@fluid-app/portal-sdk 0.1.106 → 0.1.108

package/dist/{ContactsScreen-D81raD2s.cjs → ContactsScreen-D2DYk3A-.cjs}

@@ -1,5 +1,5 @@
 require("./chunk-9hOWP6kD.cjs");
-require("./FluidProvider-DbYLBGGg.cjs");
+require("./FluidProvider-NnE6s3O0.cjs");
 require("./PointsWidget-DG0QQHqL.cjs");
 require("./error-state-Bpq2CYvz.cjs");
 require("./ScreenRenderer-DFcTR685.cjs");
@@ -34,10 +34,10 @@ require("./TableWidget-DiqQBV7-.cjs");
 require("./ToDoWidget-DZUvDwnJ.cjs");
 require("./VideoWidget-BmVIIfvM.cjs");
 require("./ScreenHeaderContext-DpVOhFzT.cjs");
-require("./dist-DRVtlgQ1.cjs");
-const require_ContactsScreen = require("./ContactsScreen-CFC32ATZ.cjs");
-require("./order-detail-CksE8d5w.cjs");
-require("./src-C_kOrGdZ.cjs");
-require("./dist-Ck9MGRmE.cjs");
+require("./dist-BbS_7TvS.cjs");
+const require_ContactsScreen = require("./ContactsScreen-C6cCTl51.cjs");
+require("./order-detail-Bq7_UZ75.cjs");
+require("./src-Bp-dRR29.cjs");
+require("./dist-DkYXiQQ1.cjs");
 exports.ContactsScreen = require_ContactsScreen.ContactsScreen;
 exports.contactsScreenPropertySchema = require_ContactsScreen.contactsScreenPropertySchema;

package/dist/{FluidProvider-DbYLBGGg.cjs → FluidProvider-NnE6s3O0.cjs}

@@ -27,7 +27,6 @@ const require_VideoWidget = require("./VideoWidget-BmVIIfvM.cjs");
 let react = require("react");
 let _tanstack_react_query = require("@tanstack/react-query");
 let react_jsx_runtime = require("react/jsx-runtime");
-let node_buffer = require("node:buffer");
 let zod = require("zod");
 let colorjs_io = require("colorjs.io");
 colorjs_io = require_chunk.__toESM(colorjs_io);
@@ -1159,210 +1158,6 @@ const URL_PARAMS = {
 function isBrowser() {
 	return typeof window !== "undefined" && typeof document !== "undefined";
 }
-new TextEncoder();
-const decoder = new TextDecoder();
-//#endregion
-//#region ../../../node_modules/.pnpm/jose@5.10.0/node_modules/jose/dist/node/esm/runtime/base64url.js
-function normalize(input) {
-	let encoded = input;
-	if (encoded instanceof Uint8Array) encoded = decoder.decode(encoded);
-	return encoded;
-}
-const decode$1 = (input) => new Uint8Array(node_buffer.Buffer.from(normalize(input), "base64url"));
-//#endregion
-//#region ../../../node_modules/.pnpm/jose@5.10.0/node_modules/jose/dist/node/esm/util/errors.js
-var JOSEError = class extends Error {
-	static code = "ERR_JOSE_GENERIC";
-	code = "ERR_JOSE_GENERIC";
-	constructor(message, options) {
-		super(message, options);
-		this.name = this.constructor.name;
-		Error.captureStackTrace?.(this, this.constructor);
-	}
-};
-var JWTInvalid = class extends JOSEError {
-	static code = "ERR_JWT_INVALID";
-	code = "ERR_JWT_INVALID";
-};
-Symbol.asyncIterator;
-//#endregion
-//#region ../../../node_modules/.pnpm/jose@5.10.0/node_modules/jose/dist/node/esm/lib/is_object.js
-function isObjectLike(value) {
-	return typeof value === "object" && value !== null;
-}
-function isObject(input) {
-	if (!isObjectLike(input) || Object.prototype.toString.call(input) !== "[object Object]") return false;
-	if (Object.getPrototypeOf(input) === null) return true;
-	let proto = input;
-	while (Object.getPrototypeOf(proto) !== null) proto = Object.getPrototypeOf(proto);
-	return Object.getPrototypeOf(input) === proto;
-}
-const decode = decode$1;
-//#endregion
-//#region ../../../node_modules/.pnpm/jose@5.10.0/node_modules/jose/dist/node/esm/util/decode_jwt.js
-function decodeJwt(jwt) {
-	if (typeof jwt !== "string") throw new JWTInvalid("JWTs must use Compact JWS serialization, JWT must be a string");
-	const { 1: payload, length } = jwt.split(".");
-	if (length === 5) throw new JWTInvalid("Only JWTs using Compact JWS serialization can be decoded");
-	if (length !== 3) throw new JWTInvalid("Invalid JWT");
-	if (!payload) throw new JWTInvalid("JWTs must contain a payload");
-	let decoded;
-	try {
-		decoded = decode(payload);
-	} catch {
-		throw new JWTInvalid("Failed to base64url decode the payload");
-	}
-	let result;
-	try {
-		result = JSON.parse(decoder.decode(decoded));
-	} catch {
-		throw new JWTInvalid("Failed to parse the decoded payload as JSON");
-	}
-	if (!isObject(result)) throw new JWTInvalid("Invalid JWT Claims Set");
-	return result;
-}
-//#endregion
-//#region ../../platform/auth/src/token-utils.ts
-/**
-* Token Utilities
-*
-* Functions for decoding, validating, and checking JWT tokens.
-*/
-/**
-* Extract a JWTPayload from a jose-decoded JWT payload.
-*
-* Type assertions are required because jose's payload type uses `unknown`
-* for custom claims. This helper centralises the mapping so that
-* both {@link decodeToken} and {@link verifyToken} share the same logic.
-*/
-function extractPayloadFromJose(decoded) {
-	const rawUserType = decoded.user_type;
-	const rawOgUserType = decoded.og_user_type;
-	return {
-		id: typeof decoded.id === "number" ? decoded.id : void 0,
-		email: typeof decoded.email === "string" ? decoded.email : void 0,
-		full_name: typeof decoded.full_name === "string" ? decoded.full_name : void 0,
-		user_type: typeof rawUserType === "string" && isUserType(rawUserType) ? rawUserType : "rep",
-		og_user_type: typeof rawOgUserType === "string" && isUserType(rawOgUserType) ? rawOgUserType : void 0,
-		company_id: typeof decoded.company_id === "number" ? decoded.company_id : void 0,
-		exp: decoded.exp,
-		auth_type: typeof decoded.auth_type === "string" ? decoded.auth_type : void 0
-	};
-}
-/**
-* Decode a JWT token and extract its payload.
-*
-* **Security note:** This function does NOT verify the JWT signature.
-* It only decodes the payload. Any valid JWT structure will be accepted,
-* regardless of who signed it.
-*
-* Client-side token decoding is used for UX purposes only (displaying
-* user info, role-based UI). The real security boundary is the server-side
-* API, which verifies the signature on every request.
-*
-* For signature verification, use {@link verifyToken} with a JWKS URL.
-*
-* @param token - The JWT token string
-* @returns The decoded JWT payload, or null if decoding fails
-*/
-function decodeToken(token) {
-	try {
-		return extractPayloadFromJose(decodeJwt(token));
-	} catch (error) {
-		console.error("[FluidAuth] Failed to decode JWT token:", error);
-		return null;
-	}
-}
-/**
-* Check if a token has expired.
-* Includes a configurable grace period to account for clock skew.
-*
-* @param token - The JWT token string
-* @param gracePeriodMs - Grace period in milliseconds (default: 30 seconds)
-* @returns true if the token is expired, false otherwise
-*/
-function isTokenExpired(token, gracePeriodMs = AUTH_CONSTANTS.TOKEN_GRACE_PERIOD_MS) {
-	try {
-		const decoded = decodeJwt(token);
-		if (!decoded.exp) return false;
-		const expirationTime = decoded.exp * 1e3;
-		return Date.now() > expirationTime + gracePeriodMs;
-	} catch {
-		return true;
-	}
-}
-/**
-* Validate a JWT token for format and expiration.
-*
-* **Security note:** This function checks JWT structure and expiration
-* but does NOT verify the signature. It is a UX-level check only.
-* For signature verification, use {@link verifyToken} with a JWKS URL.
-*
-* @param token - The JWT token string
-* @param gracePeriodMs - Grace period for expiration check (default: 30 seconds)
-* @returns Validation result with status and decoded payload if valid
-*/
-function validateToken(token, gracePeriodMs = AUTH_CONSTANTS.TOKEN_GRACE_PERIOD_MS) {
-	if (!token || token.trim() === "") return {
-		isValid: false,
-		error: "Token is empty or not provided"
-	};
-	const payload = decodeToken(token);
-	if (!payload) return {
-		isValid: false,
-		error: "Token has invalid format"
-	};
-	if (isTokenExpired(token, gracePeriodMs)) return {
-		isValid: false,
-		payload,
-		error: "Token has expired"
-	};
-	return {
-		isValid: true,
-		payload
-	};
-}
-/**
-* Type guard to check if a validation result is valid.
-* Enables TypeScript narrowing of the result type.
-*
-* @param result - The validation result to check
-* @returns true if the token is valid (narrows payload to non-optional)
-*/
-function isValidToken(result) {
-	return result.isValid === true;
-}
-/**
-* Get the expiration time of a token as a Date.
-*
-* @param token - The JWT token string
-* @returns The expiration Date, or null if token has no expiration or is invalid
-*/
-function getTokenExpiration(token) {
-	try {
-		const decoded = decodeJwt(token);
-		if (!decoded.exp) return null;
-		return /* @__PURE__ */ new Date(decoded.exp * 1e3);
-	} catch {
-		return null;
-	}
-}
-/**
-* Get the time remaining until token expiration in milliseconds.
-*
-* @param token - The JWT token string
-* @returns Milliseconds until expiration, or 0 if expired/invalid, or Infinity if no expiration
-*/
-function getTokenTimeRemaining(token) {
-	try {
-		const decoded = decodeJwt(token);
-		if (!decoded.exp) return Infinity;
-		const remaining = decoded.exp * 1e3 - Date.now();
-		return Math.max(0, remaining);
-	} catch {
-		return 0;
-	}
-}
 //#endregion
 //#region ../../platform/auth/src/token-storage.ts
 /**
@@ -1372,33 +1167,6 @@ function getTokenTimeRemaining(token) {
 * cookies and localStorage.
 */
 /**
-* Parse cookies from document.cookie string into an object.
-*/
-function parseCookies() {
-	if (!isBrowser()) return {};
-	const cookies = {};
-	const cookieString = document.cookie;
-	if (!cookieString) return cookies;
-	cookieString.split(";").forEach((cookie) => {
-		const [name, ...valueParts] = cookie.trim().split("=");
-		if (name) cookies[name] = decodeURIComponent(valueParts.join("="));
-	});
-	return cookies;
-}
-/**
-* Set a cookie with the given options.
-*/
-function setCookie(name, value, options = {}) {
-	if (!isBrowser()) return;
-	const { maxAge = AUTH_CONSTANTS.COOKIE_MAX_AGE, path = "/", sameSite = "lax", secure = window.location.protocol === "https:" } = options;
-	let cookieString = `${name}=${encodeURIComponent(value)}`;
-	cookieString += `; path=${path}`;
-	cookieString += `; max-age=${maxAge}`;
-	cookieString += `; samesite=${sameSite}`;
-	if (secure) cookieString += "; secure";
-	document.cookie = cookieString;
-}
-/**
 * Delete a cookie by setting its max-age to 0.
 */
 function deleteCookie(name, path = "/") {
@@ -1406,53 +1174,6 @@ function deleteCookie(name, path = "/") {
 	document.cookie = `${name}=; path=${path}; max-age=0`;
 }
 /**
-* Get the stored auth token.
-* Checks cookie first, then falls back to localStorage.
-*
-* @param config - Optional auth config for custom cookie key
-* @returns The stored token or null if not found
-*/
-function getStoredToken(config) {
-	if (!isBrowser()) return null;
-	const cookieKey = config?.cookieKey ?? STORAGE_KEYS.AUTH_COOKIE;
-	const localStorageKey = STORAGE_KEYS.USER_TOKEN;
-	const cookieToken = parseCookies()[cookieKey];
-	if (cookieToken) return cookieToken;
-	try {
-		return localStorage.getItem(localStorageKey);
-	} catch {
-		return null;
-	}
-}
-/**
-* Store an auth token in both cookie and localStorage.
-* Using both provides redundancy and compatibility with different auth flows.
-*
-* @param token - The JWT token to store
-* @param config - Optional auth config for custom storage options
-*/
-function storeToken(token, config) {
-	if (!isBrowser()) return;
-	const cookieKey = config?.cookieKey ?? STORAGE_KEYS.AUTH_COOKIE;
-	const maxAge = config?.cookieMaxAge ?? AUTH_CONSTANTS.COOKIE_MAX_AGE;
-	try {
-		const sameSite = window.self !== window.top ? "none" : "lax";
-		setCookie(cookieKey, token, {
-			maxAge,
-			path: "/",
-			sameSite,
-			secure: sameSite === "none" || window.location.protocol === "https:"
-		});
-	} catch (error) {
-		console.warn("[FluidAuth] Failed to store token in cookie:", error);
-	}
-	try {
-		localStorage.setItem(STORAGE_KEYS.USER_TOKEN, token);
-	} catch (error) {
-		console.warn("[FluidAuth] Failed to store token in localStorage:", error);
-	}
-}
-/**
 * Clear all stored auth tokens from cookies and localStorage.
 *
 * @param config - Optional auth config for custom cookie key
@@ -1468,15 +1189,6 @@ function clearTokens(config) {
 		localStorage.removeItem(STORAGE_KEYS.COMPANY_TOKEN);
 	} catch {}
 }
-/**
-* Check if any auth token is stored.
-*
-* @param config - Optional auth config
-* @returns true if a token is stored, false otherwise
-*/
-function hasStoredToken(config) {
-	return getStoredToken(config) !== null;
-}
 //#endregion
 //#region ../../platform/auth/src/url-token.ts
 /**
@@ -1492,35 +1204,6 @@ function hasStoredToken(config) {
 * starter template prevents the token from leaking in referrer headers.
 */
 /**
-* Extract the auth token from the URL query parameters.
-*
-* @param tokenKey - The URL parameter name (default: "fluidUserToken")
-* @returns The token value or null if not present
-*/
-function extractTokenFromUrl(tokenKey = URL_PARAMS.USER_TOKEN) {
-	if (!isBrowser()) return null;
-	try {
-		return new URLSearchParams(window.location.search).get(tokenKey);
-	} catch {
-		return null;
-	}
-}
-/**
-* Extract the company token from the URL query parameters.
-* This is a legacy parameter that may still be used in some flows.
-*
-* @param tokenKey - The URL parameter name (default: "fluidCompanyToken")
-* @returns The token value or null if not present
-*/
-function extractCompanyTokenFromUrl(tokenKey = URL_PARAMS.COMPANY_TOKEN) {
-	if (!isBrowser()) return null;
-	try {
-		return new URLSearchParams(window.location.search).get(tokenKey);
-	} catch {
-		return null;
-	}
-}
-/**
 * Remove the auth token from the URL without reloading the page.
 * This prevents the token from being accidentally shared via URL copy/paste
 * or appearing in browser history.
@@ -1542,45 +1225,6 @@ function cleanTokenFromUrl(tokenKey = URL_PARAMS.USER_TOKEN) {
 		console.warn("[FluidAuth] Failed to clean token from URL:", error);
 	}
 }
-/**
-* Check if the URL contains an auth token parameter.
-*
-* @param tokenKey - The URL parameter name (default: "fluidUserToken")
-* @returns true if the URL contains the token parameter
-*/
-function hasTokenInUrl(tokenKey = URL_PARAMS.USER_TOKEN) {
-	if (!isBrowser()) return false;
-	try {
-		return new URLSearchParams(window.location.search).has(tokenKey);
-	} catch {
-		return false;
-	}
-}
-/**
-* Extract all auth-related tokens from the URL at once.
-*
-* @param userTokenKey - The URL parameter name for user token
-* @param companyTokenKey - The URL parameter name for company token
-* @returns Object with both token values (or null if not present)
-*/
-function extractAllTokensFromUrl(userTokenKey = URL_PARAMS.USER_TOKEN, companyTokenKey = URL_PARAMS.COMPANY_TOKEN) {
-	if (!isBrowser()) return {
-		userToken: null,
-		companyToken: null
-	};
-	try {
-		const searchParams = new URLSearchParams(window.location.search);
-		return {
-			userToken: searchParams.get(userTokenKey),
-			companyToken: searchParams.get(companyTokenKey)
-		};
-	} catch {
-		return {
-			userToken: null,
-			companyToken: null
-		};
-	}
-}
 zod.z.object({
 	id: zod.z.number(),
 	name: zod.z.string(),
@@ -2985,13 +2629,11 @@ function authReducer(state, action) {
 	switch (action.type) {
 		case "SET_AUTH": return {
 			isLoading: false,
-			token: null,
 			user: action.user,
 			error: action.error
 		};
 		case "CLEAR_AUTH": return {
 			...state,
-			token: null,
 			user: null,
 			error: null
 		};
@@ -3003,7 +2645,6 @@ function authReducer(state, action) {
 }
 const initialAuthState = {
 	isLoading: true,
-	token: null,
 	user: null,
 	error: null
 };
@@ -3036,7 +2677,7 @@ function FluidAuthProvider({ children, config }) {
 	const configRef = (0, react.useRef)(config);
 	configRef.current = config;
 	const [state, dispatch] = (0, react.useReducer)(authReducer, initialAuthState);
-	const { isLoading, token, user, error } = state;
+	const { isLoading, user, error } = state;
 	(0, react.useEffect)(() => {
 		const initializeAuth = async () => {
 			const handleUnauthenticated = () => {
@@ -3083,11 +2724,9 @@ function FluidAuthProvider({ children, config }) {
 		isAuthenticated: user !== null,
 		isLoading,
 		user,
-		token,
 		clearAuth,
 		error
 	}), [
-		token,
 		isLoading,
 		user,
 		clearAuth,
@@ -3295,21 +2934,20 @@ function FluidProvider({ config, children, queryClient, initialTheme, themeConta
 */
 function CustomerIdEnricher({ baseUrl, getApiHeaders, variables, registry, themeProviderProps, onAuthError, children }) {
 	const authContext = useFluidAuthOptional();
-	const token = authContext?.token ?? "";
+	const isAuthenticated = authContext?.isAuthenticated ?? false;
 	const userId = authContext?.user?.id;
 	const onAuthErrorRef = (0, react.useRef)(onAuthError);
 	onAuthErrorRef.current = onAuthError;
 	const fluidPayApi = (0, react.useMemo)(() => {
 		return createFluidPayApi(createFetchClient({
 			baseUrl: baseUrl.endsWith("/api") ? baseUrl : `${baseUrl.replace(/\/+$/, "")}/api`,
-			getAuthToken: () => token,
 			onAuthError: () => onAuthErrorRef.current?.()
 		}));
-	}, [baseUrl, token]);
+	}, [baseUrl]);
 	const { data: customerData } = (0, _tanstack_react_query.useQuery)({
 		queryKey: ["fluidPayAccount", userId],
-		queryFn: () => fluidPayApi.customers.fetchAccount(token),
-		enabled: !!token
+		queryFn: () => fluidPayApi.customers.fetchAccount(""),
+		enabled: isAuthenticated
 	});
 	const customerId = customerData?.customer?.id;
 	return /* @__PURE__ */ (0, react_jsx_runtime.jsx)(FluidPayCoreProvider, {
@@ -3465,18 +3103,6 @@ Object.defineProperty(exports, "SHADE_STEPS", {
 		return SHADE_STEPS;
 	}
 });
-Object.defineProperty(exports, "STORAGE_KEYS", {
-	enumerable: true,
-	get: function() {
-		return STORAGE_KEYS;
-	}
-});
-Object.defineProperty(exports, "URL_PARAMS", {
-	enumerable: true,
-	get: function() {
-		return URL_PARAMS;
-	}
-});
 Object.defineProperty(exports, "USER_TYPES", {
 	enumerable: true,
 	get: function() {
@@ -3549,12 +3175,6 @@ Object.defineProperty(exports, "createWidgetRegistry", {
 		return createWidgetRegistry;
 	}
 });
-Object.defineProperty(exports, "decodeToken", {
-	enumerable: true,
-	get: function() {
-		return decodeToken;
-	}
-});
 Object.defineProperty(exports, "deleteDatabase", {
 	enumerable: true,
 	get: function() {
@@ -3573,24 +3193,6 @@ Object.defineProperty(exports, "deserialiseTheme", {
 		return deserialiseTheme;
 	}
 });
-Object.defineProperty(exports, "extractAllTokensFromUrl", {
-	enumerable: true,
-	get: function() {
-		return extractAllTokensFromUrl;
-	}
-});
-Object.defineProperty(exports, "extractCompanyTokenFromUrl", {
-	enumerable: true,
-	get: function() {
-		return extractCompanyTokenFromUrl;
-	}
-});
-Object.defineProperty(exports, "extractTokenFromUrl", {
-	enumerable: true,
-	get: function() {
-		return extractTokenFromUrl;
-	}
-});
 Object.defineProperty(exports, "generateShades", {
 	enumerable: true,
 	get: function() {
@@ -3621,60 +3223,18 @@ Object.defineProperty(exports, "getForegroundColor", {
 		return getForegroundColor;
 	}
 });
-Object.defineProperty(exports, "getStoredToken", {
-	enumerable: true,
-	get: function() {
-		return getStoredToken;
-	}
-});
-Object.defineProperty(exports, "getTokenExpiration", {
-	enumerable: true,
-	get: function() {
-		return getTokenExpiration;
-	}
-});
-Object.defineProperty(exports, "getTokenTimeRemaining", {
-	enumerable: true,
-	get: function() {
-		return getTokenTimeRemaining;
-	}
-});
-Object.defineProperty(exports, "hasStoredToken", {
-	enumerable: true,
-	get: function() {
-		return hasStoredToken;
-	}
-});
-Object.defineProperty(exports, "hasTokenInUrl", {
-	enumerable: true,
-	get: function() {
-		return hasTokenInUrl;
-	}
-});
 Object.defineProperty(exports, "isApiError", {
 	enumerable: true,
 	get: function() {
 		return isApiError;
 	}
 });
-Object.defineProperty(exports, "isTokenExpired", {
-	enumerable: true,
-	get: function() {
-		return isTokenExpired;
-	}
-});
 Object.defineProperty(exports, "isUserType", {
 	enumerable: true,
 	get: function() {
 		return isUserType;
 	}
 });
-Object.defineProperty(exports, "isValidToken", {
-	enumerable: true,
-	get: function() {
-		return isValidToken;
-	}
-});
 Object.defineProperty(exports, "mergeDarkOverrides", {
 	enumerable: true,
 	get: function() {
@@ -3717,12 +3277,6 @@ Object.defineProperty(exports, "serialiseTheme", {
 		return serialiseTheme;
 	}
 });
-Object.defineProperty(exports, "storeToken", {
-	enumerable: true,
-	get: function() {
-		return storeToken;
-	}
-});
 Object.defineProperty(exports, "toNavigationItem", {
 	enumerable: true,
 	get: function() {
@@ -3789,12 +3343,6 @@ Object.defineProperty(exports, "useThemeContext", {
 		return useThemeContext;
 	}
 });
-Object.defineProperty(exports, "validateToken", {
-	enumerable: true,
-	get: function() {
-		return validateToken;
-	}
-});
 Object.defineProperty(exports, "widgetPropertySchemas", {
 	enumerable: true,
 	get: function() {
@@ -3802,4 +3350,4 @@ Object.defineProperty(exports, "widgetPropertySchemas", {
 	}
 });
 
-//# sourceMappingURL=FluidProvider-DbYLBGGg.cjs.map
+//# sourceMappingURL=FluidProvider-NnE6s3O0.cjs.map