@civic/auth 0.8.2 → 0.9.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (154) hide show
  1. package/CHANGELOG.md +5 -0
  2. package/README.md +9 -3
  3. package/dist/constants.d.ts +2 -1
  4. package/dist/constants.d.ts.map +1 -1
  5. package/dist/constants.js +3 -1
  6. package/dist/constants.js.map +1 -1
  7. package/dist/lib/oauth.d.ts +4 -2
  8. package/dist/lib/oauth.d.ts.map +1 -1
  9. package/dist/lib/oauth.js +4 -2
  10. package/dist/lib/oauth.js.map +1 -1
  11. package/dist/nextjs/NextClientAuthenticationRefresher.d.ts +1 -1
  12. package/dist/nextjs/NextClientAuthenticationRefresher.d.ts.map +1 -1
  13. package/dist/nextjs/NextClientAuthenticationRefresher.js.map +1 -1
  14. package/dist/nextjs/NextServerAuthenticationRefresherImpl.d.ts +1 -1
  15. package/dist/nextjs/NextServerAuthenticationRefresherImpl.d.ts.map +1 -1
  16. package/dist/nextjs/NextServerAuthenticationRefresherImpl.js +3 -0
  17. package/dist/nextjs/NextServerAuthenticationRefresherImpl.js.map +1 -1
  18. package/dist/nextjs/config.d.ts +3 -0
  19. package/dist/nextjs/config.d.ts.map +1 -1
  20. package/dist/nextjs/config.js +3 -0
  21. package/dist/nextjs/config.js.map +1 -1
  22. package/dist/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
  23. package/dist/nextjs/providers/NextAuthProvider.js +1 -1
  24. package/dist/nextjs/providers/NextAuthProvider.js.map +1 -1
  25. package/dist/nextjs/routeHandler.d.ts.map +1 -1
  26. package/dist/nextjs/routeHandler.js +2 -1
  27. package/dist/nextjs/routeHandler.js.map +1 -1
  28. package/dist/reactjs/core/GlobalAuthManager.d.ts +16 -0
  29. package/dist/reactjs/core/GlobalAuthManager.d.ts.map +1 -1
  30. package/dist/reactjs/core/GlobalAuthManager.js +28 -1
  31. package/dist/reactjs/core/GlobalAuthManager.js.map +1 -1
  32. package/dist/reactjs/hooks/useUser.d.ts +3 -0
  33. package/dist/reactjs/hooks/useUser.d.ts.map +1 -1
  34. package/dist/reactjs/hooks/useUser.js +32 -0
  35. package/dist/reactjs/hooks/useUser.js.map +1 -1
  36. package/dist/reactjs/providers/CivicAuthContext.d.ts +4 -0
  37. package/dist/reactjs/providers/CivicAuthContext.d.ts.map +1 -1
  38. package/dist/reactjs/providers/CivicAuthContext.js +22 -13
  39. package/dist/reactjs/providers/CivicAuthContext.js.map +1 -1
  40. package/dist/reactjs/providers/CivicAuthProvider.d.ts +2 -0
  41. package/dist/reactjs/providers/CivicAuthProvider.d.ts.map +1 -1
  42. package/dist/reactjs/providers/CivicAuthProvider.js +5 -1
  43. package/dist/reactjs/providers/CivicAuthProvider.js.map +1 -1
  44. package/dist/server/config.d.ts +47 -0
  45. package/dist/server/config.d.ts.map +1 -1
  46. package/dist/server/config.js.map +1 -1
  47. package/dist/server/index.d.ts +8 -2
  48. package/dist/server/index.d.ts.map +1 -1
  49. package/dist/server/index.js +5 -1
  50. package/dist/server/index.js.map +1 -1
  51. package/dist/server/login.d.ts +9 -0
  52. package/dist/server/login.d.ts.map +1 -1
  53. package/dist/server/login.js +4 -2
  54. package/dist/server/login.js.map +1 -1
  55. package/dist/server/refresh.d.ts +1 -1
  56. package/dist/server/refresh.d.ts.map +1 -1
  57. package/dist/server/refresh.js.map +1 -1
  58. package/dist/server/session.d.ts +60 -2
  59. package/dist/server/session.d.ts.map +1 -1
  60. package/dist/server/session.js +216 -5
  61. package/dist/server/session.js.map +1 -1
  62. package/dist/server/types/express.d.ts +97 -0
  63. package/dist/server/types/express.d.ts.map +1 -0
  64. package/dist/server/types/express.js +2 -0
  65. package/dist/server/types/express.js.map +1 -0
  66. package/dist/services/AuthenticationService.d.ts +12 -0
  67. package/dist/services/AuthenticationService.d.ts.map +1 -1
  68. package/dist/services/AuthenticationService.js +62 -6
  69. package/dist/services/AuthenticationService.js.map +1 -1
  70. package/dist/services/types.d.ts +1 -1
  71. package/dist/services/types.d.ts.map +1 -1
  72. package/dist/services/types.js.map +1 -1
  73. package/dist/shared/components/CivicAuthIframe.d.ts +1 -0
  74. package/dist/shared/components/CivicAuthIframe.d.ts.map +1 -1
  75. package/dist/shared/components/CivicAuthIframe.js +4 -4
  76. package/dist/shared/components/CivicAuthIframe.js.map +1 -1
  77. package/dist/shared/components/CivicAuthIframeContainer.d.ts +2 -1
  78. package/dist/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
  79. package/dist/shared/components/CivicAuthIframeContainer.js +10 -3
  80. package/dist/shared/components/CivicAuthIframeContainer.js.map +1 -1
  81. package/dist/shared/components/IFrameAndLoading.d.ts.map +1 -1
  82. package/dist/shared/components/IFrameAndLoading.js +1 -1
  83. package/dist/shared/components/IFrameAndLoading.js.map +1 -1
  84. package/dist/shared/hooks/useSignIn.d.ts.map +1 -1
  85. package/dist/shared/hooks/useSignIn.js +5 -3
  86. package/dist/shared/hooks/useSignIn.js.map +1 -1
  87. package/dist/shared/lib/AuthenticationRefresherImpl.d.ts +2 -2
  88. package/dist/shared/lib/AuthenticationRefresherImpl.d.ts.map +1 -1
  89. package/dist/shared/lib/AuthenticationRefresherImpl.js +3 -0
  90. package/dist/shared/lib/AuthenticationRefresherImpl.js.map +1 -1
  91. package/dist/shared/lib/GenericAuthenticationRefresher.d.ts +2 -2
  92. package/dist/shared/lib/GenericAuthenticationRefresher.d.ts.map +1 -1
  93. package/dist/shared/lib/GenericAuthenticationRefresher.js.map +1 -1
  94. package/dist/shared/lib/iframeUtils.d.ts +2 -0
  95. package/dist/shared/lib/iframeUtils.d.ts.map +1 -1
  96. package/dist/shared/lib/iframeUtils.js +12 -0
  97. package/dist/shared/lib/iframeUtils.js.map +1 -1
  98. package/dist/shared/lib/types.d.ts +1 -0
  99. package/dist/shared/lib/types.d.ts.map +1 -1
  100. package/dist/shared/lib/types.js.map +1 -1
  101. package/dist/shared/lib/util.d.ts +7 -0
  102. package/dist/shared/lib/util.d.ts.map +1 -1
  103. package/dist/shared/lib/util.js +12 -0
  104. package/dist/shared/lib/util.js.map +1 -1
  105. package/dist/shared/providers/CivicAuthConfigContext.d.ts +2 -1
  106. package/dist/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
  107. package/dist/shared/providers/CivicAuthConfigContext.js +3 -1
  108. package/dist/shared/providers/CivicAuthConfigContext.js.map +1 -1
  109. package/dist/shared/version.d.ts +1 -1
  110. package/dist/shared/version.d.ts.map +1 -1
  111. package/dist/shared/version.js +1 -1
  112. package/dist/shared/version.js.map +1 -1
  113. package/dist/vanillajs/auth/BackendAuthenticationRefresher.d.ts +41 -0
  114. package/dist/vanillajs/auth/BackendAuthenticationRefresher.d.ts.map +1 -0
  115. package/dist/vanillajs/auth/BackendAuthenticationRefresher.js +125 -0
  116. package/dist/vanillajs/auth/BackendAuthenticationRefresher.js.map +1 -0
  117. package/dist/vanillajs/auth/CivicAuth.d.ts +67 -0
  118. package/dist/vanillajs/auth/CivicAuth.d.ts.map +1 -1
  119. package/dist/vanillajs/auth/CivicAuth.js +310 -10
  120. package/dist/vanillajs/auth/CivicAuth.js.map +1 -1
  121. package/dist/vanillajs/auth/SessionManager.d.ts +31 -3
  122. package/dist/vanillajs/auth/SessionManager.d.ts.map +1 -1
  123. package/dist/vanillajs/auth/SessionManager.js +253 -22
  124. package/dist/vanillajs/auth/SessionManager.js.map +1 -1
  125. package/dist/vanillajs/auth/TokenRefresher.d.ts.map +1 -1
  126. package/dist/vanillajs/auth/TokenRefresher.js +31 -18
  127. package/dist/vanillajs/auth/TokenRefresher.js.map +1 -1
  128. package/dist/vanillajs/auth/config/ConfigProcessor.d.ts.map +1 -1
  129. package/dist/vanillajs/auth/config/ConfigProcessor.js +15 -8
  130. package/dist/vanillajs/auth/config/ConfigProcessor.js.map +1 -1
  131. package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts +44 -0
  132. package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts.map +1 -1
  133. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js +163 -1
  134. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js.map +1 -1
  135. package/dist/vanillajs/auth/handlers/MessageHandler.d.ts +23 -0
  136. package/dist/vanillajs/auth/handlers/MessageHandler.d.ts.map +1 -1
  137. package/dist/vanillajs/auth/handlers/MessageHandler.js +59 -2
  138. package/dist/vanillajs/auth/handlers/MessageHandler.js.map +1 -1
  139. package/dist/vanillajs/auth/types/AuthTypes.d.ts +20 -0
  140. package/dist/vanillajs/auth/types/AuthTypes.d.ts.map +1 -1
  141. package/dist/vanillajs/auth/types/AuthTypes.js +1 -0
  142. package/dist/vanillajs/auth/types/AuthTypes.js.map +1 -1
  143. package/dist/vanillajs/iframe/IframeManager.d.ts +36 -0
  144. package/dist/vanillajs/iframe/IframeManager.d.ts.map +1 -1
  145. package/dist/vanillajs/iframe/IframeManager.js +216 -24
  146. package/dist/vanillajs/iframe/IframeManager.js.map +1 -1
  147. package/dist/vanillajs/index.d.ts +2 -0
  148. package/dist/vanillajs/index.d.ts.map +1 -1
  149. package/dist/vanillajs/index.js +4 -0
  150. package/dist/vanillajs/index.js.map +1 -1
  151. package/dist/vanillajs/ui/LoadingComponents.d.ts.map +1 -1
  152. package/dist/vanillajs/ui/LoadingComponents.js +1 -1
  153. package/dist/vanillajs/ui/LoadingComponents.js.map +1 -1
  154. package/package.json +7 -2
package/dist/reactjs/providers/CivicAuthContext.js CHANGED
@@ -5,7 +5,7 @@ import { CivicAuth, AuthEvent, } from "../../vanillajs/index.js";
5
5
  import { AuthenticationEvents } from "../../vanillajs/auth/AuthenticationEvents.js";
6
6
  import { extractTokensFromSession } from "../../vanillajs/utils/auth-utils.js";
7
7
  const CivicAuthContext = createContext(null);
8
- export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oauthServerBaseUrl = "https://auth.civic.com/oauth/", scopes = ["openid", "profile", "email", "offline_access"], displayMode = "iframe", iframeDisplayMode = "modal", onSignIn, onSignOut, nonce, authProcessTimeout = 120000, }) => {
8
+ export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oauthServerBaseUrl = "https://auth.civic.com/oauth/", scopes = ["openid", "profile", "email", "offline_access"], displayMode = "iframe", iframeDisplayMode = "modal", onSignIn, onSignOut, nonce, authProcessTimeout = 120000, preloadIframe, }) => {
9
9
  const [auth, setAuth] = useState(null);
10
10
  const [user, setUser] = useState(null);
11
11
  const [session, setSession] = useState(null);
@@ -107,6 +107,7 @@ export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oaut
107
107
  iframeDisplayMode,
108
108
  nonce,
109
109
  authProcessTimeout,
110
+ preloadIframe,
110
111
  events,
111
112
  });
112
113
  if (isMounted) {
@@ -122,18 +123,7 @@ export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oaut
122
123
  }
123
124
  else {
124
125
  setAuthStatus("unauthenticated");
125
- // Pre-load iframe for iframe display mode to match old behavior
126
- // This prepares the iframe in the background so it's ready to be shown
127
- if (displayMode === "iframe") {
128
- try {
129
- // Pre-load by setting iframe display mode - this doesn't show it but prepares it
130
- authInstance.setIframeDisplayMode(iframeDisplayMode);
131
- }
132
- catch (err) {
133
- // Don't fail initialization if iframe pre-loading fails
134
- console.warn("Iframe pre-loading failed:", err);
135
- }
136
- }
126
+ // Note: Preloading is now handled automatically by CivicAuth based on config.preloadIframe
137
127
  }
138
128
  // Mark initialization as complete
139
129
  setIsLoading(false);
@@ -185,6 +175,7 @@ export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oaut
185
175
  iframeDisplayMode,
186
176
  nonce,
187
177
  authProcessTimeout,
178
+ preloadIframe,
188
179
  ]);
189
180
  // This is on load to get the user and session
190
181
  useEffect(() => {
@@ -250,6 +241,18 @@ export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oaut
250
241
  throw signOutError;
251
242
  }
252
243
  }, [auth, isLoading]);
244
+ const isAuthenticationPreloaded = useCallback(() => {
245
+ return auth?.isAuthenticationPreloaded() ?? false;
246
+ }, [auth]);
247
+ const setPreloadEnabled = useCallback((enabled) => {
248
+ if (!auth) {
249
+ throw new Error("Auth not initialized");
250
+ }
251
+ auth.setPreloadEnabled(enabled);
252
+ }, [auth]);
253
+ const getPreloadEnabled = useCallback(() => {
254
+ return auth?.getPreloadEnabled() ?? true;
255
+ }, [auth]);
253
256
  // Extract tokens from session
254
257
  const idToken = session?.idToken;
255
258
  const accessToken = session?.accessToken;
@@ -274,6 +277,9 @@ export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oaut
274
277
  forwardedTokens,
275
278
  signIn,
276
279
  signOut,
280
+ isAuthenticationPreloaded,
281
+ setPreloadEnabled,
282
+ getPreloadEnabled,
277
283
  displayMode,
278
284
  }), [
279
285
  auth,
@@ -288,6 +294,9 @@ export const CivicAuthContextProvider = ({ children, clientId, redirectUrl, oaut
288
294
  forwardedTokens,
289
295
  signIn,
290
296
  signOut,
297
+ isAuthenticationPreloaded,
298
+ setPreloadEnabled,
299
+ getPreloadEnabled,
291
300
  displayMode,
292
301
  ]);
293
302
  return (_jsx(CivicAuthContext.Provider, { value: contextValue, children: children }));
package/dist/reactjs/providers/CivicAuthContext.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthContext.js","sourceRoot":"","sources":["../../../src/reactjs/providers/CivicAuthContext.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AACb,OAAO,KAAK,EAAE,EACZ,aAAa,EACb,UAAU,EACV,SAAS,EACT,QAAQ,EACR,WAAW,EACX,OAAO,EACP,MAAM,GACP,MAAM,OAAO,CAAC;AAEf,OAAO,EACL,SAAS,EACT,SAAS,GAGV,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,oBAAoB,EAAE,MAAM,8CAA8C,CAAC;AAEpF,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAyC/E,MAAM,gBAAgB,GAAG,aAAa,CAA8B,IAAI,CAAC,CAAC;AAgB1E,MAAM,CAAC,MAAM,wBAAwB,GAEjC,CAAC,EACH,QAAQ,EACR,QAAQ,EACR,WAAW,EACX,kBAAkB,GAAG,+BAA+B,EACpD,MAAM,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB,CAAC,EACzD,WAAW,GAAG,QAAQ,EACtB,iBAAiB,GAAG,OAAO,EAC3B,QAAQ,EACR,SAAS,EACT,KAAK,EACL,kBAAkB,GAAG,MAAM,GAC5B,EAAE,EAAE;IACH,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAmB,IAAI,CAAC,CAAC;IACzD,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAc,IAAI,CAAC,CAAC;IACpD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAiB,IAAI,CAAC,CAAC;IAC7D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAC/B,QAAQ,CAAiB,iBAAiB,CAAC,CAAC;IAC9C,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAEvD,uEAAuE;IACvE,MAAM,iBAAiB,GAAG,MAAM,CAG7B;QACD,cAAc,EAAE,KAAK;QACrB,aAAa,EAAE,KAAK;KACrB,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,SAAS,GAAG,IAAI,CAAC;QAErB,oDAAoD;QACpD,IACE,iBAAiB,CAAC,OAAO,CAAC,cAAc;YACxC,iBAAiB,CAAC,OAAO,CAAC,aAAa,EACvC,CAAC;YACD,6FAA6F;YAE7F,OAAO;QACT,CAAC;QAED,qDAAqD;QACrD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,OAAO,CAAC;QAEtD,iBAAiB,CAAC,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;QAEhD,MAAM,qBAAqB,GAAG,KAAK,IAAI,EAAE;YACvC,IAAI,CAAC,IAAI;gBAAE,OAAO;YAElB,IAAI,CAAC;gBACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACtD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;gBAEhD,IAAI,SAAS,EAAE,CAAC;oBACd,UAAU,CAAC,cAAc,CAAC,CAAC;oBAC3B,OAAO,CAAC,WAAW,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,YAAY,GAChB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAClE,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE;YAChC,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,oBAAoB,EAAE,CAAC;gBAE1C,yBAAyB;gBACzB,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,eAAe,EAAE,GAAG,EAAE;oBACxC,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,IAAI,CAAC,CAAC;wBACnB,aAAa,CAAC,gBAAgB,CAAC,CAAC;wBAChC,QAAQ,CAAC,IAAI,CAAC,CAAC;oBACjB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,gBAAgB,EAAE,GAAG,EAAE;oBACzC,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,KAAK,CAAC,CAAC;wBACpB,aAAa,CAAC,eAAe,CAAC,CAAC;wBAC/B,QAAQ,CAAC,IAAI,CAAC,CAAC;wBACf,QAAQ,EAAE,EAAE,CAAC;oBACf,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,KAAwB,EAAE,EAAE;oBAC9D,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,KAAK,CAAC,CAAC;wBACpB,aAAa,CAAC,OAAO,CAAC,CAAC;wBACvB,MAAM,WAAW,GAAG,KAAK,EAAE,MAAM,IAAI,uBAAuB,CAAC;wBAC7D,MAAM,SAAS,GAAG,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC;wBACzC,QAAQ,CAAC,SAAS,CAAC,CAAC;wBACpB,QAAQ,EAAE,CAAC,SAAS,CAAC,CAAC;oBACxB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,gBAAgB,EAAE,GAAG,EAAE;oBACzC,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,IAAI,CAAC,CAAC;wBACnB,aAAa,CAAC,aAAa,CAAC,CAAC;wBAC7B,QAAQ,CAAC,IAAI,CAAC,CAAC;oBACjB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,iBAAiB,EAAE,GAAG,EAAE;oBAC1C,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,KAAK,CAAC,CAAC;wBACpB,aAAa,CAAC,iBAAiB,CAAC,CAAC;wBACjC,OAAO,CAAC,IAAI,CAAC,CAAC;wBACd,UAAU,CAAC,IAAI,CAAC,CAAC;wBACjB,QAAQ,CAAC,IAAI,CAAC,CAAC;wBACf,SAAS,EAAE,EAAE,CAAC;oBAChB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,oBAAoB,EAAE,GAAG,EAAE;oBAC7C,IAAI,SAAS,EAAE,CAAC;wBACd,qBAAqB,EAAE,CAAC;oBAC1B,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC;oBAC1C,QAAQ;oBACR,WAAW,EACT,WAAW;wBACX,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE;oBACxD,kBAAkB;oBAClB,MAAM;oBACN,WAAW;oBACX,iBAAiB;oBACjB,KAAK;oBACL,kBAAkB;oBAClB,MAAM;iBACP,CAAC,CAAC;gBAEH,IAAI,SAAS,EAAE,CAAC;oBACd,OAAO,CAAC,YAAY,CAAC,CAAC;oBAEtB,kCAAkC;oBAClC,iBAAiB,CAAC,OAAO,CAAC,cAAc,GAAG,KAAK,CAAC;oBACjD,iBAAiB,CAAC,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;oBAE/C,2BAA2B;oBAC3B,MAAM,eAAe,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;oBAC7D,IAAI,eAAe,EAAE,CAAC;wBACpB,aAAa,CAAC,eAAe,CAAC,CAAC;wBAC/B,MAAM,qBAAqB,EAAE,CAAC;oBAChC,CAAC;yBAAM,CAAC;wBACN,aAAa,CAAC,iBAAiB,CAAC,CAAC;wBAEjC,gEAAgE;wBAChE,uEAAuE;wBACvE,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;4BAC7B,IAAI,CAAC;gCACH,iFAAiF;gCACjF,YAAY,CAAC,oBAAoB,CAAC,iBAAiB,CAAC,CAAC;4BACvD,CAAC;4BAAC,OAAO,GAAG,EAAE,CAAC;gCACb,wDAAwD;gCACxD,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;4BAClD,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,kCAAkC;oBAClC,YAAY,CAAC,KAAK,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnB,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,SAAS,GACb,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;oBACtE,QAAQ,CAAC,SAAS,CAAC,CAAC;oBACpB,aAAa,CAAC,OAAO,CAAC,CAAC;oBACvB,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,6BAA6B;oBAElD,gCAAgC;oBAChC,iBAAiB,CAAC,OAAO,CAAC,cAAc,GAAG,KAAK,CAAC;oBACjD,0DAA0D;gBAC5D,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,cAAc,EAAE,CAAC;QAEjB,OAAO,GAAG,EAAE;YACV,SAAS,GAAG,KAAK,CAAC;YAElB,+DAA+D;YAC/D,uDAAuD;YACvD,IAAI,mBAAmB,CAAC,cAAc,EAAE,CAAC;gBACvC,mBAAmB,CAAC,cAAc,GAAG,KAAK,CAAC;gBAC3C,mBAAmB,CAAC,aAAa,GAAG,KAAK,CAAC;YAC5C,CAAC;YAED,IAAI,IAAI,EAAE,CAAC;gBACT,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QACF,sDAAsD;QACtD;;;;;;;;;;WAUG;QACH,uDAAuD;IACzD,CAAC,EAAE;QACD,QAAQ;QACR,kBAAkB;QAClB,WAAW;QACX,iBAAiB;QACjB,KAAK;QACL,kBAAkB;KACnB,CAAC,CAAC;IAEH,8CAA8C;IAC9C,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,IAAI,IAAI,UAAU,KAAK,eAAe,EAAE,CAAC;YAC3C,MAAM,qBAAqB,GAAG,KAAK,IAAI,EAAE;gBACvC,IAAI,CAAC;oBACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACtD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;oBAChD,UAAU,CAAC,cAAc,CAAC,CAAC;oBAC3B,OAAO,CAAC,WAAW,CAAC,CAAC;gBACvB,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,YAAY,GAChB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAClE,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC,CAAC;YAEF,qBAAqB,EAAE,CAAC;QAC1B,CAAC;IACH,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IAEvB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACpC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,yDAAyD;YACzD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC1E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAElD,2DAA2D;YAC3D,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAEtD,UAAU,CAAC,cAAc,CAAC,CAAC;YAC3B,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;YAEtB,kCAAkC;YAClC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YAED,yBAAyB;YACzB,OAAO,EAAE,IAAI,EAAE,CAAC;QAClB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,GACf,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAC3D,QAAQ,CAAC,WAAW,CAAC,CAAC;YACtB,MAAM,WAAW,CAAC;QACpB,CAAC;IACH,CAAC,EAAE,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;IAEtB,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,yDAAyD;YACzD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC1E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,CAAC;YACd,UAAU,CAAC,IAAI,CAAC,CAAC;QACnB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,YAAY,GAChB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;YAC5D,QAAQ,CAAC,YAAY,CAAC,CAAC;YACvB,MAAM,YAAY,CAAC;QACrB,CAAC;IACH,CAAC,EAAE,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;IAEtB,8BAA8B;IAC9B,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;IACjC,MAAM,WAAW,GAAG,OAAO,EAAE,WAAW,CAAC;IACzC,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,CAAC;IAE3C,kDAAkD;IAClD,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,EAAE;QACnC,IAAI,CAAC,OAAO;YAAE,OAAO,SAAS,CAAC;QAC/B,MAAM,MAAM,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACjD,OAAO,MAAM,CAAC,eAAe,CAAC;IAChC,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAEd,MAAM,YAAY,GAAyB,OAAO,CAChD,GAAG,EAAE,CAAC,CAAC;QACL,IAAI;QACJ,IAAI;QACJ,OAAO;QACP,SAAS;QACT,UAAU;QACV,KAAK;QACL,OAAO;QACP,WAAW;QACX,YAAY;QACZ,eAAe;QACf,MAAM;QACN,OAAO;QACP,WAAW;KACZ,CAAC,EACF;QACE,IAAI;QACJ,IAAI;QACJ,OAAO;QACP,SAAS;QACT,UAAU;QACV,KAAK;QACL,OAAO;QACP,WAAW;QACX,YAAY;QACZ,eAAe;QACf,MAAM;QACN,OAAO;QACP,WAAW;KACZ,CACF,CAAC;IAEF,OAAO,CACL,KAAC,gBAAgB,CAAC,QAAQ,IAAC,KAAK,EAAE,YAAY,YAC3C,QAAQ,GACiB,CAC7B,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAyB,EAAE;IAC5D,MAAM,OAAO,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC;IAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,gBAAgB,EAAE,CAAC","sourcesContent":["\"use client\";\nimport React, {\n createContext,\n useContext,\n useEffect,\n useState,\n useCallback,\n useMemo,\n useRef,\n} from \"react\";\nimport type { ReactNode } from \"react\";\nimport {\n CivicAuth,\n AuthEvent,\n type Session,\n type User,\n} from \"../../vanillajs/index.js\";\nimport { AuthenticationEvents } from \"../../vanillajs/auth/AuthenticationEvents.js\";\nimport type { DisplayMode, ForwardedTokens } from \"../../types.js\";\nimport { extractTokensFromSession } from \"../../vanillajs/utils/auth-utils.js\";\n\n// Event payload interfaces\ninterface SignInErrorEvent {\n detail: string;\n}\n\nexport type AuthStatusEnum =\n | \"authenticated\"\n | \"unauthenticated\"\n | \"authenticating\"\n | \"error\"\n | \"signing_out\";\n\nexport interface CivicAuthContextType {\n // Core auth instance\n auth: CivicAuth | null;\n\n // User and session state\n user: User | null;\n session: Session | null;\n\n // Auth state\n isLoading: boolean;\n authStatus: AuthStatusEnum;\n error: Error | null;\n\n // Tokens\n idToken?: string;\n accessToken?: string;\n refreshToken?: string;\n forwardedTokens?: ForwardedTokens;\n\n // Auth methods\n signIn: () => Promise<{ user: User }>;\n signOut: () => Promise<void>;\n\n // Config\n displayMode?: DisplayMode;\n}\n\nconst CivicAuthContext = createContext<CivicAuthContextType | null>(null);\n\nexport interface CivicAuthContextProviderProps {\n children: ReactNode;\n clientId: string;\n redirectUrl?: string;\n oauthServerBaseUrl?: string;\n scopes?: string[];\n displayMode?: DisplayMode;\n iframeDisplayMode?: \"modal\" | \"embedded\";\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => void;\n nonce?: string;\n authProcessTimeout?: number;\n}\n\nexport const CivicAuthContextProvider: React.FC<\n CivicAuthContextProviderProps\n> = ({\n children,\n clientId,\n redirectUrl,\n oauthServerBaseUrl = \"https://auth.civic.com/oauth/\",\n scopes = [\"openid\", \"profile\", \"email\", \"offline_access\"],\n displayMode = \"iframe\",\n iframeDisplayMode = \"modal\",\n onSignIn,\n onSignOut,\n nonce,\n authProcessTimeout = 120000,\n}) => {\n const [auth, setAuth] = useState<CivicAuth | null>(null);\n const [user, setUser] = useState<User | null>(null);\n const [session, setSession] = useState<Session | null>(null);\n const [isLoading, setIsLoading] = useState(true);\n const [authStatus, setAuthStatus] =\n useState<AuthStatusEnum>(\"unauthenticated\");\n const [error, setError] = useState<Error | null>(null);\n\n // Track initialization to prevent double-execution in React StrictMode\n const initializationRef = useRef<{\n isInitializing: boolean;\n isInitialized: boolean;\n }>({\n isInitializing: false,\n isInitialized: false,\n });\n\n useEffect(() => {\n let isMounted = true;\n\n // Prevent double initialization in React StrictMode\n if (\n initializationRef.current.isInitializing ||\n initializationRef.current.isInitialized\n ) {\n // `[CivicAuthContext] Skipping initialization ${initId} - already initializing/initialized`,\n\n return;\n }\n\n // Capture ref value at effect setup time for cleanup\n const initializationState = initializationRef.current;\n\n initializationRef.current.isInitializing = true;\n\n const refreshUserAndSession = async () => {\n if (!auth) return;\n\n try {\n const currentSession = await auth.getCurrentSession();\n const currentUser = await auth.getCurrentUser();\n\n if (isMounted) {\n setSession(currentSession);\n setUser(currentUser);\n }\n } catch (err) {\n if (isMounted) {\n const sessionError =\n err instanceof Error ? err : new Error(\"Failed to get session\");\n setError(sessionError);\n }\n }\n };\n\n const initializeAuth = async () => {\n try {\n const events = new AuthenticationEvents();\n\n // Set up event listeners\n events.on(AuthEvent.SIGN_IN_STARTED, () => {\n if (isMounted) {\n setIsLoading(true);\n setAuthStatus(\"authenticating\");\n setError(null);\n }\n });\n\n events.on(AuthEvent.SIGN_IN_COMPLETE, () => {\n if (isMounted) {\n setIsLoading(false);\n setAuthStatus(\"authenticated\");\n setError(null);\n onSignIn?.();\n }\n });\n\n events.on(AuthEvent.SIGN_IN_ERROR, (event?: SignInErrorEvent) => {\n if (isMounted) {\n setIsLoading(false);\n setAuthStatus(\"error\");\n const errorDetail = event?.detail || \"Authentication failed\";\n const authError = new Error(errorDetail);\n setError(authError);\n onSignIn?.(authError);\n }\n });\n\n events.on(AuthEvent.SIGN_OUT_STARTED, () => {\n if (isMounted) {\n setIsLoading(true);\n setAuthStatus(\"signing_out\");\n setError(null);\n }\n });\n\n events.on(AuthEvent.SIGN_OUT_COMPLETE, () => {\n if (isMounted) {\n setIsLoading(false);\n setAuthStatus(\"unauthenticated\");\n setUser(null);\n setSession(null);\n setError(null);\n onSignOut?.();\n }\n });\n\n events.on(AuthEvent.USER_SESSION_CHANGED, () => {\n if (isMounted) {\n refreshUserAndSession();\n }\n });\n\n const authInstance = await CivicAuth.create({\n clientId,\n redirectUrl:\n redirectUrl ||\n `${window.location.origin}${window.location.pathname}`,\n oauthServerBaseUrl,\n scopes,\n displayMode,\n iframeDisplayMode,\n nonce,\n authProcessTimeout,\n events,\n });\n\n if (isMounted) {\n setAuth(authInstance);\n\n // Mark initialization as complete\n initializationRef.current.isInitializing = false;\n initializationRef.current.isInitialized = true;\n\n // Check initial auth state\n const isAuthenticated = await authInstance.isAuthenticated();\n if (isAuthenticated) {\n setAuthStatus(\"authenticated\");\n await refreshUserAndSession();\n } else {\n setAuthStatus(\"unauthenticated\");\n\n // Pre-load iframe for iframe display mode to match old behavior\n // This prepares the iframe in the background so it's ready to be shown\n if (displayMode === \"iframe\") {\n try {\n // Pre-load by setting iframe display mode - this doesn't show it but prepares it\n authInstance.setIframeDisplayMode(iframeDisplayMode);\n } catch (err) {\n // Don't fail initialization if iframe pre-loading fails\n console.warn(\"Iframe pre-loading failed:\", err);\n }\n }\n }\n\n // Mark initialization as complete\n setIsLoading(false);\n }\n } catch (err) {\n console.error(err);\n if (isMounted) {\n const initError =\n err instanceof Error ? err : new Error(\"Failed to initialize auth\");\n setError(initError);\n setAuthStatus(\"error\");\n setIsLoading(false); // Stop loading even on error\n\n // Mark initialization as failed\n initializationRef.current.isInitializing = false;\n // Don't mark as initialized on error so it can be retried\n }\n }\n };\n\n initializeAuth();\n\n return () => {\n isMounted = false;\n\n // Reset initialization guards to allow remount to reinitialize\n // This is necessary for React StrictMode compatibility\n if (initializationState.isInitializing) {\n initializationState.isInitializing = false;\n initializationState.isInitialized = false;\n }\n\n if (auth) {\n auth.destroy();\n }\n };\n // Refresh user and session when auth instance changes\n /*\n * Intentionally omitting dependencies to prevent infinite loops.\n * Adding auth, onSignIn, onSignOut, and scopes to the dependency array would cause\n * the effect to re-run whenever these values change, which could lead to unnecessary\n * re-renders and potential infinite loops since the effect updates state that might\n * trigger re-renders of parent components.\n *\n * IMPORTANT: redirectUrl is intentionally omitted to prevent re-initialization\n * during OAuth callback when URL parameters change, which would cause\n * \"invalid_grant\" errors due to authorization code reuse.\n */\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [\n clientId,\n oauthServerBaseUrl,\n displayMode,\n iframeDisplayMode,\n nonce,\n authProcessTimeout,\n ]);\n\n // This is on load to get the user and session\n useEffect(() => {\n if (auth && authStatus === \"authenticated\") {\n const refreshUserAndSession = async () => {\n try {\n const currentSession = await auth.getCurrentSession();\n const currentUser = await auth.getCurrentUser();\n setSession(currentSession);\n setUser(currentUser);\n } catch (err) {\n const sessionError =\n err instanceof Error ? err : new Error(\"Failed to get session\");\n setError(sessionError);\n }\n };\n\n refreshUserAndSession();\n }\n }, [auth, authStatus]);\n\n const signIn = useCallback(async () => {\n if (!auth) {\n // If auth is still loading, provide a more helpful error\n if (isLoading) {\n throw new Error(\"Authentication is still initializing, please wait...\");\n }\n throw new Error(\"Auth not initialized\");\n }\n\n try {\n const { user } = await auth.startAuthentication();\n\n // Refresh user and session after successful authentication\n const currentSession = await auth.getCurrentSession();\n\n setSession(currentSession);\n setUser(user ?? null);\n\n // Ensure we have a user to return\n if (!user) {\n throw new Error(\"Authentication succeeded but no user was returned\");\n }\n\n // Return the user object\n return { user };\n } catch (err) {\n const signInError =\n err instanceof Error ? err : new Error(\"Sign in failed\");\n setError(signInError);\n throw signInError;\n }\n }, [auth, isLoading]);\n\n const signOut = useCallback(async () => {\n if (!auth) {\n // If auth is still loading, provide a more helpful error\n if (isLoading) {\n throw new Error(\"Authentication is still initializing, please wait...\");\n }\n throw new Error(\"Auth not initialized\");\n }\n\n try {\n await auth.logout();\n setUser(null);\n setSession(null);\n } catch (err) {\n const signOutError =\n err instanceof Error ? err : new Error(\"Sign out failed\");\n setError(signOutError);\n throw signOutError;\n }\n }, [auth, isLoading]);\n\n // Extract tokens from session\n const idToken = session?.idToken;\n const accessToken = session?.accessToken;\n const refreshToken = session?.refreshToken;\n\n // Extract forwardedTokens from session's ID token\n const forwardedTokens = useMemo(() => {\n if (!session) return undefined;\n const tokens = extractTokensFromSession(session);\n return tokens.forwardedTokens;\n }, [session]);\n\n const contextValue: CivicAuthContextType = useMemo(\n () => ({\n auth,\n user,\n session,\n isLoading,\n authStatus,\n error,\n idToken,\n accessToken,\n refreshToken,\n forwardedTokens,\n signIn,\n signOut,\n displayMode,\n }),\n [\n auth,\n user,\n session,\n isLoading,\n authStatus,\n error,\n idToken,\n accessToken,\n refreshToken,\n forwardedTokens,\n signIn,\n signOut,\n displayMode,\n ],\n );\n\n return (\n <CivicAuthContext.Provider value={contextValue}>\n {children}\n </CivicAuthContext.Provider>\n );\n};\n\nexport const useCivicAuthContext = (): CivicAuthContextType => {\n const context = useContext(CivicAuthContext);\n if (!context) {\n throw new Error(\n \"useCivicAuthContext must be used within a CivicAuthContextProvider\",\n );\n }\n return context;\n};\n\nexport { CivicAuthContext };\n"]}
1
+ {"version":3,"file":"CivicAuthContext.js","sourceRoot":"","sources":["../../../src/reactjs/providers/CivicAuthContext.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AACb,OAAO,KAAK,EAAE,EACZ,aAAa,EACb,UAAU,EACV,SAAS,EACT,QAAQ,EACR,WAAW,EACX,OAAO,EACP,MAAM,GACP,MAAM,OAAO,CAAC;AAEf,OAAO,EACL,SAAS,EACT,SAAS,GAGV,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,oBAAoB,EAAE,MAAM,8CAA8C,CAAC;AAEpF,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AA8C/E,MAAM,gBAAgB,GAAG,aAAa,CAA8B,IAAI,CAAC,CAAC;AAiB1E,MAAM,CAAC,MAAM,wBAAwB,GAEjC,CAAC,EACH,QAAQ,EACR,QAAQ,EACR,WAAW,EACX,kBAAkB,GAAG,+BAA+B,EACpD,MAAM,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB,CAAC,EACzD,WAAW,GAAG,QAAQ,EACtB,iBAAiB,GAAG,OAAO,EAC3B,QAAQ,EACR,SAAS,EACT,KAAK,EACL,kBAAkB,GAAG,MAAM,EAC3B,aAAa,GACd,EAAE,EAAE;IACH,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAmB,IAAI,CAAC,CAAC;IACzD,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAc,IAAI,CAAC,CAAC;IACpD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAiB,IAAI,CAAC,CAAC;IAC7D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAC/B,QAAQ,CAAiB,iBAAiB,CAAC,CAAC;IAC9C,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAEvD,uEAAuE;IACvE,MAAM,iBAAiB,GAAG,MAAM,CAG7B;QACD,cAAc,EAAE,KAAK;QACrB,aAAa,EAAE,KAAK;KACrB,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,SAAS,GAAG,IAAI,CAAC;QAErB,oDAAoD;QACpD,IACE,iBAAiB,CAAC,OAAO,CAAC,cAAc;YACxC,iBAAiB,CAAC,OAAO,CAAC,aAAa,EACvC,CAAC;YACD,6FAA6F;YAE7F,OAAO;QACT,CAAC;QAED,qDAAqD;QACrD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,OAAO,CAAC;QAEtD,iBAAiB,CAAC,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;QAEhD,MAAM,qBAAqB,GAAG,KAAK,IAAI,EAAE;YACvC,IAAI,CAAC,IAAI;gBAAE,OAAO;YAElB,IAAI,CAAC;gBACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACtD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;gBAEhD,IAAI,SAAS,EAAE,CAAC;oBACd,UAAU,CAAC,cAAc,CAAC,CAAC;oBAC3B,OAAO,CAAC,WAAW,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,YAAY,GAChB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAClE,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE;YAChC,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,oBAAoB,EAAE,CAAC;gBAE1C,yBAAyB;gBACzB,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,eAAe,EAAE,GAAG,EAAE;oBACxC,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,IAAI,CAAC,CAAC;wBACnB,aAAa,CAAC,gBAAgB,CAAC,CAAC;wBAChC,QAAQ,CAAC,IAAI,CAAC,CAAC;oBACjB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,gBAAgB,EAAE,GAAG,EAAE;oBACzC,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,KAAK,CAAC,CAAC;wBACpB,aAAa,CAAC,eAAe,CAAC,CAAC;wBAC/B,QAAQ,CAAC,IAAI,CAAC,CAAC;wBACf,QAAQ,EAAE,EAAE,CAAC;oBACf,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,KAAwB,EAAE,EAAE;oBAC9D,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,KAAK,CAAC,CAAC;wBACpB,aAAa,CAAC,OAAO,CAAC,CAAC;wBACvB,MAAM,WAAW,GAAG,KAAK,EAAE,MAAM,IAAI,uBAAuB,CAAC;wBAC7D,MAAM,SAAS,GAAG,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC;wBACzC,QAAQ,CAAC,SAAS,CAAC,CAAC;wBACpB,QAAQ,EAAE,CAAC,SAAS,CAAC,CAAC;oBACxB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,gBAAgB,EAAE,GAAG,EAAE;oBACzC,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,IAAI,CAAC,CAAC;wBACnB,aAAa,CAAC,aAAa,CAAC,CAAC;wBAC7B,QAAQ,CAAC,IAAI,CAAC,CAAC;oBACjB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,iBAAiB,EAAE,GAAG,EAAE;oBAC1C,IAAI,SAAS,EAAE,CAAC;wBACd,YAAY,CAAC,KAAK,CAAC,CAAC;wBACpB,aAAa,CAAC,iBAAiB,CAAC,CAAC;wBACjC,OAAO,CAAC,IAAI,CAAC,CAAC;wBACd,UAAU,CAAC,IAAI,CAAC,CAAC;wBACjB,QAAQ,CAAC,IAAI,CAAC,CAAC;wBACf,SAAS,EAAE,EAAE,CAAC;oBAChB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,oBAAoB,EAAE,GAAG,EAAE;oBAC7C,IAAI,SAAS,EAAE,CAAC;wBACd,qBAAqB,EAAE,CAAC;oBAC1B,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC;oBAC1C,QAAQ;oBACR,WAAW,EACT,WAAW;wBACX,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE;oBACxD,kBAAkB;oBAClB,MAAM;oBACN,WAAW;oBACX,iBAAiB;oBACjB,KAAK;oBACL,kBAAkB;oBAClB,aAAa;oBACb,MAAM;iBACP,CAAC,CAAC;gBAEH,IAAI,SAAS,EAAE,CAAC;oBACd,OAAO,CAAC,YAAY,CAAC,CAAC;oBAEtB,kCAAkC;oBAClC,iBAAiB,CAAC,OAAO,CAAC,cAAc,GAAG,KAAK,CAAC;oBACjD,iBAAiB,CAAC,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;oBAE/C,2BAA2B;oBAC3B,MAAM,eAAe,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;oBAC7D,IAAI,eAAe,EAAE,CAAC;wBACpB,aAAa,CAAC,eAAe,CAAC,CAAC;wBAC/B,MAAM,qBAAqB,EAAE,CAAC;oBAChC,CAAC;yBAAM,CAAC;wBACN,aAAa,CAAC,iBAAiB,CAAC,CAAC;wBAEjC,2FAA2F;oBAC7F,CAAC;oBAED,kCAAkC;oBAClC,YAAY,CAAC,KAAK,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnB,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,SAAS,GACb,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;oBACtE,QAAQ,CAAC,SAAS,CAAC,CAAC;oBACpB,aAAa,CAAC,OAAO,CAAC,CAAC;oBACvB,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,6BAA6B;oBAElD,gCAAgC;oBAChC,iBAAiB,CAAC,OAAO,CAAC,cAAc,GAAG,KAAK,CAAC;oBACjD,0DAA0D;gBAC5D,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,cAAc,EAAE,CAAC;QAEjB,OAAO,GAAG,EAAE;YACV,SAAS,GAAG,KAAK,CAAC;YAElB,+DAA+D;YAC/D,uDAAuD;YACvD,IAAI,mBAAmB,CAAC,cAAc,EAAE,CAAC;gBACvC,mBAAmB,CAAC,cAAc,GAAG,KAAK,CAAC;gBAC3C,mBAAmB,CAAC,aAAa,GAAG,KAAK,CAAC;YAC5C,CAAC;YAED,IAAI,IAAI,EAAE,CAAC;gBACT,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QACF,sDAAsD;QACtD;;;;;;;;;;WAUG;QACH,uDAAuD;IACzD,CAAC,EAAE;QACD,QAAQ;QACR,kBAAkB;QAClB,WAAW;QACX,iBAAiB;QACjB,KAAK;QACL,kBAAkB;QAClB,aAAa;KACd,CAAC,CAAC;IAEH,8CAA8C;IAC9C,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,IAAI,IAAI,UAAU,KAAK,eAAe,EAAE,CAAC;YAC3C,MAAM,qBAAqB,GAAG,KAAK,IAAI,EAAE;gBACvC,IAAI,CAAC;oBACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACtD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;oBAChD,UAAU,CAAC,cAAc,CAAC,CAAC;oBAC3B,OAAO,CAAC,WAAW,CAAC,CAAC;gBACvB,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,YAAY,GAChB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAClE,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC,CAAC;YAEF,qBAAqB,EAAE,CAAC;QAC1B,CAAC;IACH,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IAEvB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACpC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,yDAAyD;YACzD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC1E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAElD,2DAA2D;YAC3D,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAEtD,UAAU,CAAC,cAAc,CAAC,CAAC;YAC3B,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;YAEtB,kCAAkC;YAClC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YAED,yBAAyB;YACzB,OAAO,EAAE,IAAI,EAAE,CAAC;QAClB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,GACf,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAC3D,QAAQ,CAAC,WAAW,CAAC,CAAC;YACtB,MAAM,WAAW,CAAC;QACpB,CAAC;IACH,CAAC,EAAE,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;IAEtB,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,yDAAyD;YACzD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC1E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,CAAC;YACd,UAAU,CAAC,IAAI,CAAC,CAAC;QACnB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,YAAY,GAChB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;YAC5D,QAAQ,CAAC,YAAY,CAAC,CAAC;YACvB,MAAM,YAAY,CAAC;QACrB,CAAC;IACH,CAAC,EAAE,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;IAEtB,MAAM,yBAAyB,GAAG,WAAW,CAAC,GAAG,EAAE;QACjD,OAAO,IAAI,EAAE,yBAAyB,EAAE,IAAI,KAAK,CAAC;IACpD,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAEX,MAAM,iBAAiB,GAAG,WAAW,CACnC,CAAC,OAAgB,EAAE,EAAE;QACnB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QACD,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAClC,CAAC,EACD,CAAC,IAAI,CAAC,CACP,CAAC;IAEF,MAAM,iBAAiB,GAAG,WAAW,CAAC,GAAG,EAAE;QACzC,OAAO,IAAI,EAAE,iBAAiB,EAAE,IAAI,IAAI,CAAC;IAC3C,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAEX,8BAA8B;IAC9B,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;IACjC,MAAM,WAAW,GAAG,OAAO,EAAE,WAAW,CAAC;IACzC,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,CAAC;IAE3C,kDAAkD;IAClD,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,EAAE;QACnC,IAAI,CAAC,OAAO;YAAE,OAAO,SAAS,CAAC;QAC/B,MAAM,MAAM,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACjD,OAAO,MAAM,CAAC,eAAe,CAAC;IAChC,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAEd,MAAM,YAAY,GAAyB,OAAO,CAChD,GAAG,EAAE,CAAC,CAAC;QACL,IAAI;QACJ,IAAI;QACJ,OAAO;QACP,SAAS;QACT,UAAU;QACV,KAAK;QACL,OAAO;QACP,WAAW;QACX,YAAY;QACZ,eAAe;QACf,MAAM;QACN,OAAO;QACP,yBAAyB;QACzB,iBAAiB;QACjB,iBAAiB;QACjB,WAAW;KACZ,CAAC,EACF;QACE,IAAI;QACJ,IAAI;QACJ,OAAO;QACP,SAAS;QACT,UAAU;QACV,KAAK;QACL,OAAO;QACP,WAAW;QACX,YAAY;QACZ,eAAe;QACf,MAAM;QACN,OAAO;QACP,yBAAyB;QACzB,iBAAiB;QACjB,iBAAiB;QACjB,WAAW;KACZ,CACF,CAAC;IAEF,OAAO,CACL,KAAC,gBAAgB,CAAC,QAAQ,IAAC,KAAK,EAAE,YAAY,YAC3C,QAAQ,GACiB,CAC7B,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAyB,EAAE;IAC5D,MAAM,OAAO,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC;IAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,OAAO,EAAE,gBAAgB,EAAE,CAAC","sourcesContent":["\"use client\";\nimport React, {\n createContext,\n useContext,\n useEffect,\n useState,\n useCallback,\n useMemo,\n useRef,\n} from \"react\";\nimport type { ReactNode } from \"react\";\nimport {\n CivicAuth,\n AuthEvent,\n type Session,\n type User,\n} from \"../../vanillajs/index.js\";\nimport { AuthenticationEvents } from \"../../vanillajs/auth/AuthenticationEvents.js\";\nimport type { DisplayMode, ForwardedTokens } from \"../../types.js\";\nimport { extractTokensFromSession } from \"../../vanillajs/utils/auth-utils.js\";\n\n// Event payload interfaces\ninterface SignInErrorEvent {\n detail: string;\n}\n\nexport type AuthStatusEnum =\n | \"authenticated\"\n | \"unauthenticated\"\n | \"authenticating\"\n | \"error\"\n | \"signing_out\";\n\nexport interface CivicAuthContextType {\n // Core auth instance\n auth: CivicAuth | null;\n\n // User and session state\n user: User | null;\n session: Session | null;\n\n // Auth state\n isLoading: boolean;\n authStatus: AuthStatusEnum;\n error: Error | null;\n\n // Tokens\n idToken?: string;\n accessToken?: string;\n refreshToken?: string;\n forwardedTokens?: ForwardedTokens;\n\n // Auth methods\n signIn: () => Promise<{ user: User }>;\n signOut: () => Promise<void>;\n\n // Preloading methods\n isAuthenticationPreloaded: () => boolean;\n setPreloadEnabled: (enabled: boolean) => void;\n getPreloadEnabled: () => boolean;\n\n // Config\n displayMode?: DisplayMode;\n}\n\nconst CivicAuthContext = createContext<CivicAuthContextType | null>(null);\n\nexport interface CivicAuthContextProviderProps {\n children: ReactNode;\n clientId: string;\n redirectUrl?: string;\n oauthServerBaseUrl?: string;\n scopes?: string[];\n displayMode?: DisplayMode;\n iframeDisplayMode?: \"modal\" | \"embedded\";\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => void;\n nonce?: string;\n authProcessTimeout?: number;\n preloadIframe?: boolean;\n}\n\nexport const CivicAuthContextProvider: React.FC<\n CivicAuthContextProviderProps\n> = ({\n children,\n clientId,\n redirectUrl,\n oauthServerBaseUrl = \"https://auth.civic.com/oauth/\",\n scopes = [\"openid\", \"profile\", \"email\", \"offline_access\"],\n displayMode = \"iframe\",\n iframeDisplayMode = \"modal\",\n onSignIn,\n onSignOut,\n nonce,\n authProcessTimeout = 120000,\n preloadIframe,\n}) => {\n const [auth, setAuth] = useState<CivicAuth | null>(null);\n const [user, setUser] = useState<User | null>(null);\n const [session, setSession] = useState<Session | null>(null);\n const [isLoading, setIsLoading] = useState(true);\n const [authStatus, setAuthStatus] =\n useState<AuthStatusEnum>(\"unauthenticated\");\n const [error, setError] = useState<Error | null>(null);\n\n // Track initialization to prevent double-execution in React StrictMode\n const initializationRef = useRef<{\n isInitializing: boolean;\n isInitialized: boolean;\n }>({\n isInitializing: false,\n isInitialized: false,\n });\n\n useEffect(() => {\n let isMounted = true;\n\n // Prevent double initialization in React StrictMode\n if (\n initializationRef.current.isInitializing ||\n initializationRef.current.isInitialized\n ) {\n // `[CivicAuthContext] Skipping initialization ${initId} - already initializing/initialized`,\n\n return;\n }\n\n // Capture ref value at effect setup time for cleanup\n const initializationState = initializationRef.current;\n\n initializationRef.current.isInitializing = true;\n\n const refreshUserAndSession = async () => {\n if (!auth) return;\n\n try {\n const currentSession = await auth.getCurrentSession();\n const currentUser = await auth.getCurrentUser();\n\n if (isMounted) {\n setSession(currentSession);\n setUser(currentUser);\n }\n } catch (err) {\n if (isMounted) {\n const sessionError =\n err instanceof Error ? err : new Error(\"Failed to get session\");\n setError(sessionError);\n }\n }\n };\n\n const initializeAuth = async () => {\n try {\n const events = new AuthenticationEvents();\n\n // Set up event listeners\n events.on(AuthEvent.SIGN_IN_STARTED, () => {\n if (isMounted) {\n setIsLoading(true);\n setAuthStatus(\"authenticating\");\n setError(null);\n }\n });\n\n events.on(AuthEvent.SIGN_IN_COMPLETE, () => {\n if (isMounted) {\n setIsLoading(false);\n setAuthStatus(\"authenticated\");\n setError(null);\n onSignIn?.();\n }\n });\n\n events.on(AuthEvent.SIGN_IN_ERROR, (event?: SignInErrorEvent) => {\n if (isMounted) {\n setIsLoading(false);\n setAuthStatus(\"error\");\n const errorDetail = event?.detail || \"Authentication failed\";\n const authError = new Error(errorDetail);\n setError(authError);\n onSignIn?.(authError);\n }\n });\n\n events.on(AuthEvent.SIGN_OUT_STARTED, () => {\n if (isMounted) {\n setIsLoading(true);\n setAuthStatus(\"signing_out\");\n setError(null);\n }\n });\n\n events.on(AuthEvent.SIGN_OUT_COMPLETE, () => {\n if (isMounted) {\n setIsLoading(false);\n setAuthStatus(\"unauthenticated\");\n setUser(null);\n setSession(null);\n setError(null);\n onSignOut?.();\n }\n });\n\n events.on(AuthEvent.USER_SESSION_CHANGED, () => {\n if (isMounted) {\n refreshUserAndSession();\n }\n });\n\n const authInstance = await CivicAuth.create({\n clientId,\n redirectUrl:\n redirectUrl ||\n `${window.location.origin}${window.location.pathname}`,\n oauthServerBaseUrl,\n scopes,\n displayMode,\n iframeDisplayMode,\n nonce,\n authProcessTimeout,\n preloadIframe,\n events,\n });\n\n if (isMounted) {\n setAuth(authInstance);\n\n // Mark initialization as complete\n initializationRef.current.isInitializing = false;\n initializationRef.current.isInitialized = true;\n\n // Check initial auth state\n const isAuthenticated = await authInstance.isAuthenticated();\n if (isAuthenticated) {\n setAuthStatus(\"authenticated\");\n await refreshUserAndSession();\n } else {\n setAuthStatus(\"unauthenticated\");\n\n // Note: Preloading is now handled automatically by CivicAuth based on config.preloadIframe\n }\n\n // Mark initialization as complete\n setIsLoading(false);\n }\n } catch (err) {\n console.error(err);\n if (isMounted) {\n const initError =\n err instanceof Error ? err : new Error(\"Failed to initialize auth\");\n setError(initError);\n setAuthStatus(\"error\");\n setIsLoading(false); // Stop loading even on error\n\n // Mark initialization as failed\n initializationRef.current.isInitializing = false;\n // Don't mark as initialized on error so it can be retried\n }\n }\n };\n\n initializeAuth();\n\n return () => {\n isMounted = false;\n\n // Reset initialization guards to allow remount to reinitialize\n // This is necessary for React StrictMode compatibility\n if (initializationState.isInitializing) {\n initializationState.isInitializing = false;\n initializationState.isInitialized = false;\n }\n\n if (auth) {\n auth.destroy();\n }\n };\n // Refresh user and session when auth instance changes\n /*\n * Intentionally omitting dependencies to prevent infinite loops.\n * Adding auth, onSignIn, onSignOut, and scopes to the dependency array would cause\n * the effect to re-run whenever these values change, which could lead to unnecessary\n * re-renders and potential infinite loops since the effect updates state that might\n * trigger re-renders of parent components.\n *\n * IMPORTANT: redirectUrl is intentionally omitted to prevent re-initialization\n * during OAuth callback when URL parameters change, which would cause\n * \"invalid_grant\" errors due to authorization code reuse.\n */\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [\n clientId,\n oauthServerBaseUrl,\n displayMode,\n iframeDisplayMode,\n nonce,\n authProcessTimeout,\n preloadIframe,\n ]);\n\n // This is on load to get the user and session\n useEffect(() => {\n if (auth && authStatus === \"authenticated\") {\n const refreshUserAndSession = async () => {\n try {\n const currentSession = await auth.getCurrentSession();\n const currentUser = await auth.getCurrentUser();\n setSession(currentSession);\n setUser(currentUser);\n } catch (err) {\n const sessionError =\n err instanceof Error ? err : new Error(\"Failed to get session\");\n setError(sessionError);\n }\n };\n\n refreshUserAndSession();\n }\n }, [auth, authStatus]);\n\n const signIn = useCallback(async () => {\n if (!auth) {\n // If auth is still loading, provide a more helpful error\n if (isLoading) {\n throw new Error(\"Authentication is still initializing, please wait...\");\n }\n throw new Error(\"Auth not initialized\");\n }\n\n try {\n const { user } = await auth.startAuthentication();\n\n // Refresh user and session after successful authentication\n const currentSession = await auth.getCurrentSession();\n\n setSession(currentSession);\n setUser(user ?? null);\n\n // Ensure we have a user to return\n if (!user) {\n throw new Error(\"Authentication succeeded but no user was returned\");\n }\n\n // Return the user object\n return { user };\n } catch (err) {\n const signInError =\n err instanceof Error ? err : new Error(\"Sign in failed\");\n setError(signInError);\n throw signInError;\n }\n }, [auth, isLoading]);\n\n const signOut = useCallback(async () => {\n if (!auth) {\n // If auth is still loading, provide a more helpful error\n if (isLoading) {\n throw new Error(\"Authentication is still initializing, please wait...\");\n }\n throw new Error(\"Auth not initialized\");\n }\n\n try {\n await auth.logout();\n setUser(null);\n setSession(null);\n } catch (err) {\n const signOutError =\n err instanceof Error ? err : new Error(\"Sign out failed\");\n setError(signOutError);\n throw signOutError;\n }\n }, [auth, isLoading]);\n\n const isAuthenticationPreloaded = useCallback(() => {\n return auth?.isAuthenticationPreloaded() ?? false;\n }, [auth]);\n\n const setPreloadEnabled = useCallback(\n (enabled: boolean) => {\n if (!auth) {\n throw new Error(\"Auth not initialized\");\n }\n auth.setPreloadEnabled(enabled);\n },\n [auth],\n );\n\n const getPreloadEnabled = useCallback(() => {\n return auth?.getPreloadEnabled() ?? true;\n }, [auth]);\n\n // Extract tokens from session\n const idToken = session?.idToken;\n const accessToken = session?.accessToken;\n const refreshToken = session?.refreshToken;\n\n // Extract forwardedTokens from session's ID token\n const forwardedTokens = useMemo(() => {\n if (!session) return undefined;\n const tokens = extractTokensFromSession(session);\n return tokens.forwardedTokens;\n }, [session]);\n\n const contextValue: CivicAuthContextType = useMemo(\n () => ({\n auth,\n user,\n session,\n isLoading,\n authStatus,\n error,\n idToken,\n accessToken,\n refreshToken,\n forwardedTokens,\n signIn,\n signOut,\n isAuthenticationPreloaded,\n setPreloadEnabled,\n getPreloadEnabled,\n displayMode,\n }),\n [\n auth,\n user,\n session,\n isLoading,\n authStatus,\n error,\n idToken,\n accessToken,\n refreshToken,\n forwardedTokens,\n signIn,\n signOut,\n isAuthenticationPreloaded,\n setPreloadEnabled,\n getPreloadEnabled,\n displayMode,\n ],\n );\n\n return (\n <CivicAuthContext.Provider value={contextValue}>\n {children}\n </CivicAuthContext.Provider>\n );\n};\n\nexport const useCivicAuthContext = (): CivicAuthContextType => {\n const context = useContext(CivicAuthContext);\n if (!context) {\n throw new Error(\n \"useCivicAuthContext must be used within a CivicAuthContextProvider\",\n );\n }\n return context;\n};\n\nexport { CivicAuthContext };\n"]}
package/dist/reactjs/providers/CivicAuthProvider.d.ts CHANGED
@@ -16,7 +16,9 @@ export interface CivicAuthProviderProps {
16
16
  nonce?: string;
17
17
  logoutRedirectUrl?: string;
18
18
  authProcessTimeout?: number;
19
+ preloadIframe?: boolean;
19
20
  logging?: LoggingConfig;
21
+ autoRedirect?: boolean;
20
22
  }
21
23
  declare const CivicAuthProvider: React.FC<CivicAuthProviderProps>;
22
24
  export { CivicAuthProvider };
package/dist/reactjs/providers/CivicAuthProvider.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthProvider.d.ts","sourceRoot":"","sources":["../../../src/reactjs/providers/CivicAuthProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAoB,MAAM,OAAO,CAAC;AAKzC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAC;AAEzE,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE;QACP,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,UAAU,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAClC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,KAAK,IAAI,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,IAAI,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,CAAC,EAAE,aAAa,CAAC;CACzB;AAED,QAAA,MAAM,iBAAiB,EAAE,KAAK,CAAC,EAAE,CAAC,sBAAsB,CA+DvD,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,CAAC"}
1
+ {"version":3,"file":"CivicAuthProvider.d.ts","sourceRoot":"","sources":["../../../src/reactjs/providers/CivicAuthProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAoB,MAAM,OAAO,CAAC;AAKzC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAC;AAEzE,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE;QACP,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,UAAU,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAClC,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,KAAK,IAAI,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,IAAI,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,QAAA,MAAM,iBAAiB,EAAE,KAAK,CAAC,EAAE,CAAC,sBAAsB,CAqEvD,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,CAAC"}
package/dist/reactjs/providers/CivicAuthProvider.js CHANGED
@@ -2,7 +2,7 @@
2
2
  import { Fragment as _Fragment, jsx as _jsx } from "@emotion/react/jsx-runtime";
3
3
  import React, { useEffect } from "react";
4
4
  import { GlobalAuthManager, } from "../core/GlobalAuthManager.js";
5
- const CivicAuthProvider = ({ children, clientId, redirectUrl, config, scopes, displayMode = "iframe", iframeMode = "modal", onSignIn, onSignOut, nonce, logoutRedirectUrl, authProcessTimeout, logging, }) => {
5
+ const CivicAuthProvider = ({ children, clientId, redirectUrl, config, scopes, displayMode = "iframe", iframeMode = "modal", onSignIn, onSignOut, nonce, logoutRedirectUrl, authProcessTimeout, preloadIframe, logging, autoRedirect = true, }) => {
6
6
  // Initialize GlobalAuthManager with the provider config
7
7
  useEffect(() => {
8
8
  const globalConfig = {
@@ -17,9 +17,11 @@ const CivicAuthProvider = ({ children, clientId, redirectUrl, config, scopes, di
17
17
  nonce,
18
18
  logoutRedirectUrl,
19
19
  authProcessTimeout,
20
+ preloadIframe,
20
21
  onSignIn,
21
22
  onSignOut,
22
23
  logging,
24
+ autoRedirect,
23
25
  framework: "reactjs",
24
26
  };
25
27
  const manager = GlobalAuthManager.getInstance();
@@ -42,9 +44,11 @@ const CivicAuthProvider = ({ children, clientId, redirectUrl, config, scopes, di
42
44
  nonce,
43
45
  logoutRedirectUrl,
44
46
  authProcessTimeout,
47
+ preloadIframe,
45
48
  onSignIn,
46
49
  onSignOut,
47
50
  logging,
51
+ autoRedirect,
48
52
  ]);
49
53
  // Just render children - no context provider needed
50
54
  return _jsx(_Fragment, { children: children });
package/dist/reactjs/providers/CivicAuthProvider.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthProvider.js","sourceRoot":"","sources":["../../../src/reactjs/providers/CivicAuthProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AACb,OAAO,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACzC,OAAO,EACL,iBAAiB,GAElB,MAAM,8BAA8B,CAAC;AAsBtC,MAAM,iBAAiB,GAAqC,CAAC,EAC3D,QAAQ,EACR,QAAQ,EACR,WAAW,EACX,MAAM,EACN,MAAM,EACN,WAAW,GAAG,QAAQ,EACtB,UAAU,GAAG,OAAO,EACpB,QAAQ,EACR,SAAS,EACT,KAAK,EACL,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,GACR,EAAE,EAAE;IACH,wDAAwD;IACxD,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,YAAY,GAAqB;YACrC,QAAQ;YACR,WAAW;YACX,MAAM,EAAE;gBACN,WAAW,EAAE,MAAM,EAAE,WAAW;aACjC;YACD,MAAM;YACN,WAAW;YACX,UAAU;YACV,KAAK;YACL,iBAAiB;YACjB,kBAAkB;YAClB,QAAQ;YACR,SAAS;YACT,OAAO;YACP,SAAS,EAAE,SAAS;SACrB,CAAC;QAEF,MAAM,OAAO,GAAG,iBAAiB,CAAC,WAAW,EAAE,CAAC;QAEhD,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE;YAChC,IAAI,CAAC;gBACH,MAAM,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACzC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,KAAK,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC,CAAC;QAEF,cAAc,EAAE,CAAC;IACnB,CAAC,EAAE;QACD,QAAQ;QACR,WAAW;QACX,MAAM,EAAE,WAAW;QACnB,MAAM;QACN,WAAW;QACX,UAAU;QACV,KAAK;QACL,iBAAiB;QACjB,kBAAkB;QAClB,QAAQ;QACR,SAAS;QACT,OAAO;KACR,CAAC,CAAC;IAEH,oDAAoD;IACpD,OAAO,4BAAG,QAAQ,GAAI,CAAC;AACzB,CAAC,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,CAAC","sourcesContent":["\"use client\";\nimport React, { useEffect } from \"react\";\nimport {\n GlobalAuthManager,\n type GlobalAuthConfig,\n} from \"../core/GlobalAuthManager.js\";\nimport type { DisplayMode } from \"@/types.js\";\nimport type { LoggingConfig } from \"@/vanillajs/auth/types/AuthTypes.js\";\n\nexport interface CivicAuthProviderProps {\n children: React.ReactNode;\n clientId: string;\n redirectUrl?: string;\n config?: {\n oauthServer?: string;\n };\n scopes?: string[];\n displayMode?: DisplayMode;\n iframeMode?: \"modal\" | \"embedded\";\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => void;\n nonce?: string;\n logoutRedirectUrl?: string;\n authProcessTimeout?: number;\n logging?: LoggingConfig;\n}\n\nconst CivicAuthProvider: React.FC<CivicAuthProviderProps> = ({\n children,\n clientId,\n redirectUrl,\n config,\n scopes,\n displayMode = \"iframe\",\n iframeMode = \"modal\",\n onSignIn,\n onSignOut,\n nonce,\n logoutRedirectUrl,\n authProcessTimeout,\n logging,\n}) => {\n // Initialize GlobalAuthManager with the provider config\n useEffect(() => {\n const globalConfig: GlobalAuthConfig = {\n clientId,\n redirectUrl,\n config: {\n oauthServer: config?.oauthServer,\n },\n scopes,\n displayMode,\n iframeMode,\n nonce,\n logoutRedirectUrl,\n authProcessTimeout,\n onSignIn,\n onSignOut,\n logging,\n framework: \"reactjs\",\n };\n\n const manager = GlobalAuthManager.getInstance();\n\n const initializeAuth = async () => {\n try {\n await manager.initialize(globalConfig);\n } catch (error) {\n console.error(\"Failed to initialize auth in CivicAuthProvider:\", error);\n }\n };\n\n initializeAuth();\n }, [\n clientId,\n redirectUrl,\n config?.oauthServer,\n scopes,\n displayMode,\n iframeMode,\n nonce,\n logoutRedirectUrl,\n authProcessTimeout,\n onSignIn,\n onSignOut,\n logging,\n ]);\n\n // Just render children - no context provider needed\n return <>{children}</>;\n};\n\nexport { CivicAuthProvider };\n"]}
1
+ {"version":3,"file":"CivicAuthProvider.js","sourceRoot":"","sources":["../../../src/reactjs/providers/CivicAuthProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AACb,OAAO,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACzC,OAAO,EACL,iBAAiB,GAElB,MAAM,8BAA8B,CAAC;AAwBtC,MAAM,iBAAiB,GAAqC,CAAC,EAC3D,QAAQ,EACR,QAAQ,EACR,WAAW,EACX,MAAM,EACN,MAAM,EACN,WAAW,GAAG,QAAQ,EACtB,UAAU,GAAG,OAAO,EACpB,QAAQ,EACR,SAAS,EACT,KAAK,EACL,iBAAiB,EACjB,kBAAkB,EAClB,aAAa,EACb,OAAO,EACP,YAAY,GAAG,IAAI,GACpB,EAAE,EAAE;IACH,wDAAwD;IACxD,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,YAAY,GAAqB;YACrC,QAAQ;YACR,WAAW;YACX,MAAM,EAAE;gBACN,WAAW,EAAE,MAAM,EAAE,WAAW;aACjC;YACD,MAAM;YACN,WAAW;YACX,UAAU;YACV,KAAK;YACL,iBAAiB;YACjB,kBAAkB;YAClB,aAAa;YACb,QAAQ;YACR,SAAS;YACT,OAAO;YACP,YAAY;YACZ,SAAS,EAAE,SAAS;SACrB,CAAC;QAEF,MAAM,OAAO,GAAG,iBAAiB,CAAC,WAAW,EAAE,CAAC;QAEhD,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE;YAChC,IAAI,CAAC;gBACH,MAAM,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACzC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,KAAK,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC,CAAC;QAEF,cAAc,EAAE,CAAC;IACnB,CAAC,EAAE;QACD,QAAQ;QACR,WAAW;QACX,MAAM,EAAE,WAAW;QACnB,MAAM;QACN,WAAW;QACX,UAAU;QACV,KAAK;QACL,iBAAiB;QACjB,kBAAkB;QAClB,aAAa;QACb,QAAQ;QACR,SAAS;QACT,OAAO;QACP,YAAY;KACb,CAAC,CAAC;IAEH,oDAAoD;IACpD,OAAO,4BAAG,QAAQ,GAAI,CAAC;AACzB,CAAC,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,CAAC","sourcesContent":["\"use client\";\nimport React, { useEffect } from \"react\";\nimport {\n GlobalAuthManager,\n type GlobalAuthConfig,\n} from \"../core/GlobalAuthManager.js\";\nimport type { DisplayMode } from \"@/types.js\";\nimport type { LoggingConfig } from \"@/vanillajs/auth/types/AuthTypes.js\";\n\nexport interface CivicAuthProviderProps {\n children: React.ReactNode;\n clientId: string;\n redirectUrl?: string;\n config?: {\n oauthServer?: string;\n };\n scopes?: string[];\n displayMode?: DisplayMode;\n iframeMode?: \"modal\" | \"embedded\";\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => void;\n nonce?: string;\n logoutRedirectUrl?: string;\n authProcessTimeout?: number;\n preloadIframe?: boolean;\n logging?: LoggingConfig;\n autoRedirect?: boolean;\n}\n\nconst CivicAuthProvider: React.FC<CivicAuthProviderProps> = ({\n children,\n clientId,\n redirectUrl,\n config,\n scopes,\n displayMode = \"iframe\",\n iframeMode = \"modal\",\n onSignIn,\n onSignOut,\n nonce,\n logoutRedirectUrl,\n authProcessTimeout,\n preloadIframe,\n logging,\n autoRedirect = true,\n}) => {\n // Initialize GlobalAuthManager with the provider config\n useEffect(() => {\n const globalConfig: GlobalAuthConfig = {\n clientId,\n redirectUrl,\n config: {\n oauthServer: config?.oauthServer,\n },\n scopes,\n displayMode,\n iframeMode,\n nonce,\n logoutRedirectUrl,\n authProcessTimeout,\n preloadIframe,\n onSignIn,\n onSignOut,\n logging,\n autoRedirect,\n framework: \"reactjs\",\n };\n\n const manager = GlobalAuthManager.getInstance();\n\n const initializeAuth = async () => {\n try {\n await manager.initialize(globalConfig);\n } catch (error) {\n console.error(\"Failed to initialize auth in CivicAuthProvider:\", error);\n }\n };\n\n initializeAuth();\n }, [\n clientId,\n redirectUrl,\n config?.oauthServer,\n scopes,\n displayMode,\n iframeMode,\n nonce,\n logoutRedirectUrl,\n authProcessTimeout,\n preloadIframe,\n onSignIn,\n onSignOut,\n logging,\n autoRedirect,\n ]);\n\n // Just render children - no context provider needed\n return <>{children}</>;\n};\n\nexport { CivicAuthProvider };\n"]}
package/dist/server/config.d.ts CHANGED
@@ -1,4 +1,16 @@
1
1
  import type { Endpoints } from "../types.ts";
2
+ /**
3
+ * Configuration for backend authentication endpoints
4
+ * Allows customization of API endpoints when using backend integration (loginUrl)
5
+ */
6
+ export interface BackendEndpoints {
7
+ /** Endpoint for token refresh (default: "/auth/refresh") */
8
+ refresh?: string;
9
+ /** Endpoint for logout (default: "/auth/logout") */
10
+ logout?: string;
11
+ /** Endpoint for user info and session validation (default: "/auth/user") */
12
+ user?: string;
13
+ }
2
14
  export type AuthConfig = {
3
15
  clientId: string;
4
16
  clientSecret?: string;
@@ -9,5 +21,40 @@ export type AuthConfig = {
9
21
  refreshUrl?: string;
10
22
  endpointOverrides?: Partial<Endpoints> | undefined;
11
23
  postLogoutRedirectUrl?: string;
24
+ loginUrl?: string;
25
+ /**
26
+ * Custom backend endpoints configuration for backend integration
27
+ * Only used when loginUrl is provided. Allows overriding default endpoints.
28
+ */
29
+ backendEndpoints?: BackendEndpoints;
30
+ /**
31
+ * Optional URL to redirect frontend clients back to after successful authentication.
32
+ * When provided, the backend will automatically redirect SPA clients to this URL
33
+ * instead of traditional server-side redirects. Useful for backend + frontend integration.
34
+ * Example: "http://localhost:5173" or "https://your-spa.com"
35
+ */
36
+ loginSuccessUrl?: string;
37
+ /**
38
+ * Optional CORS configuration for authentication endpoints
39
+ */
40
+ cors?: {
41
+ origin?: string | string[] | boolean;
42
+ credentials?: boolean;
43
+ optionsSuccessStatus?: number;
44
+ allowedHeaders?: string[];
45
+ exposedHeaders?: string[];
46
+ };
47
+ /**
48
+ * Optional logger configuration for authentication middleware
49
+ */
50
+ logger?: {
51
+ enabled?: boolean;
52
+ };
53
+ /**
54
+ * Optional flag to disable iframe detection in handleCallback.
55
+ * When true, callbacks will always attempt to redirect instead of returning HTML content for iframes.
56
+ * Useful for testing environments like Cypress where iframe detection may interfere with expected redirects.
57
+ */
58
+ disableIframeDetection?: boolean;
12
59
  };
13
60
  //# sourceMappingURL=config.d.ts.map
package/dist/server/config.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/server/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE5C,MAAM,MAAM,UAAU,GAAG;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC;IACnD,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,CAAC"}
1
+ {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/server/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE5C;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,4DAA4D;IAC5D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oDAAoD;IACpD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,4EAA4E;IAC5E,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC;IACnD,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC;;;;;OAKG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB;;OAEG;IACH,IAAI,CAAC,EAAE;QACL,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;QACrC,WAAW,CAAC,EAAE,OAAO,CAAC;QACtB,oBAAoB,CAAC,EAAE,MAAM,CAAC;QAC9B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;QAC1B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;KAC3B,CAAC;IACF;;OAEG;IACH,MAAM,CAAC,EAAE;QACP,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC;IACF;;;;OAIG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;CAClC,CAAC"}
package/dist/server/config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/server/config.ts"],"names":[],"mappings":"","sourcesContent":["import type { Endpoints } from \"@/types.ts\";\n\nexport type AuthConfig = {\n clientId: string;\n clientSecret?: string; // Optional client secret for confidential clients\n pkce?: boolean; // Optional PKCE flag, defaults to true if not specified\n redirectUrl: string;\n oauthServer?: string;\n challengeUrl?: string;\n refreshUrl?: string;\n endpointOverrides?: Partial<Endpoints> | undefined;\n postLogoutRedirectUrl?: string;\n};\n"]}
1
+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/server/config.ts"],"names":[],"mappings":"","sourcesContent":["import type { Endpoints } from \"@/types.ts\";\n\n/**\n * Configuration for backend authentication endpoints\n * Allows customization of API endpoints when using backend integration (loginUrl)\n */\nexport interface BackendEndpoints {\n /** Endpoint for token refresh (default: \"/auth/refresh\") */\n refresh?: string;\n /** Endpoint for logout (default: \"/auth/logout\") */\n logout?: string;\n /** Endpoint for user info and session validation (default: \"/auth/user\") */\n user?: string;\n}\n\nexport type AuthConfig = {\n clientId: string;\n clientSecret?: string; // Optional client secret for confidential clients\n pkce?: boolean; // Optional PKCE flag, defaults to true if not specified\n redirectUrl: string;\n oauthServer?: string;\n challengeUrl?: string;\n refreshUrl?: string;\n endpointOverrides?: Partial<Endpoints> | undefined;\n postLogoutRedirectUrl?: string;\n loginUrl?: string;\n /**\n * Custom backend endpoints configuration for backend integration\n * Only used when loginUrl is provided. Allows overriding default endpoints.\n */\n backendEndpoints?: BackendEndpoints;\n /**\n * Optional URL to redirect frontend clients back to after successful authentication.\n * When provided, the backend will automatically redirect SPA clients to this URL\n * instead of traditional server-side redirects. Useful for backend + frontend integration.\n * Example: \"http://localhost:5173\" or \"https://your-spa.com\"\n */\n loginSuccessUrl?: string;\n /**\n * Optional CORS configuration for authentication endpoints\n */\n cors?: {\n origin?: string | string[] | boolean;\n credentials?: boolean;\n optionsSuccessStatus?: number;\n allowedHeaders?: string[];\n exposedHeaders?: string[];\n };\n /**\n * Optional logger configuration for authentication middleware\n */\n logger?: {\n enabled?: boolean; // Defaults to true if not specified\n };\n /**\n * Optional flag to disable iframe detection in handleCallback.\n * When true, callbacks will always attempt to redirect instead of returning HTML content for iframes.\n * Useful for testing environments like Cypress where iframe detection may interfere with expected redirects.\n */\n disableIframeDetection?: boolean;\n};\n"]}
package/dist/server/index.d.ts CHANGED
@@ -1,5 +1,11 @@
1
1
  export { CookieStorage } from "../shared/lib/storage.js";
2
2
  export type { SessionStorage, CookieStorageSettings, } from "../shared/lib/storage.js";
3
- export type { AuthConfig } from "../server/config.js";
4
- export { CivicAuth } from "../server/session.js";
3
+ export type { AuthConfig } from "./config.js";
4
+ export { CivicAuth } from "./session.js";
5
+ export { type RequestContext } from "./login.js";
6
+ export type { CivicAuthServerOptions } from "../server/types/express.js";
7
+ export type { HandleCallbackRequest, HandleCallbackParams } from "./session.js";
8
+ export { buildLoginUrl, resolveOAuthAccessCode, isLoggedIn } from "./login.js";
9
+ export { buildLogoutRedirectUrl } from "./logout.js";
10
+ export { refreshTokens } from "./refresh.js";
5
11
  //# sourceMappingURL=index.d.ts.map
package/dist/server/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,YAAY,EACV,cAAc,EACd,qBAAqB,GACtB,MAAM,yBAAyB,CAAC;AACjC,YAAY,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,YAAY,EACV,cAAc,EACd,qBAAqB,GACtB,MAAM,yBAAyB,CAAC;AACjC,YAAY,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD,YAAY,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAExE,YAAY,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAChF,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAC/E,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC"}
package/dist/server/index.js CHANGED
@@ -1,5 +1,9 @@
1
1
  import { printVersion } from "../shared/index.js";
2
2
  printVersion();
3
3
  export { CookieStorage } from "../shared/lib/storage.js";
4
- export { CivicAuth } from "../server/session.js";
4
+ export { CivicAuth } from "./session.js";
5
+ export {} from "./login.js";
6
+ export { buildLoginUrl, resolveOAuthAccessCode, isLoggedIn } from "./login.js";
7
+ export { buildLogoutRedirectUrl } from "./logout.js";
8
+ export { refreshTokens } from "./refresh.js";
5
9
  //# sourceMappingURL=index.js.map
package/dist/server/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,YAAY,EAAE,CAAC;AAEf,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAMxD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC","sourcesContent":["import { printVersion } from \"@/shared/index.js\";\nprintVersion();\n\nexport { CookieStorage } from \"@/shared/lib/storage.js\";\nexport type {\n SessionStorage,\n CookieStorageSettings,\n} from \"@/shared/lib/storage.js\";\nexport type { AuthConfig } from \"@/server/config.js\";\nexport { CivicAuth } from \"@/server/session.js\";\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,YAAY,EAAE,CAAC;AAEf,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAMxD,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAuB,MAAM,YAAY,CAAC;AAKjD,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAC/E,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC","sourcesContent":["import { printVersion } from \"@/shared/index.js\";\nprintVersion();\n\nexport { CookieStorage } from \"@/shared/lib/storage.js\";\nexport type {\n SessionStorage,\n CookieStorageSettings,\n} from \"@/shared/lib/storage.js\";\nexport type { AuthConfig } from \"./config.js\";\nexport { CivicAuth } from \"./session.js\";\nexport { type RequestContext } from \"./login.js\";\n\nexport type { CivicAuthServerOptions } from \"@/server/types/express.js\";\n\nexport type { HandleCallbackRequest, HandleCallbackParams } from \"./session.js\";\nexport { buildLoginUrl, resolveOAuthAccessCode, isLoggedIn } from \"./login.js\";\nexport { buildLogoutRedirectUrl } from \"./logout.js\";\nexport { refreshTokens } from \"./refresh.js\";\n"]}
package/dist/server/login.d.ts CHANGED
@@ -1,5 +1,14 @@
1
1
  import type { AuthStorage, OIDCTokenResponseBody, FrameworkType } from "../types.js";
2
2
  import type { AuthConfig } from "../server/config.ts";
3
+ /**
4
+ * Context interface for detecting frontend vs backend requests
5
+ */
6
+ export interface RequestContext {
7
+ referer?: string;
8
+ origin?: string;
9
+ userAgent?: string;
10
+ acceptsJson?: boolean;
11
+ }
3
12
  /**
4
13
  * Resolve an OAuth access code to a set of OIDC tokens
5
14
  * @param code The access code, typically from a query parameter in the redirect url
package/dist/server/login.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/server/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,qBAAqB,EACrB,aAAa,EACd,MAAM,YAAY,CAAC;AAKpB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD;;;;;;GAMG;AACH,wBAAsB,sBAAsB,CAC1C,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,qBAAqB,CAAC,CAWhC;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAEvE;AAED,wBAAsB,aAAa,CACjC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,GAAG,aAAa,CAAC,GAClD,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,GAAG,MAAM,GAAG,cAAc,CAAC,CAAC,GAAG;IACnE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,aAAa,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,EACH,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,GAAG,CAAC,CAmCd"}
1
+ {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/server/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,qBAAqB,EACrB,aAAa,EACd,MAAM,YAAY,CAAC;AAKpB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;;;;;GAMG;AACH,wBAAsB,sBAAsB,CAC1C,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,qBAAqB,CAAC,CAWhC;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAEvE;AAED,wBAAsB,aAAa,CACjC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,GAAG,aAAa,CAAC,GAClD,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,GAAG,MAAM,GAAG,cAAc,CAAC,CAAC,GAAG;IACnE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,aAAa,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,EACH,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,GAAG,CAAC,CAsCd"}
package/dist/server/login.js CHANGED
@@ -21,19 +21,21 @@ export async function isLoggedIn(storage) {
21
21
  return !!(await storage.get("id_token"));
22
22
  }
23
23
  export async function buildLoginUrl(config, storage) {
24
- // Generate state: use provided state, or structured state with framework
25
- // and sdkVersion data, or random string
24
+ // Generate state: prioritize provided state (which preserves frontend display mode)
26
25
  let state;
27
26
  if (config.state) {
27
+ // Use the provided state (e.g., from frontend with display mode info)
28
28
  state = config.state;
29
29
  }
30
30
  else if (config.sdkVersion || config.framework) {
31
+ // Generate new structured state with framework/SDK info
31
32
  state = generateState({
32
33
  framework: config.framework,
33
34
  sdkVersion: config.sdkVersion,
34
35
  });
35
36
  }
36
37
  else {
38
+ // Generate random state as fallback
37
39
  state = Math.random().toString(36).substring(2);
38
40
  }
39
41
  const scopes = config.scopes ?? DEFAULT_SCOPES;
package/dist/server/login.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/server/login.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACrE,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,4BAA4B,EAAE,MAAM,0CAA0C,CAAC;AAExF,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAE/C;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,IAAY,EACZ,KAAa,EACb,OAAoB,EACpB,MAAkB;IAElB,MAAM,kBAAkB,GAAG,MAAM,4BAA4B,CAAC,KAAK,CACjE;QACE,GAAG,MAAM;QACT,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,mBAAmB;KACvD,EACD,OAAO,EACP,MAAM,CAAC,iBAAiB,CACzB,CAAC;IAEF,OAAO,kBAAkB,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAoB;IACnD,OAAO,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAOG,EACH,OAAqB;IAErB,yEAAyE;IACzE,wCAAwC;IACxC,IAAI,KAAa,CAAC;IAClB,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;IACvB,CAAC;SAAM,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACjD,KAAK,GAAG,aAAa,CAAC;YACpB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,cAAc,CAAC;IAE/C,mDAAmD;IACnD,8DAA8D;IAC9D,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC;IAEtC,iEAAiE;IACjE,MAAM,YAAY,GAChB,OAAO,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE3E,MAAM,aAAa,GAAG,IAAI,8BAA8B,CAAC;QACvD,GAAG,MAAM;QACT,KAAK;QACL,MAAM;QACN,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,mBAAmB;QACtD,mGAAmG;QACnG,kEAAkE;QAClE,YAAY,EAAE,YAAY,IAAI,SAAS;KACxC,CAAC,CAAC;IAEH,OAAO,aAAa,CAAC,MAAM,EAAE,CAAC;AAChC,CAAC","sourcesContent":["import type {\n AuthStorage,\n OIDCTokenResponseBody,\n FrameworkType,\n} from \"@/types.js\";\nimport { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from \"@/constants.js\";\nimport { GenericAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { ServerAuthenticationResolver } from \"@/server/ServerAuthenticationResolver.js\";\nimport type { AuthConfig } from \"@/server/config.ts\";\nimport { generateState } from \"@/lib/oauth.js\";\n\n/**\n * Resolve an OAuth access code to a set of OIDC tokens\n * @param code The access code, typically from a query parameter in the redirect url\n * @param state The oauth random state string, used to distinguish between requests. Typically also passed in the redirect url\n * @param storage The place that this server uses to store session data (e.g. a cookie store)\n * @param config Oauth Server configuration\n */\nexport async function resolveOAuthAccessCode(\n code: string,\n state: string,\n storage: AuthStorage,\n config: AuthConfig,\n): Promise<OIDCTokenResponseBody> {\n const authSessionService = await ServerAuthenticationResolver.build(\n {\n ...config,\n oauthServer: config.oauthServer ?? DEFAULT_AUTH_SERVER,\n },\n storage,\n config.endpointOverrides,\n );\n\n return authSessionService.tokenExchange(code, state);\n}\n\nexport async function isLoggedIn(storage: AuthStorage): Promise<boolean> {\n return !!(await storage.get(\"id_token\"));\n}\n\nexport async function buildLoginUrl(\n config: Pick<AuthConfig, \"clientId\" | \"redirectUrl\"> &\n Partial<Pick<AuthConfig, \"oauthServer\" | \"pkce\" | \"clientSecret\">> & {\n scopes?: string[];\n state?: string;\n nonce?: string;\n framework?: FrameworkType;\n sdkVersion?: string;\n },\n storage?: AuthStorage,\n): Promise<URL> {\n // Generate state: use provided state, or structured state with framework\n // and sdkVersion data, or random string\n let state: string;\n if (config.state) {\n state = config.state;\n } else if (config.sdkVersion || config.framework) {\n state = generateState({\n framework: config.framework,\n sdkVersion: config.sdkVersion,\n });\n } else {\n state = Math.random().toString(36).substring(2);\n }\n const scopes = config.scopes ?? DEFAULT_SCOPES;\n\n // Determine if PKCE should be used based on config\n // Default to true for backward compatibility if not specified\n const usePkce = config.pkce !== false;\n\n // Only create PKCE producer if we're using PKCE and have storage\n const pkceProducer =\n usePkce && storage ? new GenericPublicClientPKCEProducer(storage) : null;\n\n const authInitiator = new GenericAuthenticationInitiator({\n ...config,\n state,\n scopes,\n oauthServer: config.oauthServer ?? DEFAULT_AUTH_SERVER,\n // When retrieving the PKCE challenge on the server-side, we produce it and store it in the session\n // For confidential clients not using PKCE, this will be undefined\n pkceConsumer: pkceProducer ?? undefined,\n });\n\n return authInitiator.signIn();\n}\n"]}
1
+ {"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/server/login.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACrE,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,4BAA4B,EAAE,MAAM,0CAA0C,CAAC;AAExF,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAY/C;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,IAAY,EACZ,KAAa,EACb,OAAoB,EACpB,MAAkB;IAElB,MAAM,kBAAkB,GAAG,MAAM,4BAA4B,CAAC,KAAK,CACjE;QACE,GAAG,MAAM;QACT,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,mBAAmB;KACvD,EACD,OAAO,EACP,MAAM,CAAC,iBAAiB,CACzB,CAAC;IAEF,OAAO,kBAAkB,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAoB;IACnD,OAAO,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAOG,EACH,OAAqB;IAErB,oFAAoF;IACpF,IAAI,KAAa,CAAC;IAClB,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,sEAAsE;QACtE,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;IACvB,CAAC;SAAM,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACjD,wDAAwD;QACxD,KAAK,GAAG,aAAa,CAAC;YACpB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,oCAAoC;QACpC,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,cAAc,CAAC;IAE/C,mDAAmD;IACnD,8DAA8D;IAC9D,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC;IAEtC,iEAAiE;IACjE,MAAM,YAAY,GAChB,OAAO,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE3E,MAAM,aAAa,GAAG,IAAI,8BAA8B,CAAC;QACvD,GAAG,MAAM;QACT,KAAK;QACL,MAAM;QACN,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,mBAAmB;QACtD,mGAAmG;QACnG,kEAAkE;QAClE,YAAY,EAAE,YAAY,IAAI,SAAS;KACxC,CAAC,CAAC;IAEH,OAAO,aAAa,CAAC,MAAM,EAAE,CAAC;AAChC,CAAC","sourcesContent":["import type {\n AuthStorage,\n OIDCTokenResponseBody,\n FrameworkType,\n} from \"@/types.js\";\nimport { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from \"@/constants.js\";\nimport { GenericAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { ServerAuthenticationResolver } from \"@/server/ServerAuthenticationResolver.js\";\nimport type { AuthConfig } from \"@/server/config.ts\";\nimport { generateState } from \"@/lib/oauth.js\";\n\n/**\n * Context interface for detecting frontend vs backend requests\n */\nexport interface RequestContext {\n referer?: string;\n origin?: string;\n userAgent?: string;\n acceptsJson?: boolean;\n}\n\n/**\n * Resolve an OAuth access code to a set of OIDC tokens\n * @param code The access code, typically from a query parameter in the redirect url\n * @param state The oauth random state string, used to distinguish between requests. Typically also passed in the redirect url\n * @param storage The place that this server uses to store session data (e.g. a cookie store)\n * @param config Oauth Server configuration\n */\nexport async function resolveOAuthAccessCode(\n code: string,\n state: string,\n storage: AuthStorage,\n config: AuthConfig,\n): Promise<OIDCTokenResponseBody> {\n const authSessionService = await ServerAuthenticationResolver.build(\n {\n ...config,\n oauthServer: config.oauthServer ?? DEFAULT_AUTH_SERVER,\n },\n storage,\n config.endpointOverrides,\n );\n\n return authSessionService.tokenExchange(code, state);\n}\n\nexport async function isLoggedIn(storage: AuthStorage): Promise<boolean> {\n return !!(await storage.get(\"id_token\"));\n}\n\nexport async function buildLoginUrl(\n config: Pick<AuthConfig, \"clientId\" | \"redirectUrl\"> &\n Partial<Pick<AuthConfig, \"oauthServer\" | \"pkce\" | \"clientSecret\">> & {\n scopes?: string[];\n state?: string;\n nonce?: string;\n framework?: FrameworkType;\n sdkVersion?: string;\n },\n storage?: AuthStorage,\n): Promise<URL> {\n // Generate state: prioritize provided state (which preserves frontend display mode)\n let state: string;\n if (config.state) {\n // Use the provided state (e.g., from frontend with display mode info)\n state = config.state;\n } else if (config.sdkVersion || config.framework) {\n // Generate new structured state with framework/SDK info\n state = generateState({\n framework: config.framework,\n sdkVersion: config.sdkVersion,\n });\n } else {\n // Generate random state as fallback\n state = Math.random().toString(36).substring(2);\n }\n\n const scopes = config.scopes ?? DEFAULT_SCOPES;\n\n // Determine if PKCE should be used based on config\n // Default to true for backward compatibility if not specified\n const usePkce = config.pkce !== false;\n\n // Only create PKCE producer if we're using PKCE and have storage\n const pkceProducer =\n usePkce && storage ? new GenericPublicClientPKCEProducer(storage) : null;\n\n const authInitiator = new GenericAuthenticationInitiator({\n ...config,\n state,\n scopes,\n oauthServer: config.oauthServer ?? DEFAULT_AUTH_SERVER,\n // When retrieving the PKCE challenge on the server-side, we produce it and store it in the session\n // For confidential clients not using PKCE, this will be undefined\n pkceConsumer: pkceProducer ?? undefined,\n });\n\n return authInitiator.signIn();\n}\n"]}
package/dist/server/refresh.d.ts CHANGED
@@ -3,5 +3,5 @@ import type { AuthConfig } from "../server/config.ts";
3
3
  /**
4
4
  * Refresh the current set of OIDC tokens
5
5
  */
6
- export declare function refreshTokens(storage: AuthStorage, config: AuthConfig): Promise<OIDCTokenResponseBody>;
6
+ export declare function refreshTokens(storage: AuthStorage, config: AuthConfig): Promise<OIDCTokenResponseBody | null>;
7
7
  //# sourceMappingURL=refresh.d.ts.map
package/dist/server/refresh.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../src/server/refresh.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAErE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD;;GAEG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,qBAAqB,CAAC,CAehC"}
1
+ {"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../src/server/refresh.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAErE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD;;GAEG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAevC"}
package/dist/server/refresh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"refresh.js","sourceRoot":"","sources":["../../src/server/refresh.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,OAAO,EAAE,2BAA2B,EAAE,MAAM,6CAA6C,CAAC;AAE1F;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAoB,EACpB,MAAkB;IAElB,MAAM,SAAS,GAAG,MAAM,2BAA2B,CAAC,KAAK,CACvD;QACE,GAAG,MAAM;QACT,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,mBAAmB;KACvD,EACD,OAAO,EACP,CAAC,KAAK,EAAE,EAAE;QACR,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAChD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC,EACD,MAAM,CAAC,iBAAiB,CACzB,CAAC;IAEF,OAAO,SAAS,CAAC,aAAa,EAAE,CAAC;AACnC,CAAC","sourcesContent":["import type { AuthStorage, OIDCTokenResponseBody } from \"@/types.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\nimport type { AuthConfig } from \"@/server/config.ts\";\nimport { AuthenticationRefresherImpl } from \"@/shared/lib/AuthenticationRefresherImpl.js\";\n\n/**\n * Refresh the current set of OIDC tokens\n */\nexport async function refreshTokens(\n storage: AuthStorage,\n config: AuthConfig,\n): Promise<OIDCTokenResponseBody> {\n const refresher = await AuthenticationRefresherImpl.build(\n {\n ...config,\n oauthServer: config.oauthServer ?? DEFAULT_AUTH_SERVER,\n },\n storage,\n (error) => {\n console.error(\"Error refreshing tokens\", error);\n return Promise.reject(error);\n },\n config.endpointOverrides,\n );\n\n return refresher.refreshTokens();\n}\n"]}
1
+ {"version":3,"file":"refresh.js","sourceRoot":"","sources":["../../src/server/refresh.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,OAAO,EAAE,2BAA2B,EAAE,MAAM,6CAA6C,CAAC;AAE1F;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAoB,EACpB,MAAkB;IAElB,MAAM,SAAS,GAAG,MAAM,2BAA2B,CAAC,KAAK,CACvD;QACE,GAAG,MAAM;QACT,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,mBAAmB;KACvD,EACD,OAAO,EACP,CAAC,KAAK,EAAE,EAAE;QACR,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAChD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC,EACD,MAAM,CAAC,iBAAiB,CACzB,CAAC;IAEF,OAAO,SAAS,CAAC,aAAa,EAAE,CAAC;AACnC,CAAC","sourcesContent":["import type { AuthStorage, OIDCTokenResponseBody } from \"@/types.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\nimport type { AuthConfig } from \"@/server/config.ts\";\nimport { AuthenticationRefresherImpl } from \"@/shared/lib/AuthenticationRefresherImpl.js\";\n\n/**\n * Refresh the current set of OIDC tokens\n */\nexport async function refreshTokens(\n storage: AuthStorage,\n config: AuthConfig,\n): Promise<OIDCTokenResponseBody | null> {\n const refresher = await AuthenticationRefresherImpl.build(\n {\n ...config,\n oauthServer: config.oauthServer ?? DEFAULT_AUTH_SERVER,\n },\n storage,\n (error) => {\n console.error(\"Error refreshing tokens\", error);\n return Promise.reject(error);\n },\n config.endpointOverrides,\n );\n\n return refresher.refreshTokens();\n}\n"]}
package/dist/server/session.d.ts CHANGED
@@ -1,6 +1,21 @@
1
1
  import { type AuthStorage, type OAuthTokens, type User, type EmptyObject, type UnknownObject, type OIDCTokenResponseBody } from "../types.js";
2
2
  import type { AuthConfig } from "../server/config.js";
3
3
  import type { AuthenticationResolver } from "../services/types.js";
4
+ export type HandleCallbackRequest = {
5
+ headers: {
6
+ [key: string]: string | string[] | undefined;
7
+ referer?: string;
8
+ origin?: string;
9
+ "user-agent"?: string;
10
+ accept?: string;
11
+ "sec-fetch-dest"?: string;
12
+ };
13
+ };
14
+ export type HandleCallbackParams = {
15
+ code: string;
16
+ state: string;
17
+ req: HandleCallbackRequest;
18
+ };
4
19
  /**
5
20
  * CivicAuth is the main entry point for server-side authentication operations.
6
21
  * It provides a unified interface to all the authentication functions.
@@ -55,12 +70,55 @@ export declare class CivicAuth {
55
70
  }): Promise<URL>;
56
71
  /**
57
72
  * Refresh the current set of OIDC tokens
58
- * @returns The refreshed tokens
73
+ * @returns The refreshed tokens or null for backend flows where tokens are managed in HTTP-only cookies
59
74
  */
60
- refreshTokens(): Promise<OIDCTokenResponseBody>;
75
+ refreshTokens(): Promise<OIDCTokenResponseBody | null>;
61
76
  /**
62
77
  * Clear all authentication tokens from storage
63
78
  */
64
79
  clearTokens(): Promise<void>;
80
+ /**
81
+ * Smart callback handler that automatically detects frontend vs backend requests
82
+ * and redirects appropriately. Use this instead of resolveOAuthAccessCode + manual redirect.
83
+ *
84
+ * @param params An object containing the authorization code, state, and the incoming request.
85
+ * @param params.code The authorization code from query parameters.
86
+ * @param params.state The OAuth state parameter.
87
+ * @param params.req The incoming request object (e.g., from Express).
88
+ * @param options Configuration options (frontendUrl override, apiResponse flag).
89
+ * @returns Object with redirect information or HTML content for iframe completion.
90
+ *
91
+ * @example
92
+ * ```javascript
93
+ * app.get('/auth/callback', async (req, res) => {
94
+ * const { code, state } = req.query;
95
+ * // The request object 'req' is passed directly
96
+ * const result = await req.civicAuth.handleCallback({ code, state, req });
97
+ *
98
+ * if (result.htmlContent) {
99
+ * res.setHeader('Content-Type', 'text/html');
100
+ * res.send(result.htmlContent);
101
+ * } else if (result.redirectTo) {
102
+ * res.redirect(result.redirectTo);
103
+ * } else {
104
+ * res.json({ success: true, user: result.user });
105
+ * }
106
+ * });
107
+ * ```
108
+ */
109
+ handleCallback({ code, state, req }: HandleCallbackParams, options?: {
110
+ frontendUrl?: string;
111
+ apiResponse?: boolean;
112
+ }): Promise<{
113
+ redirectTo?: string;
114
+ content?: string | {
115
+ success: boolean;
116
+ user?: User | null;
117
+ };
118
+ }>;
119
+ /**
120
+ * Generate HTML content for iframe completion that sends postMessage to parent
121
+ */
122
+ private generateIframeCompletionHtml;
65
123
  }
66
124
  //# sourceMappingURL=session.d.ts.map
package/dist/server/session.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/server/session.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,IAAI,EACT,KAAK,WAAW,EAChB,KAAK,aAAa,EAClB,KAAK,qBAAqB,EAC3B,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAarD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAElE;;;GAGG;AACH,qBAAa,SAAS;IAGlB,QAAQ,CAAC,OAAO,EAAE,WAAW;IAC7B,QAAQ,CAAC,UAAU,EAAE,UAAU;IAHjC,aAAa,EAAE,sBAAsB,GAAG,IAAI,CAAQ;gBAEzC,OAAO,EAAE,WAAW,EACpB,UAAU,EAAE,UAAU;IAGjC,IAAI,WAAW,IAAI,MAAM,CAExB;IAEK,eAAe,IAAI,OAAO,CAAC,sBAAsB,CAAC;IAaxD;;;OAGG;IACG,OAAO,CACX,CAAC,SAAS,aAAa,GAAG,WAAW,KAClC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAkB5B;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAkB9C;;;;;OAKG;IACG,sBAAsB,CAC1B,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IAIjC;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC;IAMpC;;;;OAIG;IACG,aAAa,CAAC,OAAO,CAAC,EAAE;QAC5B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,GAAG,CAAC;IAchB;;;;OAIG;IACG,sBAAsB,CAAC,OAAO,CAAC,EAAE;QACrC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,GAAG,CAAC;IAWhB;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,qBAAqB,CAAC;IAIrD;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CAGnC"}
1
+ {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/server/session.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,IAAI,EACT,KAAK,WAAW,EAChB,KAAK,aAAa,EAClB,KAAK,qBAAqB,EAE3B,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAgBrD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAIlE,MAAM,MAAM,qBAAqB,GAAG;IAClC,OAAO,EAAE;QACP,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC;QAC7C,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC3B,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,qBAAqB,CAAC;CAC5B,CAAC;AAwCF;;;GAGG;AACH,qBAAa,SAAS;IAGlB,QAAQ,CAAC,OAAO,EAAE,WAAW;IAC7B,QAAQ,CAAC,UAAU,EAAE,UAAU;IAHjC,aAAa,EAAE,sBAAsB,GAAG,IAAI,CAAQ;gBAEzC,OAAO,EAAE,WAAW,EACpB,UAAU,EAAE,UAAU;IAGjC,IAAI,WAAW,IAAI,MAAM,CAExB;IAEK,eAAe,IAAI,OAAO,CAAC,sBAAsB,CAAC;IAaxD;;;OAGG;IACG,OAAO,CACX,CAAC,SAAS,aAAa,GAAG,WAAW,KAClC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAkB5B;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAoB9C;;;;;OAKG;IACG,sBAAsB,CAC1B,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IAIjC;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC;IAMpC;;;;OAIG;IACG,aAAa,CAAC,OAAO,CAAC,EAAE;QAC5B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,GAAG,CAAC;IAchB;;;;OAIG;IACG,sBAAsB,CAAC,OAAO,CAAC,EAAE;QACrC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,GAAG,CAAC;IAyChB;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC;IAI5D;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;IAIlC;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACG,cAAc,CAClB,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,oBAAoB,EAC1C,OAAO,CAAC,EAAE;QACR,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,OAAO,CAAC;KACvB,GACA,OAAO,CAAC;QACT,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,OAAO,CAAC,EAAE,MAAM,GAAG;YAAE,OAAO,EAAE,OAAO,CAAC;YAAC,IAAI,CAAC,EAAE,IAAI,GAAG,IAAI,CAAA;SAAE,CAAC;KAC7D,CAAC;IAyFF;;OAEG;IACH,OAAO,CAAC,4BAA4B;CA0DrC"}