@civic/auth 0.7.0 → 0.7.1-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/CHANGELOG.md +5 -0
  2. package/README.md +19 -1
  3. package/dist/nextjs/config.d.ts +1 -0
  4. package/dist/nextjs/config.d.ts.map +1 -1
  5. package/dist/nextjs/config.js +1 -1
  6. package/dist/nextjs/config.js.map +1 -1
  7. package/dist/nextjs/hooks/useRefresh.d.ts.map +1 -1
  8. package/dist/nextjs/hooks/useRefresh.js +7 -1
  9. package/dist/nextjs/hooks/useRefresh.js.map +1 -1
  10. package/dist/nextjs/routeHandler.d.ts.map +1 -1
  11. package/dist/nextjs/routeHandler.js +7 -0
  12. package/dist/nextjs/routeHandler.js.map +1 -1
  13. package/dist/reactjs/components/SignInButton.d.ts.map +1 -1
  14. package/dist/reactjs/components/SignInButton.js +8 -3
  15. package/dist/reactjs/components/SignInButton.js.map +1 -1
  16. package/dist/reactjs/components/SignOutButton.d.ts.map +1 -1
  17. package/dist/reactjs/components/SignOutButton.js +3 -1
  18. package/dist/reactjs/components/SignOutButton.js.map +1 -1
  19. package/dist/reactjs/components/UserButton.d.ts.map +1 -1
  20. package/dist/reactjs/components/UserButton.js +11 -6
  21. package/dist/reactjs/components/UserButton.js.map +1 -1
  22. package/dist/reactjs/components/index.d.ts +5 -5
  23. package/dist/reactjs/components/index.d.ts.map +1 -1
  24. package/dist/reactjs/components/index.js +5 -5
  25. package/dist/reactjs/components/index.js.map +1 -1
  26. package/dist/reactjs/core/GlobalAuthManager.d.ts +120 -0
  27. package/dist/reactjs/core/GlobalAuthManager.d.ts.map +1 -0
  28. package/dist/reactjs/core/GlobalAuthManager.js +296 -0
  29. package/dist/reactjs/core/GlobalAuthManager.js.map +1 -0
  30. package/dist/reactjs/hooks/index.d.ts +2 -2
  31. package/dist/reactjs/hooks/index.d.ts.map +1 -1
  32. package/dist/reactjs/hooks/index.js +2 -2
  33. package/dist/reactjs/hooks/index.js.map +1 -1
  34. package/dist/reactjs/hooks/useToken.d.ts +13 -0
  35. package/dist/reactjs/hooks/useToken.d.ts.map +1 -0
  36. package/dist/reactjs/hooks/useToken.js +48 -0
  37. package/dist/reactjs/hooks/useToken.js.map +1 -0
  38. package/dist/reactjs/hooks/useUser.d.ts +20 -2
  39. package/dist/reactjs/hooks/useUser.d.ts.map +1 -1
  40. package/dist/reactjs/hooks/useUser.js +163 -7
  41. package/dist/reactjs/hooks/useUser.js.map +1 -1
  42. package/dist/reactjs/index.d.ts +6 -2
  43. package/dist/reactjs/index.d.ts.map +1 -1
  44. package/dist/reactjs/index.js +7 -1
  45. package/dist/reactjs/index.js.map +1 -1
  46. package/dist/reactjs/providers/CivicAuthContext.d.ts +40 -0
  47. package/dist/reactjs/providers/CivicAuthContext.d.ts.map +1 -0
  48. package/dist/reactjs/providers/CivicAuthContext.js +303 -0
  49. package/dist/reactjs/providers/CivicAuthContext.js.map +1 -0
  50. package/dist/reactjs/providers/CivicAuthProvider.d.ts +20 -4
  51. package/dist/reactjs/providers/CivicAuthProvider.d.ts.map +1 -1
  52. package/dist/reactjs/providers/CivicAuthProvider.js +46 -25
  53. package/dist/reactjs/providers/CivicAuthProvider.js.map +1 -1
  54. package/dist/reactjs/providers/index.d.ts +2 -2
  55. package/dist/reactjs/providers/index.d.ts.map +1 -1
  56. package/dist/reactjs/providers/index.js +4 -2
  57. package/dist/reactjs/providers/index.js.map +1 -1
  58. package/dist/server/ServerAuthenticationResolver.d.ts.map +1 -1
  59. package/dist/server/ServerAuthenticationResolver.js +28 -11
  60. package/dist/server/ServerAuthenticationResolver.js.map +1 -1
  61. package/dist/server/config.d.ts +2 -0
  62. package/dist/server/config.d.ts.map +1 -1
  63. package/dist/server/config.js.map +1 -1
  64. package/dist/server/login.d.ts +2 -2
  65. package/dist/server/login.d.ts.map +1 -1
  66. package/dist/server/login.js +7 -2
  67. package/dist/server/login.js.map +1 -1
  68. package/dist/services/AuthenticationService.d.ts +1 -1
  69. package/dist/services/AuthenticationService.d.ts.map +1 -1
  70. package/dist/services/AuthenticationService.js +2 -2
  71. package/dist/services/AuthenticationService.js.map +1 -1
  72. package/dist/shared/components/CivicAuthIframe.js +1 -1
  73. package/dist/shared/components/CivicAuthIframe.js.map +1 -1
  74. package/dist/shared/components/CivicAuthIframeContainer.js +2 -2
  75. package/dist/shared/components/CivicAuthIframeContainer.js.map +1 -1
  76. package/dist/shared/hooks/index.d.ts +1 -2
  77. package/dist/shared/hooks/index.d.ts.map +1 -1
  78. package/dist/shared/hooks/index.js +1 -2
  79. package/dist/shared/hooks/index.js.map +1 -1
  80. package/dist/shared/hooks/useClientTokenExchangeSession.d.ts +7 -0
  81. package/dist/shared/hooks/useClientTokenExchangeSession.d.ts.map +1 -0
  82. package/dist/shared/hooks/useClientTokenExchangeSession.js +17 -0
  83. package/dist/shared/hooks/useClientTokenExchangeSession.js.map +1 -0
  84. package/dist/shared/lib/BrowserAuthenticationRefresher.js +3 -3
  85. package/dist/shared/lib/BrowserAuthenticationRefresher.js.map +1 -1
  86. package/dist/shared/lib/types.d.ts +1 -1
  87. package/dist/shared/lib/types.js +1 -1
  88. package/dist/shared/lib/types.js.map +1 -1
  89. package/dist/shared/lib/util.d.ts +5 -6
  90. package/dist/shared/lib/util.d.ts.map +1 -1
  91. package/dist/shared/lib/util.js +66 -75
  92. package/dist/shared/lib/util.js.map +1 -1
  93. package/dist/shared/providers/CivicAuthConfigContext.d.ts +2 -2
  94. package/dist/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
  95. package/dist/shared/providers/CivicAuthConfigContext.js +1 -1
  96. package/dist/shared/providers/CivicAuthConfigContext.js.map +1 -1
  97. package/dist/shared/providers/TokenProvider.d.ts.map +1 -1
  98. package/dist/shared/providers/TokenProvider.js +4 -7
  99. package/dist/shared/providers/TokenProvider.js.map +1 -1
  100. package/dist/shared/version.d.ts +1 -1
  101. package/dist/shared/version.d.ts.map +1 -1
  102. package/dist/shared/version.js +1 -1
  103. package/dist/shared/version.js.map +1 -1
  104. package/dist/types.d.ts +2 -2
  105. package/dist/types.js.map +1 -1
  106. package/dist/utils.d.ts +8 -0
  107. package/dist/utils.d.ts.map +1 -1
  108. package/dist/utils.js +23 -0
  109. package/dist/utils.js.map +1 -1
  110. package/dist/vanillajs/auth/CivicAuth.d.ts +12 -0
  111. package/dist/vanillajs/auth/CivicAuth.d.ts.map +1 -1
  112. package/dist/vanillajs/auth/CivicAuth.js +88 -5
  113. package/dist/vanillajs/auth/CivicAuth.js.map +1 -1
  114. package/dist/vanillajs/auth/SessionManager.d.ts +7 -1
  115. package/dist/vanillajs/auth/SessionManager.d.ts.map +1 -1
  116. package/dist/vanillajs/auth/SessionManager.js +34 -3
  117. package/dist/vanillajs/auth/SessionManager.js.map +1 -1
  118. package/dist/vanillajs/auth/TokenRefresher.js +2 -2
  119. package/dist/vanillajs/auth/TokenRefresher.js.map +1 -1
  120. package/dist/vanillajs/auth/config/ConfigProcessor.d.ts.map +1 -1
  121. package/dist/vanillajs/auth/config/ConfigProcessor.js +7 -2
  122. package/dist/vanillajs/auth/config/ConfigProcessor.js.map +1 -1
  123. package/dist/vanillajs/auth/types/AuthTypes.d.ts +3 -0
  124. package/dist/vanillajs/auth/types/AuthTypes.d.ts.map +1 -1
  125. package/dist/vanillajs/auth/types/AuthTypes.js.map +1 -1
  126. package/dist/vanillajs/index.d.ts +2 -0
  127. package/dist/vanillajs/index.d.ts.map +1 -1
  128. package/dist/vanillajs/index.js +2 -0
  129. package/dist/vanillajs/index.js.map +1 -1
  130. package/dist/vanillajs/types/index.d.ts +1 -1
  131. package/dist/vanillajs/types/index.d.ts.map +1 -1
  132. package/dist/vanillajs/types/index.js.map +1 -1
  133. package/dist/vanillajs/utils/auth-utils.d.ts +14 -0
  134. package/dist/vanillajs/utils/auth-utils.d.ts.map +1 -1
  135. package/dist/vanillajs/utils/auth-utils.js +39 -0
  136. package/dist/vanillajs/utils/auth-utils.js.map +1 -1
  137. package/package.json +3 -3
  138. package/dist/reactjs/hooks/useClientTokenExchangeSession.d.ts +0 -3
  139. package/dist/reactjs/hooks/useClientTokenExchangeSession.d.ts.map +0 -1
  140. package/dist/reactjs/hooks/useClientTokenExchangeSession.js +0 -13
  141. package/dist/reactjs/hooks/useClientTokenExchangeSession.js.map +0 -1
  142. package/dist/reactjs/providers/AuthProvider.d.ts +0 -10
  143. package/dist/reactjs/providers/AuthProvider.d.ts.map +0 -1
  144. package/dist/reactjs/providers/AuthProvider.js +0 -79
  145. package/dist/reactjs/providers/AuthProvider.js.map +0 -1
  146. package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts +0 -17
  147. package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +0 -1
  148. package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.js +0 -190
  149. package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +0 -1
package/dist/vanillajs/auth/SessionManager.js CHANGED
@@ -48,7 +48,7 @@ export class SessionManager {
48
48
  accessToken: tokens.access_token,
49
49
  idToken: tokens.id_token,
50
50
  refreshToken: tokens.refresh_token ?? undefined,
51
- expiresAt: tokens.access_token_expires_at ?? undefined,
51
+ expiresAt: tokens.oidc_session_expires_at ?? undefined,
52
52
  };
53
53
  }
54
54
  catch (error) {
@@ -77,10 +77,18 @@ export class SessionManager {
77
77
  }
78
78
  /**
79
79
  * Clear all authentication data using shared lib utilities
80
+ * @param preserveLogoutState - If true, preserves logout state for cleanup after redirect
80
81
  */
81
- async clearSession() {
82
+ async clearSession(preserveLogoutState = false) {
82
83
  try {
83
- await clearTokens(this.storage);
84
+ if (preserveLogoutState) {
85
+ // During logout, we need to preserve logout state for cleanup after redirect
86
+ await this.clearTokensExceptLogoutState();
87
+ }
88
+ else {
89
+ // Normal session clearing - clear everything
90
+ await clearTokens(this.storage);
91
+ }
84
92
  // Clear user session using shared utilities
85
93
  const userSession = new GenericUserSession(this.storage);
86
94
  await userSession.clear();
@@ -94,6 +102,29 @@ export class SessionManager {
94
102
  throw error;
95
103
  }
96
104
  }
105
+ /**
106
+ * Clear tokens from storage except logout state
107
+ * This is needed during logout to preserve the logout state for cleanup after redirect
108
+ */
109
+ async clearTokensExceptLogoutState() {
110
+ // Import constants
111
+ const { REFRESH_IN_PROGRESS, AUTOREFRESH_TIMEOUT_NAME } = await import("../../constants.js");
112
+ // Clear all token-related keys except LOGOUT_STATE
113
+ // These are the OAuth token types from the constants
114
+ const keysToDelete = [
115
+ "id_token",
116
+ "access_token",
117
+ "refresh_token",
118
+ "oidc_session_expires_at",
119
+ REFRESH_IN_PROGRESS,
120
+ AUTOREFRESH_TIMEOUT_NAME,
121
+ // Note: NOT clearing LOGOUT_STATE here - it's needed for cleanup after redirect
122
+ ];
123
+ const clearPromises = keysToDelete.map(async (key) => {
124
+ await this.storage.delete(key);
125
+ });
126
+ await Promise.all(clearPromises);
127
+ }
97
128
  /**
98
129
  * Manually trigger token refresh
99
130
  */
package/dist/vanillajs/auth/SessionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SessionManager.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvE,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,MAAM,OAAO,cAAc;IACjB,OAAO,CAAc;IACrB,MAAM,CAAuB;IAC7B,cAAc,CAAkB;IAChC,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;IAEzC,YAAY,cAA2B,EAAE,MAA4B;QACnE,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,wBAAwB,CAAC,UAAsB;QACnD,IAAI,CAAC;YACH,6BAA6B;YAC7B,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CACtC,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,MAAM,EACX,UAAU,CACX,CAAC;YACF,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YAEjD,mCAAmC;YACnC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;YACrD,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC;YAE5D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uDAAuD,EACvD,KAAK,CACN,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB;QACrB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAEzC,IAAI,CAAC,MAAM,EAAE,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sDAAsD,CACvD,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,OAAO,EAAE,MAAM,CAAC,QAAQ;gBACxB,YAAY,EAAE,MAAM,CAAC,aAAa,IAAI,SAAS;gBAC/C,SAAS,EAAE,MAAM,CAAC,uBAAuB,IAAI,SAAS;aACvD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;YACxE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC;YACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;YACpE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC;YACH,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEhC,4CAA4C;YAC5C,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;YAE1B,+CAA+C;YAC/C,IAAI,CAAC,cAAc,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAEnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC;YACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QACjE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;YACrD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,sBAAsB;QAKpB,OAAO,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,CAAC;QACrC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC/C,CAAC;CACF","sourcesContent":["import type { AuthStorage } from \"../../types.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport type { User, Session } from \"../types/index.js\"; // Assuming Session might be used internally\nimport { AuthEvent } from \"../types/index.js\";\nimport { createLogger } from \"../utils/logger.js\";\nimport { TokenRefresher } from \"./TokenRefresher.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\nimport { retrieveTokens, clearTokens } from \"../../shared/lib/util.js\";\nimport { getUser } from \"../../shared/lib/session.js\";\nimport { GenericUserSession } from \"../../shared/lib/UserSession.js\";\n\nexport class SessionManager {\n private storage: AuthStorage;\n private events: AuthenticationEvents;\n private tokenRefresher?: TokenRefresher;\n private logger = createLogger(\"session\");\n\n constructor(storageAdapter: AuthStorage, events: AuthenticationEvents) {\n this.storage = storageAdapter;\n this.events = events;\n this.logger.info(\n \"SessionManager initialized with shared lib token storage\",\n );\n }\n\n /**\n * Initialize the session manager with auth configuration to enable token refresh\n */\n async initializeWithAuthConfig(authConfig: AuthConfig): Promise<void> {\n try {\n // Initialize token refresher\n this.tokenRefresher = new TokenRefresher(\n this.storage,\n this.events,\n authConfig,\n );\n await this.tokenRefresher.initialize(authConfig);\n\n // Set current authentication state\n const isAuthenticated = await this.isAuthenticated();\n this.tokenRefresher.setAuthenticationState(isAuthenticated);\n\n this.logger.info(\n \"SessionManager initialized with token refresh capability\",\n );\n } catch (error) {\n this.logger.error(\n \"Failed to initialize SessionManager with auth config:\",\n error,\n );\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n }\n }\n\n /**\n * Build current session from shared lib storage\n */\n async getCurrentSession(): Promise<Session | null> {\n try {\n const tokens = await retrieveTokens(this.storage);\n const user = await this.getCurrentUser();\n\n if (!tokens?.id_token || !user) {\n this.logger.warn(\n \"No id_token or user available, cannot create session\",\n );\n return null;\n }\n\n return {\n user,\n accessToken: tokens.access_token,\n idToken: tokens.id_token,\n refreshToken: tokens.refresh_token ?? undefined,\n expiresAt: tokens.access_token_expires_at ?? undefined,\n };\n } catch (error) {\n this.logger.error(\"Failed to load session from shared storage:\", error);\n return null;\n }\n }\n\n /**\n * Check if user is authenticated using shared lib utilities\n */\n async isAuthenticated(): Promise<boolean> {\n const tokens = await retrieveTokens(this.storage);\n return !!tokens?.id_token;\n }\n\n /**\n * Get current user from shared lib storage\n */\n async getCurrentUser(): Promise<User | null> {\n try {\n return await getUser(this.storage);\n } catch (error) {\n this.logger.error(\"Failed to get user from shared storage:\", error);\n return null;\n }\n }\n\n /**\n * Clear all authentication data using shared lib utilities\n */\n async clearSession(): Promise<void> {\n try {\n await clearTokens(this.storage);\n\n // Clear user session using shared utilities\n const userSession = new GenericUserSession(this.storage);\n await userSession.clear();\n\n // Stop token refresher when session is cleared\n this.tokenRefresher?.setAuthenticationState(false);\n\n this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);\n this.logger.info(\"Session cleared using shared lib utilities\");\n } catch (error) {\n this.logger.error(\"Failed to clear session:\", error);\n throw error;\n }\n }\n\n /**\n * Manually trigger token refresh\n */\n async refreshTokens(): Promise<void> {\n if (!this.tokenRefresher) {\n throw new Error(\n \"Token refresher not initialized. Call initializeWithAuthConfig first.\",\n );\n }\n\n return this.tokenRefresher.refreshTokens();\n }\n\n /**\n * Get token refresher state for debugging\n */\n getTokenRefresherState(): {\n isInitialized: boolean;\n isAuthenticated: boolean;\n isAutoRefreshActive: boolean;\n } | null {\n return this.tokenRefresher?.getState() || null;\n }\n\n /**\n * Clean up resources when session manager is destroyed\n */\n async destroy(): Promise<void> {\n await this.tokenRefresher?.destroy();\n this.tokenRefresher = undefined;\n this.logger.info(\"SessionManager destroyed\");\n }\n}\n"]}
1
+ {"version":3,"file":"SessionManager.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/SessionManager.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvE,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,MAAM,OAAO,cAAc;IACjB,OAAO,CAAc;IACrB,MAAM,CAAuB;IAC7B,cAAc,CAAkB;IAChC,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;IAEzC,YAAY,cAA2B,EAAE,MAA4B;QACnE,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,wBAAwB,CAAC,UAAsB;QACnD,IAAI,CAAC;YACH,6BAA6B;YAC7B,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CACtC,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,MAAM,EACX,UAAU,CACX,CAAC;YACF,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YAEjD,mCAAmC;YACnC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;YACrD,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC;YAE5D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uDAAuD,EACvD,KAAK,CACN,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB;QACrB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAEzC,IAAI,CAAC,MAAM,EAAE,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sDAAsD,CACvD,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,OAAO,EAAE,MAAM,CAAC,QAAQ;gBACxB,YAAY,EAAE,MAAM,CAAC,aAAa,IAAI,SAAS;gBAC/C,SAAS,EAAE,MAAM,CAAC,uBAAuB,IAAI,SAAS;aACvD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;YACxE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC;YACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;YACpE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,sBAA+B,KAAK;QACrD,IAAI,CAAC;YACH,IAAI,mBAAmB,EAAE,CAAC;gBACxB,6EAA6E;gBAC7E,MAAM,IAAI,CAAC,4BAA4B,EAAE,CAAC;YAC5C,CAAC;iBAAM,CAAC;gBACN,6CAA6C;gBAC7C,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAClC,CAAC;YAED,4CAA4C;YAC5C,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;YAE1B,+CAA+C;YAC/C,IAAI,CAAC,cAAc,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAEnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC;YACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QACjE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;YACrD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,4BAA4B;QACxC,mBAAmB;QACnB,MAAM,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,GAAG,MAAM,MAAM,CACpE,oBAAoB,CACrB,CAAC;QAEF,mDAAmD;QACnD,qDAAqD;QACrD,MAAM,YAAY,GAAG;YACnB,UAAU;YACV,cAAc;YACd,eAAe;YACf,yBAAyB;YACzB,mBAAmB;YACnB,wBAAwB;YACxB,gFAAgF;SACjF,CAAC;QAEF,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;YACnD,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,sBAAsB;QAKpB,OAAO,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,CAAC;QACrC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC/C,CAAC;CACF","sourcesContent":["import type { AuthStorage } from \"../../types.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport type { User, Session } from \"../types/index.js\"; // Assuming Session might be used internally\nimport { AuthEvent } from \"../types/index.js\";\nimport { createLogger } from \"../utils/logger.js\";\nimport { TokenRefresher } from \"./TokenRefresher.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\nimport { retrieveTokens, clearTokens } from \"../../shared/lib/util.js\";\nimport { getUser } from \"../../shared/lib/session.js\";\nimport { GenericUserSession } from \"../../shared/lib/UserSession.js\";\n\nexport class SessionManager {\n private storage: AuthStorage;\n private events: AuthenticationEvents;\n private tokenRefresher?: TokenRefresher;\n private logger = createLogger(\"session\");\n\n constructor(storageAdapter: AuthStorage, events: AuthenticationEvents) {\n this.storage = storageAdapter;\n this.events = events;\n this.logger.info(\n \"SessionManager initialized with shared lib token storage\",\n );\n }\n\n /**\n * Initialize the session manager with auth configuration to enable token refresh\n */\n async initializeWithAuthConfig(authConfig: AuthConfig): Promise<void> {\n try {\n // Initialize token refresher\n this.tokenRefresher = new TokenRefresher(\n this.storage,\n this.events,\n authConfig,\n );\n await this.tokenRefresher.initialize(authConfig);\n\n // Set current authentication state\n const isAuthenticated = await this.isAuthenticated();\n this.tokenRefresher.setAuthenticationState(isAuthenticated);\n\n this.logger.info(\n \"SessionManager initialized with token refresh capability\",\n );\n } catch (error) {\n this.logger.error(\n \"Failed to initialize SessionManager with auth config:\",\n error,\n );\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n }\n }\n\n /**\n * Build current session from shared lib storage\n */\n async getCurrentSession(): Promise<Session | null> {\n try {\n const tokens = await retrieveTokens(this.storage);\n const user = await this.getCurrentUser();\n\n if (!tokens?.id_token || !user) {\n this.logger.warn(\n \"No id_token or user available, cannot create session\",\n );\n return null;\n }\n\n return {\n user,\n accessToken: tokens.access_token,\n idToken: tokens.id_token,\n refreshToken: tokens.refresh_token ?? undefined,\n expiresAt: tokens.oidc_session_expires_at ?? undefined,\n };\n } catch (error) {\n this.logger.error(\"Failed to load session from shared storage:\", error);\n return null;\n }\n }\n\n /**\n * Check if user is authenticated using shared lib utilities\n */\n async isAuthenticated(): Promise<boolean> {\n const tokens = await retrieveTokens(this.storage);\n return !!tokens?.id_token;\n }\n\n /**\n * Get current user from shared lib storage\n */\n async getCurrentUser(): Promise<User | null> {\n try {\n return await getUser(this.storage);\n } catch (error) {\n this.logger.error(\"Failed to get user from shared storage:\", error);\n return null;\n }\n }\n\n /**\n * Clear all authentication data using shared lib utilities\n * @param preserveLogoutState - If true, preserves logout state for cleanup after redirect\n */\n async clearSession(preserveLogoutState: boolean = false): Promise<void> {\n try {\n if (preserveLogoutState) {\n // During logout, we need to preserve logout state for cleanup after redirect\n await this.clearTokensExceptLogoutState();\n } else {\n // Normal session clearing - clear everything\n await clearTokens(this.storage);\n }\n\n // Clear user session using shared utilities\n const userSession = new GenericUserSession(this.storage);\n await userSession.clear();\n\n // Stop token refresher when session is cleared\n this.tokenRefresher?.setAuthenticationState(false);\n\n this.events.emit(AuthEvent.USER_SESSION_CHANGED, null);\n this.logger.info(\"Session cleared using shared lib utilities\");\n } catch (error) {\n this.logger.error(\"Failed to clear session:\", error);\n throw error;\n }\n }\n\n /**\n * Clear tokens from storage except logout state\n * This is needed during logout to preserve the logout state for cleanup after redirect\n */\n private async clearTokensExceptLogoutState(): Promise<void> {\n // Import constants\n const { REFRESH_IN_PROGRESS, AUTOREFRESH_TIMEOUT_NAME } = await import(\n \"../../constants.js\"\n );\n\n // Clear all token-related keys except LOGOUT_STATE\n // These are the OAuth token types from the constants\n const keysToDelete = [\n \"id_token\",\n \"access_token\",\n \"refresh_token\",\n \"oidc_session_expires_at\",\n REFRESH_IN_PROGRESS,\n AUTOREFRESH_TIMEOUT_NAME,\n // Note: NOT clearing LOGOUT_STATE here - it's needed for cleanup after redirect\n ];\n\n const clearPromises = keysToDelete.map(async (key) => {\n await this.storage.delete(key);\n });\n\n await Promise.all(clearPromises);\n }\n\n /**\n * Manually trigger token refresh\n */\n async refreshTokens(): Promise<void> {\n if (!this.tokenRefresher) {\n throw new Error(\n \"Token refresher not initialized. Call initializeWithAuthConfig first.\",\n );\n }\n\n return this.tokenRefresher.refreshTokens();\n }\n\n /**\n * Get token refresher state for debugging\n */\n getTokenRefresherState(): {\n isInitialized: boolean;\n isAuthenticated: boolean;\n isAutoRefreshActive: boolean;\n } | null {\n return this.tokenRefresher?.getState() || null;\n }\n\n /**\n * Clean up resources when session manager is destroyed\n */\n async destroy(): Promise<void> {\n await this.tokenRefresher?.destroy();\n this.tokenRefresher = undefined;\n this.logger.info(\"SessionManager destroyed\");\n }\n}\n"]}
package/dist/vanillajs/auth/TokenRefresher.js CHANGED
@@ -1,7 +1,7 @@
1
1
  import { AuthEvent } from "../types/index.js";
2
2
  import { BrowserAuthenticationRefresher, } from "../../shared/lib/BrowserAuthenticationRefresher.js";
3
3
  import { createLogger } from "../utils/logger.js";
4
- import { retrieveAccessTokenExpiresAt } from "../../shared/lib/util.js";
4
+ import { retrieveOidcSessionExpiredAt } from "../../shared/lib/util.js";
5
5
  /**
6
6
  * TokenRefresher handles automatic token refresh for vanilla.js implementation
7
7
  * Inspired by the React useRefresh hook and BrowserAuthenticationRefresher
@@ -112,7 +112,7 @@ export class TokenRefresher {
112
112
  try {
113
113
  // Calculate when the next refresh will happen (same logic as BrowserAuthenticationRefresher)
114
114
  const now = Math.floor(Date.now() / 1000);
115
- const expiresAt = (await retrieveAccessTokenExpiresAt(this.storage)) || now + 60;
115
+ const expiresAt = (await retrieveOidcSessionExpiredAt(this.storage)) || now + 60;
116
116
  const bufferTime = 30; // 30 seconds buffer
117
117
  const refreshTime = Math.max(0, expiresAt - bufferTime - now);
118
118
  const nextRefreshDate = new Date((now + refreshTime) * 1000);
package/dist/vanillajs/auth/TokenRefresher.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"TokenRefresher.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/TokenRefresher.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EACL,8BAA8B,GAE/B,MAAM,oDAAoD,CAAC;AAE5D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,4BAA4B,EAAE,MAAM,0BAA0B,CAAC;AAExE;;;GAGG;AACH,MAAM,OAAO,cAAc;IACjB,SAAS,CAAkC;IAC3C,OAAO,CAAc;IACrB,MAAM,CAAuB;IAC7B,UAAU,CAAc;IACxB,eAAe,GAAY,KAAK,CAAC;IACjC,WAAW,GAAY,KAAK,CAAC;IAC7B,MAAM,GAAG,YAAY,CAAC,eAAe,CAAC,CAAC;IAE/C,YACE,OAAoB,EACpB,MAA4B,EAC5B,UAAuB;QAEvB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,UAAsB;QACrC,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,IAAI,CAAC;YACH,+BAA+B;YAC/B,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAErB,MAAM,OAAO,GAAG,KAAK,EAAE,KAAY,EAAE,EAAE;gBACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;gBACjD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;gBAEvD,8BAA8B;gBAC9B,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,CAAC;gBAEnC,uDAAuD;gBACvD,iDAAiD;gBACjD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;YACrD,CAAC,CAAC;YAEF,sCAAsC;YACtC,MAAM,qBAAqB,GAA0B;gBACnD,gBAAgB,EAAE,GAAG,EAAE;oBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;oBAC/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAC;gBAC1D,CAAC;gBACD,iBAAiB,EAAE,GAAG,EAAE;oBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;oBACjD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,sBAAsB,EAAE,IAAI,CAAC,CAAC;gBAC3D,CAAC;gBACD,cAAc,EAAE,CAAC,KAAY,EAAE,EAAE;oBAC/B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;oBACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;gBACzD,CAAC;aACF,CAAC;YAEF,IAAI,CAAC,SAAS,GAAG,MAAM,8BAA8B,CAAC,KAAK,CACzD,UAAU,EACV,IAAI,CAAC,OAAO,EACZ,OAAO,EACP,SAAS,EAAE,oBAAoB;YAC/B,qBAAqB,CACtB,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;YACjE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,eAAwB;QAC7C,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QAEvC,IAAI,eAAe,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,sFAAsF;YACtF,kCAAkC;YAClC,IAAI,CAAC,gBAAgB,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACtC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YAC3D,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,eAAe,EAAE,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,MAAM,QAAQ,GAAG,6DAA6D,IAAI,CAAC,WAAW,mBAAmB,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpI,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAC;YAExD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAElD,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC;YAErC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,sBAAsB,EAAE,IAAI,CAAC,CAAC;YACzD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QACrD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YACzD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;YACvD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,gBAAgB;QAC5B,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YAErD,IAAI,CAAC;gBACH,6FAA6F;gBAC7F,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;gBAC1C,MAAM,SAAS,GACb,CAAC,MAAM,4BAA4B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,GAAG,GAAG,EAAE,CAAC;gBACjE,MAAM,UAAU,GAAG,EAAE,CAAC,CAAC,oBAAoB;gBAC3C,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC;gBAE9D,MAAM,eAAe,GAAG,IAAI,IAAI,CAAC,CAAC,GAAG,GAAG,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC7D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,qCAAqC,eAAe,CAAC,WAAW,EAAE,QAAQ,WAAW,WAAW,CACjG,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC;YACpE,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;QACpC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,eAAe;QACrB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YACrD,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;QACpC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAE/C,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;YAClC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,QAAQ;QAKN,OAAO;YACL,aAAa,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,mBAAmB,EAAE,IAAI,CAAC,eAAe,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS;SAC9D,CAAC;IACJ,CAAC;CACF","sourcesContent":["import type { AuthStorage } from \"../../types.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport { AuthEvent } from \"../types/index.js\";\nimport {\n BrowserAuthenticationRefresher,\n type RefreshEventCallbacks,\n} from \"../../shared/lib/BrowserAuthenticationRefresher.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\nimport { createLogger } from \"../utils/logger.js\";\nimport { retrieveAccessTokenExpiresAt } from \"../../shared/lib/util.js\";\n\n/**\n * TokenRefresher handles automatic token refresh for vanilla.js implementation\n * Inspired by the React useRefresh hook and BrowserAuthenticationRefresher\n */\nexport class TokenRefresher {\n private refresher?: BrowserAuthenticationRefresher;\n private storage: AuthStorage;\n private events: AuthenticationEvents;\n private authConfig?: AuthConfig;\n private isAuthenticated: boolean = false;\n private isDestroyed: boolean = false;\n private logger = createLogger(\"token-refresh\");\n\n constructor(\n storage: AuthStorage,\n events: AuthenticationEvents,\n authConfig?: AuthConfig,\n ) {\n this.storage = storage;\n this.events = events;\n this.authConfig = authConfig;\n\n this.logger.info(\"TokenRefresher initialized\");\n }\n\n /**\n * Initialize the token refresher with auth configuration\n */\n async initialize(authConfig: AuthConfig): Promise<void> {\n if (this.isDestroyed) return;\n\n this.authConfig = authConfig;\n\n try {\n // Clear any existing refresher\n await this.cleanup();\n\n const onError = async (error: Error) => {\n this.logger.error(\"Token refresh error:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n\n // Clear auto-refresh on error\n this.refresher?.clearAutorefresh();\n\n // Optionally sign out the user on refresh token errors\n // This mirrors the React implementation behavior\n this.events.emit(AuthEvent.SIGN_OUT_STARTED, null);\n };\n\n // Create callbacks for refresh events\n const refreshEventCallbacks: RefreshEventCallbacks = {\n onRefreshStarted: () => {\n this.logger.info(\"Auto token refresh started\");\n this.events.emit(AuthEvent.TOKEN_REFRESH_STARTED, null);\n },\n onRefreshComplete: () => {\n this.logger.info(\"Auto token refresh completed\");\n this.events.emit(AuthEvent.TOKEN_REFRESH_COMPLETE, null);\n },\n onRefreshError: (error: Error) => {\n this.logger.error(\"Auto token refresh failed:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n },\n };\n\n this.refresher = await BrowserAuthenticationRefresher.build(\n authConfig,\n this.storage,\n onError,\n undefined, // endpointOverrides\n refreshEventCallbacks,\n );\n\n this.logger.info(\"TokenRefresher initialized\");\n } catch (error) {\n this.logger.error(\"Failed to initialize TokenRefresher:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n }\n }\n\n /**\n * Set authentication state and manage auto-refresh accordingly\n */\n setAuthenticationState(isAuthenticated: boolean): void {\n if (this.isDestroyed) return;\n\n this.isAuthenticated = isAuthenticated;\n\n if (isAuthenticated && this.refresher) {\n // Fire and forget the async call - we don't want to make setAuthenticationState async\n // as it would break the interface\n this.startAutoRefresh().catch((error) => {\n this.logger.error(\"Error starting auto refresh:\", error);\n });\n } else {\n this.stopAutoRefresh();\n }\n }\n\n /**\n * Manually refresh tokens\n */\n async refreshTokens(): Promise<void> {\n if (this.isDestroyed || !this.refresher) {\n const errorMsg = `TokenRefresher not initialized or destroyed. isDestroyed: ${this.isDestroyed}, hasRefresher: ${!!this.refresher}`;\n this.logger.error(errorMsg);\n throw new Error(errorMsg);\n }\n\n try {\n this.events.emit(AuthEvent.TOKEN_REFRESH_STARTED, null);\n\n this.logger.info(\"Starting manual token refresh\");\n\n await this.refresher.refreshTokens();\n\n this.events.emit(AuthEvent.TOKEN_REFRESH_COMPLETE, null);\n this.logger.info(\"Manual token refresh completed\");\n } catch (error) {\n this.logger.error(\"Manual token refresh failed:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n throw error;\n }\n }\n\n /**\n * Start automatic token refresh\n */\n private async startAutoRefresh(): Promise<void> {\n if (this.refresher && this.isAuthenticated) {\n this.logger.info(\"Starting automatic token refresh\");\n\n try {\n // Calculate when the next refresh will happen (same logic as BrowserAuthenticationRefresher)\n const now = Math.floor(Date.now() / 1000);\n const expiresAt =\n (await retrieveAccessTokenExpiresAt(this.storage)) || now + 60;\n const bufferTime = 30; // 30 seconds buffer\n const refreshTime = Math.max(0, expiresAt - bufferTime - now);\n\n const nextRefreshDate = new Date((now + refreshTime) * 1000);\n this.logger.info(\n `Next token refresh scheduled for: ${nextRefreshDate.toISOString()} (in ${refreshTime} seconds)`,\n );\n } catch (error) {\n this.logger.warn(\"Could not calculate next refresh time:\", error);\n }\n\n this.refresher.setupAutorefresh();\n }\n }\n\n /**\n * Stop automatic token refresh\n */\n private stopAutoRefresh(): void {\n if (this.refresher) {\n this.logger.info(\"Stopping automatic token refresh\");\n this.refresher.clearAutorefresh();\n }\n }\n\n /**\n * Clean up resources\n */\n async cleanup(): Promise<void> {\n this.logger.info(\"Cleaning up TokenRefresher\");\n\n if (this.refresher) {\n this.refresher.clearAutorefresh();\n this.refresher = undefined;\n }\n\n this.isAuthenticated = false;\n }\n\n /**\n * Destroy the token refresher permanently\n */\n async destroy(): Promise<void> {\n this.isDestroyed = true;\n await this.cleanup();\n this.logger.info(\"TokenRefresher destroyed\");\n }\n\n /**\n * Get current refresh state\n */\n getState(): {\n isInitialized: boolean;\n isAuthenticated: boolean;\n isAutoRefreshActive: boolean;\n } {\n return {\n isInitialized: !!this.refresher,\n isAuthenticated: this.isAuthenticated,\n isAutoRefreshActive: this.isAuthenticated && !!this.refresher,\n };\n }\n}\n"]}
1
+ {"version":3,"file":"TokenRefresher.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/TokenRefresher.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EACL,8BAA8B,GAE/B,MAAM,oDAAoD,CAAC;AAE5D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,4BAA4B,EAAE,MAAM,0BAA0B,CAAC;AAExE;;;GAGG;AACH,MAAM,OAAO,cAAc;IACjB,SAAS,CAAkC;IAC3C,OAAO,CAAc;IACrB,MAAM,CAAuB;IAC7B,UAAU,CAAc;IACxB,eAAe,GAAY,KAAK,CAAC;IACjC,WAAW,GAAY,KAAK,CAAC;IAC7B,MAAM,GAAG,YAAY,CAAC,eAAe,CAAC,CAAC;IAE/C,YACE,OAAoB,EACpB,MAA4B,EAC5B,UAAuB;QAEvB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,UAAsB;QACrC,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,IAAI,CAAC;YACH,+BAA+B;YAC/B,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAErB,MAAM,OAAO,GAAG,KAAK,EAAE,KAAY,EAAE,EAAE;gBACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;gBACjD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;gBAEvD,8BAA8B;gBAC9B,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,CAAC;gBAEnC,uDAAuD;gBACvD,iDAAiD;gBACjD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;YACrD,CAAC,CAAC;YAEF,sCAAsC;YACtC,MAAM,qBAAqB,GAA0B;gBACnD,gBAAgB,EAAE,GAAG,EAAE;oBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;oBAC/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAC;gBAC1D,CAAC;gBACD,iBAAiB,EAAE,GAAG,EAAE;oBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;oBACjD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,sBAAsB,EAAE,IAAI,CAAC,CAAC;gBAC3D,CAAC;gBACD,cAAc,EAAE,CAAC,KAAY,EAAE,EAAE;oBAC/B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;oBACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;gBACzD,CAAC;aACF,CAAC;YAEF,IAAI,CAAC,SAAS,GAAG,MAAM,8BAA8B,CAAC,KAAK,CACzD,UAAU,EACV,IAAI,CAAC,OAAO,EACZ,OAAO,EACP,SAAS,EAAE,oBAAoB;YAC/B,qBAAqB,CACtB,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;YACjE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,eAAwB;QAC7C,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QAEvC,IAAI,eAAe,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,sFAAsF;YACtF,kCAAkC;YAClC,IAAI,CAAC,gBAAgB,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACtC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YAC3D,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,eAAe,EAAE,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,MAAM,QAAQ,GAAG,6DAA6D,IAAI,CAAC,WAAW,mBAAmB,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpI,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAC;YAExD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAElD,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC;YAErC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,sBAAsB,EAAE,IAAI,CAAC,CAAC;YACzD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QACrD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YACzD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;YACvD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,gBAAgB;QAC5B,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YAErD,IAAI,CAAC;gBACH,6FAA6F;gBAC7F,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;gBAC1C,MAAM,SAAS,GACb,CAAC,MAAM,4BAA4B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,GAAG,GAAG,EAAE,CAAC;gBACjE,MAAM,UAAU,GAAG,EAAE,CAAC,CAAC,oBAAoB;gBAC3C,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC;gBAE9D,MAAM,eAAe,GAAG,IAAI,IAAI,CAAC,CAAC,GAAG,GAAG,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC7D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,qCAAqC,eAAe,CAAC,WAAW,EAAE,QAAQ,WAAW,WAAW,CACjG,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC;YACpE,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;QACpC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,eAAe;QACrB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YACrD,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;QACpC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAE/C,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;YAClC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,QAAQ;QAKN,OAAO;YACL,aAAa,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,mBAAmB,EAAE,IAAI,CAAC,eAAe,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS;SAC9D,CAAC;IACJ,CAAC;CACF","sourcesContent":["import type { AuthStorage } from \"../../types.js\";\nimport type { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport { AuthEvent } from \"../types/index.js\";\nimport {\n BrowserAuthenticationRefresher,\n type RefreshEventCallbacks,\n} from \"../../shared/lib/BrowserAuthenticationRefresher.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\nimport { createLogger } from \"../utils/logger.js\";\nimport { retrieveOidcSessionExpiredAt } from \"../../shared/lib/util.js\";\n\n/**\n * TokenRefresher handles automatic token refresh for vanilla.js implementation\n * Inspired by the React useRefresh hook and BrowserAuthenticationRefresher\n */\nexport class TokenRefresher {\n private refresher?: BrowserAuthenticationRefresher;\n private storage: AuthStorage;\n private events: AuthenticationEvents;\n private authConfig?: AuthConfig;\n private isAuthenticated: boolean = false;\n private isDestroyed: boolean = false;\n private logger = createLogger(\"token-refresh\");\n\n constructor(\n storage: AuthStorage,\n events: AuthenticationEvents,\n authConfig?: AuthConfig,\n ) {\n this.storage = storage;\n this.events = events;\n this.authConfig = authConfig;\n\n this.logger.info(\"TokenRefresher initialized\");\n }\n\n /**\n * Initialize the token refresher with auth configuration\n */\n async initialize(authConfig: AuthConfig): Promise<void> {\n if (this.isDestroyed) return;\n\n this.authConfig = authConfig;\n\n try {\n // Clear any existing refresher\n await this.cleanup();\n\n const onError = async (error: Error) => {\n this.logger.error(\"Token refresh error:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n\n // Clear auto-refresh on error\n this.refresher?.clearAutorefresh();\n\n // Optionally sign out the user on refresh token errors\n // This mirrors the React implementation behavior\n this.events.emit(AuthEvent.SIGN_OUT_STARTED, null);\n };\n\n // Create callbacks for refresh events\n const refreshEventCallbacks: RefreshEventCallbacks = {\n onRefreshStarted: () => {\n this.logger.info(\"Auto token refresh started\");\n this.events.emit(AuthEvent.TOKEN_REFRESH_STARTED, null);\n },\n onRefreshComplete: () => {\n this.logger.info(\"Auto token refresh completed\");\n this.events.emit(AuthEvent.TOKEN_REFRESH_COMPLETE, null);\n },\n onRefreshError: (error: Error) => {\n this.logger.error(\"Auto token refresh failed:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n },\n };\n\n this.refresher = await BrowserAuthenticationRefresher.build(\n authConfig,\n this.storage,\n onError,\n undefined, // endpointOverrides\n refreshEventCallbacks,\n );\n\n this.logger.info(\"TokenRefresher initialized\");\n } catch (error) {\n this.logger.error(\"Failed to initialize TokenRefresher:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n }\n }\n\n /**\n * Set authentication state and manage auto-refresh accordingly\n */\n setAuthenticationState(isAuthenticated: boolean): void {\n if (this.isDestroyed) return;\n\n this.isAuthenticated = isAuthenticated;\n\n if (isAuthenticated && this.refresher) {\n // Fire and forget the async call - we don't want to make setAuthenticationState async\n // as it would break the interface\n this.startAutoRefresh().catch((error) => {\n this.logger.error(\"Error starting auto refresh:\", error);\n });\n } else {\n this.stopAutoRefresh();\n }\n }\n\n /**\n * Manually refresh tokens\n */\n async refreshTokens(): Promise<void> {\n if (this.isDestroyed || !this.refresher) {\n const errorMsg = `TokenRefresher not initialized or destroyed. isDestroyed: ${this.isDestroyed}, hasRefresher: ${!!this.refresher}`;\n this.logger.error(errorMsg);\n throw new Error(errorMsg);\n }\n\n try {\n this.events.emit(AuthEvent.TOKEN_REFRESH_STARTED, null);\n\n this.logger.info(\"Starting manual token refresh\");\n\n await this.refresher.refreshTokens();\n\n this.events.emit(AuthEvent.TOKEN_REFRESH_COMPLETE, null);\n this.logger.info(\"Manual token refresh completed\");\n } catch (error) {\n this.logger.error(\"Manual token refresh failed:\", error);\n this.events.emit(AuthEvent.TOKEN_REFRESH_ERROR, error);\n throw error;\n }\n }\n\n /**\n * Start automatic token refresh\n */\n private async startAutoRefresh(): Promise<void> {\n if (this.refresher && this.isAuthenticated) {\n this.logger.info(\"Starting automatic token refresh\");\n\n try {\n // Calculate when the next refresh will happen (same logic as BrowserAuthenticationRefresher)\n const now = Math.floor(Date.now() / 1000);\n const expiresAt =\n (await retrieveOidcSessionExpiredAt(this.storage)) || now + 60;\n const bufferTime = 30; // 30 seconds buffer\n const refreshTime = Math.max(0, expiresAt - bufferTime - now);\n\n const nextRefreshDate = new Date((now + refreshTime) * 1000);\n this.logger.info(\n `Next token refresh scheduled for: ${nextRefreshDate.toISOString()} (in ${refreshTime} seconds)`,\n );\n } catch (error) {\n this.logger.warn(\"Could not calculate next refresh time:\", error);\n }\n\n this.refresher.setupAutorefresh();\n }\n }\n\n /**\n * Stop automatic token refresh\n */\n private stopAutoRefresh(): void {\n if (this.refresher) {\n this.logger.info(\"Stopping automatic token refresh\");\n this.refresher.clearAutorefresh();\n }\n }\n\n /**\n * Clean up resources\n */\n async cleanup(): Promise<void> {\n this.logger.info(\"Cleaning up TokenRefresher\");\n\n if (this.refresher) {\n this.refresher.clearAutorefresh();\n this.refresher = undefined;\n }\n\n this.isAuthenticated = false;\n }\n\n /**\n * Destroy the token refresher permanently\n */\n async destroy(): Promise<void> {\n this.isDestroyed = true;\n await this.cleanup();\n this.logger.info(\"TokenRefresher destroyed\");\n }\n\n /**\n * Get current refresh state\n */\n getState(): {\n isInitialized: boolean;\n isAuthenticated: boolean;\n isAutoRefreshActive: boolean;\n } {\n return {\n isInitialized: !!this.refresher,\n isAuthenticated: this.isAuthenticated,\n isAutoRefreshActive: this.isAuthenticated && !!this.refresher,\n };\n }\n}\n"]}
package/dist/vanillajs/auth/config/ConfigProcessor.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ConfigProcessor.d.ts","sourceRoot":"","sources":["../../../../src/vanillajs/auth/config/ConfigProcessor.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,qBAAqB,EACrB,wBAAwB,EAEzB,MAAM,uBAAuB,CAAC;AAO/B;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,MAAM,EAAE,qBAAqB,GAC5B,wBAAwB,CAyC1B"}
1
+ {"version":3,"file":"ConfigProcessor.d.ts","sourceRoot":"","sources":["../../../../src/vanillajs/auth/config/ConfigProcessor.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,qBAAqB,EACrB,wBAAwB,EAEzB,MAAM,uBAAuB,CAAC;AAO/B;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,MAAM,EAAE,qBAAqB,GAC5B,wBAAwB,CAgD1B"}
package/dist/vanillajs/auth/config/ConfigProcessor.js CHANGED
@@ -18,10 +18,15 @@ export function processConfigWithDefaults(config) {
18
18
  const originalDisplayMode = config.displayMode || "iframe";
19
19
  const processedDisplayMode = originalDisplayMode === "embedded" ? "iframe" : originalDisplayMode;
20
20
  const processedIframeDisplayMode = originalDisplayMode === "embedded" ? "embedded" : config.iframeDisplayMode;
21
+ // Process redirectUrl - default to current page without query parameters
22
+ const redirectUrl = config.redirectUrl ||
23
+ `${window.location.origin}${window.location.pathname}`;
24
+ // Process logoutRedirectUrl - default to redirectUrl if not provided (same behavior as reactjs implementation)
25
+ const logoutRedirectUrl = config.logoutRedirectUrl || redirectUrl;
21
26
  return {
22
27
  ...config,
23
- redirectUrl: config.redirectUrl ||
24
- `${window.location.origin}${window.location.pathname}`,
28
+ redirectUrl,
29
+ logoutRedirectUrl,
25
30
  oauthServerBaseUrl: config.oauthServerBaseUrl || DEFAULT_AUTH_SERVER,
26
31
  scopes: config.scopes || DEFAULT_SCOPES,
27
32
  textSignals: config.textSignals || {
package/dist/vanillajs/auth/config/ConfigProcessor.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ConfigProcessor.js","sourceRoot":"","sources":["../../../../src/vanillajs/auth/config/ConfigProcessor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAO5E,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAE/B;;GAEG;AACH,MAAM,UAAU,yBAAyB,CACvC,MAA6B;IAE7B,kCAAkC;IAClC,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAE/B,MAAM,aAAa,GAAkB;QACnC,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,GAAG;QACd,KAAK,EAAE,OAAgB;QACvB,GAAG,MAAM,CAAC,OAAO;KAClB,CAAC;IAEF,uFAAuF;IACvF,sHAAsH;IACtH,MAAM,mBAAmB,GAAG,MAAM,CAAC,WAAW,IAAI,QAAQ,CAAC;IAC3D,MAAM,oBAAoB,GACxB,mBAAmB,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC;IAEtE,MAAM,0BAA0B,GAC9B,mBAAmB,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC;IAE7E,OAAO;QACL,GAAG,MAAM;QACT,WAAW,EACT,MAAM,CAAC,WAAW;YAClB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE;QACxD,kBAAkB,EAAE,MAAM,CAAC,kBAAkB,IAAI,mBAAmB;QACpE,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,cAAc;QACvC,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI;YACjC,OAAO,EAAE,4BAA4B;YACrC,KAAK,EAAE,0CAA0C;SAClD;QACD,WAAW,EAAE,oBAAoB;QACjC,iBAAiB,EAAE,0BAA0B;QAC7C,kBAAkB,EAChB,MAAM,CAAC,kBAAkB;YACzB,oBAAoB,CAAC,4BAA4B;QACnD,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,oBAAoB,CAAC,iBAAiB;QACnE,MAAM,EAAE,SAAS;QACjB,OAAO,EAAE,aAAa;QACtB,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,IAAI,mBAAmB,EAAE;KACnE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,MAA6B;IAC3D,iCAAiC;IACjC,MAAM,eAAe,GAAG,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEtE,kCAAkC;IAClC,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,eAAe,EAAE,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,cAAc,CACtB,cAAc,GAAG,eAAe,EAChC,kBAAkB,CAAC,eAAe,CACnC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,oDAAoD;IACpD,gGAAgG;IAChG,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,QAAQ,CAAC;IACnD,MAAM,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;IAEnD,uCAAuC;IACvC,MAAM,cAAc,GAClB,WAAW,KAAK,UAAU,IAAI,qBAAqB;QACnD,CAAC,WAAW,KAAK,QAAQ,IAAI,iBAAiB,KAAK,UAAU,CAAC,CAAC,CAAC,aAAa;IAE/E,IAAI,cAAc,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;QACrD,MAAM,IAAI,cAAc,CACtB,0EAA0E;YACxE,4DAA4D;YAC5D,mEAAmE;YACnE,8DAA8D;YAC9D,gEAAgE,EAClE,kBAAkB,CAAC,eAAe,CACnC,CAAC;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { LocalStorageAdapter } from \"../../../browser/storage.js\";\nimport { DEFAULT_SCOPES, DEFAULT_AUTH_SERVER } from \"../../../constants.js\";\nimport type { DisplayMode } from \"../../../types.js\";\nimport type {\n CivicAuthClientConfig,\n ProcessedCivicAuthConfig,\n LoggingConfig,\n} from \"../types/AuthTypes.js\";\nimport {\n CivicAuthError,\n CivicAuthErrorCode,\n CIVIC_AUTH_CONSTANTS,\n} from \"../types/AuthTypes.js\";\n\n/**\n * Process the configuration with defaults and validation\n */\nexport function processConfigWithDefaults(\n config: CivicAuthClientConfig,\n): ProcessedCivicAuthConfig {\n // Validate required configuration\n validateRequiredConfig(config);\n\n const loggingConfig: LoggingConfig = {\n enabled: false,\n namespace: \"*\",\n level: \"debug\" as const,\n ...config.logging,\n };\n\n // Handle displayMode proxy: map \"embedded\" to \"iframe\" + iframeDisplayMode: \"embedded\"\n // the original displaymode doesn't suppors embedded, so we need to proxy it to iframe + iframeDisplayMode: \"embedded\"\n const originalDisplayMode = config.displayMode || \"iframe\";\n const processedDisplayMode: DisplayMode =\n originalDisplayMode === \"embedded\" ? \"iframe\" : originalDisplayMode;\n\n const processedIframeDisplayMode =\n originalDisplayMode === \"embedded\" ? \"embedded\" : config.iframeDisplayMode;\n\n return {\n ...config,\n redirectUrl:\n config.redirectUrl ||\n `${window.location.origin}${window.location.pathname}`,\n oauthServerBaseUrl: config.oauthServerBaseUrl || DEFAULT_AUTH_SERVER,\n scopes: config.scopes || DEFAULT_SCOPES,\n textSignals: config.textSignals || {\n success: \"Authentication successful!\",\n error: \"Authentication failed. Please try again.\",\n },\n displayMode: processedDisplayMode,\n iframeDisplayMode: processedIframeDisplayMode,\n authProcessTimeout:\n config.authProcessTimeout ||\n CIVIC_AUTH_CONSTANTS.DEFAULT_AUTH_PROCESS_TIMEOUT,\n iframeId: config.iframeId || CIVIC_AUTH_CONSTANTS.DEFAULT_IFRAME_ID,\n prompt: \"consent\",\n logging: loggingConfig,\n storageAdapter: config.storageAdapter || new LocalStorageAdapter(),\n };\n}\n\n/**\n * Validates required configuration properties\n */\nfunction validateRequiredConfig(config: CivicAuthClientConfig): void {\n // Always required configurations\n const requiredConfigs = [{ key: \"clientId\", value: config.clientId }];\n\n // Validate always-required fields\n for (const { key, value } of requiredConfigs) {\n if (!value) {\n throw new CivicAuthError(\n `CivicAuth: ${key} is required.`,\n CivicAuthErrorCode.CONFIG_REQUIRED,\n );\n }\n }\n\n // Conditional validation for targetContainerElement\n // Handle both the new \"embedded\" displayMode and the legacy iframe + iframeDisplayMode approach\n const displayMode = config.displayMode || \"iframe\";\n const iframeDisplayMode = config.iframeDisplayMode;\n\n // Check if we need a container element\n const needsContainer =\n displayMode === \"embedded\" || // New simplified API\n (displayMode === \"iframe\" && iframeDisplayMode === \"embedded\"); // Legacy API\n\n if (needsContainer && !config.targetContainerElement) {\n throw new CivicAuthError(\n \"CivicAuth: targetContainerElement is required for embedded iframe mode. \" +\n \"You can use displayMode: 'embedded' for a simplified API, \" +\n \"or use displayMode: 'iframe' with iframeDisplayMode: 'embedded'. \" +\n \"For modal iframe mode, use displayMode: 'iframe' (default). \" +\n \"For non-iframe modes, use displayMode 'redirect' or 'new_tab'.\",\n CivicAuthErrorCode.CONFIG_REQUIRED,\n );\n }\n}\n"]}
1
+ {"version":3,"file":"ConfigProcessor.js","sourceRoot":"","sources":["../../../../src/vanillajs/auth/config/ConfigProcessor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAO5E,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAE/B;;GAEG;AACH,MAAM,UAAU,yBAAyB,CACvC,MAA6B;IAE7B,kCAAkC;IAClC,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAE/B,MAAM,aAAa,GAAkB;QACnC,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,GAAG;QACd,KAAK,EAAE,OAAgB;QACvB,GAAG,MAAM,CAAC,OAAO;KAClB,CAAC;IAEF,uFAAuF;IACvF,sHAAsH;IACtH,MAAM,mBAAmB,GAAG,MAAM,CAAC,WAAW,IAAI,QAAQ,CAAC;IAC3D,MAAM,oBAAoB,GACxB,mBAAmB,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC;IAEtE,MAAM,0BAA0B,GAC9B,mBAAmB,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC;IAE7E,yEAAyE;IACzE,MAAM,WAAW,GACf,MAAM,CAAC,WAAW;QAClB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;IAEzD,+GAA+G;IAC/G,MAAM,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,IAAI,WAAW,CAAC;IAElE,OAAO;QACL,GAAG,MAAM;QACT,WAAW;QACX,iBAAiB;QACjB,kBAAkB,EAAE,MAAM,CAAC,kBAAkB,IAAI,mBAAmB;QACpE,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,cAAc;QACvC,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI;YACjC,OAAO,EAAE,4BAA4B;YACrC,KAAK,EAAE,0CAA0C;SAClD;QACD,WAAW,EAAE,oBAAoB;QACjC,iBAAiB,EAAE,0BAA0B;QAC7C,kBAAkB,EAChB,MAAM,CAAC,kBAAkB;YACzB,oBAAoB,CAAC,4BAA4B;QACnD,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,oBAAoB,CAAC,iBAAiB;QACnE,MAAM,EAAE,SAAS;QACjB,OAAO,EAAE,aAAa;QACtB,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,IAAI,mBAAmB,EAAE;KACnE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,MAA6B;IAC3D,iCAAiC;IACjC,MAAM,eAAe,GAAG,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEtE,kCAAkC;IAClC,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,eAAe,EAAE,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,cAAc,CACtB,cAAc,GAAG,eAAe,EAChC,kBAAkB,CAAC,eAAe,CACnC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,oDAAoD;IACpD,gGAAgG;IAChG,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,QAAQ,CAAC;IACnD,MAAM,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;IAEnD,uCAAuC;IACvC,MAAM,cAAc,GAClB,WAAW,KAAK,UAAU,IAAI,qBAAqB;QACnD,CAAC,WAAW,KAAK,QAAQ,IAAI,iBAAiB,KAAK,UAAU,CAAC,CAAC,CAAC,aAAa;IAE/E,IAAI,cAAc,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;QACrD,MAAM,IAAI,cAAc,CACtB,0EAA0E;YACxE,4DAA4D;YAC5D,mEAAmE;YACnE,8DAA8D;YAC9D,gEAAgE,EAClE,kBAAkB,CAAC,eAAe,CACnC,CAAC;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { LocalStorageAdapter } from \"../../../browser/storage.js\";\nimport { DEFAULT_SCOPES, DEFAULT_AUTH_SERVER } from \"../../../constants.js\";\nimport type { DisplayMode } from \"../../../types.js\";\nimport type {\n CivicAuthClientConfig,\n ProcessedCivicAuthConfig,\n LoggingConfig,\n} from \"../types/AuthTypes.js\";\nimport {\n CivicAuthError,\n CivicAuthErrorCode,\n CIVIC_AUTH_CONSTANTS,\n} from \"../types/AuthTypes.js\";\n\n/**\n * Process the configuration with defaults and validation\n */\nexport function processConfigWithDefaults(\n config: CivicAuthClientConfig,\n): ProcessedCivicAuthConfig {\n // Validate required configuration\n validateRequiredConfig(config);\n\n const loggingConfig: LoggingConfig = {\n enabled: false,\n namespace: \"*\",\n level: \"debug\" as const,\n ...config.logging,\n };\n\n // Handle displayMode proxy: map \"embedded\" to \"iframe\" + iframeDisplayMode: \"embedded\"\n // the original displaymode doesn't suppors embedded, so we need to proxy it to iframe + iframeDisplayMode: \"embedded\"\n const originalDisplayMode = config.displayMode || \"iframe\";\n const processedDisplayMode: DisplayMode =\n originalDisplayMode === \"embedded\" ? \"iframe\" : originalDisplayMode;\n\n const processedIframeDisplayMode =\n originalDisplayMode === \"embedded\" ? \"embedded\" : config.iframeDisplayMode;\n\n // Process redirectUrl - default to current page without query parameters\n const redirectUrl =\n config.redirectUrl ||\n `${window.location.origin}${window.location.pathname}`;\n\n // Process logoutRedirectUrl - default to redirectUrl if not provided (same behavior as reactjs implementation)\n const logoutRedirectUrl = config.logoutRedirectUrl || redirectUrl;\n\n return {\n ...config,\n redirectUrl,\n logoutRedirectUrl,\n oauthServerBaseUrl: config.oauthServerBaseUrl || DEFAULT_AUTH_SERVER,\n scopes: config.scopes || DEFAULT_SCOPES,\n textSignals: config.textSignals || {\n success: \"Authentication successful!\",\n error: \"Authentication failed. Please try again.\",\n },\n displayMode: processedDisplayMode,\n iframeDisplayMode: processedIframeDisplayMode,\n authProcessTimeout:\n config.authProcessTimeout ||\n CIVIC_AUTH_CONSTANTS.DEFAULT_AUTH_PROCESS_TIMEOUT,\n iframeId: config.iframeId || CIVIC_AUTH_CONSTANTS.DEFAULT_IFRAME_ID,\n prompt: \"consent\",\n logging: loggingConfig,\n storageAdapter: config.storageAdapter || new LocalStorageAdapter(),\n };\n}\n\n/**\n * Validates required configuration properties\n */\nfunction validateRequiredConfig(config: CivicAuthClientConfig): void {\n // Always required configurations\n const requiredConfigs = [{ key: \"clientId\", value: config.clientId }];\n\n // Validate always-required fields\n for (const { key, value } of requiredConfigs) {\n if (!value) {\n throw new CivicAuthError(\n `CivicAuth: ${key} is required.`,\n CivicAuthErrorCode.CONFIG_REQUIRED,\n );\n }\n }\n\n // Conditional validation for targetContainerElement\n // Handle both the new \"embedded\" displayMode and the legacy iframe + iframeDisplayMode approach\n const displayMode = config.displayMode || \"iframe\";\n const iframeDisplayMode = config.iframeDisplayMode;\n\n // Check if we need a container element\n const needsContainer =\n displayMode === \"embedded\" || // New simplified API\n (displayMode === \"iframe\" && iframeDisplayMode === \"embedded\"); // Legacy API\n\n if (needsContainer && !config.targetContainerElement) {\n throw new CivicAuthError(\n \"CivicAuth: targetContainerElement is required for embedded iframe mode. \" +\n \"You can use displayMode: 'embedded' for a simplified API, \" +\n \"or use displayMode: 'iframe' with iframeDisplayMode: 'embedded'. \" +\n \"For modal iframe mode, use displayMode: 'iframe' (default). \" +\n \"For non-iframe modes, use displayMode 'redirect' or 'new_tab'.\",\n CivicAuthErrorCode.CONFIG_REQUIRED,\n );\n }\n}\n"]}
package/dist/vanillajs/auth/types/AuthTypes.d.ts CHANGED
@@ -71,6 +71,8 @@ export interface CivicAuthClientConfig {
71
71
  clientId: string;
72
72
  /** URL to redirect to after authentication */
73
73
  redirectUrl?: string;
74
+ /** URL to redirect to after logout - if not provided, will use redirectUrl */
75
+ logoutRedirectUrl?: string;
74
76
  /** Base URL of the OAuth server */
75
77
  oauthServerBaseUrl?: string;
76
78
  /** Array of OAuth scopes to request */
@@ -118,6 +120,7 @@ export interface LoggingConfig {
118
120
  */
119
121
  export type ProcessedCivicAuthConfig = CivicAuthClientConfig & {
120
122
  redirectUrl: string;
123
+ logoutRedirectUrl: string;
121
124
  oauthServerBaseUrl: string;
122
125
  scopes: string[];
123
126
  textSignals: {
package/dist/vanillajs/auth/types/AuthTypes.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthTypes.d.ts","sourceRoot":"","sources":["../../../../src/vanillajs/auth/types/AuthTypes.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AACvE,OAAO,KAAK,EACV,WAAW,IAAI,eAAe,EAC9B,WAAW,EACZ,MAAM,mBAAmB,CAAC;AAE3B;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAAG,eAAe,GAAG,UAAU,CAAC;AAEhE;;GAEG;AACH,oBAAY,kBAAkB;IAC5B,eAAe,oBAAoB;IACnC,WAAW,gBAAgB;IAC3B,yBAAyB,8BAA8B;IACvD,mBAAmB,wBAAwB;IAC3C,oBAAoB,yBAAyB;IAC7C,iBAAiB,sBAAsB;IACvC,eAAe,oBAAoB;IACnC,aAAa,kBAAkB;IAC/B,aAAa,kBAAkB;IAC/B,cAAc,mBAAmB;IACjC,mBAAmB,wBAAwB;IAC3C,oBAAoB,yBAAyB;IAC7C,iBAAiB,sBAAsB;IACvC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;IACrC,cAAc,mBAAmB;CAClC;AAED;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;CAKvB,CAAC;AAEX;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,cAAc,GAAG,YAAY,CAAC;AAE5D,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,eAAe,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,eAAe,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GACrB,WAAW,GACX,eAAe,GACf,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAE5B,qBAAa,cAAe,SAAQ,KAAK;aAGrB,IAAI,EAAE,kBAAkB;gBADxC,OAAO,EAAE,MAAM,EACC,IAAI,EAAE,kBAAkB;CAK3C;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,sBAAsB;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C;IAC9C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mCAAmC;IACnC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,2GAA2G;IAC3G,sBAAsB,CAAC,EAAE,WAAW,GAAG,MAAM,CAAC;IAC9C,gDAAgD;IAChD,WAAW,CAAC,EAAE;QACZ,mDAAmD;QACnD,OAAO,EAAE,MAAM,CAAC;QAChB,uDAAuD;QACvD,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,gGAAgG;IAChG,WAAW,CAAC,EAAE,oBAAoB,CAAC;IACnC,qGAAqG;IACrG,iBAAiB,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IACzC;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,+CAA+C;IAC/C,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B,oCAAoC;IACpC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gFAAgF;IAChF,cAAc,CAAC,EAAE,WAAW,CAAC;IAC7B,yCAAyC;IACzC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,mCAAmC;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,4BAA4B;IAC5B,OAAO,CAAC,EAAE,aAAa,CAAC;CACzB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;CAC7C;AAED;;GAEG;AACH,MAAM,MAAM,wBAAwB,GAAG,qBAAqB,GAAG;IAC7D,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE;QACX,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,cAAc,EAAE,WAAW,CAAC;IAC5B,OAAO,EAAE,aAAa,CAAC;IACvB,WAAW,EAAE,eAAe,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAEhB,CAAC"}
1
+ {"version":3,"file":"AuthTypes.d.ts","sourceRoot":"","sources":["../../../../src/vanillajs/auth/types/AuthTypes.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AACvE,OAAO,KAAK,EACV,WAAW,IAAI,eAAe,EAC9B,WAAW,EACZ,MAAM,mBAAmB,CAAC;AAE3B;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAAG,eAAe,GAAG,UAAU,CAAC;AAEhE;;GAEG;AACH,oBAAY,kBAAkB;IAC5B,eAAe,oBAAoB;IACnC,WAAW,gBAAgB;IAC3B,yBAAyB,8BAA8B;IACvD,mBAAmB,wBAAwB;IAC3C,oBAAoB,yBAAyB;IAC7C,iBAAiB,sBAAsB;IACvC,eAAe,oBAAoB;IACnC,aAAa,kBAAkB;IAC/B,aAAa,kBAAkB;IAC/B,cAAc,mBAAmB;IACjC,mBAAmB,wBAAwB;IAC3C,oBAAoB,yBAAyB;IAC7C,iBAAiB,sBAAsB;IACvC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;IACrC,cAAc,mBAAmB;CAClC;AAED;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;CAKvB,CAAC;AAEX;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,cAAc,GAAG,YAAY,CAAC;AAE5D,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,eAAe,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,eAAe,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GACrB,WAAW,GACX,eAAe,GACf,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAE5B,qBAAa,cAAe,SAAQ,KAAK;aAGrB,IAAI,EAAE,kBAAkB;gBADxC,OAAO,EAAE,MAAM,EACC,IAAI,EAAE,kBAAkB;CAK3C;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,sBAAsB;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C;IAC9C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,8EAA8E;IAC9E,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,mCAAmC;IACnC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,2GAA2G;IAC3G,sBAAsB,CAAC,EAAE,WAAW,GAAG,MAAM,CAAC;IAC9C,gDAAgD;IAChD,WAAW,CAAC,EAAE;QACZ,mDAAmD;QACnD,OAAO,EAAE,MAAM,CAAC;QAChB,uDAAuD;QACvD,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,gGAAgG;IAChG,WAAW,CAAC,EAAE,oBAAoB,CAAC;IACnC,qGAAqG;IACrG,iBAAiB,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IACzC;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,+CAA+C;IAC/C,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B,oCAAoC;IACpC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gFAAgF;IAChF,cAAc,CAAC,EAAE,WAAW,CAAC;IAC7B,yCAAyC;IACzC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,mCAAmC;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,4BAA4B;IAC5B,OAAO,CAAC,EAAE,aAAa,CAAC;CACzB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;CAC7C;AAED;;GAEG;AACH,MAAM,MAAM,wBAAwB,GAAG,qBAAqB,GAAG;IAC7D,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE;QACX,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,cAAc,EAAE,WAAW,CAAC;IAC5B,OAAO,EAAE,aAAa,CAAC;IACvB,WAAW,EAAE,eAAe,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAEhB,CAAC"}
package/dist/vanillajs/auth/types/AuthTypes.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthTypes.js","sourceRoot":"","sources":["../../../../src/vanillajs/auth/types/AuthTypes.ts"],"names":[],"mappings":"AAaA;;GAEG;AACH,MAAM,CAAN,IAAY,kBAiBX;AAjBD,WAAY,kBAAkB;IAC5B,yDAAmC,CAAA;IACnC,iDAA2B,CAAA;IAC3B,6EAAuD,CAAA;IACvD,iEAA2C,CAAA;IAC3C,mEAA6C,CAAA;IAC7C,6DAAuC,CAAA;IACvC,yDAAmC,CAAA;IACnC,qDAA+B,CAAA;IAC/B,qDAA+B,CAAA;IAC/B,uDAAiC,CAAA;IACjC,iEAA2C,CAAA;IAC3C,mEAA6C,CAAA;IAC7C,6DAAuC,CAAA;IACvC,qDAA+B,CAAA;IAC/B,2DAAqC,CAAA;IACrC,uDAAiC,CAAA;AACnC,CAAC,EAjBW,kBAAkB,KAAlB,kBAAkB,QAiB7B;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,iBAAiB,EAAE,mBAAmB;IACtC,4BAA4B,EAAE,KAAK,EAAE,aAAa;IAClD,iBAAiB,EAAE,2BAA2B;IAC9C,eAAe,EAAE,yBAAyB;CAClC,CAAC;AAgCX,MAAM,OAAO,cAAe,SAAQ,KAAK;IAGrB;IAFlB,YACE,OAAe,EACC,IAAwB;QAExC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,SAAI,GAAJ,IAAI,CAAoB;QAGxC,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF","sourcesContent":["import type { AuthenticationEvents } from \"../AuthenticationEvents.js\";\nimport type {\n DisplayMode as BaseDisplayMode,\n AuthStorage,\n} from \"../../../types.js\";\n\n/**\n * Extended DisplayMode for VanillaJS that includes \"embedded\" option\n * This provides a cleaner API where users can simply use displayMode: \"embedded\"\n * instead of displayMode: \"iframe\" + iframeDisplayMode: \"embedded\"\n */\nexport type VanillaJSDisplayMode = BaseDisplayMode | \"embedded\";\n\n/**\n * Error codes for CivicAuth errors\n */\nexport enum CivicAuthErrorCode {\n CONFIG_REQUIRED = \"CONFIG_REQUIRED\",\n INIT_FAILED = \"INIT_FAILED\",\n ENDPOINTS_NOT_INITIALIZED = \"ENDPOINTS_NOT_INITIALIZED\",\n CONTAINER_NOT_FOUND = \"CONTAINER_NOT_FOUND\",\n AUTH_PROCESS_TIMEOUT = \"AUTH_PROCESS_TIMEOUT\",\n IFRAME_LOAD_ERROR = \"IFRAME_LOAD_ERROR\",\n INVALID_MESSAGE = \"INVALID_MESSAGE\",\n LOGOUT_FAILED = \"LOGOUT_FAILED\",\n POPUP_BLOCKED = \"popup_blocked\",\n USER_CANCELLED = \"user_cancelled\",\n CONFIGURATION_ERROR = \"configuration_error\",\n TOKEN_REFRESH_FAILED = \"token_refresh_failed\",\n SESSION_NOT_FOUND = \"session_not_found\",\n STORAGE_ERROR = \"storage_error\",\n IFRAME_NOT_FOUND = \"iframe_not_found\",\n INTERNAL_ERROR = \"internal_error\",\n}\n\n/**\n * Constants for the auth client\n */\nexport const CIVIC_AUTH_CONSTANTS = {\n DEFAULT_IFRAME_ID: \"civic-auth-iframe\",\n DEFAULT_AUTH_PROCESS_TIMEOUT: 60000, // 60 seconds\n SUCCESS_SIGNAL_ID: \"civic-auth-success-signal\",\n ERROR_SIGNAL_ID: \"civic-auth-error-signal\",\n} as const;\n\n/**\n * Message types for postMessage communication\n */\nexport type AuthMessageType = \"auth_success\" | \"auth_error\";\n\nexport interface AuthMessage {\n type: AuthMessageType;\n detail?: string;\n data?: unknown;\n error?: unknown;\n}\n\n/**\n * Login app message types for postMessage communication\n */\nexport interface LoginAppMessage {\n source: \"civicloginApp\";\n type: string;\n clientId: string;\n data?: unknown;\n}\n\n/**\n * Combined message type for all iframe communications\n */\nexport type IframeMessage =\n | AuthMessage\n | LoginAppMessage\n | Record<string, unknown>;\n\nexport class CivicAuthError extends Error {\n constructor(\n message: string,\n public readonly code: CivicAuthErrorCode,\n ) {\n super(message);\n this.name = \"CivicAuthError\";\n }\n}\n\n/**\n * Configuration options for the CivicAuth client\n */\nexport interface CivicAuthClientConfig {\n /** OAuth client ID */\n clientId: string;\n /** URL to redirect to after authentication */\n redirectUrl?: string;\n /** Base URL of the OAuth server */\n oauthServerBaseUrl?: string;\n /** Array of OAuth scopes to request */\n scopes?: string[];\n /** HTML element or element ID where the auth iframe will be mounted (required for embedded iframe mode) */\n targetContainerElement?: HTMLElement | string;\n /** Text signals for success and error states */\n textSignals?: {\n /** Text to display on successful authentication */\n success: string;\n /** Optional text to display on authentication error */\n error?: string;\n };\n /** Display mode for the authentication UI - VanillaJS supports \"embedded\" for simplified API */\n displayMode?: VanillaJSDisplayMode;\n /** Display mode for iframe rendering - modal (full-screen overlay) or embedded (within container) */\n iframeDisplayMode?: \"modal\" | \"embedded\";\n /**\n * Timeout duration in milliseconds for the entire authentication process.\n * If the authentication process takes longer than this duration, it will be cancelled\n * and an error will be thrown.\n * Note: This timeout is not applied to embedded iframe mode, where the iframe remains persistent.\n */\n authProcessTimeout?: number;\n /** Event handlers for authentication events */\n events?: AuthenticationEvents;\n /** Custom ID for the auth iframe */\n iframeId?: string;\n /** Custom storage adapter for auth state - uses shared AuthStorage interface */\n storageAdapter?: AuthStorage;\n /** OAuth nonce parameter for security */\n nonce?: string;\n /** Initial state for OAuth flow */\n initialState?: string;\n /** Logging configuration */\n logging?: LoggingConfig;\n}\n\nexport interface LoggingConfig {\n enabled: boolean;\n namespace?: string;\n level?: \"debug\" | \"info\" | \"warn\" | \"error\";\n}\n\n/**\n * Internal configuration with all optional properties resolved to required ones.\n */\nexport type ProcessedCivicAuthConfig = CivicAuthClientConfig & {\n redirectUrl: string;\n oauthServerBaseUrl: string;\n scopes: string[];\n textSignals: {\n success: string;\n error?: string;\n };\n storageAdapter: AuthStorage;\n logging: LoggingConfig;\n displayMode: BaseDisplayMode; // Internal config uses base DisplayMode after processing\n authProcessTimeout: number;\n iframeId: string;\n prompt: string;\n nonce?: string;\n // targetContainerElement remains optional as it's not needed for all display modes\n};\n"]}
1
+ {"version":3,"file":"AuthTypes.js","sourceRoot":"","sources":["../../../../src/vanillajs/auth/types/AuthTypes.ts"],"names":[],"mappings":"AAaA;;GAEG;AACH,MAAM,CAAN,IAAY,kBAiBX;AAjBD,WAAY,kBAAkB;IAC5B,yDAAmC,CAAA;IACnC,iDAA2B,CAAA;IAC3B,6EAAuD,CAAA;IACvD,iEAA2C,CAAA;IAC3C,mEAA6C,CAAA;IAC7C,6DAAuC,CAAA;IACvC,yDAAmC,CAAA;IACnC,qDAA+B,CAAA;IAC/B,qDAA+B,CAAA;IAC/B,uDAAiC,CAAA;IACjC,iEAA2C,CAAA;IAC3C,mEAA6C,CAAA;IAC7C,6DAAuC,CAAA;IACvC,qDAA+B,CAAA;IAC/B,2DAAqC,CAAA;IACrC,uDAAiC,CAAA;AACnC,CAAC,EAjBW,kBAAkB,KAAlB,kBAAkB,QAiB7B;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,iBAAiB,EAAE,mBAAmB;IACtC,4BAA4B,EAAE,KAAK,EAAE,aAAa;IAClD,iBAAiB,EAAE,2BAA2B;IAC9C,eAAe,EAAE,yBAAyB;CAClC,CAAC;AAgCX,MAAM,OAAO,cAAe,SAAQ,KAAK;IAGrB;IAFlB,YACE,OAAe,EACC,IAAwB;QAExC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,SAAI,GAAJ,IAAI,CAAoB;QAGxC,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF","sourcesContent":["import type { AuthenticationEvents } from \"../AuthenticationEvents.js\";\nimport type {\n DisplayMode as BaseDisplayMode,\n AuthStorage,\n} from \"../../../types.js\";\n\n/**\n * Extended DisplayMode for VanillaJS that includes \"embedded\" option\n * This provides a cleaner API where users can simply use displayMode: \"embedded\"\n * instead of displayMode: \"iframe\" + iframeDisplayMode: \"embedded\"\n */\nexport type VanillaJSDisplayMode = BaseDisplayMode | \"embedded\";\n\n/**\n * Error codes for CivicAuth errors\n */\nexport enum CivicAuthErrorCode {\n CONFIG_REQUIRED = \"CONFIG_REQUIRED\",\n INIT_FAILED = \"INIT_FAILED\",\n ENDPOINTS_NOT_INITIALIZED = \"ENDPOINTS_NOT_INITIALIZED\",\n CONTAINER_NOT_FOUND = \"CONTAINER_NOT_FOUND\",\n AUTH_PROCESS_TIMEOUT = \"AUTH_PROCESS_TIMEOUT\",\n IFRAME_LOAD_ERROR = \"IFRAME_LOAD_ERROR\",\n INVALID_MESSAGE = \"INVALID_MESSAGE\",\n LOGOUT_FAILED = \"LOGOUT_FAILED\",\n POPUP_BLOCKED = \"popup_blocked\",\n USER_CANCELLED = \"user_cancelled\",\n CONFIGURATION_ERROR = \"configuration_error\",\n TOKEN_REFRESH_FAILED = \"token_refresh_failed\",\n SESSION_NOT_FOUND = \"session_not_found\",\n STORAGE_ERROR = \"storage_error\",\n IFRAME_NOT_FOUND = \"iframe_not_found\",\n INTERNAL_ERROR = \"internal_error\",\n}\n\n/**\n * Constants for the auth client\n */\nexport const CIVIC_AUTH_CONSTANTS = {\n DEFAULT_IFRAME_ID: \"civic-auth-iframe\",\n DEFAULT_AUTH_PROCESS_TIMEOUT: 60000, // 60 seconds\n SUCCESS_SIGNAL_ID: \"civic-auth-success-signal\",\n ERROR_SIGNAL_ID: \"civic-auth-error-signal\",\n} as const;\n\n/**\n * Message types for postMessage communication\n */\nexport type AuthMessageType = \"auth_success\" | \"auth_error\";\n\nexport interface AuthMessage {\n type: AuthMessageType;\n detail?: string;\n data?: unknown;\n error?: unknown;\n}\n\n/**\n * Login app message types for postMessage communication\n */\nexport interface LoginAppMessage {\n source: \"civicloginApp\";\n type: string;\n clientId: string;\n data?: unknown;\n}\n\n/**\n * Combined message type for all iframe communications\n */\nexport type IframeMessage =\n | AuthMessage\n | LoginAppMessage\n | Record<string, unknown>;\n\nexport class CivicAuthError extends Error {\n constructor(\n message: string,\n public readonly code: CivicAuthErrorCode,\n ) {\n super(message);\n this.name = \"CivicAuthError\";\n }\n}\n\n/**\n * Configuration options for the CivicAuth client\n */\nexport interface CivicAuthClientConfig {\n /** OAuth client ID */\n clientId: string;\n /** URL to redirect to after authentication */\n redirectUrl?: string;\n /** URL to redirect to after logout - if not provided, will use redirectUrl */\n logoutRedirectUrl?: string;\n /** Base URL of the OAuth server */\n oauthServerBaseUrl?: string;\n /** Array of OAuth scopes to request */\n scopes?: string[];\n /** HTML element or element ID where the auth iframe will be mounted (required for embedded iframe mode) */\n targetContainerElement?: HTMLElement | string;\n /** Text signals for success and error states */\n textSignals?: {\n /** Text to display on successful authentication */\n success: string;\n /** Optional text to display on authentication error */\n error?: string;\n };\n /** Display mode for the authentication UI - VanillaJS supports \"embedded\" for simplified API */\n displayMode?: VanillaJSDisplayMode;\n /** Display mode for iframe rendering - modal (full-screen overlay) or embedded (within container) */\n iframeDisplayMode?: \"modal\" | \"embedded\";\n /**\n * Timeout duration in milliseconds for the entire authentication process.\n * If the authentication process takes longer than this duration, it will be cancelled\n * and an error will be thrown.\n * Note: This timeout is not applied to embedded iframe mode, where the iframe remains persistent.\n */\n authProcessTimeout?: number;\n /** Event handlers for authentication events */\n events?: AuthenticationEvents;\n /** Custom ID for the auth iframe */\n iframeId?: string;\n /** Custom storage adapter for auth state - uses shared AuthStorage interface */\n storageAdapter?: AuthStorage;\n /** OAuth nonce parameter for security */\n nonce?: string;\n /** Initial state for OAuth flow */\n initialState?: string;\n /** Logging configuration */\n logging?: LoggingConfig;\n}\n\nexport interface LoggingConfig {\n enabled: boolean;\n namespace?: string;\n level?: \"debug\" | \"info\" | \"warn\" | \"error\";\n}\n\n/**\n * Internal configuration with all optional properties resolved to required ones.\n */\nexport type ProcessedCivicAuthConfig = CivicAuthClientConfig & {\n redirectUrl: string;\n logoutRedirectUrl: string;\n oauthServerBaseUrl: string;\n scopes: string[];\n textSignals: {\n success: string;\n error?: string;\n };\n storageAdapter: AuthStorage;\n logging: LoggingConfig;\n displayMode: BaseDisplayMode; // Internal config uses base DisplayMode after processing\n authProcessTimeout: number;\n iframeId: string;\n prompt: string;\n nonce?: string;\n // targetContainerElement remains optional as it's not needed for all display modes\n};\n"]}
package/dist/vanillajs/index.d.ts CHANGED
@@ -14,4 +14,6 @@ export { createShimmerLoader, createIframeShimmerLoader, createSkeletonLoader, c
14
14
  export { BrowserCookieStorage } from "../shared/lib/BrowserCookieStorage.js";
15
15
  export type { AuthStorage } from "../types.js";
16
16
  export type { User, Session } from "./types/index.js";
17
+ export { extractTokensFromSession } from "./utils/auth-utils.js";
18
+ export type { ExtractedTokens } from "./utils/auth-utils.js";
17
19
  //# sourceMappingURL=index.d.ts.map
package/dist/vanillajs/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/vanillajs/index.ts"],"names":[],"mappings":"AAAA,cAAc,gCAAgC,CAAC;AAC/C,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,qBAAqB,CAAC;AAEpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EACL,uBAAuB,EACvB,WAAW,EACX,KAAK,yBAAyB,GAC/B,MAAM,yCAAyC,CAAC;AAGjD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAGhF,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAG5D,OAAO,EACL,mBAAmB,EACnB,yBAAyB,EACzB,oBAAoB,EACpB,yBAAyB,EACzB,eAAe,EACf,iBAAiB,EACjB,oBAAoB,EACpB,KAAK,oBAAoB,GAC1B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAG7E,YAAY,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,YAAY,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/vanillajs/index.ts"],"names":[],"mappings":"AAAA,cAAc,gCAAgC,CAAC;AAC/C,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,qBAAqB,CAAC;AAEpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EACL,uBAAuB,EACvB,WAAW,EACX,KAAK,yBAAyB,GAC/B,MAAM,yCAAyC,CAAC;AAGjD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAGhF,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAG5D,OAAO,EACL,mBAAmB,EACnB,yBAAyB,EACzB,oBAAoB,EACpB,yBAAyB,EACzB,eAAe,EACf,iBAAiB,EACjB,oBAAoB,EACpB,KAAK,oBAAoB,GAC1B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAG7E,YAAY,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,YAAY,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAGtD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,YAAY,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC"}
package/dist/vanillajs/index.js CHANGED
@@ -15,4 +15,6 @@ export { LocalStorageAdapter } from "../browser/storage.js";
15
15
  // Export UI components for loading states
16
16
  export { createShimmerLoader, createIframeShimmerLoader, createSkeletonLoader, createButtonContentLoader, createCloseIcon, createCloseButton, cleanupLoadingStyles, } from "./ui/LoadingComponents.js";
17
17
  export { BrowserCookieStorage } from "../shared/lib/BrowserCookieStorage.js";
18
+ // Export token utilities
19
+ export { extractTokensFromSession } from "./utils/auth-utils.js";
18
20
  //# sourceMappingURL=index.js.map
package/dist/vanillajs/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/vanillajs/index.ts"],"names":[],"mappings":"AAAA,cAAc,gCAAgC,CAAC;AAC/C,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,qBAAqB,CAAC;AAEpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EACL,uBAAuB,EACvB,WAAW,GAEZ,MAAM,yCAAyC,CAAC;AAEjD,6CAA6C;AAC7C,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAEhF,wFAAwF;AACxF,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAE5D,0CAA0C;AAC1C,OAAO,EACL,mBAAmB,EACnB,yBAAyB,EACzB,oBAAoB,EACpB,yBAAyB,EACzB,eAAe,EACf,iBAAiB,EACjB,oBAAoB,GAErB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC","sourcesContent":["export * from \"./auth/AuthenticationEvents.js\";\nexport * from \"./auth/SessionManager.js\";\nexport * from \"./auth/TokenRefresher.js\";\nexport * from \"./types/index.js\";\nexport * from \"./services/ApiService.js\";\nexport * from \"./auth/CivicAuth.js\";\n\nexport { AuthenticationEvents } from \"./auth/AuthenticationEvents.js\";\nexport { AuthEvent } from \"./types/index.js\";\nexport {\n handleOAuthRedirectPage,\n storeTokens,\n type HandleOAuthRedirectConfig,\n} from \"./auth/handlers/OAuthCallbackHandler.js\";\n\n// Re-export shared utilities for convenience\nexport { retrieveTokens, clearTokens } from \"../shared/lib/util.js\";\nexport { getUser, getTokens, clearAuthCookies } from \"../shared/lib/session.js\";\n\n// Re-export shared storage adapters - these are the only storage implementations needed\nexport { LocalStorageAdapter } from \"../browser/storage.js\";\n\n// Export UI components for loading states\nexport {\n createShimmerLoader,\n createIframeShimmerLoader,\n createSkeletonLoader,\n createButtonContentLoader,\n createCloseIcon,\n createCloseButton,\n cleanupLoadingStyles,\n type ShimmerLoaderOptions,\n} from \"./ui/LoadingComponents.js\";\nexport { BrowserCookieStorage } from \"../shared/lib/BrowserCookieStorage.js\";\n\n// Re-export shared types\nexport type { AuthStorage } from \"../types.js\";\nexport type { User, Session } from \"./types/index.js\";\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/vanillajs/index.ts"],"names":[],"mappings":"AAAA,cAAc,gCAAgC,CAAC;AAC/C,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,qBAAqB,CAAC;AAEpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EACL,uBAAuB,EACvB,WAAW,GAEZ,MAAM,yCAAyC,CAAC;AAEjD,6CAA6C;AAC7C,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAEhF,wFAAwF;AACxF,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAE5D,0CAA0C;AAC1C,OAAO,EACL,mBAAmB,EACnB,yBAAyB,EACzB,oBAAoB,EACpB,yBAAyB,EACzB,eAAe,EACf,iBAAiB,EACjB,oBAAoB,GAErB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAM7E,yBAAyB;AACzB,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC","sourcesContent":["export * from \"./auth/AuthenticationEvents.js\";\nexport * from \"./auth/SessionManager.js\";\nexport * from \"./auth/TokenRefresher.js\";\nexport * from \"./types/index.js\";\nexport * from \"./services/ApiService.js\";\nexport * from \"./auth/CivicAuth.js\";\n\nexport { AuthenticationEvents } from \"./auth/AuthenticationEvents.js\";\nexport { AuthEvent } from \"./types/index.js\";\nexport {\n handleOAuthRedirectPage,\n storeTokens,\n type HandleOAuthRedirectConfig,\n} from \"./auth/handlers/OAuthCallbackHandler.js\";\n\n// Re-export shared utilities for convenience\nexport { retrieveTokens, clearTokens } from \"../shared/lib/util.js\";\nexport { getUser, getTokens, clearAuthCookies } from \"../shared/lib/session.js\";\n\n// Re-export shared storage adapters - these are the only storage implementations needed\nexport { LocalStorageAdapter } from \"../browser/storage.js\";\n\n// Export UI components for loading states\nexport {\n createShimmerLoader,\n createIframeShimmerLoader,\n createSkeletonLoader,\n createButtonContentLoader,\n createCloseIcon,\n createCloseButton,\n cleanupLoadingStyles,\n type ShimmerLoaderOptions,\n} from \"./ui/LoadingComponents.js\";\nexport { BrowserCookieStorage } from \"../shared/lib/BrowserCookieStorage.js\";\n\n// Re-export shared types\nexport type { AuthStorage } from \"../types.js\";\nexport type { User, Session } from \"./types/index.js\";\n\n// Export token utilities\nexport { extractTokensFromSession } from \"./utils/auth-utils.js\";\nexport type { ExtractedTokens } from \"./utils/auth-utils.js\";\n"]}
package/dist/vanillajs/types/index.d.ts CHANGED
@@ -2,7 +2,7 @@ import type { User } from "../../types.js";
2
2
  export type { User };
3
3
  export interface Session {
4
4
  accessToken?: string;
5
- idToken: string;
5
+ idToken?: string;
6
6
  refreshToken?: string;
7
7
  user?: User;
8
8
  expiresAt?: number;
package/dist/vanillajs/types/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/types/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAE3C,YAAY,EAAE,IAAI,EAAE,CAAC;AAErB,MAAM,WAAW,OAAO;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CAEpB;AAED,oBAAY,SAAS;IACnB,WAAW,gBAAgB;IAC3B,eAAe,oBAAoB;IACnC,gBAAgB,qBAAqB;IACrC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;IACrC,iBAAiB,sBAAsB;IACvC,cAAc,mBAAmB;IACjC,qBAAqB,0BAA0B;IAC/C,sBAAsB,2BAA2B;IACjD,mBAAmB,wBAAwB;IAC3C,eAAe,oBAAoB;IACnC,eAAe,oBAAoB;IACnC,yBAAyB,8BAA8B;IACvD,uBAAuB,4BAA4B;IACnD,oBAAoB,yBAAyB;CAC9C;AAED,MAAM,WAAW,UAAU;IACzB,oDAAoD;IACpD,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/types/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAE3C,YAAY,EAAE,IAAI,EAAE,CAAC;AAErB,MAAM,WAAW,OAAO;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CAEpB;AAED,oBAAY,SAAS;IACnB,WAAW,gBAAgB;IAC3B,eAAe,oBAAoB;IACnC,gBAAgB,qBAAqB;IACrC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;IACrC,iBAAiB,sBAAsB;IACvC,cAAc,mBAAmB;IACjC,qBAAqB,0BAA0B;IAC/C,sBAAsB,2BAA2B;IACjD,mBAAmB,wBAAwB;IAC3C,eAAe,oBAAoB;IACnC,eAAe,oBAAoB;IACnC,yBAAyB,8BAA8B;IACvD,uBAAuB,4BAA4B;IACnD,oBAAoB,yBAAyB;CAC9C;AAED,MAAM,WAAW,UAAU;IACzB,oDAAoD;IACpD,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB"}
package/dist/vanillajs/types/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/vanillajs/types/index.ts"],"names":[],"mappings":"AAcA,MAAM,CAAN,IAAY,SAgBX;AAhBD,WAAY,SAAS;IACnB,wCAA2B,CAAA;IAC3B,gDAAmC,CAAA;IACnC,kDAAqC,CAAA;IACrC,4CAA+B,CAAA;IAC/B,kDAAqC,CAAA;IACrC,oDAAuC,CAAA;IACvC,8CAAiC,CAAA;IACjC,4DAA+C,CAAA;IAC/C,8DAAiD,CAAA;IACjD,wDAA2C,CAAA;IAC3C,gDAAmC,CAAA;IACnC,gDAAmC,CAAA;IACnC,oEAAuD,CAAA;IACvD,gEAAmD,CAAA;IACnD,0DAA6C,CAAA;AAC/C,CAAC,EAhBW,SAAS,KAAT,SAAS,QAgBpB","sourcesContent":["// Export other type files as they are created\nimport type { User } from \"../../types.js\";\n\nexport type { User };\n\nexport interface Session {\n accessToken?: string;\n idToken: string;\n refreshToken?: string;\n user?: User;\n expiresAt?: number; // Timestamp in milliseconds\n // any other session-related data\n}\n\nexport enum AuthEvent {\n INITIALIZED = \"initialized\",\n SIGN_IN_STARTED = \"sign_in_started\",\n SIGN_IN_COMPLETE = \"sign_in_complete\",\n SIGN_IN_ERROR = \"sign_in_error\",\n SIGN_OUT_STARTED = \"sign_out_started\",\n SIGN_OUT_COMPLETE = \"sign_out_complete\",\n SIGN_OUT_ERROR = \"sign_out_error\",\n TOKEN_REFRESH_STARTED = \"token_refresh_started\",\n TOKEN_REFRESH_COMPLETE = \"token_refresh_complete\",\n TOKEN_REFRESH_ERROR = \"token_refresh_error\",\n SESSION_EXPIRED = \"session_expired\",\n SESSION_RENEWED = \"session_renewed\",\n USER_INTERACTION_REQUIRED = \"user_interaction_required\",\n POPUP_REDIRECT_FALLBACK = \"popup_redirect_fallback\",\n USER_SESSION_CHANGED = \"user_session_changed\",\n}\n\nexport interface AuthResult {\n /** User information returned from authentication */\n user?: User;\n /** Signal text indicating the result */\n signalText?: string;\n}\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/vanillajs/types/index.ts"],"names":[],"mappings":"AAcA,MAAM,CAAN,IAAY,SAgBX;AAhBD,WAAY,SAAS;IACnB,wCAA2B,CAAA;IAC3B,gDAAmC,CAAA;IACnC,kDAAqC,CAAA;IACrC,4CAA+B,CAAA;IAC/B,kDAAqC,CAAA;IACrC,oDAAuC,CAAA;IACvC,8CAAiC,CAAA;IACjC,4DAA+C,CAAA;IAC/C,8DAAiD,CAAA;IACjD,wDAA2C,CAAA;IAC3C,gDAAmC,CAAA;IACnC,gDAAmC,CAAA;IACnC,oEAAuD,CAAA;IACvD,gEAAmD,CAAA;IACnD,0DAA6C,CAAA;AAC/C,CAAC,EAhBW,SAAS,KAAT,SAAS,QAgBpB","sourcesContent":["// Export other type files as they are created\nimport type { User } from \"../../types.js\";\n\nexport type { User };\n\nexport interface Session {\n accessToken?: string;\n idToken?: string;\n refreshToken?: string;\n user?: User;\n expiresAt?: number; // Timestamp in milliseconds\n // any other session-related data\n}\n\nexport enum AuthEvent {\n INITIALIZED = \"initialized\",\n SIGN_IN_STARTED = \"sign_in_started\",\n SIGN_IN_COMPLETE = \"sign_in_complete\",\n SIGN_IN_ERROR = \"sign_in_error\",\n SIGN_OUT_STARTED = \"sign_out_started\",\n SIGN_OUT_COMPLETE = \"sign_out_complete\",\n SIGN_OUT_ERROR = \"sign_out_error\",\n TOKEN_REFRESH_STARTED = \"token_refresh_started\",\n TOKEN_REFRESH_COMPLETE = \"token_refresh_complete\",\n TOKEN_REFRESH_ERROR = \"token_refresh_error\",\n SESSION_EXPIRED = \"session_expired\",\n SESSION_RENEWED = \"session_renewed\",\n USER_INTERACTION_REQUIRED = \"user_interaction_required\",\n POPUP_REDIRECT_FALLBACK = \"popup_redirect_fallback\",\n USER_SESSION_CHANGED = \"user_session_changed\",\n}\n\nexport interface AuthResult {\n /** User information returned from authentication */\n user?: User;\n /** Signal text indicating the result */\n signalText?: string;\n}\n"]}
package/dist/vanillajs/utils/auth-utils.d.ts CHANGED
@@ -1,4 +1,6 @@
1
1
  import type { Endpoints } from "../../types.js";
2
+ import type { Session } from "../types/index.js";
3
+ import type { ForwardedTokens } from "../../types.js";
2
4
  interface BuildAuthUrlParams {
3
5
  endpoints: Endpoints;
4
6
  clientId: string;
@@ -10,5 +12,17 @@ interface BuildAuthUrlParams {
10
12
  nonce?: string;
11
13
  }
12
14
  export declare function buildAuthUrl({ endpoints, clientId, redirectUrl, scopes, codeChallenge, state, prompt, nonce, }: BuildAuthUrlParams): string;
15
+ export interface ExtractedTokens {
16
+ idToken: string | null;
17
+ accessToken: string | null;
18
+ refreshToken: string | null;
19
+ forwardedTokens?: ForwardedTokens;
20
+ }
21
+ /**
22
+ * Extracts all tokens including decoded forwarded tokens from a session
23
+ * This utility handles JWT decoding and token format conversion at the vanilla JS layer
24
+ * making it available to both vanilla JS and React consumers
25
+ */
26
+ export declare function extractTokensFromSession(session: Session | null): ExtractedTokens;
13
27
  export {};
14
28
  //# sourceMappingURL=auth-utils.d.ts.map
package/dist/vanillajs/utils/auth-utils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth-utils.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/utils/auth-utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAEhD,UAAU,kBAAkB;IAC1B,SAAS,EAAE,SAAS,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAgB,YAAY,CAAC,EAC3B,SAAS,EACT,QAAQ,EACR,WAAW,EACX,MAAM,EACN,aAAa,EACb,KAAK,EACL,MAAM,EACN,KAAK,GACN,EAAE,kBAAkB,GAAG,MAAM,CAmB7B"}
1
+ {"version":3,"file":"auth-utils.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/utils/auth-utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,EAAE,eAAe,EAAkB,MAAM,gBAAgB,CAAC;AAItE,UAAU,kBAAkB;IAC1B,SAAS,EAAE,SAAS,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAgB,YAAY,CAAC,EAC3B,SAAS,EACT,QAAQ,EACR,WAAW,EACX,MAAM,EACN,aAAa,EACb,KAAK,EACL,MAAM,EACN,KAAK,GACN,EAAE,kBAAkB,GAAG,MAAM,CAmB7B;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC;AAED;;;;GAIG;AACH,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,OAAO,GAAG,IAAI,GACtB,eAAe,CAkCjB"}
package/dist/vanillajs/utils/auth-utils.js CHANGED
@@ -1,3 +1,5 @@
1
+ import { decodeJwt } from "jose";
2
+ import { convertForwardedTokenFormat } from "../../lib/jwt.js";
1
3
  export function buildAuthUrl({ endpoints, clientId, redirectUrl, scopes, codeChallenge, state, prompt, nonce, }) {
2
4
  const authUrl = new URL(endpoints.auth);
3
5
  authUrl.searchParams.append("client_id", clientId);
@@ -15,4 +17,41 @@ export function buildAuthUrl({ endpoints, clientId, redirectUrl, scopes, codeCha
15
17
  }
16
18
  return authUrl.toString();
17
19
  }
20
+ /**
21
+ * Extracts all tokens including decoded forwarded tokens from a session
22
+ * This utility handles JWT decoding and token format conversion at the vanilla JS layer
23
+ * making it available to both vanilla JS and React consumers
24
+ */
25
+ export function extractTokensFromSession(session) {
26
+ if (!session) {
27
+ return {
28
+ idToken: null,
29
+ accessToken: null,
30
+ refreshToken: null,
31
+ forwardedTokens: undefined,
32
+ };
33
+ }
34
+ const { idToken, accessToken, refreshToken } = session;
35
+ // Extract forwardedTokens from ID token (only if idToken exists)
36
+ const forwardedTokens = idToken
37
+ ? (() => {
38
+ try {
39
+ const { forwardedTokens: jwtForwardedTokens } = decodeJwt(idToken);
40
+ if (!jwtForwardedTokens)
41
+ return undefined;
42
+ return convertForwardedTokenFormat(jwtForwardedTokens);
43
+ }
44
+ catch (err) {
45
+ console.warn("Failed to decode forwarded tokens from ID token:", err);
46
+ return undefined;
47
+ }
48
+ })()
49
+ : undefined;
50
+ return {
51
+ idToken: idToken || null,
52
+ accessToken: accessToken || null,
53
+ refreshToken: refreshToken || null,
54
+ forwardedTokens,
55
+ };
56
+ }
18
57
  //# sourceMappingURL=auth-utils.js.map
package/dist/vanillajs/utils/auth-utils.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth-utils.js","sourceRoot":"","sources":["../../../src/vanillajs/utils/auth-utils.ts"],"names":[],"mappings":"AAaA,MAAM,UAAU,YAAY,CAAC,EAC3B,SAAS,EACT,QAAQ,EACR,WAAW,EACX,MAAM,EACN,aAAa,EACb,KAAK,EACL,MAAM,EACN,KAAK,GACc;IACnB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACxC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IACnD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IACzD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5C,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;IAC7D,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAE7D,uDAAuD;IACvD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,IAAI,SAAS,CAAC,CAAC;IAE3D,IAAI,KAAK,EAAE,CAAC;QACV,uDAAuD;QACvD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC9C,CAAC;IAED,OAAO,OAAO,CAAC,QAAQ,EAAE,CAAC;AAC5B,CAAC","sourcesContent":["import type { Endpoints } from \"../../types.js\";\n\ninterface BuildAuthUrlParams {\n endpoints: Endpoints;\n clientId: string;\n redirectUrl: string;\n scopes: string[];\n codeChallenge: string;\n state: string;\n prompt?: string;\n nonce?: string;\n}\n\nexport function buildAuthUrl({\n endpoints,\n clientId,\n redirectUrl,\n scopes,\n codeChallenge,\n state,\n prompt,\n nonce,\n}: BuildAuthUrlParams): string {\n const authUrl = new URL(endpoints.auth);\n authUrl.searchParams.append(\"client_id\", clientId);\n authUrl.searchParams.append(\"redirect_uri\", redirectUrl);\n authUrl.searchParams.append(\"response_type\", \"code\");\n authUrl.searchParams.append(\"scope\", scopes.join(\" \"));\n authUrl.searchParams.append(\"state\", state);\n authUrl.searchParams.append(\"code_challenge\", codeChallenge);\n authUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n\n // Required by the auth server for offline_access scope\n authUrl.searchParams.append(\"prompt\", prompt || \"consent\");\n\n if (nonce) {\n // nonce isn't supported by oslo, so we add it manually\n authUrl.searchParams.append(\"nonce\", nonce);\n }\n\n return authUrl.toString();\n}\n"]}
1
+ {"version":3,"file":"auth-utils.js","sourceRoot":"","sources":["../../../src/vanillajs/utils/auth-utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AACjC,OAAO,EAAE,2BAA2B,EAAE,MAAM,kBAAkB,CAAC;AAa/D,MAAM,UAAU,YAAY,CAAC,EAC3B,SAAS,EACT,QAAQ,EACR,WAAW,EACX,MAAM,EACN,aAAa,EACb,KAAK,EACL,MAAM,EACN,KAAK,GACc;IACnB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACxC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IACnD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IACzD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5C,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;IAC7D,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAE7D,uDAAuD;IACvD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,IAAI,SAAS,CAAC,CAAC;IAE3D,IAAI,KAAK,EAAE,CAAC;QACV,uDAAuD;QACvD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC9C,CAAC;IAED,OAAO,OAAO,CAAC,QAAQ,EAAE,CAAC;AAC5B,CAAC;AASD;;;;GAIG;AACH,MAAM,UAAU,wBAAwB,CACtC,OAAuB;IAEvB,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;YACL,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,IAAI;YACjB,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,SAAS;SAC3B,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC;IAEvD,iEAAiE;IACjE,MAAM,eAAe,GAAG,OAAO;QAC7B,CAAC,CAAC,CAAC,GAAG,EAAE;YACJ,IAAI,CAAC;gBACH,MAAM,EAAE,eAAe,EAAE,kBAAkB,EAAE,GAAG,SAAS,CACvD,OAAO,CACU,CAAC;gBACpB,IAAI,CAAC,kBAAkB;oBAAE,OAAO,SAAS,CAAC;gBAC1C,OAAO,2BAA2B,CAAC,kBAAkB,CAAC,CAAC;YACzD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,GAAG,CAAC,CAAC;gBACtE,OAAO,SAAS,CAAC;YACnB,CAAC;QACH,CAAC,CAAC,EAAE;QACN,CAAC,CAAC,SAAS,CAAC;IAEd,OAAO;QACL,OAAO,EAAE,OAAO,IAAI,IAAI;QACxB,WAAW,EAAE,WAAW,IAAI,IAAI;QAChC,YAAY,EAAE,YAAY,IAAI,IAAI;QAClC,eAAe;KAChB,CAAC;AACJ,CAAC","sourcesContent":["import type { Endpoints } from \"../../types.js\";\nimport type { Session } from \"../types/index.js\";\nimport type { ForwardedTokens, IdTokenPayload } from \"../../types.js\";\nimport { decodeJwt } from \"jose\";\nimport { convertForwardedTokenFormat } from \"../../lib/jwt.js\";\n\ninterface BuildAuthUrlParams {\n endpoints: Endpoints;\n clientId: string;\n redirectUrl: string;\n scopes: string[];\n codeChallenge: string;\n state: string;\n prompt?: string;\n nonce?: string;\n}\n\nexport function buildAuthUrl({\n endpoints,\n clientId,\n redirectUrl,\n scopes,\n codeChallenge,\n state,\n prompt,\n nonce,\n}: BuildAuthUrlParams): string {\n const authUrl = new URL(endpoints.auth);\n authUrl.searchParams.append(\"client_id\", clientId);\n authUrl.searchParams.append(\"redirect_uri\", redirectUrl);\n authUrl.searchParams.append(\"response_type\", \"code\");\n authUrl.searchParams.append(\"scope\", scopes.join(\" \"));\n authUrl.searchParams.append(\"state\", state);\n authUrl.searchParams.append(\"code_challenge\", codeChallenge);\n authUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n\n // Required by the auth server for offline_access scope\n authUrl.searchParams.append(\"prompt\", prompt || \"consent\");\n\n if (nonce) {\n // nonce isn't supported by oslo, so we add it manually\n authUrl.searchParams.append(\"nonce\", nonce);\n }\n\n return authUrl.toString();\n}\n\nexport interface ExtractedTokens {\n idToken: string | null;\n accessToken: string | null;\n refreshToken: string | null;\n forwardedTokens?: ForwardedTokens;\n}\n\n/**\n * Extracts all tokens including decoded forwarded tokens from a session\n * This utility handles JWT decoding and token format conversion at the vanilla JS layer\n * making it available to both vanilla JS and React consumers\n */\nexport function extractTokensFromSession(\n session: Session | null,\n): ExtractedTokens {\n if (!session) {\n return {\n idToken: null,\n accessToken: null,\n refreshToken: null,\n forwardedTokens: undefined,\n };\n }\n\n const { idToken, accessToken, refreshToken } = session;\n\n // Extract forwardedTokens from ID token (only if idToken exists)\n const forwardedTokens = idToken\n ? (() => {\n try {\n const { forwardedTokens: jwtForwardedTokens } = decodeJwt(\n idToken,\n ) as IdTokenPayload;\n if (!jwtForwardedTokens) return undefined;\n return convertForwardedTokenFormat(jwtForwardedTokens);\n } catch (err) {\n console.warn(\"Failed to decode forwarded tokens from ID token:\", err);\n return undefined;\n }\n })()\n : undefined;\n\n return {\n idToken: idToken || null,\n accessToken: accessToken || null,\n refreshToken: refreshToken || null,\n forwardedTokens,\n };\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@civic/auth",
3
- "version": "0.7.0",
3
+ "version": "0.7.1-beta.2",
4
4
  "type": "module",
5
5
  "main": "./dist/index.js",
6
6
  "module": "./dist/index.js",
@@ -80,8 +80,8 @@
80
80
  "vite": "^5",
81
81
  "vite-plugin-dts": "^4.2.3",
82
82
  "vitest": "^2.1.8",
83
- "@repo/eslint-config": "0.0.0",
84
- "@repo/typescript-config": "0.0.0"
83
+ "@repo/typescript-config": "0.0.0",
84
+ "@repo/eslint-config": "0.0.0"
85
85
  },
86
86
  "peerDependencies": {
87
87
  "next": "^14.2.25 || >=15.2.3",
package/dist/reactjs/hooks/useClientTokenExchangeSession.d.ts DELETED
@@ -1,3 +0,0 @@
1
- declare const useClientTokenExchangeSession: () => import("../../reactjs/providers/ClientTokenExchangeSessionProvider.js").ClientTokenExchangeSessionProviderOutput;
2
- export { useClientTokenExchangeSession };
3
- //# sourceMappingURL=useClientTokenExchangeSession.d.ts.map
package/dist/reactjs/hooks/useClientTokenExchangeSession.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"useClientTokenExchangeSession.d.ts","sourceRoot":"","sources":["../../../src/reactjs/hooks/useClientTokenExchangeSession.ts"],"names":[],"mappings":"AAKA,QAAA,MAAM,6BAA6B,oHAMlC,CAAC;AAEF,OAAO,EAAE,6BAA6B,EAAE,CAAC"}
package/dist/reactjs/hooks/useClientTokenExchangeSession.js DELETED
@@ -1,13 +0,0 @@
1
- "use client";
2
- import { useContext } from "react";
3
- import { ClientTokenExchangeSessionContext } from "../../reactjs/providers/ClientTokenExchangeSessionProvider.js";
4
- // TokenProvider will use this internal context to access session
5
- const useClientTokenExchangeSession = () => {
6
- const context = useContext(ClientTokenExchangeSessionContext);
7
- if (!context) {
8
- throw new Error("useSession must be used within an SessionProvider");
9
- }
10
- return context;
11
- };
12
- export { useClientTokenExchangeSession };
13
- //# sourceMappingURL=useClientTokenExchangeSession.js.map
package/dist/reactjs/hooks/useClientTokenExchangeSession.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"useClientTokenExchangeSession.js","sourceRoot":"","sources":["../../../src/reactjs/hooks/useClientTokenExchangeSession.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AACb,OAAO,EAAE,UAAU,EAAE,MAAM,OAAO,CAAC;AACnC,OAAO,EAAE,iCAAiC,EAAE,MAAM,2DAA2D,CAAC;AAE9G,iEAAiE;AACjE,MAAM,6BAA6B,GAAG,GAAG,EAAE;IACzC,MAAM,OAAO,GAAG,UAAU,CAAC,iCAAiC,CAAC,CAAC;IAC9D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,6BAA6B,EAAE,CAAC","sourcesContent":["\"use client\";\nimport { useContext } from \"react\";\nimport { ClientTokenExchangeSessionContext } from \"@/reactjs/providers/ClientTokenExchangeSessionProvider.js\";\n\n// TokenProvider will use this internal context to access session\nconst useClientTokenExchangeSession = () => {\n const context = useContext(ClientTokenExchangeSessionContext);\n if (!context) {\n throw new Error(\"useSession must be used within an SessionProvider\");\n }\n return context;\n};\n\nexport { useClientTokenExchangeSession };\n"]}
package/dist/reactjs/providers/AuthProvider.d.ts DELETED
@@ -1,10 +0,0 @@
1
- import { type SessionData } from "../../types.js";
2
- import type { PKCEConsumer } from "../../services/types.js";
3
- import type { AuthProviderProps } from "../../shared/providers/types.js";
4
- export type InternalAuthProviderProps = AuthProviderProps & {
5
- sessionData?: SessionData;
6
- pkceConsumer?: PKCEConsumer;
7
- };
8
- declare const AuthProvider: ({ children, onSignIn, onSignOut, pkceConsumer, displayMode, }: InternalAuthProviderProps) => import("@emotion/react/jsx-runtime").JSX.Element;
9
- export { AuthProvider };
10
- //# sourceMappingURL=AuthProvider.d.ts.map
package/dist/reactjs/providers/AuthProvider.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"AuthProvider.d.ts","sourceRoot":"","sources":["../../../src/reactjs/providers/AuthProvider.tsx"],"names":[],"mappings":"AAGA,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAKxD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAerE,MAAM,MAAM,yBAAyB,GAAG,iBAAiB,GAAG;IAC1D,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B,CAAC;AAEF,QAAA,MAAM,YAAY,kEAMf,yBAAyB,qDA6E3B,CAAC;AAEF,OAAO,EAAE,YAAY,EAAE,CAAC"}