE,SAAS;YAC5B,KAAK;SACN,EACD,eAAe,CAChB,CAAC;IACJ,CAAC,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC;IAElE,4CAA4C;IAC5C,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,EAAE,CAAC;YAC1B,CAAC;YACD,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,8BAA8B;IAC9B,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YACxD,IAAI,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;gBACzC,gBAAgB;gBAChB,WAAW,CAAC,YAAY,CAAC,CAAC;gBAC1B,SAAS,CAAC,YAAY,CAAC,CAAC;gBACxB,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAE5C,2BAA2B;gBAC3B,cAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;gBACxC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,qBAAqB;IACrB,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,IAA2B,EAAE;QAChE,IAAI,CAAC,aAAa;YAChB,OAAO;gBACL,IAAI,EAAE,IAAI;gBACV,KAAK,EAAE,IAAI,KAAK,CAAC,wCAAwC,CAAC;aAC3D,CAAC;QAEJ,wFAAwF;QACxF,IAAI,cAAc,CAAC,OAAO,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;YACvD,OAAO,gBAAgB,CAAC,OAAO,CAAC;QAClC,CAAC;QAED,8EAA8E;QAC9E,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC;gBAC9B,4CAA4C;gBAC5C,MAAM,cAAc,GAAG,OAAO,IAAI,IAAI,mBAAmB,EAAE,CAAC;gBAC5D,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,CAAC;oBAC3C,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;gBAC/B,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO;wBACL,IAAI,EAAE,IAAI;wBACV,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;qBACjE,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,KAAK,UAAU,CAAC,cAAc;gBAC5B,4EAA4E;gBAC5E,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;oBAC7B,OAAO,gBAAgB,CAAC,OAAO,CAAC;gBAClC,CAAC;gBACD,MAAM;YAER,KAAK,UAAU,CAAC,eAAe,CAAC;YAChC,KAAK,UAAU,CAAC,KAAK;gBACnB,MAAM;YAER;gBACE,OAAO;oBACL,IAAI,EAAE,IAAI;oBACV,KAAK,EAAE,IAAI,KAAK,CAAC,8BAA8B,UAAU,EAAE,CAAC;iBAC7D,CAAC;QACN,CAAC;QAED,iFAAiF;QACjF,MAAM,OAAO,GAAG,IAAI,OAAO,CAAe,CAAC,OAAO,EAAE,EAAE;YACpD,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;QACrC,CAAC,CAAC,CAAC;QACH,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;QAEnC,sBAAsB;QACtB,cAAc,CAAC,OAAO,GAAG,IAAI,CAAC;QAE9B,6BAA6B;QAC7B,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,wDAAwD;YACxD,aAAa,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;YACzC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC;YAClD,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAE1C,mFAAmF;YACnF,UAAU,CAAC,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;gBAC1C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,6BAA6B,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC,EAAE,kBAAkB,CAAC,CAAC;YAEvB,mCAAmC;YACnC,MAAM,YAAY,GAAG,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;YAEhD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,qCAAqC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAE/B,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,sCAAsC;gBACtC,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC1B,aAAa,CAAC,OAAO,EAAE,CAAC;gBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;gBACzC,IAAI,CAAC;oBACH,uCAAuC;oBACvC,MAAM,aAAa,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC,CAAC;gBACzD,CAAC;gBAAC,OAAO,UAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CACX,+CAA+C,EAC/C,UAAU,CACX,CAAC;oBACF,6BAA6B,CAC3B,UAAU,YAAY,KAAK;wBACzB,CAAC,CAAC,UAAU;wBACZ,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAClC,CAAC;oBACF,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,6BAA6B,CAC3B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;gBACF,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC,EAAE;QACD,aAAa;QACb,WAAW;QACX,SAAS;QACT,kBAAkB;QAClB,UAAU;QACV,aAAa;QACb,6BAA6B;QAC7B,OAAO;KACR,CAAC,CAAC;IAEH,wBAAwB;IACxB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAA2B,EAAE;QAC3D,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,WAAW,EAAE,CAAC;IACvB,CAAC,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAEnD,kBAAkB;IAClB,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QACjC,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,aAAa,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACtC,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,EAAE,EAAE,CAAC;YAErB,MAAM,YAAY,GAAG,eAAe,EAAE,OAAO,IAAI,IAAI,CAAC;YACtD,MAAM,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjE,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBAChC,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE;oBAC7B,KAAK;oBACL,YAAY,EAAE,KAAK,YAAY,UAAU;iBAC1C,CAAC,CAAC;gBAEH,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;oBAChC,wBAAwB,CAAC,KAAK,CAAC,CAAC;oBAChC,aAAa,CAAC,OAAO,EAAE,CAAC;oBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBACzC,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,iBAAiB;gBACjE,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC,EAAE;QACD,OAAO,EAAE,OAAO;QAChB,aAAa;QACb,WAAW;QACX,wBAAwB;QACxB,kBAAkB;QAClB,UAAU;QACV,eAAe;QACf,aAAa;KACd,CAAC,CAAC;IAEH,mDAAmD;IACnD,SAAS,CAAC,GAAG,EAAE;QACb,0CAA0C;QAC1C,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC;QAEnC,kBAAkB;QAClB,WAAW,CAAC,OAAO,GAAG;YACpB,oBAAoB,EAAE,GAAG,EAAE;gBACzB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,+BAA+B,EAAE,CAAC;gBACpC,CAAC;YACH,CAAC;YACD,iBAAiB,EAAE,CAAC,KAAuB,EAAE,EAAE;gBAC7C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC;oBACjC,6BAA6B,CAC3B,KAAK,YAAY,KAAK;wBACpB,CAAC,CAAC,KAAK;wBACP,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,gBAAgB,CAAC,CACjD,CAAC;gBACJ,CAAC;YACH,CAAC;SACF,CAAC;QAEF,kDAAkD;QAClD,IACE,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,WAAW,CAAC,OAAO,CAAC,oBAAoB;YACxC,WAAW,CAAC,OAAO,CAAC,iBAAiB,EACrC,CAAC;YACD,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACF,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;QACJ,CAAC;aAAM,IACL,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,UAAU,CAAC,OAAO,KAAK,IAAI,EAC3B,CAAC;YACD,oDAAoD;YACpD,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,oBAAoB;QACpB,OAAO,GAAG,EAAE;YACV,IAAI,WAAW,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;gBAC7C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACJ,CAAC;YACD,IAAI,WAAW,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;gBAC1C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE;QACD,UAAU;QACV,+BAA+B;QAC/B,6BAA6B;KAC9B,CAAC,CAAC;IAEH,qDAAqD;IACrD,SAAS,CAAC,GAAG,EAAE;QACb,8EAA8E;QAC9E,IACE,OAAO,EAAE,aAAa;YACtB,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,aAAa,EAClD,CAAC;YACD,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YAExC,mDAAmD;YACnD,IACE,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc;gBACnD,gBAAgB,CAAC,OAAO,EACxB,CAAC;gBACD,+BAA+B,EAAE,CAAC;YACpC,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,WAAW,KAAK,QAAQ,IAAI,aAAa,EAAE,CAAC;YAC9C,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACxB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;gBACxD,6BAA6B,CAC3B,IAAI,KAAK,CAAC,yBAAyB,CAAC,EACpC,UAAU,CAAC,eAAe,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IACE,CAAC,OAAO,EAAE,aAAa;YACvB,CAAC,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC,QAAQ,CAC3D,aAAa,CAAC,OAAO,CACtB,EACD,CAAC;YACD,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,eAAe,EAAE,CAAC;gBACzD,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC,EAAE;QACD,WAAW;QACX,aAAa;QACb,OAAO,EAAE,aAAa;QACtB,gBAAgB;QAChB,+BAA+B;QAC/B,6BAA6B;QAC7B,aAAa;KACd,CAAC,CAAC;IAEH,2BAA2B;IAC3B,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,UAAU,KAAK,UAAU,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC;YACrE,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC1C,WAAW,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxB,wBAAwB,CAAC,KAAK,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,EAAE;QACD,OAAO;QACP,WAAW;QACX,wBAAwB;QACxB,UAAU;QACV,aAAa;KACd,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;QACX,UAAU;QACV,WAAW;KACZ,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import { BrowserAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport {\n AuthStatus,\n type AuthStorage,\n type DisplayMode,\n type LoginAppDesignOptions,\n type User,\n} from \"@/types.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCallback, useEffect, useMemo, useRef } from \"react\";\nimport { PopupError, type PKCEConsumer } from \"@/services/types.js\";\nimport { useSession } from \"./useSession.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { clearTokens, clearUser } from \"../lib/util.js\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { useLocalStorage } from \"usehooks-ts\";\nimport { LOGOUT_STATE } from \"@/constants.js\";\nimport { useAuthStatus } from \"@/shared/providers/AuthStatusContext.js\";\n\ntype SignInProps = {\n pkceConsumer?: PKCEConsumer;\n preSignOut?: () => Promise<void>;\n postSignOut?: () => Promise<void>;\n displayMode: DisplayMode;\n storage?: AuthStorage; // Optional storage parameter\n};\n\ntype SignInError = Error | { message: string; [key: string]: unknown };\n\ninterface SignInEventDetail {\n error: SignInError;\n}\n\ninterface SignInErrorEvent {\n detail: SignInEventDetail;\n}\n\ntype SignInResult = {\n user: User | null;\n error: Error | null;\n};\n\nconst SIGN_IN_TIMEOUT_MS = 9 * 60 * 1000; // 9 minutes in milliseconds\n\n/**\n * Hook to manage authentication flow.\n */\nconst useSignIn = (\n {\n pkceConsumer,\n preSignOut,\n postSignOut,\n displayMode,\n storage,\n }: SignInProps = {\n displayMode: \"iframe\",\n },\n) => {\n // Config and external state\n const civicAuthConfig = useCivicAuthConfig();\n const {\n iframeRef,\n logoutIframeRef,\n setIframeIsVisible,\n setLogoutIframeIsVisible,\n iframeAborted,\n setIframeAborted,\n } = useIframe();\n const { data: session } = useSession();\n const { authStatus, setAuthStatus } = useAuthStatus();\n const [, setDesignOption] = useLocalStorage<LoginAppDesignOptions>(\n `loginAppDesign`,\n { colorMode: \"auto\" },\n );\n\n // Internal state tracking\n const timeoutRef = useRef<number | null>(null);\n const authStatusRef = useRef<AuthStatus>(AuthStatus.UNAUTHENTICATED);\n const isSigningInRef = useRef<boolean>(false);\n\n // Promise handling\n const signInPromiseRef = useRef<Promise<SignInResult>>();\n const signInResolveRef = useRef<\n ((value: SignInResult | PromiseLike<SignInResult>) => void) | null\n >(null);\n\n // Event handlers\n const handlersRef = useRef<{\n handleSignInComplete: (() => void) | null;\n handleSignInError: ((event: SignInErrorEvent) => void) | null;\n }>({\n handleSignInComplete: null,\n handleSignInError: null,\n });\n\n // Helper to resolve sign-in promise with success\n const resolveSignInPromiseWithSuccess = useCallback(async () => {\n if (signInResolveRef.current) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n authStatusRef.current = AuthStatus.AUTHENTICATED;\n isSigningInRef.current = false;\n\n // Get user data from storage\n let user: User | null = null;\n try {\n user = await getUser(storage || new LocalStorageAdapter());\n } catch (error) {\n console.warn(\n \"Failed to retrieve user data after successful sign-in:\",\n error,\n );\n }\n\n signInResolveRef.current({ user, error: null });\n\n // Clean up after resolving\n signInResolveRef.current = null;\n signInPromiseRef.current = undefined;\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n }, [setAuthStatus, storage]);\n\n // Helper to resolve sign-in promise with error\n const resolveSignInPromiseWithError = useCallback(\n (error: Error, newStatus: AuthStatus = AuthStatus.ERROR) => {\n if (signInResolveRef.current) {\n // Always resolve, but with error set and user as null\n signInResolveRef.current({ user: null, error });\n\n // Clean up after resolving\n signInResolveRef.current = null;\n signInPromiseRef.current = undefined;\n isSigningInRef.current = false;\n setAuthStatus(newStatus);\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n },\n [setAuthStatus],\n );\n\n // Create authentication initiator\n const authInitiator = useMemo(() => {\n if (!civicAuthConfig) return null;\n\n const {\n clientId,\n redirectUrl,\n logoutUrl,\n loginSuccessUrl,\n logoutRedirectUrl,\n nonce,\n oauthServer,\n endpoints,\n scopes,\n } = civicAuthConfig;\n\n return new BrowserAuthenticationInitiator(\n {\n pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(),\n clientId,\n redirectUrl,\n loginSuccessUrl,\n logoutUrl,\n logoutRedirectUrl,\n scopes,\n displayMode,\n oauthServer,\n endpointOverrides: endpoints,\n nonce,\n },\n setDesignOption,\n );\n }, [civicAuthConfig, displayMode, pkceConsumer, setDesignOption]);\n\n // Cleanup resources when component unmounts\n useEffect(() => {\n return () => {\n if (authInitiator) {\n authInitiator.cleanup();\n }\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n };\n }, [authInitiator]);\n\n // Handle logout state cleanup\n useEffect(() => {\n const params = new URLSearchParams(window.location.search);\n const state = params.get(\"state\");\n const localStorage = new LocalStorageAdapter();\n localStorage.get(LOGOUT_STATE).then((storedLogoutState) => {\n if (state && state === storedLogoutState) {\n // Clear storage\n clearTokens(localStorage);\n clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n\n // Clean up storage and URL\n sessionStorage.removeItem(LOGOUT_STATE);\n const cleanUrl = window.location.href.split(\"?\")[0];\n window.history.replaceState({}, document.title, cleanUrl);\n }\n });\n }, []);\n\n // Main sign-in logic\n const startSignIn = useCallback(async (): Promise<SignInResult> => {\n if (!authInitiator)\n return {\n user: null,\n error: new Error(\"Authentication initiator not available\"),\n };\n\n // Check if sign-in is already in progress using the ref, if so, return existing promise\n if (isSigningInRef.current && signInPromiseRef.current) {\n return signInPromiseRef.current;\n }\n\n // State machine for sign-in flow - check early states before creating promise\n switch (authStatus) {\n case AuthStatus.AUTHENTICATED: {\n // Get current user if already authenticated\n const currentStorage = storage || new LocalStorageAdapter();\n try {\n const user = await getUser(currentStorage);\n return { user, error: null };\n } catch (error) {\n return {\n user: null,\n error: error instanceof Error ? error : new Error(String(error)),\n };\n }\n }\n\n case AuthStatus.AUTHENTICATING:\n // if we're already authenticating, return the existing promise if it exists\n if (signInPromiseRef.current) {\n return signInPromiseRef.current;\n }\n break;\n\n case AuthStatus.UNAUTHENTICATED:\n case AuthStatus.ERROR:\n break;\n\n default:\n return {\n user: null,\n error: new Error(`Invalid state for sign-in: ${authStatus}`),\n };\n }\n\n // Create the promise and store its handlers ONLY if we're starting a new sign-in\n const promise = new Promise<SignInResult>((resolve) => {\n signInResolveRef.current = resolve;\n });\n signInPromiseRef.current = promise;\n\n // Set signing in flag\n isSigningInRef.current = true;\n\n // Clear any existing timeout\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n try {\n // Set authenticating status before any async operations\n setAuthStatus(AuthStatus.AUTHENTICATING);\n authStatusRef.current = AuthStatus.AUTHENTICATING;\n authInitiator.setDisplayMode(displayMode);\n\n // Set a timeout to resolve the promise with error if authentication takes too long\n timeoutRef.current = window.setTimeout(() => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n resolveSignInPromiseWithError(new Error(\"Sign-in timeout\"));\n }\n }, SIGN_IN_TIMEOUT_MS);\n\n // Start the authentication process\n const useIframeRef = iframeRef?.current || null;\n\n await authInitiator.signIn(useIframeRef);\n } catch (error) {\n // Reset the signing in flag on error\n isSigningInRef.current = false;\n\n if (error instanceof PopupError) {\n // Fallback to redirect if popup fails\n setIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n try {\n // Call signIn again with redirect mode\n await authInitiator.signIn(iframeRef?.current || null);\n } catch (retryError) {\n console.error(\n \"[useSignIn] Redirect sign-in initiation error\",\n retryError,\n );\n resolveSignInPromiseWithError(\n retryError instanceof Error\n ? retryError\n : new Error(String(retryError)),\n );\n return promise;\n }\n } else {\n resolveSignInPromiseWithError(\n error instanceof Error ? error : new Error(String(error)),\n );\n return promise;\n }\n }\n\n return promise;\n }, [\n authInitiator,\n displayMode,\n iframeRef,\n setIframeIsVisible,\n authStatus,\n setAuthStatus,\n resolveSignInPromiseWithError,\n storage,\n ]);\n\n // Public sign-in method\n const signIn = useCallback(async (): Promise<SignInResult> => {\n if (displayMode === \"iframe\") {\n setIframeIsVisible(true);\n }\n return startSignIn();\n }, [startSignIn, displayMode, setIframeIsVisible]);\n\n // Sign-out method\n const signOut = useCallback(async () => {\n const idToken = session?.idToken;\n if (!authInitiator) return;\n\n setAuthStatus(AuthStatus.SIGNING_OUT);\n if (displayMode === \"iframe\") {\n setIframeIsVisible(false);\n setLogoutIframeIsVisible(true);\n }\n\n try {\n await preSignOut?.();\n\n const useIframeRef = logoutIframeRef?.current || null;\n await authInitiator.signOut(idToken, useIframeRef).catch((error) => {\n setAuthStatus(AuthStatus.ERROR);\n console.error(\"signOut error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n\n if (error instanceof PopupError) {\n setLogoutIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n authInitiator.signOut(idToken, useIframeRef); // Retry sign out\n }\n });\n } catch (error) {\n console.error(\"Signout error:\", error);\n setAuthStatus(AuthStatus.ERROR);\n }\n }, [\n session?.idToken,\n authInitiator,\n displayMode,\n setLogoutIframeIsVisible,\n setIframeIsVisible,\n preSignOut,\n logoutIframeRef,\n setAuthStatus,\n ]);\n\n // Set up event listeners for authentication status\n useEffect(() => {\n // Update the ref with current auth status\n authStatusRef.current = authStatus;\n\n // Define handlers\n handlersRef.current = {\n handleSignInComplete: () => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n resolveSignInPromiseWithSuccess();\n }\n },\n handleSignInError: (event: SignInErrorEvent) => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n const error = event.detail.error;\n resolveSignInPromiseWithError(\n error instanceof Error\n ? error\n : new Error(error.message || \"Sign-in failed\"),\n );\n }\n },\n };\n\n // Add listeners only when in authenticating state\n if (\n authStatus === AuthStatus.AUTHENTICATING &&\n handlersRef.current.handleSignInComplete &&\n handlersRef.current.handleSignInError\n ) {\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n } else if (\n authStatus !== AuthStatus.AUTHENTICATING &&\n timeoutRef.current !== null\n ) {\n // Clean up timeout when not in authenticating state\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n // Cleanup listeners\n return () => {\n if (handlersRef.current.handleSignInComplete) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n }\n if (handlersRef.current.handleSignInError) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n }\n };\n }, [\n authStatus,\n resolveSignInPromiseWithSuccess,\n resolveSignInPromiseWithError,\n ]);\n\n // Effect to handle session updates and iframe aborts\n useEffect(() => {\n // If session becomes authenticated, update state and resolve pending promises\n if (\n session?.authenticated &&\n authStatusRef.current !== AuthStatus.AUTHENTICATED\n ) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n\n // If we have a pending sign-in promise, resolve it\n if (\n authStatusRef.current === AuthStatus.AUTHENTICATING &&\n signInResolveRef.current\n ) {\n resolveSignInPromiseWithSuccess();\n }\n }\n\n // Handle iframe abortion\n if (displayMode === \"iframe\" && iframeAborted) {\n setIframeAborted(false);\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n resolveSignInPromiseWithError(\n new Error(\"Sign-in aborted by user\"),\n AuthStatus.UNAUTHENTICATED,\n );\n }\n }\n\n // Update unauthenticated state when session is absent\n if (\n !session?.authenticated &&\n ![AuthStatus.AUTHENTICATING, AuthStatus.SIGNING_OUT].includes(\n authStatusRef.current,\n )\n ) {\n if (authStatusRef.current !== AuthStatus.UNAUTHENTICATED) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n }\n }\n }, [\n displayMode,\n iframeAborted,\n session?.authenticated,\n setIframeAborted,\n resolveSignInPromiseWithSuccess,\n resolveSignInPromiseWithError,\n setAuthStatus,\n ]);\n\n // Handle logout completion\n useEffect(() => {\n if (authStatus === AuthStatus.SIGNING_OUT && !session?.authenticated) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n postSignOut?.().then(() => {\n setLogoutIframeIsVisible(false);\n });\n }\n }, [\n session,\n postSignOut,\n setLogoutIframeIsVisible,\n authStatus,\n setAuthStatus,\n ]);\n\n return {\n signIn,\n signOut,\n startSignIn,\n authStatus,\n displayMode,\n };\n};\n\nexport { useSignIn };\n"]}
package/dist/shared/lib/BrowserAuthenticationRefresher.d.ts CHANGED
@@ -1,8 +1,14 @@
1
1
  import { AuthenticationRefresherImpl } from "./AuthenticationRefresherImpl.js";
2
2
  import type { AuthStorage, Endpoints } from "../../types.js";
3
3
  import type { AuthConfig } from "../../server/config.js";
4
+ export interface RefreshEventCallbacks {
5
+ onRefreshStarted?: () => void;
6
+ onRefreshComplete?: () => void;
7
+ onRefreshError?: (error: Error) => void;
8
+ }
4
9
  export declare class BrowserAuthenticationRefresher extends AuthenticationRefresherImpl {
5
- static build(authConfig: AuthConfig, storage: AuthStorage, onError: (error: Error) => Promise<void>, endpointOverrides?: Partial<Endpoints>): Promise<BrowserAuthenticationRefresher>;
10
+ private refreshEventCallbacks?;
11
+ static build(authConfig: AuthConfig, storage: AuthStorage, onError: (error: Error) => Promise<void>, endpointOverrides?: Partial<Endpoints>, refreshEventCallbacks?: RefreshEventCallbacks): Promise<BrowserAuthenticationRefresher>;
6
12
  protected handleError(error: Error): void;
7
13
  protected handleAutoRefresh(): Promise<void>;
8
14
  setupAutorefresh(): Promise<void>;
package/dist/shared/lib/BrowserAuthenticationRefresher.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"BrowserAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/BrowserAuthenticationRefresher.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACzD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD,qBAAa,8BAA+B,SAAQ,2BAA2B;WACvD,KAAK,CACzB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,IAAI,CAAC,EACxC,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GACrC,OAAO,CAAC,8BAA8B,CAAC;IAY1C,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK;cAMlB,iBAAiB;IA0B3B,gBAAgB;IAuBtB,gBAAgB;CASjB"}
1
+ {"version":3,"file":"BrowserAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/BrowserAuthenticationRefresher.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACzD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD,MAAM,WAAW,qBAAqB;IACpC,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAC;IAC9B,iBAAiB,CAAC,EAAE,MAAM,IAAI,CAAC;IAC/B,cAAc,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CACzC;AAED,qBAAa,8BAA+B,SAAQ,2BAA2B;IAC7E,OAAO,CAAC,qBAAqB,CAAC,CAAwB;WAChC,KAAK,CACzB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,IAAI,CAAC,EACxC,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,EACtC,qBAAqB,CAAC,EAAE,qBAAqB,GAC5C,OAAO,CAAC,8BAA8B,CAAC;IAa1C,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK;cAMlB,iBAAiB;IAsC3B,gBAAgB;IA8BtB,gBAAgB;CASjB"}
package/dist/shared/lib/BrowserAuthenticationRefresher.js CHANGED
@@ -3,8 +3,10 @@ import { retrieveAccessTokenExpiresAt } from "../../shared/lib/util.js";
3
3
  import { AuthenticationRefresherImpl } from "./AuthenticationRefresherImpl.js";
4
4
  import { UserStorage } from "./types.js";
5
5
  export class BrowserAuthenticationRefresher extends AuthenticationRefresherImpl {
6
- static async build(authConfig, storage, onError, endpointOverrides) {
6
+ refreshEventCallbacks;
7
+ static async build(authConfig, storage, onError, endpointOverrides, refreshEventCallbacks) {
7
8
  const refresher = new BrowserAuthenticationRefresher(authConfig, storage, onError, endpointOverrides);
9
+ refresher.refreshEventCallbacks = refreshEventCallbacks;
8
10
  await refresher.init();
9
11
  return refresher;
10
12
  }
@@ -24,12 +26,18 @@ export class BrowserAuthenticationRefresher extends AuthenticationRefresherImpl
24
26
  // ensure only one refresh is in progress
25
27
  if (localStorage.getItem(REFRESH_IN_PROGRESS) !== "true") {
26
28
  localStorage.setItem(REFRESH_IN_PROGRESS, "true");
29
+ // Call onRefreshStarted callback
30
+ this.refreshEventCallbacks?.onRefreshStarted?.();
27
31
  await this.refreshTokens();
32
+ // Call onRefreshComplete callback
33
+ this.refreshEventCallbacks?.onRefreshComplete?.();
28
34
  await this.setupAutorefresh(); // Reset the timeout after successful refresh
29
35
  }
30
36
  }
31
37
  catch (error) {
32
38
  console.error("BrowserAuthenticationRefresher: Failed to refresh tokens:", error);
39
+ // Call onRefreshError callback
40
+ this.refreshEventCallbacks?.onRefreshError?.(error);
33
41
  // TODO detect if refresh token has expired and if yes then logout
34
42
  this.handleError(error);
35
43
  }
@@ -43,7 +51,12 @@ export class BrowserAuthenticationRefresher extends AuthenticationRefresherImpl
43
51
  this.clearAutorefresh();
44
52
  // get expires_in
45
53
  const now = Math.floor(Date.now() / 1000);
46
- const expiresAt = (await retrieveAccessTokenExpiresAt(this.storage)) || now + 60;
54
+ const expiresAt = await retrieveAccessTokenExpiresAt(this.storage);
55
+ // If there's no expiration time, don't set up auto-refresh
56
+ if (!expiresAt) {
57
+ console.warn("BrowserAuthenticationRefresher: No ACCESS_TOKEN_EXPIRES_AT found, skipping auto-refresh setup");
58
+ return;
59
+ }
47
60
  // Calculate time until expiry (subtract 30 seconds as buffer)
48
61
  const bufferTime = 30; // 30 seconds
49
62
  const refreshTime = Math.max(0, expiresAt - bufferTime - now); // handle case were token has expired in the past
package/dist/shared/lib/BrowserAuthenticationRefresher.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"BrowserAuthenticationRefresher.js","sourceRoot":"","sources":["../../../src/shared/lib/BrowserAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAC/E,OAAO,EAAE,4BAA4B,EAAE,MAAM,sBAAsB,CAAC;AACpE,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAG/E,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC,MAAM,OAAO,8BAA+B,SAAQ,2BAA2B;IAC7E,MAAM,CAAU,KAAK,CAAC,KAAK,CACzB,UAAsB,EACtB,OAAoB,EACpB,OAAwC,EACxC,iBAAsC;QAEtC,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAClD,UAAU,EACV,OAAO,EACP,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QAEvB,OAAO,SAAS,CAAC;IACnB,CAAC;IAES,WAAW,CAAC,KAAY;QAChC,OAAO,CAAC,KAAK,CAAC,uCAAuC,EAAE,KAAK,CAAC,CAAC;QAC9D,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IAES,KAAK,CAAC,iBAAiB;QAC/B,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,OAAO,CAAC,IAAI,CACV,iEAAiE,CAClE,CAAC;gBACF,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACxB,OAAO;YACT,CAAC;YACD,yCAAyC;YACzC,IAAI,YAAY,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,MAAM,EAAE,CAAC;gBACzD,YAAY,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;gBAClD,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;gBAC3B,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,6CAA6C;YAC9E,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,2DAA2D,EAC3D,KAAK,CACN,CAAC;YACF,kEAAkE;YAClE,IAAI,CAAC,WAAW,CAAC,KAAc,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB;QACpB,2BAA2B;QAC3B,YAAY,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;QAE7C,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC3D,6BAA6B;QAC7B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,iBAAiB;QACjB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GACb,CAAC,MAAM,4BAA4B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,GAAG,GAAG,EAAE,CAAC;QAEjE,8DAA8D;QAC9D,MAAM,UAAU,GAAG,EAAE,CAAC,CAAC,aAAa;QACpC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,CAAC,iDAAiD;QAEhH,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,EAAE;YACrC,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC3B,CAAC,EAAE,IAAI,GAAG,WAAW,CAAC,CAAC;QACvB,YAAY,CAAC,OAAO,CAAC,wBAAwB,EAAE,cAAc,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5E,CAAC;IAED,gBAAgB;QACd,0EAA0E;QAC1E,mEAAmE;QACnE,MAAM,eAAe,GAAG,YAAY,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;QACvE,IAAI,eAAe,EAAE,CAAC;YACpB,YAAY,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;YACtC,YAAY,CAAC,UAAU,CAAC,wBAAwB,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;CACF","sourcesContent":["import { AUTOREFRESH_TIMEOUT_NAME, REFRESH_IN_PROGRESS } from \"@/constants.js\";\nimport { retrieveAccessTokenExpiresAt } from \"@/shared/lib/util.js\";\nimport { AuthenticationRefresherImpl } from \"./AuthenticationRefresherImpl.js\";\nimport type { AuthStorage, Endpoints } from \"@/types.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { UserStorage } from \"./types.js\";\n\nexport class BrowserAuthenticationRefresher extends AuthenticationRefresherImpl {\n static override async build(\n authConfig: AuthConfig,\n storage: AuthStorage,\n onError: (error: Error) => Promise<void>,\n endpointOverrides?: Partial<Endpoints>,\n ): Promise<BrowserAuthenticationRefresher> {\n const refresher = new BrowserAuthenticationRefresher(\n authConfig,\n storage,\n onError,\n endpointOverrides,\n );\n await refresher.init();\n\n return refresher;\n }\n\n protected handleError(error: Error) {\n console.error(\"BrowserAuthenticationRefresher: Error\", error);\n this.clearAutorefresh();\n this.onError(error);\n }\n\n protected async handleAutoRefresh() {\n try {\n const existingUser = await this.storage?.get(UserStorage.USER);\n if (!existingUser) {\n console.warn(\n \"BrowserAuthenticationRefresher: No user found, skipping refresh\",\n );\n this.clearAutorefresh();\n return;\n }\n // ensure only one refresh is in progress\n if (localStorage.getItem(REFRESH_IN_PROGRESS) !== \"true\") {\n localStorage.setItem(REFRESH_IN_PROGRESS, \"true\");\n await this.refreshTokens();\n await this.setupAutorefresh(); // Reset the timeout after successful refresh\n }\n } catch (error) {\n console.error(\n \"BrowserAuthenticationRefresher: Failed to refresh tokens:\",\n error,\n );\n // TODO detect if refresh token has expired and if yes then logout\n this.handleError(error as Error);\n }\n }\n\n async setupAutorefresh() {\n // clear any existing state\n localStorage.removeItem(REFRESH_IN_PROGRESS);\n\n if (!this.storage) throw new Error(\"No storage available\");\n // Clear any existing timeout\n this.clearAutorefresh();\n\n // get expires_in\n const now = Math.floor(Date.now() / 1000);\n const expiresAt =\n (await retrieveAccessTokenExpiresAt(this.storage)) || now + 60;\n\n // Calculate time until expiry (subtract 30 seconds as buffer)\n const bufferTime = 30; // 30 seconds\n const refreshTime = Math.max(0, expiresAt - bufferTime - now); // handle case were token has expired in the past\n\n const refreshTimeout = setTimeout(() => {\n this.handleAutoRefresh();\n }, 1000 * refreshTime);\n localStorage.setItem(AUTOREFRESH_TIMEOUT_NAME, refreshTimeout.toString());\n }\n\n clearAutorefresh() {\n // use local storage to store the timeout id so that if multiple instances\n // of the refresher are created they can all clear the same timeout\n const existingTimeout = localStorage.getItem(AUTOREFRESH_TIMEOUT_NAME);\n if (existingTimeout) {\n clearTimeout(Number(existingTimeout));\n localStorage.removeItem(AUTOREFRESH_TIMEOUT_NAME);\n }\n }\n}\n"]}
1
+ {"version":3,"file":"BrowserAuthenticationRefresher.js","sourceRoot":"","sources":["../../../src/shared/lib/BrowserAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAC/E,OAAO,EAAE,4BAA4B,EAAE,MAAM,sBAAsB,CAAC;AACpE,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAG/E,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAQzC,MAAM,OAAO,8BAA+B,SAAQ,2BAA2B;IACrE,qBAAqB,CAAyB;IACtD,MAAM,CAAU,KAAK,CAAC,KAAK,CACzB,UAAsB,EACtB,OAAoB,EACpB,OAAwC,EACxC,iBAAsC,EACtC,qBAA6C;QAE7C,MAAM,SAAS,GAAG,IAAI,8BAA8B,CAClD,UAAU,EACV,OAAO,EACP,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,SAAS,CAAC,qBAAqB,GAAG,qBAAqB,CAAC;QACxD,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QAEvB,OAAO,SAAS,CAAC;IACnB,CAAC;IAES,WAAW,CAAC,KAAY;QAChC,OAAO,CAAC,KAAK,CAAC,uCAAuC,EAAE,KAAK,CAAC,CAAC;QAC9D,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IAES,KAAK,CAAC,iBAAiB;QAC/B,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,OAAO,CAAC,IAAI,CACV,iEAAiE,CAClE,CAAC;gBACF,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACxB,OAAO;YACT,CAAC;YACD,yCAAyC;YACzC,IAAI,YAAY,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,MAAM,EAAE,CAAC;gBACzD,YAAY,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;gBAElD,iCAAiC;gBACjC,IAAI,CAAC,qBAAqB,EAAE,gBAAgB,EAAE,EAAE,CAAC;gBAEjD,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;gBAE3B,kCAAkC;gBAClC,IAAI,CAAC,qBAAqB,EAAE,iBAAiB,EAAE,EAAE,CAAC;gBAElD,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,6CAA6C;YAC9E,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,2DAA2D,EAC3D,KAAK,CACN,CAAC;YAEF,+BAA+B;YAC/B,IAAI,CAAC,qBAAqB,EAAE,cAAc,EAAE,CAAC,KAAc,CAAC,CAAC;YAE7D,kEAAkE;YAClE,IAAI,CAAC,WAAW,CAAC,KAAc,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB;QACpB,2BAA2B;QAC3B,YAAY,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;QAE7C,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC3D,6BAA6B;QAC7B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,iBAAiB;QACjB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,MAAM,4BAA4B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEnE,2DAA2D;QAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CACV,+FAA+F,CAChG,CAAC;YACF,OAAO;QACT,CAAC;QAED,8DAA8D;QAC9D,MAAM,UAAU,GAAG,EAAE,CAAC,CAAC,aAAa;QACpC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,CAAC,iDAAiD;QAEhH,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,EAAE;YACrC,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC3B,CAAC,EAAE,IAAI,GAAG,WAAW,CAAC,CAAC;QACvB,YAAY,CAAC,OAAO,CAAC,wBAAwB,EAAE,cAAc,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5E,CAAC;IAED,gBAAgB;QACd,0EAA0E;QAC1E,mEAAmE;QACnE,MAAM,eAAe,GAAG,YAAY,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;QACvE,IAAI,eAAe,EAAE,CAAC;YACpB,YAAY,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;YACtC,YAAY,CAAC,UAAU,CAAC,wBAAwB,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;CACF","sourcesContent":["import { AUTOREFRESH_TIMEOUT_NAME, REFRESH_IN_PROGRESS } from \"@/constants.js\";\nimport { retrieveAccessTokenExpiresAt } from \"@/shared/lib/util.js\";\nimport { AuthenticationRefresherImpl } from \"./AuthenticationRefresherImpl.js\";\nimport type { AuthStorage, Endpoints } from \"@/types.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { UserStorage } from \"./types.js\";\n\nexport interface RefreshEventCallbacks {\n onRefreshStarted?: () => void;\n onRefreshComplete?: () => void;\n onRefreshError?: (error: Error) => void;\n}\n\nexport class BrowserAuthenticationRefresher extends AuthenticationRefresherImpl {\n private refreshEventCallbacks?: RefreshEventCallbacks;\n static override async build(\n authConfig: AuthConfig,\n storage: AuthStorage,\n onError: (error: Error) => Promise<void>,\n endpointOverrides?: Partial<Endpoints>,\n refreshEventCallbacks?: RefreshEventCallbacks,\n ): Promise<BrowserAuthenticationRefresher> {\n const refresher = new BrowserAuthenticationRefresher(\n authConfig,\n storage,\n onError,\n endpointOverrides,\n );\n refresher.refreshEventCallbacks = refreshEventCallbacks;\n await refresher.init();\n\n return refresher;\n }\n\n protected handleError(error: Error) {\n console.error(\"BrowserAuthenticationRefresher: Error\", error);\n this.clearAutorefresh();\n this.onError(error);\n }\n\n protected async handleAutoRefresh() {\n try {\n const existingUser = await this.storage?.get(UserStorage.USER);\n if (!existingUser) {\n console.warn(\n \"BrowserAuthenticationRefresher: No user found, skipping refresh\",\n );\n this.clearAutorefresh();\n return;\n }\n // ensure only one refresh is in progress\n if (localStorage.getItem(REFRESH_IN_PROGRESS) !== \"true\") {\n localStorage.setItem(REFRESH_IN_PROGRESS, \"true\");\n\n // Call onRefreshStarted callback\n this.refreshEventCallbacks?.onRefreshStarted?.();\n\n await this.refreshTokens();\n\n // Call onRefreshComplete callback\n this.refreshEventCallbacks?.onRefreshComplete?.();\n\n await this.setupAutorefresh(); // Reset the timeout after successful refresh\n }\n } catch (error) {\n console.error(\n \"BrowserAuthenticationRefresher: Failed to refresh tokens:\",\n error,\n );\n\n // Call onRefreshError callback\n this.refreshEventCallbacks?.onRefreshError?.(error as Error);\n\n // TODO detect if refresh token has expired and if yes then logout\n this.handleError(error as Error);\n }\n }\n\n async setupAutorefresh() {\n // clear any existing state\n localStorage.removeItem(REFRESH_IN_PROGRESS);\n\n if (!this.storage) throw new Error(\"No storage available\");\n // Clear any existing timeout\n this.clearAutorefresh();\n\n // get expires_in\n const now = Math.floor(Date.now() / 1000);\n const expiresAt = await retrieveAccessTokenExpiresAt(this.storage);\n\n // If there's no expiration time, don't set up auto-refresh\n if (!expiresAt) {\n console.warn(\n \"BrowserAuthenticationRefresher: No ACCESS_TOKEN_EXPIRES_AT found, skipping auto-refresh setup\",\n );\n return;\n }\n\n // Calculate time until expiry (subtract 30 seconds as buffer)\n const bufferTime = 30; // 30 seconds\n const refreshTime = Math.max(0, expiresAt - bufferTime - now); // handle case were token has expired in the past\n\n const refreshTimeout = setTimeout(() => {\n this.handleAutoRefresh();\n }, 1000 * refreshTime);\n localStorage.setItem(AUTOREFRESH_TIMEOUT_NAME, refreshTimeout.toString());\n }\n\n clearAutorefresh() {\n // use local storage to store the timeout id so that if multiple instances\n // of the refresher are created they can all clear the same timeout\n const existingTimeout = localStorage.getItem(AUTOREFRESH_TIMEOUT_NAME);\n if (existingTimeout) {\n clearTimeout(Number(existingTimeout));\n localStorage.removeItem(AUTOREFRESH_TIMEOUT_NAME);\n }\n }\n}\n"]}
package/dist/shared/lib/util.d.ts CHANGED
@@ -53,6 +53,6 @@ export declare function clearTokens(storage: AuthStorage): Promise<void>;
53
53
  export declare function clearAuthServerSession(storage: AuthStorage): Promise<void>;
54
54
  export declare function clearUser(storage: AuthStorage): Promise<void>;
55
55
  export declare function retrieveTokens(storage: AuthStorage): Promise<Partial<OIDCTokenResponseBody> | null>;
56
- export declare function retrieveAccessTokenExpiresAt(storage: AuthStorage): Promise<number>;
56
+ export declare function retrieveAccessTokenExpiresAt(storage: AuthStorage): Promise<number | null>;
57
57
  export declare function validateOauth2Tokens(tokens: OIDCTokenResponseBody, jwksEndpoint: string, oauth2Client: OAuth2Client, issuer: string): Promise<ParsedTokens>;
58
58
  //# sourceMappingURL=util.d.ts.map
package/dist/shared/lib/util.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,qBAAqB,EACrB,YAAY,EACb,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGtE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AASlD;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,OAAO,GAAG,MAAe,GAChC,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,iBAAiB,GAAE,OAAO,CAAC,SAAS,CAAM,GACzC,OAAO,CAAC,SAAS,CAAC,CAMpB;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,GAAG,OAAO,CAAC,GAAG,CAAC,CA2Bf;AAED,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;CACxC,GAAG,OAAO,CAAC,GAAG,CAAC,CAcf;AAED,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,GACnB,YAAY,CAId;AAED,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,YAAY,EAC1B,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,kCAwBrB;AACD;;;;;;;;GAQG;AACH,eAAO,MAAM,gBAAgB,WACnB,qBAAqB,KAC5B;IAAE,iBAAiB,EAAE,MAAM,CAAC;IAAC,kBAAkB,EAAE,SAAS,GAAG,MAAM,CAAA;CA+BrE,CAAC;AACF,eAAO,MAAM,uBAAuB,WAC1B,qBAAqB,KAC5B,MA2BF,CAAC;AACF,wBAAsB,uBAAuB,CAC3C,OAAO,EAAE,WAAW,GAAG,aAAa,EACpC,MAAM,EAAE,qBAAqB,iBAQ9B;AAED,wBAAsB,WAAW,CAC/B,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,qBAAqB,iBAkB9B;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,WAAW,GAAG,aAAa,EACpC,MAAM,EAAE,qBAAqB,iBA0D9B;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,WAAW,iBAWrD;AAED,wBAAsB,sBAAsB,CAAC,OAAO,EAAE,WAAW,iBAGhE;AAED,wBAAsB,SAAS,CAAC,OAAO,EAAE,WAAW,iBAGnD;AAED,wBAAsB,cAAc,CAClC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAiBhD;AAED,wBAAsB,4BAA4B,CAChD,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,MAAM,CAAC,CAEjB;AAMD,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,qBAAqB,EAC7B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,CAAC,CAmCvB"}
1
+ {"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,qBAAqB,EACrB,YAAY,EACb,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGtE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AASlD;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,OAAO,GAAG,MAAe,GAChC,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,iBAAiB,GAAE,OAAO,CAAC,SAAS,CAAM,GACzC,OAAO,CAAC,SAAS,CAAC,CAMpB;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,GAAG,OAAO,CAAC,GAAG,CAAC,CA2Bf;AAED,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;CACxC,GAAG,OAAO,CAAC,GAAG,CAAC,CAcf;AAED,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,GACnB,YAAY,CAId;AAED,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,YAAY,EAC1B,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,kCAwBrB;AACD;;;;;;;;GAQG;AACH,eAAO,MAAM,gBAAgB,WACnB,qBAAqB,KAC5B;IAAE,iBAAiB,EAAE,MAAM,CAAC;IAAC,kBAAkB,EAAE,SAAS,GAAG,MAAM,CAAA;CA+BrE,CAAC;AACF,eAAO,MAAM,uBAAuB,WAC1B,qBAAqB,KAC5B,MA2BF,CAAC;AACF,wBAAsB,uBAAuB,CAC3C,OAAO,EAAE,WAAW,GAAG,aAAa,EACpC,MAAM,EAAE,qBAAqB,iBAQ9B;AAED,wBAAsB,WAAW,CAC/B,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,qBAAqB,iBAkB9B;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,WAAW,GAAG,aAAa,EACpC,MAAM,EAAE,qBAAqB,iBA0D9B;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,WAAW,iBAWrD;AAED,wBAAsB,sBAAsB,CAAC,OAAO,EAAE,WAAW,iBAGhE;AAED,wBAAsB,SAAS,CAAC,OAAO,EAAE,WAAW,iBAGnD;AAED,wBAAsB,cAAc,CAClC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAiBhD;AAED,wBAAsB,4BAA4B,CAChD,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAOxB;AAMD,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,qBAAqB,EAC7B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,CAAC,CAmCvB"}
package/dist/shared/lib/util.js CHANGED
@@ -243,7 +243,12 @@ export async function retrieveTokens(storage) {
243
243
  };
244
244
  }
245
245
  export async function retrieveAccessTokenExpiresAt(storage) {
246
- return Number(await storage.get(OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT));
246
+ const value = await storage.get(OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT);
247
+ if (!value) {
248
+ return null;
249
+ }
250
+ const expiresAt = Number(value);
251
+ return isNaN(expiresAt) ? null : expiresAt;
247
252
  }
248
253
  // Single JWKS instance that persists for the lifetime of the SDK session
249
254
  let cachedJWKS = null;
package/dist/shared/lib/util.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"util.js","sourceRoot":"","sources":["../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,eAAe,GAChB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,SAAS,EAAmB,MAAM,MAAM,CAAC;AAElD,OAAO,EACL,wBAAwB,EACxB,YAAY,EACZ,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE1C,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;AAC3C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACzD,aAAa,CAAC,YAAY,CAAC,MAAM,CAC/B,0BAA0B,EAC1B,MAAM,CAAC,WAAW,CACnB,CAAC;IACF,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GAAG,CAAC,MAAM,YAAY,CAAC,yBAAyB,CAAC,IAAI,EAAE;QACjE,YAAY;KACb,CAAC,CAA0B,CAAC;IAE7B,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CACxB,MAAM,EACN,SAAS,CAAC,IAAI,EACd,YAAY,EACZ,WAAW,CACZ,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AACD;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,MAA6B,EAC0C,EAAE;IACzE,IAAI,cAAc,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,iBAAiB;IAE/C,mDAAmD;IACnD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,iBAAiB,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QACzD,cAAc;YACZ,MAAM,CAAC,iBAAiB,EAAE,cAAc,CAAC,IAAI,cAAc,CAAC;QAE9D,mDAAmD;QACnD,IAAI,iBAAiB,EAAE,GAAG,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,cAAc,GAAG,iBAAiB,CAAC,GAAG,GAAG,GAAG,CAAC;QAC/C,CAAC;IACH,CAAC;SAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC3B,iEAAiE;QACjE,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,aAAa,EAAE,GAAG,EAAE,CAAC;YACvB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,cAAc,GAAG,aAAa,CAAC,GAAG,GAAG,GAAG,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,oFAAoF;IACpF,MAAM,iBAAiB,GAAG,cAAc,CAAC;IACzC,MAAM,kBAAkB,GAAG,SAAS,CAAC,CAAC,mCAAmC;IAEzE,OAAO;QACL,iBAAiB;QACjB,kBAAkB;KACnB,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,CAAC,MAAM,uBAAuB,GAAG,CACrC,MAA6B,EACrB,EAAE;IACV,qDAAqD;IACrD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,iBAAiB,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QACzD,IAAI,iBAAiB,EAAE,GAAG,IAAI,KAAK,EAAE,CAAC;YACpC,OAAO,iBAAiB,CAAC,GAAG,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QACpD,OAAO,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC;IACjC,CAAC;IAED,kDAAkD;IAClD,+DAA+D;IAC/D,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,aAAa,EAAE,GAAG,EAAE,CAAC;YACvB,OAAO,aAAa,CAAC,GAAG,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,0DAA0D;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;IACpD,OAAO,GAAG,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,SAAS;AACjC,CAAC,CAAC;AACF,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,OAAoC,EACpC,MAA6B;IAE7B,oGAAoG;IACpG,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAC7D,MAAM,OAAO,CAAC,GAAG,CACf,eAAe,CAAC,uBAAuB,EACvC,oBAAoB,CAAC,QAAQ,EAAE,CAChC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,0DAA0D;IAC1D,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE7D,4DAA4D;IAC5D,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACvE,CAAC;IAED,mCAAmC;IACnC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACzE,CAAC;IAED,4DAA4D;IAC5D,mDAAmD;IACnD,MAAM,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAAoC,EACpC,MAA6B;IAE7B,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,OAAwB,CAAC;IAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE1C,0EAA0E;IAC1E,MAAM,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAE3E,iCAAiC;IACjC,MAAM,wBAAwB,GAAG;QAC/B,MAAM,EAAE,iBAAiB;KAC1B,CAAC;IAEF,MAAM,yBAAyB,GAAG;QAChC,MAAM,EAAE,kBAAkB,EAAE,qDAAqD;KAClF,CAAC;IAEF,kDAAkD;IAClD,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC;IACtD,MAAM,aAAa,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,GAAG,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAE9E,2DAA2D;IAC3D,MAAM,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE;QACjE,MAAM,EAAE,aAAa;KACtB,CAAC,CAAC;IAEH,mDAAmD;IACnD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,aAAa,CAAC,GAAG,CACrB,eAAe,CAAC,YAAY,EAC5B,MAAM,CAAC,YAAY,EACnB,wBAAwB,CACzB,CAAC;IACJ,CAAC;IAED,+DAA+D;IAC/D,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,aAAa,CAAC,GAAG,CACrB,eAAe,CAAC,aAAa,EAC7B,MAAM,CAAC,aAAa,EACpB,yBAAyB,CAC1B,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,MAAM,OAAO,CAAC,GAAG,CACf,eAAe,CAAC,uBAAuB,EACvC,oBAAoB,CAAC,QAAQ,EAAE,EAC/B,wBAAwB,CACzB,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE;QAChC,oBAAoB;QACpB,kBAAkB,EAAE,4BAA4B;QAChD,iBAAiB;QACjB,aAAa;QACb,cAAc,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY;KACtC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,kEAAkE;IAClE,MAAM,kBAAkB,GAAG;QACzB,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC;QACjC,mBAAmB;QACnB,wBAAwB;QACxB,YAAY;KACb,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAClB,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,OAAoB;IAC/D,MAAM,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IAC1C,MAAM,OAAO,CAAC,MAAM,CAAC,0BAA0B,CAAC,CAAC;AACnD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;IACpE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;IACtE,MAAM,oBAAoB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC5C,eAAe,CAAC,uBAAuB,CACxC,CAAC;IAEF,OAAO;QACL,QAAQ,EAAE,OAAO,IAAI,SAAS;QAC9B,YAAY,EAAE,WAAW,IAAI,SAAS;QACtC,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,uBAAuB,EACrB,oBAAoB,KAAK,IAAI;YAC3B,CAAC,CAAC,QAAQ,CAAC,oBAAoB,EAAE,EAAE,CAAC;YACpC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KAC7C,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,OAAoB;IAEpB,OAAO,MAAM,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,uBAAuB,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED,yEAAyE;AACzE,IAAI,UAAU,GAAsD,IAAI,CAAC;AACzE,IAAI,aAAa,GAAkB,IAAI,CAAC;AAExC,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,YAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,2DAA2D;IAC3D,IAAI,CAAC,UAAU,IAAI,aAAa,KAAK,YAAY,EAAE,CAAC;QAClD,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QAC5D,aAAa,GAAG,YAAY,CAAC;IAC/B,CAAC;IAED,2EAA2E;IAC3E,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,UAAU,EACV;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,+EAA+E;IAC/E,IAAI,kBAAkB,CAAC;IACvB,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,UAAU,EACV;YACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;SACpC,CACF,CAAC;QACF,kBAAkB,GAAG,mBAAmB,CAAC,OAAO,CAAC;IACnD,CAAC;IAED,OAAO,gBAAgB,CAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,kBAAkB;QAChC,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC1E,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport {\n AUTH_SERVER_LEGACY_SESSION,\n AUTH_SERVER_SESSION,\n OAuthTokenTypes,\n} from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { decodeJwt, type JWTPayload } from \"jose\";\nimport type { CookieStorage } from \"./storage.js\";\nimport {\n AUTOREFRESH_TIMEOUT_NAME,\n LOGOUT_STATE,\n REFRESH_IN_PROGRESS,\n} from \"@/constants.js\";\nimport { loggers } from \"@/lib/logger.js\";\n\nconst logger = loggers.services.validation;\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n redirectUrl: string;\n idToken: string;\n state: string;\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const endSessionUrl = new URL(endpoints.endsession);\n endSessionUrl.searchParams.append(\"client_id\", config.clientId);\n endSessionUrl.searchParams.append(\"id_token_hint\", config.idToken);\n endSessionUrl.searchParams.append(\"state\", config.state);\n endSessionUrl.searchParams.append(\n \"post_logout_redirect_uri\",\n config.redirectUrl,\n );\n return endSessionUrl;\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens = (await oauth2Client.validateAuthorizationCode(code, {\n codeVerifier,\n })) as OIDCTokenResponseBody;\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(\n tokens,\n endpoints.jwks,\n oauth2Client,\n oauthServer,\n );\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n/**\n * Calculates the maxAge values for access and refresh token cookies\n * based on the TTL values in the access token\n *\n * maxAge needs to be in seconds from now until expiration\n *\n * @param tokens OIDC tokens response containing the access token\n * @returns Object with accessTokenMaxAge and refreshTokenMaxAge in seconds\n */\nexport const getCookiesMaxAge = (\n tokens: OIDCTokenResponseBody,\n): { accessTokenMaxAge: number; refreshTokenMaxAge: undefined | number } => {\n let accessTokenTTL = 60 * 60; // 1 hour default\n\n // Get access token TTL from the token if it exists\n if (tokens.access_token) {\n const parsedAccessToken = decodeJwt(tokens.access_token);\n accessTokenTTL =\n Number(parsedAccessToken?.accessTokenTTL) || accessTokenTTL;\n\n // If access token has exp claim, use that directly\n if (parsedAccessToken?.exp) {\n const now = Math.floor(Date.now() / 1000);\n accessTokenTTL = parsedAccessToken.exp - now;\n }\n } else if (tokens.id_token) {\n // If no access token exists, try to get expiration from ID token\n const parsedIdToken = decodeJwt(tokens.id_token);\n if (parsedIdToken?.exp) {\n const now = Math.floor(Date.now() / 1000);\n accessTokenTTL = parsedIdToken.exp - now;\n }\n }\n\n // Calculate maxAge for access token, but set refresh token to undefined (no expiry)\n const accessTokenMaxAge = accessTokenTTL;\n const refreshTokenMaxAge = undefined; // This makes the cookie not expire\n\n return {\n accessTokenMaxAge,\n refreshTokenMaxAge,\n };\n};\nexport const getAccessTokenExpiresAt = (\n tokens: OIDCTokenResponseBody,\n): number => {\n // If we have an access token, try to get exp from it\n if (tokens.access_token) {\n const parsedAccessToken = decodeJwt(tokens.access_token);\n if (parsedAccessToken?.exp || false) {\n return parsedAccessToken.exp;\n }\n }\n\n // If we have expires_in field, use it\n if (tokens.expires_in) {\n const now = Math.floor(new Date().getTime() / 1000);\n return now + tokens.expires_in;\n }\n\n // If we have an ID token, use its exp as fallback\n // This is now a primary source when no access token is present\n if (tokens.id_token) {\n const parsedIdToken = decodeJwt(tokens.id_token);\n if (parsedIdToken?.exp) {\n return parsedIdToken.exp;\n }\n }\n\n // Default to 1 hour from now if we can't determine expiry\n const now = Math.floor(new Date().getTime() / 1000);\n return now + 60 * 60; // 1 hour\n};\nexport async function setAccessTokenExpiresAt(\n storage: AuthStorage | CookieStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // try to extract absolute expiry time from access token but fallback to calculation if not possible\n const accessTokenExpiresAt = getAccessTokenExpiresAt(tokens);\n await storage.set(\n OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT,\n accessTokenExpiresAt.toString(),\n );\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // ID token is the primary token and must always be stored\n await storage.set(OAuthTokenTypes.ID_TOKEN, tokens.id_token);\n\n // Only store access token if it exists (no longer required)\n if (tokens.access_token) {\n await storage.set(OAuthTokenTypes.ACCESS_TOKEN, tokens.access_token);\n }\n\n // Store refresh token if it exists\n if (tokens.refresh_token) {\n await storage.set(OAuthTokenTypes.REFRESH_TOKEN, tokens.refresh_token);\n }\n\n // Still set access token expiration even if no access token\n // (will get expiration from ID token in this case)\n await setAccessTokenExpiresAt(storage, tokens);\n}\n\n/**\n * Stores tokens in server-side cookies with appropriate expiration times\n * Uses TTL values from the tokens to set cookie maxAge values\n * Refresh token is set with no expiry (session cookie)\n */\nexport async function storeServerTokens(\n storage: AuthStorage | CookieStorage,\n tokens: OIDCTokenResponseBody,\n) {\n const accessTokenExpiresAt = getAccessTokenExpiresAt(tokens);\n const cookieStorage = storage as CookieStorage;\n const now = Math.floor(Date.now() / 1000);\n\n // Get maxAge values based on token TTLs (refresh token will be undefined)\n const { refreshTokenMaxAge, accessTokenMaxAge } = getCookiesMaxAge(tokens);\n\n // Apply maxAge to cookie options\n const accessTokenCookieOptions = {\n maxAge: accessTokenMaxAge,\n };\n\n const refreshTokenCookieOptions = {\n maxAge: refreshTokenMaxAge, // This will be undefined, making it a session cookie\n };\n\n // Set ID token with expiry based on the exp claim\n const idTokenExpiry = decodeJwt(tokens.id_token)?.exp;\n const idTokenMaxAge = idTokenExpiry ? idTokenExpiry - now : accessTokenMaxAge;\n\n // ID token is always stored (primary authentication token)\n await cookieStorage.set(OAuthTokenTypes.ID_TOKEN, tokens.id_token, {\n maxAge: idTokenMaxAge,\n });\n\n // Access token is optional - only set if it exists\n if (tokens.access_token) {\n await cookieStorage.set(\n OAuthTokenTypes.ACCESS_TOKEN,\n tokens.access_token,\n accessTokenCookieOptions,\n );\n }\n\n // Set refresh token if present as a session cookie (no expiry)\n if (tokens.refresh_token) {\n await cookieStorage.set(\n OAuthTokenTypes.REFRESH_TOKEN,\n tokens.refresh_token,\n refreshTokenCookieOptions,\n );\n }\n\n // Still store the access token expiration timestamp even if no access token\n await storage.set(\n OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT,\n accessTokenExpiresAt.toString(),\n accessTokenCookieOptions,\n );\n logger.debug(\"storeServerTokens\", {\n accessTokenExpiresAt,\n refreshTokenMaxAge: \"undefined (session cookie)\",\n accessTokenMaxAge,\n idTokenMaxAge,\n hasAccessToken: !!tokens.access_token,\n });\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n // clear all local storage keys related to OAuth and CivicAuth SDK\n const clearOAuthPromises = [\n ...Object.values(OAuthTokenTypes),\n REFRESH_IN_PROGRESS,\n AUTOREFRESH_TIMEOUT_NAME,\n LOGOUT_STATE,\n ].map(async (key) => {\n await storage.delete(key);\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearAuthServerSession(storage: AuthStorage) {\n await storage.delete(AUTH_SERVER_SESSION);\n await storage.delete(AUTH_SERVER_LEGACY_SESSION);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n await userSession.clear();\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<Partial<OIDCTokenResponseBody> | null> {\n const idToken = await storage.get(OAuthTokenTypes.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokenTypes.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokenTypes.REFRESH_TOKEN);\n const accessTokenExpiresAt = await storage.get(\n OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT,\n );\n\n return {\n id_token: idToken ?? undefined,\n access_token: accessToken ?? undefined,\n refresh_token: refreshToken ?? undefined,\n access_token_expires_at:\n accessTokenExpiresAt !== null\n ? parseInt(accessTokenExpiresAt, 10)\n : undefined, // Convert string to number\n };\n}\n\nexport async function retrieveAccessTokenExpiresAt(\n storage: AuthStorage,\n): Promise<number> {\n return Number(await storage.get(OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT));\n}\n\n// Single JWKS instance that persists for the lifetime of the SDK session\nlet cachedJWKS: ReturnType<typeof jose.createRemoteJWKSet> | null = null;\nlet cachedJwksUrl: string | null = null;\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n jwksEndpoint: string,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n // Only create a new JWKS instance if one doesn't exist yet\n if (!cachedJWKS || cachedJwksUrl !== jwksEndpoint) {\n cachedJWKS = jose.createRemoteJWKSet(new URL(jwksEndpoint));\n cachedJwksUrl = jwksEndpoint;\n }\n\n // Validate the ID token - this is now the primary token for authentication\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n cachedJWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // Only validate the access token if it exists, but if present it must be valid\n let accessTokenPayload;\n if (tokens.access_token) {\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n cachedJWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n accessTokenPayload = accessTokenResponse.payload;\n }\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenPayload,\n ...(tokens?.refresh_token ? { refresh_token: tokens.refresh_token } : {}),\n });\n}\n"]}
1
+ {"version":3,"file":"util.js","sourceRoot":"","sources":["../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,eAAe,GAChB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,SAAS,EAAmB,MAAM,MAAM,CAAC;AAElD,OAAO,EACL,wBAAwB,EACxB,YAAY,EACZ,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE1C,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;AAC3C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACzD,aAAa,CAAC,YAAY,CAAC,MAAM,CAC/B,0BAA0B,EAC1B,MAAM,CAAC,WAAW,CACnB,CAAC;IACF,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GAAG,CAAC,MAAM,YAAY,CAAC,yBAAyB,CAAC,IAAI,EAAE;QACjE,YAAY;KACb,CAAC,CAA0B,CAAC;IAE7B,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CACxB,MAAM,EACN,SAAS,CAAC,IAAI,EACd,YAAY,EACZ,WAAW,CACZ,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AACD;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,MAA6B,EAC0C,EAAE;IACzE,IAAI,cAAc,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,iBAAiB;IAE/C,mDAAmD;IACnD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,iBAAiB,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QACzD,cAAc;YACZ,MAAM,CAAC,iBAAiB,EAAE,cAAc,CAAC,IAAI,cAAc,CAAC;QAE9D,mDAAmD;QACnD,IAAI,iBAAiB,EAAE,GAAG,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,cAAc,GAAG,iBAAiB,CAAC,GAAG,GAAG,GAAG,CAAC;QAC/C,CAAC;IACH,CAAC;SAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC3B,iEAAiE;QACjE,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,aAAa,EAAE,GAAG,EAAE,CAAC;YACvB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,cAAc,GAAG,aAAa,CAAC,GAAG,GAAG,GAAG,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,oFAAoF;IACpF,MAAM,iBAAiB,GAAG,cAAc,CAAC;IACzC,MAAM,kBAAkB,GAAG,SAAS,CAAC,CAAC,mCAAmC;IAEzE,OAAO;QACL,iBAAiB;QACjB,kBAAkB;KACnB,CAAC;AACJ,CAAC,CAAC;AACF,MAAM,CAAC,MAAM,uBAAuB,GAAG,CACrC,MAA6B,EACrB,EAAE;IACV,qDAAqD;IACrD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,iBAAiB,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QACzD,IAAI,iBAAiB,EAAE,GAAG,IAAI,KAAK,EAAE,CAAC;YACpC,OAAO,iBAAiB,CAAC,GAAG,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QACpD,OAAO,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC;IACjC,CAAC;IAED,kDAAkD;IAClD,+DAA+D;IAC/D,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,aAAa,EAAE,GAAG,EAAE,CAAC;YACvB,OAAO,aAAa,CAAC,GAAG,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,0DAA0D;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;IACpD,OAAO,GAAG,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,SAAS;AACjC,CAAC,CAAC;AACF,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,OAAoC,EACpC,MAA6B;IAE7B,oGAAoG;IACpG,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAC7D,MAAM,OAAO,CAAC,GAAG,CACf,eAAe,CAAC,uBAAuB,EACvC,oBAAoB,CAAC,QAAQ,EAAE,CAChC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,0DAA0D;IAC1D,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE7D,4DAA4D;IAC5D,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACvE,CAAC;IAED,mCAAmC;IACnC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACzE,CAAC;IAED,4DAA4D;IAC5D,mDAAmD;IACnD,MAAM,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAAoC,EACpC,MAA6B;IAE7B,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,OAAwB,CAAC;IAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE1C,0EAA0E;IAC1E,MAAM,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAE3E,iCAAiC;IACjC,MAAM,wBAAwB,GAAG;QAC/B,MAAM,EAAE,iBAAiB;KAC1B,CAAC;IAEF,MAAM,yBAAyB,GAAG;QAChC,MAAM,EAAE,kBAAkB,EAAE,qDAAqD;KAClF,CAAC;IAEF,kDAAkD;IAClD,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC;IACtD,MAAM,aAAa,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,GAAG,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAE9E,2DAA2D;IAC3D,MAAM,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE;QACjE,MAAM,EAAE,aAAa;KACtB,CAAC,CAAC;IAEH,mDAAmD;IACnD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,aAAa,CAAC,GAAG,CACrB,eAAe,CAAC,YAAY,EAC5B,MAAM,CAAC,YAAY,EACnB,wBAAwB,CACzB,CAAC;IACJ,CAAC;IAED,+DAA+D;IAC/D,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,aAAa,CAAC,GAAG,CACrB,eAAe,CAAC,aAAa,EAC7B,MAAM,CAAC,aAAa,EACpB,yBAAyB,CAC1B,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,MAAM,OAAO,CAAC,GAAG,CACf,eAAe,CAAC,uBAAuB,EACvC,oBAAoB,CAAC,QAAQ,EAAE,EAC/B,wBAAwB,CACzB,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE;QAChC,oBAAoB;QACpB,kBAAkB,EAAE,4BAA4B;QAChD,iBAAiB;QACjB,aAAa;QACb,cAAc,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY;KACtC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,kEAAkE;IAClE,MAAM,kBAAkB,GAAG;QACzB,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC;QACjC,mBAAmB;QACnB,wBAAwB;QACxB,YAAY;KACb,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAClB,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,OAAoB;IAC/D,MAAM,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IAC1C,MAAM,OAAO,CAAC,MAAM,CAAC,0BAA0B,CAAC,CAAC;AACnD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;IACpE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;IACtE,MAAM,oBAAoB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC5C,eAAe,CAAC,uBAAuB,CACxC,CAAC;IAEF,OAAO;QACL,QAAQ,EAAE,OAAO,IAAI,SAAS;QAC9B,YAAY,EAAE,WAAW,IAAI,SAAS;QACtC,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,uBAAuB,EACrB,oBAAoB,KAAK,IAAI;YAC3B,CAAC,CAAC,QAAQ,CAAC,oBAAoB,EAAE,EAAE,CAAC;YACpC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KAC7C,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,OAAoB;IAEpB,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,uBAAuB,CAAC,CAAC;IACzE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAChC,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;AAC7C,CAAC;AAED,yEAAyE;AACzE,IAAI,UAAU,GAAsD,IAAI,CAAC;AACzE,IAAI,aAAa,GAAkB,IAAI,CAAC;AAExC,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,YAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,2DAA2D;IAC3D,IAAI,CAAC,UAAU,IAAI,aAAa,KAAK,YAAY,EAAE,CAAC;QAClD,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QAC5D,aAAa,GAAG,YAAY,CAAC;IAC/B,CAAC;IAED,2EAA2E;IAC3E,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,UAAU,EACV;QACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,+EAA+E;IAC/E,IAAI,kBAAkB,CAAC;IACvB,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,UAAU,EACV;YACE,MAAM,EAAE,mBAAmB,CAAC,MAAM,CAAC;SACpC,CACF,CAAC;QACF,kBAAkB,GAAG,mBAAmB,CAAC,OAAO,CAAC;IACnD,CAAC;IAED,OAAO,gBAAgB,CAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,kBAAkB;QAChC,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC1E,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport {\n AUTH_SERVER_LEGACY_SESSION,\n AUTH_SERVER_SESSION,\n OAuthTokenTypes,\n} from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { decodeJwt, type JWTPayload } from \"jose\";\nimport type { CookieStorage } from \"./storage.js\";\nimport {\n AUTOREFRESH_TIMEOUT_NAME,\n LOGOUT_STATE,\n REFRESH_IN_PROGRESS,\n} from \"@/constants.js\";\nimport { loggers } from \"@/lib/logger.js\";\n\nconst logger = loggers.services.validation;\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n redirectUrl: string;\n idToken: string;\n state: string;\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const endSessionUrl = new URL(endpoints.endsession);\n endSessionUrl.searchParams.append(\"client_id\", config.clientId);\n endSessionUrl.searchParams.append(\"id_token_hint\", config.idToken);\n endSessionUrl.searchParams.append(\"state\", config.state);\n endSessionUrl.searchParams.append(\n \"post_logout_redirect_uri\",\n config.redirectUrl,\n );\n return endSessionUrl;\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens = (await oauth2Client.validateAuthorizationCode(code, {\n codeVerifier,\n })) as OIDCTokenResponseBody;\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(\n tokens,\n endpoints.jwks,\n oauth2Client,\n oauthServer,\n );\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n/**\n * Calculates the maxAge values for access and refresh token cookies\n * based on the TTL values in the access token\n *\n * maxAge needs to be in seconds from now until expiration\n *\n * @param tokens OIDC tokens response containing the access token\n * @returns Object with accessTokenMaxAge and refreshTokenMaxAge in seconds\n */\nexport const getCookiesMaxAge = (\n tokens: OIDCTokenResponseBody,\n): { accessTokenMaxAge: number; refreshTokenMaxAge: undefined | number } => {\n let accessTokenTTL = 60 * 60; // 1 hour default\n\n // Get access token TTL from the token if it exists\n if (tokens.access_token) {\n const parsedAccessToken = decodeJwt(tokens.access_token);\n accessTokenTTL =\n Number(parsedAccessToken?.accessTokenTTL) || accessTokenTTL;\n\n // If access token has exp claim, use that directly\n if (parsedAccessToken?.exp) {\n const now = Math.floor(Date.now() / 1000);\n accessTokenTTL = parsedAccessToken.exp - now;\n }\n } else if (tokens.id_token) {\n // If no access token exists, try to get expiration from ID token\n const parsedIdToken = decodeJwt(tokens.id_token);\n if (parsedIdToken?.exp) {\n const now = Math.floor(Date.now() / 1000);\n accessTokenTTL = parsedIdToken.exp - now;\n }\n }\n\n // Calculate maxAge for access token, but set refresh token to undefined (no expiry)\n const accessTokenMaxAge = accessTokenTTL;\n const refreshTokenMaxAge = undefined; // This makes the cookie not expire\n\n return {\n accessTokenMaxAge,\n refreshTokenMaxAge,\n };\n};\nexport const getAccessTokenExpiresAt = (\n tokens: OIDCTokenResponseBody,\n): number => {\n // If we have an access token, try to get exp from it\n if (tokens.access_token) {\n const parsedAccessToken = decodeJwt(tokens.access_token);\n if (parsedAccessToken?.exp || false) {\n return parsedAccessToken.exp;\n }\n }\n\n // If we have expires_in field, use it\n if (tokens.expires_in) {\n const now = Math.floor(new Date().getTime() / 1000);\n return now + tokens.expires_in;\n }\n\n // If we have an ID token, use its exp as fallback\n // This is now a primary source when no access token is present\n if (tokens.id_token) {\n const parsedIdToken = decodeJwt(tokens.id_token);\n if (parsedIdToken?.exp) {\n return parsedIdToken.exp;\n }\n }\n\n // Default to 1 hour from now if we can't determine expiry\n const now = Math.floor(new Date().getTime() / 1000);\n return now + 60 * 60; // 1 hour\n};\nexport async function setAccessTokenExpiresAt(\n storage: AuthStorage | CookieStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // try to extract absolute expiry time from access token but fallback to calculation if not possible\n const accessTokenExpiresAt = getAccessTokenExpiresAt(tokens);\n await storage.set(\n OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT,\n accessTokenExpiresAt.toString(),\n );\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // ID token is the primary token and must always be stored\n await storage.set(OAuthTokenTypes.ID_TOKEN, tokens.id_token);\n\n // Only store access token if it exists (no longer required)\n if (tokens.access_token) {\n await storage.set(OAuthTokenTypes.ACCESS_TOKEN, tokens.access_token);\n }\n\n // Store refresh token if it exists\n if (tokens.refresh_token) {\n await storage.set(OAuthTokenTypes.REFRESH_TOKEN, tokens.refresh_token);\n }\n\n // Still set access token expiration even if no access token\n // (will get expiration from ID token in this case)\n await setAccessTokenExpiresAt(storage, tokens);\n}\n\n/**\n * Stores tokens in server-side cookies with appropriate expiration times\n * Uses TTL values from the tokens to set cookie maxAge values\n * Refresh token is set with no expiry (session cookie)\n */\nexport async function storeServerTokens(\n storage: AuthStorage | CookieStorage,\n tokens: OIDCTokenResponseBody,\n) {\n const accessTokenExpiresAt = getAccessTokenExpiresAt(tokens);\n const cookieStorage = storage as CookieStorage;\n const now = Math.floor(Date.now() / 1000);\n\n // Get maxAge values based on token TTLs (refresh token will be undefined)\n const { refreshTokenMaxAge, accessTokenMaxAge } = getCookiesMaxAge(tokens);\n\n // Apply maxAge to cookie options\n const accessTokenCookieOptions = {\n maxAge: accessTokenMaxAge,\n };\n\n const refreshTokenCookieOptions = {\n maxAge: refreshTokenMaxAge, // This will be undefined, making it a session cookie\n };\n\n // Set ID token with expiry based on the exp claim\n const idTokenExpiry = decodeJwt(tokens.id_token)?.exp;\n const idTokenMaxAge = idTokenExpiry ? idTokenExpiry - now : accessTokenMaxAge;\n\n // ID token is always stored (primary authentication token)\n await cookieStorage.set(OAuthTokenTypes.ID_TOKEN, tokens.id_token, {\n maxAge: idTokenMaxAge,\n });\n\n // Access token is optional - only set if it exists\n if (tokens.access_token) {\n await cookieStorage.set(\n OAuthTokenTypes.ACCESS_TOKEN,\n tokens.access_token,\n accessTokenCookieOptions,\n );\n }\n\n // Set refresh token if present as a session cookie (no expiry)\n if (tokens.refresh_token) {\n await cookieStorage.set(\n OAuthTokenTypes.REFRESH_TOKEN,\n tokens.refresh_token,\n refreshTokenCookieOptions,\n );\n }\n\n // Still store the access token expiration timestamp even if no access token\n await storage.set(\n OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT,\n accessTokenExpiresAt.toString(),\n accessTokenCookieOptions,\n );\n logger.debug(\"storeServerTokens\", {\n accessTokenExpiresAt,\n refreshTokenMaxAge: \"undefined (session cookie)\",\n accessTokenMaxAge,\n idTokenMaxAge,\n hasAccessToken: !!tokens.access_token,\n });\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n // clear all local storage keys related to OAuth and CivicAuth SDK\n const clearOAuthPromises = [\n ...Object.values(OAuthTokenTypes),\n REFRESH_IN_PROGRESS,\n AUTOREFRESH_TIMEOUT_NAME,\n LOGOUT_STATE,\n ].map(async (key) => {\n await storage.delete(key);\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearAuthServerSession(storage: AuthStorage) {\n await storage.delete(AUTH_SERVER_SESSION);\n await storage.delete(AUTH_SERVER_LEGACY_SESSION);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n await userSession.clear();\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<Partial<OIDCTokenResponseBody> | null> {\n const idToken = await storage.get(OAuthTokenTypes.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokenTypes.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokenTypes.REFRESH_TOKEN);\n const accessTokenExpiresAt = await storage.get(\n OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT,\n );\n\n return {\n id_token: idToken ?? undefined,\n access_token: accessToken ?? undefined,\n refresh_token: refreshToken ?? undefined,\n access_token_expires_at:\n accessTokenExpiresAt !== null\n ? parseInt(accessTokenExpiresAt, 10)\n : undefined, // Convert string to number\n };\n}\n\nexport async function retrieveAccessTokenExpiresAt(\n storage: AuthStorage,\n): Promise<number | null> {\n const value = await storage.get(OAuthTokenTypes.ACCESS_TOKEN_EXPIRES_AT);\n if (!value) {\n return null;\n }\n const expiresAt = Number(value);\n return isNaN(expiresAt) ? null : expiresAt;\n}\n\n// Single JWKS instance that persists for the lifetime of the SDK session\nlet cachedJWKS: ReturnType<typeof jose.createRemoteJWKSet> | null = null;\nlet cachedJwksUrl: string | null = null;\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n jwksEndpoint: string,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n // Only create a new JWKS instance if one doesn't exist yet\n if (!cachedJWKS || cachedJwksUrl !== jwksEndpoint) {\n cachedJWKS = jose.createRemoteJWKSet(new URL(jwksEndpoint));\n cachedJwksUrl = jwksEndpoint;\n }\n\n // Validate the ID token - this is now the primary token for authentication\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n cachedJWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // Only validate the access token if it exists, but if present it must be valid\n let accessTokenPayload;\n if (tokens.access_token) {\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n cachedJWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n accessTokenPayload = accessTokenResponse.payload;\n }\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenPayload,\n ...(tokens?.refresh_token ? { refresh_token: tokens.refresh_token } : {}),\n });\n}\n"]}
package/dist/shared/providers/AuthContext.d.ts CHANGED
@@ -1,6 +1,10 @@
1
- import type { AuthStatus, DisplayMode } from "../../types.js";
1
+ import type { AuthStatus, DisplayMode, User } from "../../types.js";
2
+ type SignInResult = {
3
+ user: User | null;
4
+ error: Error | null;
5
+ };
2
6
  export type AuthContextType = {
3
- signIn: (displayMode?: DisplayMode) => Promise<void>;
7
+ signIn: (displayMode?: DisplayMode) => Promise<SignInResult>;
4
8
  isAuthenticated: boolean;
5
9
  isLoading: boolean;
6
10
  error: Error | null;
@@ -9,4 +13,5 @@ export type AuthContextType = {
9
13
  displayMode: DisplayMode;
10
14
  };
11
15
  export declare const AuthContext: import("react").Context<AuthContextType | null>;
16
+ export {};
12
17
  //# sourceMappingURL=AuthContext.d.ts.map
package/dist/shared/providers/AuthContext.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthContext.d.ts","sourceRoot":"","sources":["../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,MAAM,eAAe,GAAG;IAC5B,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AACF,eAAO,MAAM,WAAW,iDAA8C,CAAC"}
1
+ {"version":3,"file":"AuthContext.d.ts","sourceRoot":"","sources":["../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEhE,KAAK,YAAY,GAAG;IAClB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;IAC7D,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AACF,eAAO,MAAM,WAAW,iDAA8C,CAAC"}
package/dist/shared/providers/AuthContext.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthContext.js","sourceRoot":"","sources":["../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,aAAa,EAAE,MAAM,OAAO,CAAC;AAYtC,MAAM,CAAC,MAAM,WAAW,GAAG,aAAa,CAAyB,IAAI,CAAC,CAAC","sourcesContent":["\"use client\";\nimport { createContext } from \"react\";\nimport type { AuthStatus, DisplayMode } from \"@/types.js\";\n\nexport type AuthContextType = {\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n isAuthenticated: boolean;\n isLoading: boolean;\n error: Error | null;\n signOut: () => Promise<void>;\n authStatus: AuthStatus;\n displayMode: DisplayMode;\n};\nexport const AuthContext = createContext<AuthContextType | null>(null);\n"]}
1
+ {"version":3,"file":"AuthContext.js","sourceRoot":"","sources":["../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,aAAa,EAAE,MAAM,OAAO,CAAC;AAiBtC,MAAM,CAAC,MAAM,WAAW,GAAG,aAAa,CAAyB,IAAI,CAAC,CAAC","sourcesContent":["\"use client\";\nimport { createContext } from \"react\";\nimport type { AuthStatus, DisplayMode, User } from \"@/types.js\";\n\ntype SignInResult = {\n user: User | null;\n error: Error | null;\n};\n\nexport type AuthContextType = {\n signIn: (displayMode?: DisplayMode) => Promise<SignInResult>;\n isAuthenticated: boolean;\n isLoading: boolean;\n error: Error | null;\n signOut: () => Promise<void>;\n authStatus: AuthStatus;\n displayMode: DisplayMode;\n};\nexport const AuthContext = createContext<AuthContextType | null>(null);\n"]}
package/dist/shared/providers/UserProvider.d.ts CHANGED
@@ -4,6 +4,10 @@ import type { AuthStatus, AuthStorage, DisplayMode, ForwardedTokens, User } from
4
4
  import type { AuthContextType } from "../../shared/providers/AuthContext.js";
5
5
  import type { JWTPayload } from "jose";
6
6
  type UserContent = Record<string, unknown> & JWTPayload;
7
+ type SignInResult = {
8
+ user: User | null;
9
+ error: Error | null;
10
+ };
7
11
  type UserContextType<T extends UserContent = UserContent> = {
8
12
  user: User<T> | null;
9
13
  } & {
@@ -18,7 +22,7 @@ declare const UserProvider: <T extends UserContent>({ children, storage, user: i
18
22
  user: User<T> | null;
19
23
  signOut: () => Promise<void>;
20
24
  authStatus: AuthStatus;
21
- signIn: (displayMode?: DisplayMode) => Promise<void>;
25
+ signIn: (displayMode?: DisplayMode) => Promise<SignInResult>;
22
26
  displayMode: DisplayMode;
23
27
  }) => import("@emotion/react/jsx-runtime").JSX.Element;
24
28
  export type { UserContextType };
package/dist/shared/providers/UserProvider.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"UserProvider.d.ts","sourceRoot":"","sources":["../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAA0D,MAAM,OAAO,CAAC;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAK,EACV,UAAU,EACV,WAAW,EACX,WAAW,EACX,eAAe,EACf,IAAI,EACL,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAGzE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,CAAC;AACxD,KAAK,eAAe,CAAC,CAAC,SAAS,WAAW,GAAG,WAAW,IAAI;IAC1D,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;CACtB,GAAG;IACF,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC,GAAG,IAAI,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;AAE7C,QAAA,MAAM,WAAW,oDAA8C,CAAC;AAEhE,QAAA,MAAM,YAAY,GAAI,CAAC,SAAS,WAAW,qFAQxC;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,WAAW,CAAC;IACrB,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,WAAW,EAAE,WAAW,CAAC;CAC1B,qDAmEA,CAAC;AAEF,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC"}
1
+ {"version":3,"file":"UserProvider.d.ts","sourceRoot":"","sources":["../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAA0D,MAAM,OAAO,CAAC;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAK,EACV,UAAU,EACV,WAAW,EACX,WAAW,EACX,eAAe,EACf,IAAI,EACL,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAGzE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,CAAC;AAExD,KAAK,YAAY,GAAG;IAClB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB,CAAC;AAEF,KAAK,eAAe,CAAC,CAAC,SAAS,WAAW,GAAG,WAAW,IAAI;IAC1D,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;CACtB,GAAG;IACF,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC,GAAG,IAAI,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;AAE7C,QAAA,MAAM,WAAW,oDAA8C,CAAC;AAEhE,QAAA,MAAM,YAAY,GAAI,CAAC,SAAS,WAAW,qFAQxC;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,WAAW,CAAC;IACrB,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;IAC7D,WAAW,EAAE,WAAW,CAAC;CAC1B,qDAmEA,CAAC;AAEF,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC"}
package/dist/shared/providers/UserProvider.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAS/E,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAE1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAYhD,MAAM,WAAW,GAAG,aAAa,CAAyB,IAAI,CAAC,CAAC;AAEhE,MAAM,YAAY,GAAG,CAAwB,EAC3C,QAAQ,EACR,OAAO,EACP,IAAI,EAAE,SAAS,EACf,OAAO,EACP,UAAU,EACV,MAAM,EACN,WAAW,GASZ,EAAE,EAAE;IACH,MAAM,EACJ,IAAI,EAAE,OAAO,EACb,KAAK,EAAE,SAAS,EAChB,SAAS,EAAE,WAAW,GACvB,GAAG,UAAU,EAAE,CAAC;IACjB,MAAM,MAAM,GAAG,QAAQ,EAAE,CAAC;IAC1B,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAU,KAAK,CAAC,CAAC;IAC/D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAC/D,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAiB,SAAS,CAAC,CAAC;IAE5D,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,IAA6B,EAAE;QAChE,IAAI,CAAC,OAAO,EAAE,OAAO;YAAE,OAAO,IAAI,CAAC;QACnC,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAI,OAAO,CAAC,CAAC;QACvD,OAAO,WAAW,CAAC,GAAG,EAAE,CAAC;IAC3B,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAEhC,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;YACrB,cAAc,CAAC,IAAI,CAAC,CAAC;YACrB,SAAS,EAAE;iBACR,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBACb,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACnB,sGAAsG;oBACtG,sEAAsE;oBACtE,2EAA2E;oBAC3E,OAAO,IAAI,IAAI,QAAQ,CAAC;gBAC1B,CAAC,CAAC,CAAC;YACL,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACf,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,YAAY,CAAC,KAAK,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC;IACH,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAElC,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC;IAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;IAErC,mEAAmE;IACnE,+DAA+D;IAC/D,kEAAkE;IAClE,oEAAoE;IACpE,mEAAmE;IACnE,8CAA8C;IAC9C,qEAAqE;IACrE,MAAM,SAAS,GAAG,IAAI,IAAI,SAAS,CAAC;IAEpC,OAAO,CACL,KAAC,WAAW,CAAC,QAAQ,IACnB,KAAK,EAAE;YACL,GAAG,MAAM;YACT,IAAI,EAAE,SAAS;YACf,SAAS;YACT,KAAK;YACL,MAAM;YACN,OAAO;YACP,UAAU;YACV,WAAW,EAAE,WAAW,IAAI,QAAQ;SACrC,YAEA,QAAQ,GACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAIF,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC","sourcesContent":["\"use client\";\n\nimport React, { createContext, useCallback, useEffect, useState } from \"react\";\nimport type { ReactNode } from \"react\";\nimport type {\n AuthStatus,\n AuthStorage,\n DisplayMode,\n ForwardedTokens,\n User,\n} from \"@/types.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { AuthContextType } from \"@/shared/providers/AuthContext.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { useToken } from \"../hooks/useToken.js\";\nimport type { JWTPayload } from \"jose\";\n\ntype UserContent = Record<string, unknown> & JWTPayload;\ntype UserContextType<T extends UserContent = UserContent> = {\n user: User<T> | null;\n} & {\n accessToken?: string | null;\n idToken?: string | null;\n forwardedTokens?: ForwardedTokens;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends UserContent>({\n children,\n storage,\n user: inputUser,\n signOut,\n authStatus,\n signIn,\n displayMode,\n}: {\n children: ReactNode;\n storage: AuthStorage;\n user: User<T> | null;\n signOut: () => Promise<void>;\n authStatus: AuthStatus;\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n displayMode: DisplayMode;\n}) => {\n const {\n data: session,\n error: authError,\n isLoading: authLoading,\n } = useSession();\n const tokens = useToken();\n const [userLoading, setUserLoading] = useState<boolean>(false);\n const [userError, setUserError] = useState<Error | null>(null);\n const [user, setUser] = useState<User<T> | null>(inputUser);\n\n const fetchUser = useCallback(async (): Promise<User<T> | null> => {\n if (!session?.idToken) return null;\n const userSession = new GenericUserSession<T>(storage);\n return userSession.get();\n }, [session?.idToken, storage]);\n\n useEffect(() => {\n if (session?.idToken) {\n setUserLoading(true);\n fetchUser()\n .then((user) => {\n setUserLoading(false);\n setUser((prevUser) => {\n // we only want to update the user if it's set - if a user is passed in, don't assume it is wrong here\n // it could be just the fetchUser returned null for some other reason.\n // TODO consider cleaning this up in general to avoid needing context here.\n return user ?? prevUser;\n });\n })\n .catch((error) => {\n setUserLoading(false);\n setUserError(error);\n });\n } else {\n setUser(null);\n }\n }, [fetchUser, session?.idToken]);\n\n const isLoading = authLoading || userLoading;\n const error = authError ?? userError;\n\n // While we are passing a user as a prop _and_ storing it in state,\n // there is the case where the user is not set in the state yet\n // (setState is called but the rerender has not yet happened), but\n // is passed as a prop. In this case, we want to use the prop value.\n // A better solution is to avoid having multiple layers of context.\n // If the user is passed in, we just use that.\n // We should not split user state management across multiple contexts\n const userValue = user ?? inputUser;\n\n return (\n <UserContext.Provider\n value={{\n ...tokens,\n user: userValue,\n isLoading,\n error,\n signIn,\n signOut,\n authStatus,\n displayMode: displayMode || \"iframe\",\n }}\n >\n {children}\n </UserContext.Provider>\n );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n"]}
1
+ {"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,KAAK,EAAE,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAS/E,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAE1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAkBhD,MAAM,WAAW,GAAG,aAAa,CAAyB,IAAI,CAAC,CAAC;AAEhE,MAAM,YAAY,GAAG,CAAwB,EAC3C,QAAQ,EACR,OAAO,EACP,IAAI,EAAE,SAAS,EACf,OAAO,EACP,UAAU,EACV,MAAM,EACN,WAAW,GASZ,EAAE,EAAE;IACH,MAAM,EACJ,IAAI,EAAE,OAAO,EACb,KAAK,EAAE,SAAS,EAChB,SAAS,EAAE,WAAW,GACvB,GAAG,UAAU,EAAE,CAAC;IACjB,MAAM,MAAM,GAAG,QAAQ,EAAE,CAAC;IAC1B,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAU,KAAK,CAAC,CAAC;IAC/D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAC/D,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAiB,SAAS,CAAC,CAAC;IAE5D,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,IAA6B,EAAE;QAChE,IAAI,CAAC,OAAO,EAAE,OAAO;YAAE,OAAO,IAAI,CAAC;QACnC,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAI,OAAO,CAAC,CAAC;QACvD,OAAO,WAAW,CAAC,GAAG,EAAE,CAAC;IAC3B,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAEhC,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;YACrB,cAAc,CAAC,IAAI,CAAC,CAAC;YACrB,SAAS,EAAE;iBACR,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBACb,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACnB,sGAAsG;oBACtG,sEAAsE;oBACtE,2EAA2E;oBAC3E,OAAO,IAAI,IAAI,QAAQ,CAAC;gBAC1B,CAAC,CAAC,CAAC;YACL,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACf,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,YAAY,CAAC,KAAK,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC;IACH,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAElC,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC;IAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;IAErC,mEAAmE;IACnE,+DAA+D;IAC/D,kEAAkE;IAClE,oEAAoE;IACpE,mEAAmE;IACnE,8CAA8C;IAC9C,qEAAqE;IACrE,MAAM,SAAS,GAAG,IAAI,IAAI,SAAS,CAAC;IAEpC,OAAO,CACL,KAAC,WAAW,CAAC,QAAQ,IACnB,KAAK,EAAE;YACL,GAAG,MAAM;YACT,IAAI,EAAE,SAAS;YACf,SAAS;YACT,KAAK;YACL,MAAM;YACN,OAAO;YACP,UAAU;YACV,WAAW,EAAE,WAAW,IAAI,QAAQ;SACrC,YAEA,QAAQ,GACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAIF,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC","sourcesContent":["\"use client\";\n\nimport React, { createContext, useCallback, useEffect, useState } from \"react\";\nimport type { ReactNode } from \"react\";\nimport type {\n AuthStatus,\n AuthStorage,\n DisplayMode,\n ForwardedTokens,\n User,\n} from \"@/types.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { AuthContextType } from \"@/shared/providers/AuthContext.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { useToken } from \"../hooks/useToken.js\";\nimport type { JWTPayload } from \"jose\";\n\ntype UserContent = Record<string, unknown> & JWTPayload;\n\ntype SignInResult = {\n user: User | null;\n error: Error | null;\n};\n\ntype UserContextType<T extends UserContent = UserContent> = {\n user: User<T> | null;\n} & {\n accessToken?: string | null;\n idToken?: string | null;\n forwardedTokens?: ForwardedTokens;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends UserContent>({\n children,\n storage,\n user: inputUser,\n signOut,\n authStatus,\n signIn,\n displayMode,\n}: {\n children: ReactNode;\n storage: AuthStorage;\n user: User<T> | null;\n signOut: () => Promise<void>;\n authStatus: AuthStatus;\n signIn: (displayMode?: DisplayMode) => Promise<SignInResult>;\n displayMode: DisplayMode;\n}) => {\n const {\n data: session,\n error: authError,\n isLoading: authLoading,\n } = useSession();\n const tokens = useToken();\n const [userLoading, setUserLoading] = useState<boolean>(false);\n const [userError, setUserError] = useState<Error | null>(null);\n const [user, setUser] = useState<User<T> | null>(inputUser);\n\n const fetchUser = useCallback(async (): Promise<User<T> | null> => {\n if (!session?.idToken) return null;\n const userSession = new GenericUserSession<T>(storage);\n return userSession.get();\n }, [session?.idToken, storage]);\n\n useEffect(() => {\n if (session?.idToken) {\n setUserLoading(true);\n fetchUser()\n .then((user) => {\n setUserLoading(false);\n setUser((prevUser) => {\n // we only want to update the user if it's set - if a user is passed in, don't assume it is wrong here\n // it could be just the fetchUser returned null for some other reason.\n // TODO consider cleaning this up in general to avoid needing context here.\n return user ?? prevUser;\n });\n })\n .catch((error) => {\n setUserLoading(false);\n setUserError(error);\n });\n } else {\n setUser(null);\n }\n }, [fetchUser, session?.idToken]);\n\n const isLoading = authLoading || userLoading;\n const error = authError ?? userError;\n\n // While we are passing a user as a prop _and_ storing it in state,\n // there is the case where the user is not set in the state yet\n // (setState is called but the rerender has not yet happened), but\n // is passed as a prop. In this case, we want to use the prop value.\n // A better solution is to avoid having multiple layers of context.\n // If the user is passed in, we just use that.\n // We should not split user state management across multiple contexts\n const userValue = user ?? inputUser;\n\n return (\n <UserContext.Provider\n value={{\n ...tokens,\n user: userValue,\n isLoading,\n error,\n signIn,\n signOut,\n authStatus,\n displayMode: displayMode || \"iframe\",\n }}\n >\n {children}\n </UserContext.Provider>\n );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n"]}
package/dist/shared/version.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- export declare const VERSION = "@civic/auth:0.6.0";
1
+ export declare const VERSION = "@civic/auth:0.6.1-beta.2";
2
2
  //# sourceMappingURL=version.d.ts.map
package/dist/shared/version.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../../src/shared/version.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,OAAO,sBAAsB,CAAC"}
1
+ {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../../src/shared/version.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,OAAO,6BAA6B,CAAC"}
package/dist/shared/version.js CHANGED
@@ -1,3 +1,3 @@
1
1
  // This is an auto-generated file. Do not edit.
2
- export const VERSION = "@civic/auth:0.6.0";
2
+ export const VERSION = "@civic/auth:0.6.1-beta.2";
3
3
  //# sourceMappingURL=version.js.map
package/dist/shared/version.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,mBAAmB,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.6.0\";\n"]}
1
+ {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.6.1-beta.2\";\n"]}
package/dist/vanillajs/auth/AuthenticationEvents.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationEvents.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/AuthenticationEvents.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAGnD,MAAM,MAAM,iBAAiB,CAAC,CAAC,GAAG,OAAO,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,IAAI,CAAC;AAEnE,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,SAAS,CAA2D;IAC5E,OAAO,CAAC,MAAM,CAAsB;IAEpC,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAO7D,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAU9D,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,GAAG,IAAI;IAY5C,kBAAkB,CAAC,KAAK,CAAC,EAAE,SAAS,GAAG,IAAI;CAO5C"}
1
+ {"version":3,"file":"AuthenticationEvents.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/AuthenticationEvents.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAGnD,MAAM,MAAM,iBAAiB,CAAC,CAAC,GAAG,OAAO,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,IAAI,CAAC;AAEnE,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,SAAS,CAA2D;IAC5E,OAAO,CAAC,MAAM,CAA0B;IAExC,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAO7D,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAU9D,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,GAAG,IAAI;IAY5C,kBAAkB,CAAC,KAAK,CAAC,EAAE,SAAS,GAAG,IAAI;CAO5C"}
package/dist/vanillajs/auth/AuthenticationEvents.js CHANGED
@@ -1,7 +1,7 @@
1
- import { getCurrentLogger } from "../utils/logger.js";
1
+ import { createLogger } from "../utils/logger.js";
2
2
  export class AuthenticationEvents {
3
3
  listeners = new Map();
4
- logger = getCurrentLogger();
4
+ logger = createLogger("events");
5
5
  on(event, listener) {
6
6
  if (!this.listeners.has(event)) {
7
7
  this.listeners.set(event, []);
package/dist/vanillajs/auth/AuthenticationEvents.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationEvents.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/AuthenticationEvents.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAItD,MAAM,OAAO,oBAAoB;IACvB,SAAS,GAAiD,IAAI,GAAG,EAAE,CAAC;IACpE,MAAM,GAAG,gBAAgB,EAAE,CAAC;IAEpC,EAAE,CAAI,KAAgB,EAAE,QAA8B;QACpD,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAChC,CAAC;QACA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAA4B,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IACxE,CAAC;IAED,GAAG,CAAI,KAAgB,EAAE,QAA8B;QACrD,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACjD,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,GAAG,CAChB,KAAK,EACL,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,CAAI,KAAgB,EAAE,OAAW;QAClC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAA4B,EAAE,OAAO,CAC5D,CAAC,QAAQ,EAAE,EAAE;YACX,IAAI,CAAC;gBACH,QAAQ,CAAC,OAAO,CAAC,CAAC;YACpB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,GAAG,EAAE,KAAK,CAAC,CAAC;YACpE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED,kBAAkB,CAAC,KAAiB;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACzB,CAAC;IACH,CAAC;CACF","sourcesContent":["import type { AuthEvent } from \"../types/index.js\";\nimport { getCurrentLogger } from \"../utils/logger.js\";\n\nexport type AuthEventListener<T = unknown> = (payload?: T) => void;\n\nexport class AuthenticationEvents {\n private listeners: Map<AuthEvent, AuthEventListener<unknown>[]> = new Map();\n private logger = getCurrentLogger();\n\n on<T>(event: AuthEvent, listener: AuthEventListener<T>): void {\n if (!this.listeners.has(event)) {\n this.listeners.set(event, []);\n }\n (this.listeners.get(event) as AuthEventListener<T>[])?.push(listener);\n }\n\n off<T>(event: AuthEvent, listener: AuthEventListener<T>): void {\n const eventListeners = this.listeners.get(event);\n if (eventListeners) {\n this.listeners.set(\n event,\n eventListeners.filter((l) => l !== listener),\n );\n }\n }\n\n emit<T>(event: AuthEvent, payload?: T): void {\n (this.listeners.get(event) as AuthEventListener<T>[])?.forEach(\n (listener) => {\n try {\n listener(payload);\n } catch (error) {\n this.logger.error(`Error in event listener for ${event}:`, error);\n }\n },\n );\n }\n\n removeAllListeners(event?: AuthEvent): void {\n if (event) {\n this.listeners.delete(event);\n } else {\n this.listeners.clear();\n }\n }\n}\n"]}
1
+ {"version":3,"file":"AuthenticationEvents.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/AuthenticationEvents.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAIlD,MAAM,OAAO,oBAAoB;IACvB,SAAS,GAAiD,IAAI,GAAG,EAAE,CAAC;IACpE,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IAExC,EAAE,CAAI,KAAgB,EAAE,QAA8B;QACpD,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAChC,CAAC;QACA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAA4B,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IACxE,CAAC;IAED,GAAG,CAAI,KAAgB,EAAE,QAA8B;QACrD,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACjD,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,GAAG,CAChB,KAAK,EACL,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,CAAI,KAAgB,EAAE,OAAW;QAClC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAA4B,EAAE,OAAO,CAC5D,CAAC,QAAQ,EAAE,EAAE;YACX,IAAI,CAAC;gBACH,QAAQ,CAAC,OAAO,CAAC,CAAC;YACpB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,GAAG,EAAE,KAAK,CAAC,CAAC;YACpE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED,kBAAkB,CAAC,KAAiB;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACzB,CAAC;IACH,CAAC;CACF","sourcesContent":["import type { AuthEvent } from \"../types/index.js\";\nimport { createLogger } from \"../utils/logger.js\";\n\nexport type AuthEventListener<T = unknown> = (payload?: T) => void;\n\nexport class AuthenticationEvents {\n private listeners: Map<AuthEvent, AuthEventListener<unknown>[]> = new Map();\n private logger = createLogger(\"events\");\n\n on<T>(event: AuthEvent, listener: AuthEventListener<T>): void {\n if (!this.listeners.has(event)) {\n this.listeners.set(event, []);\n }\n (this.listeners.get(event) as AuthEventListener<T>[])?.push(listener);\n }\n\n off<T>(event: AuthEvent, listener: AuthEventListener<T>): void {\n const eventListeners = this.listeners.get(event);\n if (eventListeners) {\n this.listeners.set(\n event,\n eventListeners.filter((l) => l !== listener),\n );\n }\n }\n\n emit<T>(event: AuthEvent, payload?: T): void {\n (this.listeners.get(event) as AuthEventListener<T>[])?.forEach(\n (listener) => {\n try {\n listener(payload);\n } catch (error) {\n this.logger.error(`Error in event listener for ${event}:`, error);\n }\n },\n );\n }\n\n removeAllListeners(event?: AuthEvent): void {\n if (event) {\n this.listeners.delete(event);\n } else {\n this.listeners.clear();\n }\n }\n}\n"]}