@civic/auth 0.8.3-beta.1 → 0.9.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. package/CHANGELOG.md +5 -0
  2. package/README.md +3 -3
  3. package/dist/constants.d.ts +2 -1
  4. package/dist/constants.d.ts.map +1 -1
  5. package/dist/constants.js +3 -1
  6. package/dist/constants.js.map +1 -1
  7. package/dist/nextjs/config.d.ts +3 -0
  8. package/dist/nextjs/config.d.ts.map +1 -1
  9. package/dist/nextjs/config.js +3 -0
  10. package/dist/nextjs/config.js.map +1 -1
  11. package/dist/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
  12. package/dist/nextjs/providers/NextAuthProvider.js +1 -1
  13. package/dist/nextjs/providers/NextAuthProvider.js.map +1 -1
  14. package/dist/reactjs/core/GlobalAuthManager.d.ts +1 -0
  15. package/dist/reactjs/core/GlobalAuthManager.d.ts.map +1 -1
  16. package/dist/reactjs/core/GlobalAuthManager.js +3 -1
  17. package/dist/reactjs/core/GlobalAuthManager.js.map +1 -1
  18. package/dist/reactjs/providers/CivicAuthProvider.d.ts +1 -0
  19. package/dist/reactjs/providers/CivicAuthProvider.d.ts.map +1 -1
  20. package/dist/reactjs/providers/CivicAuthProvider.js +3 -1
  21. package/dist/reactjs/providers/CivicAuthProvider.js.map +1 -1
  22. package/dist/services/AuthenticationService.d.ts +8 -2
  23. package/dist/services/AuthenticationService.d.ts.map +1 -1
  24. package/dist/services/AuthenticationService.js +20 -6
  25. package/dist/services/AuthenticationService.js.map +1 -1
  26. package/dist/shared/components/IFrameAndLoading.d.ts.map +1 -1
  27. package/dist/shared/components/IFrameAndLoading.js +1 -1
  28. package/dist/shared/components/IFrameAndLoading.js.map +1 -1
  29. package/dist/shared/hooks/useSignIn.d.ts.map +1 -1
  30. package/dist/shared/hooks/useSignIn.js +4 -3
  31. package/dist/shared/hooks/useSignIn.js.map +1 -1
  32. package/dist/shared/lib/iframeUtils.d.ts +1 -0
  33. package/dist/shared/lib/iframeUtils.d.ts.map +1 -1
  34. package/dist/shared/lib/iframeUtils.js +9 -0
  35. package/dist/shared/lib/iframeUtils.js.map +1 -1
  36. package/dist/shared/lib/types.d.ts +1 -0
  37. package/dist/shared/lib/types.d.ts.map +1 -1
  38. package/dist/shared/lib/types.js.map +1 -1
  39. package/dist/shared/providers/CivicAuthConfigContext.d.ts +2 -1
  40. package/dist/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
  41. package/dist/shared/providers/CivicAuthConfigContext.js +3 -1
  42. package/dist/shared/providers/CivicAuthConfigContext.js.map +1 -1
  43. package/dist/shared/version.d.ts +1 -1
  44. package/dist/shared/version.js +1 -1
  45. package/dist/shared/version.js.map +1 -1
  46. package/dist/vanillajs/auth/CivicAuth.d.ts +1 -0
  47. package/dist/vanillajs/auth/CivicAuth.d.ts.map +1 -1
  48. package/dist/vanillajs/auth/CivicAuth.js +15 -1
  49. package/dist/vanillajs/auth/CivicAuth.js.map +1 -1
  50. package/dist/vanillajs/auth/config/ConfigProcessor.d.ts.map +1 -1
  51. package/dist/vanillajs/auth/config/ConfigProcessor.js +1 -0
  52. package/dist/vanillajs/auth/config/ConfigProcessor.js.map +1 -1
  53. package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts +10 -0
  54. package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts.map +1 -1
  55. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js +24 -1
  56. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js.map +1 -1
  57. package/dist/vanillajs/auth/handlers/MessageHandler.d.ts +2 -0
  58. package/dist/vanillajs/auth/handlers/MessageHandler.d.ts.map +1 -1
  59. package/dist/vanillajs/auth/handlers/MessageHandler.js +7 -0
  60. package/dist/vanillajs/auth/handlers/MessageHandler.js.map +1 -1
  61. package/dist/vanillajs/auth/types/AuthTypes.d.ts +3 -0
  62. package/dist/vanillajs/auth/types/AuthTypes.d.ts.map +1 -1
  63. package/dist/vanillajs/auth/types/AuthTypes.js.map +1 -1
  64. package/dist/vanillajs/iframe/IframeManager.d.ts.map +1 -1
  65. package/dist/vanillajs/iframe/IframeManager.js +11 -6
  66. package/dist/vanillajs/iframe/IframeManager.js.map +1 -1
  67. package/package.json +1 -1
package/dist/services/AuthenticationService.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,aAAa,EACb,qBAAqB,EAErB,qBAAqB,EACrB,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,+BAA+B,EAEhC,MAAM,oBAAoB,CAAC;AAgB5B,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACb,MAAM,qBAAqB,CAAC;AA2B7B,MAAM,MAAM,oCAAoC,GAAG;IACjD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B,CAAC;AAEF,MAAM,MAAM,oCAAoC,GAAG,IAAI,CACrD,oCAAoC,EACpC,OAAO,CACR,GAAG;IACF,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAE1B,WAAW,EAAE,WAAW,CAAC;IAEzB,iBAAiB,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAEzC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,SAAS,CAAC,EAAE,aAAa,CAAC;CAC3B,CAAC;AAKF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAgC1E,QAAQ,CAAC,gBAAgB,UAxDW,qBAAqB;IAyB3D,OAAO,CAAC,kBAAkB,CAAgD;IAE1E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;IACvD,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC;IAE5C,cAAc,CAAC,WAAW,EAAE,WAAW;IAI9C,IAAI,WAAW,gBAEd;IAED,IAAI,qBAAqB,YAExB;IACD,IAAI,KAAK,WASR;IACM,UAAU,EAAE,MAAM,CAAC;IACnB,mCAAmC,EAAE,MAAM,CAAM;gBAGtD,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM,EACjB,gBAAgB,WAxDW,qBAAqB,SAwDN;IA2C/C,yBAAyB,CAAC,WAAW,EAAE,MAAM;IAQ7C,8BAA8B,CAAC,WAAW,EAAE,MAAM;IASlD,6CAA6C;IAqC7C,0BAA0B,CAAC,OAAO,EAAE,qBAAqB;IAIzD,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC;IAU5B,MAAM,CAAC,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IAsCzD,OAAO,CACX,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAClC,OAAO,CAAC,GAAG,CAAC;IA2Df,OAAO;CAKR;AAED;;;GAGG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;gBAE3C,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAMhC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC;IAItB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CAM7C;AAED,KAAK,2BAA2B,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IACvC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,8BAA8B;IAQ5E,SAAS,CAAC,YAAY;IAPxB,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;gBAIvC,MAAM,EAAE,2BAA2B,EAEzB,YAAY,kCAAwC;IAY1D,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAkBrB,kBAAkB,CAAC,MAAM,EAAE,qBAAqB;IAiBhD,aAAa,CACjB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IAkC3B,cAAc,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAa7C,gBAAgB,CACpB,WAAW,EAAE,WAAW,GAAG,IAAI,GAC9B,OAAO,CAAC,WAAW,CAAC;IA0EjB,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC;IA2CrD,IAAI,WAAW,IAAI,MAAM,CAExB;IAEK,qBAAqB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;WAOxC,KAAK,CAChB,MAAM,EAAE,2BAA2B,GAClC,OAAO,CAAC,sBAAsB,CAAC;CAMnC"}
1
+ {"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,aAAa,EACb,qBAAqB,EAErB,qBAAqB,EACrB,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,+BAA+B,EAEhC,MAAM,oBAAoB,CAAC;AAgB5B,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACb,MAAM,qBAAqB,CAAC;AA4B7B,MAAM,MAAM,oCAAoC,GAAG;IACjD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B,CAAC;AAEF,MAAM,MAAM,oCAAoC,GAAG,IAAI,CACrD,oCAAoC,EACpC,OAAO,CACR,GAAG;IACF,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAE1B,WAAW,EAAE,WAAW,CAAC;IAEzB,iBAAiB,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAEzC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,SAAS,CAAC,EAAE,aAAa,CAAC;IAE1B,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB,CAAC;AAKF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAiC1E,QAAQ,CAAC,gBAAgB,UAzDW,qBAAqB;IAyB3D,OAAO,CAAC,kBAAkB,CAAgD;IAE1E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;IACvD,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC;IACnD,OAAO,CAAC,UAAU,CAAkC;IAE7C,cAAc,CAAC,WAAW,EAAE,WAAW;IAI9C,IAAI,WAAW,gBAEd;IAED,IAAI,qBAAqB,YAExB;IACD,IAAI,KAAK,WASR;IACM,UAAU,EAAE,MAAM,CAAC;IACnB,mCAAmC,EAAE,MAAM,CAAM;gBAGtD,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM,EACjB,gBAAgB,WAzDW,qBAAqB,SAyDN;IA2C/C,yBAAyB,CAAC,WAAW,EAAE,MAAM;IAQ7C,8BAA8B,CAAC,WAAW,EAAE,MAAM;uBA0BvC,OAAO;;IADlB,6CAA6C,IAAI,OAAO,CAAC;QAC7D,aAAa,EAAE,OAAO,CAAC;KACxB,CAAC;IAgCI,0BAA0B,CAAC,OAAO,EAAE,qBAAqB;IAIzD,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC;IAU5B,MAAM,CAAC,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IAsCzD,OAAO,CACX,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,SAAS,EAAE,iBAAiB,GAAG,IAAI,GAClC,OAAO,CAAC,GAAG,CAAC;IA2Df,OAAO;CAKR;AAED;;;GAGG;AACH,qBAAa,8BAA+B,YAAW,uBAAuB;IAC5E,SAAS,CAAC,MAAM,EAAE,oCAAoC,CAAC;gBAE3C,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM;IAMhC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC;IAItB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CAM7C;AAED,KAAK,2BAA2B,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IACvC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,8BAA8B;IAQ5E,SAAS,CAAC,YAAY;IAPxB,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,SAAS,CAAwB;gBAIvC,MAAM,EAAE,2BAA2B,EAEzB,YAAY,kCAAwC;IAY1D,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAkBrB,kBAAkB,CAAC,MAAM,EAAE,qBAAqB;IAiBhD,aAAa,CACjB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,qBAAqB,CAAC;IAkC3B,cAAc,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAa7C,gBAAgB,CACpB,WAAW,EAAE,WAAW,GAAG,IAAI,GAC9B,OAAO,CAAC,WAAW,CAAC;IA0EjB,uBAAuB,IAAI,OAAO,CAAC,WAAW,CAAC;IA2CrD,IAAI,WAAW,IAAI,MAAM,CAExB;IAEK,qBAAqB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;WAOxC,KAAK,CAChB,MAAM,EAAE,2BAA2B,GAClC,OAAO,CAAC,sBAAsB,CAAC;CAMnC"}
package/dist/services/AuthenticationService.js CHANGED
@@ -11,7 +11,7 @@ import { DEFAULT_AUTH_SERVER, DEFAULT_OAUTH_GET_PARAMS, LOGOUT_STATE, } from "..
11
11
  import { validateLoginAppPostMessage } from "../lib/postMessage.js";
12
12
  import { getUser } from "../shared/lib/session.js";
13
13
  import { GenericUserSession } from "../shared/lib/UserSession.js";
14
- import { getIframeRef, isEmbeddedIframeMode, } from "../shared/lib/iframeUtils.js";
14
+ import { getIframeRef, iframeIsVisible, isEmbeddedIframeMode, } from "../shared/lib/iframeUtils.js";
15
15
  import { v4 as uuid } from "uuid";
16
16
  import { CodeVerifier } from "../shared/lib/types.js";
17
17
  import { BrowserAuthenticationRefresher } from "../shared/lib/BrowserAuthenticationRefresher.js";
@@ -51,6 +51,7 @@ export class BrowserAuthenticationInitiator {
51
51
  postMessageHandler = null;
52
52
  config;
53
53
  static browserCorsFailsSilentlyRedirectUrl;
54
+ _iframeRef = null;
54
55
  setDisplayMode(displayMode) {
55
56
  this.config.displayMode = displayMode;
56
57
  }
@@ -107,18 +108,29 @@ export class BrowserAuthenticationInitiator {
107
108
  window.location.href = redirectUrl;
108
109
  }
109
110
  async handleBrowserCorsFailsSilently(redirectUrl) {
110
- console.warn("Login app opened in a browser where popups fail silently...", redirectUrl);
111
+ console.warn("Login app opened in a browser where popups fail silently...", {
112
+ redirectUrl,
113
+ iframeIsVisible: iframeIsVisible(),
114
+ autoRedirect: this.config.autoRedirect,
115
+ });
111
116
  BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl =
112
117
  redirectUrl;
118
+ // Check autoRedirect config before proceeding
119
+ if (this.config.autoRedirect !== false && iframeIsVisible()) {
120
+ // hide the iframe as we're in redirect mode
121
+ // to avoid it loading then immediately disappearing
122
+ const iframe = document.getElementById("civic-auth-iframe-container");
123
+ if (iframe) {
124
+ iframe.style.display = "none";
125
+ }
126
+ return this.handleUserInteractionBrowserCorsFailsSilently();
127
+ }
113
128
  }
114
129
  async handleUserInteractionBrowserCorsFailsSilently() {
115
130
  const isInEmbeddedIframeMode = isEmbeddedIframeMode();
116
- console.log("BrowserAuthenticationInitiator.handleUserInteractionBrowserCorsFailsSilently", {
117
- browserCorsFailsSilentlyRedirectUrl: BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl,
118
- isInEmbeddedIframeMode,
119
- });
120
131
  // check if the iframe is visible
121
132
  if (!isInEmbeddedIframeMode &&
133
+ this.config.autoRedirect !== false && // Add this check
122
134
  BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl) {
123
135
  console.warn("Browser CORS failed silently, redirecting...", BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl);
124
136
  this.config.displayMode = "redirect";
@@ -130,7 +142,9 @@ export class BrowserAuthenticationInitiator {
130
142
  setTimeout(() => {
131
143
  window.location.href = signInUrl.toString();
132
144
  }, 100);
145
+ return { isRedirecting: true };
133
146
  }
147
+ return { isRedirecting: false };
134
148
  }
135
149
  async handleLoginAppDesignUpdate(options) {
136
150
  this.setDesignOptions(options);
package/dist/services/AuthenticationService.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationService.js","sourceRoot":"","sources":["../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAAA,8EAA8E;AAW9E,OAAO,EACL,+BAA+B,EAC/B,8BAA8B,GAC/B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,WAAW,EACX,SAAS,EACT,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EACtB,yBAAyB,EACzB,cAAc,EACd,WAAW,EACX,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAM3D,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,yBAAyB,EAAE,MAAM,qBAAqB,CAAC;AAChE,OAAO,EACL,mBAAmB,EACnB,wBAAwB,EACxB,YAAY,GACb,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AACnE,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EACL,YAAY,EACZ,oBAAoB,GACrB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,EAAE,IAAI,IAAI,EAAE,MAAM,MAAM,CAAC;AAClC,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,8BAA8B,EAAE,MAAM,gDAAgD,CAAC;AAChG,OAAO,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAEhE,MAAM,0BAA0B,GAAG,KAAK,IAAI,EAAE;IAC5C,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;IAC/C,MAAM,WAAW,CAAC,YAAY,CAAC,CAAC;IAChC,MAAM,SAAS,CAAC,YAAY,CAAC,CAAC;IAC9B,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC9C,CAAC,CAAC;AAiCF,MAAM,uBAAuB,GAAG,CAAC,KAA4B,EAAE,EAAE;IAC/D,YAAY,CAAC,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AAChE,CAAC,CAAC;AACF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,OAAO,8BAA8B;IAgC9B;IA/BH,kBAAkB,GAA2C,IAAI,CAAC;IAEhE,MAAM,CAAuC;IACvD,MAAM,CAAC,mCAAmC,CAAS;IAE5C,cAAc,CAAC,WAAwB;QAC5C,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;IACxC,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;IACjC,CAAC;IAED,IAAI,qBAAqB;QACvB,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,YAAY,8BAA8B,CAAC;IAC5E,CAAC;IACD,IAAI,KAAK;QACP,OAAO,aAAa,CAAC;YACnB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAChD,mBAAmB,EAAE,IAAI,CAAC,qBAAqB;YAC/C,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;YAC5C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,UAAU,EAAE,UAAU,EAAE;SACzB,CAAC,CAAC;IACL,CAAC;IACM,UAAU,CAAS;IACnB,mCAAmC,GAAW,EAAE,CAAC;IAExD,YACE,MAA0B,EACjB,mBAAmB,uBAAuB;QAA1C,qBAAgB,GAAhB,gBAAgB,CAA0B;QAEnD,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,IAAI,CAAC,kBAAkB,GAAG,CAAC,KAAmB,EAAE,EAAE;YAChD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9C,IACE,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAClC,OAAO,CAAC,QAAQ,KAAK,WAAW,EAChC,CAAC;gBACD,IAAI,CAAC,2BAA2B,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACnE,OAAO;gBACT,CAAC;gBACD,MAAM,YAAY,GAAG,KAAK,CAAC,IAAwB,CAAC;gBACpD,IAAI,YAAY,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;oBAChD,IAAI,CAAC,yBAAyB,CAC3B,YAAY,CAAC,IAAwB,CAAC,GAAG,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;gBACD,IACE,YAAY,CAAC,IAAI,KAAK,0BAA0B;oBAChD,IAAI,CAAC,WAAW,KAAK,QAAQ,EAC7B,CAAC;oBACD,IAAI,CAAC,8BAA8B,CAChC,YAAY,CAAC,IAAwB,CAAC,GAAG,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;gBACD,IAAI,YAAY,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACnC,iCAAiC;oBACjC,IAAI,CAAC,0BAA0B,CAC7B,YAAY,CAAC,IAA6B,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,WAAmB;QACjD,OAAO,CAAC,IAAI,CACV,qEAAqE,EACrE,WAAW,CACZ,CAAC;QACF,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,8BAA8B,CAAC,WAAmB;QACtD,OAAO,CAAC,IAAI,CACV,6DAA6D,EAC7D,WAAW,CACZ,CAAC;QACF,8BAA8B,CAAC,mCAAmC;YAChE,WAAW,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,6CAA6C;QACjD,MAAM,sBAAsB,GAAG,oBAAoB,EAAE,CAAC;QACtD,OAAO,CAAC,GAAG,CACT,8EAA8E,EAC9E;YACE,mCAAmC,EACjC,8BAA8B,CAAC,mCAAmC;YACpE,sBAAsB;SACvB,CACF,CAAC;QACF,iCAAiC;QACjC,IACE,CAAC,sBAAsB;YACvB,8BAA8B,CAAC,mCAAmC,EAClE,CAAC;YACD,OAAO,CAAC,IAAI,CACV,8CAA8C,EAC9C,8BAA8B,CAAC,mCAAmC,CACnE,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,UAAU,CAAC;YACrC,0BAA0B,CACxB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;YACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,MAAM,CAAC,aAAa,CAClB,IAAI,WAAW,CAAC,oBAAoB,EAAE;gBACpC,MAAM,EAAE,EAAE,MAAM,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE;aACzC,CAAC,CACH,CAAC;YACF,UAAU,CAAC,GAAG,EAAE;gBACd,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC9C,CAAC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;IACH,CAAC;IAED,KAAK,CAAC,0BAA0B,CAAC,OAA8B;QAC7D,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,MAAM,GAAG,GAAG,MAAM,qBAAqB,CAAC;YACtC,GAAG,IAAI,CAAC,MAAM;YACd,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,uGAAuG;IACvG,qEAAqE;IACrE,KAAK,CAAC,MAAM,CAAC,SAAmC;QAC9C,gDAAgD;QAChD,kEAAkE;QAClE,0BAA0B,CACxB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAEtC,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,UAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;gBACD,uEAAuE;YACzE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,UAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,OAAO,CACX,OAA2B,EAC3B,SAAmC;QAEnC,IAAI,GAAG,CAAC;QACR,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBAC3B,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,CAAC;YACD,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7D,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YAED,GAAG,GAAG,MAAM,sBAAsB,CAAC;gBACjC,GAAG,IAAI,CAAC,MAAM;gBACd,OAAO;gBACP,KAAK;gBACL,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aAC3C,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,8EAA8E;YAC9E,MAAM,0BAA0B,EAAE,CAAC;YACnC,MAAM,YAAY,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACxC,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YAExC,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,yEAAyE;YACzE,oCAAoC;YACpC,MAAM,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;YAC5C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,8EAA8E;gBAC9E,MAAM,0BAA0B,EAAE,CAAC;gBACnC,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,UAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,UAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,OAAO;QACL,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,8BAA8B;IAC/B,MAAM,CAAuC;IAEvD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,uGAAuG;IACvG,4BAA4B;IAC5B,KAAK,CAAC,MAAM;QACV,OAAO,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,OAAe;QAC3B,OAAO,sBAAsB,CAAC;YAC5B,GAAG,IAAI,CAAC,MAAM;YACd,OAAO;SACR,CAAC,CAAC;IACL,CAAC;CACF;AAaD;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,8BAA8B;IAQlE;IAPJ,YAAY,CAA2B;IACvC,SAAS,CAAwB;IAEzC,0EAA0E;IAC1E,YACE,MAAmC;IACnC,6FAA6F;IACnF,eAAe,IAAI,+BAA+B,EAAE;QAE9D,KAAK,CAAC;YACJ,GAAG,MAAM;YACT,yDAAyD;YACzD,YAAY,EAAE,YAAY;SAC3B,CAAC,CAAC;QANO,iBAAY,GAAZ,YAAY,CAAwC;IAOhE,CAAC;IAED,kFAAkF;IAClF,oGAAoG;IACpG,kDAAkD;IAClD,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,yBAAyB,CAC9C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,MAA6B;QACpD,MAAM,aAAa,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAChD,MAAM,WAAW,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACzC,kDAAkD;QAClD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,aAAa,CAAC,CAAC;QAC1D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5B,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,wBAAwB;IACxB,uEAAuE;IACvE,uCAAuC;IACvC,KAAK,CAAC,aAAa,CACjB,IAAY,EACZ,KAAa;QAEb,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;QAC/D,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAEzE,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,cAAc,CACjC,IAAI,EACJ,KAAK,EACL,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,YAAa,EAAE,8CAA8C;QAClE,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,SAAU,CAChB,CAAC;QACF,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACtC,uCAAuC;QACvC,MAAM,iBAAiB,GAAG,oBAAoB,CAC5C,KAAK,EACL,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;QAEF,IAAI,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACpC,yBAAyB;YACzB,MAAM,CAAC,gBAAgB,CAAC,cAAc,EAAE,GAAG,EAAE;gBAC3C,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;YAC1B,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC;QACD,8GAA8G;QAC9G,yBAAyB,CAAC,wBAAwB,CAAC,CAAC;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,0CAA0C;IAC1C,KAAK,CAAC,cAAc;QAClB,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,IAAI,mBAAmB,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,OAAO;YACL,aAAa,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ;YACrC,OAAO,EAAE,WAAW,CAAC,QAAQ;YAC7B,WAAW,EAAE,WAAW,CAAC,YAAY;YACrC,YAAY,EAAE,WAAW,CAAC,aAAa;YACvC,oBAAoB,EAAE,WAAW,CAAC,uBAAuB;SAC1D,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,WAA+B;QAE/B,4EAA4E;QAC5E,IAAI,WAAW,EAAE,YAAY,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,MAAM,aAAa,GAAG,IAAI,mBAAmB,EAAE,CAAC;gBAEhD,yFAAyF;gBACzF,MAAM,UAAU,GAAG;oBACjB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC9B,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;iBACrC,CAAC;gBAEF,gDAAgD;gBAChD,MAAM,SAAS,GAAG,MAAM,8BAA8B,CAAC,KAAK,CAC1D,UAAU,EACV,aAAa,EACb,KAAK,EAAE,KAAY,EAAE,EAAE;oBACrB,OAAO,CAAC,IAAI,CAAC,4CAA4C,EAAE,KAAK,CAAC,CAAC;gBACpE,CAAC,EACD,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;gBAEF,IAAI,CAAC;oBACH,0DAA0D;oBAC1D,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,kBAAkB,EAAE,CAAC;oBAE3D,uFAAuF;oBACvF,IAAI,aAAa,EAAE,CAAC;wBAClB,yDAAyD;wBACzD,MAAM,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;oBAC/C,CAAC;oBAED,iDAAiD;oBACjD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;oBACrD,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,aAAa,EAAE,CAAC;wBACvD,OAAO;4BACL,GAAG,gBAAgB;4BACnB,aAAa,EAAE,IAAI;yBACpB,CAAC;oBACJ,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;oBAC1D,CAAC;gBACH,CAAC;gBAAC,OAAO,eAAe,EAAE,CAAC;oBACzB,OAAO,CAAC,KAAK,CACX,sCAAsC,EACtC,eAAe,CAChB,CAAC;oBACF,MAAM,eAAe,CAAC,CAAC,6CAA6C;gBACtE,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,YAAY,GAAG,KAAc,CAAC;gBACpC,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,YAAY,CAAC,CAAC;gBAChE,oEAAoE;gBACpE,2BAA2B;gBAC3B,IACE,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;oBACxC,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EACxC,CAAC;oBACD,MAAM,aAAa,GAAG,IAAI,mBAAmB,EAAE,CAAC;oBAChD,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;oBAC9C,MAAM,WAAW,CAAC,aAAa,CAAC,CAAC;oBACjC,MAAM,SAAS,CAAC,aAAa,CAAC,CAAC;gBACjC,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,YAAY,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAED,OAAO;YACL,GAAG,WAAW;YACd,aAAa,EAAE,KAAK;SACrB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,uBAAuB;QAC3B,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAChD,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC;gBAC1B,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;gBACtE,IAAI,oBAAoB,CAAC,aAAa,EAAE,CAAC;oBACvC,OAAO,oBAAoB,CAAC;gBAC9B,CAAC;gBACD,MAAM,sBAAsB,GAAG,EAAE,GAAG,WAAW,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;gBACxE,OAAO,sBAAsB,CAAC;YAChC,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY;gBAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAEnE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YACtC,CAAC;YAED,qDAAqD;YACrD,8DAA8D;YAC9D,MAAM,oBAAoB,CACxB;gBACE,QAAQ,EAAE,WAAW,CAAC,OAAO;gBAC7B,aAAa,EAAE,WAAW,CAAC,YAAY;gBACvC,YAAY,EAAE,WAAW,CAAC,WAAW;gBACrC,uBAAuB,EAAE,WAAW,CAAC,oBAAoB;aAC1D,EACD,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,YAAa,EAClB,IAAI,CAAC,WAAW,CACjB,CAAC;YACF,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;YAC1D,MAAM,sBAAsB,GAAG;gBAC7B,aAAa,EAAE,KAAK;aACrB,CAAC;YACF,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;YAC3B,MAAM,SAAS,CAAC,OAAO,CAAC,CAAC;YACzB,OAAO,sBAAsB,CAAC;QAChC,CAAC;IACH,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,mBAAmB,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC;IACpC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,MAAmC;QAEnC,MAAM,QAAQ,GAAG,IAAI,4BAA4B,CAAC,MAAM,CAAC,CAAC;QAC1D,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEtB,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF","sourcesContent":["// Proposals for revised versions of the SessionService AKA AuthSessionService\n\nimport type {\n DisplayMode,\n Endpoints,\n FrameworkType,\n LoginAppDesignOptions,\n LoginPostMessage,\n OIDCTokenResponseBody,\n SessionData,\n} from \"@/types.js\";\nimport {\n BrowserPublicClientPKCEProducer,\n ConfidentialClientPKCEConsumer,\n} from \"@/services/PKCE.js\";\nimport {\n clearTokens,\n clearUser,\n exchangeTokens,\n generateOauthLoginUrl,\n generateOauthLogoutUrl,\n getEndpointsWithOverrides,\n retrieveTokens,\n storeTokens,\n validateOauth2Tokens,\n} from \"@/shared/lib/util.js\";\nimport { displayModeFromState, generateState } from \"@/lib/oauth.js\";\nimport { getVersion } from \"@/shared/index.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport type {\n AuthenticationInitiator,\n AuthenticationResolver,\n PKCEConsumer,\n} from \"@/services/types.js\";\nimport { PopupError } from \"@/services/types.js\";\nimport { removeParamsWithoutReload } from \"@/lib/windowUtil.js\";\nimport {\n DEFAULT_AUTH_SERVER,\n DEFAULT_OAUTH_GET_PARAMS,\n LOGOUT_STATE,\n} from \"@/constants.js\";\nimport { validateLoginAppPostMessage } from \"@/lib/postMessage.js\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport {\n getIframeRef,\n isEmbeddedIframeMode,\n} from \"@/shared/lib/iframeUtils.js\";\nimport { v4 as uuid } from \"uuid\";\nimport { CodeVerifier } from \"@/shared/lib/types.js\";\nimport { BrowserAuthenticationRefresher } from \"@/shared/lib/BrowserAuthenticationRefresher.js\";\nimport { collectAndSendSDKAnalytics } from \"@/lib/analytics.js\";\n\nconst clearStorageAndEmitSignOut = async () => {\n const localStorage = new LocalStorageAdapter();\n await clearTokens(localStorage);\n await clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n};\n\nexport type GenericAuthenticationInitiatorConfig = {\n clientId: string;\n redirectUrl: string;\n state: string;\n scopes: string[];\n oauthServer: string;\n nonce?: string;\n // the endpoints to use for the login (if not obtained from the auth server)\n endpointOverrides?: Partial<Endpoints>;\n // Optional PKCE challenge - not needed for confidential clients using client secrets\n pkceConsumer?: PKCEConsumer;\n};\n\nexport type BrowserAuthenticationInitiatorConfig = Omit<\n GenericAuthenticationInitiatorConfig,\n \"state\"\n> & {\n logoutUrl?: string;\n logoutRedirectUrl: string;\n // determines whether to trigger the login/logout in an iframe, a new browser window, or redirect the current one.\n displayMode: DisplayMode;\n // Optional iframe display mode - modal (full-screen overlay) or embedded (within container)\n iframeDisplayMode?: \"modal\" | \"embedded\";\n // Optional base path for routing in case app is served from a subdirectory\n basePath?: string;\n // Optional URL to redirect to after login success\n loginSuccessUrl?: string;\n // Framework being used (for analytics)\n framework?: FrameworkType;\n};\n\nconst defaultSetDesignOptions = (value: LoginAppDesignOptions) => {\n localStorage.setItem(\"loginAppDesign\", JSON.stringify(value));\n};\n/**\n * An authentication initiator that works on a browser. Since this is just triggering\n * login and logout, session data is not stored here.\n * An associated AuthenticationResolver would be needed to get the session data.\n * Storage is needed for the code verifier, this is the domain of the PKCEConsumer\n * The storage used by the PKCEConsumer should be available to the AuthenticationResolver.\n *\n * Example usage:\n *\n * 1) Client-only SPA -eg a react app with no server:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side\n * ... other config\n * })\n *\n * 2) Client-side of a client/server app - eg a react app with a backend:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new ConfidentialClientPKCEConsumer(\"https://myserver.com/pkce\"), // get the challenge from the server\n * ... other config\n * })\n */\nexport class BrowserAuthenticationInitiator implements AuthenticationInitiator {\n private postMessageHandler: null | ((event: MessageEvent) => void) = null;\n\n protected config: BrowserAuthenticationInitiatorConfig;\n static browserCorsFailsSilentlyRedirectUrl: string;\n\n public setDisplayMode(displayMode: DisplayMode) {\n this.config.displayMode = displayMode;\n }\n\n get displayMode() {\n return this.config.displayMode;\n }\n\n get isServerTokenExchange() {\n return this.config.pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n }\n get state() {\n return generateState({\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n serverTokenExchange: this.isServerTokenExchange,\n loginSuccessUrl: this.config.loginSuccessUrl,\n framework: this.config.framework,\n sdkVersion: getVersion(),\n });\n }\n public instanceId: string;\n public browserCorsFailsSilentlyRedirectUrl: string = \"\";\n\n constructor(\n config: typeof this.config,\n readonly setDesignOptions = defaultSetDesignOptions,\n ) {\n this.instanceId = uuid();\n this.config = config;\n\n this.postMessageHandler = (event: MessageEvent) => {\n const thisURL = new URL(window.location.href);\n if (\n event.origin.endsWith(\"civic.com\") ||\n thisURL.hostname === \"localhost\"\n ) {\n if (!validateLoginAppPostMessage(event.data, this.config.clientId)) {\n return;\n }\n const loginMessage = event.data as LoginPostMessage;\n if (loginMessage.type === \"generatePopupFailed\") {\n this.handleLoginAppPopupFailed(\n (loginMessage.data as { url: string }).url,\n );\n return;\n }\n if (\n loginMessage.type === \"browserCorsFailsSilently\" &&\n this.displayMode === \"iframe\"\n ) {\n this.handleBrowserCorsFailsSilently(\n (loginMessage.data as { url: string }).url,\n );\n return;\n }\n if (loginMessage.type === \"design\") {\n // TODO handle the design message\n this.handleLoginAppDesignUpdate(\n loginMessage.data as LoginAppDesignOptions,\n );\n return;\n }\n }\n };\n\n window.addEventListener(\"message\", this.postMessageHandler);\n }\n\n async handleLoginAppPopupFailed(redirectUrl: string) {\n console.warn(\n \"Login app popup failed open a popup, using redirect mode instead...\",\n redirectUrl,\n );\n window.location.href = redirectUrl;\n }\n\n async handleBrowserCorsFailsSilently(redirectUrl: string) {\n console.warn(\n \"Login app opened in a browser where popups fail silently...\",\n redirectUrl,\n );\n BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl =\n redirectUrl;\n }\n\n async handleUserInteractionBrowserCorsFailsSilently() {\n const isInEmbeddedIframeMode = isEmbeddedIframeMode();\n console.log(\n \"BrowserAuthenticationInitiator.handleUserInteractionBrowserCorsFailsSilently\",\n {\n browserCorsFailsSilentlyRedirectUrl:\n BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl,\n isInEmbeddedIframeMode,\n },\n );\n // check if the iframe is visible\n if (\n !isInEmbeddedIframeMode &&\n BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl\n ) {\n console.warn(\n \"Browser CORS failed silently, redirecting...\",\n BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl,\n );\n this.config.displayMode = \"redirect\";\n collectAndSendSDKAnalytics(\n this.config.clientId,\n this.config.oauthServer,\n this.config.framework,\n );\n const signInUrl = await this.getSignInUrl();\n window.dispatchEvent(\n new CustomEvent(\"locationWillChange\", {\n detail: { newUrl: signInUrl.toString() },\n }),\n );\n setTimeout(() => {\n window.location.href = signInUrl.toString();\n }, 100);\n }\n }\n\n async handleLoginAppDesignUpdate(options: LoginAppDesignOptions) {\n this.setDesignOptions(options);\n }\n\n async getSignInUrl(): Promise<URL> {\n const val = await generateOauthLoginUrl({\n ...this.config,\n state: this.state,\n });\n return val;\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and then use the display mode to decide how to send the user there\n async signIn(iframeRef: HTMLIFrameElement | null): Promise<URL> {\n // Send SDK analytics when authentication starts\n // Fire and forget - don't block authentication if analytics fails\n collectAndSendSDKAnalytics(\n this.config.clientId,\n this.config.oauthServer,\n this.config.framework,\n );\n\n const url = await this.getSignInUrl();\n\n if (this.config.displayMode === \"iframe\") {\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n }\n\n if (this.config.displayMode === \"redirect\") {\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n // TODO handle the 'onclose' event to clean up and reset the authStatus\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n async signOut(\n idToken: string | undefined,\n iframeRef: HTMLIFrameElement | null,\n ): Promise<URL> {\n let url;\n const localStorage = new LocalStorageAdapter();\n const state = this.state;\n if (this.isServerTokenExchange) {\n if (!this.config.logoutUrl) {\n throw new Error(\"logoutUrl is required for server token exchange\");\n }\n url = new URL(this.config.logoutUrl, window.location.origin);\n url.searchParams.append(\"state\", state);\n } else {\n if (!idToken) {\n throw new Error(\"idToken is required for non-server token exchange\");\n }\n\n url = await generateOauthLogoutUrl({\n ...this.config,\n idToken,\n state,\n redirectUrl: this.config.logoutRedirectUrl,\n });\n }\n\n if (this.config.displayMode === \"iframe\") {\n // Clear storage before calling server by setting iframe src to the logout url\n await clearStorageAndEmitSignOut();\n await localStorage.delete(LOGOUT_STATE);\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n\n LocalStorageAdapter.emitter.emit(\"signOut\");\n }\n\n if (this.config.displayMode === \"redirect\") {\n // we don't clear any storage here as we're redirecting to the logout url\n // and the server should handle that\n await localStorage.set(LOGOUT_STATE, state);\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n // Clear storage before calling server by setting iframe src to the logout url\n await clearStorageAndEmitSignOut();\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n cleanup() {\n if (this.postMessageHandler) {\n window.removeEventListener(\"message\", this.postMessageHandler);\n }\n }\n}\n\n/** A general-purpose authentication initiator, that just generates urls, but lets\n * the caller decide how to use them. This is useful for server-side applications\n * that may serve this URL to their front-ends or just call them directly\n */\nexport class GenericAuthenticationInitiator implements AuthenticationInitiator {\n protected config: GenericAuthenticationInitiatorConfig;\n\n constructor(config: typeof this.config) {\n this.config = config;\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and simply return the url\n async signIn(): Promise<URL> {\n return generateOauthLoginUrl(this.config);\n }\n\n async signOut(idToken: string): Promise<URL> {\n return generateOauthLogoutUrl({\n ...this.config,\n idToken,\n });\n }\n}\n\ntype BrowserAuthenticationConfig = {\n clientId: string;\n redirectUrl: string;\n logoutUrl?: string;\n logoutRedirectUrl: string;\n scopes: string[];\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n displayMode: DisplayMode;\n};\n\n/**\n * An authentication resolver that can run on the browser (i.e. a public client)\n * It uses PKCE for security. PKCE and Session data are stored in local storage\n */\nexport class BrowserAuthenticationService extends BrowserAuthenticationInitiator {\n private oauth2client: OAuth2Client | undefined;\n private endpoints: Endpoints | undefined;\n\n // TODO WIP - perhaps we want to keep resolver and initiator separate here\n constructor(\n config: BrowserAuthenticationConfig,\n // Since we are running fully on the client, we produce as well as consume the PKCE challenge\n protected pkceProducer = new BrowserPublicClientPKCEProducer(),\n ) {\n super({\n ...config,\n // Store and retrieve the PKCE challenge in local storage\n pkceConsumer: pkceProducer,\n });\n }\n\n // TODO too much code duplication here between the browser and the server variant.\n // Suggestion for refactor: Standardise the config for AuthenticationResolvers and create a one-shot\n // function for generating an oauth2client from it\n async init(): Promise<this> {\n // resolve oauth config\n this.endpoints = await getEndpointsWithOverrides(\n this.oauthServer,\n this.config.endpointOverrides,\n );\n this.oauth2client = new OAuth2Client(\n this.config.clientId,\n this.endpoints.auth,\n this.endpoints.token,\n {\n redirectURI: this.config.redirectUrl,\n },\n );\n\n return this;\n }\n\n async storeTokensOnLogin(tokens: OIDCTokenResponseBody) {\n const clientStorage = new LocalStorageAdapter();\n await storeTokens(clientStorage, tokens);\n // delete code verifier as it should be single-use\n await clientStorage.delete(CodeVerifier.COOKIE_NAME);\n const user = await getUser(clientStorage);\n if (!user) {\n throw new Error(\"Failed to get user info\");\n }\n const userSession = new GenericUserSession(clientStorage);\n await userSession.set(user);\n LocalStorageAdapter.emitter.emit(\"signIn\");\n }\n\n // Two responsibilities:\n // 1. resolve the auth code to get the tokens (should use library code)\n // 2. store the tokens in local storage\n async tokenExchange(\n code: string,\n state: string,\n ): Promise<OIDCTokenResponseBody> {\n if (!this.oauth2client) await this.init();\n const codeVerifier = await this.pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in storage\");\n\n // exchange auth code for tokens\n const tokens = await exchangeTokens(\n code,\n state,\n this.pkceProducer,\n this.oauth2client!, // clean up types here to avoid the ! operator\n this.oauthServer,\n this.endpoints!, // clean up types here to avoid the ! operator\n );\n await this.storeTokensOnLogin(tokens);\n // cleanup the browser window if needed\n const parsedDisplayMode = displayModeFromState(\n state,\n this.config.displayMode,\n );\n\n if (parsedDisplayMode === \"new_tab\") {\n // Close the popup window\n window.addEventListener(\"beforeunload\", () => {\n window?.opener?.focus();\n });\n window.close();\n }\n // these are the default oAuth params that get added to the URL in redirect which we want to remove if present\n removeParamsWithoutReload(DEFAULT_OAUTH_GET_PARAMS);\n return tokens;\n }\n\n // Get the session data from local storage\n async getSessionData(): Promise<SessionData | null> {\n const storageData = await retrieveTokens(new LocalStorageAdapter());\n if (!storageData) return null;\n\n return {\n authenticated: !!storageData.id_token,\n idToken: storageData.id_token,\n accessToken: storageData.access_token,\n refreshToken: storageData.refresh_token,\n oidcSessionExpiresAt: storageData.oidc_session_expires_at,\n };\n }\n\n async tryRefreshTokens(\n sessionData: SessionData | null,\n ): Promise<SessionData> {\n // If token validation fails but we have a refresh token, attempt to refresh\n if (sessionData?.refreshToken) {\n try {\n const clientStorage = new LocalStorageAdapter();\n\n // Create a BrowserAuthenticationRefresher to handle token refresh using the build method\n const authConfig = {\n clientId: this.config.clientId,\n oauthServer: this.oauthServer,\n redirectUrl: this.config.redirectUrl,\n };\n\n // Use build method which handles initialization\n const refresher = await BrowserAuthenticationRefresher.build(\n authConfig,\n clientStorage,\n async (error: Error) => {\n console.warn(\"Failed to refresh tokens during validation\", error);\n },\n this.config.endpointOverrides,\n );\n\n try {\n // Perform token refresh (no need to call init explicitly)\n const tokenResponse = await refresher.refreshAccessToken();\n\n // For backend flows, tokenResponse might be null since tokens are in HTTP-only cookies\n if (tokenResponse) {\n // Store tokens for SPA flows where tokens are accessible\n await this.storeTokensOnLogin(tokenResponse);\n }\n\n // Return a new session with the refreshed tokens\n const refreshedSession = await this.getSessionData();\n if (refreshedSession && refreshedSession.authenticated) {\n return {\n ...refreshedSession,\n authenticated: true,\n };\n } else {\n throw new Error(\"Failed to get refreshed session data\");\n }\n } catch (refreshApiError) {\n console.error(\n \"Error during token refresh API call:\",\n refreshApiError,\n );\n throw refreshApiError; // Re-throw to be caught by outer catch block\n }\n } catch (error) {\n const refreshError = error as Error;\n console.error(\"Token refresh failed with error:\", refreshError);\n // Only delete refresh token if it's invalid, not for network errors\n // which might be temporary\n if (\n refreshError.message.includes(\"invalid\") ||\n refreshError.message.includes(\"expired\")\n ) {\n const clientStorage = new LocalStorageAdapter();\n console.log(\"Deleting invalid refresh token\");\n await clearTokens(clientStorage);\n await clearUser(clientStorage);\n }\n console.warn(\"Failed to refresh tokens\", refreshError);\n }\n }\n\n return {\n ...sessionData,\n authenticated: false,\n };\n }\n\n async validateExistingSession(): Promise<SessionData> {\n try {\n const sessionData = await this.getSessionData();\n if (!sessionData?.idToken) {\n const refreshedSessionData = await this.tryRefreshTokens(sessionData);\n if (refreshedSessionData.authenticated) {\n return refreshedSessionData;\n }\n const unAuthenticatedSession = { ...sessionData, authenticated: false };\n return unAuthenticatedSession;\n }\n if (!this.endpoints?.jwks || !this.oauth2client) await this.init();\n\n if (!this.endpoints?.jwks) {\n throw new Error(\"No jwks endpoint\");\n }\n\n // this function will throw if the idToken is invalid\n // Note: Access token is no longer required for authentication\n await validateOauth2Tokens(\n {\n id_token: sessionData.idToken,\n refresh_token: sessionData.refreshToken,\n access_token: sessionData.accessToken,\n oidc_session_expires_at: sessionData.oidcSessionExpiresAt,\n },\n this.endpoints.jwks,\n this.oauth2client!,\n this.oauthServer,\n );\n return sessionData;\n } catch (error) {\n console.warn(\"Failed to validate existing tokens\", error);\n const unAuthenticatedSession = {\n authenticated: false,\n };\n const storage = new LocalStorageAdapter();\n await clearTokens(storage);\n await clearUser(storage);\n return unAuthenticatedSession;\n }\n }\n\n get oauthServer(): string {\n return this.config.oauthServer || DEFAULT_AUTH_SERVER;\n }\n\n async getEndSessionEndpoint(): Promise<string | null> {\n if (!this.endpoints) {\n return null;\n }\n return this.endpoints?.endsession;\n }\n\n static async build(\n config: BrowserAuthenticationConfig,\n ): Promise<AuthenticationResolver> {\n const resolver = new BrowserAuthenticationService(config);\n await resolver.init();\n\n return resolver;\n }\n}\n"]}
1
+ {"version":3,"file":"AuthenticationService.js","sourceRoot":"","sources":["../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AAAA,8EAA8E;AAW9E,OAAO,EACL,+BAA+B,EAC/B,8BAA8B,GAC/B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,WAAW,EACX,SAAS,EACT,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EACtB,yBAAyB,EACzB,cAAc,EACd,WAAW,EACX,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAM3D,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,yBAAyB,EAAE,MAAM,qBAAqB,CAAC;AAChE,OAAO,EACL,mBAAmB,EACnB,wBAAwB,EACxB,YAAY,GACb,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AACnE,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EACL,YAAY,EACZ,eAAe,EACf,oBAAoB,GACrB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,EAAE,IAAI,IAAI,EAAE,MAAM,MAAM,CAAC;AAClC,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,8BAA8B,EAAE,MAAM,gDAAgD,CAAC;AAChG,OAAO,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAEhE,MAAM,0BAA0B,GAAG,KAAK,IAAI,EAAE;IAC5C,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;IAC/C,MAAM,WAAW,CAAC,YAAY,CAAC,CAAC;IAChC,MAAM,SAAS,CAAC,YAAY,CAAC,CAAC;IAC9B,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC9C,CAAC,CAAC;AAmCF,MAAM,uBAAuB,GAAG,CAAC,KAA4B,EAAE,EAAE;IAC/D,YAAY,CAAC,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AAChE,CAAC,CAAC;AACF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,OAAO,8BAA8B;IAiC9B;IAhCH,kBAAkB,GAA2C,IAAI,CAAC;IAEhE,MAAM,CAAuC;IACvD,MAAM,CAAC,mCAAmC,CAAS;IAC3C,UAAU,GAA6B,IAAI,CAAC;IAE7C,cAAc,CAAC,WAAwB;QAC5C,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;IACxC,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;IACjC,CAAC;IAED,IAAI,qBAAqB;QACvB,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,YAAY,8BAA8B,CAAC;IAC5E,CAAC;IACD,IAAI,KAAK;QACP,OAAO,aAAa,CAAC;YACnB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAChD,mBAAmB,EAAE,IAAI,CAAC,qBAAqB;YAC/C,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;YAC5C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,UAAU,EAAE,UAAU,EAAE;SACzB,CAAC,CAAC;IACL,CAAC;IACM,UAAU,CAAS;IACnB,mCAAmC,GAAW,EAAE,CAAC;IAExD,YACE,MAA0B,EACjB,mBAAmB,uBAAuB;QAA1C,qBAAgB,GAAhB,gBAAgB,CAA0B;QAEnD,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,IAAI,CAAC,kBAAkB,GAAG,CAAC,KAAmB,EAAE,EAAE;YAChD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9C,IACE,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAClC,OAAO,CAAC,QAAQ,KAAK,WAAW,EAChC,CAAC;gBACD,IAAI,CAAC,2BAA2B,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACnE,OAAO;gBACT,CAAC;gBACD,MAAM,YAAY,GAAG,KAAK,CAAC,IAAwB,CAAC;gBACpD,IAAI,YAAY,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;oBAChD,IAAI,CAAC,yBAAyB,CAC3B,YAAY,CAAC,IAAwB,CAAC,GAAG,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;gBACD,IACE,YAAY,CAAC,IAAI,KAAK,0BAA0B;oBAChD,IAAI,CAAC,WAAW,KAAK,QAAQ,EAC7B,CAAC;oBACD,IAAI,CAAC,8BAA8B,CAChC,YAAY,CAAC,IAAwB,CAAC,GAAG,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;gBACD,IAAI,YAAY,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACnC,iCAAiC;oBACjC,IAAI,CAAC,0BAA0B,CAC7B,YAAY,CAAC,IAA6B,CAC3C,CAAC;oBACF,OAAO;gBACT,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,WAAmB;QACjD,OAAO,CAAC,IAAI,CACV,qEAAqE,EACrE,WAAW,CACZ,CAAC;QACF,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,8BAA8B,CAAC,WAAmB;QACtD,OAAO,CAAC,IAAI,CACV,6DAA6D,EAC7D;YACE,WAAW;YACX,eAAe,EAAE,eAAe,EAAE;YAClC,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;SACvC,CACF,CAAC;QACF,8BAA8B,CAAC,mCAAmC;YAChE,WAAW,CAAC;QACd,8CAA8C;QAC9C,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,KAAK,KAAK,IAAI,eAAe,EAAE,EAAE,CAAC;YAC5D,4CAA4C;YAC5C,oDAAoD;YACpD,MAAM,MAAM,GAAG,QAAQ,CAAC,cAAc,CACpC,6BAA6B,CACF,CAAC;YAC9B,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;YAChC,CAAC;YACD,OAAO,IAAI,CAAC,6CAA6C,EAAE,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,6CAA6C;QAGjD,MAAM,sBAAsB,GAAG,oBAAoB,EAAE,CAAC;QACtD,iCAAiC;QACjC,IACE,CAAC,sBAAsB;YACvB,IAAI,CAAC,MAAM,CAAC,YAAY,KAAK,KAAK,IAAI,iBAAiB;YACvD,8BAA8B,CAAC,mCAAmC,EAClE,CAAC;YACD,OAAO,CAAC,IAAI,CACV,8CAA8C,EAC9C,8BAA8B,CAAC,mCAAmC,CACnE,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,UAAU,CAAC;YACrC,0BAA0B,CACxB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;YACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,MAAM,CAAC,aAAa,CAClB,IAAI,WAAW,CAAC,oBAAoB,EAAE;gBACpC,MAAM,EAAE,EAAE,MAAM,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE;aACzC,CAAC,CACH,CAAC;YACF,UAAU,CAAC,GAAG,EAAE;gBACd,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC9C,CAAC,EAAE,GAAG,CAAC,CAAC;YACR,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC;QACjC,CAAC;QACD,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;IAClC,CAAC;IAED,KAAK,CAAC,0BAA0B,CAAC,OAA8B;QAC7D,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,MAAM,GAAG,GAAG,MAAM,qBAAqB,CAAC;YACtC,GAAG,IAAI,CAAC,MAAM;YACd,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,uGAAuG;IACvG,qEAAqE;IACrE,KAAK,CAAC,MAAM,CAAC,SAAmC;QAC9C,gDAAgD;QAChD,kEAAkE;QAClE,0BAA0B,CACxB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAEtC,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,UAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;gBACD,uEAAuE;YACzE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,UAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,OAAO,CACX,OAA2B,EAC3B,SAAmC;QAEnC,IAAI,GAAG,CAAC;QACR,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBAC3B,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,CAAC;YACD,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7D,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YAED,GAAG,GAAG,MAAM,sBAAsB,CAAC;gBACjC,GAAG,IAAI,CAAC,MAAM;gBACd,OAAO;gBACP,KAAK;gBACL,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aAC3C,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,8EAA8E;YAC9E,MAAM,0BAA0B,EAAE,CAAC;YACnC,MAAM,YAAY,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACxC,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;YACpC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YAExC,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;YAC3C,yEAAyE;YACzE,oCAAoC;YACpC,MAAM,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;YAC5C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,8EAA8E;gBAC9E,MAAM,0BAA0B,EAAE,CAAC;gBACnC,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM,IAAI,UAAU,CAAC,6BAA6B,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBACpC,MAAM,IAAI,UAAU,CAClB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,OAAO;QACL,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,8BAA8B;IAC/B,MAAM,CAAuC;IAEvD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,uGAAuG;IACvG,4BAA4B;IAC5B,KAAK,CAAC,MAAM;QACV,OAAO,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,OAAe;QAC3B,OAAO,sBAAsB,CAAC;YAC5B,GAAG,IAAI,CAAC,MAAM;YACd,OAAO;SACR,CAAC,CAAC;IACL,CAAC;CACF;AAaD;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,8BAA8B;IAQlE;IAPJ,YAAY,CAA2B;IACvC,SAAS,CAAwB;IAEzC,0EAA0E;IAC1E,YACE,MAAmC;IACnC,6FAA6F;IACnF,eAAe,IAAI,+BAA+B,EAAE;QAE9D,KAAK,CAAC;YACJ,GAAG,MAAM;YACT,yDAAyD;YACzD,YAAY,EAAE,YAAY;SAC3B,CAAC,CAAC;QANO,iBAAY,GAAZ,YAAY,CAAwC;IAOhE,CAAC;IAED,kFAAkF;IAClF,oGAAoG;IACpG,kDAAkD;IAClD,KAAK,CAAC,IAAI;QACR,uBAAuB;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,yBAAyB,CAC9C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,SAAS,CAAC,KAAK,EACpB;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,MAA6B;QACpD,MAAM,aAAa,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAChD,MAAM,WAAW,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACzC,kDAAkD;QAClD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,WAAW,GAAG,IAAI,kBAAkB,CAAC,aAAa,CAAC,CAAC;QAC1D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5B,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,wBAAwB;IACxB,uEAAuE;IACvE,uCAAuC;IACvC,KAAK,CAAC,aAAa,CACjB,IAAY,EACZ,KAAa;QAEb,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;QAC/D,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAEzE,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,cAAc,CACjC,IAAI,EACJ,KAAK,EACL,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,YAAa,EAAE,8CAA8C;QAClE,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,SAAU,CAChB,CAAC;QACF,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACtC,uCAAuC;QACvC,MAAM,iBAAiB,GAAG,oBAAoB,CAC5C,KAAK,EACL,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;QAEF,IAAI,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACpC,yBAAyB;YACzB,MAAM,CAAC,gBAAgB,CAAC,cAAc,EAAE,GAAG,EAAE;gBAC3C,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;YAC1B,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC;QACD,8GAA8G;QAC9G,yBAAyB,CAAC,wBAAwB,CAAC,CAAC;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,0CAA0C;IAC1C,KAAK,CAAC,cAAc;QAClB,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,IAAI,mBAAmB,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,OAAO;YACL,aAAa,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ;YACrC,OAAO,EAAE,WAAW,CAAC,QAAQ;YAC7B,WAAW,EAAE,WAAW,CAAC,YAAY;YACrC,YAAY,EAAE,WAAW,CAAC,aAAa;YACvC,oBAAoB,EAAE,WAAW,CAAC,uBAAuB;SAC1D,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,WAA+B;QAE/B,4EAA4E;QAC5E,IAAI,WAAW,EAAE,YAAY,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,MAAM,aAAa,GAAG,IAAI,mBAAmB,EAAE,CAAC;gBAEhD,yFAAyF;gBACzF,MAAM,UAAU,GAAG;oBACjB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC9B,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;iBACrC,CAAC;gBAEF,gDAAgD;gBAChD,MAAM,SAAS,GAAG,MAAM,8BAA8B,CAAC,KAAK,CAC1D,UAAU,EACV,aAAa,EACb,KAAK,EAAE,KAAY,EAAE,EAAE;oBACrB,OAAO,CAAC,IAAI,CAAC,4CAA4C,EAAE,KAAK,CAAC,CAAC;gBACpE,CAAC,EACD,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;gBAEF,IAAI,CAAC;oBACH,0DAA0D;oBAC1D,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,kBAAkB,EAAE,CAAC;oBAE3D,uFAAuF;oBACvF,IAAI,aAAa,EAAE,CAAC;wBAClB,yDAAyD;wBACzD,MAAM,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;oBAC/C,CAAC;oBAED,iDAAiD;oBACjD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;oBACrD,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,aAAa,EAAE,CAAC;wBACvD,OAAO;4BACL,GAAG,gBAAgB;4BACnB,aAAa,EAAE,IAAI;yBACpB,CAAC;oBACJ,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;oBAC1D,CAAC;gBACH,CAAC;gBAAC,OAAO,eAAe,EAAE,CAAC;oBACzB,OAAO,CAAC,KAAK,CACX,sCAAsC,EACtC,eAAe,CAChB,CAAC;oBACF,MAAM,eAAe,CAAC,CAAC,6CAA6C;gBACtE,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,YAAY,GAAG,KAAc,CAAC;gBACpC,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,YAAY,CAAC,CAAC;gBAChE,oEAAoE;gBACpE,2BAA2B;gBAC3B,IACE,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;oBACxC,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EACxC,CAAC;oBACD,MAAM,aAAa,GAAG,IAAI,mBAAmB,EAAE,CAAC;oBAChD,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;oBAC9C,MAAM,WAAW,CAAC,aAAa,CAAC,CAAC;oBACjC,MAAM,SAAS,CAAC,aAAa,CAAC,CAAC;gBACjC,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,YAAY,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAED,OAAO;YACL,GAAG,WAAW;YACd,aAAa,EAAE,KAAK;SACrB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,uBAAuB;QAC3B,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAChD,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC;gBAC1B,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;gBACtE,IAAI,oBAAoB,CAAC,aAAa,EAAE,CAAC;oBACvC,OAAO,oBAAoB,CAAC;gBAC9B,CAAC;gBACD,MAAM,sBAAsB,GAAG,EAAE,GAAG,WAAW,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;gBACxE,OAAO,sBAAsB,CAAC;YAChC,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY;gBAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAEnE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YACtC,CAAC;YAED,qDAAqD;YACrD,8DAA8D;YAC9D,MAAM,oBAAoB,CACxB;gBACE,QAAQ,EAAE,WAAW,CAAC,OAAO;gBAC7B,aAAa,EAAE,WAAW,CAAC,YAAY;gBACvC,YAAY,EAAE,WAAW,CAAC,WAAW;gBACrC,uBAAuB,EAAE,WAAW,CAAC,oBAAoB;aAC1D,EACD,IAAI,CAAC,SAAS,CAAC,IAAI,EACnB,IAAI,CAAC,YAAa,EAClB,IAAI,CAAC,WAAW,CACjB,CAAC;YACF,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;YAC1D,MAAM,sBAAsB,GAAG;gBAC7B,aAAa,EAAE,KAAK;aACrB,CAAC;YACF,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;YAC3B,MAAM,SAAS,CAAC,OAAO,CAAC,CAAC;YACzB,OAAO,sBAAsB,CAAC;QAChC,CAAC;IACH,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,mBAAmB,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC;IACpC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,MAAmC;QAEnC,MAAM,QAAQ,GAAG,IAAI,4BAA4B,CAAC,MAAM,CAAC,CAAC;QAC1D,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEtB,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF","sourcesContent":["// Proposals for revised versions of the SessionService AKA AuthSessionService\n\nimport type {\n DisplayMode,\n Endpoints,\n FrameworkType,\n LoginAppDesignOptions,\n LoginPostMessage,\n OIDCTokenResponseBody,\n SessionData,\n} from \"@/types.js\";\nimport {\n BrowserPublicClientPKCEProducer,\n ConfidentialClientPKCEConsumer,\n} from \"@/services/PKCE.js\";\nimport {\n clearTokens,\n clearUser,\n exchangeTokens,\n generateOauthLoginUrl,\n generateOauthLogoutUrl,\n getEndpointsWithOverrides,\n retrieveTokens,\n storeTokens,\n validateOauth2Tokens,\n} from \"@/shared/lib/util.js\";\nimport { displayModeFromState, generateState } from \"@/lib/oauth.js\";\nimport { getVersion } from \"@/shared/index.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport type {\n AuthenticationInitiator,\n AuthenticationResolver,\n PKCEConsumer,\n} from \"@/services/types.js\";\nimport { PopupError } from \"@/services/types.js\";\nimport { removeParamsWithoutReload } from \"@/lib/windowUtil.js\";\nimport {\n DEFAULT_AUTH_SERVER,\n DEFAULT_OAUTH_GET_PARAMS,\n LOGOUT_STATE,\n} from \"@/constants.js\";\nimport { validateLoginAppPostMessage } from \"@/lib/postMessage.js\";\nimport { getUser } from \"@/shared/lib/session.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport {\n getIframeRef,\n iframeIsVisible,\n isEmbeddedIframeMode,\n} from \"@/shared/lib/iframeUtils.js\";\nimport { v4 as uuid } from \"uuid\";\nimport { CodeVerifier } from \"@/shared/lib/types.js\";\nimport { BrowserAuthenticationRefresher } from \"@/shared/lib/BrowserAuthenticationRefresher.js\";\nimport { collectAndSendSDKAnalytics } from \"@/lib/analytics.js\";\n\nconst clearStorageAndEmitSignOut = async () => {\n const localStorage = new LocalStorageAdapter();\n await clearTokens(localStorage);\n await clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n};\n\nexport type GenericAuthenticationInitiatorConfig = {\n clientId: string;\n redirectUrl: string;\n state: string;\n scopes: string[];\n oauthServer: string;\n nonce?: string;\n // the endpoints to use for the login (if not obtained from the auth server)\n endpointOverrides?: Partial<Endpoints>;\n // Optional PKCE challenge - not needed for confidential clients using client secrets\n pkceConsumer?: PKCEConsumer;\n};\n\nexport type BrowserAuthenticationInitiatorConfig = Omit<\n GenericAuthenticationInitiatorConfig,\n \"state\"\n> & {\n logoutUrl?: string;\n logoutRedirectUrl: string;\n // determines whether to trigger the login/logout in an iframe, a new browser window, or redirect the current one.\n displayMode: DisplayMode;\n // Optional iframe display mode - modal (full-screen overlay) or embedded (within container)\n iframeDisplayMode?: \"modal\" | \"embedded\";\n // Optional base path for routing in case app is served from a subdirectory\n basePath?: string;\n // Optional URL to redirect to after login success\n loginSuccessUrl?: string;\n // Framework being used (for analytics)\n framework?: FrameworkType;\n // Whether to automatically switch to redirect mode when browser doesn't support iframe-based auth\n autoRedirect?: boolean;\n};\n\nconst defaultSetDesignOptions = (value: LoginAppDesignOptions) => {\n localStorage.setItem(\"loginAppDesign\", JSON.stringify(value));\n};\n/**\n * An authentication initiator that works on a browser. Since this is just triggering\n * login and logout, session data is not stored here.\n * An associated AuthenticationResolver would be needed to get the session data.\n * Storage is needed for the code verifier, this is the domain of the PKCEConsumer\n * The storage used by the PKCEConsumer should be available to the AuthenticationResolver.\n *\n * Example usage:\n *\n * 1) Client-only SPA -eg a react app with no server:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side\n * ... other config\n * })\n *\n * 2) Client-side of a client/server app - eg a react app with a backend:\n * new BrowserAuthenticationInitiator({\n * pkceConsumer: new ConfidentialClientPKCEConsumer(\"https://myserver.com/pkce\"), // get the challenge from the server\n * ... other config\n * })\n */\nexport class BrowserAuthenticationInitiator implements AuthenticationInitiator {\n private postMessageHandler: null | ((event: MessageEvent) => void) = null;\n\n protected config: BrowserAuthenticationInitiatorConfig;\n static browserCorsFailsSilentlyRedirectUrl: string;\n private _iframeRef: HTMLIFrameElement | null = null;\n\n public setDisplayMode(displayMode: DisplayMode) {\n this.config.displayMode = displayMode;\n }\n\n get displayMode() {\n return this.config.displayMode;\n }\n\n get isServerTokenExchange() {\n return this.config.pkceConsumer instanceof ConfidentialClientPKCEConsumer;\n }\n get state() {\n return generateState({\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n serverTokenExchange: this.isServerTokenExchange,\n loginSuccessUrl: this.config.loginSuccessUrl,\n framework: this.config.framework,\n sdkVersion: getVersion(),\n });\n }\n public instanceId: string;\n public browserCorsFailsSilentlyRedirectUrl: string = \"\";\n\n constructor(\n config: typeof this.config,\n readonly setDesignOptions = defaultSetDesignOptions,\n ) {\n this.instanceId = uuid();\n this.config = config;\n\n this.postMessageHandler = (event: MessageEvent) => {\n const thisURL = new URL(window.location.href);\n if (\n event.origin.endsWith(\"civic.com\") ||\n thisURL.hostname === \"localhost\"\n ) {\n if (!validateLoginAppPostMessage(event.data, this.config.clientId)) {\n return;\n }\n const loginMessage = event.data as LoginPostMessage;\n if (loginMessage.type === \"generatePopupFailed\") {\n this.handleLoginAppPopupFailed(\n (loginMessage.data as { url: string }).url,\n );\n return;\n }\n if (\n loginMessage.type === \"browserCorsFailsSilently\" &&\n this.displayMode === \"iframe\"\n ) {\n this.handleBrowserCorsFailsSilently(\n (loginMessage.data as { url: string }).url,\n );\n return;\n }\n if (loginMessage.type === \"design\") {\n // TODO handle the design message\n this.handleLoginAppDesignUpdate(\n loginMessage.data as LoginAppDesignOptions,\n );\n return;\n }\n }\n };\n\n window.addEventListener(\"message\", this.postMessageHandler);\n }\n\n async handleLoginAppPopupFailed(redirectUrl: string) {\n console.warn(\n \"Login app popup failed open a popup, using redirect mode instead...\",\n redirectUrl,\n );\n window.location.href = redirectUrl;\n }\n\n async handleBrowserCorsFailsSilently(redirectUrl: string) {\n console.warn(\n \"Login app opened in a browser where popups fail silently...\",\n {\n redirectUrl,\n iframeIsVisible: iframeIsVisible(),\n autoRedirect: this.config.autoRedirect,\n },\n );\n BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl =\n redirectUrl;\n // Check autoRedirect config before proceeding\n if (this.config.autoRedirect !== false && iframeIsVisible()) {\n // hide the iframe as we're in redirect mode\n // to avoid it loading then immediately disappearing\n const iframe = document.getElementById(\n \"civic-auth-iframe-container\",\n ) as HTMLIFrameElement | null;\n if (iframe) {\n iframe.style.display = \"none\";\n }\n return this.handleUserInteractionBrowserCorsFailsSilently();\n }\n }\n\n async handleUserInteractionBrowserCorsFailsSilently(): Promise<{\n isRedirecting: boolean;\n }> {\n const isInEmbeddedIframeMode = isEmbeddedIframeMode();\n // check if the iframe is visible\n if (\n !isInEmbeddedIframeMode &&\n this.config.autoRedirect !== false && // Add this check\n BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl\n ) {\n console.warn(\n \"Browser CORS failed silently, redirecting...\",\n BrowserAuthenticationInitiator.browserCorsFailsSilentlyRedirectUrl,\n );\n this.config.displayMode = \"redirect\";\n collectAndSendSDKAnalytics(\n this.config.clientId,\n this.config.oauthServer,\n this.config.framework,\n );\n const signInUrl = await this.getSignInUrl();\n window.dispatchEvent(\n new CustomEvent(\"locationWillChange\", {\n detail: { newUrl: signInUrl.toString() },\n }),\n );\n setTimeout(() => {\n window.location.href = signInUrl.toString();\n }, 100);\n return { isRedirecting: true };\n }\n return { isRedirecting: false };\n }\n\n async handleLoginAppDesignUpdate(options: LoginAppDesignOptions) {\n this.setDesignOptions(options);\n }\n\n async getSignInUrl(): Promise<URL> {\n const val = await generateOauthLoginUrl({\n ...this.config,\n state: this.state,\n });\n return val;\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and then use the display mode to decide how to send the user there\n async signIn(iframeRef: HTMLIFrameElement | null): Promise<URL> {\n // Send SDK analytics when authentication starts\n // Fire and forget - don't block authentication if analytics fails\n collectAndSendSDKAnalytics(\n this.config.clientId,\n this.config.oauthServer,\n this.config.framework,\n );\n\n const url = await this.getSignInUrl();\n\n if (this.config.displayMode === \"iframe\") {\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n }\n\n if (this.config.displayMode === \"redirect\") {\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n // TODO handle the 'onclose' event to clean up and reset the authStatus\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n async signOut(\n idToken: string | undefined,\n iframeRef: HTMLIFrameElement | null,\n ): Promise<URL> {\n let url;\n const localStorage = new LocalStorageAdapter();\n const state = this.state;\n if (this.isServerTokenExchange) {\n if (!this.config.logoutUrl) {\n throw new Error(\"logoutUrl is required for server token exchange\");\n }\n url = new URL(this.config.logoutUrl, window.location.origin);\n url.searchParams.append(\"state\", state);\n } else {\n if (!idToken) {\n throw new Error(\"idToken is required for non-server token exchange\");\n }\n\n url = await generateOauthLogoutUrl({\n ...this.config,\n idToken,\n state,\n redirectUrl: this.config.logoutRedirectUrl,\n });\n }\n\n if (this.config.displayMode === \"iframe\") {\n // Clear storage before calling server by setting iframe src to the logout url\n await clearStorageAndEmitSignOut();\n await localStorage.delete(LOGOUT_STATE);\n const ref = getIframeRef(iframeRef);\n ref.setAttribute(\"src\", url.toString());\n\n LocalStorageAdapter.emitter.emit(\"signOut\");\n }\n\n if (this.config.displayMode === \"redirect\") {\n // we don't clear any storage here as we're redirecting to the logout url\n // and the server should handle that\n await localStorage.set(LOGOUT_STATE, state);\n window.location.href = url.toString();\n }\n\n if (this.config.displayMode === \"new_tab\") {\n try {\n // Clear storage before calling server by setting iframe src to the logout url\n await clearStorageAndEmitSignOut();\n const popupWindow = window.open(url.toString(), \"_blank\");\n if (!popupWindow) {\n throw new PopupError(\"Failed to open popup window\");\n }\n } catch (error) {\n console.error(\"popupWindow\", error);\n throw new PopupError(\n \"window.open has thrown: Failed to open popup window\",\n );\n }\n }\n\n return url;\n }\n\n cleanup() {\n if (this.postMessageHandler) {\n window.removeEventListener(\"message\", this.postMessageHandler);\n }\n }\n}\n\n/** A general-purpose authentication initiator, that just generates urls, but lets\n * the caller decide how to use them. This is useful for server-side applications\n * that may serve this URL to their front-ends or just call them directly\n */\nexport class GenericAuthenticationInitiator implements AuthenticationInitiator {\n protected config: GenericAuthenticationInitiatorConfig;\n\n constructor(config: typeof this.config) {\n this.config = config;\n }\n\n // Use the config (Client ID, scopes OAuth Server, Endpoints, PKCEConsumer) to generate a new login url\n // and simply return the url\n async signIn(): Promise<URL> {\n return generateOauthLoginUrl(this.config);\n }\n\n async signOut(idToken: string): Promise<URL> {\n return generateOauthLogoutUrl({\n ...this.config,\n idToken,\n });\n }\n}\n\ntype BrowserAuthenticationConfig = {\n clientId: string;\n redirectUrl: string;\n logoutUrl?: string;\n logoutRedirectUrl: string;\n scopes: string[];\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n displayMode: DisplayMode;\n};\n\n/**\n * An authentication resolver that can run on the browser (i.e. a public client)\n * It uses PKCE for security. PKCE and Session data are stored in local storage\n */\nexport class BrowserAuthenticationService extends BrowserAuthenticationInitiator {\n private oauth2client: OAuth2Client | undefined;\n private endpoints: Endpoints | undefined;\n\n // TODO WIP - perhaps we want to keep resolver and initiator separate here\n constructor(\n config: BrowserAuthenticationConfig,\n // Since we are running fully on the client, we produce as well as consume the PKCE challenge\n protected pkceProducer = new BrowserPublicClientPKCEProducer(),\n ) {\n super({\n ...config,\n // Store and retrieve the PKCE challenge in local storage\n pkceConsumer: pkceProducer,\n });\n }\n\n // TODO too much code duplication here between the browser and the server variant.\n // Suggestion for refactor: Standardise the config for AuthenticationResolvers and create a one-shot\n // function for generating an oauth2client from it\n async init(): Promise<this> {\n // resolve oauth config\n this.endpoints = await getEndpointsWithOverrides(\n this.oauthServer,\n this.config.endpointOverrides,\n );\n this.oauth2client = new OAuth2Client(\n this.config.clientId,\n this.endpoints.auth,\n this.endpoints.token,\n {\n redirectURI: this.config.redirectUrl,\n },\n );\n\n return this;\n }\n\n async storeTokensOnLogin(tokens: OIDCTokenResponseBody) {\n const clientStorage = new LocalStorageAdapter();\n await storeTokens(clientStorage, tokens);\n // delete code verifier as it should be single-use\n await clientStorage.delete(CodeVerifier.COOKIE_NAME);\n const user = await getUser(clientStorage);\n if (!user) {\n throw new Error(\"Failed to get user info\");\n }\n const userSession = new GenericUserSession(clientStorage);\n await userSession.set(user);\n LocalStorageAdapter.emitter.emit(\"signIn\");\n }\n\n // Two responsibilities:\n // 1. resolve the auth code to get the tokens (should use library code)\n // 2. store the tokens in local storage\n async tokenExchange(\n code: string,\n state: string,\n ): Promise<OIDCTokenResponseBody> {\n if (!this.oauth2client) await this.init();\n const codeVerifier = await this.pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in storage\");\n\n // exchange auth code for tokens\n const tokens = await exchangeTokens(\n code,\n state,\n this.pkceProducer,\n this.oauth2client!, // clean up types here to avoid the ! operator\n this.oauthServer,\n this.endpoints!, // clean up types here to avoid the ! operator\n );\n await this.storeTokensOnLogin(tokens);\n // cleanup the browser window if needed\n const parsedDisplayMode = displayModeFromState(\n state,\n this.config.displayMode,\n );\n\n if (parsedDisplayMode === \"new_tab\") {\n // Close the popup window\n window.addEventListener(\"beforeunload\", () => {\n window?.opener?.focus();\n });\n window.close();\n }\n // these are the default oAuth params that get added to the URL in redirect which we want to remove if present\n removeParamsWithoutReload(DEFAULT_OAUTH_GET_PARAMS);\n return tokens;\n }\n\n // Get the session data from local storage\n async getSessionData(): Promise<SessionData | null> {\n const storageData = await retrieveTokens(new LocalStorageAdapter());\n if (!storageData) return null;\n\n return {\n authenticated: !!storageData.id_token,\n idToken: storageData.id_token,\n accessToken: storageData.access_token,\n refreshToken: storageData.refresh_token,\n oidcSessionExpiresAt: storageData.oidc_session_expires_at,\n };\n }\n\n async tryRefreshTokens(\n sessionData: SessionData | null,\n ): Promise<SessionData> {\n // If token validation fails but we have a refresh token, attempt to refresh\n if (sessionData?.refreshToken) {\n try {\n const clientStorage = new LocalStorageAdapter();\n\n // Create a BrowserAuthenticationRefresher to handle token refresh using the build method\n const authConfig = {\n clientId: this.config.clientId,\n oauthServer: this.oauthServer,\n redirectUrl: this.config.redirectUrl,\n };\n\n // Use build method which handles initialization\n const refresher = await BrowserAuthenticationRefresher.build(\n authConfig,\n clientStorage,\n async (error: Error) => {\n console.warn(\"Failed to refresh tokens during validation\", error);\n },\n this.config.endpointOverrides,\n );\n\n try {\n // Perform token refresh (no need to call init explicitly)\n const tokenResponse = await refresher.refreshAccessToken();\n\n // For backend flows, tokenResponse might be null since tokens are in HTTP-only cookies\n if (tokenResponse) {\n // Store tokens for SPA flows where tokens are accessible\n await this.storeTokensOnLogin(tokenResponse);\n }\n\n // Return a new session with the refreshed tokens\n const refreshedSession = await this.getSessionData();\n if (refreshedSession && refreshedSession.authenticated) {\n return {\n ...refreshedSession,\n authenticated: true,\n };\n } else {\n throw new Error(\"Failed to get refreshed session data\");\n }\n } catch (refreshApiError) {\n console.error(\n \"Error during token refresh API call:\",\n refreshApiError,\n );\n throw refreshApiError; // Re-throw to be caught by outer catch block\n }\n } catch (error) {\n const refreshError = error as Error;\n console.error(\"Token refresh failed with error:\", refreshError);\n // Only delete refresh token if it's invalid, not for network errors\n // which might be temporary\n if (\n refreshError.message.includes(\"invalid\") ||\n refreshError.message.includes(\"expired\")\n ) {\n const clientStorage = new LocalStorageAdapter();\n console.log(\"Deleting invalid refresh token\");\n await clearTokens(clientStorage);\n await clearUser(clientStorage);\n }\n console.warn(\"Failed to refresh tokens\", refreshError);\n }\n }\n\n return {\n ...sessionData,\n authenticated: false,\n };\n }\n\n async validateExistingSession(): Promise<SessionData> {\n try {\n const sessionData = await this.getSessionData();\n if (!sessionData?.idToken) {\n const refreshedSessionData = await this.tryRefreshTokens(sessionData);\n if (refreshedSessionData.authenticated) {\n return refreshedSessionData;\n }\n const unAuthenticatedSession = { ...sessionData, authenticated: false };\n return unAuthenticatedSession;\n }\n if (!this.endpoints?.jwks || !this.oauth2client) await this.init();\n\n if (!this.endpoints?.jwks) {\n throw new Error(\"No jwks endpoint\");\n }\n\n // this function will throw if the idToken is invalid\n // Note: Access token is no longer required for authentication\n await validateOauth2Tokens(\n {\n id_token: sessionData.idToken,\n refresh_token: sessionData.refreshToken,\n access_token: sessionData.accessToken,\n oidc_session_expires_at: sessionData.oidcSessionExpiresAt,\n },\n this.endpoints.jwks,\n this.oauth2client!,\n this.oauthServer,\n );\n return sessionData;\n } catch (error) {\n console.warn(\"Failed to validate existing tokens\", error);\n const unAuthenticatedSession = {\n authenticated: false,\n };\n const storage = new LocalStorageAdapter();\n await clearTokens(storage);\n await clearUser(storage);\n return unAuthenticatedSession;\n }\n }\n\n get oauthServer(): string {\n return this.config.oauthServer || DEFAULT_AUTH_SERVER;\n }\n\n async getEndSessionEndpoint(): Promise<string | null> {\n if (!this.endpoints) {\n return null;\n }\n return this.endpoints?.endsession;\n }\n\n static async build(\n config: BrowserAuthenticationConfig,\n ): Promise<AuthenticationResolver> {\n const resolver = new BrowserAuthenticationService(config);\n await resolver.init();\n\n return resolver;\n }\n}\n"]}
package/dist/shared/components/IFrameAndLoading.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"IFrameAndLoading.d.ts","sourceRoot":"","sources":["../../../src/shared/components/IFrameAndLoading.tsx"],"names":[],"mappings":"AAWA,QAAA,MAAM,gBAAgB,mCAGnB;IACD,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B,qDAuGA,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC"}
1
+ {"version":3,"file":"IFrameAndLoading.d.ts","sourceRoot":"","sources":["../../../src/shared/components/IFrameAndLoading.tsx"],"names":[],"mappings":"AAWA,QAAA,MAAM,gBAAgB,mCAGnB;IACD,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B,qDAwGA,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC"}
package/dist/shared/components/IFrameAndLoading.js CHANGED
@@ -58,7 +58,7 @@ const IFrameAndLoading = ({ error, showIframeOnLogout = false, }) => {
58
58
  setIframeShouldRender(renderIframe);
59
59
  }
60
60
  }, [authStatus, renderIframe, iframeIsVisible]);
61
- return (_jsxs(_Fragment, { children: [iframeShouldRender && (_jsx("div", { style: iframeIsVisible ? { display: "block" } : { display: "none" }, children: _jsx(CivicAuthIframeContainer, { onClose: () => setIframeIsVisible(false) }) })), _jsx("div", { style: showIframeOnLogout && logoutIframeIsVisible
61
+ return (_jsxs(_Fragment, { children: [iframeShouldRender && (_jsx("div", { id: "civic-auth-iframe-container", style: iframeIsVisible ? { display: "block" } : { display: "none" }, children: _jsx(CivicAuthIframeContainer, { onClose: () => setIframeIsVisible(false) }) })), _jsx("div", { style: showIframeOnLogout && logoutIframeIsVisible
62
62
  ? { display: "block" }
63
63
  : { display: "none" }, children: _jsx(CivicAuthLogoutIframeContainer, { isLoading: logoutIframeLoading }) }), error && (_jsx(BlockDisplay, { children: _jsxs("div", { children: ["Error: ", error?.message] }) })), showLoadingOverlay && !error && (_jsx(BlockDisplay, { children: _jsx(LoadingIcon, {}) }))] }));
64
64
  };
package/dist/shared/components/IFrameAndLoading.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"IFrameAndLoading.js","sourceRoot":"","sources":["../../../src/shared/components/IFrameAndLoading.tsx"],"names":[],"mappings":";AAAA,OAAO,KAAK,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAExC,MAAM,gBAAgB,GAAG,CAAC,EACxB,KAAK,EACL,kBAAkB,GAAG,KAAK,GAK3B,EAAE,EAAE;IACH,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,MAAM,CAAC,mBAAmB,EAAE,sBAAsB,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACrE,MAAM,EACJ,YAAY,EACZ,eAAe,EACf,kBAAkB,EAClB,qBAAqB,GACtB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,UAAU,EAAE,GAAG,aAAa,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,8DAA8D;IAC9D,uEAAuE;IACvE,0FAA0F;IAC1F,qFAAqF;IACrF,MAAM,kBAAkB,GAAG,UAAU,CAAC;IAEtC,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,kBAAkB,GAAG,CAAC,KAAmB,EAAE,EAAE;YACjD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9C,IACE,CAAC,CACC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,QAAQ,KAAK,WAAW,CACvE,EACD,CAAC;gBACD,OAAO;YACT,CAAC;YAED,0EAA0E;YAC1E,IACE,KAAK,CAAC,IAAI,EAAE,MAAM,KAAK,eAAe;gBACtC,KAAK,CAAC,IAAI,EAAE,IAAI,KAAK,YAAY,EACjC,CAAC;gBACD,sBAAsB,CAAC,KAAK,CAAC,CAAC;gBAC9B,OAAO;YACT,CAAC;YAED,sBAAsB,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;QACvD,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;IACzE,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,GAAG,QAAQ,CAAC,YAAY,CAAC,CAAC;IAE3E,SAAS,CAAC,GAAG,EAAE;QACb,yEAAyE;QACzE,uFAAuF;QACvF,uFAAuF;QACvF,uEAAuE;QACvE,IAAI,OAAO,CAAC,IAAI,EAAE,aAAa,EAAE,CAAC;YAChC,UAAU,CAAC,GAAG,EAAE;gBACd,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;IACH,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;IAElC;;;OAGG;IACH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,UAAU,KAAK,UAAU,CAAC,aAAa,EAAE,CAAC;YAC5C,qBAAqB,CAAC,YAAY,CAAC,CAAC;QACtC,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC;IAEhD,OAAO,CACL,8BAGG,kBAAkB,IAAI,CACrB,cACE,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,YAEnE,KAAC,wBAAwB,IAAC,OAAO,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAI,GAClE,CACP,EAED,cACE,KAAK,EACH,kBAAkB,IAAI,qBAAqB;oBACzC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE;oBACtB,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,YAGzB,KAAC,8BAA8B,IAAC,SAAS,EAAE,mBAAmB,GAAI,GAC9D,EAEL,KAAK,IAAI,CACR,KAAC,YAAY,cACX,qCAAa,KAAK,EAAE,OAAO,IAAO,GACrB,CAChB,EAEA,kBAAkB,IAAI,CAAC,KAAK,IAAI,CAC/B,KAAC,YAAY,cACX,KAAC,WAAW,KAAG,GACF,CAChB,IACA,CACJ,CAAC;AACJ,CAAC,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC","sourcesContent":["import React, { useEffect, useState } from \"react\";\nimport { useIframe } from \"../hooks/useIframe.js\";\nimport { useIsInIframe } from \"../hooks/useIsInIframe.js\";\nimport { CivicAuthIframeContainer } from \"./CivicAuthIframeContainer.js\";\nimport { BlockDisplay } from \"./BlockDisplay.js\";\nimport { LoadingIcon } from \"./LoadingIcon.js\";\nimport { CivicAuthLogoutIframeContainer } from \"./CivicAuthLogoutIframeContainer.js\";\nimport { useSession } from \"../hooks/useSession.js\";\nimport { useAuthStatus } from \"../providers/AuthStatusContext.js\";\nimport { AuthStatus } from \"@/types.js\";\n\nconst IFrameAndLoading = ({\n error,\n showIframeOnLogout = false,\n}: {\n error: Error | null;\n isLoading: boolean;\n showIframeOnLogout?: boolean;\n}) => {\n const isInIframe = useIsInIframe();\n const [logoutIframeLoading, setLogoutIframeLoading] = useState(true);\n const {\n renderIframe,\n iframeIsVisible,\n setIframeIsVisible,\n logoutIframeIsVisible,\n } = useIframe();\n const { authStatus } = useAuthStatus();\n const session = useSession();\n // we show a loading overlay to block the display for the user\n // as the page that loads within the iframe will be the actual customer\n // login page just after authenticatino, which shouldn't be shown to the user during login\n // there's a small period where we're resolving the session and the iframe is showing\n const showLoadingOverlay = isInIframe;\n\n useEffect(() => {\n const handleErrorMessage = (event: MessageEvent) => {\n const thisURL = new URL(window.location.href);\n if (\n !(\n event.origin.endsWith(\"civic.com\") || thisURL.hostname === \"localhost\"\n )\n ) {\n return;\n }\n\n // The login app has thrown an error, so we need to show the logout iframe\n if (\n event.data?.source === \"civicloginApp\" &&\n event.data?.type === \"auth_error\"\n ) {\n setLogoutIframeLoading(false);\n return;\n }\n\n setLogoutIframeLoading(true);\n };\n\n window.addEventListener(\"message\", handleErrorMessage);\n return () => window.removeEventListener(\"message\", handleErrorMessage);\n }, []);\n\n const [iframeShouldRender, setIframeShouldRender] = useState(renderIframe);\n\n useEffect(() => {\n // We can't remove the iframe from the DOM immediately on authentication,\n // because it needs a short window to render a special 'TOKEN_EXCHANGE_SUCCESS' message\n // which the parent needs to detect in order to redirect to the loginSuccessUrl if any.\n // So we wait 500ms to allow that to happen before removing the iframe.\n if (session.data?.authenticated) {\n setTimeout(() => {\n return setIframeShouldRender(false);\n }, 500);\n }\n }, [session.data?.authenticated]);\n\n /**\n * This useEffect resets the iframeShouldRender state when the authStatus changes. We need it\n * as the iframeShouldRender state is set to false when the user is authenticated, but it needs to be reset\n */\n useEffect(() => {\n if (authStatus !== AuthStatus.AUTHENTICATED) {\n setIframeShouldRender(renderIframe);\n }\n }, [authStatus, renderIframe, iframeIsVisible]);\n\n return (\n <>\n {/* when the user is authenticated we shouldn't render the iframe anymore\n so that we clear the session for the next time */}\n {iframeShouldRender && (\n <div\n style={iframeIsVisible ? { display: \"block\" } : { display: \"none\" }}\n >\n <CivicAuthIframeContainer onClose={() => setIframeIsVisible(false)} />\n </div>\n )}\n\n <div\n style={\n showIframeOnLogout && logoutIframeIsVisible\n ? { display: \"block\" }\n : { display: \"none\" }\n }\n >\n <CivicAuthLogoutIframeContainer isLoading={logoutIframeLoading} />\n </div>\n\n {error && (\n <BlockDisplay>\n <div>Error: {error?.message}</div>\n </BlockDisplay>\n )}\n\n {showLoadingOverlay && !error && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n </>\n );\n};\nexport { IFrameAndLoading };\n"]}
1
+ {"version":3,"file":"IFrameAndLoading.js","sourceRoot":"","sources":["../../../src/shared/components/IFrameAndLoading.tsx"],"names":[],"mappings":";AAAA,OAAO,KAAK,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAExC,MAAM,gBAAgB,GAAG,CAAC,EACxB,KAAK,EACL,kBAAkB,GAAG,KAAK,GAK3B,EAAE,EAAE;IACH,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,MAAM,CAAC,mBAAmB,EAAE,sBAAsB,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACrE,MAAM,EACJ,YAAY,EACZ,eAAe,EACf,kBAAkB,EAClB,qBAAqB,GACtB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,UAAU,EAAE,GAAG,aAAa,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,8DAA8D;IAC9D,uEAAuE;IACvE,0FAA0F;IAC1F,qFAAqF;IACrF,MAAM,kBAAkB,GAAG,UAAU,CAAC;IAEtC,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,kBAAkB,GAAG,CAAC,KAAmB,EAAE,EAAE;YACjD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9C,IACE,CAAC,CACC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,QAAQ,KAAK,WAAW,CACvE,EACD,CAAC;gBACD,OAAO;YACT,CAAC;YAED,0EAA0E;YAC1E,IACE,KAAK,CAAC,IAAI,EAAE,MAAM,KAAK,eAAe;gBACtC,KAAK,CAAC,IAAI,EAAE,IAAI,KAAK,YAAY,EACjC,CAAC;gBACD,sBAAsB,CAAC,KAAK,CAAC,CAAC;gBAC9B,OAAO;YACT,CAAC;YAED,sBAAsB,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;QACvD,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;IACzE,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,GAAG,QAAQ,CAAC,YAAY,CAAC,CAAC;IAE3E,SAAS,CAAC,GAAG,EAAE;QACb,yEAAyE;QACzE,uFAAuF;QACvF,uFAAuF;QACvF,uEAAuE;QACvE,IAAI,OAAO,CAAC,IAAI,EAAE,aAAa,EAAE,CAAC;YAChC,UAAU,CAAC,GAAG,EAAE;gBACd,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;IACH,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;IAElC;;;OAGG;IACH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,UAAU,KAAK,UAAU,CAAC,aAAa,EAAE,CAAC;YAC5C,qBAAqB,CAAC,YAAY,CAAC,CAAC;QACtC,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC;IAEhD,OAAO,CACL,8BAGG,kBAAkB,IAAI,CACrB,cACE,EAAE,EAAC,6BAA6B,EAChC,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,YAEnE,KAAC,wBAAwB,IAAC,OAAO,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAI,GAClE,CACP,EAED,cACE,KAAK,EACH,kBAAkB,IAAI,qBAAqB;oBACzC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE;oBACtB,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,YAGzB,KAAC,8BAA8B,IAAC,SAAS,EAAE,mBAAmB,GAAI,GAC9D,EAEL,KAAK,IAAI,CACR,KAAC,YAAY,cACX,qCAAa,KAAK,EAAE,OAAO,IAAO,GACrB,CAChB,EAEA,kBAAkB,IAAI,CAAC,KAAK,IAAI,CAC/B,KAAC,YAAY,cACX,KAAC,WAAW,KAAG,GACF,CAChB,IACA,CACJ,CAAC;AACJ,CAAC,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC","sourcesContent":["import React, { useEffect, useState } from \"react\";\nimport { useIframe } from \"../hooks/useIframe.js\";\nimport { useIsInIframe } from \"../hooks/useIsInIframe.js\";\nimport { CivicAuthIframeContainer } from \"./CivicAuthIframeContainer.js\";\nimport { BlockDisplay } from \"./BlockDisplay.js\";\nimport { LoadingIcon } from \"./LoadingIcon.js\";\nimport { CivicAuthLogoutIframeContainer } from \"./CivicAuthLogoutIframeContainer.js\";\nimport { useSession } from \"../hooks/useSession.js\";\nimport { useAuthStatus } from \"../providers/AuthStatusContext.js\";\nimport { AuthStatus } from \"@/types.js\";\n\nconst IFrameAndLoading = ({\n error,\n showIframeOnLogout = false,\n}: {\n error: Error | null;\n isLoading: boolean;\n showIframeOnLogout?: boolean;\n}) => {\n const isInIframe = useIsInIframe();\n const [logoutIframeLoading, setLogoutIframeLoading] = useState(true);\n const {\n renderIframe,\n iframeIsVisible,\n setIframeIsVisible,\n logoutIframeIsVisible,\n } = useIframe();\n const { authStatus } = useAuthStatus();\n const session = useSession();\n // we show a loading overlay to block the display for the user\n // as the page that loads within the iframe will be the actual customer\n // login page just after authenticatino, which shouldn't be shown to the user during login\n // there's a small period where we're resolving the session and the iframe is showing\n const showLoadingOverlay = isInIframe;\n\n useEffect(() => {\n const handleErrorMessage = (event: MessageEvent) => {\n const thisURL = new URL(window.location.href);\n if (\n !(\n event.origin.endsWith(\"civic.com\") || thisURL.hostname === \"localhost\"\n )\n ) {\n return;\n }\n\n // The login app has thrown an error, so we need to show the logout iframe\n if (\n event.data?.source === \"civicloginApp\" &&\n event.data?.type === \"auth_error\"\n ) {\n setLogoutIframeLoading(false);\n return;\n }\n\n setLogoutIframeLoading(true);\n };\n\n window.addEventListener(\"message\", handleErrorMessage);\n return () => window.removeEventListener(\"message\", handleErrorMessage);\n }, []);\n\n const [iframeShouldRender, setIframeShouldRender] = useState(renderIframe);\n\n useEffect(() => {\n // We can't remove the iframe from the DOM immediately on authentication,\n // because it needs a short window to render a special 'TOKEN_EXCHANGE_SUCCESS' message\n // which the parent needs to detect in order to redirect to the loginSuccessUrl if any.\n // So we wait 500ms to allow that to happen before removing the iframe.\n if (session.data?.authenticated) {\n setTimeout(() => {\n return setIframeShouldRender(false);\n }, 500);\n }\n }, [session.data?.authenticated]);\n\n /**\n * This useEffect resets the iframeShouldRender state when the authStatus changes. We need it\n * as the iframeShouldRender state is set to false when the user is authenticated, but it needs to be reset\n */\n useEffect(() => {\n if (authStatus !== AuthStatus.AUTHENTICATED) {\n setIframeShouldRender(renderIframe);\n }\n }, [authStatus, renderIframe, iframeIsVisible]);\n\n return (\n <>\n {/* when the user is authenticated we shouldn't render the iframe anymore\n so that we clear the session for the next time */}\n {iframeShouldRender && (\n <div\n id=\"civic-auth-iframe-container\"\n style={iframeIsVisible ? { display: \"block\" } : { display: \"none\" }}\n >\n <CivicAuthIframeContainer onClose={() => setIframeIsVisible(false)} />\n </div>\n )}\n\n <div\n style={\n showIframeOnLogout && logoutIframeIsVisible\n ? { display: \"block\" }\n : { display: \"none\" }\n }\n >\n <CivicAuthLogoutIframeContainer isLoading={logoutIframeLoading} />\n </div>\n\n {error && (\n <BlockDisplay>\n <div>Error: {error?.message}</div>\n </BlockDisplay>\n )}\n\n {showLoadingOverlay && !error && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n </>\n );\n};\nexport { IFrameAndLoading };\n"]}
package/dist/shared/hooks/useSignIn.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"useSignIn.d.ts","sourceRoot":"","sources":["../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,UAAU,EACV,KAAK,WAAW,EAEjB,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAc,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAQpE,KAAK,WAAW,GAAG;IACjB,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IACjC,WAAW,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAClC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAcF;;GAEG;AACH,QAAA,MAAM,SAAS,4DAC2C,WAAW;kBAgQ9B,OAAO,CAAC,IAAI,CAAC;;uBAxGR,OAAO,CAAC,IAAI,CAAC;;;CAqSxD,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}
1
+ {"version":3,"file":"useSignIn.d.ts","sourceRoot":"","sources":["../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,UAAU,EACV,KAAK,WAAW,EAEjB,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAc,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAQpE,KAAK,WAAW,GAAG;IACjB,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IACjC,WAAW,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAClC,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAcF;;GAEG;AACH,QAAA,MAAM,SAAS,4DAC2C,WAAW;kBAkQ9B,OAAO,CAAC,IAAI,CAAC;;uBAxGR,OAAO,CAAC,IAAI,CAAC;;;CAsSxD,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}
package/dist/shared/hooks/useSignIn.js CHANGED
@@ -73,7 +73,7 @@ const useSignIn = ({ pkceConsumer, preSignOut, postSignOut, displayMode } = {
73
73
  const authInitiator = useMemo(() => {
74
74
  if (!civicAuthConfig)
75
75
  return null;
76
- const { clientId, redirectUrl, logoutUrl, loginSuccessUrl, logoutRedirectUrl, nonce, oauthServer, endpoints, scopes, } = civicAuthConfig;
76
+ const { clientId, redirectUrl, logoutUrl, loginSuccessUrl, logoutRedirectUrl, nonce, oauthServer, endpoints, scopes, autoRedirect, } = civicAuthConfig;
77
77
  return new BrowserAuthenticationInitiator({
78
78
  pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(),
79
79
  clientId,
@@ -87,6 +87,7 @@ const useSignIn = ({ pkceConsumer, preSignOut, postSignOut, displayMode } = {
87
87
  endpointOverrides: endpoints,
88
88
  nonce,
89
89
  framework: civicAuthConfig.framework,
90
+ autoRedirect,
90
91
  }, setDesignOption);
91
92
  }, [civicAuthConfig, displayMode, pkceConsumer, setDesignOption]);
92
93
  // Cleanup resources when component unmounts
@@ -206,8 +207,8 @@ const useSignIn = ({ pkceConsumer, preSignOut, postSignOut, displayMode } = {
206
207
  // Public sign-in method
207
208
  const signIn = useCallback(async () => {
208
209
  if (displayMode === "iframe") {
209
- setIframeIsVisible(true);
210
- await authInitiator?.handleUserInteractionBrowserCorsFailsSilently();
210
+ const result = await authInitiator?.handleUserInteractionBrowserCorsFailsSilently();
211
+ setIframeIsVisible(!result?.isRedirecting);
211
212
  }
212
213
  return startSignIn();
213
214
  }, [displayMode, startSignIn, setIframeIsVisible, authInitiator]);
package/dist/shared/hooks/useSignIn.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,EACL,UAAU,GAGX,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AAChE,OAAO,EAAE,UAAU,EAAqB,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AAmBxE,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,4BAA4B;AAEtE;;GAEG;AACH,MAAM,SAAS,GAAG,CAChB,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,KAAkB;IACpE,WAAW,EAAE,QAAQ;CACtB,EACD,EAAE;IACF,4BAA4B;IAC5B,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;IAC7C,MAAM,EACJ,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,wBAAwB,EACxB,aAAa,EACb,gBAAgB,GACjB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IACvC,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAAC;IACtD,MAAM,CAAC,EAAE,eAAe,CAAC,GAAG,eAAe,CACzC,gBAAgB,EAChB,EAAE,SAAS,EAAE,MAAM,EAAE,CACtB,CAAC;IAEF,0BAA0B;IAC1B,MAAM,UAAU,GAAG,MAAM,CAAgB,IAAI,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,MAAM,CAAa,UAAU,CAAC,eAAe,CAAC,CAAC;IACrE,MAAM,cAAc,GAAG,MAAM,CAAU,KAAK,CAAC,CAAC;IAE9C,mBAAmB;IACnB,MAAM,gBAAgB,GAAG,MAAM,EAAiB,CAAC;IACjD,MAAM,gBAAgB,GAAG,MAAM,CAE7B,IAAI,CAAC,CAAC;IACR,MAAM,eAAe,GAAG,MAAM,CAAmC,IAAI,CAAC,CAAC;IAEvE,iBAAiB;IACjB,MAAM,WAAW,GAAG,MAAM,CAGvB;QACD,oBAAoB,EAAE,IAAI;QAC1B,iBAAiB,EAAE,IAAI;KACxB,CAAC,CAAC;IAEH,wDAAwD;IACxD,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,EAAE;QAC5C,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAC7B,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YACxC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,aAAa,CAAC;YACjD,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAC/B,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAE3B,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC;YAC/B,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YAErC,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,MAAM,mBAAmB,GAAG,WAAW,CACrC,CAAC,KAAY,EAAE,YAAwB,UAAU,CAAC,KAAK,EAAE,EAAE;QACzD,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAE/B,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC;YAC/B,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAC/B,aAAa,CAAC,SAAS,CAAC,CAAC;YAEzB,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EACD,CAAC,aAAa,CAAC,CAChB,CAAC;IAEF,kCAAkC;IAClC,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,EAAE;QACjC,IAAI,CAAC,eAAe;YAAE,OAAO,IAAI,CAAC;QAElC,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,SAAS,EACT,eAAe,EACf,iBAAiB,EACjB,KAAK,EACL,WAAW,EACX,SAAS,EACT,MAAM,GACP,GAAG,eAAe,CAAC;QAEpB,OAAO,IAAI,8BAA8B,CACvC;YACE,YAAY,EAAE,YAAY,IAAI,IAAI,+BAA+B,EAAE;YACnE,QAAQ;YACR,WAAW;YACX,eAAe;YACf,SAAS;YACT,iBAAiB;YACjB,MAAM;YACN,WAAW;YACX,WAAW;YACX,iBAAiB,EAAE,SAAS;YAC5B,KAAK;YACL,SAAS,EAAE,eAAe,CAAC,SAAS;SACrC,EACD,eAAe,CAChB,CAAC;IACJ,CAAC,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC;IAElE,4CAA4C;IAC5C,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,EAAE,CAAC;YAC1B,CAAC;YACD,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,8BAA8B;IAC9B,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YACxD,IAAI,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;gBACzC,gBAAgB;gBAChB,WAAW,CAAC,YAAY,CAAC,CAAC;gBAC1B,SAAS,CAAC,YAAY,CAAC,CAAC;gBACxB,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAE5C,2BAA2B;gBAC3B,cAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;gBACxC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,qBAAqB;IACrB,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACxD,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,4CAA4C;QAC5C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACpD,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;YACnC,eAAe,CAAC,OAAO,GAAG,MAAM,CAAC;QACnC,CAAC,CAAC,CAAC;QACH,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;QAEnC,sFAAsF;QACtF,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;YAC3B,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,iCAAiC;QACjC,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,UAAU,CAAC,aAAa;gBAC3B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;YAE3B,KAAK,UAAU,CAAC,eAAe,CAAC;YAChC,KAAK,UAAU,CAAC,KAAK;gBACnB,MAAM;YAER,KAAK,UAAU,CAAC,cAAc;gBAC5B,+DAA+D;gBAC/D,OAAO,OAAO,CAAC;YAEjB;gBACE,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CAAC,8BAA8B,UAAU,EAAE,CAAC,CACtD,CAAC;QACN,CAAC;QAED,4BAA4B;QAC5B,cAAc,CAAC,OAAO,GAAG,IAAI,CAAC;QAE9B,6BAA6B;QAC7B,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,wDAAwD;YACxD,aAAa,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;YACzC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC;YAClD,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAE1C,uEAAuE;YACvE,UAAU,CAAC,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;gBAC1C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,mBAAmB,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC,EAAE,kBAAkB,CAAC,CAAC;YAEvB,mCAAmC;YACnC,MAAM,YAAY,GAAG,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;YAEhD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,qCAAqC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAE/B,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,sCAAsC;gBACtC,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC1B,aAAa,CAAC,OAAO,EAAE,CAAC;gBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;gBACzC,IAAI,CAAC;oBACH,uCAAuC;oBACvC,MAAM,aAAa,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC,CAAC;gBACzD,CAAC;gBAAC,OAAO,UAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CACX,+CAA+C,EAC/C,UAAU,CACX,CAAC;oBACF,mBAAmB,CACjB,UAAU,YAAY,KAAK;wBACzB,CAAC,CAAC,UAAU;wBACZ,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAClC,CAAC;oBACF,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,mBAAmB,CACjB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;gBACF,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC,EAAE;QACD,aAAa;QACb,WAAW;QACX,SAAS;QACT,kBAAkB;QAClB,UAAU;QACV,aAAa;QACb,mBAAmB;KACpB,CAAC,CAAC;IAEH,wBAAwB;IACxB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACnD,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,aAAa,EAAE,6CAA6C,EAAE,CAAC;QACvE,CAAC;QACD,OAAO,WAAW,EAAE,CAAC;IACvB,CAAC,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,EAAE,aAAa,CAAC,CAAC,CAAC;IAElE,kBAAkB;IAClB,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QACjC,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,aAAa,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACtC,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,EAAE,EAAE,CAAC;YAErB,MAAM,YAAY,GAAG,eAAe,EAAE,OAAO,IAAI,IAAI,CAAC;YACtD,MAAM,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjE,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBAChC,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE;oBAC7B,KAAK;oBACL,YAAY,EAAE,KAAK,YAAY,UAAU;iBAC1C,CAAC,CAAC;gBAEH,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;oBAChC,wBAAwB,CAAC,KAAK,CAAC,CAAC;oBAChC,aAAa,CAAC,OAAO,EAAE,CAAC;oBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBACzC,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,iBAAiB;gBACjE,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC,EAAE;QACD,OAAO,EAAE,OAAO;QAChB,aAAa;QACb,WAAW;QACX,wBAAwB;QACxB,kBAAkB;QAClB,UAAU;QACV,eAAe;QACf,aAAa;KACd,CAAC,CAAC;IAEH,mDAAmD;IACnD,SAAS,CAAC,GAAG,EAAE;QACb,0CAA0C;QAC1C,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC;QAEnC,kBAAkB;QAClB,WAAW,CAAC,OAAO,GAAG;YACpB,oBAAoB,EAAE,GAAG,EAAE;gBACzB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,oBAAoB,EAAE,CAAC;gBACzB,CAAC;YACH,CAAC;YACD,iBAAiB,EAAE,CAAC,KAAuB,EAAE,EAAE;gBAC7C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC;oBACjC,mBAAmB,CACjB,KAAK,YAAY,KAAK;wBACpB,CAAC,CAAC,KAAK;wBACP,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,gBAAgB,CAAC,CACjD,CAAC;gBACJ,CAAC;YACH,CAAC;SACF,CAAC;QAEF,kDAAkD;QAClD,IACE,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,WAAW,CAAC,OAAO,CAAC,oBAAoB;YACxC,WAAW,CAAC,OAAO,CAAC,iBAAiB,EACrC,CAAC;YACD,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACF,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;QACJ,CAAC;aAAM,IACL,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,UAAU,CAAC,OAAO,KAAK,IAAI,EAC3B,CAAC;YACD,oDAAoD;YACpD,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,oBAAoB;QACpB,OAAO,GAAG,EAAE;YACV,IAAI,WAAW,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;gBAC7C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACJ,CAAC;YACD,IAAI,WAAW,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;gBAC1C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,UAAU,EAAE,oBAAoB,EAAE,mBAAmB,CAAC,CAAC,CAAC;IAE5D,qDAAqD;IACrD,SAAS,CAAC,GAAG,EAAE;QACb,8EAA8E;QAC9E,IACE,OAAO,EAAE,aAAa;YACtB,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,aAAa,EAClD,CAAC;YACD,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YAExC,mDAAmD;YACnD,IACE,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc;gBACnD,gBAAgB,CAAC,OAAO,EACxB,CAAC;gBACD,oBAAoB,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,WAAW,KAAK,QAAQ,IAAI,aAAa,EAAE,CAAC;YAC9C,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACxB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;gBACxD,mBAAmB,CACjB,IAAI,KAAK,CAAC,yBAAyB,CAAC,EACpC,UAAU,CAAC,eAAe,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IACE,CAAC,OAAO,EAAE,aAAa;YACvB,CAAC,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC,QAAQ,CAC3D,aAAa,CAAC,OAAO,CACtB,EACD,CAAC;YACD,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,eAAe,EAAE,CAAC;gBACzD,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC,EAAE;QACD,WAAW;QACX,aAAa;QACb,OAAO,EAAE,aAAa;QACtB,gBAAgB;QAChB,oBAAoB;QACpB,mBAAmB;QACnB,aAAa;KACd,CAAC,CAAC;IAEH,2BAA2B;IAC3B,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,UAAU,KAAK,UAAU,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC;YACrE,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC1C,WAAW,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxB,wBAAwB,CAAC,KAAK,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,EAAE;QACD,OAAO;QACP,WAAW;QACX,wBAAwB;QACxB,UAAU;QACV,aAAa;KACd,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;QACX,UAAU;QACV,WAAW;KACZ,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import { BrowserAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport {\n AuthStatus,\n type DisplayMode,\n type LoginAppDesignOptions,\n} from \"@/types.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCallback, useEffect, useMemo, useRef } from \"react\";\nimport { PopupError, type PKCEConsumer } from \"@/services/types.js\";\nimport { useSession } from \"./useSession.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { clearTokens, clearUser } from \"../lib/util.js\";\nimport { useLocalStorage } from \"usehooks-ts\";\nimport { LOGOUT_STATE } from \"@/constants.js\";\nimport { useAuthStatus } from \"@/shared/providers/AuthStatusContext.js\";\n\ntype SignInProps = {\n pkceConsumer?: PKCEConsumer;\n preSignOut?: () => Promise<void>;\n postSignOut?: () => Promise<void>;\n displayMode: DisplayMode;\n};\n\ntype SignInError = Error | { message: string; [key: string]: unknown };\n\ninterface SignInEventDetail {\n error: SignInError;\n}\n\ninterface SignInErrorEvent {\n detail: SignInEventDetail;\n}\n\nconst SIGN_IN_TIMEOUT_MS = 9 * 60 * 1000; // 9 minutes in milliseconds\n\n/**\n * Hook to manage authentication flow.\n */\nconst useSignIn = (\n { pkceConsumer, preSignOut, postSignOut, displayMode }: SignInProps = {\n displayMode: \"iframe\",\n },\n) => {\n // Config and external state\n const civicAuthConfig = useCivicAuthConfig();\n const {\n iframeRef,\n logoutIframeRef,\n setIframeIsVisible,\n setLogoutIframeIsVisible,\n iframeAborted,\n setIframeAborted,\n } = useIframe();\n const { data: session } = useSession();\n const { authStatus, setAuthStatus } = useAuthStatus();\n const [, setDesignOption] = useLocalStorage<LoginAppDesignOptions>(\n `loginAppDesign`,\n { colorMode: \"auto\" },\n );\n\n // Internal state tracking\n const timeoutRef = useRef<number | null>(null);\n const authStatusRef = useRef<AuthStatus>(AuthStatus.UNAUTHENTICATED);\n const isSigningInRef = useRef<boolean>(false);\n\n // Promise handling\n const signInPromiseRef = useRef<Promise<void>>();\n const signInResolveRef = useRef<\n ((value: void | PromiseLike<void>) => void) | null\n >(null);\n const signInRejectRef = useRef<((reason: Error) => void) | null>(null);\n\n // Event handlers\n const handlersRef = useRef<{\n handleSignInComplete: (() => void) | null;\n handleSignInError: ((event: SignInErrorEvent) => void) | null;\n }>({\n handleSignInComplete: null,\n handleSignInError: null,\n });\n\n // Helper to resolve/reject sign-in promise with cleanup\n const resolveSignInPromise = useCallback(() => {\n if (signInResolveRef.current) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n authStatusRef.current = AuthStatus.AUTHENTICATED;\n isSigningInRef.current = false;\n signInResolveRef.current();\n\n // Clean up after resolving\n signInResolveRef.current = null;\n signInRejectRef.current = null;\n signInPromiseRef.current = undefined;\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n }, [setAuthStatus]);\n\n const rejectSignInPromise = useCallback(\n (error: Error, newStatus: AuthStatus = AuthStatus.ERROR) => {\n if (signInRejectRef.current) {\n signInRejectRef.current(error);\n\n // Clean up after rejecting\n signInResolveRef.current = null;\n signInRejectRef.current = null;\n signInPromiseRef.current = undefined;\n isSigningInRef.current = false;\n setAuthStatus(newStatus);\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n },\n [setAuthStatus],\n );\n\n // Create authentication initiator\n const authInitiator = useMemo(() => {\n if (!civicAuthConfig) return null;\n\n const {\n clientId,\n redirectUrl,\n logoutUrl,\n loginSuccessUrl,\n logoutRedirectUrl,\n nonce,\n oauthServer,\n endpoints,\n scopes,\n } = civicAuthConfig;\n\n return new BrowserAuthenticationInitiator(\n {\n pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(),\n clientId,\n redirectUrl,\n loginSuccessUrl,\n logoutUrl,\n logoutRedirectUrl,\n scopes,\n displayMode,\n oauthServer,\n endpointOverrides: endpoints,\n nonce,\n framework: civicAuthConfig.framework,\n },\n setDesignOption,\n );\n }, [civicAuthConfig, displayMode, pkceConsumer, setDesignOption]);\n\n // Cleanup resources when component unmounts\n useEffect(() => {\n return () => {\n if (authInitiator) {\n authInitiator.cleanup();\n }\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n };\n }, [authInitiator]);\n\n // Handle logout state cleanup\n useEffect(() => {\n const params = new URLSearchParams(window.location.search);\n const state = params.get(\"state\");\n const localStorage = new LocalStorageAdapter();\n localStorage.get(LOGOUT_STATE).then((storedLogoutState) => {\n if (state && state === storedLogoutState) {\n // Clear storage\n clearTokens(localStorage);\n clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n\n // Clean up storage and URL\n sessionStorage.removeItem(LOGOUT_STATE);\n const cleanUrl = window.location.href.split(\"?\")[0];\n window.history.replaceState({}, document.title, cleanUrl);\n }\n });\n }, []);\n\n // Main sign-in logic\n const startSignIn = useCallback(async (): Promise<void> => {\n if (!authInitiator) return;\n\n // Create the promise and store its handlers\n const promise = new Promise<void>((resolve, reject) => {\n signInResolveRef.current = resolve;\n signInRejectRef.current = reject;\n });\n signInPromiseRef.current = promise;\n\n // Check if sign-in is already in progress using the ref, if so, return signIn promise\n if (isSigningInRef.current) {\n return promise;\n }\n\n // State machine for sign-in flow\n switch (authStatus) {\n case AuthStatus.AUTHENTICATED:\n return Promise.resolve();\n\n case AuthStatus.UNAUTHENTICATED:\n case AuthStatus.ERROR:\n break;\n\n case AuthStatus.AUTHENTICATING:\n // if we're already authenticating, return the existing promise\n return promise;\n\n default:\n return Promise.reject(\n new Error(`Invalid state for sign-in: ${authStatus}`),\n );\n }\n\n // Set signing in flag first\n isSigningInRef.current = true;\n\n // Clear any existing timeout\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n try {\n // Set authenticating status before any async operations\n setAuthStatus(AuthStatus.AUTHENTICATING);\n authStatusRef.current = AuthStatus.AUTHENTICATING;\n authInitiator.setDisplayMode(displayMode);\n\n // Set a timeout to reject the promise if authentication takes too long\n timeoutRef.current = window.setTimeout(() => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n rejectSignInPromise(new Error(\"Sign-in timeout\"));\n }\n }, SIGN_IN_TIMEOUT_MS);\n\n // Start the authentication process\n const useIframeRef = iframeRef?.current || null;\n\n await authInitiator.signIn(useIframeRef);\n } catch (error) {\n // Reset the signing in flag on error\n isSigningInRef.current = false;\n\n if (error instanceof PopupError) {\n // Fallback to redirect if popup fails\n setIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n try {\n // Call signIn again with redirect mode\n await authInitiator.signIn(iframeRef?.current || null);\n } catch (retryError) {\n console.error(\n \"[useSignIn] Redirect sign-in initiation error\",\n retryError,\n );\n rejectSignInPromise(\n retryError instanceof Error\n ? retryError\n : new Error(String(retryError)),\n );\n return promise;\n }\n } else {\n rejectSignInPromise(\n error instanceof Error ? error : new Error(String(error)),\n );\n return promise;\n }\n }\n\n return promise;\n }, [\n authInitiator,\n displayMode,\n iframeRef,\n setIframeIsVisible,\n authStatus,\n setAuthStatus,\n rejectSignInPromise,\n ]);\n\n // Public sign-in method\n const signIn = useCallback(async (): Promise<void> => {\n if (displayMode === \"iframe\") {\n setIframeIsVisible(true);\n await authInitiator?.handleUserInteractionBrowserCorsFailsSilently();\n }\n return startSignIn();\n }, [displayMode, startSignIn, setIframeIsVisible, authInitiator]);\n\n // Sign-out method\n const signOut = useCallback(async () => {\n const idToken = session?.idToken;\n if (!authInitiator) return;\n\n setAuthStatus(AuthStatus.SIGNING_OUT);\n if (displayMode === \"iframe\") {\n setIframeIsVisible(false);\n setLogoutIframeIsVisible(true);\n }\n\n try {\n await preSignOut?.();\n\n const useIframeRef = logoutIframeRef?.current || null;\n await authInitiator.signOut(idToken, useIframeRef).catch((error) => {\n setAuthStatus(AuthStatus.ERROR);\n console.error(\"signOut error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n\n if (error instanceof PopupError) {\n setLogoutIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n authInitiator.signOut(idToken, useIframeRef); // Retry sign out\n }\n });\n } catch (error) {\n console.error(\"Signout error:\", error);\n setAuthStatus(AuthStatus.ERROR);\n }\n }, [\n session?.idToken,\n authInitiator,\n displayMode,\n setLogoutIframeIsVisible,\n setIframeIsVisible,\n preSignOut,\n logoutIframeRef,\n setAuthStatus,\n ]);\n\n // Set up event listeners for authentication status\n useEffect(() => {\n // Update the ref with current auth status\n authStatusRef.current = authStatus;\n\n // Define handlers\n handlersRef.current = {\n handleSignInComplete: () => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n resolveSignInPromise();\n }\n },\n handleSignInError: (event: SignInErrorEvent) => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n const error = event.detail.error;\n rejectSignInPromise(\n error instanceof Error\n ? error\n : new Error(error.message || \"Sign-in failed\"),\n );\n }\n },\n };\n\n // Add listeners only when in authenticating state\n if (\n authStatus === AuthStatus.AUTHENTICATING &&\n handlersRef.current.handleSignInComplete &&\n handlersRef.current.handleSignInError\n ) {\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n } else if (\n authStatus !== AuthStatus.AUTHENTICATING &&\n timeoutRef.current !== null\n ) {\n // Clean up timeout when not in authenticating state\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n // Cleanup listeners\n return () => {\n if (handlersRef.current.handleSignInComplete) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n }\n if (handlersRef.current.handleSignInError) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n }\n };\n }, [authStatus, resolveSignInPromise, rejectSignInPromise]);\n\n // Effect to handle session updates and iframe aborts\n useEffect(() => {\n // If session becomes authenticated, update state and resolve pending promises\n if (\n session?.authenticated &&\n authStatusRef.current !== AuthStatus.AUTHENTICATED\n ) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n\n // If we have a pending sign-in promise, resolve it\n if (\n authStatusRef.current === AuthStatus.AUTHENTICATING &&\n signInResolveRef.current\n ) {\n resolveSignInPromise();\n }\n }\n\n // Handle iframe abortion\n if (displayMode === \"iframe\" && iframeAborted) {\n setIframeAborted(false);\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n rejectSignInPromise(\n new Error(\"Sign-in aborted by user\"),\n AuthStatus.UNAUTHENTICATED,\n );\n }\n }\n\n // Update unauthenticated state when session is absent\n if (\n !session?.authenticated &&\n ![AuthStatus.AUTHENTICATING, AuthStatus.SIGNING_OUT].includes(\n authStatusRef.current,\n )\n ) {\n if (authStatusRef.current !== AuthStatus.UNAUTHENTICATED) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n }\n }\n }, [\n displayMode,\n iframeAborted,\n session?.authenticated,\n setIframeAborted,\n resolveSignInPromise,\n rejectSignInPromise,\n setAuthStatus,\n ]);\n\n // Handle logout completion\n useEffect(() => {\n if (authStatus === AuthStatus.SIGNING_OUT && !session?.authenticated) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n postSignOut?.().then(() => {\n setLogoutIframeIsVisible(false);\n });\n }\n }, [\n session,\n postSignOut,\n setLogoutIframeIsVisible,\n authStatus,\n setAuthStatus,\n ]);\n\n return {\n signIn,\n signOut,\n startSignIn,\n authStatus,\n displayMode,\n };\n};\n\nexport { useSignIn };\n"]}
1
+ {"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,EACL,UAAU,GAGX,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AAChE,OAAO,EAAE,UAAU,EAAqB,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AAmBxE,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,4BAA4B;AAEtE;;GAEG;AACH,MAAM,SAAS,GAAG,CAChB,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,KAAkB;IACpE,WAAW,EAAE,QAAQ;CACtB,EACD,EAAE;IACF,4BAA4B;IAC5B,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;IAC7C,MAAM,EACJ,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,wBAAwB,EACxB,aAAa,EACb,gBAAgB,GACjB,GAAG,SAAS,EAAE,CAAC;IAChB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;IACvC,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAAC;IACtD,MAAM,CAAC,EAAE,eAAe,CAAC,GAAG,eAAe,CACzC,gBAAgB,EAChB,EAAE,SAAS,EAAE,MAAM,EAAE,CACtB,CAAC;IAEF,0BAA0B;IAC1B,MAAM,UAAU,GAAG,MAAM,CAAgB,IAAI,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,MAAM,CAAa,UAAU,CAAC,eAAe,CAAC,CAAC;IACrE,MAAM,cAAc,GAAG,MAAM,CAAU,KAAK,CAAC,CAAC;IAE9C,mBAAmB;IACnB,MAAM,gBAAgB,GAAG,MAAM,EAAiB,CAAC;IACjD,MAAM,gBAAgB,GAAG,MAAM,CAE7B,IAAI,CAAC,CAAC;IACR,MAAM,eAAe,GAAG,MAAM,CAAmC,IAAI,CAAC,CAAC;IAEvE,iBAAiB;IACjB,MAAM,WAAW,GAAG,MAAM,CAGvB;QACD,oBAAoB,EAAE,IAAI;QAC1B,iBAAiB,EAAE,IAAI;KACxB,CAAC,CAAC;IAEH,wDAAwD;IACxD,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,EAAE;QAC5C,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAC7B,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YACxC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,aAAa,CAAC;YACjD,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAC/B,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAE3B,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC;YAC/B,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YAErC,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,MAAM,mBAAmB,GAAG,WAAW,CACrC,CAAC,KAAY,EAAE,YAAwB,UAAU,CAAC,KAAK,EAAE,EAAE;QACzD,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAE/B,2BAA2B;YAC3B,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC;YAChC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC;YAC/B,gBAAgB,CAAC,OAAO,GAAG,SAAS,CAAC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAC/B,aAAa,CAAC,SAAS,CAAC,CAAC;YAEzB,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,EACD,CAAC,aAAa,CAAC,CAChB,CAAC;IAEF,kCAAkC;IAClC,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,EAAE;QACjC,IAAI,CAAC,eAAe;YAAE,OAAO,IAAI,CAAC;QAElC,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,SAAS,EACT,eAAe,EACf,iBAAiB,EACjB,KAAK,EACL,WAAW,EACX,SAAS,EACT,MAAM,EACN,YAAY,GACb,GAAG,eAAe,CAAC;QAEpB,OAAO,IAAI,8BAA8B,CACvC;YACE,YAAY,EAAE,YAAY,IAAI,IAAI,+BAA+B,EAAE;YACnE,QAAQ;YACR,WAAW;YACX,eAAe;YACf,SAAS;YACT,iBAAiB;YACjB,MAAM;YACN,WAAW;YACX,WAAW;YACX,iBAAiB,EAAE,SAAS;YAC5B,KAAK;YACL,SAAS,EAAE,eAAe,CAAC,SAAS;YACpC,YAAY;SACb,EACD,eAAe,CAChB,CAAC;IACJ,CAAC,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC;IAElE,4CAA4C;IAC5C,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,EAAE,CAAC;YAC1B,CAAC;YACD,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,8BAA8B;IAC9B,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC/C,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YACxD,IAAI,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;gBACzC,gBAAgB;gBAChB,WAAW,CAAC,YAAY,CAAC,CAAC;gBAC1B,SAAS,CAAC,YAAY,CAAC,CAAC;gBACxB,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAE5C,2BAA2B;gBAC3B,cAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;gBACxC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,qBAAqB;IACrB,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACxD,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,4CAA4C;QAC5C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACpD,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;YACnC,eAAe,CAAC,OAAO,GAAG,MAAM,CAAC;QACnC,CAAC,CAAC,CAAC;QACH,gBAAgB,CAAC,OAAO,GAAG,OAAO,CAAC;QAEnC,sFAAsF;QACtF,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;YAC3B,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,iCAAiC;QACjC,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,UAAU,CAAC,aAAa;gBAC3B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;YAE3B,KAAK,UAAU,CAAC,eAAe,CAAC;YAChC,KAAK,UAAU,CAAC,KAAK;gBACnB,MAAM;YAER,KAAK,UAAU,CAAC,cAAc;gBAC5B,+DAA+D;gBAC/D,OAAO,OAAO,CAAC;YAEjB;gBACE,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CAAC,8BAA8B,UAAU,EAAE,CAAC,CACtD,CAAC;QACN,CAAC;QAED,4BAA4B;QAC5B,cAAc,CAAC,OAAO,GAAG,IAAI,CAAC;QAE9B,6BAA6B;QAC7B,IAAI,UAAU,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,wDAAwD;YACxD,aAAa,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;YACzC,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC,cAAc,CAAC;YAClD,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAE1C,uEAAuE;YACvE,UAAU,CAAC,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;gBAC1C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,mBAAmB,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC,EAAE,kBAAkB,CAAC,CAAC;YAEvB,mCAAmC;YACnC,MAAM,YAAY,GAAG,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;YAEhD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,qCAAqC;YACrC,cAAc,CAAC,OAAO,GAAG,KAAK,CAAC;YAE/B,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,sCAAsC;gBACtC,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC1B,aAAa,CAAC,OAAO,EAAE,CAAC;gBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;gBACzC,IAAI,CAAC;oBACH,uCAAuC;oBACvC,MAAM,aAAa,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC,CAAC;gBACzD,CAAC;gBAAC,OAAO,UAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CACX,+CAA+C,EAC/C,UAAU,CACX,CAAC;oBACF,mBAAmB,CACjB,UAAU,YAAY,KAAK;wBACzB,CAAC,CAAC,UAAU;wBACZ,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAClC,CAAC;oBACF,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,mBAAmB,CACjB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;gBACF,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC,EAAE;QACD,aAAa;QACb,WAAW;QACX,SAAS;QACT,kBAAkB;QAClB,UAAU;QACV,aAAa;QACb,mBAAmB;KACpB,CAAC,CAAC;IAEH,wBAAwB;IACxB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACnD,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,MAAM,GACV,MAAM,aAAa,EAAE,6CAA6C,EAAE,CAAC;YACvE,kBAAkB,CAAC,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,WAAW,EAAE,CAAC;IACvB,CAAC,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,EAAE,aAAa,CAAC,CAAC,CAAC;IAElE,kBAAkB;IAClB,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QACjC,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,aAAa,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACtC,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,EAAE,EAAE,CAAC;YAErB,MAAM,YAAY,GAAG,eAAe,EAAE,OAAO,IAAI,IAAI,CAAC;YACtD,MAAM,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjE,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBAChC,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE;oBAC7B,KAAK;oBACL,YAAY,EAAE,KAAK,YAAY,UAAU;iBAC1C,CAAC,CAAC;gBAEH,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;oBAChC,wBAAwB,CAAC,KAAK,CAAC,CAAC;oBAChC,aAAa,CAAC,OAAO,EAAE,CAAC;oBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBACzC,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,iBAAiB;gBACjE,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC,EAAE;QACD,OAAO,EAAE,OAAO;QAChB,aAAa;QACb,WAAW;QACX,wBAAwB;QACxB,kBAAkB;QAClB,UAAU;QACV,eAAe;QACf,aAAa;KACd,CAAC,CAAC;IAEH,mDAAmD;IACnD,SAAS,CAAC,GAAG,EAAE;QACb,0CAA0C;QAC1C,aAAa,CAAC,OAAO,GAAG,UAAU,CAAC;QAEnC,kBAAkB;QAClB,WAAW,CAAC,OAAO,GAAG;YACpB,oBAAoB,EAAE,GAAG,EAAE;gBACzB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,oBAAoB,EAAE,CAAC;gBACzB,CAAC;YACH,CAAC;YACD,iBAAiB,EAAE,CAAC,KAAuB,EAAE,EAAE;gBAC7C,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;oBACxD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC;oBACjC,mBAAmB,CACjB,KAAK,YAAY,KAAK;wBACpB,CAAC,CAAC,KAAK;wBACP,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,gBAAgB,CAAC,CACjD,CAAC;gBACJ,CAAC;YACH,CAAC;SACF,CAAC;QAEF,kDAAkD;QAClD,IACE,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,WAAW,CAAC,OAAO,CAAC,oBAAoB;YACxC,WAAW,CAAC,OAAO,CAAC,iBAAiB,EACrC,CAAC;YACD,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACF,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAC5B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;QACJ,CAAC;aAAM,IACL,UAAU,KAAK,UAAU,CAAC,cAAc;YACxC,UAAU,CAAC,OAAO,KAAK,IAAI,EAC3B,CAAC;YACD,oDAAoD;YACpD,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,oBAAoB;QACpB,OAAO,GAAG,EAAE;YACV,IAAI,WAAW,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;gBAC7C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,4BAA4B,EAC5B,WAAW,CAAC,OAAO,CAAC,oBAAoB,CACzC,CAAC;YACJ,CAAC;YACD,IAAI,WAAW,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;gBAC1C,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAC7B,yBAAyB,EACzB,WAAW,CAAC,OAAO,CAAC,iBAAiB,CACtC,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,UAAU,EAAE,oBAAoB,EAAE,mBAAmB,CAAC,CAAC,CAAC;IAE5D,qDAAqD;IACrD,SAAS,CAAC,GAAG,EAAE;QACb,8EAA8E;QAC9E,IACE,OAAO,EAAE,aAAa;YACtB,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,aAAa,EAClD,CAAC;YACD,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;YAExC,mDAAmD;YACnD,IACE,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc;gBACnD,gBAAgB,CAAC,OAAO,EACxB,CAAC;gBACD,oBAAoB,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,WAAW,KAAK,QAAQ,IAAI,aAAa,EAAE,CAAC;YAC9C,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACxB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;gBACxD,mBAAmB,CACjB,IAAI,KAAK,CAAC,yBAAyB,CAAC,EACpC,UAAU,CAAC,eAAe,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IACE,CAAC,OAAO,EAAE,aAAa;YACvB,CAAC,CAAC,UAAU,CAAC,cAAc,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC,QAAQ,CAC3D,aAAa,CAAC,OAAO,CACtB,EACD,CAAC;YACD,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,CAAC,eAAe,EAAE,CAAC;gBACzD,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC,EAAE;QACD,WAAW;QACX,aAAa;QACb,OAAO,EAAE,aAAa;QACtB,gBAAgB;QAChB,oBAAoB;QACpB,mBAAmB;QACnB,aAAa;KACd,CAAC,CAAC;IAEH,2BAA2B;IAC3B,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,UAAU,KAAK,UAAU,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC;YACrE,aAAa,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAC1C,WAAW,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxB,wBAAwB,CAAC,KAAK,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,EAAE;QACD,OAAO;QACP,WAAW;QACX,wBAAwB;QACxB,UAAU;QACV,aAAa;KACd,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;QACX,UAAU;QACV,WAAW;KACZ,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC","sourcesContent":["import { BrowserAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport {\n AuthStatus,\n type DisplayMode,\n type LoginAppDesignOptions,\n} from \"@/types.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCallback, useEffect, useMemo, useRef } from \"react\";\nimport { PopupError, type PKCEConsumer } from \"@/services/types.js\";\nimport { useSession } from \"./useSession.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { clearTokens, clearUser } from \"../lib/util.js\";\nimport { useLocalStorage } from \"usehooks-ts\";\nimport { LOGOUT_STATE } from \"@/constants.js\";\nimport { useAuthStatus } from \"@/shared/providers/AuthStatusContext.js\";\n\ntype SignInProps = {\n pkceConsumer?: PKCEConsumer;\n preSignOut?: () => Promise<void>;\n postSignOut?: () => Promise<void>;\n displayMode: DisplayMode;\n};\n\ntype SignInError = Error | { message: string; [key: string]: unknown };\n\ninterface SignInEventDetail {\n error: SignInError;\n}\n\ninterface SignInErrorEvent {\n detail: SignInEventDetail;\n}\n\nconst SIGN_IN_TIMEOUT_MS = 9 * 60 * 1000; // 9 minutes in milliseconds\n\n/**\n * Hook to manage authentication flow.\n */\nconst useSignIn = (\n { pkceConsumer, preSignOut, postSignOut, displayMode }: SignInProps = {\n displayMode: \"iframe\",\n },\n) => {\n // Config and external state\n const civicAuthConfig = useCivicAuthConfig();\n const {\n iframeRef,\n logoutIframeRef,\n setIframeIsVisible,\n setLogoutIframeIsVisible,\n iframeAborted,\n setIframeAborted,\n } = useIframe();\n const { data: session } = useSession();\n const { authStatus, setAuthStatus } = useAuthStatus();\n const [, setDesignOption] = useLocalStorage<LoginAppDesignOptions>(\n `loginAppDesign`,\n { colorMode: \"auto\" },\n );\n\n // Internal state tracking\n const timeoutRef = useRef<number | null>(null);\n const authStatusRef = useRef<AuthStatus>(AuthStatus.UNAUTHENTICATED);\n const isSigningInRef = useRef<boolean>(false);\n\n // Promise handling\n const signInPromiseRef = useRef<Promise<void>>();\n const signInResolveRef = useRef<\n ((value: void | PromiseLike<void>) => void) | null\n >(null);\n const signInRejectRef = useRef<((reason: Error) => void) | null>(null);\n\n // Event handlers\n const handlersRef = useRef<{\n handleSignInComplete: (() => void) | null;\n handleSignInError: ((event: SignInErrorEvent) => void) | null;\n }>({\n handleSignInComplete: null,\n handleSignInError: null,\n });\n\n // Helper to resolve/reject sign-in promise with cleanup\n const resolveSignInPromise = useCallback(() => {\n if (signInResolveRef.current) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n authStatusRef.current = AuthStatus.AUTHENTICATED;\n isSigningInRef.current = false;\n signInResolveRef.current();\n\n // Clean up after resolving\n signInResolveRef.current = null;\n signInRejectRef.current = null;\n signInPromiseRef.current = undefined;\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n }, [setAuthStatus]);\n\n const rejectSignInPromise = useCallback(\n (error: Error, newStatus: AuthStatus = AuthStatus.ERROR) => {\n if (signInRejectRef.current) {\n signInRejectRef.current(error);\n\n // Clean up after rejecting\n signInResolveRef.current = null;\n signInRejectRef.current = null;\n signInPromiseRef.current = undefined;\n isSigningInRef.current = false;\n setAuthStatus(newStatus);\n\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n }\n },\n [setAuthStatus],\n );\n\n // Create authentication initiator\n const authInitiator = useMemo(() => {\n if (!civicAuthConfig) return null;\n\n const {\n clientId,\n redirectUrl,\n logoutUrl,\n loginSuccessUrl,\n logoutRedirectUrl,\n nonce,\n oauthServer,\n endpoints,\n scopes,\n autoRedirect,\n } = civicAuthConfig;\n\n return new BrowserAuthenticationInitiator(\n {\n pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(),\n clientId,\n redirectUrl,\n loginSuccessUrl,\n logoutUrl,\n logoutRedirectUrl,\n scopes,\n displayMode,\n oauthServer,\n endpointOverrides: endpoints,\n nonce,\n framework: civicAuthConfig.framework,\n autoRedirect,\n },\n setDesignOption,\n );\n }, [civicAuthConfig, displayMode, pkceConsumer, setDesignOption]);\n\n // Cleanup resources when component unmounts\n useEffect(() => {\n return () => {\n if (authInitiator) {\n authInitiator.cleanup();\n }\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n };\n }, [authInitiator]);\n\n // Handle logout state cleanup\n useEffect(() => {\n const params = new URLSearchParams(window.location.search);\n const state = params.get(\"state\");\n const localStorage = new LocalStorageAdapter();\n localStorage.get(LOGOUT_STATE).then((storedLogoutState) => {\n if (state && state === storedLogoutState) {\n // Clear storage\n clearTokens(localStorage);\n clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n\n // Clean up storage and URL\n sessionStorage.removeItem(LOGOUT_STATE);\n const cleanUrl = window.location.href.split(\"?\")[0];\n window.history.replaceState({}, document.title, cleanUrl);\n }\n });\n }, []);\n\n // Main sign-in logic\n const startSignIn = useCallback(async (): Promise<void> => {\n if (!authInitiator) return;\n\n // Create the promise and store its handlers\n const promise = new Promise<void>((resolve, reject) => {\n signInResolveRef.current = resolve;\n signInRejectRef.current = reject;\n });\n signInPromiseRef.current = promise;\n\n // Check if sign-in is already in progress using the ref, if so, return signIn promise\n if (isSigningInRef.current) {\n return promise;\n }\n\n // State machine for sign-in flow\n switch (authStatus) {\n case AuthStatus.AUTHENTICATED:\n return Promise.resolve();\n\n case AuthStatus.UNAUTHENTICATED:\n case AuthStatus.ERROR:\n break;\n\n case AuthStatus.AUTHENTICATING:\n // if we're already authenticating, return the existing promise\n return promise;\n\n default:\n return Promise.reject(\n new Error(`Invalid state for sign-in: ${authStatus}`),\n );\n }\n\n // Set signing in flag first\n isSigningInRef.current = true;\n\n // Clear any existing timeout\n if (timeoutRef.current !== null) {\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n try {\n // Set authenticating status before any async operations\n setAuthStatus(AuthStatus.AUTHENTICATING);\n authStatusRef.current = AuthStatus.AUTHENTICATING;\n authInitiator.setDisplayMode(displayMode);\n\n // Set a timeout to reject the promise if authentication takes too long\n timeoutRef.current = window.setTimeout(() => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n rejectSignInPromise(new Error(\"Sign-in timeout\"));\n }\n }, SIGN_IN_TIMEOUT_MS);\n\n // Start the authentication process\n const useIframeRef = iframeRef?.current || null;\n\n await authInitiator.signIn(useIframeRef);\n } catch (error) {\n // Reset the signing in flag on error\n isSigningInRef.current = false;\n\n if (error instanceof PopupError) {\n // Fallback to redirect if popup fails\n setIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n try {\n // Call signIn again with redirect mode\n await authInitiator.signIn(iframeRef?.current || null);\n } catch (retryError) {\n console.error(\n \"[useSignIn] Redirect sign-in initiation error\",\n retryError,\n );\n rejectSignInPromise(\n retryError instanceof Error\n ? retryError\n : new Error(String(retryError)),\n );\n return promise;\n }\n } else {\n rejectSignInPromise(\n error instanceof Error ? error : new Error(String(error)),\n );\n return promise;\n }\n }\n\n return promise;\n }, [\n authInitiator,\n displayMode,\n iframeRef,\n setIframeIsVisible,\n authStatus,\n setAuthStatus,\n rejectSignInPromise,\n ]);\n\n // Public sign-in method\n const signIn = useCallback(async (): Promise<void> => {\n if (displayMode === \"iframe\") {\n const result =\n await authInitiator?.handleUserInteractionBrowserCorsFailsSilently();\n setIframeIsVisible(!result?.isRedirecting);\n }\n return startSignIn();\n }, [displayMode, startSignIn, setIframeIsVisible, authInitiator]);\n\n // Sign-out method\n const signOut = useCallback(async () => {\n const idToken = session?.idToken;\n if (!authInitiator) return;\n\n setAuthStatus(AuthStatus.SIGNING_OUT);\n if (displayMode === \"iframe\") {\n setIframeIsVisible(false);\n setLogoutIframeIsVisible(true);\n }\n\n try {\n await preSignOut?.();\n\n const useIframeRef = logoutIframeRef?.current || null;\n await authInitiator.signOut(idToken, useIframeRef).catch((error) => {\n setAuthStatus(AuthStatus.ERROR);\n console.error(\"signOut error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n\n if (error instanceof PopupError) {\n setLogoutIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n authInitiator.signOut(idToken, useIframeRef); // Retry sign out\n }\n });\n } catch (error) {\n console.error(\"Signout error:\", error);\n setAuthStatus(AuthStatus.ERROR);\n }\n }, [\n session?.idToken,\n authInitiator,\n displayMode,\n setLogoutIframeIsVisible,\n setIframeIsVisible,\n preSignOut,\n logoutIframeRef,\n setAuthStatus,\n ]);\n\n // Set up event listeners for authentication status\n useEffect(() => {\n // Update the ref with current auth status\n authStatusRef.current = authStatus;\n\n // Define handlers\n handlersRef.current = {\n handleSignInComplete: () => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n resolveSignInPromise();\n }\n },\n handleSignInError: (event: SignInErrorEvent) => {\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n const error = event.detail.error;\n rejectSignInPromise(\n error instanceof Error\n ? error\n : new Error(error.message || \"Sign-in failed\"),\n );\n }\n },\n };\n\n // Add listeners only when in authenticating state\n if (\n authStatus === AuthStatus.AUTHENTICATING &&\n handlersRef.current.handleSignInComplete &&\n handlersRef.current.handleSignInError\n ) {\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n LocalStorageAdapter.emitter.on(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n } else if (\n authStatus !== AuthStatus.AUTHENTICATING &&\n timeoutRef.current !== null\n ) {\n // Clean up timeout when not in authenticating state\n window.clearTimeout(timeoutRef.current);\n timeoutRef.current = null;\n }\n\n // Cleanup listeners\n return () => {\n if (handlersRef.current.handleSignInComplete) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-complete\",\n handlersRef.current.handleSignInComplete,\n );\n }\n if (handlersRef.current.handleSignInError) {\n LocalStorageAdapter.emitter.off(\n \"civic-auth-signin-error\",\n handlersRef.current.handleSignInError,\n );\n }\n };\n }, [authStatus, resolveSignInPromise, rejectSignInPromise]);\n\n // Effect to handle session updates and iframe aborts\n useEffect(() => {\n // If session becomes authenticated, update state and resolve pending promises\n if (\n session?.authenticated &&\n authStatusRef.current !== AuthStatus.AUTHENTICATED\n ) {\n setAuthStatus(AuthStatus.AUTHENTICATED);\n\n // If we have a pending sign-in promise, resolve it\n if (\n authStatusRef.current === AuthStatus.AUTHENTICATING &&\n signInResolveRef.current\n ) {\n resolveSignInPromise();\n }\n }\n\n // Handle iframe abortion\n if (displayMode === \"iframe\" && iframeAborted) {\n setIframeAborted(false);\n if (authStatusRef.current === AuthStatus.AUTHENTICATING) {\n rejectSignInPromise(\n new Error(\"Sign-in aborted by user\"),\n AuthStatus.UNAUTHENTICATED,\n );\n }\n }\n\n // Update unauthenticated state when session is absent\n if (\n !session?.authenticated &&\n ![AuthStatus.AUTHENTICATING, AuthStatus.SIGNING_OUT].includes(\n authStatusRef.current,\n )\n ) {\n if (authStatusRef.current !== AuthStatus.UNAUTHENTICATED) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n }\n }\n }, [\n displayMode,\n iframeAborted,\n session?.authenticated,\n setIframeAborted,\n resolveSignInPromise,\n rejectSignInPromise,\n setAuthStatus,\n ]);\n\n // Handle logout completion\n useEffect(() => {\n if (authStatus === AuthStatus.SIGNING_OUT && !session?.authenticated) {\n setAuthStatus(AuthStatus.UNAUTHENTICATED);\n postSignOut?.().then(() => {\n setLogoutIframeIsVisible(false);\n });\n }\n }, [\n session,\n postSignOut,\n setLogoutIframeIsVisible,\n authStatus,\n setAuthStatus,\n ]);\n\n return {\n signIn,\n signOut,\n startSignIn,\n authStatus,\n displayMode,\n };\n};\n\nexport { useSignIn };\n"]}
package/dist/shared/lib/iframeUtils.d.ts CHANGED
@@ -1,3 +1,4 @@
1
1
  export declare const getIframeRef: (iframeRef: HTMLIFrameElement | null | undefined, allowNull?: boolean) => HTMLIFrameElement;
2
2
  export declare const isEmbeddedIframeMode: () => Element | null;
3
+ export declare const iframeIsVisible: () => boolean;
3
4
  //# sourceMappingURL=iframeUtils.d.ts.map
package/dist/shared/lib/iframeUtils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"iframeUtils.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/iframeUtils.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,YAAY,cACZ,iBAAiB,GAAG,IAAI,GAAG,SAAS,0BAE9C,iBAKF,CAAC;AACF,eAAO,MAAM,oBAAoB,sBAEhC,CAAC"}
1
+ {"version":3,"file":"iframeUtils.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/iframeUtils.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,YAAY,cACZ,iBAAiB,GAAG,IAAI,GAAG,SAAS,0BAE9C,iBAKF,CAAC;AACF,eAAO,MAAM,oBAAoB,sBAEhC,CAAC;AACF,eAAO,MAAM,eAAe,eAS3B,CAAC"}
package/dist/shared/lib/iframeUtils.js CHANGED
@@ -9,4 +9,13 @@ export const getIframeRef = (iframeRef, allowNull = false) => {
9
9
  export const isEmbeddedIframeMode = () => {
10
10
  return document.querySelector('[data-testid="civic-iframe-no-chrome"]');
11
11
  };
12
+ export const iframeIsVisible = () => {
13
+ // check for iframe container by the id of civic-auth-iframe-container
14
+ // this is the id used in the CivicAuthIframe component
15
+ const iframe = document.getElementById("civic-auth-iframe-container");
16
+ if (!iframe)
17
+ return false;
18
+ const { display } = window.getComputedStyle(iframe);
19
+ return display !== "none";
20
+ };
12
21
  //# sourceMappingURL=iframeUtils.js.map
package/dist/shared/lib/iframeUtils.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"iframeUtils.js","sourceRoot":"","sources":["../../../src/shared/lib/iframeUtils.ts"],"names":[],"mappings":"AAAA,kFAAkF;AAClF,oDAAoD;AACpD,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,SAA+C,EAC/C,SAAS,GAAG,KAAK,EACE,EAAE;IACrB,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,SAA8B,CAAC;AACxC,CAAC,CAAC;AACF,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAG,EAAE;IACvC,OAAO,QAAQ,CAAC,aAAa,CAAC,wCAAwC,CAAC,CAAC;AAC1E,CAAC,CAAC","sourcesContent":["// Our custom iframe resizer doesn't add any special methods to the iframe element\n// so we can just return the iframe element directly\nexport const getIframeRef = (\n iframeRef: HTMLIFrameElement | null | undefined,\n allowNull = false,\n): HTMLIFrameElement => {\n if (!iframeRef && !allowNull) {\n throw new Error(\"iframeRef is required for displayMode 'iframe'\");\n }\n return iframeRef as HTMLIFrameElement;\n};\nexport const isEmbeddedIframeMode = () => {\n return document.querySelector('[data-testid=\"civic-iframe-no-chrome\"]');\n};\n"]}
1
+ {"version":3,"file":"iframeUtils.js","sourceRoot":"","sources":["../../../src/shared/lib/iframeUtils.ts"],"names":[],"mappings":"AAAA,kFAAkF;AAClF,oDAAoD;AACpD,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,SAA+C,EAC/C,SAAS,GAAG,KAAK,EACE,EAAE;IACrB,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,SAA8B,CAAC;AACxC,CAAC,CAAC;AACF,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAG,EAAE;IACvC,OAAO,QAAQ,CAAC,aAAa,CAAC,wCAAwC,CAAC,CAAC;AAC1E,CAAC,CAAC;AACF,MAAM,CAAC,MAAM,eAAe,GAAG,GAAG,EAAE;IAClC,sEAAsE;IACtE,uDAAuD;IACvD,MAAM,MAAM,GAAG,QAAQ,CAAC,cAAc,CACpC,6BAA6B,CACF,CAAC;IAC9B,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1B,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IACpD,OAAO,OAAO,KAAK,MAAM,CAAC;AAC5B,CAAC,CAAC","sourcesContent":["// Our custom iframe resizer doesn't add any special methods to the iframe element\n// so we can just return the iframe element directly\nexport const getIframeRef = (\n iframeRef: HTMLIFrameElement | null | undefined,\n allowNull = false,\n): HTMLIFrameElement => {\n if (!iframeRef && !allowNull) {\n throw new Error(\"iframeRef is required for displayMode 'iframe'\");\n }\n return iframeRef as HTMLIFrameElement;\n};\nexport const isEmbeddedIframeMode = () => {\n return document.querySelector('[data-testid=\"civic-iframe-no-chrome\"]');\n};\nexport const iframeIsVisible = () => {\n // check for iframe container by the id of civic-auth-iframe-container\n // this is the id used in the CivicAuthIframe component\n const iframe = document.getElementById(\n \"civic-auth-iframe-container\",\n ) as HTMLIFrameElement | null;\n if (!iframe) return false;\n const { display } = window.getComputedStyle(iframe);\n return display !== \"none\";\n};\n"]}
package/dist/shared/lib/types.d.ts CHANGED
@@ -38,5 +38,6 @@ export type CivicAuthConfig = null | {
38
38
  logoutUrl?: string;
39
39
  displayMode?: DisplayMode;
40
40
  framework?: FrameworkType;
41
+ autoRedirect?: boolean;
41
42
  };
42
43
  //# sourceMappingURL=types.d.ts.map
package/dist/shared/lib/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAExE,oBAAY,eAAe;IACzB,QAAQ,aAAa;IACrB,YAAY,iBAAiB;IAC7B,aAAa,kBAAkB;IAC/B,uBAAuB,4BAA4B;CACpD;AAED,eAAO,MAAM,mBAAmB,aAAa,CAAC;AAC9C,eAAO,MAAM,0BAA0B,oBAAoB,CAAC;AAE5D,oBAAY,YAAY;IACtB,WAAW,kBAAkB;IAC7B,OAAO,YAAY;CACpB;AACD,oBAAY,WAAW;IACrB,IAAI,SAAS;CACd;AACD,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AACD,MAAM,MAAM,SAAS,GAAG,eAAe,GAAG,YAAY,GAAG,WAAW,CAAC;AAErE,MAAM,MAAM,kBAAkB,GAAG,MAAM,CACrC,eAAe,GAAG,YAAY,EAC9B,YAAY,CACb,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG,IAAI,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,aAAa,CAAC;CAC3B,CAAC"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAExE,oBAAY,eAAe;IACzB,QAAQ,aAAa;IACrB,YAAY,iBAAiB;IAC7B,aAAa,kBAAkB;IAC/B,uBAAuB,4BAA4B;CACpD;AAED,eAAO,MAAM,mBAAmB,aAAa,CAAC;AAC9C,eAAO,MAAM,0BAA0B,oBAAoB,CAAC;AAE5D,oBAAY,YAAY;IACtB,WAAW,kBAAkB;IAC7B,OAAO,YAAY;CACpB;AACD,oBAAY,WAAW;IACrB,IAAI,SAAS;CACd;AACD,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AACD,MAAM,MAAM,SAAS,GAAG,eAAe,GAAG,YAAY,GAAG,WAAW,CAAC;AAErE,MAAM,MAAM,kBAAkB,GAAG,MAAM,CACrC,eAAe,GAAG,YAAY,EAC9B,YAAY,CACb,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG,IAAI,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,aAAa,CAAC;IAC1B,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB,CAAC"}
package/dist/shared/lib/types.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAEA,MAAM,CAAN,IAAY,eAKX;AALD,WAAY,eAAe;IACzB,wCAAqB,CAAA;IACrB,gDAA6B,CAAA;IAC7B,kDAA+B,CAAA;IAC/B,sEAAmD,CAAA;AACrD,CAAC,EALW,eAAe,KAAf,eAAe,QAK1B;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,UAAU,CAAC;AAC9C,MAAM,CAAC,MAAM,0BAA0B,GAAG,iBAAiB,CAAC;AAE5D,MAAM,CAAN,IAAY,YAGX;AAHD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,mCAAmB,CAAA;AACrB,CAAC,EAHW,YAAY,KAAZ,YAAY,QAGvB;AACD,MAAM,CAAN,IAAY,WAEX;AAFD,WAAY,WAAW;IACrB,4BAAa,CAAA;AACf,CAAC,EAFW,WAAW,KAAX,WAAW,QAEtB","sourcesContent":["import type { DisplayMode, Endpoints, FrameworkType } from \"@/types.js\";\n\nexport enum OAuthTokenTypes {\n ID_TOKEN = \"id_token\",\n ACCESS_TOKEN = \"access_token\",\n REFRESH_TOKEN = \"refresh_token\",\n OIDC_SESSION_EXPIRES_AT = \"oidc_session_expires_at\",\n}\n\nexport const AUTH_SERVER_SESSION = \"_session\";\nexport const AUTH_SERVER_LEGACY_SESSION = \"_session.legacy\";\n\nexport enum CodeVerifier {\n COOKIE_NAME = \"code_verifier\",\n APP_URL = \"app_url\",\n}\nexport enum UserStorage {\n USER = \"user\",\n}\nexport interface CookieConfig {\n secure?: boolean;\n sameSite?: \"strict\" | \"lax\" | \"none\";\n domain?: string;\n path?: string;\n maxAge?: number;\n httpOnly?: boolean;\n}\nexport type KeySetter = OAuthTokenTypes | CodeVerifier | UserStorage;\n\nexport type TokensCookieConfig = Record<\n OAuthTokenTypes | CodeVerifier,\n CookieConfig\n>;\n\nexport type CivicAuthConfig = null | {\n clientId: string;\n redirectUrl: string;\n loginSuccessUrl?: string;\n logoutRedirectUrl: string;\n oauthServer: string;\n endpoints: Endpoints;\n scopes: string[];\n nonce?: string;\n challengeUrl?: string;\n refreshUrl?: string;\n logoutUrl?: string;\n displayMode?: DisplayMode;\n framework?: FrameworkType;\n};\n"]}
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAEA,MAAM,CAAN,IAAY,eAKX;AALD,WAAY,eAAe;IACzB,wCAAqB,CAAA;IACrB,gDAA6B,CAAA;IAC7B,kDAA+B,CAAA;IAC/B,sEAAmD,CAAA;AACrD,CAAC,EALW,eAAe,KAAf,eAAe,QAK1B;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,UAAU,CAAC;AAC9C,MAAM,CAAC,MAAM,0BAA0B,GAAG,iBAAiB,CAAC;AAE5D,MAAM,CAAN,IAAY,YAGX;AAHD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,mCAAmB,CAAA;AACrB,CAAC,EAHW,YAAY,KAAZ,YAAY,QAGvB;AACD,MAAM,CAAN,IAAY,WAEX;AAFD,WAAY,WAAW;IACrB,4BAAa,CAAA;AACf,CAAC,EAFW,WAAW,KAAX,WAAW,QAEtB","sourcesContent":["import type { DisplayMode, Endpoints, FrameworkType } from \"@/types.js\";\n\nexport enum OAuthTokenTypes {\n ID_TOKEN = \"id_token\",\n ACCESS_TOKEN = \"access_token\",\n REFRESH_TOKEN = \"refresh_token\",\n OIDC_SESSION_EXPIRES_AT = \"oidc_session_expires_at\",\n}\n\nexport const AUTH_SERVER_SESSION = \"_session\";\nexport const AUTH_SERVER_LEGACY_SESSION = \"_session.legacy\";\n\nexport enum CodeVerifier {\n COOKIE_NAME = \"code_verifier\",\n APP_URL = \"app_url\",\n}\nexport enum UserStorage {\n USER = \"user\",\n}\nexport interface CookieConfig {\n secure?: boolean;\n sameSite?: \"strict\" | \"lax\" | \"none\";\n domain?: string;\n path?: string;\n maxAge?: number;\n httpOnly?: boolean;\n}\nexport type KeySetter = OAuthTokenTypes | CodeVerifier | UserStorage;\n\nexport type TokensCookieConfig = Record<\n OAuthTokenTypes | CodeVerifier,\n CookieConfig\n>;\n\nexport type CivicAuthConfig = null | {\n clientId: string;\n redirectUrl: string;\n loginSuccessUrl?: string;\n logoutRedirectUrl: string;\n oauthServer: string;\n endpoints: Endpoints;\n scopes: string[];\n nonce?: string;\n challengeUrl?: string;\n refreshUrl?: string;\n logoutUrl?: string;\n displayMode?: DisplayMode;\n framework?: FrameworkType;\n autoRedirect?: boolean;\n};\n"]}
package/dist/shared/providers/CivicAuthConfigContext.d.ts CHANGED
@@ -16,8 +16,9 @@ type CivicAuthConfigContextType = {
16
16
  logoutCallbackUrl?: string;
17
17
  displayMode?: DisplayMode;
18
18
  framework?: FrameworkType;
19
+ autoRedirect?: boolean;
19
20
  };
20
21
  declare const CivicAuthConfigContext: import("react").Context<CivicAuthConfig>;
21
- declare const CivicAuthConfigProvider: ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, loginSuccessUrl, nonce, challengeUrl, refreshUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, displayMode, framework, }: CivicAuthConfigContextType) => import("@emotion/react/jsx-runtime").JSX.Element;
22
+ declare const CivicAuthConfigProvider: ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, loginSuccessUrl, nonce, challengeUrl, refreshUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, displayMode, framework, autoRedirect, }: CivicAuthConfigContextType) => import("@emotion/react/jsx-runtime").JSX.Element;
22
23
  export { CivicAuthConfigProvider, CivicAuthConfigContext };
23
24
  //# sourceMappingURL=CivicAuthConfigContext.d.ts.map
package/dist/shared/providers/CivicAuthConfigContext.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuthConfigContext.d.ts","sourceRoot":"","sources":["../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAEA,OAAO,EAA0B,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAG/D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAI7D,KAAK,0BAA0B,GAAG;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,aAAa,CAAC;CAC3B,CAAC;AAEF,QAAA,MAAM,sBAAsB,0CAAgD,CAAC;AAE7E,QAAA,MAAM,uBAAuB,gNAc1B,0BAA0B,qDA4D5B,CAAC;AAEF,OAAO,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,CAAC"}
1
+ {"version":3,"file":"CivicAuthConfigContext.d.ts","sourceRoot":"","sources":["../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAEA,OAAO,EAA0B,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAG/D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAI7D,KAAK,0BAA0B,GAAG;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,aAAa,CAAC;IAC1B,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB,CAAC;AAEF,QAAA,MAAM,sBAAsB,0CAAgD,CAAC;AAE7E,QAAA,MAAM,uBAAuB,8NAe1B,0BAA0B,qDA8D5B,CAAC;AAEF,OAAO,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,CAAC"}
package/dist/shared/providers/CivicAuthConfigContext.js CHANGED
@@ -7,7 +7,7 @@ import { useCurrentUrl } from "../../shared/hooks/useCurrentUrl.js";
7
7
  const defaultConfig = null;
8
8
  // Context for exposing Config specifically to the TokenProvider
9
9
  const CivicAuthConfigContext = createContext(defaultConfig);
10
- const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, loginSuccessUrl, nonce, challengeUrl, refreshUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, displayMode = "iframe", framework, }) => {
10
+ const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, loginSuccessUrl, nonce, challengeUrl, refreshUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, displayMode = "iframe", framework, autoRedirect, }) => {
11
11
  const currentUrl = useCurrentUrl();
12
12
  const redirectUrl = useMemo(() => {
13
13
  const useUrl = inputRedirectUrl || currentUrl;
@@ -39,6 +39,7 @@ const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl:
39
39
  logoutRedirectUrl,
40
40
  displayMode,
41
41
  framework,
42
+ autoRedirect,
42
43
  }
43
44
  : null, [
44
45
  clientId,
@@ -54,6 +55,7 @@ const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl:
54
55
  logoutRedirectUrl,
55
56
  displayMode,
56
57
  framework,
58
+ autoRedirect,
57
59
  ]);
58
60
  return (_jsx(CivicAuthConfigContext.Provider, { value: value, children: children }));
59
61
  };