@descope/react-sdk 2.26.7 → 2.27.0

package/README.md

@@ -327,6 +327,63 @@ useEffect(() => {
 Descope SDK automatically refreshes the session token when it is about to expire. This is done in the background using the refresh token, without any additional configuration.
 If you want to disable this behavior, you can pass `autoRefresh={false}` to the `AuthProvider` component. This will prevent the SDK from automatically refreshing the session token.
 
+### Activity-Based Session Refresh
+
+Pass `autoRefresh={{ customActivityTracking: true }}` to skip refresh calls for idle users. The SDK will only refresh when `sdk.markUserActive()` has been called since the last refresh. This reduces unnecessary API calls and enables accurate server-side session inactivity tracking.
+
+**Step 1:** Enable it in `AuthProvider`:
+
+```jsx
+<AuthProvider projectId="my-project-id" autoRefresh={{ customActivityTracking: true }}>
+  <App />
+</AuthProvider>
+```
+
+**Step 2:** Create a `useActivityTracking` hook that calls `markUserActive()` on user interactions:
+
+```jsx
+import { useEffect } from 'react';
+import { useDescope } from '@descope/react-sdk';
+
+function useActivityTracking() {
+  const sdk = useDescope();
+
+  useEffect(() => {
+    const { markUserActive } = sdk;
+
+    document.addEventListener('click', markUserActive);
+    document.addEventListener('keydown', markUserActive);
+    document.addEventListener('touchstart', markUserActive);
+
+    // Mark active when the user switches back to this tab
+    const onVisibility = () => {
+      if (document.visibilityState === 'visible') markUserActive();
+    };
+    document.addEventListener('visibilitychange', onVisibility);
+
+    return () => {
+      document.removeEventListener('click', markUserActive);
+      document.removeEventListener('keydown', markUserActive);
+      document.removeEventListener('touchstart', markUserActive);
+      document.removeEventListener('visibilitychange', onVisibility);
+    };
+  }, [sdk]);
+}
+```
+
+Call `useActivityTracking()` inside a component that is rendered within `<AuthProvider>` so `useDescope()` has access to the context:
+
+```jsx
+function Layout() {
+  useActivityTracking();
+  return <Outlet />;
+}
+
+<AuthProvider projectId="my-project-id" autoRefresh={{ customActivityTracking: true }}>
+  <Layout />
+</AuthProvider>
+```
+
 **For more SDK usage examples refer to [docs](https://docs.descope.com/build/guides/client_sdks/)**
 
 ### Session token server validation (pass session token to server API)

package/dist/cjs/components/AuthProvider/AuthProvider.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthProvider.js","sources":["../../../../src/components/AuthProvider/AuthProvider.tsx"],"sourcesContent":["import React, {\n  FC,\n  useCallback,\n  useEffect,\n  useMemo,\n  useRef,\n  useState,\n} from 'react';\nimport { CookieConfig, OidcConfig } from '@descope/web-js-sdk';\nimport { Claims } from '@descope/core-js-sdk';\nimport { CustomStorage } from '@descope/web-component';\nimport Context from '../../hooks/Context';\nimport { IContext, User } from '../../types';\nimport { isDescopeBridge, withValidation } from '../../utils';\nimport useSdk from './useSdk';\n\ntype Hooks = Parameters<typeof useSdk>[0]['hooks'];\n\ninterface IAuthProviderProps {\n  projectId: string;\n  baseUrl?: string;\n  // allows to override the base URL that is used to fetch static files\n  baseStaticUrl?: string;\n  // allows to override the base URL that is used to fetch external script files\n  baseCdnUrl?: string;\n  // Default is true. If true, tokens will be stored on local storage and can accessed with getToken function\n  persistTokens?: boolean;\n  // Default is true. If true, the SDK will automatically refresh the session token when it is about to expire\n  autoRefresh?: boolean;\n  // If true, session token (jwt) will be stored on cookie. Otherwise, the session token will be\n  // stored on local storage and can accessed with getSessionToken function\n  // Use this option if session token will stay small (less than 1k)\n  // NOTE: Session token can grow, especially in cases of using authorization, or adding custom claims\n  sessionTokenViaCookie?: CookieConfig;\n  // If true, refresh token will be stored on cookie. Otherwise, the refresh token will be\n  // stored on local storage and can be accessed with getRefreshToken function\n  // Use this option if you need server-side access to the refresh token (e.g., in Next.js middleware)\n  // to enable refreshing sessions on the server before they expire\n  refreshTokenViaCookie?: CookieConfig;\n  hooks?: Hooks;\n  // If truthy he SDK refresh and logout functions will use the OIDC client\n  // Accepts boolean or OIDC configuration\n  oidcConfig?: OidcConfig;\n  // Default is true. If true, last authenticated user will be stored on local storage and can accessed with getUser function\n  storeLastAuthenticatedUser?: boolean;\n  // If true, last authenticated user will not be removed after logout\n  keepLastAuthenticatedUserAfterLogout?: boolean;\n  // Use this option if the authentication is done via cookie, and configured with a different name\n  // Currently, this is done using Descope Flows\n  refreshCookieName?: string;\n  // Function to get external token, for seamless migration from external system\n  getExternalToken?: () => Promise<string>;\n  // Custom storage object for authentication related data\n  customStorage?: CustomStorage;\n  children?: React.ReactNode;\n}\n\nconst AuthProvider: FC<IAuthProviderProps> = ({\n  projectId,\n  baseUrl = '',\n  baseStaticUrl = '',\n  baseCdnUrl = '',\n  sessionTokenViaCookie = false,\n  refreshTokenViaCookie = false,\n  hooks = undefined,\n  persistTokens = true,\n  autoRefresh = true,\n  oidcConfig = undefined,\n  storeLastAuthenticatedUser = true,\n  keepLastAuthenticatedUserAfterLogout = false,\n  refreshCookieName = '',\n  getExternalToken = undefined,\n  customStorage = undefined,\n  children = undefined,\n}) => {\n  const [user, setUser] = useState<User>();\n  const [session, setSession] = useState<string>();\n  const [claims, setClaims] = useState<Claims>();\n  const [isAuthenticated, setIsAuthenticated] = useState(false);\n\n  const [isUserLoading, setIsUserLoading] = useState(false);\n  const [isSessionLoading, setIsSessionLoading] = useState(false);\n\n  // if oidc config is enabled, we attempt to finish the login, so we start as loading\n  const [isOidcLoading, setIsOidcLoading] = useState(!!oidcConfig);\n  const isOidcFinishedLogin = useRef(false);\n\n  const sdk = useSdk({\n    projectId,\n    baseUrl,\n    persistTokens,\n    autoRefresh,\n    sessionTokenViaCookie,\n    refreshTokenViaCookie,\n    hooks,\n    oidcConfig,\n    storeLastAuthenticatedUser,\n    keepLastAuthenticatedUserAfterLogout,\n    refreshCookieName,\n    getExternalToken,\n    customStorage,\n  });\n\n  useEffect(() => {\n    if (sdk) {\n      const unsubscribeSessionToken = sdk.onSessionTokenChange(setSession);\n      const unsubscribeUser = sdk.onUserChange(setUser);\n      const unsubscribeIsAuthenticated =\n        sdk.onIsAuthenticatedChange(setIsAuthenticated);\n      const unsubscribeClaims = sdk.onClaimsChange(setClaims);\n\n      return () => {\n        unsubscribeSessionToken();\n        unsubscribeUser();\n        unsubscribeIsAuthenticated();\n        unsubscribeClaims();\n      };\n    }\n    return undefined;\n  }, [sdk]);\n\n  const isSessionFetched = useRef(false);\n  const isUserFetched = useRef(false);\n\n  // if oidc config is enabled, and we have oidc params in the url\n  // we will finish the login (this should run only once)\n  useEffect(() => {\n    if (sdk && oidcConfig && !isOidcFinishedLogin.current) {\n      isOidcFinishedLogin.current = true;\n      sdk.oidc.finishLoginIfNeed().finally(() => {\n        setIsOidcLoading(false);\n        // We want that the session will fetched only once\n        isSessionFetched.current = true;\n      });\n    }\n  }, []);\n\n  const fetchSession = useCallback(() => {\n    // Don't load the session in native flows, though we'd usually not get here at all from useSession in this case\n    if (isDescopeBridge()) return;\n\n    // We want that the session will fetched only once\n    if (isSessionFetched.current) return;\n    isSessionFetched.current = true;\n\n    setIsSessionLoading(true);\n    withValidation(sdk?.refresh)(undefined, true).then(() => {\n      setIsSessionLoading(false);\n    });\n  }, [sdk]);\n\n  const fetchUser = useCallback(() => {\n    // We want that the user will fetched only once\n    if (isUserFetched.current) return;\n    isUserFetched.current = true;\n\n    setIsUserLoading(true);\n    withValidation(sdk.me)().then(() => {\n      setIsUserLoading(false);\n    });\n  }, [sdk]);\n\n  const value = useMemo<IContext>(\n    () => ({\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched: isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched: isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      storeLastAuthenticatedUser,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    }),\n    [\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    ],\n  );\n  return <Context.Provider value={value}>{children}</Context.Provider>;\n};\n\nexport default AuthProvider;\n"],"names":["projectId","baseUrl","baseStaticUrl","baseCdnUrl","sessionTokenViaCookie","refreshTokenViaCookie","hooks","persistTokens","autoRefresh","oidcConfig","storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout","refreshCookieName","getExternalToken","customStorage","children","user","setUser","useState","session","setSession","claims","setClaims","isAuthenticated","setIsAuthenticated","isUserLoading","setIsUserLoading","isSessionLoading","setIsSessionLoading","isOidcLoading","setIsOidcLoading","isOidcFinishedLogin","useRef","sdk","useSdk","useEffect","unsubscribeSessionToken","onSessionTokenChange","unsubscribeUser","onUserChange","unsubscribeIsAuthenticated","onIsAuthenticatedChange","unsubscribeClaims","onClaimsChange","isSessionFetched","isUserFetched","current","oidc","finishLoginIfNeed","finally","fetchSession","useCallback","isDescopeBridge","withValidation","refresh","undefined","then","fetchUser","me","value","useMemo","React","default","createElement","Context","Provider"],"mappings":"kQAyD6C,EAC3CA,YACAC,UAAU,GACVC,gBAAgB,GAChBC,aAAa,GACbC,yBAAwB,EACxBC,yBAAwB,EACxBC,QACAC,iBAAgB,EAChBC,eAAc,EACdC,aACAC,8BAA6B,EAC7BC,wCAAuC,EACvCC,oBAAoB,GACpBC,mBACAC,gBACAC,eAEA,MAAOC,EAAMC,GAAWC,EAAQA,YACzBC,EAASC,GAAcF,EAAQA,YAC/BG,EAAQC,GAAaJ,EAAQA,YAC7BK,EAAiBC,GAAsBN,EAAQA,UAAC,IAEhDO,EAAeC,GAAoBR,EAAQA,UAAC,IAC5CS,EAAkBC,GAAuBV,EAAQA,UAAC,IAGlDW,EAAeC,GAAoBZ,EAAAA,WAAWT,GAC/CsB,EAAsBC,UAAO,GAE7BC,EAAMC,EAAAA,QAAO,CACjBlC,YACAC,UACAM,gBACAC,cACAJ,wBACAC,wBACAC,QACAG,aACAC,6BACAC,uCACAC,oBACAC,mBACAC,kBAGFqB,EAAAA,WAAU,KACR,GAAIF,EAAK,CACP,MAAMG,EAA0BH,EAAII,qBAAqBjB,GACnDkB,EAAkBL,EAAIM,aAAatB,GACnCuB,EACJP,EAAIQ,wBAAwBjB,GACxBkB,EAAoBT,EAAIU,eAAerB,GAE7C,MAAO,KACLc,IACAE,IACAE,IACAE,GAAmB,CAEtB,CACe,GACf,CAACT,IAEJ,MAAMW,EAAmBZ,UAAO,GAC1Ba,EAAgBb,UAAO,GAI7BG,EAAAA,WAAU,KACJF,GAAOxB,IAAesB,EAAoBe,UAC5Cf,EAAoBe,SAAU,EAC9Bb,EAAIc,KAAKC,oBAAoBC,SAAQ,KACnCnB,GAAiB,GAEjBc,EAAiBE,SAAU,CAAI,IAElC,GACA,IAEH,MAAMI,EAAeC,EAAAA,aAAY,KAE3BC,qBAGAR,EAAiBE,UACrBF,EAAiBE,SAAU,EAE3BlB,GAAoB,GACpByB,EAAAA,eAAepB,aAAA,EAAAA,EAAKqB,QAApBD,MAA6BE,GAAW,GAAMC,MAAK,KACjD5B,GAAoB,EAAM,IAC1B,GACD,CAACK,IAEEwB,EAAYN,EAAAA,aAAY,KAExBN,EAAcC,UAClBD,EAAcC,SAAU,EAExBpB,GAAiB,GACjB2B,EAAAA,eAAepB,EAAIyB,GAAnBL,GAAyBG,MAAK,KAC5B9B,GAAiB,EAAM,IACvB,GACD,CAACO,IAEE0B,EAAQC,EAAAA,SACZ,KAAO,CACLH,YACAzC,OACAS,gBACAoB,cAAeA,EAAcC,QAC7BI,eACA/B,UACAI,kBACAI,mBACAE,gBACAe,iBAAkBA,EAAiBE,QACnC9C,YACAC,UACAC,gBACAC,aACAO,6BACAC,uCACAC,oBACAE,gBACAG,UACAG,aACAI,qBACAH,SACAY,SAEF,CACEwB,EACAzC,EACAS,EACAoB,EAAcC,QACdI,EACA/B,EACAI,EACAI,EACAE,EACAe,EAAiBE,QACjB9C,EACAC,EACAC,EACAC,EACAQ,EACAC,EACAE,EACAG,EACAG,EACAI,EACAH,EACAY,IAGJ,OAAO4B,EAAAC,QAAAC,cAACC,UAAQC,SAAQ,CAACN,MAAOA,GAAQ5C,EAA4B"}
+{"version":3,"file":"AuthProvider.js","sources":["../../../../src/components/AuthProvider/AuthProvider.tsx"],"sourcesContent":["import React, {\n  FC,\n  useCallback,\n  useEffect,\n  useMemo,\n  useRef,\n  useState,\n} from 'react';\nimport {\n  CookieConfig,\n  OidcConfig,\n  AutoRefreshConfig,\n} from '@descope/web-js-sdk';\nimport { Claims } from '@descope/core-js-sdk';\nimport { CustomStorage } from '@descope/web-component';\nimport Context from '../../hooks/Context';\nimport { IContext, User } from '../../types';\nimport { isDescopeBridge, withValidation } from '../../utils';\nimport useSdk from './useSdk';\n\ntype Hooks = Parameters<typeof useSdk>[0]['hooks'];\n\ninterface IAuthProviderProps {\n  projectId: string;\n  baseUrl?: string;\n  // allows to override the base URL that is used to fetch static files\n  baseStaticUrl?: string;\n  // allows to override the base URL that is used to fetch external script files\n  baseCdnUrl?: string;\n  // Default is true. If true, tokens will be stored on local storage and can accessed with getToken function\n  persistTokens?: boolean;\n  // Default is true. If true, the SDK will automatically refresh the session token when it is about to expire.\n  // Pass `{ customActivityTracking: true }` to skip refresh for idle users — you must call `sdk.markUserActive()` to signal activity.\n  autoRefresh?: AutoRefreshConfig;\n  // If true, session token (jwt) will be stored on cookie. Otherwise, the session token will be\n  // stored on local storage and can accessed with getSessionToken function\n  // Use this option if session token will stay small (less than 1k)\n  // NOTE: Session token can grow, especially in cases of using authorization, or adding custom claims\n  sessionTokenViaCookie?: CookieConfig;\n  // If true, refresh token will be stored on cookie. Otherwise, the refresh token will be\n  // stored on local storage and can be accessed with getRefreshToken function\n  // Use this option if you need server-side access to the refresh token (e.g., in Next.js middleware)\n  // to enable refreshing sessions on the server before they expire\n  refreshTokenViaCookie?: CookieConfig;\n  hooks?: Hooks;\n  // If truthy he SDK refresh and logout functions will use the OIDC client\n  // Accepts boolean or OIDC configuration\n  oidcConfig?: OidcConfig;\n  // Default is true. If true, last authenticated user will be stored on local storage and can accessed with getUser function\n  storeLastAuthenticatedUser?: boolean;\n  // If true, last authenticated user will not be removed after logout\n  keepLastAuthenticatedUserAfterLogout?: boolean;\n  // Use this option if the authentication is done via cookie, and configured with a different name\n  // Currently, this is done using Descope Flows\n  refreshCookieName?: string;\n  // Function to get external token, for seamless migration from external system\n  getExternalToken?: () => Promise<string>;\n  // Custom storage object for authentication related data\n  customStorage?: CustomStorage;\n  children?: React.ReactNode;\n}\n\nconst AuthProvider: FC<IAuthProviderProps> = ({\n  projectId,\n  baseUrl = '',\n  baseStaticUrl = '',\n  baseCdnUrl = '',\n  sessionTokenViaCookie = false,\n  refreshTokenViaCookie = false,\n  hooks = undefined,\n  persistTokens = true,\n  autoRefresh = true,\n  oidcConfig = undefined,\n  storeLastAuthenticatedUser = true,\n  keepLastAuthenticatedUserAfterLogout = false,\n  refreshCookieName = '',\n  getExternalToken = undefined,\n  customStorage = undefined,\n  children = undefined,\n}) => {\n  const [user, setUser] = useState<User>();\n  const [session, setSession] = useState<string>();\n  const [claims, setClaims] = useState<Claims>();\n  const [isAuthenticated, setIsAuthenticated] = useState(false);\n\n  const [isUserLoading, setIsUserLoading] = useState(false);\n  const [isSessionLoading, setIsSessionLoading] = useState(false);\n\n  // if oidc config is enabled, we attempt to finish the login, so we start as loading\n  const [isOidcLoading, setIsOidcLoading] = useState(!!oidcConfig);\n  const isOidcFinishedLogin = useRef(false);\n\n  const sdk = useSdk({\n    projectId,\n    baseUrl,\n    persistTokens,\n    autoRefresh,\n    sessionTokenViaCookie,\n    refreshTokenViaCookie,\n    hooks,\n    oidcConfig,\n    storeLastAuthenticatedUser,\n    keepLastAuthenticatedUserAfterLogout,\n    refreshCookieName,\n    getExternalToken,\n    customStorage,\n  });\n\n  useEffect(() => {\n    if (sdk) {\n      const unsubscribeSessionToken = sdk.onSessionTokenChange(setSession);\n      const unsubscribeUser = sdk.onUserChange(setUser);\n      const unsubscribeIsAuthenticated =\n        sdk.onIsAuthenticatedChange(setIsAuthenticated);\n      const unsubscribeClaims = sdk.onClaimsChange(setClaims);\n\n      return () => {\n        unsubscribeSessionToken();\n        unsubscribeUser();\n        unsubscribeIsAuthenticated();\n        unsubscribeClaims();\n      };\n    }\n    return undefined;\n  }, [sdk]);\n\n  const isSessionFetched = useRef(false);\n  const isUserFetched = useRef(false);\n\n  // if oidc config is enabled, and we have oidc params in the url\n  // we will finish the login (this should run only once)\n  useEffect(() => {\n    if (sdk && oidcConfig && !isOidcFinishedLogin.current) {\n      isOidcFinishedLogin.current = true;\n      sdk.oidc.finishLoginIfNeed().finally(() => {\n        setIsOidcLoading(false);\n        // We want that the session will fetched only once\n        isSessionFetched.current = true;\n      });\n    }\n  }, []);\n\n  const fetchSession = useCallback(() => {\n    // Don't load the session in native flows, though we'd usually not get here at all from useSession in this case\n    if (isDescopeBridge()) return;\n\n    // We want that the session will fetched only once\n    if (isSessionFetched.current) return;\n    isSessionFetched.current = true;\n\n    setIsSessionLoading(true);\n    withValidation(sdk?.refresh)(undefined, true).then(() => {\n      setIsSessionLoading(false);\n    });\n  }, [sdk]);\n\n  const fetchUser = useCallback(() => {\n    // We want that the user will fetched only once\n    if (isUserFetched.current) return;\n    isUserFetched.current = true;\n\n    setIsUserLoading(true);\n    withValidation(sdk.me)().then(() => {\n      setIsUserLoading(false);\n    });\n  }, [sdk]);\n\n  const value = useMemo<IContext>(\n    () => ({\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched: isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched: isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      storeLastAuthenticatedUser,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    }),\n    [\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    ],\n  );\n  return <Context.Provider value={value}>{children}</Context.Provider>;\n};\n\nexport default AuthProvider;\n"],"names":["projectId","baseUrl","baseStaticUrl","baseCdnUrl","sessionTokenViaCookie","refreshTokenViaCookie","hooks","persistTokens","autoRefresh","oidcConfig","storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout","refreshCookieName","getExternalToken","customStorage","children","user","setUser","useState","session","setSession","claims","setClaims","isAuthenticated","setIsAuthenticated","isUserLoading","setIsUserLoading","isSessionLoading","setIsSessionLoading","isOidcLoading","setIsOidcLoading","isOidcFinishedLogin","useRef","sdk","useSdk","useEffect","unsubscribeSessionToken","onSessionTokenChange","unsubscribeUser","onUserChange","unsubscribeIsAuthenticated","onIsAuthenticatedChange","unsubscribeClaims","onClaimsChange","isSessionFetched","isUserFetched","current","oidc","finishLoginIfNeed","finally","fetchSession","useCallback","isDescopeBridge","withValidation","refresh","undefined","then","fetchUser","me","value","useMemo","React","default","createElement","Context","Provider"],"mappings":"kQA8D6C,EAC3CA,YACAC,UAAU,GACVC,gBAAgB,GAChBC,aAAa,GACbC,yBAAwB,EACxBC,yBAAwB,EACxBC,QACAC,iBAAgB,EAChBC,eAAc,EACdC,aACAC,8BAA6B,EAC7BC,wCAAuC,EACvCC,oBAAoB,GACpBC,mBACAC,gBACAC,eAEA,MAAOC,EAAMC,GAAWC,EAAQA,YACzBC,EAASC,GAAcF,EAAQA,YAC/BG,EAAQC,GAAaJ,EAAQA,YAC7BK,EAAiBC,GAAsBN,EAAQA,UAAC,IAEhDO,EAAeC,GAAoBR,EAAQA,UAAC,IAC5CS,EAAkBC,GAAuBV,EAAQA,UAAC,IAGlDW,EAAeC,GAAoBZ,EAAAA,WAAWT,GAC/CsB,EAAsBC,UAAO,GAE7BC,EAAMC,EAAAA,QAAO,CACjBlC,YACAC,UACAM,gBACAC,cACAJ,wBACAC,wBACAC,QACAG,aACAC,6BACAC,uCACAC,oBACAC,mBACAC,kBAGFqB,EAAAA,WAAU,KACR,GAAIF,EAAK,CACP,MAAMG,EAA0BH,EAAII,qBAAqBjB,GACnDkB,EAAkBL,EAAIM,aAAatB,GACnCuB,EACJP,EAAIQ,wBAAwBjB,GACxBkB,EAAoBT,EAAIU,eAAerB,GAE7C,MAAO,KACLc,IACAE,IACAE,IACAE,GAAmB,CAEtB,CACe,GACf,CAACT,IAEJ,MAAMW,EAAmBZ,UAAO,GAC1Ba,EAAgBb,UAAO,GAI7BG,EAAAA,WAAU,KACJF,GAAOxB,IAAesB,EAAoBe,UAC5Cf,EAAoBe,SAAU,EAC9Bb,EAAIc,KAAKC,oBAAoBC,SAAQ,KACnCnB,GAAiB,GAEjBc,EAAiBE,SAAU,CAAI,IAElC,GACA,IAEH,MAAMI,EAAeC,EAAAA,aAAY,KAE3BC,qBAGAR,EAAiBE,UACrBF,EAAiBE,SAAU,EAE3BlB,GAAoB,GACpByB,EAAAA,eAAepB,aAAA,EAAAA,EAAKqB,QAApBD,MAA6BE,GAAW,GAAMC,MAAK,KACjD5B,GAAoB,EAAM,IAC1B,GACD,CAACK,IAEEwB,EAAYN,EAAAA,aAAY,KAExBN,EAAcC,UAClBD,EAAcC,SAAU,EAExBpB,GAAiB,GACjB2B,EAAAA,eAAepB,EAAIyB,GAAnBL,GAAyBG,MAAK,KAC5B9B,GAAiB,EAAM,IACvB,GACD,CAACO,IAEE0B,EAAQC,EAAAA,SACZ,KAAO,CACLH,YACAzC,OACAS,gBACAoB,cAAeA,EAAcC,QAC7BI,eACA/B,UACAI,kBACAI,mBACAE,gBACAe,iBAAkBA,EAAiBE,QACnC9C,YACAC,UACAC,gBACAC,aACAO,6BACAC,uCACAC,oBACAE,gBACAG,UACAG,aACAI,qBACAH,SACAY,SAEF,CACEwB,EACAzC,EACAS,EACAoB,EAAcC,QACdI,EACA/B,EACAI,EACAI,EACAE,EACAe,EAAiBE,QACjB9C,EACAC,EACAC,EACAC,EACAQ,EACAC,EACAE,EACAG,EACAG,EACAI,EACAH,EACAY,IAGJ,OAAO4B,EAAAC,QAAAC,cAACC,UAAQC,SAAQ,CAACN,MAAOA,GAAQ5C,EAA4B"}

package/dist/cjs/constants.js

@@ -1,2 +1,2 @@
-"use strict";const e="undefined"!=typeof window;exports.IS_BROWSER=e,exports.baseHeaders={"x-descope-sdk-name":"react","x-descope-sdk-version":"2.26.7"};
+"use strict";const e="undefined"!=typeof window;exports.IS_BROWSER=e,exports.baseHeaders={"x-descope-sdk-name":"react","x-descope-sdk-version":"2.27.0"};
 //# sourceMappingURL=constants.js.map

package/dist/esm/components/AuthProvider/AuthProvider.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthProvider.js","sources":["../../../../src/components/AuthProvider/AuthProvider.tsx"],"sourcesContent":["import React, {\n  FC,\n  useCallback,\n  useEffect,\n  useMemo,\n  useRef,\n  useState,\n} from 'react';\nimport { CookieConfig, OidcConfig } from '@descope/web-js-sdk';\nimport { Claims } from '@descope/core-js-sdk';\nimport { CustomStorage } from '@descope/web-component';\nimport Context from '../../hooks/Context';\nimport { IContext, User } from '../../types';\nimport { isDescopeBridge, withValidation } from '../../utils';\nimport useSdk from './useSdk';\n\ntype Hooks = Parameters<typeof useSdk>[0]['hooks'];\n\ninterface IAuthProviderProps {\n  projectId: string;\n  baseUrl?: string;\n  // allows to override the base URL that is used to fetch static files\n  baseStaticUrl?: string;\n  // allows to override the base URL that is used to fetch external script files\n  baseCdnUrl?: string;\n  // Default is true. If true, tokens will be stored on local storage and can accessed with getToken function\n  persistTokens?: boolean;\n  // Default is true. If true, the SDK will automatically refresh the session token when it is about to expire\n  autoRefresh?: boolean;\n  // If true, session token (jwt) will be stored on cookie. Otherwise, the session token will be\n  // stored on local storage and can accessed with getSessionToken function\n  // Use this option if session token will stay small (less than 1k)\n  // NOTE: Session token can grow, especially in cases of using authorization, or adding custom claims\n  sessionTokenViaCookie?: CookieConfig;\n  // If true, refresh token will be stored on cookie. Otherwise, the refresh token will be\n  // stored on local storage and can be accessed with getRefreshToken function\n  // Use this option if you need server-side access to the refresh token (e.g., in Next.js middleware)\n  // to enable refreshing sessions on the server before they expire\n  refreshTokenViaCookie?: CookieConfig;\n  hooks?: Hooks;\n  // If truthy he SDK refresh and logout functions will use the OIDC client\n  // Accepts boolean or OIDC configuration\n  oidcConfig?: OidcConfig;\n  // Default is true. If true, last authenticated user will be stored on local storage and can accessed with getUser function\n  storeLastAuthenticatedUser?: boolean;\n  // If true, last authenticated user will not be removed after logout\n  keepLastAuthenticatedUserAfterLogout?: boolean;\n  // Use this option if the authentication is done via cookie, and configured with a different name\n  // Currently, this is done using Descope Flows\n  refreshCookieName?: string;\n  // Function to get external token, for seamless migration from external system\n  getExternalToken?: () => Promise<string>;\n  // Custom storage object for authentication related data\n  customStorage?: CustomStorage;\n  children?: React.ReactNode;\n}\n\nconst AuthProvider: FC<IAuthProviderProps> = ({\n  projectId,\n  baseUrl = '',\n  baseStaticUrl = '',\n  baseCdnUrl = '',\n  sessionTokenViaCookie = false,\n  refreshTokenViaCookie = false,\n  hooks = undefined,\n  persistTokens = true,\n  autoRefresh = true,\n  oidcConfig = undefined,\n  storeLastAuthenticatedUser = true,\n  keepLastAuthenticatedUserAfterLogout = false,\n  refreshCookieName = '',\n  getExternalToken = undefined,\n  customStorage = undefined,\n  children = undefined,\n}) => {\n  const [user, setUser] = useState<User>();\n  const [session, setSession] = useState<string>();\n  const [claims, setClaims] = useState<Claims>();\n  const [isAuthenticated, setIsAuthenticated] = useState(false);\n\n  const [isUserLoading, setIsUserLoading] = useState(false);\n  const [isSessionLoading, setIsSessionLoading] = useState(false);\n\n  // if oidc config is enabled, we attempt to finish the login, so we start as loading\n  const [isOidcLoading, setIsOidcLoading] = useState(!!oidcConfig);\n  const isOidcFinishedLogin = useRef(false);\n\n  const sdk = useSdk({\n    projectId,\n    baseUrl,\n    persistTokens,\n    autoRefresh,\n    sessionTokenViaCookie,\n    refreshTokenViaCookie,\n    hooks,\n    oidcConfig,\n    storeLastAuthenticatedUser,\n    keepLastAuthenticatedUserAfterLogout,\n    refreshCookieName,\n    getExternalToken,\n    customStorage,\n  });\n\n  useEffect(() => {\n    if (sdk) {\n      const unsubscribeSessionToken = sdk.onSessionTokenChange(setSession);\n      const unsubscribeUser = sdk.onUserChange(setUser);\n      const unsubscribeIsAuthenticated =\n        sdk.onIsAuthenticatedChange(setIsAuthenticated);\n      const unsubscribeClaims = sdk.onClaimsChange(setClaims);\n\n      return () => {\n        unsubscribeSessionToken();\n        unsubscribeUser();\n        unsubscribeIsAuthenticated();\n        unsubscribeClaims();\n      };\n    }\n    return undefined;\n  }, [sdk]);\n\n  const isSessionFetched = useRef(false);\n  const isUserFetched = useRef(false);\n\n  // if oidc config is enabled, and we have oidc params in the url\n  // we will finish the login (this should run only once)\n  useEffect(() => {\n    if (sdk && oidcConfig && !isOidcFinishedLogin.current) {\n      isOidcFinishedLogin.current = true;\n      sdk.oidc.finishLoginIfNeed().finally(() => {\n        setIsOidcLoading(false);\n        // We want that the session will fetched only once\n        isSessionFetched.current = true;\n      });\n    }\n  }, []);\n\n  const fetchSession = useCallback(() => {\n    // Don't load the session in native flows, though we'd usually not get here at all from useSession in this case\n    if (isDescopeBridge()) return;\n\n    // We want that the session will fetched only once\n    if (isSessionFetched.current) return;\n    isSessionFetched.current = true;\n\n    setIsSessionLoading(true);\n    withValidation(sdk?.refresh)(undefined, true).then(() => {\n      setIsSessionLoading(false);\n    });\n  }, [sdk]);\n\n  const fetchUser = useCallback(() => {\n    // We want that the user will fetched only once\n    if (isUserFetched.current) return;\n    isUserFetched.current = true;\n\n    setIsUserLoading(true);\n    withValidation(sdk.me)().then(() => {\n      setIsUserLoading(false);\n    });\n  }, [sdk]);\n\n  const value = useMemo<IContext>(\n    () => ({\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched: isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched: isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      storeLastAuthenticatedUser,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    }),\n    [\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    ],\n  );\n  return <Context.Provider value={value}>{children}</Context.Provider>;\n};\n\nexport default AuthProvider;\n"],"names":["AuthProvider","projectId","baseUrl","baseStaticUrl","baseCdnUrl","sessionTokenViaCookie","refreshTokenViaCookie","hooks","persistTokens","autoRefresh","oidcConfig","storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout","refreshCookieName","getExternalToken","customStorage","children","user","setUser","useState","session","setSession","claims","setClaims","isAuthenticated","setIsAuthenticated","isUserLoading","setIsUserLoading","isSessionLoading","setIsSessionLoading","isOidcLoading","setIsOidcLoading","isOidcFinishedLogin","useRef","sdk","useSdk","useEffect","unsubscribeSessionToken","onSessionTokenChange","unsubscribeUser","onUserChange","unsubscribeIsAuthenticated","onIsAuthenticatedChange","unsubscribeClaims","onClaimsChange","isSessionFetched","isUserFetched","current","oidc","finishLoginIfNeed","finally","fetchSession","useCallback","isDescopeBridge","withValidation","refresh","undefined","then","fetchUser","me","value","useMemo","React","createElement","Context","Provider"],"mappings":"mOAyDA,MAAMA,EAAuC,EAC3CC,YACAC,UAAU,GACVC,gBAAgB,GAChBC,aAAa,GACbC,yBAAwB,EACxBC,yBAAwB,EACxBC,QACAC,iBAAgB,EAChBC,eAAc,EACdC,aACAC,8BAA6B,EAC7BC,wCAAuC,EACvCC,oBAAoB,GACpBC,mBACAC,gBACAC,eAEA,MAAOC,EAAMC,GAAWC,KACjBC,EAASC,GAAcF,KACvBG,EAAQC,GAAaJ,KACrBK,EAAiBC,GAAsBN,GAAS,IAEhDO,EAAeC,GAAoBR,GAAS,IAC5CS,EAAkBC,GAAuBV,GAAS,IAGlDW,EAAeC,GAAoBZ,IAAWT,GAC/CsB,EAAsBC,GAAO,GAE7BC,EAAMC,EAAO,CACjBlC,YACAC,UACAM,gBACAC,cACAJ,wBACAC,wBACAC,QACAG,aACAC,6BACAC,uCACAC,oBACAC,mBACAC,kBAGFqB,GAAU,KACR,GAAIF,EAAK,CACP,MAAMG,EAA0BH,EAAII,qBAAqBjB,GACnDkB,EAAkBL,EAAIM,aAAatB,GACnCuB,EACJP,EAAIQ,wBAAwBjB,GACxBkB,EAAoBT,EAAIU,eAAerB,GAE7C,MAAO,KACLc,IACAE,IACAE,IACAE,GAAmB,CAEtB,CACe,GACf,CAACT,IAEJ,MAAMW,EAAmBZ,GAAO,GAC1Ba,EAAgBb,GAAO,GAI7BG,GAAU,KACJF,GAAOxB,IAAesB,EAAoBe,UAC5Cf,EAAoBe,SAAU,EAC9Bb,EAAIc,KAAKC,oBAAoBC,SAAQ,KACnCnB,GAAiB,GAEjBc,EAAiBE,SAAU,CAAI,IAElC,GACA,IAEH,MAAMI,EAAeC,GAAY,KAE3BC,KAGAR,EAAiBE,UACrBF,EAAiBE,SAAU,EAE3BlB,GAAoB,GACpByB,EAAepB,aAAA,EAAAA,EAAKqB,QAApBD,MAA6BE,GAAW,GAAMC,MAAK,KACjD5B,GAAoB,EAAM,IAC1B,GACD,CAACK,IAEEwB,EAAYN,GAAY,KAExBN,EAAcC,UAClBD,EAAcC,SAAU,EAExBpB,GAAiB,GACjB2B,EAAepB,EAAIyB,GAAnBL,GAAyBG,MAAK,KAC5B9B,GAAiB,EAAM,IACvB,GACD,CAACO,IAEE0B,EAAQC,GACZ,KAAO,CACLH,YACAzC,OACAS,gBACAoB,cAAeA,EAAcC,QAC7BI,eACA/B,UACAI,kBACAI,mBACAE,gBACAe,iBAAkBA,EAAiBE,QACnC9C,YACAC,UACAC,gBACAC,aACAO,6BACAC,uCACAC,oBACAE,gBACAG,UACAG,aACAI,qBACAH,SACAY,SAEF,CACEwB,EACAzC,EACAS,EACAoB,EAAcC,QACdI,EACA/B,EACAI,EACAI,EACAE,EACAe,EAAiBE,QACjB9C,EACAC,EACAC,EACAC,EACAQ,EACAC,EACAE,EACAG,EACAG,EACAI,EACAH,EACAY,IAGJ,OAAO4B,EAAAC,cAACC,EAAQC,SAAQ,CAACL,MAAOA,GAAQ5C,EAA4B"}
+{"version":3,"file":"AuthProvider.js","sources":["../../../../src/components/AuthProvider/AuthProvider.tsx"],"sourcesContent":["import React, {\n  FC,\n  useCallback,\n  useEffect,\n  useMemo,\n  useRef,\n  useState,\n} from 'react';\nimport {\n  CookieConfig,\n  OidcConfig,\n  AutoRefreshConfig,\n} from '@descope/web-js-sdk';\nimport { Claims } from '@descope/core-js-sdk';\nimport { CustomStorage } from '@descope/web-component';\nimport Context from '../../hooks/Context';\nimport { IContext, User } from '../../types';\nimport { isDescopeBridge, withValidation } from '../../utils';\nimport useSdk from './useSdk';\n\ntype Hooks = Parameters<typeof useSdk>[0]['hooks'];\n\ninterface IAuthProviderProps {\n  projectId: string;\n  baseUrl?: string;\n  // allows to override the base URL that is used to fetch static files\n  baseStaticUrl?: string;\n  // allows to override the base URL that is used to fetch external script files\n  baseCdnUrl?: string;\n  // Default is true. If true, tokens will be stored on local storage and can accessed with getToken function\n  persistTokens?: boolean;\n  // Default is true. If true, the SDK will automatically refresh the session token when it is about to expire.\n  // Pass `{ customActivityTracking: true }` to skip refresh for idle users — you must call `sdk.markUserActive()` to signal activity.\n  autoRefresh?: AutoRefreshConfig;\n  // If true, session token (jwt) will be stored on cookie. Otherwise, the session token will be\n  // stored on local storage and can accessed with getSessionToken function\n  // Use this option if session token will stay small (less than 1k)\n  // NOTE: Session token can grow, especially in cases of using authorization, or adding custom claims\n  sessionTokenViaCookie?: CookieConfig;\n  // If true, refresh token will be stored on cookie. Otherwise, the refresh token will be\n  // stored on local storage and can be accessed with getRefreshToken function\n  // Use this option if you need server-side access to the refresh token (e.g., in Next.js middleware)\n  // to enable refreshing sessions on the server before they expire\n  refreshTokenViaCookie?: CookieConfig;\n  hooks?: Hooks;\n  // If truthy he SDK refresh and logout functions will use the OIDC client\n  // Accepts boolean or OIDC configuration\n  oidcConfig?: OidcConfig;\n  // Default is true. If true, last authenticated user will be stored on local storage and can accessed with getUser function\n  storeLastAuthenticatedUser?: boolean;\n  // If true, last authenticated user will not be removed after logout\n  keepLastAuthenticatedUserAfterLogout?: boolean;\n  // Use this option if the authentication is done via cookie, and configured with a different name\n  // Currently, this is done using Descope Flows\n  refreshCookieName?: string;\n  // Function to get external token, for seamless migration from external system\n  getExternalToken?: () => Promise<string>;\n  // Custom storage object for authentication related data\n  customStorage?: CustomStorage;\n  children?: React.ReactNode;\n}\n\nconst AuthProvider: FC<IAuthProviderProps> = ({\n  projectId,\n  baseUrl = '',\n  baseStaticUrl = '',\n  baseCdnUrl = '',\n  sessionTokenViaCookie = false,\n  refreshTokenViaCookie = false,\n  hooks = undefined,\n  persistTokens = true,\n  autoRefresh = true,\n  oidcConfig = undefined,\n  storeLastAuthenticatedUser = true,\n  keepLastAuthenticatedUserAfterLogout = false,\n  refreshCookieName = '',\n  getExternalToken = undefined,\n  customStorage = undefined,\n  children = undefined,\n}) => {\n  const [user, setUser] = useState<User>();\n  const [session, setSession] = useState<string>();\n  const [claims, setClaims] = useState<Claims>();\n  const [isAuthenticated, setIsAuthenticated] = useState(false);\n\n  const [isUserLoading, setIsUserLoading] = useState(false);\n  const [isSessionLoading, setIsSessionLoading] = useState(false);\n\n  // if oidc config is enabled, we attempt to finish the login, so we start as loading\n  const [isOidcLoading, setIsOidcLoading] = useState(!!oidcConfig);\n  const isOidcFinishedLogin = useRef(false);\n\n  const sdk = useSdk({\n    projectId,\n    baseUrl,\n    persistTokens,\n    autoRefresh,\n    sessionTokenViaCookie,\n    refreshTokenViaCookie,\n    hooks,\n    oidcConfig,\n    storeLastAuthenticatedUser,\n    keepLastAuthenticatedUserAfterLogout,\n    refreshCookieName,\n    getExternalToken,\n    customStorage,\n  });\n\n  useEffect(() => {\n    if (sdk) {\n      const unsubscribeSessionToken = sdk.onSessionTokenChange(setSession);\n      const unsubscribeUser = sdk.onUserChange(setUser);\n      const unsubscribeIsAuthenticated =\n        sdk.onIsAuthenticatedChange(setIsAuthenticated);\n      const unsubscribeClaims = sdk.onClaimsChange(setClaims);\n\n      return () => {\n        unsubscribeSessionToken();\n        unsubscribeUser();\n        unsubscribeIsAuthenticated();\n        unsubscribeClaims();\n      };\n    }\n    return undefined;\n  }, [sdk]);\n\n  const isSessionFetched = useRef(false);\n  const isUserFetched = useRef(false);\n\n  // if oidc config is enabled, and we have oidc params in the url\n  // we will finish the login (this should run only once)\n  useEffect(() => {\n    if (sdk && oidcConfig && !isOidcFinishedLogin.current) {\n      isOidcFinishedLogin.current = true;\n      sdk.oidc.finishLoginIfNeed().finally(() => {\n        setIsOidcLoading(false);\n        // We want that the session will fetched only once\n        isSessionFetched.current = true;\n      });\n    }\n  }, []);\n\n  const fetchSession = useCallback(() => {\n    // Don't load the session in native flows, though we'd usually not get here at all from useSession in this case\n    if (isDescopeBridge()) return;\n\n    // We want that the session will fetched only once\n    if (isSessionFetched.current) return;\n    isSessionFetched.current = true;\n\n    setIsSessionLoading(true);\n    withValidation(sdk?.refresh)(undefined, true).then(() => {\n      setIsSessionLoading(false);\n    });\n  }, [sdk]);\n\n  const fetchUser = useCallback(() => {\n    // We want that the user will fetched only once\n    if (isUserFetched.current) return;\n    isUserFetched.current = true;\n\n    setIsUserLoading(true);\n    withValidation(sdk.me)().then(() => {\n      setIsUserLoading(false);\n    });\n  }, [sdk]);\n\n  const value = useMemo<IContext>(\n    () => ({\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched: isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched: isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      storeLastAuthenticatedUser,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    }),\n    [\n      fetchUser,\n      user,\n      isUserLoading,\n      isUserFetched.current,\n      fetchSession,\n      session,\n      isAuthenticated,\n      isSessionLoading,\n      isOidcLoading,\n      isSessionFetched.current,\n      projectId,\n      baseUrl,\n      baseStaticUrl,\n      baseCdnUrl,\n      keepLastAuthenticatedUserAfterLogout,\n      refreshCookieName,\n      customStorage,\n      setUser,\n      setSession,\n      setIsAuthenticated,\n      claims,\n      sdk,\n    ],\n  );\n  return <Context.Provider value={value}>{children}</Context.Provider>;\n};\n\nexport default AuthProvider;\n"],"names":["AuthProvider","projectId","baseUrl","baseStaticUrl","baseCdnUrl","sessionTokenViaCookie","refreshTokenViaCookie","hooks","persistTokens","autoRefresh","oidcConfig","storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout","refreshCookieName","getExternalToken","customStorage","children","user","setUser","useState","session","setSession","claims","setClaims","isAuthenticated","setIsAuthenticated","isUserLoading","setIsUserLoading","isSessionLoading","setIsSessionLoading","isOidcLoading","setIsOidcLoading","isOidcFinishedLogin","useRef","sdk","useSdk","useEffect","unsubscribeSessionToken","onSessionTokenChange","unsubscribeUser","onUserChange","unsubscribeIsAuthenticated","onIsAuthenticatedChange","unsubscribeClaims","onClaimsChange","isSessionFetched","isUserFetched","current","oidc","finishLoginIfNeed","finally","fetchSession","useCallback","isDescopeBridge","withValidation","refresh","undefined","then","fetchUser","me","value","useMemo","React","createElement","Context","Provider"],"mappings":"mOA8DA,MAAMA,EAAuC,EAC3CC,YACAC,UAAU,GACVC,gBAAgB,GAChBC,aAAa,GACbC,yBAAwB,EACxBC,yBAAwB,EACxBC,QACAC,iBAAgB,EAChBC,eAAc,EACdC,aACAC,8BAA6B,EAC7BC,wCAAuC,EACvCC,oBAAoB,GACpBC,mBACAC,gBACAC,eAEA,MAAOC,EAAMC,GAAWC,KACjBC,EAASC,GAAcF,KACvBG,EAAQC,GAAaJ,KACrBK,EAAiBC,GAAsBN,GAAS,IAEhDO,EAAeC,GAAoBR,GAAS,IAC5CS,EAAkBC,GAAuBV,GAAS,IAGlDW,EAAeC,GAAoBZ,IAAWT,GAC/CsB,EAAsBC,GAAO,GAE7BC,EAAMC,EAAO,CACjBlC,YACAC,UACAM,gBACAC,cACAJ,wBACAC,wBACAC,QACAG,aACAC,6BACAC,uCACAC,oBACAC,mBACAC,kBAGFqB,GAAU,KACR,GAAIF,EAAK,CACP,MAAMG,EAA0BH,EAAII,qBAAqBjB,GACnDkB,EAAkBL,EAAIM,aAAatB,GACnCuB,EACJP,EAAIQ,wBAAwBjB,GACxBkB,EAAoBT,EAAIU,eAAerB,GAE7C,MAAO,KACLc,IACAE,IACAE,IACAE,GAAmB,CAEtB,CACe,GACf,CAACT,IAEJ,MAAMW,EAAmBZ,GAAO,GAC1Ba,EAAgBb,GAAO,GAI7BG,GAAU,KACJF,GAAOxB,IAAesB,EAAoBe,UAC5Cf,EAAoBe,SAAU,EAC9Bb,EAAIc,KAAKC,oBAAoBC,SAAQ,KACnCnB,GAAiB,GAEjBc,EAAiBE,SAAU,CAAI,IAElC,GACA,IAEH,MAAMI,EAAeC,GAAY,KAE3BC,KAGAR,EAAiBE,UACrBF,EAAiBE,SAAU,EAE3BlB,GAAoB,GACpByB,EAAepB,aAAA,EAAAA,EAAKqB,QAApBD,MAA6BE,GAAW,GAAMC,MAAK,KACjD5B,GAAoB,EAAM,IAC1B,GACD,CAACK,IAEEwB,EAAYN,GAAY,KAExBN,EAAcC,UAClBD,EAAcC,SAAU,EAExBpB,GAAiB,GACjB2B,EAAepB,EAAIyB,GAAnBL,GAAyBG,MAAK,KAC5B9B,GAAiB,EAAM,IACvB,GACD,CAACO,IAEE0B,EAAQC,GACZ,KAAO,CACLH,YACAzC,OACAS,gBACAoB,cAAeA,EAAcC,QAC7BI,eACA/B,UACAI,kBACAI,mBACAE,gBACAe,iBAAkBA,EAAiBE,QACnC9C,YACAC,UACAC,gBACAC,aACAO,6BACAC,uCACAC,oBACAE,gBACAG,UACAG,aACAI,qBACAH,SACAY,SAEF,CACEwB,EACAzC,EACAS,EACAoB,EAAcC,QACdI,EACA/B,EACAI,EACAI,EACAE,EACAe,EAAiBE,QACjB9C,EACAC,EACAC,EACAC,EACAQ,EACAC,EACAE,EACAG,EACAG,EACAI,EACAH,EACAY,IAGJ,OAAO4B,EAAAC,cAACC,EAAQC,SAAQ,CAACL,MAAOA,GAAQ5C,EAA4B"}

package/dist/esm/constants.js

@@ -1,2 +1,2 @@
-const e={"x-descope-sdk-name":"react","x-descope-sdk-version":"2.26.7"},d="undefined"!=typeof window;export{d as IS_BROWSER,e as baseHeaders};
+const e={"x-descope-sdk-name":"react","x-descope-sdk-version":"2.27.0"},d="undefined"!=typeof window;export{d as IS_BROWSER,e as baseHeaders};
 //# sourceMappingURL=constants.js.map

package/dist/index.d.ts

@@ -1,6 +1,6 @@
 import React, { FC, DOMAttributes } from 'react';
 import * as _descope_web_js_sdk from '@descope/web-js-sdk';
-import { CookieConfig, OidcConfig } from '@descope/web-js-sdk';
+import { AutoRefreshConfig, CookieConfig, OidcConfig } from '@descope/web-js-sdk';
 import * as _descope_web_component from '@descope/web-component';
 import _descope_web_component__default, { CustomStorage, ILogger, ThemeOptions, FlowJWTResponse, AutoFocusOptions } from '@descope/web-component';
 export { ILogger } from '@descope/web-component';
@@ -54,9 +54,9 @@ declare const createSdkWrapper: <P extends {
 } & {
     fpKey?: string;
     fpLoad?: boolean;
-} & {
-    autoRefresh?: boolean;
 } & _descope_web_js_sdk.FlowNonceOptions & {
+    autoRefresh?: _descope_web_js_sdk.AutoRefreshConfig;
+} & {
     storeLastAuthenticatedUser?: boolean;
     keepLastAuthenticatedUserAfterLogout?: boolean;
 } & {
@@ -65,7 +65,7 @@ declare const createSdkWrapper: <P extends {
     preview?: boolean;
     sessionTokenViaCookie?: _descope_web_js_sdk.CookieConfig;
     refreshTokenViaCookie?: _descope_web_js_sdk.CookieConfig;
-}>(config: P) => ((({
+}>(config: P) => (((({
     refresh: (token?: string, tryRefresh?: boolean) => Promise<_1.SdkResponse<_1.JWTResponse>>;
     logout: (token?: string) => Promise<_1.SdkResponse<never>>;
     flow: {
@@ -2230,6 +2230,8 @@ declare const createSdkWrapper: <P extends {
     onUserChange: (cb: (data: _1.UserResponse) => void) => () => any[];
     onClaimsChange: (cb: (data: _1.Claims) => void) => () => any[];
     onIsAuthenticatedChange: (cb: (isAuthenticated: boolean) => void) => () => any[];
+}) & {
+    markUserActive: () => void;
 }) & {
     getLastUserLoginId: () => string;
     getLastUserDisplayName: () => string;
@@ -2257,7 +2259,7 @@ interface IAuthProviderProps {
     baseStaticUrl?: string;
     baseCdnUrl?: string;
     persistTokens?: boolean;
-    autoRefresh?: boolean;
+    autoRefresh?: AutoRefreshConfig;
     sessionTokenViaCookie?: CookieConfig;
     refreshTokenViaCookie?: CookieConfig;
     hooks?: Hooks;