@fjordid/client 0.1.0

package/README.md

@@ -0,0 +1,158 @@
+# @fjordid/client
+
+Lightweight JavaScript/TypeScript client for [FjordID](https://fjordid.eu) authentication. Wraps Keycloak OIDC with a simple, developer-friendly API.
+
+## Install
+
+```bash
+npm install @fjordid/client
+# or
+pnpm add @fjordid/client
+```
+
+## Quick Start
+
+```typescript
+import { FjordAuth } from "@fjordid/client";
+
+const auth = new FjordAuth({
+  domain: "your-app.fjordid.eu",
+  clientId: "your-client-id",
+});
+
+await auth.init();
+auth.login();
+```
+
+## Usage
+
+### Initialize
+
+```typescript
+const auth = new FjordAuth({
+  domain: "your-app.fjordid.eu",
+  clientId: "your-client-id",
+  // Optional overrides:
+  // authUrl: 'https://auth.fjordid.eu',
+  // realm: 'fjordid',
+  // redirectUri: window.location.origin,
+  // silentSso: true,
+  // initTimeout: 10000,
+});
+
+const isLoggedIn = await auth.init();
+```
+
+### Login / Register / Logout
+
+```typescript
+auth.login(); // Redirect to login page
+auth.register(); // Redirect to registration page
+auth.logout(); // Log out and redirect home
+
+// Custom redirect after login
+auth.login("/dashboard");
+```
+
+### User Info
+
+```typescript
+if (auth.authenticated) {
+  console.log(auth.user?.email);
+  console.log(auth.user?.name);
+  console.log(auth.user?.id);
+}
+```
+
+### Access Tokens
+
+```typescript
+// Get a valid token (auto-refreshes if expiring soon)
+const token = await auth.getToken();
+
+// Use in API calls
+const res = await fetch("/api/data", {
+  headers: { Authorization: `Bearer ${token}` },
+});
+```
+
+### Events
+
+```typescript
+const unsub = auth.on("onAuthSuccess", () => {
+  console.log("Logged in:", auth.user?.email);
+});
+
+auth.on("onAuthLogout", () => {
+  console.log("Logged out");
+});
+
+// Unsubscribe
+unsub();
+```
+
+## API Reference
+
+### `new FjordAuth(options)`
+
+| Option                  | Type      | Default                   | Description                      |
+| ----------------------- | --------- | ------------------------- | -------------------------------- |
+| `domain`                | `string`  | **required**              | Your FjordID domain              |
+| `clientId`              | `string`  | **required**              | OIDC client ID                   |
+| `authUrl`               | `string`  | `https://auth.fjordid.eu` | Keycloak server URL              |
+| `realm`                 | `string`  | `fjordid`                 | Keycloak realm                   |
+| `redirectUri`           | `string`  | `window.location.origin`  | Post-login redirect              |
+| `postLogoutRedirectUri` | `string`  | `window.location.origin`  | Post-logout redirect             |
+| `silentSso`             | `boolean` | `true`                    | Enable silent SSO check          |
+| `initTimeout`           | `number`  | `10000`                   | Init timeout (ms)                |
+| `tokenRefreshBuffer`    | `number`  | `30`                      | Seconds before expiry to refresh |
+
+### Properties
+
+| Property        | Type                  | Description                   |
+| --------------- | --------------------- | ----------------------------- |
+| `authenticated` | `boolean`             | Whether the user is logged in |
+| `user`          | `FjordUser \| null`   | Current user profile          |
+| `token`         | `string \| undefined` | Raw access token              |
+| `idToken`       | `string \| undefined` | Raw ID token                  |
+
+### Methods
+
+| Method                   | Returns                        | Description                 |
+| ------------------------ | ------------------------------ | --------------------------- |
+| `init()`                 | `Promise<boolean>`             | Initialize auth (call once) |
+| `login(redirectUri?)`    | `void`                         | Redirect to login           |
+| `register(redirectUri?)` | `void`                         | Redirect to registration    |
+| `logout(redirectUri?)`   | `void`                         | Log out                     |
+| `getToken()`             | `Promise<string \| undefined>` | Get valid access token      |
+| `refreshToken()`         | `Promise<string \| undefined>` | Force token refresh         |
+| `on(event, callback)`    | `() => void`                   | Subscribe to events         |
+
+### Events
+
+| Event            | When                             |
+| ---------------- | -------------------------------- |
+| `onReady`        | Keycloak adapter ready           |
+| `onAuthSuccess`  | Login succeeded                  |
+| `onAuthLogout`   | User logged out                  |
+| `onAuthError`    | Auth error occurred              |
+| `onTokenExpired` | Token expired and refresh failed |
+
+## Silent SSO
+
+For silent SSO to work, serve this HTML file at `/silent-check-sso.html`:
+
+```html
+<!doctype html>
+<html>
+  <body>
+    <script>
+      parent.postMessage(location.href, location.origin);
+    </script>
+  </body>
+</html>
+```
+
+## License
+
+MIT

package/dist/FjordAuth.d.ts

@@ -0,0 +1,90 @@
+import type { FjordAuthOptions, FjordUser, FjordAuthEvent, FjordAuthEventCallback } from "./types.js";
+/**
+ * FjordAuth — a lightweight, developer-friendly wrapper around Keycloak OIDC.
+ *
+ * @example
+ * ```ts
+ * import { FjordAuth } from '@fjordid/client';
+ *
+ * const auth = new FjordAuth({
+ *   domain: 'your-app.fjordid.eu',
+ *   clientId: 'your-client-id',
+ * });
+ *
+ * await auth.init();
+ * auth.login();
+ * ```
+ */
+export declare class FjordAuth {
+    private readonly kc;
+    private readonly options;
+    private initialized;
+    private initPromise;
+    private listeners;
+    /** The currently authenticated user, or `null` if not logged in. */
+    user: FjordUser | null;
+    constructor(options: FjordAuthOptions);
+    /**
+     * Initialize authentication. Performs a silent SSO check to see if the user
+     * is already logged in.
+     *
+     * @returns `true` if the user is authenticated, `false` otherwise.
+     */
+    init(): Promise<boolean>;
+    private doInit;
+    /** Whether the user is currently authenticated. */
+    get authenticated(): boolean;
+    /**
+     * Redirect to the FjordID login page.
+     *
+     * @param redirectUri — Override the post-login redirect. Defaults to `options.redirectUri`.
+     */
+    login(redirectUri?: string): void;
+    /**
+     * Redirect to the FjordID registration page.
+     *
+     * @param redirectUri — Override the post-registration redirect.
+     */
+    register(redirectUri?: string): void;
+    /**
+     * Log out and redirect to the post-logout URL.
+     *
+     * @param redirectUri — Override the post-logout redirect.
+     */
+    logout(redirectUri?: string): void;
+    /**
+     * Get a valid access token, refreshing if needed.
+     *
+     * @returns The access token string, or `undefined` if not authenticated.
+     */
+    getToken(): Promise<string | undefined>;
+    /**
+     * Force-refresh the access token.
+     *
+     * @returns The new access token string, or `undefined` on failure.
+     */
+    refreshToken(): Promise<string | undefined>;
+    /** The raw access token, or `undefined`. */
+    get token(): string | undefined;
+    /** The raw ID token, or `undefined`. */
+    get idToken(): string | undefined;
+    /**
+     * Subscribe to an auth event.
+     *
+     * @returns An unsubscribe function.
+     */
+    on(event: FjordAuthEvent, callback: FjordAuthEventCallback): () => void;
+    private emit;
+    private syncUser;
+    /**
+     * Validate that a redirect URI is a real URL and not an "undefined" string
+     * produced by an unset environment variable.
+     */
+    private assertValidRedirectUri;
+    /**
+     * Keycloak may lose authServerUrl after an init timeout.
+     * Ensure it's always set correctly before building redirect URLs.
+     */
+    private ensureAuthServerUrl;
+}
+//# sourceMappingURL=FjordAuth.d.ts.map

package/dist/FjordAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"FjordAuth.d.ts","sourceRoot":"","sources":["../src/FjordAuth.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,gBAAgB,EAChB,SAAS,EACT,cAAc,EACd,sBAAsB,EACvB,MAAM,YAAY,CAAC;AAOpB;;;;;;;;;;;;;;;GAeG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAW;IAC9B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAYL;IAEnB,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,WAAW,CAAiC;IACpD,OAAO,CAAC,SAAS,CAA0D;IAE3E,oEAAoE;IACpE,IAAI,EAAE,SAAS,GAAG,IAAI,CAAQ;gBAElB,OAAO,EAAE,gBAAgB;IA6DrC;;;;;OAKG;IACG,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC;YAahB,MAAM;IA0DpB,mDAAmD;IACnD,IAAI,aAAa,IAAI,OAAO,CAE3B;IAED;;;;OAIG;IACH,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI;IAOjC;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI;IAOpC;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI;IAWlC;;;;OAIG;IACG,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAU7C;;;;OAIG;IACG,YAAY,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAWjD,4CAA4C;IAC5C,IAAI,KAAK,IAAI,MAAM,GAAG,SAAS,CAE9B;IAED,wCAAwC;IACxC,IAAI,OAAO,IAAI,MAAM,GAAG,SAAS,CAEhC;IAMD;;;;OAIG;IACH,EAAE,CAAC,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,sBAAsB,GAAG,MAAM,IAAI;IAQvE,OAAO,CAAC,IAAI;IAcZ,OAAO,CAAC,QAAQ;IA2BhB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAe9B;;;OAGG;IACH,OAAO,CAAC,mBAAmB;CAS5B"}

package/dist/FjordAuth.js

@@ -0,0 +1,295 @@
+import Keycloak from "keycloak-js";
+const DEFAULT_AUTH_URL = "https://auth.fjordid.eu";
+const DEFAULT_REALM = "fjordid";
+const DEFAULT_INIT_TIMEOUT = 10_000;
+const DEFAULT_TOKEN_REFRESH_BUFFER = 30;
+/**
+ * FjordAuth — a lightweight, developer-friendly wrapper around Keycloak OIDC.
+ *
+ * @example
+ * ```ts
+ * import { FjordAuth } from '@fjordid/client';
+ *
+ * const auth = new FjordAuth({
+ *   domain: 'your-app.fjordid.eu',
+ *   clientId: 'your-client-id',
+ * });
+ *
+ * await auth.init();
+ * auth.login();
+ * ```
+ */
+export class FjordAuth {
+    kc;
+    options;
+    initialized = false;
+    initPromise = null;
+    listeners = new Map();
+    /** The currently authenticated user, or `null` if not logged in. */
+    user = null;
+    constructor(options) {
+        // Validate required config up-front so developers get a clear error
+        // instead of Keycloak's generic "Page not found".
+        if (!options.clientId || options.clientId.trim() === "") {
+            throw new Error("[FjordAuth] Missing clientId. " +
+                "Make sure you pass a valid clientId when creating FjordAuth. " +
+                "If you are reading it from an environment variable, " +
+                "ensure the variable is set before the app starts.");
+        }
+        this.options = {
+            ...options,
+            authUrl: options.authUrl ?? DEFAULT_AUTH_URL,
+            realm: options.realm ?? DEFAULT_REALM,
+            redirectUri: options.redirectUri ??
+                (typeof window !== "undefined" ? window.location.origin : ""),
+            postLogoutRedirectUri: options.postLogoutRedirectUri ??
+                (typeof window !== "undefined" ? window.location.origin : ""),
+            silentSso: options.silentSso ?? true,
+            initTimeout: options.initTimeout ?? DEFAULT_INIT_TIMEOUT,
+            tokenRefreshBuffer: options.tokenRefreshBuffer ?? DEFAULT_TOKEN_REFRESH_BUFFER,
+        };
+        // Validate redirectUri after defaults are applied
+        this.assertValidRedirectUri(this.options.redirectUri, "redirectUri");
+        this.assertValidRedirectUri(this.options.postLogoutRedirectUri, "postLogoutRedirectUri");
+        this.kc = new Keycloak({
+            url: this.options.authUrl,
+            realm: this.options.realm,
+            clientId: this.options.clientId,
+        });
+        // Wire up Keycloak events
+        this.kc.onReady = () => this.emit("onReady");
+        this.kc.onAuthSuccess = () => {
+            this.syncUser();
+            this.emit("onAuthSuccess");
+        };
+        this.kc.onAuthLogout = () => {
+            this.user = null;
+            this.emit("onAuthLogout");
+        };
+        this.kc.onAuthError = () => this.emit("onAuthError");
+        this.kc.onTokenExpired = () => {
+            this.refreshToken().catch(() => this.emit("onTokenExpired"));
+        };
+    }
+    // ---------------------------------------------------------------------------
+    // Lifecycle
+    // ---------------------------------------------------------------------------
+    /**
+     * Initialize authentication. Performs a silent SSO check to see if the user
+     * is already logged in.
+     *
+     * @returns `true` if the user is authenticated, `false` otherwise.
+     */
+    async init() {
+        if (this.initialized) {
+            return this.authenticated;
+        }
+        if (this.initPromise) {
+            return this.initPromise;
+        }
+        this.initPromise = this.doInit();
+        return this.initPromise;
+    }
+    async doInit() {
+        try {
+            const authenticated = await withTimeout(this.kc.init({
+                onLoad: "check-sso",
+                pkceMethod: "S256",
+                checkLoginIframe: false,
+                silentCheckSsoRedirectUri: this.options.silentSso
+                    ? window.location.origin + "/silent-check-sso.html"
+                    : undefined,
+            }), this.options.initTimeout, "FjordAuth init timeout — SSO check took too long");
+            this.initialized = true;
+            if (authenticated) {
+                this.syncUser();
+            }
+            return authenticated;
+        }
+        catch (error) {
+            const msg = error instanceof Error ? error.message : String(error);
+            // Keycloak double-init guard
+            if (msg.includes("can only be initialized once")) {
+                this.initialized = true;
+                this.syncUser();
+                return this.authenticated;
+            }
+            // Timeout / 3rd-party cookie issues — degrade gracefully
+            const isRecoverable = msg.toLowerCase().includes("timeout") ||
+                msg.includes("3rd party") ||
+                msg.includes("third party") ||
+                msg.includes("iframe");
+            if (isRecoverable) {
+                console.warn("[FjordAuth] SSO check failed (3rd-party cookies likely blocked), proceeding without SSO:", msg);
+                this.initialized = true;
+                return false;
+            }
+            console.error("[FjordAuth] Initialization failed:", error);
+            this.initialized = true;
+            return false;
+        }
+    }
+    // ---------------------------------------------------------------------------
+    // Auth actions
+    // ---------------------------------------------------------------------------
+    /** Whether the user is currently authenticated. */
+    get authenticated() {
+        return this.kc.authenticated ?? false;
+    }
+    /**
+     * Redirect to the FjordID login page.
+     *
+     * @param redirectUri — Override the post-login redirect. Defaults to `options.redirectUri`.
+     */
+    login(redirectUri) {
+        const uri = redirectUri ?? this.options.redirectUri;
+        this.assertValidRedirectUri(uri, "redirectUri");
+        this.ensureAuthServerUrl();
+        this.kc.login({ redirectUri: uri });
+    }
+    /**
+     * Redirect to the FjordID registration page.
+     *
+     * @param redirectUri — Override the post-registration redirect.
+     */
+    register(redirectUri) {
+        const uri = redirectUri ?? this.options.redirectUri;
+        this.assertValidRedirectUri(uri, "redirectUri");
+        this.ensureAuthServerUrl();
+        this.kc.register({ redirectUri: uri });
+    }
+    /**
+     * Log out and redirect to the post-logout URL.
+     *
+     * @param redirectUri — Override the post-logout redirect.
+     */
+    logout(redirectUri) {
+        this.user = null;
+        this.kc.logout({
+            redirectUri: redirectUri ?? this.options.postLogoutRedirectUri,
+        });
+    }
+    // ---------------------------------------------------------------------------
+    // Token management
+    // ---------------------------------------------------------------------------
+    /**
+     * Get a valid access token, refreshing if needed.
+     *
+     * @returns The access token string, or `undefined` if not authenticated.
+     */
+    async getToken() {
+        try {
+            await this.kc.updateToken(this.options.tokenRefreshBuffer);
+            return this.kc.token;
+        }
+        catch {
+            console.error("[FjordAuth] Failed to refresh token");
+            return undefined;
+        }
+    }
+    /**
+     * Force-refresh the access token.
+     *
+     * @returns The new access token string, or `undefined` on failure.
+     */
+    async refreshToken() {
+        try {
+            await this.kc.updateToken(-1); // Force refresh
+            this.syncUser();
+            return this.kc.token;
+        }
+        catch {
+            console.error("[FjordAuth] Token refresh failed");
+            return undefined;
+        }
+    }
+    /** The raw access token, or `undefined`. */
+    get token() {
+        return this.kc.token;
+    }
+    /** The raw ID token, or `undefined`. */
+    get idToken() {
+        return this.kc.idToken;
+    }
+    // ---------------------------------------------------------------------------
+    // Events
+    // ---------------------------------------------------------------------------
+    /**
+     * Subscribe to an auth event.
+     *
+     * @returns An unsubscribe function.
+     */
+    on(event, callback) {
+        if (!this.listeners.has(event)) {
+            this.listeners.set(event, new Set());
+        }
+        this.listeners.get(event).add(callback);
+        return () => this.listeners.get(event)?.delete(callback);
+    }
+    emit(event) {
+        this.listeners.get(event)?.forEach((cb) => {
+            try {
+                cb();
+            }
+            catch (e) {
+                console.error(`[FjordAuth] Error in ${event} handler:`, e);
+            }
+        });
+    }
+    // ---------------------------------------------------------------------------
+    // Internals
+    // ---------------------------------------------------------------------------
+    syncUser() {
+        const profile = this.kc.tokenParsed;
+        if (profile) {
+            this.user = {
+                id: profile.sub ?? "",
+                email: profile.email ?? "",
+                name: profile.name ??
+                    [
+                        profile.given_name,
+                        profile.family_name,
+                    ]
+                        .filter(Boolean)
+                        .join(" "),
+                firstName: profile.given_name,
+                lastName: profile.family_name,
+                emailVerified: profile.email_verified,
+            };
+        }
+    }
+    /**
+     * Validate that a redirect URI is a real URL and not an "undefined" string
+     * produced by an unset environment variable.
+     */
+    assertValidRedirectUri(uri, name) {
+        if (!uri ||
+            uri === "undefined" ||
+            uri.startsWith("undefined/") ||
+            uri.startsWith("undefined%2F")) {
+            throw new Error(`[FjordAuth] Invalid ${name}: "${uri}". ` +
+                "This usually means an environment variable used to build the redirect URL is not set. " +
+                "Check that all VITE_* / process.env.* variables are defined before the app starts.");
+        }
+    }
+    /**
+     * Keycloak may lose authServerUrl after an init timeout.
+     * Ensure it's always set correctly before building redirect URLs.
+     */
+    ensureAuthServerUrl() {
+        if (!this.kc.authServerUrl ||
+            this.kc.authServerUrl !== this.options.authUrl) {
+            this.kc.authServerUrl =
+                this.options.authUrl;
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function withTimeout(promise, ms, message) {
+    return Promise.race([
+        promise,
+        new Promise((_, reject) => setTimeout(() => reject(new Error(message)), ms)),
+    ]);
+}

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export { FjordAuth } from "./FjordAuth.js";
+export type { FjordAuthOptions, FjordUser, FjordAuthEvent, FjordAuthEventCallback, } from "./types.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,YAAY,EACV,gBAAgB,EAChB,SAAS,EACT,cAAc,EACd,sBAAsB,GACvB,MAAM,YAAY,CAAC"}

package/dist/index.js

@@ -0,0 +1 @@
+export { FjordAuth } from "./FjordAuth.js";

package/dist/types.d.ts

@@ -0,0 +1,66 @@
+/**
+ * Configuration types for the FjordID client.
+ */
+/** Options for initializing a FjordAuth instance. */
+export interface FjordAuthOptions {
+    /**
+     * Your FjordID domain, e.g. `"your-app.fjordid.eu"`.
+     * Used to derive the Keycloak auth URL and realm.
+     */
+    domain: string;
+    /** The OIDC client ID for your application. */
+    clientId: string;
+    /**
+     * Override the Keycloak auth server URL.
+     * Defaults to `https://auth.fjordid.eu`.
+     */
+    authUrl?: string;
+    /**
+     * The Keycloak realm name.
+     * Defaults to `"fjordid"`.
+     */
+    realm?: string;
+    /**
+     * Where to redirect after login. Defaults to `window.location.origin`.
+     */
+    redirectUri?: string;
+    /**
+     * Where to redirect after logout. Defaults to `window.location.origin`.
+     */
+    postLogoutRedirectUri?: string;
+    /**
+     * Enable silent SSO check via hidden iframe.
+     * Defaults to `true`. Set to `false` if 3rd-party cookies are blocked.
+     */
+    silentSso?: boolean;
+    /**
+     * Timeout in milliseconds for the initial SSO check.
+     * Defaults to `10000` (10 seconds).
+     */
+    initTimeout?: number;
+    /**
+     * Number of seconds before token expiry to trigger a refresh.
+     * Defaults to `30`.
+     */
+    tokenRefreshBuffer?: number;
+}
+/** Authenticated user profile. */
+export interface FjordUser {
+    /** Keycloak subject ID (UUID). */
+    id: string;
+    /** User's email address. */
+    email: string;
+    /** User's full name (may be empty). */
+    name: string;
+    /** User's first name. */
+    firstName?: string;
+    /** User's last name. */
+    lastName?: string;
+    /** Whether the email has been verified. */
+    emailVerified?: boolean;
+}
+/** Events emitted by FjordAuth. */
+export type FjordAuthEvent = "onReady" | "onAuthSuccess" | "onAuthLogout" | "onAuthError" | "onTokenExpired";
+/** Callback signature for auth events. */
+export type FjordAuthEventCallback = () => void;
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,qDAAqD;AACrD,MAAM,WAAW,gBAAgB;IAC/B;;;OAGG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf,+CAA+C;IAC/C,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;IAEpB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,kCAAkC;AAClC,MAAM,WAAW,SAAS;IACxB,kCAAkC;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,4BAA4B;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,uCAAuC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,yBAAyB;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,mCAAmC;AACnC,MAAM,MAAM,cAAc,GACtB,SAAS,GACT,eAAe,GACf,cAAc,GACd,aAAa,GACb,gBAAgB,CAAC;AAErB,0CAA0C;AAC1C,MAAM,MAAM,sBAAsB,GAAG,MAAM,IAAI,CAAC"}

package/dist/types.js

@@ -0,0 +1,4 @@
+/**
+ * Configuration types for the FjordID client.
+ */
+export {};

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@fjordid/client",
+  "version": "0.1.0",
+  "description": "Lightweight JavaScript/TypeScript client for FjordID authentication. Wraps Keycloak OIDC with a simple, developer-friendly API.",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "typecheck": "tsc --noEmit",
+    "dev": "tsc --watch"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/terjetyl/FjordId.git",
+    "directory": "packages/client"
+  },
+  "homepage": "https://fjordid.eu/docs",
+  "bugs": {
+    "url": "https://github.com/terjetyl/FjordId/issues"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  },
+  "keywords": [
+    "auth",
+    "authentication",
+    "oidc",
+    "oauth2",
+    "keycloak",
+    "fjordid",
+    "gdpr",
+    "eu",
+    "identity"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "keycloak-js": "^26.0.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.3"
+  }
+}