@forgerock/oidc-client 1.2.0 → 1.3.0

package/dist/src/lib/client.store.utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.store.utils.js","sourceRoot":"","sources":["../../../src/lib/client.store.utils.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,cAAc,EAAwB,MAAM,kBAAkB,CAAC;AACxE,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAKlD;;;;;;;GAOG;AACH,MAAM,UAAU,iBAAiB,CAAiC,EAChE,iBAAiB,EACjB,MAAM,GAIP;IACC,OAAO,cAAc,CAAC;QACpB,OAAO,EAAE;YACP,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC,OAAO;YACtC,CAAC,YAAY,CAAC,WAAW,CAAC,EAAE,YAAY,CAAC,OAAO;SACjD;QACD,UAAU,EAAE,CAAC,oBAAoB,EAAE,EAAE,CACnC,oBAAoB,CAAC;YACnB,KAAK,EAAE;gBACL,aAAa,EAAE;oBACb;;;uBAGG;oBACH,iBAAiB;oBACjB,MAAM;iBACP;aACF;SACF,CAAC;aACC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC;aAC/B,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;KAChC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAC/B,IAA+B,EAC/B,KAA6C;IAE7C,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,OAAO,GAAG,4CAA4C,CAAC;QAC3D,IAAI,MAAM,GAAoB,SAAS,CAAC;QACxC,IAAI,SAAS,IAAI,KAAK,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;YACxC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;QACD,IAAI,QAAQ,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;QACxB,CAAC;QACD,OAAO;YACL,KAAK,EAAE,qBAAqB;YAC5B,OAAO;YACP,IAAI,EAAE,YAAY;YAClB,MAAM;SACE,CAAC;IACb,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAAqD;IACpF,IAAI,KAAmB,CAAC;IAExB,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;QACzB,KAAK,GAAG;YACN,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,uDAAuD;YAChE,IAAI,EAAE,aAAa;SACX,CAAC;IACb,CAAC;SAAM,IAAI,IAAI,KAAK,iBAAiB,EAAE,CAAC;QACtC,KAAK,GAAG;YACN,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,sEAAsE;YAC/E,IAAI,EAAE,aAAa;SACX,CAAC;IACb,CAAC;SAAM,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;QAClC,KAAK,GAAG;YACN,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,2DAA2D;YACpE,IAAI,EAAE,aAAa;SACX,CAAC;IACb,CAAC;SAAM,CAAC;QACN,KAAK,GAAG;YACN,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,2DAA2D;YACpE,IAAI,EAAE,eAAe;SACb,CAAC;IACb,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/src/lib/client.types.d.ts

@@ -0,0 +1,35 @@
+import type { GenericError, GetAuthorizationUrlOptions } from '@forgerock/sdk-types';
+import type { StorageConfig } from '@forgerock/storage';
+import { createClientStore } from './client.store.utils.js';
+export type ClientStore = ReturnType<typeof createClientStore>;
+export type RootState = ReturnType<ClientStore['getState']>;
+export type AppDispatch = ReturnType<ClientStore['dispatch']>;
+export interface GetTokensOptions {
+    authorizeOptions?: GetAuthorizationUrlOptions;
+    backgroundRenew?: boolean;
+    forceRenew?: boolean;
+    storageOptions?: Partial<StorageConfig>;
+}
+export type RevokeSuccessResult = {
+    revokeResponse: null;
+    deleteResponse: null;
+};
+export type RevokeErrorResult = {
+    error: string;
+    revokeResponse: GenericError | null;
+    deleteResponse: GenericError | null;
+};
+export type LogoutSuccessResult = RevokeSuccessResult & {
+    sessionResponse: null;
+};
+export type LogoutErrorResult = {
+    error: string;
+    sessionResponse: GenericError | null;
+    revokeResponse: GenericError | null;
+    deleteResponse: GenericError | null;
+};
+export type UserInfoResponse = {
+    sub: string;
+    [key: string]: unknown;
+};
+//# sourceMappingURL=client.types.d.ts.map

package/dist/src/lib/client.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.types.d.ts","sourceRoot":"","sources":["../../../src/lib/client.types.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,YAAY,EAAE,0BAA0B,EAAE,MAAM,sBAAsB,CAAC;AACrF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAE5D,MAAM,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAE/D,MAAM,MAAM,SAAS,GAAG,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;AAE5D,MAAM,MAAM,WAAW,GAAG,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;AAE9D,MAAM,WAAW,gBAAgB;IAC/B,gBAAgB,CAAC,EAAE,0BAA0B,CAAC;IAC9C,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,cAAc,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;CACzC;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,cAAc,EAAE,IAAI,CAAC;IACrB,cAAc,EAAE,IAAI,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,YAAY,GAAG,IAAI,CAAC;IACpC,cAAc,EAAE,YAAY,GAAG,IAAI,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG,mBAAmB,GAAG;IACtD,eAAe,EAAE,IAAI,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,eAAe,EAAE,YAAY,GAAG,IAAI,CAAC;IACrC,cAAc,EAAE,YAAY,GAAG,IAAI,CAAC;IACpC,cAAc,EAAE,YAAY,GAAG,IAAI,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC"}

package/dist/src/lib/client.types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=client.types.js.map

package/dist/src/lib/client.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.types.js","sourceRoot":"","sources":["../../../src/lib/client.types.ts"],"names":[],"mappings":""}

package/dist/src/lib/config.types.d.ts

@@ -0,0 +1,22 @@
+import type { AsyncLegacyConfigOptions, WellKnownResponse, ResponseType } from '@forgerock/sdk-types';
+export interface OidcConfig extends AsyncLegacyConfigOptions {
+    clientId: string;
+    redirectUri: string;
+    scope: string;
+    serverConfig: {
+        wellknown: string;
+        timeout?: number;
+    };
+    responseType?: ResponseType;
+}
+export interface InternalDaVinciConfig extends OidcConfig {
+    wellknownResponse: WellKnownResponse;
+}
+export interface OauthTokens {
+    accessToken: string;
+    idToken: string;
+    refreshToken?: string;
+    expiresAt?: number;
+    expiryTimestamp?: number;
+}
+//# sourceMappingURL=config.types.d.ts.map

package/dist/src/lib/config.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.types.d.ts","sourceRoot":"","sources":["../../../src/lib/config.types.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EACV,wBAAwB,EACxB,iBAAiB,EACjB,YAAY,EACb,MAAM,sBAAsB,CAAC;AAE9B,MAAM,WAAW,UAAW,SAAQ,wBAAwB;IAE1D,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE;QACZ,SAAS,EAAE,MAAM,CAAC;QAClB,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B;AAED,MAAM,WAAW,qBAAsB,SAAQ,UAAU;IACvD,iBAAiB,EAAE,iBAAiB,CAAC;CACtC;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B"}

package/dist/src/lib/config.types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=config.types.js.map

package/dist/src/lib/config.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.types.js","sourceRoot":"","sources":["../../../src/lib/config.types.ts"],"names":[],"mappings":""}

package/dist/src/lib/exchange.request.d.ts

@@ -0,0 +1,18 @@
+import { Micro } from 'effect';
+import { logger } from '@forgerock/sdk-logger';
+import type { ClientStore } from './client.types.js';
+import type { OauthTokens, OidcConfig } from './config.types.js';
+import type { StorageConfig } from '@forgerock/storage';
+import type { TokenExchangeErrorResponse } from './exchange.types.js';
+interface BuildTokenExchangeµParams {
+    code: string;
+    config: OidcConfig;
+    endpoint: string;
+    log: ReturnType<typeof logger>;
+    state: string;
+    store: ClientStore;
+    options?: Partial<StorageConfig>;
+}
+export declare function buildTokenExchangeµ({ code, config, endpoint, log, state, store, options, }: BuildTokenExchangeµParams): Micro.Micro<OauthTokens, TokenExchangeErrorResponse, never>;
+export {};
+//# sourceMappingURL=exchange.request.d.ts.map

package/dist/src/lib/exchange.request.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"exchange.request.d.ts","sourceRoot":"","sources":["../../../src/lib/exchange.request.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAE/B,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAK/C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACjE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AAEtE,UAAU,yBAAyB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,UAAU,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,UAAU,CAAC,OAAO,MAAM,CAAC,CAAC;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,WAAW,CAAC;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;CAClC;AAED,wBAAgB,mBAAmB,CAAC,EAClC,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,GAAG,EACH,KAAK,EACL,KAAK,EACL,OAAO,GACR,EAAE,yBAAyB,GAAG,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE,0BAA0B,EAAE,KAAK,CAAC,CA2BzF"}

package/dist/src/lib/exchange.request.js

@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+import { Micro } from 'effect';
+import { createValuesµ, handleTokenResponseµ, validateValuesµ } from './exchange.utils.js';
+import { oidcApi } from './oidc.api.js';
+export function buildTokenExchangeµ({ code, config, endpoint, log, state, store, options, }) {
+    return createValuesµ(code, config, state, endpoint, options).pipe(Micro.flatMap((options) => validateValuesµ(options)), Micro.tap((options) => log.debug('Token exchange values created', options)), Micro.tapError((options) => Micro.sync(() => log.error('Error creating token exchange values', options))), Micro.flatMap((requestOptions) => Micro.promise(() => store.dispatch(oidcApi.endpoints.exchange.initiate(requestOptions)))), Micro.flatMap(({ data, error }) => handleTokenResponseµ(data, error)), Micro.tap((data) => log.debug('Token exchange response handled', data)), Micro.tapError((error) => Micro.sync(() => log.error('Error handling token exchange response', error))), Micro.map((data) => {
+        const tokens = {
+            accessToken: data.access_token,
+            idToken: data.id_token,
+            ...(data.refresh_token && { refreshToken: data.refresh_token }),
+            ...(data.expires_in && { expiresAt: data.expires_in }),
+            ...(data.expires_in && { expiryTimestamp: Date.now() + data.expires_in * 1000 }),
+        };
+        return tokens;
+    }));
+}
+//# sourceMappingURL=exchange.request.js.map

package/dist/src/lib/exchange.request.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"exchange.request.js","sourceRoot":"","sources":["../../../src/lib/exchange.request.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAI/B,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC3F,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAiBxC,MAAM,UAAU,mBAAmB,CAAC,EAClC,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,GAAG,EACH,KAAK,EACL,KAAK,EACL,OAAO,GACmB;IAC1B,OAAO,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,IAAI,CAC/D,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,+BAA+B,EAAE,OAAO,CAAC,CAAC,EAC3E,KAAK,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,EAAE,CACzB,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,sCAAsC,EAAE,OAAO,CAAC,CAAC,CAC7E,EACD,KAAK,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE,CAC/B,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CACzF,EACD,KAAK,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,oBAAoB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,EACrE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC,EACvE,KAAK,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,EAAE,CACvB,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC,CAC7E,EACD,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG;YACb,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,OAAO,EAAE,IAAI,CAAC,QAAQ;YACtB,GAAG,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;YAC/D,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC;YACtD,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;SACjF,CAAC;QAEF,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC,CACH,CAAC;AACJ,CAAC"}

package/dist/src/lib/exchange.types.d.ts

@@ -0,0 +1,21 @@
+import type { OidcConfig } from './config.types.js';
+export interface TokenExchangeResponse {
+    access_token: string;
+    id_token: string;
+    refresh_token?: string;
+    expires_in?: number;
+    scope?: string;
+    token_type?: string;
+}
+export interface TokenExchangeErrorResponse {
+    error: string;
+    message: string;
+    type: 'exchange_error' | 'network_error' | 'state_error' | 'unknown_error';
+}
+export interface TokenRequestOptions {
+    code: string;
+    config: OidcConfig;
+    endpoint: string;
+    verifier?: string;
+}
+//# sourceMappingURL=exchange.types.d.ts.map

package/dist/src/lib/exchange.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"exchange.types.d.ts","sourceRoot":"","sources":["../../../src/lib/exchange.types.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAEpD,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,0BAA0B;IACzC,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,gBAAgB,GAAG,eAAe,GAAG,aAAa,GAAG,eAAe,CAAC;CAC5E;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,UAAU,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB"}

package/dist/src/lib/exchange.types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=exchange.types.js.map

package/dist/src/lib/exchange.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"exchange.types.js","sourceRoot":"","sources":["../../../src/lib/exchange.types.ts"],"names":[],"mappings":""}

package/dist/src/lib/exchange.utils.d.ts

@@ -0,0 +1,28 @@
+import type { SerializedError } from '@reduxjs/toolkit';
+import type { FetchBaseQueryError } from '@reduxjs/toolkit/query';
+import { Micro } from 'effect';
+import type { GetAuthorizationUrlOptions } from '@forgerock/sdk-types';
+import type { StorageConfig } from '@forgerock/storage';
+import type { TokenExchangeResponse, TokenRequestOptions } from './exchange.types.js';
+import type { TokenExchangeErrorResponse } from './exchange.types.js';
+import type { OidcConfig } from './config.types.js';
+export declare function createValuesµ(code: string, config: OidcConfig, state: string, endpoint: string, options?: Partial<StorageConfig>): Micro.Micro<{
+    code: string;
+    config: OidcConfig;
+    state: string;
+    storedValues: GetAuthorizationUrlOptions;
+    endpoint: string;
+}, never, never>;
+export declare function handleTokenResponseµ(data: TokenExchangeResponse | undefined, error?: FetchBaseQueryError | SerializedError): Micro.Micro<TokenExchangeResponse, TokenExchangeErrorResponse, never>;
+export declare function validateValuesµ({ code, config, state, storedValues, endpoint, }: {
+    code: string;
+    config: OidcConfig;
+    state: string;
+    storedValues: GetAuthorizationUrlOptions;
+    endpoint: string;
+}): Micro.Micro<never, {
+    readonly error: "State mismatch";
+    readonly message: "The provided state does not match the stored state. This is likely due to passing in used, returned, authorize parameters.";
+    readonly type: "state_error";
+}, never> | Micro.Micro<TokenRequestOptions, never, never>;
+//# sourceMappingURL=exchange.utils.d.ts.map

package/dist/src/lib/exchange.utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"exchange.utils.d.ts","sourceRoot":"","sources":["../../../src/lib/exchange.utils.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAG/B,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAExD,OAAO,KAAK,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AACtF,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACtE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAEpD,wBAAgB,aAAa,CAC3B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,UAAU,EAClB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC;;;;;;iBAajC;AAED,wBAAgB,oBAAoB,CAClC,IAAI,EAAE,qBAAqB,GAAG,SAAS,EACvC,KAAK,CAAC,EAAE,mBAAmB,GAAG,eAAe,GAC5C,KAAK,CAAC,KAAK,CAAC,qBAAqB,EAAE,0BAA0B,EAAE,KAAK,CAAC,CAyBvE;AAED,wBAAgB,eAAe,CAAC,EAC9B,IAAI,EACJ,MAAM,EACN,KAAK,EACL,YAAY,EACZ,QAAQ,GACT,EAAE;IACD,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,UAAU,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,0BAA0B,CAAC;IACzC,QAAQ,EAAE,MAAM,CAAC;CAClB;;;;2DAiBA"}

package/dist/src/lib/exchange.utils.js

@@ -0,0 +1,55 @@
+import { Micro } from 'effect';
+import { getStoredAuthUrlValues } from '@forgerock/sdk-oidc';
+export function createValuesµ(code, config, state, endpoint, options) {
+    return Micro.sync(() => {
+        const storedValues = getStoredAuthUrlValues(config.clientId, options?.prefix);
+        return {
+            code,
+            config,
+            state,
+            storedValues,
+            endpoint,
+        };
+    });
+}
+export function handleTokenResponseµ(data, error) {
+    if (error) {
+        let message;
+        if ('status' in error) {
+            message = 'error' in error ? error.error : JSON.stringify(error.data);
+        }
+        else if ('message' in error) {
+            message = error.message;
+        }
+        return Micro.fail({
+            error: 'Token Exchange failure',
+            message: message || 'Unknown error during token exchange',
+            type: 'exchange_error',
+        });
+    }
+    if (!data) {
+        return Micro.fail({
+            error: 'Token Exchange failure',
+            message: 'No data returned from token exchange',
+            type: 'exchange_error',
+        });
+    }
+    return Micro.succeed(data);
+}
+export function validateValuesµ({ code, config, state, storedValues, endpoint, }) {
+    if (!storedValues || storedValues.state !== state) {
+        const err = {
+            error: 'State mismatch',
+            message: 'The provided state does not match the stored state. This is likely due to passing in used, returned, authorize parameters.',
+            type: 'state_error',
+        };
+        return Micro.fail(err);
+    }
+    return Micro.succeed({
+        code,
+        config,
+        endpoint,
+        ...(storedValues.verifier && { verifier: storedValues.verifier }), // Optional PKCE
+    });
+}
+//# sourceMappingURL=exchange.utils.js.map

package/dist/src/lib/exchange.utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"exchange.utils.js","sourceRoot":"","sources":["../../../src/lib/exchange.utils.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAE/B,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAQ7D,MAAM,UAAU,aAAa,CAC3B,IAAY,EACZ,MAAkB,EAClB,KAAa,EACb,QAAgB,EAChB,OAAgC;IAEhC,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE;QACrB,MAAM,YAAY,GAAG,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAE9E,OAAO;YACL,IAAI;YACJ,MAAM;YACN,KAAK;YACL,YAAY;YACZ,QAAQ;SACT,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,IAAuC,EACvC,KAA6C;IAE7C,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,OAAO,CAAC;QACZ,IAAI,QAAQ,IAAI,KAAK,EAAE,CAAC;YACtB,OAAO,GAAG,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxE,CAAC;aAAM,IAAI,SAAS,IAAI,KAAK,EAAE,CAAC;YAC9B,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC;YAChB,KAAK,EAAE,wBAAwB;YAC/B,OAAO,EAAE,OAAO,IAAI,qCAAqC;YACzD,IAAI,EAAE,gBAAgB;SACO,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,KAAK,CAAC,IAAI,CAAC;YAChB,KAAK,EAAE,wBAAwB;YAC/B,OAAO,EAAE,sCAAsC;YAC/C,IAAI,EAAE,gBAAgB;SACO,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,EAC9B,IAAI,EACJ,MAAM,EACN,KAAK,EACL,YAAY,EACZ,QAAQ,GAOT;IACC,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;QAClD,MAAM,GAAG,GAAG;YACV,KAAK,EAAE,gBAAgB;YACvB,OAAO,EACL,4HAA4H;YAC9H,IAAI,EAAE,aAAa;SACX,CAAC;QAEX,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,KAAK,CAAC,OAAO,CAAC;QACnB,IAAI;QACJ,MAAM;QACN,QAAQ;QACR,GAAG,CAAC,YAAY,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,gBAAgB;KAC7D,CAAC,CAAC;AAC5B,CAAC"}

package/dist/src/lib/logout.request.d.ts

@@ -0,0 +1,13 @@
+import { Micro } from 'effect';
+import type { OauthTokens, OidcConfig } from './config.types.js';
+import type { WellKnownResponse } from '@forgerock/sdk-types';
+import type { StorageClient } from '@forgerock/storage';
+import type { ClientStore, LogoutErrorResult, LogoutSuccessResult } from './client.types.js';
+export declare function logoutµ({ tokens, config, wellknown, store, storageClient, }: {
+    tokens: OauthTokens;
+    config: OidcConfig;
+    wellknown: WellKnownResponse;
+    store: ClientStore;
+    storageClient: StorageClient<OauthTokens>;
+}): Micro.Micro<LogoutSuccessResult, LogoutErrorResult, never>;
+//# sourceMappingURL=logout.request.d.ts.map

package/dist/src/lib/logout.request.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logout.request.d.ts","sourceRoot":"","sources":["../../../src/lib/logout.request.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAI/B,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACjE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,KAAK,EAAE,WAAW,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAE7F,wBAAgB,OAAO,CAAC,EACtB,MAAM,EACN,MAAM,EACN,SAAS,EACT,KAAK,EACL,aAAa,GACd,EAAE;IACD,MAAM,EAAE,WAAW,CAAC;IACpB,MAAM,EAAE,UAAU,CAAC;IACnB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,KAAK,EAAE,WAAW,CAAC;IACnB,aAAa,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC;CAC3C,8DAoDA"}

package/dist/src/lib/logout.request.js

@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+import { Micro } from 'effect';
+import { oidcApi } from './oidc.api.js';
+import { createLogoutError } from './client.store.utils.js';
+export function logoutµ({ tokens, config, wellknown, store, storageClient, }) {
+    return Micro.zip(
+    // End session with the ID token
+    Micro.promise(() => store.dispatch(oidcApi.endpoints.endSession.initiate({
+        idToken: tokens.idToken,
+        endpoint: wellknown.ping_end_idp_session_endpoint || wellknown.end_session_endpoint,
+    }))).pipe(Micro.map(({ data, error }) => createLogoutError(data, error))), 
+    // Revoke the access token
+    Micro.promise(() => store.dispatch(oidcApi.endpoints.revoke.initiate({
+        accessToken: tokens.accessToken,
+        clientId: config.clientId,
+        endpoint: wellknown.revocation_endpoint,
+    }))).pipe(Micro.map(({ data, error }) => createLogoutError(data, error)))).pipe(
+    // Delete local token and return combined results
+    Micro.flatMap(([sessionResponse, revokeResponse]) => Micro.promise(() => storageClient.remove()).pipe(Micro.flatMap((deleteResponse) => {
+        const isInnerRequestError = (sessionResponse && 'error' in sessionResponse) ||
+            (revokeResponse && 'error' in revokeResponse) ||
+            (deleteResponse && 'error' in deleteResponse);
+        if (isInnerRequestError) {
+            const result = {
+                error: 'Inner request error',
+                sessionResponse,
+                revokeResponse,
+                deleteResponse,
+            };
+            return Micro.fail(result);
+        }
+        else {
+            const result = {
+                sessionResponse: null,
+                revokeResponse: null,
+                deleteResponse: null,
+            };
+            return Micro.succeed(result);
+        }
+    }))));
+}
+//# sourceMappingURL=logout.request.js.map

package/dist/src/lib/logout.request.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logout.request.js","sourceRoot":"","sources":["../../../src/lib/logout.request.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAC/B,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAO5D,MAAM,UAAU,OAAO,CAAC,EACtB,MAAM,EACN,MAAM,EACN,SAAS,EACT,KAAK,EACL,aAAa,GAOd;IACC,OAAO,KAAK,CAAC,GAAG;IACd,gCAAgC;IAChC,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CACjB,KAAK,CAAC,QAAQ,CACZ,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC;QACpC,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,SAAS,CAAC,6BAA6B,IAAI,SAAS,CAAC,oBAAoB;KACpF,CAAC,CACH,CACF,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;IAEtE,0BAA0B;IAC1B,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CACjB,KAAK,CAAC,QAAQ,CACZ,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC;QAChC,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,QAAQ,EAAE,SAAS,CAAC,mBAAmB;KACxC,CAAC,CACH,CACF,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CACvE,CAAC,IAAI;IACJ,iDAAiD;IACjD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,cAAc,CAAC,EAAE,EAAE,CAClD,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;QAC/B,MAAM,mBAAmB,GACvB,CAAC,eAAe,IAAI,OAAO,IAAI,eAAe,CAAC;YAC/C,CAAC,cAAc,IAAI,OAAO,IAAI,cAAc,CAAC;YAC7C,CAAC,cAAc,IAAI,OAAO,IAAI,cAAc,CAAC,CAAC;QAEhD,IAAI,mBAAmB,EAAE,CAAC;YACxB,MAAM,MAAM,GAAsB;gBAChC,KAAK,EAAE,qBAAqB;gBAC5B,eAAe;gBACf,cAAc;gBACd,cAAc;aACf,CAAC;YACF,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,GAAwB;gBAClC,eAAe,EAAE,IAAI;gBACrB,cAAc,EAAE,IAAI;gBACpB,cAAc,EAAE,IAAI;aACrB,CAAC;YACF,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,CAAC,CACH,CACF,CACF,CAAC;AACJ,CAAC"}

package/dist/src/lib/oidc.api.d.ts

@@ -0,0 +1,33 @@
+import { type FetchArgs, type FetchBaseQueryError } from '@reduxjs/toolkit/query';
+import type { OidcConfig } from './config.types.js';
+import type { TokenExchangeResponse } from './exchange.types.js';
+import type { AuthorizationSuccess, AuthorizeSuccessResponse } from './authorize.request.types.js';
+import type { UserInfoResponse } from './client.types.js';
+export declare const oidcApi: import("@reduxjs/toolkit/query").Api<import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, {
+    authorizeFetch: import("@reduxjs/toolkit/query").MutationDefinition<{
+        url: string;
+    }, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, AuthorizeSuccessResponse, "oidc", unknown>;
+    authorizeIframe: import("@reduxjs/toolkit/query").MutationDefinition<{
+        url: string;
+    }, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, AuthorizationSuccess, "oidc", unknown>;
+    endSession: import("@reduxjs/toolkit/query").MutationDefinition<{
+        idToken: string;
+        endpoint: string;
+    }, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, null, "oidc", unknown>;
+    exchange: import("@reduxjs/toolkit/query").MutationDefinition<{
+        code: string;
+        config: OidcConfig;
+        endpoint: string;
+        verifier?: string;
+    }, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, TokenExchangeResponse, "oidc", unknown>;
+    revoke: import("@reduxjs/toolkit/query").MutationDefinition<{
+        accessToken: string;
+        clientId?: string;
+        endpoint: string;
+    }, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, object, "oidc", unknown>;
+    userInfo: import("@reduxjs/toolkit/query").MutationDefinition<{
+        accessToken: string;
+        endpoint: string;
+    }, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, UserInfoResponse, "oidc", unknown>;
+}, "oidc", never, typeof import("@reduxjs/toolkit/query").coreModuleName>;
+//# sourceMappingURL=oidc.api.d.ts.map

package/dist/src/lib/oidc.api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oidc.api.d.ts","sourceRoot":"","sources":["../../../src/lib/oidc.api.ts"],"names":[],"mappings":"AAMA,OAAO,EAGL,KAAK,SAAS,EACd,KAAK,mBAAmB,EACzB,MAAM,wBAAwB,CAAC;AAChC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAUpD,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AACjE,OAAO,KAAK,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,8BAA8B,CAAC;AACnG,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAO1D,eAAO,MAAM,OAAO;;aAIkD,MAAM;;;aAqET,MAAM;;;iBAoFvB,MAAM;kBAAY,MAAM;;;cA+C5D,MAAM;gBACJ,UAAU;kBACR,MAAM;mBACL,MAAM;;;qBA6D2B,MAAM;mBAAa,MAAM;kBAAY,MAAM;;;qBAkD/B,MAAM;kBAAY,MAAM;;yEA2CtF,CAAC"}