npm - @douvery/auth - Versions diffs - 0.2.1 → 0.3.1 - Mend

@douvery/auth 0.2.1 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/qwik/index.js CHANGED Viewed

@@ -1,763 +1,42 @@
 import { createContextId, component$, useSignal, useContextProvider, useVisibleTask$, Slot, useContext, useTask$ } from '@builder.io/qwik';
+import { createDouveryAuth } from '@douvery/auth';
+export { DouveryAuthClient, createDouveryAuth } from '@douvery/auth';
 import { jsx } from '@builder.io/qwik/jsx-runtime';
 // src/qwik/index.tsx
-// src/types.ts
-var AuthError = class extends Error {
-  constructor(code, message, cause) {
-    super(message);
-    this.code = code;
-    this.cause = cause;
-    this.name = "AuthError";
-  }
-};
-// src/pkce.ts
-function generateCodeVerifier(length = 64) {
-  const charset = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
-  const randomValues = crypto.getRandomValues(new Uint8Array(length));
-  return Array.from(randomValues).map((v) => charset[v % charset.length]).join("");
-}
-function generateState() {
-  return generateCodeVerifier(32);
-}
-function generateNonce() {
-  return generateCodeVerifier(32);
-}
-async function generateCodeChallenge(verifier) {
-  const encoder = new TextEncoder();
-  const data = encoder.encode(verifier);
-  const hashBuffer = await crypto.subtle.digest("SHA-256", data);
-  return base64UrlEncode(hashBuffer);
-}
-function base64UrlEncode(buffer) {
-  const bytes = new Uint8Array(buffer);
-  let binary = "";
-  for (let i = 0; i < bytes.length; i++) {
-    binary += String.fromCharCode(bytes[i]);
-  }
-  const base64 = btoa(binary);
-  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}
-function base64UrlDecode(input) {
-  let base64 = input.replace(/-/g, "+").replace(/_/g, "/");
-  const padding = base64.length % 4;
-  if (padding) {
-    base64 += "=".repeat(4 - padding);
-  }
-  const binary = atob(base64);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes.buffer;
-}
-async function generatePKCEPair() {
-  const codeVerifier = generateCodeVerifier();
-  const codeChallenge = await generateCodeChallenge(codeVerifier);
-  return {
-    codeVerifier,
-    codeChallenge,
-    codeChallengeMethod: "S256"
-  };
-}
-function decodeJWT(token) {
-  const parts = token.split(".");
-  if (parts.length !== 3) {
-    throw new Error("Invalid JWT format");
-  }
-  const payload = parts[1];
-  const decoded = base64UrlDecode(payload);
-  const text = new TextDecoder().decode(decoded);
-  return JSON.parse(text);
-}
-function isTokenExpired(token, clockSkew = 60) {
-  try {
-    const payload = decodeJWT(token);
-    if (!payload.exp) {
-      return false;
-    }
-    const now = Math.floor(Date.now() / 1e3);
-    return payload.exp < now - clockSkew;
-  } catch {
-    return true;
-  }
-}
-// src/storage.ts
-var DEFAULT_PREFIX = "douvery_auth";
-var STORAGE_KEYS = {
-  accessToken: `${DEFAULT_PREFIX}_access_token`,
-  refreshToken: `${DEFAULT_PREFIX}_refresh_token`,
-  idToken: `${DEFAULT_PREFIX}_id_token`,
-  expiresAt: `${DEFAULT_PREFIX}_expires_at`,
-  state: `${DEFAULT_PREFIX}_state`,
-  nonce: `${DEFAULT_PREFIX}_nonce`,
-  codeVerifier: `${DEFAULT_PREFIX}_code_verifier`,
-  returnTo: `${DEFAULT_PREFIX}_return_to`
-};
-var MemoryStorage = class {
-  store = /* @__PURE__ */ new Map();
-  get(key) {
-    return this.store.get(key) ?? null;
-  }
-  set(key, value) {
-    this.store.set(key, value);
-  }
-  remove(key) {
-    this.store.delete(key);
-  }
-  clear() {
-    this.store.clear();
-  }
-};
-var LocalStorage = class {
-  get(key) {
-    if (typeof window === "undefined") return null;
-    return localStorage.getItem(key);
-  }
-  set(key, value) {
-    if (typeof window === "undefined") return;
-    localStorage.setItem(key, value);
-  }
-  remove(key) {
-    if (typeof window === "undefined") return;
-    localStorage.removeItem(key);
-  }
-  clear() {
-    if (typeof window === "undefined") return;
-    Object.values(STORAGE_KEYS).forEach((key) => {
-      localStorage.removeItem(key);
-    });
-  }
-};
-var SessionStorage = class {
-  get(key) {
-    if (typeof window === "undefined") return null;
-    return sessionStorage.getItem(key);
-  }
-  set(key, value) {
-    if (typeof window === "undefined") return;
-    sessionStorage.setItem(key, value);
-  }
-  remove(key) {
-    if (typeof window === "undefined") return;
-    sessionStorage.removeItem(key);
-  }
-  clear() {
-    if (typeof window === "undefined") return;
-    Object.values(STORAGE_KEYS).forEach((key) => {
-      sessionStorage.removeItem(key);
+var DouveryAuthContext = createContextId("douvery-auth");
+var DouveryAuthProvider = component$(
+  ({ config }) => {
+    const client = createDouveryAuth(config);
+    const state = useSignal(client.getState());
+    const isInitialized = useSignal(false);
+    const isLoading = useSignal(false);
+    const error = useSignal(null);
+    useContextProvider(DouveryAuthContext, {
+      state,
+      isInitialized,
+      isLoading,
+      error,
+      client
     });
-  }
-};
-var CookieStorage = class {
-  constructor(options = {}) {
-    this.options = options;
-    this.options = { path: "/", secure: true, sameSite: "Lax", ...options };
-  }
-  get(key) {
-    if (typeof document === "undefined") return null;
-    const cookies = document.cookie.split(";");
-    for (const cookie of cookies) {
-      const [name, value] = cookie.trim().split("=");
-      if (name === key) {
-        return decodeURIComponent(value);
-      }
-    }
-    return null;
-  }
-  set(key, value) {
-    if (typeof document === "undefined") return;
-    const parts = [
-      `${key}=${encodeURIComponent(value)}`,
-      `path=${this.options.path}`
-    ];
-    if (this.options.domain) parts.push(`domain=${this.options.domain}`);
-    if (this.options.secure) parts.push("secure");
-    if (this.options.sameSite) parts.push(`samesite=${this.options.sameSite}`);
-    if (this.options.maxAge) parts.push(`max-age=${this.options.maxAge}`);
-    document.cookie = parts.join("; ");
-  }
-  remove(key) {
-    if (typeof document === "undefined") return;
-    document.cookie = `${key}=; path=${this.options.path}; expires=Thu, 01 Jan 1970 00:00:00 GMT`;
-  }
-  clear() {
-    Object.values(STORAGE_KEYS).forEach((key) => this.remove(key));
-  }
-};
-function createStorage(type) {
-  switch (type) {
-    case "localStorage":
-      return new LocalStorage();
-    case "sessionStorage":
-      return new SessionStorage();
-    case "cookie":
-      return new CookieStorage();
-    case "memory":
-    default:
-      return new MemoryStorage();
-  }
-}
-var TokenManager = class {
-  constructor(storage) {
-    this.storage = storage;
-  }
-  async getTokens() {
-    const accessToken = await this.storage.get(STORAGE_KEYS.accessToken);
-    if (!accessToken) return null;
-    const refreshToken = await this.storage.get(STORAGE_KEYS.refreshToken);
-    const idToken = await this.storage.get(STORAGE_KEYS.idToken);
-    const expiresAt = await this.storage.get(STORAGE_KEYS.expiresAt);
-    return {
-      accessToken,
-      refreshToken: refreshToken ?? void 0,
-      idToken: idToken ?? void 0,
-      expiresAt: expiresAt ? parseInt(expiresAt, 10) : 0,
-      tokenType: "Bearer",
-      scope: []
-    };
-  }
-  async setTokens(tokens) {
-    await this.storage.set(STORAGE_KEYS.accessToken, tokens.accessToken);
-    await this.storage.set(STORAGE_KEYS.expiresAt, tokens.expiresAt.toString());
-    if (tokens.refreshToken) {
-      await this.storage.set(STORAGE_KEYS.refreshToken, tokens.refreshToken);
-    }
-    if (tokens.idToken) {
-      await this.storage.set(STORAGE_KEYS.idToken, tokens.idToken);
-    }
-  }
-  async clearTokens() {
-    await this.storage.remove(STORAGE_KEYS.accessToken);
-    await this.storage.remove(STORAGE_KEYS.refreshToken);
-    await this.storage.remove(STORAGE_KEYS.idToken);
-    await this.storage.remove(STORAGE_KEYS.expiresAt);
-  }
-  async saveState(state) {
-    await this.storage.set(STORAGE_KEYS.state, state);
-  }
-  async getState() {
-    return this.storage.get(STORAGE_KEYS.state);
-  }
-  async clearState() {
-    await this.storage.remove(STORAGE_KEYS.state);
-  }
-  async saveNonce(nonce) {
-    await this.storage.set(STORAGE_KEYS.nonce, nonce);
-  }
-  async getNonce() {
-    return this.storage.get(STORAGE_KEYS.nonce);
-  }
-  async clearNonce() {
-    await this.storage.remove(STORAGE_KEYS.nonce);
-  }
-  async saveCodeVerifier(verifier) {
-    await this.storage.set(STORAGE_KEYS.codeVerifier, verifier);
-  }
-  async getCodeVerifier() {
-    return this.storage.get(STORAGE_KEYS.codeVerifier);
-  }
-  async clearCodeVerifier() {
-    await this.storage.remove(STORAGE_KEYS.codeVerifier);
-  }
-  async saveReturnTo(url) {
-    await this.storage.set(STORAGE_KEYS.returnTo, url);
-  }
-  async getReturnTo() {
-    return this.storage.get(STORAGE_KEYS.returnTo);
-  }
-  async clearReturnTo() {
-    await this.storage.remove(STORAGE_KEYS.returnTo);
-  }
-  async clearAll() {
-    await this.storage.clear();
-  }
-};
-// src/client.ts
-var DEFAULT_ISSUER = "https://auth.douvery.com";
-var DEFAULT_SCOPES = ["openid", "profile", "email"];
-var DouveryAuthClient = class {
-  config;
-  tokenManager;
-  discovery = null;
-  eventHandlers = /* @__PURE__ */ new Set();
-  refreshTimer = null;
-  state = {
-    status: "loading",
-    user: null,
-    tokens: null,
-    error: null
-  };
-  constructor(config) {
-    this.config = {
-      issuer: DEFAULT_ISSUER,
-      scopes: DEFAULT_SCOPES,
-      storage: "localStorage",
-      autoRefresh: true,
-      refreshThreshold: 60,
-      debug: false,
-      ...config
-    };
-    const storage = config.customStorage ?? createStorage(this.config.storage ?? "localStorage");
-    this.tokenManager = new TokenManager(storage);
-  }
-  /** Initialize the auth client */
-  async initialize() {
-    this.log("Initializing auth client...");
-    try {
-      if (this.isCallback()) {
-        this.log("Handling OAuth callback...");
-        const result = await this.handleCallback();
-        if (result.success && result.user && result.tokens) {
-          this.updateState({
-            status: "authenticated",
-            user: result.user,
-            tokens: result.tokens,
-            error: null
-          });
-          this.setupAutoRefresh();
-        } else {
-          this.updateState({
-            status: "unauthenticated",
-            user: null,
-            tokens: null,
-            error: result.error ?? null
-          });
-        }
-      } else {
-        const tokens = await this.tokenManager.getTokens();
-        if (tokens && tokens.accessToken) {
-          if (!isTokenExpired(tokens.accessToken)) {
-            this.log("Found valid existing session");
-            const user = await this.fetchUser(tokens.accessToken);
-            this.updateState({
-              status: "authenticated",
-              user,
-              tokens,
-              error: null
-            });
-            this.setupAutoRefresh();
-          } else if (tokens.refreshToken) {
-            this.log("Access token expired, attempting refresh...");
-            await this.refreshTokens();
-          } else {
-            this.log("Session expired, no refresh token");
-            await this.tokenManager.clearTokens();
-            this.updateState({
-              status: "unauthenticated",
-              user: null,
-              tokens: null,
-              error: null
-            });
-          }
-        } else {
-          this.log("No existing session found");
-          this.updateState({
-            status: "unauthenticated",
-            user: null,
-            tokens: null,
-            error: null
-          });
-        }
-      }
-      this.emit({ type: "INITIALIZED" });
-    } catch (error) {
-      this.log("Initialization error:", error);
-      this.updateState({
-        status: "unauthenticated",
-        user: null,
-        tokens: null,
-        error: error instanceof AuthError ? error : new AuthError(
-          "unknown_error",
-          "Initialization failed",
-          error
-        )
-      });
-    }
-    return this.state;
-  }
-  /** Start the login flow */
-  async login(options = {}) {
-    this.log("Starting login flow...");
-    this.emit({ type: "LOGIN_STARTED" });
-    try {
-      const discovery = await this.getDiscovery();
-      const pkce = await generatePKCEPair();
-      const state = generateState();
-      const nonce = generateNonce();
-      await this.tokenManager.saveState(state);
-      await this.tokenManager.saveNonce(nonce);
-      await this.tokenManager.saveCodeVerifier(pkce.codeVerifier);
-      if (options.returnTo) {
-        await this.tokenManager.saveReturnTo(options.returnTo);
-      }
-      const params = new URLSearchParams({
-        response_type: "code",
-        client_id: this.config.clientId,
-        redirect_uri: this.config.redirectUri,
-        scope: this.config.scopes.join(" "),
-        state,
-        nonce,
-        code_challenge: pkce.codeChallenge,
-        code_challenge_method: pkce.codeChallengeMethod,
-        ...options.authorizationParams
-      });
-      if (options.prompt) params.set("prompt", options.prompt);
-      if (options.loginHint) params.set("login_hint", options.loginHint);
-      if (options.uiLocales) params.set("ui_locales", options.uiLocales);
-      if (options.maxAge !== void 0)
-        params.set("max_age", options.maxAge.toString());
-      if (options.acrValues) params.set("acr_values", options.acrValues);
-      const authUrl = `${discovery.authorization_endpoint}?${params}`;
-      this.log("Redirecting to:", authUrl);
-      window.location.href = authUrl;
-    } catch (error) {
-      const authError = error instanceof AuthError ? error : new AuthError(
-        "configuration_error",
-        "Login failed",
-        error
-      );
-      this.emit({ type: "LOGIN_ERROR", error: authError });
-      throw authError;
-    }
-  }
-  /** Logout the user */
-  async logout(options = {}) {
-    this.log("Starting logout...");
-    this.emit({ type: "LOGOUT_STARTED" });
-    try {
-      await this.tokenManager.clearAll();
-      this.clearAutoRefresh();
-      this.updateState({
-        status: "unauthenticated",
-        user: null,
-        tokens: null,
-        error: null
+    useVisibleTask$(() => {
+      client.initialize().then(() => {
+        isInitialized.value = true;
+        state.value = client.getState();
+      }).catch((err) => {
+        error.value = err instanceof Error ? err : new Error(String(err));
       });
-      if (options.localOnly) {
-        this.emit({ type: "LOGOUT_SUCCESS" });
-        return;
-      }
-      if (options.federated !== false) {
-        const discovery = await this.getDiscovery();
-        if (discovery.end_session_endpoint) {
-          const params = new URLSearchParams();
-          if (this.state.tokens?.idToken) {
-            params.set("id_token_hint", this.state.tokens.idToken);
-          }
-          if (options.returnTo || this.config.postLogoutRedirectUri) {
-            params.set(
-              "post_logout_redirect_uri",
-              options.returnTo || this.config.postLogoutRedirectUri
-            );
-          }
-          params.set("client_id", this.config.clientId);
-          const logoutUrl = `${discovery.end_session_endpoint}?${params}`;
-          this.log("Redirecting to logout:", logoutUrl);
-          window.location.href = logoutUrl;
-          return;
+      const unsubscribe = client.subscribe((event) => {
+        state.value = client.getState();
+        if (event.type === "LOGIN_ERROR" || event.type === "LOGOUT_ERROR" || event.type === "TOKEN_REFRESH_ERROR") {
+          error.value = event.error;
         }
-      }
-      this.emit({ type: "LOGOUT_SUCCESS" });
-      if (options.returnTo) {
-        window.location.href = options.returnTo;
-      }
-    } catch (error) {
-      const authError = error instanceof AuthError ? error : new AuthError("unknown_error", "Logout failed", error);
-      this.emit({ type: "LOGOUT_ERROR", error: authError });
-      throw authError;
-    }
-  }
-  /** Check if current URL is an OAuth callback */
-  isCallback() {
-    if (typeof window === "undefined") return false;
-    const params = new URLSearchParams(window.location.search);
-    return params.has("code") || params.has("error");
-  }
-  /** Handle the OAuth callback */
-  async handleCallback() {
-    this.log("Processing callback...");
-    if (typeof window === "undefined") {
-      return {
-        success: false,
-        error: new AuthError(
-          "configuration_error",
-          "Cannot handle callback on server"
-        )
-      };
-    }
-    const params = new URLSearchParams(window.location.search);
-    const code = params.get("code");
-    const stateParam = params.get("state");
-    const errorParam = params.get("error");
-    const errorDescription = params.get("error_description");
-    if (errorParam) {
-      const error = new AuthError(
-        errorParam,
-        errorDescription ?? "Authorization failed"
-      );
-      return { success: false, error };
-    }
-    const savedState = await this.tokenManager.getState();
-    if (!stateParam || stateParam !== savedState) {
-      return {
-        success: false,
-        error: new AuthError("state_mismatch", "State parameter mismatch")
-      };
-    }
-    if (!code) {
-      return {
-        success: false,
-        error: new AuthError(
-          "invalid_request",
-          "No authorization code received"
-        )
-      };
-    }
-    const codeVerifier = await this.tokenManager.getCodeVerifier();
-    if (!codeVerifier) {
-      return {
-        success: false,
-        error: new AuthError("pkce_error", "No code verifier found")
-      };
-    }
-    try {
-      const tokens = await this.exchangeCode(code, codeVerifier);
-      await this.tokenManager.setTokens(tokens);
-      const user = await this.fetchUser(tokens.accessToken);
-      const returnTo = await this.tokenManager.getReturnTo();
-      await this.tokenManager.clearState();
-      await this.tokenManager.clearNonce();
-      await this.tokenManager.clearCodeVerifier();
-      await this.tokenManager.clearReturnTo();
-      window.history.replaceState({}, "", window.location.pathname);
-      this.emit({ type: "LOGIN_SUCCESS", user, tokens });
-      return { success: true, user, tokens, returnTo: returnTo ?? void 0 };
-    } catch (error) {
-      const authError = error instanceof AuthError ? error : new AuthError(
-        "invalid_grant",
-        "Token exchange failed",
-        error
-      );
-      this.emit({ type: "LOGIN_ERROR", error: authError });
-      return { success: false, error: authError };
-    }
-  }
-  async exchangeCode(code, codeVerifier) {
-    const discovery = await this.getDiscovery();
-    const response = await fetch(discovery.token_endpoint, {
-      method: "POST",
-      headers: { "Content-Type": "application/x-www-form-urlencoded" },
-      body: new URLSearchParams({
-        grant_type: "authorization_code",
-        code,
-        redirect_uri: this.config.redirectUri,
-        client_id: this.config.clientId,
-        code_verifier: codeVerifier
-      })
-    });
-    if (!response.ok) {
-      const error = await response.json().catch(() => ({}));
-      throw new AuthError(
-        error.error ?? "invalid_grant",
-        error.error_description ?? "Token exchange failed"
-      );
-    }
-    const tokenSet = await response.json();
-    return this.tokenSetToInfo(tokenSet);
-  }
-  /** Refresh the access token */
-  async refreshTokens() {
-    this.log("Refreshing tokens...");
-    const tokens = await this.tokenManager.getTokens();
-    if (!tokens?.refreshToken) {
-      throw new AuthError("token_refresh_failed", "No refresh token available");
-    }
-    const discovery = await this.getDiscovery();
-    const response = await fetch(discovery.token_endpoint, {
-      method: "POST",
-      headers: { "Content-Type": "application/x-www-form-urlencoded" },
-      body: new URLSearchParams({
-        grant_type: "refresh_token",
-        refresh_token: tokens.refreshToken,
-        client_id: this.config.clientId
-      })
-    });
-    if (!response.ok) {
-      const error = await response.json().catch(() => ({}));
-      const authError = new AuthError(
-        error.error ?? "token_refresh_failed",
-        error.error_description ?? "Token refresh failed"
-      );
-      this.emit({ type: "TOKEN_REFRESH_ERROR", error: authError });
-      await this.tokenManager.clearTokens();
-      this.updateState({
-        status: "unauthenticated",
-        user: null,
-        tokens: null,
-        error: authError
       });
-      this.emit({ type: "SESSION_EXPIRED" });
-      throw authError;
-    }
-    const tokenSet = await response.json();
-    const newTokens = this.tokenSetToInfo(tokenSet);
-    await this.tokenManager.setTokens(newTokens);
-    const user = newTokens.idToken ? this.extractUserFromIdToken(newTokens.idToken) : this.state.user;
-    this.updateState({ ...this.state, tokens: newTokens, user });
-    this.emit({ type: "TOKEN_REFRESHED", tokens: newTokens });
-    this.setupAutoRefresh();
-    return newTokens;
-  }
-  /** Get current access token (auto-refreshes if needed) */
-  async getAccessToken() {
-    const tokens = await this.tokenManager.getTokens();
-    if (!tokens) return null;
-    if (isTokenExpired(tokens.accessToken)) {
-      if (tokens.refreshToken) {
-        const newTokens = await this.refreshTokens();
-        return newTokens.accessToken;
-      }
-      return null;
-    }
-    return tokens.accessToken;
-  }
-  tokenSetToInfo(tokenSet) {
-    return {
-      accessToken: tokenSet.access_token,
-      refreshToken: tokenSet.refresh_token,
-      idToken: tokenSet.id_token,
-      expiresAt: Date.now() + tokenSet.expires_in * 1e3,
-      tokenType: tokenSet.token_type,
-      scope: tokenSet.scope?.split(" ") ?? []
-    };
-  }
-  async fetchUser(accessToken) {
-    const discovery = await this.getDiscovery();
-    const response = await fetch(discovery.userinfo_endpoint, {
-      headers: { Authorization: `Bearer ${accessToken}` }
-    });
-    if (!response.ok) {
-      throw new AuthError("invalid_token", "Failed to fetch user info");
-    }
-    const userInfo = await response.json();
-    return this.normalizeUser(userInfo);
-  }
-  extractUserFromIdToken(idToken) {
-    const claims = decodeJWT(idToken);
-    return this.normalizeUser(claims);
-  }
-  normalizeUser(claims) {
-    return {
-      id: claims.sub,
-      email: claims.email,
-      emailVerified: claims.email_verified,
-      name: claims.name,
-      firstName: claims.given_name,
-      lastName: claims.family_name,
-      picture: claims.picture,
-      phoneNumber: claims.phone_number,
-      phoneNumberVerified: claims.phone_number_verified,
-      locale: claims.locale,
-      ...claims
-    };
-  }
-  async getDiscovery() {
-    if (this.discovery) return this.discovery;
-    const discoveryUrl = `${this.config.issuer}/.well-known/openid-configuration`;
-    const response = await fetch(discoveryUrl);
-    if (!response.ok) {
-      throw new AuthError(
-        "configuration_error",
-        "Failed to fetch discovery document"
-      );
-    }
-    this.discovery = await response.json();
-    return this.discovery;
-  }
-  setupAutoRefresh() {
-    if (!this.config.autoRefresh || !this.state.tokens) return;
-    this.clearAutoRefresh();
-    const expiresIn = this.state.tokens.expiresAt - Date.now();
-    const refreshIn = expiresIn - this.config.refreshThreshold * 1e3;
-    if (refreshIn > 0) {
-      this.log(`Scheduling token refresh in ${Math.round(refreshIn / 1e3)}s`);
-      this.refreshTimer = setTimeout(() => {
-        this.refreshTokens().catch(
-          (error) => this.log("Auto-refresh failed:", error)
-        );
-      }, refreshIn);
-    }
-  }
-  clearAutoRefresh() {
-    if (this.refreshTimer) {
-      clearTimeout(this.refreshTimer);
-      this.refreshTimer = null;
-    }
-  }
-  getState() {
-    return { ...this.state };
-  }
-  isAuthenticated() {
-    return this.state.status === "authenticated";
-  }
-  getUser() {
-    return this.state.user;
-  }
-  subscribe(handler) {
-    this.eventHandlers.add(handler);
-    return () => this.eventHandlers.delete(handler);
-  }
-  updateState(newState) {
-    this.state = newState;
-  }
-  emit(event) {
-    this.eventHandlers.forEach((handler) => {
-      try {
-        handler(event);
-      } catch (error) {
-        console.error("Event handler error:", error);
-      }
+      return () => unsubscribe();
     });
+    return /* @__PURE__ */ jsx(Slot, {});
   }
-  log(...args) {
-    if (this.config.debug) {
-      console.log("[DouveryAuth]", ...args);
-    }
-  }
-};
-function createDouveryAuth(config) {
-  return new DouveryAuthClient(config);
-}
-var DouveryAuthContext = createContextId("douvery-auth");
-var DouveryAuthProvider = component$(({ config }) => {
-  const client = createDouveryAuth(config);
-  const state = useSignal(client.getState());
-  const isInitialized = useSignal(false);
-  const isLoading = useSignal(false);
-  const error = useSignal(null);
-  useContextProvider(DouveryAuthContext, { state, isInitialized, isLoading, error, client });
-  useVisibleTask$(() => {
-    client.initialize().then(() => {
-      isInitialized.value = true;
-      state.value = client.getState();
-    }).catch((err) => {
-      error.value = err instanceof Error ? err : new Error(String(err));
-    });
-    const unsubscribe = client.subscribe((event) => {
-      state.value = client.getState();
-      if (event.type === "LOGIN_ERROR" || event.type === "LOGOUT_ERROR" || event.type === "TOKEN_REFRESH_ERROR") {
-        error.value = event.error;
-      }
-    });
-    return () => unsubscribe();
-  });
-  return /* @__PURE__ */ jsx(Slot, {});
-});
+);
 function useDouveryAuth() {
   return useContext(DouveryAuthContext);
 }
@@ -805,9 +84,86 @@ function useAuthActions() {
       isLoading.value = false;
     }
   };
-  return { login, logout, isLoading };
+  const selectAccount = (options) => {
+    client.selectAccount(options);
+  };
+  const addAccount = (options) => {
+    client.addAccount(options);
+  };
+  const register = (options) => {
+    client.register(options);
+  };
+  const recoverAccount = (options) => {
+    client.recoverAccount(options);
+  };
+  const verifyAccount = (options) => {
+    client.verifyAccount(options);
+  };
+  const upgradeAccount = (options) => {
+    client.upgradeAccount(options);
+  };
+  const setupPasskey = (options) => {
+    client.setupPasskey(options);
+  };
+  const setupAddress = (options) => {
+    client.setupAddress(options);
+  };
+  const revokeToken = async (options) => {
+    isLoading.value = true;
+    error.value = null;
+    try {
+      await client.revokeToken(options);
+    } catch (err) {
+      error.value = err instanceof Error ? err : new Error(String(err));
+      throw err;
+    } finally {
+      isLoading.value = false;
+    }
+  };
+  return {
+    login,
+    logout,
+    selectAccount,
+    addAccount,
+    register,
+    recoverAccount,
+    verifyAccount,
+    upgradeAccount,
+    setupPasskey,
+    setupAddress,
+    revokeToken,
+    isLoading
+  };
+}
+function useAuthUrls() {
+  const { client } = useDouveryAuth();
+  return {
+    loginUrl: (options) => client.buildLoginUrl(options),
+    logoutUrl: (options) => client.buildLogoutUrl(options),
+    selectAccountUrl: (options) => client.buildSelectAccountUrl(options),
+    addAccountUrl: (options) => client.buildAddAccountUrl(options),
+    registerUrl: (options) => client.buildRegisterUrl(options),
+    recoverAccountUrl: (options) => client.buildRecoverAccountUrl(options),
+    verifyAccountUrl: (options) => client.buildVerifyAccountUrl(options),
+    upgradeAccountUrl: (options) => client.buildUpgradeAccountUrl(options),
+    setupPasskeyUrl: (options) => client.buildSetupPasskeyUrl(options),
+    setupAddressUrl: (options) => client.buildSetupAddressUrl(options)
+  };
+}
+function useSessionStatus() {
+  const { client, state } = useDouveryAuth();
+  const isExpired = useSignal(client.isSessionExpired());
+  const needsVerification = useSignal(client.needsEmailVerification());
+  const isGuest = useSignal(client.isGuestAccount());
+  useTask$(({ track }) => {
+    track(() => state.value);
+    isExpired.value = client.isSessionExpired();
+    needsVerification.value = client.needsEmailVerification();
+    isGuest.value = client.isGuestAccount();
+  });
+  return { isExpired, needsVerification, isGuest };
 }
-export { DouveryAuthClient, DouveryAuthContext, DouveryAuthProvider, createDouveryAuth, useAuthActions, useDouveryAuth, useIsAuthenticated, useUser };
+export { DouveryAuthContext, DouveryAuthProvider, useAuthActions, useAuthUrls, useDouveryAuth, useIsAuthenticated, useSessionStatus, useUser };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map