@flamingo-stack/openframe-frontend-core 0.0.295 → 0.0.296-snapshot.20260621021605

package/dist/chunk-POKKCWKF.js

@@ -1,354 +0,0 @@
-"use client";
-
-// src/hooks/ui/use-auto-limit-tags.ts
-import { useCallback, useEffect, useRef, useState } from "react";
-function useAutoLimitTags({
-  count,
-  limitTags = "auto",
-  placeholder = "",
-  reserveInputWidth = true
-}) {
-  const middleRef = useRef(null);
-  const measureRef = useRef(null);
-  const textMeasureRef = useRef(null);
-  const badgeRef = useRef(null);
-  const inputRef = useRef(null);
-  const [visibleCount, setVisibleCount] = useState(count);
-  const recalculate = useCallback(() => {
-    if (limitTags !== "auto") {
-      setVisibleCount(Math.min(limitTags, count));
-      return;
-    }
-    const middle = middleRef.current;
-    const measure = measureRef.current;
-    if (!middle || !measure) {
-      setVisibleCount(count);
-      return;
-    }
-    if (count === 0) {
-      setVisibleCount(0);
-      return;
-    }
-    const cs = getComputedStyle(middle);
-    const padL = parseFloat(cs.paddingLeft) || 0;
-    const padR = parseFloat(cs.paddingRight) || 0;
-    const gap = parseFloat(cs.gap) || 0;
-    const middleW = middle.clientWidth;
-    let inputReservedW = 0;
-    let trailingGap = 0;
-    if (reserveInputWidth) {
-      const textW = textMeasureRef.current?.offsetWidth ?? 60;
-      const inputMinW = inputRef.current ? parseFloat(getComputedStyle(inputRef.current).minWidth) || 60 : 60;
-      inputReservedW = Math.max(textW + 8, inputMinW);
-      trailingGap = gap;
-    }
-    const available = middleW - padL - padR - inputReservedW - trailingGap;
-    const tagEls = Array.from(measure.children);
-    const widths = tagEls.map((el) => el.offsetWidth);
-    let total = 0;
-    for (let i = 0; i < widths.length; i++) {
-      total += widths[i] + (i > 0 ? gap : 0);
-    }
-    if (total <= available) {
-      setVisibleCount(count);
-      return;
-    }
-    const badgeW = badgeRef.current?.offsetWidth ?? 40;
-    const spaceWithBadge = available - badgeW - gap;
-    let used = 0;
-    let fitCount = 0;
-    for (let i = 0; i < widths.length; i++) {
-      const need = widths[i] + (i > 0 ? gap : 0);
-      if (used + need > spaceWithBadge) break;
-      used += need;
-      fitCount++;
-    }
-    setVisibleCount(Math.max(0, fitCount));
-  }, [count, limitTags, placeholder, reserveInputWidth]);
-  useEffect(() => {
-    recalculate();
-  }, [recalculate]);
-  useEffect(() => {
-    const el = middleRef.current;
-    if (!el) return;
-    const ro = new ResizeObserver(recalculate);
-    ro.observe(el);
-    return () => ro.disconnect();
-  }, [recalculate]);
-  return { visibleCount, middleRef, measureRef, textMeasureRef, badgeRef, inputRef };
-}
-
-// src/hooks/ui/use-debounce.ts
-import { useState as useState2, useEffect as useEffect2 } from "react";
-function useDebounce(value, delay = 500) {
-  const [debouncedValue, setDebouncedValue] = useState2(value);
-  useEffect2(() => {
-    const timer = setTimeout(() => {
-      setDebouncedValue(value);
-    }, delay);
-    return () => {
-      clearTimeout(timer);
-    };
-  }, [value, delay]);
-  return debouncedValue;
-}
-
-// src/utils/local-storage-adapter.ts
-function getStorage(backend) {
-  if (typeof window === "undefined") return null;
-  try {
-    return backend === "session" ? window.sessionStorage : window.localStorage;
-  } catch {
-    return null;
-  }
-}
-function createLocalStorageAdapter(options) {
-  const tag = options.logTag ?? "[local-storage]";
-  const backend = options.backend ?? "local";
-  const resolveKey = () => {
-    const ns = options.namespace?.();
-    return ns ? `${ns}.${options.key}` : options.key;
-  };
-  return {
-    resolveKey,
-    load() {
-      const storage = getStorage(backend);
-      if (!storage) return null;
-      try {
-        const raw = storage.getItem(resolveKey());
-        if (!raw) return null;
-        const parsed = JSON.parse(raw);
-        if (options.validate && !options.validate(parsed)) return null;
-        return parsed;
-      } catch (err) {
-        console.warn(`${tag} parse failed for key ${resolveKey()}:`, err);
-        return null;
-      }
-    },
-    save(value) {
-      const storage = getStorage(backend);
-      if (!storage) return;
-      try {
-        storage.setItem(resolveKey(), JSON.stringify(value));
-      } catch (err) {
-        console.warn(`${tag} write failed for key ${resolveKey()}:`, err);
-      }
-    },
-    clear() {
-      const storage = getStorage(backend);
-      if (!storage) return;
-      try {
-        storage.removeItem(resolveKey());
-      } catch (err) {
-        console.warn(`${tag} clear failed for key ${resolveKey()}:`, err);
-      }
-    }
-  };
-}
-
-// src/utils/app-config.ts
-function getAppType() {
-  return process.env.NEXT_PUBLIC_APP_TYPE || "openmsp";
-}
-
-// src/utils/embed-proxy-auth-storage.ts
-function isValidPersistedAuth(value) {
-  if (!value || typeof value !== "object") return false;
-  const v = value;
-  if (typeof v.secret !== "string" || v.secret.trim().length === 0 || typeof v.email !== "string" || v.email.trim().length === 0) return false;
-  if (v.firstName != null && typeof v.firstName !== "string") return false;
-  if (v.lastName != null && typeof v.lastName !== "string") return false;
-  if (v.avatarUrl != null && typeof v.avatarUrl !== "string") return false;
-  return true;
-}
-var adapter = createLocalStorageAdapter({
-  // Storage key unchanged from the legacy chat-prefixed helper. Renaming
-  // it would silently log every existing admin out — the key is a
-  // storage contract, not a code identifier.
-  key: "chat.proxy-auth.v1",
-  namespace: () => getAppType(),
-  validate: isValidPersistedAuth,
-  logTag: "[embed-proxy-auth-storage]",
-  // localStorage — survives tab close, new tabs, and browser restarts.
-  // Admin re-pasting creds every tab cycle was the dev-experience
-  // tradeoff prior `sessionStorage` setup demanded — rejected. See
-  // file-level doc comment for the security tradeoff rationale.
-  backend: "local"
-});
-function normalizeOptional(value) {
-  if (!value) return void 0;
-  const trimmed = value.trim();
-  return trimmed.length > 0 ? trimmed : void 0;
-}
-function getEmbedProxyAuth() {
-  const persisted = adapter.load();
-  if (!persisted) return null;
-  return {
-    secret: persisted.secret,
-    email: persisted.email.trim().toLowerCase(),
-    firstName: normalizeOptional(persisted.firstName),
-    lastName: normalizeOptional(persisted.lastName),
-    avatarUrl: normalizeOptional(persisted.avatarUrl)
-  };
-}
-function getPersistedProxyEmail() {
-  const persisted = adapter.load();
-  return persisted?.email.trim().toLowerCase() ?? null;
-}
-function setEmbedProxyAuth(value) {
-  adapter.save({
-    secret: value.secret,
-    email: value.email.trim().toLowerCase(),
-    firstName: normalizeOptional(value.firstName),
-    lastName: normalizeOptional(value.lastName),
-    avatarUrl: normalizeOptional(value.avatarUrl)
-  });
-}
-function clearEmbedProxyAuth() {
-  adapter.clear();
-}
-function applyProxyAuth(url, baseHeaders = { "Content-Type": "application/json" }) {
-  const auth = getEmbedProxyAuth();
-  const headers = { ...baseHeaders };
-  if (auth?.secret) {
-    headers.Authorization = `Bearer ${auth.secret}`;
-  }
-  if (auth?.email) {
-    headers["X-Chat-Act-As"] = auth.email;
-  }
-  if (auth?.firstName) headers["X-Chat-First-Name"] = auth.firstName;
-  if (auth?.lastName) headers["X-Chat-Last-Name"] = auth.lastName;
-  if (auth?.avatarUrl) headers["X-Chat-Avatar-Url"] = auth.avatarUrl;
-  return { url, headers };
-}
-
-// src/utils/embed-authed-fetch.ts
-var ADAPTER_GLOBAL_KEY = "__embedAuthedFetchAdapter__";
-function getRegisteredAuthAdapter() {
-  if (typeof globalThis === "undefined") return null;
-  return globalThis[ADAPTER_GLOBAL_KEY] ?? null;
-}
-function storeRegisteredAuthAdapter(adapter2) {
-  if (typeof globalThis === "undefined") return;
-  globalThis[ADAPTER_GLOBAL_KEY] = adapter2;
-}
-function setEmbedAuthAdapter(adapter2) {
-  if (adapter2 && getRegisteredAuthAdapter() && process.env.NODE_ENV !== "production") {
-    console.warn(
-      "[setEmbedAuthAdapter] overwriting a previously-registered auth adapter. Two chat-runtime providers should not coexist \u2014 verify mount order and pass `null` from the unmounting provider."
-    );
-  }
-  storeRegisteredAuthAdapter(adapter2);
-}
-function hasEmbedAuthAdapter() {
-  return getRegisteredAuthAdapter() !== null;
-}
-function embedAuthedFetch(url, init = {}) {
-  assertSameOrigin(url);
-  let baseHeaders;
-  if (init.headers === void 0) {
-    baseHeaders = { "Content-Type": "application/json" };
-  } else {
-    baseHeaders = {};
-    if (init.headers instanceof Headers) {
-      init.headers.forEach((v, k) => {
-        baseHeaders[k] = v;
-      });
-    } else if (Array.isArray(init.headers)) {
-      for (const [k, v] of init.headers) baseHeaders[k] = v;
-    } else {
-      Object.assign(baseHeaders, init.headers);
-    }
-  }
-  return fetchWithRefresh(url, init, baseHeaders, false);
-}
-var IN_FLIGHT_REFRESH_GLOBAL_KEY = "__embedAuthedFetchInFlightRefresh__";
-function getInFlightRefresh() {
-  if (typeof globalThis === "undefined") return null;
-  return globalThis[IN_FLIGHT_REFRESH_GLOBAL_KEY] ?? null;
-}
-function setInFlightRefresh(refresh) {
-  if (typeof globalThis === "undefined") return;
-  globalThis[IN_FLIGHT_REFRESH_GLOBAL_KEY] = refresh;
-}
-function dedupedRefresh() {
-  const adapter2 = getRegisteredAuthAdapter();
-  if (!adapter2?.refresh) return Promise.resolve(false);
-  let inFlightRefresh = getInFlightRefresh();
-  if (!inFlightRefresh) {
-    inFlightRefresh = Promise.resolve().then(() => adapter2.refresh()).catch(() => false).finally(() => {
-      setInFlightRefresh(null);
-    });
-    setInFlightRefresh(inFlightRefresh);
-  }
-  return inFlightRefresh;
-}
-async function fetchWithRefresh(url, init, baseHeaders, isRetry) {
-  const { url: authedUrl, headers } = applyProxyAuth(url, { ...baseHeaders });
-  const adapter2 = getRegisteredAuthAdapter();
-  if (adapter2?.getHeaders) {
-    for (const [k, v] of Object.entries(adapter2.getHeaders())) {
-      if (v !== void 0) headers[k] = v;
-    }
-  }
-  const credentials = adapter2?.credentials ?? init.credentials ?? "same-origin";
-  const response = await fetch(authedUrl, {
-    ...init,
-    headers,
-    // Default `same-origin` carries Supabase cookies for the MPH proxy-
-    // auth model. Hosts on different origins (openframe-frontend ↔
-    // openframe gateway) register `credentials: 'include'` via the
-    // adapter to make their own cookies travel cross-origin (CORS +
-    // `SameSite=None` must be configured server-side for that to work).
-    credentials
-  });
-  if (response.status === 401 && !isRetry && adapter2?.refresh) {
-    const refreshed = await dedupedRefresh();
-    if (refreshed) {
-      return fetchWithRefresh(url, init, baseHeaders, true);
-    }
-  }
-  return response;
-}
-function assertSameOrigin(url) {
-  if (typeof window === "undefined") return;
-  let target;
-  let pageOrigin;
-  try {
-    target = new URL(url, window.location.href);
-    pageOrigin = new URL(window.location.href).origin;
-  } catch {
-    throw new Error(`embedAuthedFetch: refusing to fetch malformed URL (${JSON.stringify(url)})`);
-  }
-  if (target.protocol !== "http:" && target.protocol !== "https:") {
-    throw new Error(
-      `embedAuthedFetch: refusing non-http(s) URL (${target.protocol}) \u2014 pass a relative /api/* path instead`
-    );
-  }
-  if (target.origin !== pageOrigin) {
-    if (process.env.NODE_ENV !== "production") {
-      console.warn(
-        `[embedAuthedFetch] cross-origin fetch to ${target.origin} allowed in dev (NODE_ENV !== 'production'). Production builds will reject this \u2014 wire a same-origin proxy before shipping.`
-      );
-      return;
-    }
-    throw new Error(
-      `embedAuthedFetch: refusing cross-origin fetch to ${target.origin} \u2014 pass a relative /api/* path instead`
-    );
-  }
-}
-
-export {
-  useAutoLimitTags,
-  useDebounce,
-  getAppType,
-  getEmbedProxyAuth,
-  getPersistedProxyEmail,
-  setEmbedProxyAuth,
-  clearEmbedProxyAuth,
-  applyProxyAuth,
-  setEmbedAuthAdapter,
-  hasEmbedAuthAdapter,
-  embedAuthedFetch
-};
-//# sourceMappingURL=chunk-POKKCWKF.js.map

package/dist/chunk-POKKCWKF.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/hooks/ui/use-auto-limit-tags.ts","../src/hooks/ui/use-debounce.ts","../src/utils/local-storage-adapter.ts","../src/utils/app-config.ts","../src/utils/embed-proxy-auth-storage.ts","../src/utils/embed-authed-fetch.ts"],"sourcesContent":["\"use client\"\n\nimport { useCallback, useEffect, useRef, useState } from \"react\"\n\nexport interface UseAutoLimitTagsOptions {\n  /** Total number of tags */\n  count: number\n  /** Fixed limit or \"auto\" for DOM-based measurement. Default \"auto\" */\n  limitTags?: number | \"auto\"\n  /** Placeholder text used to reserve input width (only used in \"auto\" mode) */\n  placeholder?: string\n  /**\n   * Reserve trailing space for a text input (the autocomplete combobox). Set\n   * `false` for a pure chip row that has no input — then only the chips and the\n   * \"+N\" / \"⋯\" overflow badge compete for the available width. Default `true`.\n   */\n  reserveInputWidth?: boolean\n}\n\nexport interface UseAutoLimitTagsReturn {\n  /** How many tags to show */\n  visibleCount: number\n  /** Ref for the zone that contains tags + input (must have overflow-hidden, gap, padding) */\n  middleRef: React.RefObject<HTMLDivElement | null>\n  /** Ref for the off-screen container that holds measurement copies of ALL tags */\n  measureRef: React.RefObject<HTMLDivElement | null>\n  /** Ref for the hidden span that measures placeholder text width */\n  textMeasureRef: React.RefObject<HTMLSpanElement | null>\n  /** Ref for the \"+N\" badge element (used to measure its width) */\n  badgeRef: React.RefObject<HTMLButtonElement | null>\n  /** Ref for the input element (used to read its min-width) */\n  inputRef: React.RefObject<HTMLInputElement | null>\n}\n\n/**\n * Calculates how many tags fit in a single-line container.\n *\n * Requires three off-screen measurement elements rendered by the consumer:\n * 1. A `<div ref={measureRef}>` containing Tag copies for every item (to measure widths)\n * 2. A `<span ref={textMeasureRef}>` containing the placeholder text (to reserve input width)\n * 3. The `<button ref={badgeRef}>` for the \"+N\" badge (to measure badge width)\n *\n * The hook reads real CSS values (padding, gap) from the middleRef container,\n * so it works regardless of responsive breakpoints or custom styling.\n */\nexport function useAutoLimitTags({\n  count,\n  limitTags = \"auto\",\n  placeholder = \"\",\n  reserveInputWidth = true,\n}: UseAutoLimitTagsOptions): UseAutoLimitTagsReturn {\n  const middleRef = useRef<HTMLDivElement>(null)\n  const measureRef = useRef<HTMLDivElement>(null)\n  const textMeasureRef = useRef<HTMLSpanElement>(null)\n  const badgeRef = useRef<HTMLButtonElement>(null)\n  const inputRef = useRef<HTMLInputElement>(null)\n  const [visibleCount, setVisibleCount] = useState(count)\n\n  const recalculate = useCallback(() => {\n    // Fixed limit — skip DOM measurement\n    if (limitTags !== \"auto\") {\n      setVisibleCount(Math.min(limitTags, count))\n      return\n    }\n\n    const middle = middleRef.current\n    const measure = measureRef.current\n    if (!middle || !measure) {\n      setVisibleCount(count)\n      return\n    }\n    if (count === 0) {\n      setVisibleCount(0)\n      return\n    }\n\n    // Read real CSS metrics from the middle zone\n    const cs = getComputedStyle(middle)\n    const padL = parseFloat(cs.paddingLeft) || 0\n    const padR = parseFloat(cs.paddingRight) || 0\n    const gap = parseFloat(cs.gap) || 0\n    const middleW = middle.clientWidth\n\n    // Reserve trailing space for the input (autocomplete only). A pure chip row\n    // (`reserveInputWidth: false`) has no input, so nothing — and no gap before\n    // it — is reserved.\n    let inputReservedW = 0\n    let trailingGap = 0\n    if (reserveInputWidth) {\n      const textW = textMeasureRef.current?.offsetWidth ?? 60\n      const inputMinW = inputRef.current\n        ? parseFloat(getComputedStyle(inputRef.current).minWidth) || 60\n        : 60\n      inputReservedW = Math.max(textW + 8, inputMinW)\n      trailingGap = gap\n    }\n\n    // Available = middle zone − padding − input reserved − gap before input\n    const available = middleW - padL - padR - inputReservedW - trailingGap\n\n    // Measure every tag from the off-screen container\n    const tagEls = Array.from(measure.children) as HTMLElement[]\n    const widths = tagEls.map((el) => el.offsetWidth)\n\n    // Fast check: do ALL tags fit?\n    let total = 0\n    for (let i = 0; i < widths.length; i++) {\n      total += widths[i] + (i > 0 ? gap : 0)\n    }\n    if (total <= available) {\n      setVisibleCount(count)\n      return\n    }\n\n    // Not all fit → reserve space for the \"+N\" badge\n    const badgeW = badgeRef.current?.offsetWidth ?? 40\n    const spaceWithBadge = available - badgeW - gap\n\n    let used = 0\n    let fitCount = 0\n    for (let i = 0; i < widths.length; i++) {\n      const need = widths[i] + (i > 0 ? gap : 0)\n      if (used + need > spaceWithBadge) break\n      used += need\n      fitCount++\n    }\n\n    setVisibleCount(Math.max(0, fitCount))\n  }, [count, limitTags, placeholder, reserveInputWidth])\n\n  // Recalculate when inputs change\n  useEffect(() => {\n    recalculate()\n  }, [recalculate])\n\n  // Recalculate on container resize\n  useEffect(() => {\n    const el = middleRef.current\n    if (!el) return\n    const ro = new ResizeObserver(recalculate)\n    ro.observe(el)\n    return () => ro.disconnect()\n  }, [recalculate])\n\n  return { visibleCount, middleRef, measureRef, textMeasureRef, badgeRef, inputRef }\n}\n","\"use client\"\n\nimport { useState, useEffect } from \"react\"\n\n/**\n * Hook to debounce a value\n * @param value - Value to debounce\n * @param delay - Delay in milliseconds\n * @returns Debounced value\n */\nexport function useDebounce<T>(value: T, delay = 500): T {\n  const [debouncedValue, setDebouncedValue] = useState<T>(value)\n\n  useEffect(() => {\n    // Set up timeout to update debounced value\n    const timer = setTimeout(() => {\n      setDebouncedValue(value)\n    }, delay)\n\n    // Clean up timeout on value change or unmount\n    return () => {\n      clearTimeout(timer)\n    }\n  }, [value, delay])\n\n  return debouncedValue\n}\n","/**\n * Thin JSON-typed Web-Storage adapter (localStorage or sessionStorage).\n *\n * Centralizes the SSR-guard + try/catch + silent quota-failure pattern\n * that every per-feature storage util would otherwise re-implement.\n *\n * Optional `namespace` prefix supports platform / user partitioning —\n * the resolver runs lazily at call time so the namespace can vary across\n * the lifetime of the page (e.g. proxy-auth switches user, which switches\n * the key suffix).\n *\n * Backend selection (`backend: 'local' | 'session'`):\n *   - `'local'` (default): persists across browser sessions. Use for\n *     UI state, chat history metadata, feature-flag opt-ins.\n *   - `'session'`: cleared when the tab closes. Use for ANY auth-adjacent\n *     value (bearer tokens, act-as identity, proxy credentials). Reduces\n *     the XSS-exfiltration attack window from \"indefinite\" to \"until tab\n *     close\" without losing per-session ergonomics.\n */\n\nexport type WebStorageBackend = 'local' | 'session'\n\nexport interface LocalStorageAdapter<T> {\n  load(): T | null\n  save(value: T): void\n  clear(): void\n  /** Resolved storage key for the current call. Useful for tests. */\n  resolveKey(): string\n}\n\nexport interface LocalStorageAdapterOptions<T> {\n  /** Base storage key. Combined with `namespace()` when provided. */\n  key: string\n  /** Optional dynamic namespace prefix appended via `.` separator.\n   *  Called on EVERY read/write so the key can vary across the page\n   *  lifetime (e.g. when the platform or user identity changes). */\n  namespace?: () => string | null | undefined\n  /** Runtime shape check. Falsey return → `load()` yields null. */\n  validate?: (parsed: unknown) => parsed is T\n  /** Diagnostic prefix written to `console.warn` on parse / write\n   *  failures. Defaults to `'[local-storage]'`. */\n  logTag?: string\n  /** Which Web-Storage backend to use. Defaults to `'local'`. Pass\n   *  `'session'` for anything auth-adjacent so the value evaporates\n   *  when the tab closes. */\n  backend?: WebStorageBackend\n}\n\nfunction getStorage(backend: WebStorageBackend): Storage | null {\n  if (typeof window === 'undefined') return null\n  try {\n    return backend === 'session' ? window.sessionStorage : window.localStorage\n  } catch {\n    // Some sandboxed contexts (Safari private mode older versions,\n    // strict CSP) throw on storage access — treat as unavailable.\n    return null\n  }\n}\n\nexport function createLocalStorageAdapter<T>(\n  options: LocalStorageAdapterOptions<T>,\n): LocalStorageAdapter<T> {\n  const tag = options.logTag ?? '[local-storage]'\n  const backend: WebStorageBackend = options.backend ?? 'local'\n  const resolveKey = (): string => {\n    const ns = options.namespace?.()\n    return ns ? `${ns}.${options.key}` : options.key\n  }\n\n  return {\n    resolveKey,\n    load() {\n      const storage = getStorage(backend)\n      if (!storage) return null\n      try {\n        const raw = storage.getItem(resolveKey())\n        if (!raw) return null\n        const parsed = JSON.parse(raw) as unknown\n        if (options.validate && !options.validate(parsed)) return null\n        return parsed as T\n      } catch (err) {\n        console.warn(`${tag} parse failed for key ${resolveKey()}:`, err)\n        return null\n      }\n    },\n    save(value: T) {\n      const storage = getStorage(backend)\n      if (!storage) return\n      try {\n        storage.setItem(resolveKey(), JSON.stringify(value))\n      } catch (err) {\n        console.warn(`${tag} write failed for key ${resolveKey()}:`, err)\n      }\n    },\n    clear() {\n      const storage = getStorage(backend)\n      if (!storage) return\n      try {\n        storage.removeItem(resolveKey())\n      } catch (err) {\n        console.warn(`${tag} clear failed for key ${resolveKey()}:`, err)\n      }\n    },\n  }\n}\n","// Stub app config\nexport const APP_CONFIG = {\n  app: {\n    type: 'openmsp',\n    name: 'OpenMSP',\n    domain: 'openmsp.ai'\n  },\n  features: {\n    announcements: true,\n    notifications: true\n  }\n} as const;\n\nexport function getAppConfig() {\n  return APP_CONFIG;\n}\n\nexport function getAppType() {\n  return process.env.NEXT_PUBLIC_APP_TYPE || 'openmsp';\n}","'use client'\n\n/**\n * Client-side persistence for embed-surface proxy credentials\n * (`CHAT_PROXY_SECRET` + impersonation email). Used by every embedded\n * surface — the chat widget AND the ticket center AND any future\n * embedded React component that needs to identify itself as the\n * impersonated customer.\n *\n * When set, the surface attaches the creds as\n *   `Authorization: Bearer <secret>` + `X-Chat-Act-As: <email>`\n * on every call to `/api/docs/chat`, `/api/chat/*`, and any other route\n * gated by `requireChatAuth` — proving to the server that this session\n * is acting on behalf of <email>.\n *\n * **Naming history:** the wire-side header names are still `X-Chat-*`\n * and the env var is `CHAT_PROXY_SECRET`. Those are server contracts;\n * renaming them would require a coordinated deploy + customer-side\n * env-var migration. The CLIENT-side helpers were renamed `Embed*` so\n * non-chat surfaces (e.g. ticket center) don't have to import a\n * chat-prefixed symbol just to send the same headers.\n *\n * Persists to **`localStorage`** so the bearer token + act-as identity\n * survive tab close, new-tab opens, and browser restarts — the\n * `/debug` paste-creds UI is an admin tool and re-pasting every tab\n * cycle was rejected as a dev-experience tradeoff that wasn't worth\n * the security gain. An XSS sink on this origin can read the value\n * indefinitely (vs only-this-tab with sessionStorage), but `/debug`\n * is admin-gated behind the platform's `askAI.enabled` flag and the\n * impersonation header it sets is server-validated against\n * `CHAT_PROXY_SECRET` anyway. Explicit \"Clear\" button on the creds\n * bar is the supported logout path; closing the tab is no longer.\n *\n * Namespaced under `<platform>.chat.proxy-auth.v1` (the storage key is\n * unchanged from the old chat-prefixed helper — that's a storage\n * contract; renaming it would log everyone out).\n */\n\nimport { createLocalStorageAdapter } from './local-storage-adapter'\nimport { getAppType } from './app-config'\n\nexport interface EmbedProxyAuth {\n  secret: string\n  email: string\n  /** Optional identity passthrough — empty/omitted = not sent. Server\n   *  parses these as `X-Chat-{First,Last}-Name` / `X-Chat-Avatar-Url` and\n   *  threads them through `resolveChatProxyIdentity`'s returned user. */\n  firstName?: string\n  lastName?: string\n  avatarUrl?: string\n}\n\nfunction isValidPersistedAuth(value: unknown): value is EmbedProxyAuth {\n  if (!value || typeof value !== 'object') return false\n  const v = value as Record<string, unknown>\n  if (\n    typeof v.secret !== 'string' || v.secret.trim().length === 0 ||\n    typeof v.email !== 'string' || v.email.trim().length === 0\n  ) return false\n  // Optional fields: when present must be strings. Empty string is treated\n  // as absent later (in `getEmbedProxyAuth`).\n  if (v.firstName != null && typeof v.firstName !== 'string') return false\n  if (v.lastName != null && typeof v.lastName !== 'string') return false\n  if (v.avatarUrl != null && typeof v.avatarUrl !== 'string') return false\n  return true\n}\n\nconst adapter = createLocalStorageAdapter<EmbedProxyAuth>({\n  // Storage key unchanged from the legacy chat-prefixed helper. Renaming\n  // it would silently log every existing admin out — the key is a\n  // storage contract, not a code identifier.\n  key: 'chat.proxy-auth.v1',\n  namespace: () => getAppType(),\n  validate: isValidPersistedAuth,\n  logTag: '[embed-proxy-auth-storage]',\n  // localStorage — survives tab close, new tabs, and browser restarts.\n  // Admin re-pasting creds every tab cycle was the dev-experience\n  // tradeoff prior `sessionStorage` setup demanded — rejected. See\n  // file-level doc comment for the security tradeoff rationale.\n  backend: 'local',\n})\n\n/** Trim + null-coerce an optional identity field so consumers can do\n *  `auth.firstName ?? ''` without worrying about whitespace-only strings. */\nfunction normalizeOptional(value: string | undefined): string | undefined {\n  if (!value) return undefined\n  const trimmed = value.trim()\n  return trimmed.length > 0 ? trimmed : undefined\n}\n\n/**\n * Returns full credentials (secret + email + optional identity passthrough)\n * when secret + email are available. Returns `null` when nothing is saved —\n * callers treat that as \"fall back to cookie auth\".\n */\nexport function getEmbedProxyAuth(): EmbedProxyAuth | null {\n  const persisted = adapter.load()\n  if (!persisted) return null\n  return {\n    secret: persisted.secret,\n    email: persisted.email.trim().toLowerCase(),\n    firstName: normalizeOptional(persisted.firstName),\n    lastName: normalizeOptional(persisted.lastName),\n    avatarUrl: normalizeOptional(persisted.avatarUrl),\n  }\n}\n\n/**\n * Returns the LAST email the admin saved. The proxy creds bar reads\n * this to pre-fill the email field on mount.\n */\nexport function getPersistedProxyEmail(): string | null {\n  const persisted = adapter.load()\n  return persisted?.email.trim().toLowerCase() ?? null\n}\n\n/** Save the proxy creds. Secret + email are required; identity-passthrough\n *  fields are persisted only when non-empty. */\nexport function setEmbedProxyAuth(value: EmbedProxyAuth): void {\n  adapter.save({\n    secret: value.secret,\n    email: value.email.trim().toLowerCase(),\n    firstName: normalizeOptional(value.firstName),\n    lastName: normalizeOptional(value.lastName),\n    avatarUrl: normalizeOptional(value.avatarUrl),\n  })\n}\n\n/** Drop the persisted creds. */\nexport function clearEmbedProxyAuth(): void {\n  adapter.clear()\n}\n\n/**\n * Apply the embed-proxy auth (Bearer + X-Chat-Act-As) to a fetch call's\n * URL + headers. Used by every embedded-surface route that needs to\n * identify itself as the proxied customer (chat stream, agent-* routes,\n * ticket-center actions). When proxy auth is absent (regular\n * cookie-session users), returns the inputs unchanged so the cookie-auth\n * path still works.\n *\n * `X-Chat-Act-As` header (vs a URL query param) keeps PII out of access\n * logs, Sentry breadcrumbs, browser history, and CDN analytics.\n */\nexport function applyProxyAuth(\n  url: string,\n  baseHeaders: Record<string, string> = { 'Content-Type': 'application/json' },\n): { url: string; headers: Record<string, string> } {\n  const auth = getEmbedProxyAuth()\n  const headers = { ...baseHeaders }\n  if (auth?.secret) {\n    headers.Authorization = `Bearer ${auth.secret}`\n  }\n  if (auth?.email) {\n    headers['X-Chat-Act-As'] = auth.email\n  }\n  // Optional identity passthrough — only attached when present so the\n  // server's \"required vs optional\" header shape stays exact.\n  if (auth?.firstName) headers['X-Chat-First-Name'] = auth.firstName\n  if (auth?.lastName) headers['X-Chat-Last-Name'] = auth.lastName\n  if (auth?.avatarUrl) headers['X-Chat-Avatar-Url'] = auth.avatarUrl\n  return { url, headers }\n}\n","'use client'\n\n/**\n * Shared `fetch` wrapper for any embedded surface (chat, ticket center,\n * future widgets) that needs to carry the bearer-act-as identity\n * (proxy `Authorization` + `X-Chat-Act-As` headers from\n * `embed-proxy-auth-storage.ts`).\n *\n * Wire header names are `X-Chat-*` for historical reasons — that's a\n * server contract, not a UI namespace. The wrapper itself is generic.\n *\n * Drop-in replacement for `fetch()` — `Authorization` / `X-Chat-Act-As`\n * are merged into `init.headers` when proxy creds are stashed in\n * sessionStorage, otherwise the call falls through to the cookie-auth\n * path unchanged.\n *\n * Use this for any client-side fetch hitting `/api/chat/*`, `/api/docs/chat/*`,\n * or `/api/storage/generate-upload-url` (chat-attachment surface — shared\n * with the ticket center). Routes that do NOT need bearer-act-as\n * (e.g. `/api/profile/me`) keep using vanilla `fetch`.\n */\n\nimport { applyProxyAuth } from './embed-proxy-auth-storage'\n\n// =============================================================================\n// Host-supplied auth adapter (opt-in)\n// =============================================================================\n\n/**\n * Hosts that have their own auth model (cookie sessions, app-specific\n * JWT in localStorage, OAuth access tokens, …) can register an adapter\n * to override the lib's default `embedProxyAuth` flow. When set, the\n * adapter's `getHeaders()` result is merged onto every `embedAuthedFetch`\n * call AFTER the default proxy-auth header step (so adapter headers\n * win over both caller and proxy values), and `credentials` overrides\n * the default `'same-origin'` behaviour.\n *\n * Default (no adapter): MPH-style proxy-impersonation — bearer + act-as\n * read from localStorage, `credentials: 'same-origin'`. No consumer\n * needs to touch this unless they want a different auth model.\n *\n * Use cases:\n *   - openframe-frontend has its own JWT in `localStorage.of_access_token`\n *     and cookie-based session; register an adapter to attach the JWT\n *     and request `credentials: 'include'` so cookies travel cross-origin\n *     to the openframe gateway.\n *   - Future embed hosts with OAuth access tokens, signed URLs, etc.\n *\n * Lifetime: setter is module-level (intentionally — `embedAuthedFetch`\n * is a plain utility, not a hook, so it can't read React context). Host\n * runtime providers should call `setEmbedAuthAdapter(...)` on mount and\n * `setEmbedAuthAdapter(null)` on unmount. Multiple hosts registering at\n * once is a programming error (one chat panel per app).\n */\nexport interface EmbedAuthAdapter {\n  /** Headers merged onto every embedded-fetch call. Return `{}` to add\n   *  nothing. Called per-request so reactive token refresh sees the latest\n   *  value from your auth store / storage. Values typed as\n   *  `string | undefined` so the common narrowed shape\n   *  `{ Authorization: token ? 'Bearer …' : undefined }` (or a conditional\n   *  `token ? { Authorization: … } : {}`) assigns cleanly — `undefined`\n   *  values are filtered before being merged into the request headers. */\n  getHeaders?: () => Record<string, string | undefined>\n  /** `RequestInit.credentials` mode. Default when no adapter: callers'\n   *  `init.credentials` or `'same-origin'`. Use `'include'` for cookie\n   *  auth against a different origin (CORS + `SameSite=None` required). */\n  credentials?: RequestCredentials\n  /**\n   * Optional 401 self-heal. When a request comes back `401`,\n   * `embedAuthedFetch` calls this once, and — if it resolves `true` —\n   * retries the SAME request exactly once with freshly-recomputed\n   * headers (so a rotated bearer from `getHeaders()` is picked up).\n   * Resolve `false` to surface the 401 to the caller unchanged.\n   *\n   * This is the capability the openframe `apiClient` has had all along\n   * (refresh-the-access-token-then-retry); registering it here gives the\n   * embedded chat/ticket surfaces the same self-healing auth instead of\n   * dying on an expired token. Concurrent 401s are de-duplicated by the\n   * wrapper, so this fires at most once per refresh cycle even when a\n   * stampede of chat requests all expire together — your implementation\n   * does NOT need its own in-flight guard (though a token-refresh manager\n   * that already dedups is harmless).\n   *\n   * Keep it idempotent and side-effect-light: on failure the wrapper just\n   * returns the original 401 — logout/redirect decisions belong to the\n   * host's own auth layer, not to this fetch wrapper.\n   */\n  refresh?: () => Promise<boolean>\n}\n\n/**\n * The registered adapter is parked on `globalThis`, NOT in a module-private\n * `let`. Reason: this lib ships multiple entry points (`/utils`,\n * `/components/chat`, …) and a consumer's bundler can inline this file into\n * more than one chunk — giving each chunk its OWN module scope. If the host\n * calls `setEmbedAuthAdapter` from the `/utils` copy while the chat's\n * `embedAuthedFetch` runs from the `/components/chat` copy, a module-local\n * `let` would be set on one copy and read as `null` on the other (the exact\n * \"credentials: same-origin, no Bearer, no refresh\" symptom). A single\n * `globalThis` slot is shared across every copy, so registration always\n * reaches the fetch path.\n */\nconst ADAPTER_GLOBAL_KEY = '__embedAuthedFetchAdapter__'\n\nfunction getRegisteredAuthAdapter(): EmbedAuthAdapter | null {\n  if (typeof globalThis === 'undefined') return null\n  return (globalThis as Record<string, unknown>)[ADAPTER_GLOBAL_KEY] as EmbedAuthAdapter | null ?? null\n}\n\nfunction storeRegisteredAuthAdapter(adapter: EmbedAuthAdapter | null): void {\n  if (typeof globalThis === 'undefined') return\n  ;(globalThis as Record<string, unknown>)[ADAPTER_GLOBAL_KEY] = adapter\n}\n\n/**\n * Register a host-owned auth adapter for `embedAuthedFetch`. Pass `null`\n * to clear (typically on provider unmount).\n *\n * Module-level state — there is one chat panel per app, so a single\n * registration is sufficient. Calling this twice with different non-null\n * adapters replaces the previous one (the most recent registration wins);\n * a `console.warn` flags the overwrite so duplicate-provider mounts get\n * caught in dev.\n */\nexport function setEmbedAuthAdapter(adapter: EmbedAuthAdapter | null): void {\n  if (adapter && getRegisteredAuthAdapter() && process.env.NODE_ENV !== 'production') {\n    console.warn(\n      '[setEmbedAuthAdapter] overwriting a previously-registered auth ' +\n        'adapter. Two chat-runtime providers should not coexist — verify ' +\n        'mount order and pass `null` from the unmounting provider.',\n    )\n  }\n  storeRegisteredAuthAdapter(adapter)\n}\n\n/**\n * Whether a host auth adapter is currently registered. Lets sibling helpers\n * (e.g. `contentFetch`) route through `embedAuthedFetch` ONLY when a host has\n * opted into embedded auth, and stay a plain `fetch` otherwise — so there's a\n * single auth knob (the adapter), not a second content-fetch registration.\n */\nexport function hasEmbedAuthAdapter(): boolean {\n  return getRegisteredAuthAdapter() !== null\n}\n\n/**\n * `fetch` wrapper that attaches embed-proxy bearer headers (when\n * present in sessionStorage) and forces `credentials: 'same-origin'`\n * so Supabase auth cookies travel too.\n *\n * **Header merge direction (proxy WINS over caller):** the implementation\n * spreads `baseHeaders` first inside `applyProxyAuth`, then sets the\n * `Authorization` / `X-Chat-*` keys — so the proxy values take precedence\n * over anything the caller passed. The motivation is that the bearer +\n * act-as identity is the source of truth for embedded auth; a caller\n * accidentally passing a stale `Authorization` header should NOT override\n * the live proxy creds.\n *\n * **Cross-origin defense:** the wrapper assumes a same-origin `/api/…`\n * relative URL. Absolute URLs are accepted only when their origin matches\n * the current window's origin; cross-origin URLs throw before the bearer\n * leaves the page. This is a defense-in-depth guard for future call sites\n * — there is no legitimate cross-origin use of this fetch wrapper.\n *\n * **401 self-heal:** when a registered adapter supplies `refresh`, a `401`\n * response triggers a single token refresh + retry of the same request\n * (see `EmbedAuthAdapter.refresh`). This is the openframe `apiClient`'s\n * refresh-then-retry behaviour, lifted into the lib so embedded surfaces\n * no longer need a host-side `window.fetch` monkey-patch to survive an\n * expired access token mid-chat. With no adapter (or no `refresh`), the\n * 401 passes straight through unchanged.\n */\nexport function embedAuthedFetch(url: string, init: RequestInit = {}): Promise<Response> {\n  // Same-origin guard runs SYNCHRONOUSLY (not awaited inside the async\n  // helper below) so a bearer-leaking cross-origin URL throws before any\n  // promise is created — callers and tests rely on the synchronous throw.\n  assertSameOrigin(url)\n\n  // `applyProxyAuth` accepts `Record<string, string>`; normalize the\n  // caller's headers to that shape ONCE, up front. RequestInit accepts\n  // `HeadersInit` which is broader (Headers instance OR array of tuples).\n  // We re-derive the per-request headers from this base on every attempt\n  // (initial + post-refresh retry) so a rotated bearer is picked up.\n  //\n  // When the caller passes no headers, fall back to the same default\n  // `applyProxyAuth` uses internally — `Content-Type: application/json` —\n  // so JSON POSTs keep their content-type when only `embedAuthedFetch(url)`\n  // is used at the call site. GET callers that explicitly want no body\n  // headers can pass `init.headers = {}` to opt out.\n  let baseHeaders: Record<string, string>\n  if (init.headers === undefined) {\n    baseHeaders = { 'Content-Type': 'application/json' }\n  } else {\n    baseHeaders = {}\n    if (init.headers instanceof Headers) {\n      init.headers.forEach((v, k) => {\n        baseHeaders[k] = v\n      })\n    } else if (Array.isArray(init.headers)) {\n      for (const [k, v] of init.headers) baseHeaders[k] = v\n    } else {\n      Object.assign(baseHeaders, init.headers as Record<string, string>)\n    }\n  }\n\n  return fetchWithRefresh(url, init, baseHeaders, false)\n}\n\n/**\n * Single in-flight refresh shared across all concurrent `embedAuthedFetch`\n * callers. A stampede of chat requests that all 401 at the same moment must\n * trigger the adapter's `refresh()` ONCE, not N times — otherwise an\n * expiring session fires a thundering herd of refresh calls at the auth\n * server. Resets to `null` once settled so the next genuine expiry can\n * refresh again.\n */\n// Stored on `globalThis` rather than a module-local so the \"single refresh\"\n// guarantee survives module duplication. Bundlers can ship more than one copy\n// of this module (e.g. across chunks or a host + embedded build); a per-module\n// variable would let each copy run its own refresh cycle, re-creating the\n// thundering-herd this dedupe exists to prevent.\nconst IN_FLIGHT_REFRESH_GLOBAL_KEY = '__embedAuthedFetchInFlightRefresh__'\n\nfunction getInFlightRefresh(): Promise<boolean> | null {\n  if (typeof globalThis === 'undefined') return null\n  return (\n    ((globalThis as Record<string, unknown>)[IN_FLIGHT_REFRESH_GLOBAL_KEY] as\n      | Promise<boolean>\n      | null\n      | undefined) ?? null\n  )\n}\n\nfunction setInFlightRefresh(refresh: Promise<boolean> | null): void {\n  if (typeof globalThis === 'undefined') return\n  ;(globalThis as Record<string, unknown>)[IN_FLIGHT_REFRESH_GLOBAL_KEY] = refresh\n}\n\nfunction dedupedRefresh(): Promise<boolean> {\n  const adapter = getRegisteredAuthAdapter()\n  if (!adapter?.refresh) return Promise.resolve(false)\n  let inFlightRefresh = getInFlightRefresh()\n  if (!inFlightRefresh) {\n    // Wrap in `Promise.resolve` so an adapter that throws synchronously\n    // (rather than rejecting) still funnels through the shared slot and\n    // clears it. A rejected refresh is treated as \"could not refresh\".\n    inFlightRefresh = Promise.resolve()\n      .then(() => adapter.refresh!())\n      .catch(() => false)\n      .finally(() => {\n        setInFlightRefresh(null)\n      })\n    setInFlightRefresh(inFlightRefresh)\n  }\n  return inFlightRefresh\n}\n\n/**\n * Core fetch path: merge proxy-auth + adapter headers, issue the request,\n * and — on a `401` with a refresh-capable adapter — refresh once and retry\n * the identical request a single time. Mirrors the openframe `apiClient`'s\n * refresh-then-retry contract (`isRetry` guards against infinite loops).\n */\nasync function fetchWithRefresh(\n  url: string,\n  init: RequestInit,\n  baseHeaders: Record<string, string>,\n  isRetry: boolean,\n): Promise<Response> {\n  // Re-run the merge each attempt: `applyProxyAuth` reads the latest stored\n  // proxy creds and `getHeaders()` reads the latest bearer, so a retry after\n  // refresh carries the rotated token rather than the stale one. `{...baseHeaders}`\n  // keeps the caller's normalized headers immutable across attempts.\n  const { url: authedUrl, headers } = applyProxyAuth(url, { ...baseHeaders })\n\n  // Host-supplied auth adapter layer. Runs AFTER the proxy-auth merge so\n  // adapter headers override both caller and proxy values — the adapter\n  // is the host's explicit \"this is my auth model\" override, intentionally\n  // last-writer-wins. When no adapter is registered, this is a zero-cost\n  // no-op (object spread of `{}`).\n  const adapter = getRegisteredAuthAdapter()\n  if (adapter?.getHeaders) {\n    // Filter `undefined` values — the adapter type allows them so consumers\n    // don't have to narrow `{ Authorization: token ? '…' : undefined }`-shaped\n    // returns, but `fetch` headers must be strings.\n    for (const [k, v] of Object.entries(adapter.getHeaders())) {\n      if (v !== undefined) headers[k] = v\n    }\n  }\n  const credentials = adapter?.credentials ?? init.credentials ?? 'same-origin'\n\n  const response = await fetch(authedUrl, {\n    ...init,\n    headers,\n    // Default `same-origin` carries Supabase cookies for the MPH proxy-\n    // auth model. Hosts on different origins (openframe-frontend ↔\n    // openframe gateway) register `credentials: 'include'` via the\n    // adapter to make their own cookies travel cross-origin (CORS +\n    // `SameSite=None` must be configured server-side for that to work).\n    credentials,\n  })\n\n  // 401 self-heal: refresh the token once and retry. Only when an adapter\n  // opted into `refresh`, and only on the first attempt — a 401 on the\n  // retry means the fresh token is also unauthorized, so surface it.\n  if (response.status === 401 && !isRetry && adapter?.refresh) {\n    const refreshed = await dedupedRefresh()\n    if (refreshed) {\n      return fetchWithRefresh(url, init, baseHeaders, true)\n    }\n  }\n\n  return response\n}\n\n/**\n * Reject any URL that resolves to a cross-origin destination or to a\n * non-http(s) scheme. Every input is resolved against\n * `window.location.href` so the same rule covers path-only\n * (`/api/...`), absolute (`https://...`), protocol-relative\n * (`//host/...`), AND whitespace-prefixed forms (`\\t//evil.com/...`) —\n * the WHATWG fetch spec strips leading ASCII whitespace before\n * parsing, so any regex-based \"skip relative\" shortcut is bypassable\n * with a leading `\\t`/`\\n`/`\\r`/space. We resolve unconditionally\n * instead and compare origins.\n *\n * Also blocks `javascript:` / `data:` / `blob:` etc. — only `http(s):`\n * is allowed. This is explicit allowlisting rather than relying on\n * `origin === 'null'` to fall out wrong.\n *\n * Server-side rendering: when `typeof window === 'undefined'` we skip\n * the check — the bearer comes from sessionStorage which doesn't exist\n * on the server, so there's nothing to leak anyway.\n */\nfunction assertSameOrigin(url: string): void {\n  if (typeof window === 'undefined') return\n  let target: URL\n  let pageOrigin: string\n  try {\n    target = new URL(url, window.location.href)\n    // Derive the page origin from `href` rather than reading\n    // `window.location.origin` directly so the check works in test\n    // environments that mock `window.location` to a plain object\n    // without an `origin` field (jsdom setups do this).\n    pageOrigin = new URL(window.location.href).origin\n  } catch {\n    throw new Error(`embedAuthedFetch: refusing to fetch malformed URL (${JSON.stringify(url)})`)\n  }\n  if (target.protocol !== 'http:' && target.protocol !== 'https:') {\n    throw new Error(\n      `embedAuthedFetch: refusing non-http(s) URL (${target.protocol}) — pass a relative /api/* path instead`,\n    )\n  }\n  if (target.origin !== pageOrigin) {\n    // Dev-mode escape hatch — embedded apps (e.g. openframe-frontend)\n    // run on a different origin from their gateway during local dev,\n    // and forcing a Next.js `rewrites()` workaround is more error-prone\n    // than relaxing the guard for the dev build. In production\n    // (`NODE_ENV === 'production'`) the guard stays absolute — same\n    // defense-in-depth bearer-leak protection as before. The check is\n    // baked at build time by Next/webpack/Turbopack so prod bundles\n    // contain only the throwing branch (no dev string in the artifact).\n    if (process.env.NODE_ENV !== 'production') {\n      console.warn(\n        `[embedAuthedFetch] cross-origin fetch to ${target.origin} ` +\n          `allowed in dev (NODE_ENV !== 'production'). Production builds ` +\n          `will reject this — wire a same-origin proxy before shipping.`,\n      )\n      return\n    }\n    throw new Error(\n      `embedAuthedFetch: refusing cross-origin fetch to ${target.origin} — pass a relative /api/* path instead`,\n    )\n  }\n}\n"],"mappings":";;;AAEA,SAAS,aAAa,WAAW,QAAQ,gBAAgB;AA2ClD,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA,YAAY;AAAA,EACZ,cAAc;AAAA,EACd,oBAAoB;AACtB,GAAoD;AAClD,QAAM,YAAY,OAAuB,IAAI;AAC7C,QAAM,aAAa,OAAuB,IAAI;AAC9C,QAAM,iBAAiB,OAAwB,IAAI;AACnD,QAAM,WAAW,OAA0B,IAAI;AAC/C,QAAM,WAAW,OAAyB,IAAI;AAC9C,QAAM,CAAC,cAAc,eAAe,IAAI,SAAS,KAAK;AAEtD,QAAM,cAAc,YAAY,MAAM;AAEpC,QAAI,cAAc,QAAQ;AACxB,sBAAgB,KAAK,IAAI,WAAW,KAAK,CAAC;AAC1C;AAAA,IACF;AAEA,UAAM,SAAS,UAAU;AACzB,UAAM,UAAU,WAAW;AAC3B,QAAI,CAAC,UAAU,CAAC,SAAS;AACvB,sBAAgB,KAAK;AACrB;AAAA,IACF;AACA,QAAI,UAAU,GAAG;AACf,sBAAgB,CAAC;AACjB;AAAA,IACF;AAGA,UAAM,KAAK,iBAAiB,MAAM;AAClC,UAAM,OAAO,WAAW,GAAG,WAAW,KAAK;AAC3C,UAAM,OAAO,WAAW,GAAG,YAAY,KAAK;AAC5C,UAAM,MAAM,WAAW,GAAG,GAAG,KAAK;AAClC,UAAM,UAAU,OAAO;AAKvB,QAAI,iBAAiB;AACrB,QAAI,cAAc;AAClB,QAAI,mBAAmB;AACrB,YAAM,QAAQ,eAAe,SAAS,eAAe;AACrD,YAAM,YAAY,SAAS,UACvB,WAAW,iBAAiB,SAAS,OAAO,EAAE,QAAQ,KAAK,KAC3D;AACJ,uBAAiB,KAAK,IAAI,QAAQ,GAAG,SAAS;AAC9C,oBAAc;AAAA,IAChB;AAGA,UAAM,YAAY,UAAU,OAAO,OAAO,iBAAiB;AAG3D,UAAM,SAAS,MAAM,KAAK,QAAQ,QAAQ;AAC1C,UAAM,SAAS,OAAO,IAAI,CAAC,OAAO,GAAG,WAAW;AAGhD,QAAI,QAAQ;AACZ,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,eAAS,OAAO,CAAC,KAAK,IAAI,IAAI,MAAM;AAAA,IACtC;AACA,QAAI,SAAS,WAAW;AACtB,sBAAgB,KAAK;AACrB;AAAA,IACF;AAGA,UAAM,SAAS,SAAS,SAAS,eAAe;AAChD,UAAM,iBAAiB,YAAY,SAAS;AAE5C,QAAI,OAAO;AACX,QAAI,WAAW;AACf,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,OAAO,OAAO,CAAC,KAAK,IAAI,IAAI,MAAM;AACxC,UAAI,OAAO,OAAO,eAAgB;AAClC,cAAQ;AACR;AAAA,IACF;AAEA,oBAAgB,KAAK,IAAI,GAAG,QAAQ,CAAC;AAAA,EACvC,GAAG,CAAC,OAAO,WAAW,aAAa,iBAAiB,CAAC;AAGrD,YAAU,MAAM;AACd,gBAAY;AAAA,EACd,GAAG,CAAC,WAAW,CAAC;AAGhB,YAAU,MAAM;AACd,UAAM,KAAK,UAAU;AACrB,QAAI,CAAC,GAAI;AACT,UAAM,KAAK,IAAI,eAAe,WAAW;AACzC,OAAG,QAAQ,EAAE;AACb,WAAO,MAAM,GAAG,WAAW;AAAA,EAC7B,GAAG,CAAC,WAAW,CAAC;AAEhB,SAAO,EAAE,cAAc,WAAW,YAAY,gBAAgB,UAAU,SAAS;AACnF;;;AC/IA,SAAS,YAAAA,WAAU,aAAAC,kBAAiB;AAQ7B,SAAS,YAAe,OAAU,QAAQ,KAAQ;AACvD,QAAM,CAAC,gBAAgB,iBAAiB,IAAID,UAAY,KAAK;AAE7D,EAAAC,WAAU,MAAM;AAEd,UAAM,QAAQ,WAAW,MAAM;AAC7B,wBAAkB,KAAK;AAAA,IACzB,GAAG,KAAK;AAGR,WAAO,MAAM;AACX,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,OAAO,KAAK,CAAC;AAEjB,SAAO;AACT;;;ACsBA,SAAS,WAAW,SAA4C;AAC9D,MAAI,OAAO,WAAW,YAAa,QAAO;AAC1C,MAAI;AACF,WAAO,YAAY,YAAY,OAAO,iBAAiB,OAAO;AAAA,EAChE,QAAQ;AAGN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,0BACd,SACwB;AACxB,QAAM,MAAM,QAAQ,UAAU;AAC9B,QAAM,UAA6B,QAAQ,WAAW;AACtD,QAAM,aAAa,MAAc;AAC/B,UAAM,KAAK,QAAQ,YAAY;AAC/B,WAAO,KAAK,GAAG,EAAE,IAAI,QAAQ,GAAG,KAAK,QAAQ;AAAA,EAC/C;AAEA,SAAO;AAAA,IACL;AAAA,IACA,OAAO;AACL,YAAM,UAAU,WAAW,OAAO;AAClC,UAAI,CAAC,QAAS,QAAO;AACrB,UAAI;AACF,cAAM,MAAM,QAAQ,QAAQ,WAAW,CAAC;AACxC,YAAI,CAAC,IAAK,QAAO;AACjB,cAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,YAAI,QAAQ,YAAY,CAAC,QAAQ,SAAS,MAAM,EAAG,QAAO;AAC1D,eAAO;AAAA,MACT,SAAS,KAAK;AACZ,gBAAQ,KAAK,GAAG,GAAG,yBAAyB,WAAW,CAAC,KAAK,GAAG;AAChE,eAAO;AAAA,MACT;AAAA,IACF;AAAA,IACA,KAAK,OAAU;AACb,YAAM,UAAU,WAAW,OAAO;AAClC,UAAI,CAAC,QAAS;AACd,UAAI;AACF,gBAAQ,QAAQ,WAAW,GAAG,KAAK,UAAU,KAAK,CAAC;AAAA,MACrD,SAAS,KAAK;AACZ,gBAAQ,KAAK,GAAG,GAAG,yBAAyB,WAAW,CAAC,KAAK,GAAG;AAAA,MAClE;AAAA,IACF;AAAA,IACA,QAAQ;AACN,YAAM,UAAU,WAAW,OAAO;AAClC,UAAI,CAAC,QAAS;AACd,UAAI;AACF,gBAAQ,WAAW,WAAW,CAAC;AAAA,MACjC,SAAS,KAAK;AACZ,gBAAQ,KAAK,GAAG,GAAG,yBAAyB,WAAW,CAAC,KAAK,GAAG;AAAA,MAClE;AAAA,IACF;AAAA,EACF;AACF;;;ACvFO,SAAS,aAAa;AAC3B,SAAO,QAAQ,IAAI,wBAAwB;AAC7C;;;ACiCA,SAAS,qBAAqB,OAAyC;AACrE,MAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAChD,QAAM,IAAI;AACV,MACE,OAAO,EAAE,WAAW,YAAY,EAAE,OAAO,KAAK,EAAE,WAAW,KAC3D,OAAO,EAAE,UAAU,YAAY,EAAE,MAAM,KAAK,EAAE,WAAW,EACzD,QAAO;AAGT,MAAI,EAAE,aAAa,QAAQ,OAAO,EAAE,cAAc,SAAU,QAAO;AACnE,MAAI,EAAE,YAAY,QAAQ,OAAO,EAAE,aAAa,SAAU,QAAO;AACjE,MAAI,EAAE,aAAa,QAAQ,OAAO,EAAE,cAAc,SAAU,QAAO;AACnE,SAAO;AACT;AAEA,IAAM,UAAU,0BAA0C;AAAA;AAAA;AAAA;AAAA,EAIxD,KAAK;AAAA,EACL,WAAW,MAAM,WAAW;AAAA,EAC5B,UAAU;AAAA,EACV,QAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,EAKR,SAAS;AACX,CAAC;AAID,SAAS,kBAAkB,OAA+C;AACxE,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,UAAU,MAAM,KAAK;AAC3B,SAAO,QAAQ,SAAS,IAAI,UAAU;AACxC;AAOO,SAAS,oBAA2C;AACzD,QAAM,YAAY,QAAQ,KAAK;AAC/B,MAAI,CAAC,UAAW,QAAO;AACvB,SAAO;AAAA,IACL,QAAQ,UAAU;AAAA,IAClB,OAAO,UAAU,MAAM,KAAK,EAAE,YAAY;AAAA,IAC1C,WAAW,kBAAkB,UAAU,SAAS;AAAA,IAChD,UAAU,kBAAkB,UAAU,QAAQ;AAAA,IAC9C,WAAW,kBAAkB,UAAU,SAAS;AAAA,EAClD;AACF;AAMO,SAAS,yBAAwC;AACtD,QAAM,YAAY,QAAQ,KAAK;AAC/B,SAAO,WAAW,MAAM,KAAK,EAAE,YAAY,KAAK;AAClD;AAIO,SAAS,kBAAkB,OAA6B;AAC7D,UAAQ,KAAK;AAAA,IACX,QAAQ,MAAM;AAAA,IACd,OAAO,MAAM,MAAM,KAAK,EAAE,YAAY;AAAA,IACtC,WAAW,kBAAkB,MAAM,SAAS;AAAA,IAC5C,UAAU,kBAAkB,MAAM,QAAQ;AAAA,IAC1C,WAAW,kBAAkB,MAAM,SAAS;AAAA,EAC9C,CAAC;AACH;AAGO,SAAS,sBAA4B;AAC1C,UAAQ,MAAM;AAChB;AAaO,SAAS,eACd,KACA,cAAsC,EAAE,gBAAgB,mBAAmB,GACzB;AAClD,QAAM,OAAO,kBAAkB;AAC/B,QAAM,UAAU,EAAE,GAAG,YAAY;AACjC,MAAI,MAAM,QAAQ;AAChB,YAAQ,gBAAgB,UAAU,KAAK,MAAM;AAAA,EAC/C;AACA,MAAI,MAAM,OAAO;AACf,YAAQ,eAAe,IAAI,KAAK;AAAA,EAClC;AAGA,MAAI,MAAM,UAAW,SAAQ,mBAAmB,IAAI,KAAK;AACzD,MAAI,MAAM,SAAU,SAAQ,kBAAkB,IAAI,KAAK;AACvD,MAAI,MAAM,UAAW,SAAQ,mBAAmB,IAAI,KAAK;AACzD,SAAO,EAAE,KAAK,QAAQ;AACxB;;;AC5DA,IAAM,qBAAqB;AAE3B,SAAS,2BAAoD;AAC3D,MAAI,OAAO,eAAe,YAAa,QAAO;AAC9C,SAAQ,WAAuC,kBAAkB,KAAgC;AACnG;AAEA,SAAS,2BAA2BC,UAAwC;AAC1E,MAAI,OAAO,eAAe,YAAa;AACtC,EAAC,WAAuC,kBAAkB,IAAIA;AACjE;AAYO,SAAS,oBAAoBA,UAAwC;AAC1E,MAAIA,YAAW,yBAAyB,KAAK,QAAQ,IAAI,aAAa,cAAc;AAClF,YAAQ;AAAA,MACN;AAAA,IAGF;AAAA,EACF;AACA,6BAA2BA,QAAO;AACpC;AAQO,SAAS,sBAA+B;AAC7C,SAAO,yBAAyB,MAAM;AACxC;AA6BO,SAAS,iBAAiB,KAAa,OAAoB,CAAC,GAAsB;AAIvF,mBAAiB,GAAG;AAapB,MAAI;AACJ,MAAI,KAAK,YAAY,QAAW;AAC9B,kBAAc,EAAE,gBAAgB,mBAAmB;AAAA,EACrD,OAAO;AACL,kBAAc,CAAC;AACf,QAAI,KAAK,mBAAmB,SAAS;AACnC,WAAK,QAAQ,QAAQ,CAAC,GAAG,MAAM;AAC7B,oBAAY,CAAC,IAAI;AAAA,MACnB,CAAC;AAAA,IACH,WAAW,MAAM,QAAQ,KAAK,OAAO,GAAG;AACtC,iBAAW,CAAC,GAAG,CAAC,KAAK,KAAK,QAAS,aAAY,CAAC,IAAI;AAAA,IACtD,OAAO;AACL,aAAO,OAAO,aAAa,KAAK,OAAiC;AAAA,IACnE;AAAA,EACF;AAEA,SAAO,iBAAiB,KAAK,MAAM,aAAa,KAAK;AACvD;AAeA,IAAM,+BAA+B;AAErC,SAAS,qBAA8C;AACrD,MAAI,OAAO,eAAe,YAAa,QAAO;AAC9C,SACI,WAAuC,4BAA4B,KAGnD;AAEtB;AAEA,SAAS,mBAAmB,SAAwC;AAClE,MAAI,OAAO,eAAe,YAAa;AACtC,EAAC,WAAuC,4BAA4B,IAAI;AAC3E;AAEA,SAAS,iBAAmC;AAC1C,QAAMA,WAAU,yBAAyB;AACzC,MAAI,CAACA,UAAS,QAAS,QAAO,QAAQ,QAAQ,KAAK;AACnD,MAAI,kBAAkB,mBAAmB;AACzC,MAAI,CAAC,iBAAiB;AAIpB,sBAAkB,QAAQ,QAAQ,EAC/B,KAAK,MAAMA,SAAQ,QAAS,CAAC,EAC7B,MAAM,MAAM,KAAK,EACjB,QAAQ,MAAM;AACb,yBAAmB,IAAI;AAAA,IACzB,CAAC;AACH,uBAAmB,eAAe;AAAA,EACpC;AACA,SAAO;AACT;AAQA,eAAe,iBACb,KACA,MACA,aACA,SACmB;AAKnB,QAAM,EAAE,KAAK,WAAW,QAAQ,IAAI,eAAe,KAAK,EAAE,GAAG,YAAY,CAAC;AAO1E,QAAMA,WAAU,yBAAyB;AACzC,MAAIA,UAAS,YAAY;AAIvB,eAAW,CAAC,GAAG,CAAC,KAAK,OAAO,QAAQA,SAAQ,WAAW,CAAC,GAAG;AACzD,UAAI,MAAM,OAAW,SAAQ,CAAC,IAAI;AAAA,IACpC;AAAA,EACF;AACA,QAAM,cAAcA,UAAS,eAAe,KAAK,eAAe;AAEhE,QAAM,WAAW,MAAM,MAAM,WAAW;AAAA,IACtC,GAAG;AAAA,IACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA;AAAA,EACF,CAAC;AAKD,MAAI,SAAS,WAAW,OAAO,CAAC,WAAWA,UAAS,SAAS;AAC3D,UAAM,YAAY,MAAM,eAAe;AACvC,QAAI,WAAW;AACb,aAAO,iBAAiB,KAAK,MAAM,aAAa,IAAI;AAAA,IACtD;AAAA,EACF;AAEA,SAAO;AACT;AAqBA,SAAS,iBAAiB,KAAmB;AAC3C,MAAI,OAAO,WAAW,YAAa;AACnC,MAAI;AACJ,MAAI;AACJ,MAAI;AACF,aAAS,IAAI,IAAI,KAAK,OAAO,SAAS,IAAI;AAK1C,iBAAa,IAAI,IAAI,OAAO,SAAS,IAAI,EAAE;AAAA,EAC7C,QAAQ;AACN,UAAM,IAAI,MAAM,sDAAsD,KAAK,UAAU,GAAG,CAAC,GAAG;AAAA,EAC9F;AACA,MAAI,OAAO,aAAa,WAAW,OAAO,aAAa,UAAU;AAC/D,UAAM,IAAI;AAAA,MACR,+CAA+C,OAAO,QAAQ;AAAA,IAChE;AAAA,EACF;AACA,MAAI,OAAO,WAAW,YAAY;AAShC,QAAI,QAAQ,IAAI,aAAa,cAAc;AACzC,cAAQ;AAAA,QACN,4CAA4C,OAAO,MAAM;AAAA,MAG3D;AACA;AAAA,IACF;AACA,UAAM,IAAI;AAAA,MACR,oDAAoD,OAAO,MAAM;AAAA,IACnE;AAAA,EACF;AACF;","names":["useState","useEffect","adapter"]}

package/dist/chunk-TFSYSWPS.cjs

@@ -1,89 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }"use client";
-
-
-
-var _chunkYETA25JWcjs = require('./chunk-YETA25JW.cjs');
-
-// src/hooks/use-near-viewport.ts
-var _react = require('react');
-var observers = /* @__PURE__ */ new Map();
-var subscribers = /* @__PURE__ */ new WeakMap();
-function getObserverFor(rootMargin) {
-  const existing = observers.get(rootMargin);
-  if (existing) return existing;
-  const io = new IntersectionObserver(
-    (entries) => {
-      entries.forEach((entry) => {
-        if (!entry.isIntersecting) return;
-        const cb = subscribers.get(entry.target);
-        if (cb) {
-          cb();
-          io.unobserve(entry.target);
-          subscribers.delete(entry.target);
-        }
-      });
-    },
-    { rootMargin }
-  );
-  observers.set(rootMargin, io);
-  return io;
-}
-function useNearViewport(rootMargin = "500px") {
-  const [isNear, setIsNear] = _react.useState.call(void 0, false);
-  const elRef = _react.useRef.call(void 0, null);
-  const ref = _react.useCallback.call(void 0, 
-    (node) => {
-      const prev = elRef.current;
-      if (prev) {
-        const stillOurs = subscribers.get(prev);
-        if (stillOurs) {
-          subscribers.delete(prev);
-          _optionalChain([observers, 'access', _ => _.get, 'call', _2 => _2(rootMargin), 'optionalAccess', _3 => _3.unobserve, 'call', _4 => _4(prev)]);
-        }
-      }
-      elRef.current = node;
-      if (!node) return;
-      const cb = () => setIsNear(true);
-      subscribers.set(node, cb);
-      getObserverFor(rootMargin).observe(node);
-    },
-    [rootMargin]
-  );
-  _react.useEffect.call(void 0, () => {
-    return () => {
-      const el = elRef.current;
-      if (!el) return;
-      if (subscribers.get(el)) {
-        subscribers.delete(el);
-        _optionalChain([observers, 'access', _5 => _5.get, 'call', _6 => _6(rootMargin), 'optionalAccess', _7 => _7.unobserve, 'call', _8 => _8(el)]);
-      }
-    };
-  }, [rootMargin]);
-  return { ref, isNear };
-}
-
-// src/hooks/use-og-placeholder.ts
-
-function useOgPlaceholder(buildUrl, title, siteName = "", enabled = true, aspect = "wide") {
-  return _react.useMemo.call(void 0, () => {
-    if (!enabled || !title) return null;
-    const options = {};
-    if (siteName) options.site = siteName;
-    if (aspect === "square") options.aspect = "square";
-    return buildUrl(title, options);
-  }, [buildUrl, title, siteName, enabled, aspect]);
-}
-
-// src/utils/embed-content-fetch.ts
-var contentFetch = (input, init) => {
-  if (!_chunkYETA25JWcjs.hasEmbedAuthAdapter.call(void 0, )) return fetch(input, init);
-  const url = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
-  return _chunkYETA25JWcjs.embedAuthedFetch.call(void 0, url, init);
-};
-
-
-
-
-
-exports.contentFetch = contentFetch; exports.useNearViewport = useNearViewport; exports.useOgPlaceholder = useOgPlaceholder;
-//# sourceMappingURL=chunk-TFSYSWPS.cjs.map

package/dist/chunk-TFSYSWPS.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["/home/runner/work/openframe-oss-lib/openframe-oss-lib/openframe-frontend-core/dist/chunk-TFSYSWPS.cjs","../src/hooks/use-near-viewport.ts","../src/hooks/use-og-placeholder.ts","../src/utils/embed-content-fetch.ts"],"names":[],"mappings":"AAAA,ylBAAY;AACZ;AACE;AACA;AACF,wDAA6B;AAC7B;AACA;ACuBA,8BAAyD;AAIzD,IAAM,UAAA,kBAAY,IAAI,GAAA,CAAkC,CAAA;AACxD,IAAM,YAAA,kBAAc,IAAI,OAAA,CAA6B,CAAA;AAErD,SAAS,cAAA,CAAe,UAAA,EAA0C;AAChE,EAAA,MAAM,SAAA,EAAW,SAAA,CAAU,GAAA,CAAI,UAAU,CAAA;AACzC,EAAA,GAAA,CAAI,QAAA,EAAU,OAAO,QAAA;AAErB,EAAA,MAAM,GAAA,EAAK,IAAI,oBAAA;AAAA,IACb,CAAC,OAAA,EAAA,GAAY;AACX,MAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,KAAA,EAAA,GAAU;AACzB,QAAA,GAAA,CAAI,CAAC,KAAA,CAAM,cAAA,EAAgB,MAAA;AAG3B,QAAA,MAAM,GAAA,EAAK,WAAA,CAAY,GAAA,CAAI,KAAA,CAAM,MAAM,CAAA;AACvC,QAAA,GAAA,CAAI,EAAA,EAAI;AACN,UAAA,EAAA,CAAG,CAAA;AACH,UAAA,EAAA,CAAG,SAAA,CAAU,KAAA,CAAM,MAAM,CAAA;AACzB,UAAA,WAAA,CAAY,MAAA,CAAO,KAAA,CAAM,MAAM,CAAA;AAAA,QACjC;AAAA,MACF,CAAC,CAAA;AAAA,IACH,CAAA;AAAA,IACA,EAAE,WAAW;AAAA,EACf,CAAA;AACA,EAAA,SAAA,CAAU,GAAA,CAAI,UAAA,EAAY,EAAE,CAAA;AAC5B,EAAA,OAAO,EAAA;AACT;AAeO,SAAS,eAAA,CACd,WAAA,EAAqB,OAAA,EACK;AAC1B,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,EAAA,EAAI,6BAAA,KAAc,CAAA;AAC1C,EAAA,MAAM,MAAA,EAAQ,2BAAA,IAAqB,CAAA;AAGnC,EAAA,MAAM,IAAA,EAAM,gCAAA;AAAA,IACV,CAAC,IAAA,EAAA,GAAmB;AAClB,MAAA,MAAM,KAAA,EAAO,KAAA,CAAM,OAAA;AAInB,MAAA,GAAA,CAAI,IAAA,EAAM;AACR,QAAA,MAAM,UAAA,EAAY,WAAA,CAAY,GAAA,CAAI,IAAI,CAAA;AACtC,QAAA,GAAA,CAAI,SAAA,EAAW;AACb,UAAA,WAAA,CAAY,MAAA,CAAO,IAAI,CAAA;AACvB,0BAAA,SAAA,mBAAU,GAAA,mBAAI,UAAU,CAAA,6BAAG,SAAA,mBAAU,IAAI,GAAA;AAAA,QAC3C;AAAA,MACF;AAEA,MAAA,KAAA,CAAM,QAAA,EAAU,IAAA;AAChB,MAAA,GAAA,CAAI,CAAC,IAAA,EAAM,MAAA;AAEX,MAAA,MAAM,GAAA,EAAK,CAAA,EAAA,GAAM,SAAA,CAAU,IAAI,CAAA;AAC/B,MAAA,WAAA,CAAY,GAAA,CAAI,IAAA,EAAM,EAAE,CAAA;AACxB,MAAA,cAAA,CAAe,UAAU,CAAA,CAAE,OAAA,CAAQ,IAAI,CAAA;AAAA,IACzC,CAAA;AAAA,IACA,CAAC,UAAU;AAAA,EACb,CAAA;AAGA,EAAA,8BAAA,CAAU,EAAA,GAAM;AACd,IAAA,OAAO,CAAA,EAAA,GAAM;AACX,MAAA,MAAM,GAAA,EAAK,KAAA,CAAM,OAAA;AACjB,MAAA,GAAA,CAAI,CAAC,EAAA,EAAI,MAAA;AACT,MAAA,GAAA,CAAI,WAAA,CAAY,GAAA,CAAI,EAAE,CAAA,EAAG;AACvB,QAAA,WAAA,CAAY,MAAA,CAAO,EAAE,CAAA;AACrB,wBAAA,SAAA,qBAAU,GAAA,mBAAI,UAAU,CAAA,6BAAG,SAAA,mBAAU,EAAE,GAAA;AAAA,MACzC;AAAA,IACF,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,UAAU,CAAC,CAAA;AAEf,EAAA,OAAO,EAAE,GAAA,EAAK,OAAO,CAAA;AACvB;ADtDA;AACA;AE9DA;AA4BO,SAAS,gBAAA,CACd,QAAA,EACA,KAAA,EACA,SAAA,EAAmB,EAAA,EACnB,QAAA,EAAmB,IAAA,EACnB,OAAA,EAA4B,MAAA,EACb;AACf,EAAA,OAAO,4BAAA,CAAQ,EAAA,GAAM;AACnB,IAAA,GAAA,CAAI,CAAC,QAAA,GAAW,CAAC,KAAA,EAAO,OAAO,IAAA;AAC/B,IAAA,MAAM,QAAA,EAAyD,CAAC,CAAA;AAChE,IAAA,GAAA,CAAI,QAAA,EAAU,OAAA,CAAQ,KAAA,EAAO,QAAA;AAC7B,IAAA,GAAA,CAAI,OAAA,IAAW,QAAA,EAAU,OAAA,CAAQ,OAAA,EAAS,QAAA;AAC1C,IAAA,OAAO,QAAA,CAAS,KAAA,EAAO,OAAO,CAAA;AAAA,EAChC,CAAA,EAAG,CAAC,QAAA,EAAU,KAAA,EAAO,QAAA,EAAU,OAAA,EAAS,MAAM,CAAC,CAAA;AACjD;AF+BA;AACA;AGtDO,IAAM,aAAA,EAA6B,CAAC,KAAA,EAAO,IAAA,EAAA,GAAS;AACzD,EAAA,GAAA,CAAI,CAAC,mDAAA,CAAoB,EAAG,OAAO,KAAA,CAAM,KAAA,EAAO,IAAI,CAAA;AAGpD,EAAA,MAAM,IAAA,EACJ,OAAO,MAAA,IAAU,SAAA,EAAW,MAAA,EAAQ,MAAA,WAAiB,IAAA,EAAM,KAAA,CAAM,KAAA,EAAQ,KAAA,CAAkB,GAAA;AAC7F,EAAA,OAAO,gDAAA,GAAiB,EAAK,IAAI,CAAA;AACnC,CAAA;AHqDA;AACA;AACE;AACA;AACA;AACF,4HAAC","file":"/home/runner/work/openframe-oss-lib/openframe-oss-lib/openframe-frontend-core/dist/chunk-TFSYSWPS.cjs","sourcesContent":[null,"/**\n * useNearViewport — module-level shared IntersectionObserver in hook form.\n *\n * Single IO instance per `rootMargin` value, shared across every component\n * that mounts the hook. Reduces overhead vs. one IO per component on\n * grid/list pages where many subscribers observe the viewport with the same\n * margin. Promoted from the inline singleton at\n * `multi-platform-hub/components/shared/video-bites-display.tsx:21-43`,\n * which is the only IO pattern in either repo today.\n *\n * Usage:\n * ```tsx\n * function MyCard() {\n *   const { ref, isNear } = useNearViewport('500px');\n *   return <div ref={ref}>{isNear ? <HeavyChild /> : <Placeholder />}</div>;\n * }\n * ```\n *\n * StrictMode safety: cleanup uses an identity check on the registered\n * callback so React's dev double-mount (mount → cleanup → re-mount) does\n * not drop the second mount's freshly-set subscription. The IO callback\n * also checks `subscribers.get(target)` before invoking so a fire that\n * races with unmount cannot crash on a torn-down component.\n *\n * The hook fires once — on first intersection it sets `isNear=true` and\n * unobserves the element. Callers that need re-observation should\n * unmount and remount (or fork the hook for two-way behavior).\n */\n\nimport { useEffect, useRef, useState, useCallback } from 'react';\n\n// Per-rootMargin IO map. Multiple call sites with different margins each\n// get their own singleton observer.\nconst observers = new Map<string, IntersectionObserver>();\nconst subscribers = new WeakMap<Element, () => void>();\n\nfunction getObserverFor(rootMargin: string): IntersectionObserver {\n  const existing = observers.get(rootMargin);\n  if (existing) return existing;\n\n  const io = new IntersectionObserver(\n    (entries) => {\n      entries.forEach((entry) => {\n        if (!entry.isIntersecting) return;\n        // Race-safe: re-read the callback at fire time. A late IO firing\n        // after cleanup must not invoke a stale callback.\n        const cb = subscribers.get(entry.target);\n        if (cb) {\n          cb();\n          io.unobserve(entry.target);\n          subscribers.delete(entry.target);\n        }\n      });\n    },\n    { rootMargin }\n  );\n  observers.set(rootMargin, io);\n  return io;\n}\n\nexport interface UseNearViewportResult<T extends Element = HTMLElement> {\n  /** Ref to attach to the element you want to gate on visibility. */\n  ref: (node: T | null) => void;\n  /** Flips to `true` once the element enters within `rootMargin` of the viewport. Never flips back. */\n  isNear: boolean;\n}\n\n/**\n * @param rootMargin Margin around the viewport (CSS-style string).\n *                   '500px' = element starts mounting 500px before scroll-in.\n *                   '1000px' = a full viewport's worth of lookahead.\n *                   '0px' = strict on-screen detection.\n */\nexport function useNearViewport<T extends Element = HTMLElement>(\n  rootMargin: string = '500px'\n): UseNearViewportResult<T> {\n  const [isNear, setIsNear] = useState(false);\n  const elRef = useRef<T | null>(null);\n\n  // Subscribe/unsubscribe on element change.\n  const ref = useCallback(\n    (node: T | null) => {\n      const prev = elRef.current;\n\n      // Unsubscribe previous, if any. Identity-check the callback so a\n      // StrictMode re-mount that has already re-registered keeps its sub.\n      if (prev) {\n        const stillOurs = subscribers.get(prev);\n        if (stillOurs) {\n          subscribers.delete(prev);\n          observers.get(rootMargin)?.unobserve(prev);\n        }\n      }\n\n      elRef.current = node;\n      if (!node) return;\n\n      const cb = () => setIsNear(true);\n      subscribers.set(node, cb);\n      getObserverFor(rootMargin).observe(node);\n    },\n    [rootMargin]\n  );\n\n  // Unsubscribe on unmount. Identity check guards the StrictMode race.\n  useEffect(() => {\n    return () => {\n      const el = elRef.current;\n      if (!el) return;\n      if (subscribers.get(el)) {\n        subscribers.delete(el);\n        observers.get(rootMargin)?.unobserve(el);\n      }\n    };\n  }, [rootMargin]);\n\n  return { ref, isNear };\n}\n","'use client'\n\nimport { useMemo } from 'react'\n\n/**\n * Hook that generates a branded placeholder image URL using the\n * host's `/api/og-placeholder` server-side image generator (or any\n * builder the caller supplies).\n *\n * THIS HOOK IS A THIN CLIENT-SIDE WRAPPER. The hub-side wrapper\n * (`hooks/use-og-placeholder.ts` in multi-platform-hub) injects its\n * canonical `buildOgPlaceholderUrl` from `lib/utils/entity-image.ts`.\n * The lib version takes the builder as an argument so the lib has no\n * hub dependency.\n *\n * @param buildUrl - Function that builds the placeholder URL from a\n *                   title + options object (`{ site?, aspect? }`).\n *                   Hub passes `buildOgPlaceholderUrl` from\n *                   `lib/utils/entity-image.ts`. Embedded apps can\n *                   wire any equivalent that hits their own placeholder\n *                   route.\n * @param title    - Text to display on the placeholder\n * @param siteName - Site name shown below the title (optional —\n *                   defaults to empty)\n * @param enabled  - Whether to generate the URL (default: true)\n * @param aspect   - `'wide'` (1200×630 social-card; default) or `'square'`\n *                   (1024×1024 — used by compact chat-inline card slots\n *                   so `object-cover` doesn't crop the title off).\n * @returns Placeholder image URL or null if disabled / no title\n */\nexport function useOgPlaceholder(\n  buildUrl: (title: string, options: { site?: string; aspect?: 'wide' | 'square' }) => string,\n  title: string | undefined | null,\n  siteName: string = '',\n  enabled: boolean = true,\n  aspect: 'wide' | 'square' = 'wide',\n): string | null {\n  return useMemo(() => {\n    if (!enabled || !title) return null\n    const options: { site?: string; aspect?: 'wide' | 'square' } = {}\n    if (siteName) options.site = siteName\n    if (aspect === 'square') options.aspect = 'square'\n    return buildUrl(title, options)\n  }, [buildUrl, title, siteName, enabled, aspect])\n}\n","'use client'\n\n/**\n * `contentFetch` — the fetch the lib's SELF-FETCHING content surfaces use:\n * roadmap (list + vote + per-task refresh), delivery, product releases,\n * onboarding guides (catalog + detail), legal docs, and the release-detail\n * injected roadmap/delivery sections.\n *\n * It deliberately reuses the SINGLE embed-auth knob — the registered\n * `EmbedAuthAdapter` — instead of introducing a second registration:\n *   - adapter registered (host opted into embedded auth, e.g. openframe-frontend\n *     for its embedded chat) → route through `embedAuthedFetch`, so content GETs/\n *     POSTs carry the SAME bearer/cookie + 401-refresh as the chat.\n *   - no adapter (the public hub, or the embedding example whose proxy injects\n *     auth server-side) → a plain, byte-for-byte unchanged `fetch`.\n *\n * So a host wires auth ONCE (the chat adapter) and content inherits it; there is\n * no content-specific fetcher to configure.\n */\n\nimport { embedAuthedFetch, hasEmbedAuthAdapter } from './embed-authed-fetch'\n\nexport const contentFetch: typeof fetch = (input, init) => {\n  if (!hasEmbedAuthAdapter()) return fetch(input, init)\n  // embedAuthedFetch takes a string url; coerce the broader `fetch` input shape\n  // (content surfaces always pass strings, but handle URL/Request defensively).\n  const url =\n    typeof input === 'string' ? input : input instanceof URL ? input.href : (input as Request).url\n  return embedAuthedFetch(url, init)\n}\n"]}