@civic/auth 0.7.0 → 0.7.1-beta.2

package/dist/reactjs/providers/AuthProvider.js

@@ -1,79 +0,0 @@
-"use client";
-import { jsx as _jsx, jsxs as _jsxs } from "@emotion/react/jsx-runtime";
-import React, { useEffect, useMemo, useState } from "react";
-import {} from "../../types.js";
-import { AuthContext } from "../../shared/providers/AuthContext.js";
-import { useSignIn } from "../../shared/hooks/useSignIn.js";
-import { useCivicAuthConfig } from "../../shared/hooks/useCivicAuthConfig.js";
-import { useSession } from "../../shared/hooks/useSession.js";
-import { IFrameAndLoading } from "../../shared/components/IFrameAndLoading.js";
-import { useIsInIframe } from "../../shared/hooks/useIsInIframe.js";
-import { useRefresh } from "../../shared/hooks/useRefresh.js";
-// Global this object setup
-let globalThisObject;
-if (typeof window !== "undefined") {
-    globalThisObject = window;
-}
-else if (typeof global !== "undefined") {
-    globalThisObject = global;
-}
-else {
-    globalThisObject = Function("return this")();
-}
-globalThisObject.globalThis = globalThisObject;
-const AuthProvider = ({ children, onSignIn, onSignOut, pkceConsumer, displayMode = "iframe", }) => {
-    const authConfig = useCivicAuthConfig();
-    const { signIn, signOut, authStatus } = useSignIn({
-        preSignOut: onSignOut,
-        pkceConsumer,
-        displayMode,
-    });
-    const [localSessionData, setLocalSessionData] = useState();
-    const { data: session, error: tokenExchangeError, isLoading: tokenExchangeInProgress, } = useSession();
-    useEffect(() => {
-        if (session) {
-            setLocalSessionData(session);
-            if (session.authenticated) {
-                onSignIn?.();
-            }
-        }
-    }, [onSignIn, session]);
-    const isAuthenticated = useMemo(() => {
-        return !!localSessionData?.idToken;
-    }, [localSessionData]);
-    // The startSignIn functionality has been moved to ClientTokenExchangeSessionProvider
-    // to prevent race conditions with validateExistingSession
-    const isInIframe = useIsInIframe();
-    // if the SDK loads in an iframe, we show the loading spinner until we know the auth state
-    // but don't keep showing it indefinitely if it's just the isInIframe status
-    const isLoading = tokenExchangeInProgress ||
-        !authConfig ||
-        (isInIframe && !localSessionData?.authenticated);
-    const { error: refreshError } = useRefresh(session);
-    useEffect(() => {
-        if (refreshError) {
-            console.error("Error refreshing token, signingOut...", refreshError);
-            signOut();
-        }
-    }, [refreshError, signOut]);
-    const value = useMemo(() => ({
-        isLoading,
-        error: tokenExchangeError,
-        signOut,
-        authStatus,
-        isAuthenticated,
-        signIn,
-        displayMode,
-    }), [
-        isLoading,
-        tokenExchangeError,
-        signOut,
-        authStatus,
-        isAuthenticated,
-        signIn,
-        displayMode,
-    ]);
-    return (_jsxs(AuthContext.Provider, { value: value, children: [_jsx(IFrameAndLoading, { error: tokenExchangeError, isLoading: isLoading }), children] }));
-};
-export { AuthProvider };
-//# sourceMappingURL=AuthProvider.js.map

package/dist/reactjs/providers/AuthProvider.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthProvider.js","sourceRoot":"","sources":["../../../src/reactjs/providers/AuthProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,KAAK,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAC5D,OAAO,EAAoB,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAEhE,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yCAAyC,CAAC;AAE3E,OAAO,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAChE,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAE1D,2BAA2B;AAC3B,IAAI,gBAAgB,CAAC;AACrB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IAClC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IACzC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,CAAC;IACN,gBAAgB,GAAG,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;AAC/C,CAAC;AACD,gBAAgB,CAAC,UAAU,GAAG,gBAAgB,CAAC;AAO/C,MAAM,YAAY,GAAG,CAAC,EACpB,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,YAAY,EACZ,WAAW,GAAG,QAAQ,GACI,EAAE,EAAE;IAC9B,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,SAAS,CAAC;QAChD,UAAU,EAAE,SAAS;QACrB,YAAY;QACZ,WAAW;KACZ,CAAC,CAAC;IAEH,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,GAC3C,QAAQ,EAAsB,CAAC;IAEjC,MAAM,EACJ,IAAI,EAAE,OAAO,EACb,KAAK,EAAE,kBAAkB,EACzB,SAAS,EAAE,uBAAuB,GACnC,GAAG,UAAU,EAAE,CAAC;IAEjB,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,CAAC;YACZ,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAC7B,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC1B,QAAQ,EAAE,EAAE,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IAExB,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,EAAE;QACnC,OAAO,CAAC,CAAC,gBAAgB,EAAE,OAAO,CAAC;IACrC,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAEvB,qFAAqF;IACrF,0DAA0D;IAE1D,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,0FAA0F;IAC1F,4EAA4E;IAC5E,MAAM,SAAS,GACb,uBAAuB;QACvB,CAAC,UAAU;QACX,CAAC,UAAU,IAAI,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;IAEnD,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IAEpD,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,CAAC,KAAK,CAAC,uCAAuC,EAAE,YAAY,CAAC,CAAC;YACrE,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC,EAAE,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;IAE5B,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC;QACL,SAAS;QACT,KAAK,EAAE,kBAAkC;QACzC,OAAO;QACP,UAAU;QACV,eAAe;QACf,MAAM;QACN,WAAW;KACZ,CAAC,EACF;QACE,SAAS;QACT,kBAAkB;QAClB,OAAO;QACP,UAAU;QACV,eAAe;QACf,MAAM;QACN,WAAW;KACZ,CACF,CAAC;IAEF,OAAO,CACL,MAAC,WAAW,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,aAChC,KAAC,gBAAgB,IAAC,KAAK,EAAE,kBAAkB,EAAE,SAAS,EAAE,SAAS,GAAI,EACpE,QAAQ,IACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,EAAE,YAAY,EAAE,CAAC","sourcesContent":["\"use client\";\n\nimport React, { useEffect, useMemo, useState } from \"react\";\nimport { type SessionData } from \"@/types.js\";\nimport { AuthContext } from \"@/shared/providers/AuthContext.js\";\nimport type { PKCEConsumer } from \"@/services/types.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\nimport type { AuthProviderProps } from \"@/shared/providers/types.js\";\nimport { useIsInIframe } from \"@/shared/hooks/useIsInIframe.js\";\nimport { useRefresh } from \"@/shared/hooks/useRefresh.js\";\n\n// Global this object setup\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n  globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n  globalThisObject = global;\n} else {\n  globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nexport type InternalAuthProviderProps = AuthProviderProps & {\n  sessionData?: SessionData;\n  pkceConsumer?: PKCEConsumer;\n};\n\nconst AuthProvider = ({\n  children,\n  onSignIn,\n  onSignOut,\n  pkceConsumer,\n  displayMode = \"iframe\",\n}: InternalAuthProviderProps) => {\n  const authConfig = useCivicAuthConfig();\n  const { signIn, signOut, authStatus } = useSignIn({\n    preSignOut: onSignOut,\n    pkceConsumer,\n    displayMode,\n  });\n\n  const [localSessionData, setLocalSessionData] =\n    useState<SessionData | null>();\n\n  const {\n    data: session,\n    error: tokenExchangeError,\n    isLoading: tokenExchangeInProgress,\n  } = useSession();\n\n  useEffect(() => {\n    if (session) {\n      setLocalSessionData(session);\n      if (session.authenticated) {\n        onSignIn?.();\n      }\n    }\n  }, [onSignIn, session]);\n\n  const isAuthenticated = useMemo(() => {\n    return !!localSessionData?.idToken;\n  }, [localSessionData]);\n\n  // The startSignIn functionality has been moved to ClientTokenExchangeSessionProvider\n  // to prevent race conditions with validateExistingSession\n\n  const isInIframe = useIsInIframe();\n  // if the SDK loads in an iframe, we show the loading spinner until we know the auth state\n  // but don't keep showing it indefinitely if it's just the isInIframe status\n  const isLoading =\n    tokenExchangeInProgress ||\n    !authConfig ||\n    (isInIframe && !localSessionData?.authenticated);\n\n  const { error: refreshError } = useRefresh(session);\n\n  useEffect(() => {\n    if (refreshError) {\n      console.error(\"Error refreshing token, signingOut...\", refreshError);\n      signOut();\n    }\n  }, [refreshError, signOut]);\n\n  const value = useMemo(\n    () => ({\n      isLoading,\n      error: tokenExchangeError as Error | null,\n      signOut,\n      authStatus,\n      isAuthenticated,\n      signIn,\n      displayMode,\n    }),\n    [\n      isLoading,\n      tokenExchangeError,\n      signOut,\n      authStatus,\n      isAuthenticated,\n      signIn,\n      displayMode,\n    ],\n  );\n\n  return (\n    <AuthContext.Provider value={value}>\n      <IFrameAndLoading error={tokenExchangeError} isLoading={isLoading} />\n      {children}\n    </AuthContext.Provider>\n  );\n};\n\nexport { AuthProvider };\n"]}

package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts

@@ -1,17 +0,0 @@
-import type { ReactNode } from "react";
-import React from "react";
-import { type SessionData } from "../../types.js";
-export type ClientTokenExchangeSessionProviderOutput = {
-    data: SessionData | null;
-    error: Error | null;
-    isLoading: boolean;
-    doTokenExchange: null | ((url: string) => Promise<void>);
-};
-declare const ClientTokenExchangeSessionContext: React.Context<ClientTokenExchangeSessionProviderOutput>;
-type ClientTokenExchangeSessionContextType = {
-    children: ReactNode;
-};
-declare const ClientTokenExchangeSessionProvider: ({ children, }: ClientTokenExchangeSessionContextType) => import("@emotion/react/jsx-runtime").JSX.Element;
-export type { ClientTokenExchangeSessionContextType as SessionContextType };
-export { ClientTokenExchangeSessionProvider, ClientTokenExchangeSessionContext, };
-//# sourceMappingURL=ClientTokenExchangeSessionProvider.d.ts.map

package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ClientTokenExchangeSessionProvider.d.ts","sourceRoot":"","sources":["../../../src/reactjs/providers/ClientTokenExchangeSessionProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAON,MAAM,OAAO,CAAC;AAIf,OAAO,EAAc,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAU1D,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IACzB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,IAAI,GAAG,CAAC,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;CAC1D,CAAC;AAcF,QAAA,MAAM,iCAAiC,yDACkC,CAAC;AAE1E,KAAK,qCAAqC,GAAG;IAC3C,QAAQ,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,QAAA,MAAM,kCAAkC,kBAErC,qCAAqC,qDAyMvC,CAAC;AAEF,YAAY,EAAE,qCAAqC,IAAI,kBAAkB,EAAE,CAAC;AAC5E,OAAO,EACL,kCAAkC,EAClC,iCAAiC,GAClC,CAAC"}

package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.js

@@ -1,190 +0,0 @@
-"use client";
-import { jsx as _jsx } from "@emotion/react/jsx-runtime";
-import React, { createContext, useCallback, useEffect, useMemo, useState, useRef, } from "react";
-import { BrowserAuthenticationService } from "../../services/AuthenticationService.js";
-import { isWindowInIframe } from "../../lib/windowUtil.js";
-import { AuthStatus } from "../../types.js";
-import { useCurrentUrl, useCivicAuthConfig, useSignIn, useIframe, } from "../../shared/hooks/index.js";
-import { LocalStorageAdapter } from "../../browser/storage.js";
-import { getIframeRef } from "../../shared/lib/iframeUtils.js";
-const defaultSession = {
-    data: {
-        authenticated: false,
-        idToken: undefined,
-        accessToken: undefined,
-        displayMode: "iframe",
-    },
-    error: null,
-    isLoading: false,
-    doTokenExchange: null,
-};
-// Context for exposing session specifically to the TokenProvider
-const ClientTokenExchangeSessionContext = createContext(defaultSession);
-const ClientTokenExchangeSessionProvider = ({ children, }) => {
-    const authConfig = useCivicAuthConfig();
-    const [authService, setAuthService] = useState();
-    const [error, setError] = useState(null);
-    const [isLoading, setIsLoading] = useState(false);
-    const [session, setSession] = useState(null);
-    const { iframeRef } = useIframe();
-    const currentUrl = useCurrentUrl();
-    // Use the signIn hook with iframe displayMode
-    const { startSignIn, authStatus } = useSignIn({
-        displayMode: authConfig?.displayMode || "iframe",
-    });
-    // this state is used to track if the logout was triggered
-    // so that we disable auto-start signIn which won't work until the auth-server
-    // cookies have been fully cleared
-    const [logoutTriggered, setLogoutTriggered] = useState(false);
-    // Add a ref to track processed codes
-    const processedCodes = useRef(new Set());
-    useEffect(() => {
-        if (!currentUrl || !authConfig)
-            return;
-        const { redirectUrl, clientId, oauthServer, scopes, logoutRedirectUrl, logoutUrl, } = authConfig;
-        BrowserAuthenticationService.build({
-            clientId,
-            redirectUrl,
-            logoutRedirectUrl,
-            logoutUrl,
-            oauthServer,
-            scopes,
-            displayMode: "iframe",
-        }).then(setAuthService);
-    }, [currentUrl, authConfig]);
-    const isInIframe = isWindowInIframe(globalThis.window);
-    const doTokenExchange = useCallback(async (inUrl) => {
-        if (!authService)
-            return;
-        const url = new URL(inUrl);
-        const code = url.searchParams.get("code");
-        const state = url.searchParams.get("state");
-        // Create a unique key for this code/state combination
-        const exchangeKey = `${code}:${state}`;
-        // If we've already processed this code, skip it
-        if (processedCodes.current.has(exchangeKey)) {
-            console.log("Token exchange already processed for this code");
-            return;
-        }
-        if (code && state) {
-            try {
-                // Mark this code as processed before starting the exchange
-                processedCodes.current.add(exchangeKey);
-                setIsLoading(true);
-                await authService.tokenExchange(code, state);
-                // Explicitly emit completion event after successful token exchange
-                LocalStorageAdapter.emitter.emit("civic-auth-signin-complete");
-            }
-            catch (error) {
-                setError(error);
-                setSession({ authenticated: false });
-                // Emit error event if exchange fails
-                LocalStorageAdapter.emitter.emit("civic-auth-signin-error", {
-                    error,
-                });
-            }
-            setIsLoading(false);
-        }
-    }, [authService]);
-    const onSignIn = useCallback(async () => {
-        if (!authService)
-            return;
-        const session = await authService.getSessionData();
-        setSession(session);
-    }, [authService]);
-    const onSignOut = useCallback(() => {
-        setLogoutTriggered(true);
-        setSession(null);
-    }, []);
-    useEffect(() => {
-        LocalStorageAdapter.emitter.on("signIn", onSignIn);
-        LocalStorageAdapter.emitter.on("signOut", onSignOut);
-        return () => {
-            LocalStorageAdapter.emitter.off("signIn", onSignIn);
-            LocalStorageAdapter.emitter.off("signOut", onSignOut);
-        };
-    }, [onSignIn, onSignOut]);
-    useEffect(() => {
-        if (!authConfig) {
-            setIsLoading(true);
-        }
-        else {
-            setIsLoading(false);
-        }
-    }, [authConfig]);
-    const [validationInProgress, setValidationInProgress] = useState(false);
-    // Handle page load or refocus
-    useEffect(() => {
-        if (!authConfig?.redirectUrl ||
-            !authService ||
-            !currentUrl ||
-            isInIframe ||
-            isLoading) {
-            return;
-        }
-        // We specifically don't want to abort token refresh operations
-        // The AbortController is mainly used to prevent token exchange after unmount
-        const abortController = new AbortController();
-        const onPageLoad = async () => {
-            if (validationInProgress ||
-                authStatus === AuthStatus.SIGNING_OUT ||
-                authStatus === AuthStatus.AUTHENTICATING)
-                return;
-            // if we have existing tokens, then validate them and return the session data
-            // otherwise check if we have a code in the url and exchange it for tokens
-            // if we have neither, initiate sign-in flow
-            setValidationInProgress(true);
-            try {
-                const existingSessionData = await authService.validateExistingSession();
-                if (existingSessionData.authenticated) {
-                    setSession(existingSessionData);
-                    return;
-                }
-                // If we have a code in the URL, attempt token exchange
-                if (new URL(currentUrl).searchParams.get("code")) {
-                    await doTokenExchange(currentUrl);
-                    return;
-                }
-                // No valid session and no code in URL - initiate sign-in
-                // But only if we're not in an iframe (to prevent infinite loops in embedded scenarios)
-                if (!isInIframe && authConfig) {
-                    const ref = getIframeRef(iframeRef?.current, true);
-                    // if logout was triggered, we don't want to auto-start sign-in
-                    // as the auth-server cookies will not be cleared yet
-                    if (ref && authConfig?.displayMode === "iframe" && !logoutTriggered) {
-                        startSignIn();
-                    }
-                }
-            }
-            catch (error) {
-                console.error("Error during session validation:", error);
-            }
-            finally {
-                setValidationInProgress(false);
-            }
-        };
-        onPageLoad();
-        return () => {
-            abortController.abort();
-        };
-        // eslint-disable-next-line react-hooks/exhaustive-deps
-    }, [
-        authConfig,
-        authService,
-        currentUrl,
-        doTokenExchange,
-        isInIframe,
-        isLoading,
-        startSignIn,
-        logoutTriggered,
-    ]);
-    const value = useMemo(() => ({
-        data: session,
-        error,
-        isLoading,
-        doTokenExchange: authService ? doTokenExchange : null,
-    }), [session, error, isLoading, authService, doTokenExchange]);
-    return (_jsx(ClientTokenExchangeSessionContext.Provider, { value: value, children: children }));
-};
-export { ClientTokenExchangeSessionProvider, ClientTokenExchangeSessionContext, };
-//# sourceMappingURL=ClientTokenExchangeSessionProvider.js.map

package/dist/reactjs/providers/ClientTokenExchangeSessionProvider.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ClientTokenExchangeSessionProvider.js","sourceRoot":"","sources":["../../../src/reactjs/providers/ClientTokenExchangeSessionProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,KAAK,EAAE,EACZ,aAAa,EACb,WAAW,EACX,SAAS,EACT,OAAO,EACP,QAAQ,EACR,MAAM,GACP,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,4BAA4B,EAAE,MAAM,qCAAqC,CAAC;AAEnF,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAoB,MAAM,YAAY,CAAC;AAC1D,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,SAAS,EACT,SAAS,GACV,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAQ3D,MAAM,cAAc,GAA6C;IAC/D,IAAI,EAAE;QACJ,aAAa,EAAE,KAAK;QACpB,OAAO,EAAE,SAAS;QAClB,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,QAAQ;KACtB;IACD,KAAK,EAAE,IAAI;IACX,SAAS,EAAE,KAAK;IAChB,eAAe,EAAE,IAAI;CACtB,CAAC;AAEF,iEAAiE;AACjE,MAAM,iCAAiC,GACrC,aAAa,CAA2C,cAAc,CAAC,CAAC;AAM1E,MAAM,kCAAkC,GAAG,CAAC,EAC1C,QAAQ,GAC8B,EAAE,EAAE;IAC1C,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;IACxC,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,EAA0B,CAAC;IACzE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAClD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAqB,IAAI,CAAC,CAAC;IACjE,MAAM,EAAE,SAAS,EAAE,GAAG,SAAS,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,8CAA8C;IAC9C,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,GAAG,SAAS,CAAC;QAC5C,WAAW,EAAE,UAAU,EAAE,WAAW,IAAI,QAAQ;KACjD,CAAC,CAAC;IACH,0DAA0D;IAC1D,8EAA8E;IAC9E,kCAAkC;IAClC,MAAM,CAAC,eAAe,EAAE,kBAAkB,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE9D,qCAAqC;IACrC,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,GAAG,EAAU,CAAC,CAAC;IAEjD,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU;YAAE,OAAO;QAEvC,MAAM,EACJ,WAAW,EACX,QAAQ,EACR,WAAW,EACX,MAAM,EACN,iBAAiB,EACjB,SAAS,GACV,GAAG,UAAU,CAAC;QACf,4BAA4B,CAAC,KAAK,CAAC;YACjC,QAAQ;YACR,WAAW;YACX,iBAAiB;YACjB,SAAS;YACT,WAAW;YACX,MAAM;YACN,WAAW,EAAE,QAAQ;SACtB,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1B,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;IAE7B,MAAM,UAAU,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAEvD,MAAM,eAAe,GAAG,WAAW,CACjC,KAAK,EAAE,KAAa,EAAE,EAAE;QACtB,IAAI,CAAC,WAAW;YAAE,OAAO;QACzB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE5C,sDAAsD;QACtD,MAAM,WAAW,GAAG,GAAG,IAAI,IAAI,KAAK,EAAE,CAAC;QAEvC,gDAAgD;QAChD,IAAI,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;YAC9D,OAAO;QACT,CAAC;QAED,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC;YAClB,IAAI,CAAC;gBACH,2DAA2D;gBAC3D,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACxC,YAAY,CAAC,IAAI,CAAC,CAAC;gBACnB,MAAM,WAAW,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;gBAC7C,mEAAmE;gBACnE,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YACjE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,QAAQ,CAAC,KAAc,CAAC,CAAC;gBACzB,UAAU,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC,CAAC;gBACrC,qCAAqC;gBACrC,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,yBAAyB,EAAE;oBAC1D,KAAK;iBACN,CAAC,CAAC;YACL,CAAC;YACD,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC,EACD,CAAC,WAAW,CAAC,CACd,CAAC;IAEF,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACtC,IAAI,CAAC,WAAW;YAAE,OAAO;QACzB,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,cAAc,EAAE,CAAC;QACnD,UAAU,CAAC,OAAO,CAAC,CAAC;IACtB,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAElB,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE;QACjC,kBAAkB,CAAC,IAAI,CAAC,CAAC;QACzB,UAAU,CAAC,IAAI,CAAC,CAAC;IACnB,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,SAAS,CAAC,GAAG,EAAE;QACb,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACnD,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACrD,OAAO,GAAG,EAAE;YACV,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YACpD,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACxD,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC;IAE1B,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,YAAY,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;IAEjB,MAAM,CAAC,oBAAoB,EAAE,uBAAuB,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACxE,8BAA8B;IAC9B,SAAS,CAAC,GAAG,EAAE;QACb,IACE,CAAC,UAAU,EAAE,WAAW;YACxB,CAAC,WAAW;YACZ,CAAC,UAAU;YACX,UAAU;YACV,SAAS,EACT,CAAC;YACD,OAAO;QACT,CAAC;QAED,+DAA+D;QAC/D,6EAA6E;QAC7E,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAE9C,MAAM,UAAU,GAAG,KAAK,IAAI,EAAE;YAC5B,IACE,oBAAoB;gBACpB,UAAU,KAAK,UAAU,CAAC,WAAW;gBACrC,UAAU,KAAK,UAAU,CAAC,cAAc;gBAExC,OAAO;YAET,6EAA6E;YAC7E,0EAA0E;YAC1E,4CAA4C;YAC5C,uBAAuB,CAAC,IAAI,CAAC,CAAC;YAE9B,IAAI,CAAC;gBACH,MAAM,mBAAmB,GAAG,MAAM,WAAW,CAAC,uBAAuB,EAAE,CAAC;gBAExE,IAAI,mBAAmB,CAAC,aAAa,EAAE,CAAC;oBACtC,UAAU,CAAC,mBAAmB,CAAC,CAAC;oBAChC,OAAO;gBACT,CAAC;gBACD,uDAAuD;gBACvD,IAAI,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;oBACjD,MAAM,eAAe,CAAC,UAAU,CAAC,CAAC;oBAClC,OAAO;gBACT,CAAC;gBACD,yDAAyD;gBACzD,uFAAuF;gBACvF,IAAI,CAAC,UAAU,IAAI,UAAU,EAAE,CAAC;oBAC9B,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;oBACnD,+DAA+D;oBAC/D,qDAAqD;oBACrD,IAAI,GAAG,IAAI,UAAU,EAAE,WAAW,KAAK,QAAQ,IAAI,CAAC,eAAe,EAAE,CAAC;wBACpE,WAAW,EAAE,CAAC;oBAChB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;YAC3D,CAAC;oBAAS,CAAC;gBACT,uBAAuB,CAAC,KAAK,CAAC,CAAC;YACjC,CAAC;QACH,CAAC,CAAC;QAEF,UAAU,EAAE,CAAC;QAEb,OAAO,GAAG,EAAE;YACV,eAAe,CAAC,KAAK,EAAE,CAAC;QAC1B,CAAC,CAAC;QACF,uDAAuD;IACzD,CAAC,EAAE;QACD,UAAU;QACV,WAAW;QACX,UAAU;QACV,eAAe;QACf,UAAU;QACV,SAAS;QACT,WAAW;QACX,eAAe;KAChB,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC;QACL,IAAI,EAAE,OAAO;QACb,KAAK;QACL,SAAS;QACT,eAAe,EAAE,WAAW,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI;KACtD,CAAC,EACF,CAAC,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAC1D,CAAC;IAEF,OAAO,CACL,KAAC,iCAAiC,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YACrD,QAAQ,GACkC,CAC9C,CAAC;AACJ,CAAC,CAAC;AAGF,OAAO,EACL,kCAAkC,EAClC,iCAAiC,GAClC,CAAC","sourcesContent":["\"use client\";\nimport type { ReactNode } from \"react\";\nimport React, {\n  createContext,\n  useCallback,\n  useEffect,\n  useMemo,\n  useState,\n  useRef,\n} from \"react\";\nimport { BrowserAuthenticationService } from \"@/services/AuthenticationService.js\";\nimport type { AuthenticationResolver } from \"@/services/types.js\";\nimport { isWindowInIframe } from \"@/lib/windowUtil.js\";\nimport { AuthStatus, type SessionData } from \"@/types.js\";\nimport {\n  useCurrentUrl,\n  useCivicAuthConfig,\n  useSignIn,\n  useIframe,\n} from \"@/shared/hooks/index.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { getIframeRef } from \"@/shared/lib/iframeUtils.js\";\n\nexport type ClientTokenExchangeSessionProviderOutput = {\n  data: SessionData | null;\n  error: Error | null;\n  isLoading: boolean;\n  doTokenExchange: null | ((url: string) => Promise<void>);\n};\nconst defaultSession: ClientTokenExchangeSessionProviderOutput = {\n  data: {\n    authenticated: false,\n    idToken: undefined,\n    accessToken: undefined,\n    displayMode: \"iframe\",\n  },\n  error: null,\n  isLoading: false,\n  doTokenExchange: null,\n};\n\n// Context for exposing session specifically to the TokenProvider\nconst ClientTokenExchangeSessionContext =\n  createContext<ClientTokenExchangeSessionProviderOutput>(defaultSession);\n\ntype ClientTokenExchangeSessionContextType = {\n  children: ReactNode;\n};\n\nconst ClientTokenExchangeSessionProvider = ({\n  children,\n}: ClientTokenExchangeSessionContextType) => {\n  const authConfig = useCivicAuthConfig();\n  const [authService, setAuthService] = useState<AuthenticationResolver>();\n  const [error, setError] = useState<Error | null>(null);\n  const [isLoading, setIsLoading] = useState(false);\n  const [session, setSession] = useState<SessionData | null>(null);\n  const { iframeRef } = useIframe();\n  const currentUrl = useCurrentUrl();\n  // Use the signIn hook with iframe displayMode\n  const { startSignIn, authStatus } = useSignIn({\n    displayMode: authConfig?.displayMode || \"iframe\",\n  });\n  // this state is used to track if the logout was triggered\n  // so that we disable auto-start signIn which won't work until the auth-server\n  // cookies have been fully cleared\n  const [logoutTriggered, setLogoutTriggered] = useState(false);\n\n  // Add a ref to track processed codes\n  const processedCodes = useRef(new Set<string>());\n\n  useEffect(() => {\n    if (!currentUrl || !authConfig) return;\n\n    const {\n      redirectUrl,\n      clientId,\n      oauthServer,\n      scopes,\n      logoutRedirectUrl,\n      logoutUrl,\n    } = authConfig;\n    BrowserAuthenticationService.build({\n      clientId,\n      redirectUrl,\n      logoutRedirectUrl,\n      logoutUrl,\n      oauthServer,\n      scopes,\n      displayMode: \"iframe\",\n    }).then(setAuthService);\n  }, [currentUrl, authConfig]);\n\n  const isInIframe = isWindowInIframe(globalThis.window);\n\n  const doTokenExchange = useCallback(\n    async (inUrl: string) => {\n      if (!authService) return;\n      const url = new URL(inUrl);\n      const code = url.searchParams.get(\"code\");\n      const state = url.searchParams.get(\"state\");\n\n      // Create a unique key for this code/state combination\n      const exchangeKey = `${code}:${state}`;\n\n      // If we've already processed this code, skip it\n      if (processedCodes.current.has(exchangeKey)) {\n        console.log(\"Token exchange already processed for this code\");\n        return;\n      }\n\n      if (code && state) {\n        try {\n          // Mark this code as processed before starting the exchange\n          processedCodes.current.add(exchangeKey);\n          setIsLoading(true);\n          await authService.tokenExchange(code, state);\n          // Explicitly emit completion event after successful token exchange\n          LocalStorageAdapter.emitter.emit(\"civic-auth-signin-complete\");\n        } catch (error) {\n          setError(error as Error);\n          setSession({ authenticated: false });\n          // Emit error event if exchange fails\n          LocalStorageAdapter.emitter.emit(\"civic-auth-signin-error\", {\n            error,\n          });\n        }\n        setIsLoading(false);\n      }\n    },\n    [authService],\n  );\n\n  const onSignIn = useCallback(async () => {\n    if (!authService) return;\n    const session = await authService.getSessionData();\n    setSession(session);\n  }, [authService]);\n\n  const onSignOut = useCallback(() => {\n    setLogoutTriggered(true);\n    setSession(null);\n  }, []);\n\n  useEffect(() => {\n    LocalStorageAdapter.emitter.on(\"signIn\", onSignIn);\n    LocalStorageAdapter.emitter.on(\"signOut\", onSignOut);\n    return () => {\n      LocalStorageAdapter.emitter.off(\"signIn\", onSignIn);\n      LocalStorageAdapter.emitter.off(\"signOut\", onSignOut);\n    };\n  }, [onSignIn, onSignOut]);\n\n  useEffect(() => {\n    if (!authConfig) {\n      setIsLoading(true);\n    } else {\n      setIsLoading(false);\n    }\n  }, [authConfig]);\n\n  const [validationInProgress, setValidationInProgress] = useState(false);\n  // Handle page load or refocus\n  useEffect(() => {\n    if (\n      !authConfig?.redirectUrl ||\n      !authService ||\n      !currentUrl ||\n      isInIframe ||\n      isLoading\n    ) {\n      return;\n    }\n\n    // We specifically don't want to abort token refresh operations\n    // The AbortController is mainly used to prevent token exchange after unmount\n    const abortController = new AbortController();\n\n    const onPageLoad = async () => {\n      if (\n        validationInProgress ||\n        authStatus === AuthStatus.SIGNING_OUT ||\n        authStatus === AuthStatus.AUTHENTICATING\n      )\n        return;\n\n      // if we have existing tokens, then validate them and return the session data\n      // otherwise check if we have a code in the url and exchange it for tokens\n      // if we have neither, initiate sign-in flow\n      setValidationInProgress(true);\n\n      try {\n        const existingSessionData = await authService.validateExistingSession();\n\n        if (existingSessionData.authenticated) {\n          setSession(existingSessionData);\n          return;\n        }\n        // If we have a code in the URL, attempt token exchange\n        if (new URL(currentUrl).searchParams.get(\"code\")) {\n          await doTokenExchange(currentUrl);\n          return;\n        }\n        // No valid session and no code in URL - initiate sign-in\n        // But only if we're not in an iframe (to prevent infinite loops in embedded scenarios)\n        if (!isInIframe && authConfig) {\n          const ref = getIframeRef(iframeRef?.current, true);\n          // if logout was triggered, we don't want to auto-start sign-in\n          // as the auth-server cookies will not be cleared yet\n          if (ref && authConfig?.displayMode === \"iframe\" && !logoutTriggered) {\n            startSignIn();\n          }\n        }\n      } catch (error) {\n        console.error(\"Error during session validation:\", error);\n      } finally {\n        setValidationInProgress(false);\n      }\n    };\n\n    onPageLoad();\n\n    return () => {\n      abortController.abort();\n    };\n    // eslint-disable-next-line react-hooks/exhaustive-deps\n  }, [\n    authConfig,\n    authService,\n    currentUrl,\n    doTokenExchange,\n    isInIframe,\n    isLoading,\n    startSignIn,\n    logoutTriggered,\n  ]);\n\n  const value = useMemo(\n    () => ({\n      data: session,\n      error,\n      isLoading,\n      doTokenExchange: authService ? doTokenExchange : null,\n    }),\n    [session, error, isLoading, authService, doTokenExchange],\n  );\n\n  return (\n    <ClientTokenExchangeSessionContext.Provider value={value}>\n      {children}\n    </ClientTokenExchangeSessionContext.Provider>\n  );\n};\n\nexport type { ClientTokenExchangeSessionContextType as SessionContextType };\nexport {\n  ClientTokenExchangeSessionProvider,\n  ClientTokenExchangeSessionContext,\n};\n"]}