@frejun/oauth 1.0.0

package/README.md

@@ -0,0 +1,110 @@
+# @frejun/oauth
+
+FreJun OAuth 2.0 SDK for TypeScript / JavaScript. Handles the browser popup authorization flow, token management, and notifies your app of token changes via events.
+
+## Installation
+
+```bash
+npm install @frejun/oauth
+```
+
+## Quick Start
+
+```ts
+import { FrejunOAuth } from '@frejun/oauth';
+
+const oauth = new FrejunOAuth({
+  clientId: 'YOUR_CLIENT_ID',
+  clientSecret: 'YOUR_CLIENT_SECRET',
+  redirectUri: 'https://yourapp.com/callback', // optional
+  extraParams: { state: 'random-csrf-token' }, // optional
+});
+
+// Listen for new tokens
+oauth.on('tokens', (data) => {
+  console.log('Access token:', data.access_token);
+  console.log('Refresh token:', data.refresh_token);
+  console.log('Expires in:', data.expires_in);
+});
+
+// Listen for refreshed tokens
+oauth.on('tokensRefreshed', (data) => {
+  console.log('New access token:', data.access_token);
+  console.log('New refresh token:', data.refresh_token);
+});
+
+// Listen for errors
+oauth.on('error', (err) => {
+  console.error('OAuth error:', err.message);
+});
+
+// Open the FreJun consent popup (browser only)
+oauth.openAuthPopup();
+```
+
+## API
+
+### `new FrejunOAuth(config)`
+
+| Option | Type | Required | Description |
+|---|---|---|---|
+| `clientId` | `string` | Yes | Your FreJun OAuth app client ID |
+| `clientSecret` | `string` | Yes | Your FreJun OAuth app client secret |
+| `redirectUri` | `string` | No | Override the registered redirect URI |
+| `extraParams` | `Record<string, string>` | No | Extra query params (state, username, etc.) |
+
+### Methods
+
+- **`getAuthorizationUrl()`** — Returns the FreJun authorization URL as a string.
+- **`openAuthPopup()`** — Opens the consent page in a popup, listens for the auth code via `postMessage`, and automatically exchanges it for tokens. Browser only.
+- **`createTokens(code)`** — Exchange an auth code for tokens. Emits `'tokens'`.
+- **`refreshTokens(refreshToken)`** — Refresh an expired access token. Emits `'tokensRefreshed'`.
+- **`verifyToken(token)`** — Check whether an access or refresh token is valid.
+- **`disconnect(refreshToken)`** — Disconnect the OAuth app from the organization. Revokes all tokens for this organization.
+- **`destroy()`** — Clean up all listeners and close any open popup.
+
+### Events
+
+| Event | Payload | When |
+|---|---|---|
+| `authCode` | `{ code, email, ...extraParams }` | Auth code received from popup |
+| `tokens` | `CreateTokenResponse` | Tokens created from an auth code |
+| `tokensRefreshed` | `RefreshTokenResponse` | Tokens refreshed |
+| `error` | `Error` | Any error during the flow |
+
+#### `on(event, listener)`
+
+Subscribe to an event. The listener is called every time the event fires.
+
+```ts
+// Called on every token refresh
+oauth.on('tokensRefreshed', (data) => {
+  saveTokens(data.access_token, data.refresh_token);
+});
+```
+
+#### `once(event, listener)`
+
+Subscribe to an event, but the listener is automatically removed after it fires once.
+
+```ts
+// Only capture the first set of tokens
+oauth.once('tokens', (data) => {
+  console.log('Initial tokens received:', data.access_token);
+});
+```
+
+#### `off(event, listener)`
+
+Remove a previously registered listener.
+
+```ts
+const handler = (data) => { /* ... */ };
+oauth.on('tokens', handler);
+// Later, unsubscribe
+oauth.off('tokens', handler);
+```
+
+## Notes
+
+- The authorization code expires in **10 minutes**.

package/dist/cjs/FrejunOAuth.d.ts

@@ -0,0 +1,54 @@
+import { FrejunOAuthConfig, FrejunOAuthEvents, CreateTokenResponse, RefreshTokenResponse, VerifyTokenResponse, DisconnectResponse } from './types.js';
+type EventName = keyof FrejunOAuthEvents;
+/**
+ * FreJun OAuth 2.0 client.
+ *
+ * Handles the browser popup authorization flow, token creation / refresh / verification,
+ * and exposes an event emitter so consumers can react to token changes.
+ *
+ * ```ts
+ * const oauth = new FrejunOAuth({ clientId: '...', clientSecret: '...' });
+ * oauth.on('tokens', (data) => saveTokens(data));
+ * oauth.openAuthPopup();
+ * ```
+ */
+export declare class FrejunOAuth {
+    private readonly config;
+    private listeners;
+    private onceListeners;
+    private popup;
+    private messageHandler;
+    constructor(config: FrejunOAuthConfig);
+    /** Build the FreJun authorization URL with all configured query params. */
+    getAuthorizationUrl(): string;
+    /**
+     * Open the FreJun consent page in a popup and listen for the authorization
+     * code via `window.postMessage`.
+     *
+     * **Browser-only** — throws in non-browser environments.
+     */
+    openAuthPopup(): void;
+    /** Exchange an authorization code for access & refresh tokens. Emits `'tokens'`. */
+    createTokens(code: string): Promise<CreateTokenResponse>;
+    /** Refresh an expired access token. Emits `'tokensRefreshed'`. */
+    refreshTokens(refreshToken: string): Promise<RefreshTokenResponse>;
+    /** Verify whether a token (access or refresh) is still valid. */
+    verifyToken(token: string): Promise<VerifyTokenResponse>;
+    /**
+     * Disconnect the OAuth app from the organization.
+     * Revokes all refresh tokens for this client and org, and removes the app-org link.
+     */
+    disconnect(refreshToken: string): Promise<DisconnectResponse>;
+    /** Subscribe to an event. */
+    on<E extends EventName>(event: E, listener: FrejunOAuthEvents[E]): this;
+    /** Unsubscribe from an event. */
+    off<E extends EventName>(event: E, listener: FrejunOAuthEvents[E]): this;
+    /** Subscribe to an event — listener is automatically removed after the first call. */
+    once<E extends EventName>(event: E, listener: FrejunOAuthEvents[E]): this;
+    /** Remove all listeners and close the popup if open. */
+    destroy(): void;
+    private emit;
+    private cleanupPopup;
+}
+export {};
+//# sourceMappingURL=FrejunOAuth.d.ts.map

package/dist/cjs/FrejunOAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"FrejunOAuth.d.ts","sourceRoot":"","sources":["../../src/FrejunOAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,iBAAiB,EAEjB,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,YAAY,CAAC;AAMpB,KAAK,SAAS,GAAG,MAAM,iBAAiB,CAAC;AAEzC;;;;;;;;;;;GAWG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAoB;IAC3C,OAAO,CAAC,SAAS,CAAuC;IACxD,OAAO,CAAC,aAAa,CAAuC;IAC5D,OAAO,CAAC,KAAK,CAAuB;IACpC,OAAO,CAAC,cAAc,CAAgD;gBAE1D,MAAM,EAAE,iBAAiB;IAWrC,2EAA2E;IAC3E,mBAAmB,IAAI,MAAM;IAqB7B;;;;;OAKG;IACH,aAAa,IAAI,IAAI;IAkDrB,oFAAoF;IAC9E,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAU9D,kEAAkE;IAC5D,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAUxE,iEAAiE;IAC3D,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAI9D;;;OAGG;IACG,UAAU,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAYnE,6BAA6B;IAC7B,EAAE,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAQvE,iCAAiC;IACjC,GAAG,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAMxE,sFAAsF;IACtF,IAAI,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAczE,wDAAwD;IACxD,OAAO,IAAI,IAAI;IAUf,OAAO,CAAC,IAAI;IAuBZ,OAAO,CAAC,YAAY;CAUrB"}

package/dist/cjs/FrejunOAuth.js

@@ -0,0 +1,223 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FrejunOAuth = void 0;
+const api = __importStar(require("./api.js"));
+const AUTHORIZATION_URL = 'https://product.frejun.com/oauth/authorize/';
+const EXPECTED_ORIGIN = 'https://product.frejun.com';
+/**
+ * FreJun OAuth 2.0 client.
+ *
+ * Handles the browser popup authorization flow, token creation / refresh / verification,
+ * and exposes an event emitter so consumers can react to token changes.
+ *
+ * ```ts
+ * const oauth = new FrejunOAuth({ clientId: '...', clientSecret: '...' });
+ * oauth.on('tokens', (data) => saveTokens(data));
+ * oauth.openAuthPopup();
+ * ```
+ */
+class FrejunOAuth {
+    constructor(config) {
+        this.listeners = new Map();
+        this.onceListeners = new Map();
+        this.popup = null;
+        this.messageHandler = null;
+        if (!config.clientId || !config.clientSecret) {
+            throw new Error('clientId and clientSecret are required');
+        }
+        this.config = config;
+    }
+    // ---------------------------------------------------------------------------
+    // Authorization URL
+    // ---------------------------------------------------------------------------
+    /** Build the FreJun authorization URL with all configured query params. */
+    getAuthorizationUrl() {
+        const url = new URL(AUTHORIZATION_URL);
+        url.searchParams.set('client_id', this.config.clientId);
+        if (this.config.redirectUri) {
+            url.searchParams.set('redirect_uri', this.config.redirectUri);
+        }
+        if (this.config.extraParams) {
+            for (const [key, value] of Object.entries(this.config.extraParams)) {
+                url.searchParams.set(key, value);
+            }
+        }
+        return url.toString();
+    }
+    // ---------------------------------------------------------------------------
+    // Browser popup flow
+    // ---------------------------------------------------------------------------
+    /**
+     * Open the FreJun consent page in a popup and listen for the authorization
+     * code via `window.postMessage`.
+     *
+     * **Browser-only** — throws in non-browser environments.
+     */
+    openAuthPopup() {
+        if (typeof window === 'undefined') {
+            throw new Error('openAuthPopup() is only available in browser environments');
+        }
+        const authUrl = this.getAuthorizationUrl();
+        // Center the popup on screen
+        const width = 600;
+        const height = 700;
+        const left = Math.round((screen.width - width) / 2);
+        const top = Math.round((screen.height - height) / 2);
+        this.popup = window.open(authUrl, 'frejun-oauth', `width=${width},height=${height},left=${left},top=${top},scrollbars=yes`);
+        this.messageHandler = (event) => {
+            // Only accept messages from the FreJun consent page
+            if (event.origin !== EXPECTED_ORIGIN || !event.data)
+                return;
+            if (event.data.eventName !== 'oauth-code')
+                return;
+            const { code, email, ...otherParams } = (event.data.data || {});
+            // Clean up popup + listener regardless of outcome
+            this.cleanupPopup();
+            if (!code) {
+                this.emit('error', new Error('OAuth authorization was declined or no code received'));
+                return;
+            }
+            const authCodeData = { code, email, ...otherParams };
+            this.emit('authCode', authCodeData);
+            // Automatically exchange the code for tokens
+            this.createTokens(code).catch((err) => {
+                this.emit('error', err instanceof Error ? err : new Error(String(err)));
+            });
+        };
+        window.addEventListener('message', this.messageHandler);
+    }
+    // ---------------------------------------------------------------------------
+    // Token operations
+    // ---------------------------------------------------------------------------
+    /** Exchange an authorization code for access & refresh tokens. Emits `'tokens'`. */
+    async createTokens(code) {
+        const response = await api.createTokens(this.config.clientId, this.config.clientSecret, code);
+        this.emit('tokens', response);
+        return response;
+    }
+    /** Refresh an expired access token. Emits `'tokensRefreshed'`. */
+    async refreshTokens(refreshToken) {
+        const response = await api.refreshTokens(this.config.clientId, this.config.clientSecret, refreshToken);
+        this.emit('tokensRefreshed', response);
+        return response;
+    }
+    /** Verify whether a token (access or refresh) is still valid. */
+    async verifyToken(token) {
+        return api.verifyToken(token);
+    }
+    /**
+     * Disconnect the OAuth app from the organization.
+     * Revokes all refresh tokens for this client and org, and removes the app-org link.
+     */
+    async disconnect(refreshToken) {
+        return api.disconnect(this.config.clientId, this.config.clientSecret, refreshToken);
+    }
+    // ---------------------------------------------------------------------------
+    // Event emitter (isomorphic — no Node `events` dependency)
+    // ---------------------------------------------------------------------------
+    /** Subscribe to an event. */
+    on(event, listener) {
+        if (!this.listeners.has(event)) {
+            this.listeners.set(event, new Set());
+        }
+        this.listeners.get(event).add(listener);
+        return this;
+    }
+    /** Unsubscribe from an event. */
+    off(event, listener) {
+        var _a, _b;
+        (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.delete(listener);
+        (_b = this.onceListeners.get(event)) === null || _b === void 0 ? void 0 : _b.delete(listener);
+        return this;
+    }
+    /** Subscribe to an event — listener is automatically removed after the first call. */
+    once(event, listener) {
+        if (!this.onceListeners.has(event)) {
+            this.onceListeners.set(event, new Set());
+        }
+        this.onceListeners.get(event).add(listener);
+        // Also register in the main listeners map so it fires normally
+        this.on(event, listener);
+        return this;
+    }
+    // ---------------------------------------------------------------------------
+    // Lifecycle
+    // ---------------------------------------------------------------------------
+    /** Remove all listeners and close the popup if open. */
+    destroy() {
+        this.cleanupPopup();
+        this.listeners.clear();
+        this.onceListeners.clear();
+    }
+    // ---------------------------------------------------------------------------
+    // Internals
+    // ---------------------------------------------------------------------------
+    emit(event, ...args) {
+        var _a;
+        const listeners = this.listeners.get(event);
+        if (!listeners)
+            return;
+        for (const listener of listeners) {
+            try {
+                listener(...args);
+            }
+            catch (err) {
+                // Avoid swallowing errors silently — log to console
+                console.error(`Error in "${event}" listener:`, err);
+            }
+        }
+        // Remove one-shot listeners after firing
+        const onceSet = this.onceListeners.get(event);
+        if (onceSet) {
+            for (const listener of onceSet) {
+                (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.delete(listener);
+            }
+            onceSet.clear();
+        }
+    }
+    cleanupPopup() {
+        if (this.messageHandler && typeof window !== 'undefined') {
+            window.removeEventListener('message', this.messageHandler);
+            this.messageHandler = null;
+        }
+        if (this.popup && !this.popup.closed) {
+            this.popup.close();
+        }
+        this.popup = null;
+    }
+}
+exports.FrejunOAuth = FrejunOAuth;
+//# sourceMappingURL=FrejunOAuth.js.map

package/dist/cjs/FrejunOAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"FrejunOAuth.js","sourceRoot":"","sources":["../../src/FrejunOAuth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AASA,8CAAgC;AAEhC,MAAM,iBAAiB,GAAG,6CAA6C,CAAC;AACxE,MAAM,eAAe,GAAG,4BAA4B,CAAC;AAIrD;;;;;;;;;;;GAWG;AACH,MAAa,WAAW;IAOtB,YAAY,MAAyB;QAL7B,cAAS,GAAG,IAAI,GAAG,EAA4B,CAAC;QAChD,kBAAa,GAAG,IAAI,GAAG,EAA4B,CAAC;QACpD,UAAK,GAAkB,IAAI,CAAC;QAC5B,mBAAc,GAA2C,IAAI,CAAC;QAGpE,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,8EAA8E;IAC9E,oBAAoB;IACpB,8EAA8E;IAE9E,2EAA2E;IAC3E,mBAAmB;QACjB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACvC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAExD,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;gBACnE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;IACxB,CAAC;IAED,8EAA8E;IAC9E,qBAAqB;IACrB,8EAA8E;IAE9E;;;;;OAKG;IACH,aAAa;QACX,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAE3C,6BAA6B;QAC7B,MAAM,KAAK,GAAG,GAAG,CAAC;QAClB,MAAM,MAAM,GAAG,GAAG,CAAC;QACnB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAErD,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,IAAI,CACtB,OAAO,EACP,cAAc,EACd,SAAS,KAAK,WAAW,MAAM,SAAS,IAAI,QAAQ,GAAG,iBAAiB,CACzE,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,CAAC,KAAmB,EAAE,EAAE;YAC5C,oDAAoD;YACpD,IAAI,KAAK,CAAC,MAAM,KAAK,eAAe,IAAI,CAAC,KAAK,CAAC,IAAI;gBAAE,OAAO;YAC5D,IAAI,KAAK,CAAC,IAAI,CAAC,SAAS,KAAK,YAAY;gBAAE,OAAO;YAElD,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAA2B,CAAC;YAE1F,kDAAkD;YAClD,IAAI,CAAC,YAAY,EAAE,CAAC;YAEpB,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC,CAAC;gBACtF,OAAO;YACT,CAAC;YAED,MAAM,YAAY,GAAiB,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,CAAC;YACnE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;YAEpC,6CAA6C;YAC7C,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;gBAC7C,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1E,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAED,8EAA8E;IAC9E,mBAAmB;IACnB,8EAA8E;IAE9E,oFAAoF;IACpF,KAAK,CAAC,YAAY,CAAC,IAAY;QAC7B,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,YAAY,CACrC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,IAAI,CACL,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC9B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,kEAAkE;IAClE,KAAK,CAAC,aAAa,CAAC,YAAoB;QACtC,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,aAAa,CACtC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,YAAY,CACb,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;QACvC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,iEAAiE;IACjE,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,OAAO,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU,CAAC,YAAoB;QACnC,OAAO,GAAG,CAAC,UAAU,CACnB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,YAAY,CACb,CAAC;IACJ,CAAC;IAED,8EAA8E;IAC9E,2DAA2D;IAC3D,8EAA8E;IAE9E,6BAA6B;IAC7B,EAAE,CAAsB,KAAQ,EAAE,QAA8B;QAC9D,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iCAAiC;IACjC,GAAG,CAAsB,KAAQ,EAAE,QAA8B;;QAC/D,MAAA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAA,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sFAAsF;IACtF,IAAI,CAAsB,KAAQ,EAAE,QAA8B;QAChE,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;QAC3C,CAAC;QACD,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC7C,+DAA+D;QAC/D,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8EAA8E;IAC9E,YAAY;IACZ,8EAA8E;IAE9E,wDAAwD;IACxD,OAAO;QACL,IAAI,CAAC,YAAY,EAAE,CAAC;QACpB,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACvB,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;IAC7B,CAAC;IAED,8EAA8E;IAC9E,YAAY;IACZ,8EAA8E;IAEtE,IAAI,CAAsB,KAAQ,EAAE,GAAG,IAAsC;;QACnF,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC5C,IAAI,CAAC,SAAS;YAAE,OAAO;QAEvB,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC;gBACF,QAAqB,CAAC,GAAG,IAAI,CAAC,CAAC;YAClC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,oDAAoD;gBACpD,OAAO,CAAC,KAAK,CAAC,aAAa,KAAK,aAAa,EAAE,GAAG,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC9C,IAAI,OAAO,EAAE,CAAC;YACZ,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;gBAC/B,MAAA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC9C,CAAC;YACD,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,CAAC;IACH,CAAC;IAEO,YAAY;QAClB,IAAI,IAAI,CAAC,cAAc,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YACzD,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YAC3D,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACrC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;CACF;AAtND,kCAsNC"}

package/dist/cjs/api.d.ts

@@ -0,0 +1,22 @@
+import { CreateTokenResponse, RefreshTokenResponse, VerifyTokenResponse, DisconnectResponse } from './types.js';
+/**
+ * Exchange an authorization code for access and refresh tokens.
+ * `GET /oauth/token/?code=<code>`
+ */
+export declare function createTokens(clientId: string, clientSecret: string, code: string): Promise<CreateTokenResponse>;
+/**
+ * Refresh an expired access token.
+ * `POST /oauth/token/refresh/`
+ */
+export declare function refreshTokens(clientId: string, clientSecret: string, refreshToken: string): Promise<RefreshTokenResponse>;
+/**
+ * Verify whether an access or refresh token is still valid.
+ * `POST /oauth/verify-token/`  (no Authorization header required)
+ */
+export declare function verifyToken(token: string): Promise<VerifyTokenResponse>;
+/**
+ * Disconnect the OAuth app from the org associated with the refresh token.
+ * `POST /oauth/disconnect-oauth-app/`
+ */
+export declare function disconnect(clientId: string, clientSecret: string, refreshToken: string): Promise<DisconnectResponse>;
+//# sourceMappingURL=api.d.ts.map

package/dist/cjs/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,YAAY,CAAC;AA2BpB;;;GAGG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,mBAAmB,CAAC,CAQ9B;AAED;;;GAGG;AACH,wBAAsB,aAAa,CACjC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,oBAAoB,CAAC,CAoB/B;AAED;;;GAGG;AACH,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAO7E;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAC9B,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAW7B"}

package/dist/cjs/api.js

@@ -0,0 +1,93 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createTokens = createTokens;
+exports.refreshTokens = refreshTokens;
+exports.verifyToken = verifyToken;
+exports.disconnect = disconnect;
+const types_js_1 = require("./types.js");
+const BASE_URL = 'https://api.frejun.com/api/v2';
+/** Base64-encode client credentials for the Authorization header. */
+function encodeCredentials(clientId, clientSecret) {
+    const raw = `${clientId}:${clientSecret}`;
+    if (typeof btoa === 'function') {
+        return btoa(raw);
+    }
+    // Node.js fallback
+    return Buffer.from(raw).toString('base64');
+}
+/** Parse a JSON response body; throw FrejunApiError on non-2xx status. */
+async function handleResponse(response) {
+    const body = await response.json().catch(() => null);
+    if (!response.ok) {
+        throw new types_js_1.FrejunApiError(`FreJun API error: ${response.status} ${response.statusText}`, response.status, body);
+    }
+    return body;
+}
+/**
+ * Exchange an authorization code for access and refresh tokens.
+ * `GET /oauth/token/?code=<code>`
+ */
+async function createTokens(clientId, clientSecret, code) {
+    const credentials = encodeCredentials(clientId, clientSecret);
+    const url = `${BASE_URL}/oauth/token/?code=${encodeURIComponent(code)}`;
+    const response = await fetch(url, {
+        method: 'GET',
+        headers: { Authorization: `Bearer ${credentials}` },
+    });
+    return handleResponse(response);
+}
+/**
+ * Refresh an expired access token.
+ * `POST /oauth/token/refresh/`
+ */
+async function refreshTokens(clientId, clientSecret, refreshToken) {
+    var _a, _b;
+    const credentials = encodeCredentials(clientId, clientSecret);
+    const response = await fetch(`${BASE_URL}/oauth/token/refresh/`, {
+        method: 'POST',
+        headers: {
+            Authorization: `Bearer ${credentials}`,
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({ refresh: refreshToken }),
+    });
+    const raw = await handleResponse(response);
+    // Normalize `access`/`refresh` → `access_token`/`refresh_token`
+    return {
+        success: raw.success,
+        message: raw.message,
+        access_token: ((_a = raw.access) !== null && _a !== void 0 ? _a : raw.access_token),
+        refresh_token: ((_b = raw.refresh) !== null && _b !== void 0 ? _b : raw.refresh_token),
+        expires_in: raw.expires_in,
+        org_identifier: raw.org_identifier,
+    };
+}
+/**
+ * Verify whether an access or refresh token is still valid.
+ * `POST /oauth/verify-token/`  (no Authorization header required)
+ */
+async function verifyToken(token) {
+    const response = await fetch(`${BASE_URL}/oauth/verify-token/`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ token }),
+    });
+    return handleResponse(response);
+}
+/**
+ * Disconnect the OAuth app from the org associated with the refresh token.
+ * `POST /oauth/disconnect-oauth-app/`
+ */
+async function disconnect(clientId, clientSecret, refreshToken) {
+    const credentials = encodeCredentials(clientId, clientSecret);
+    const response = await fetch(`${BASE_URL}/oauth/disconnect-oauth-app/`, {
+        method: 'POST',
+        headers: {
+            Authorization: `Bearer ${credentials}`,
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({ refresh: refreshToken }),
+    });
+    return handleResponse(response);
+}
+//# sourceMappingURL=api.js.map

package/dist/cjs/api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.js","sourceRoot":"","sources":["../../src/api.ts"],"names":[],"mappings":";;AAqCA,oCAYC;AAMD,sCAwBC;AAMD,kCAOC;AAMD,gCAeC;AAjHD,yCAMoB;AAEpB,MAAM,QAAQ,GAAG,+BAA+B,CAAC;AAEjD,qEAAqE;AACrE,SAAS,iBAAiB,CAAC,QAAgB,EAAE,YAAoB;IAC/D,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,YAAY,EAAE,CAAC;IAC1C,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,CAAC;IACD,mBAAmB;IACnB,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC7C,CAAC;AAED,0EAA0E;AAC1E,KAAK,UAAU,cAAc,CAAI,QAAkB;IACjD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IACrD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,yBAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,EAC7D,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;IACJ,CAAC;IACD,OAAO,IAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,YAAY,CAChC,QAAgB,EAChB,YAAoB,EACpB,IAAY;IAEZ,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC9D,MAAM,GAAG,GAAG,GAAG,QAAQ,sBAAsB,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;IACxE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;KACpD,CAAC,CAAC;IACH,OAAO,cAAc,CAAsB,QAAQ,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,aAAa,CACjC,QAAgB,EAChB,YAAoB,EACpB,YAAoB;;IAEpB,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,uBAAuB,EAAE;QAC/D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;KAChD,CAAC,CAAC;IACH,MAAM,GAAG,GAAG,MAAM,cAAc,CAA0B,QAAQ,CAAC,CAAC;IACpE,gEAAgE;IAChE,OAAO;QACL,OAAO,EAAE,GAAG,CAAC,OAAkB;QAC/B,OAAO,EAAE,GAAG,CAAC,OAAiB;QAC9B,YAAY,EAAE,CAAC,MAAA,GAAG,CAAC,MAAM,mCAAI,GAAG,CAAC,YAAY,CAAW;QACxD,aAAa,EAAE,CAAC,MAAA,GAAG,CAAC,OAAO,mCAAI,GAAG,CAAC,aAAa,CAAW;QAC3D,UAAU,EAAE,GAAG,CAAC,UAAoB;QACpC,cAAc,EAAE,GAAG,CAAC,cAAwB;KAC7C,CAAC;AACJ,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,sBAAsB,EAAE;QAC9D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC;KAChC,CAAC,CAAC;IACH,OAAO,cAAc,CAAsB,QAAQ,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,UAAU,CAC9B,QAAgB,EAChB,YAAoB,EACpB,YAAoB;IAEpB,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,8BAA8B,EAAE;QACtE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;KAChD,CAAC,CAAC;IACH,OAAO,cAAc,CAAqB,QAAQ,CAAC,CAAC;AACtD,CAAC"}

package/dist/cjs/index.d.ts

@@ -0,0 +1,4 @@
+export { FrejunOAuth } from './FrejunOAuth.js';
+export type { FrejunOAuthConfig, FrejunOAuthEvents, AuthCodeData, CreateTokenResponse, RefreshTokenResponse, VerifyTokenResponse, DisconnectResponse, } from './types.js';
+export { FrejunApiError } from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/cjs/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,YAAY,EACV,iBAAiB,EACjB,iBAAiB,EACjB,YAAY,EACZ,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC"}

package/dist/cjs/index.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FrejunApiError = exports.FrejunOAuth = void 0;
+var FrejunOAuth_js_1 = require("./FrejunOAuth.js");
+Object.defineProperty(exports, "FrejunOAuth", { enumerable: true, get: function () { return FrejunOAuth_js_1.FrejunOAuth; } });
+var types_js_1 = require("./types.js");
+Object.defineProperty(exports, "FrejunApiError", { enumerable: true, get: function () { return types_js_1.FrejunApiError; } });
+//# sourceMappingURL=index.js.map

package/dist/cjs/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAAA,mDAA+C;AAAtC,6GAAA,WAAW,OAAA;AAYpB,uCAA4C;AAAnC,0GAAA,cAAc,OAAA"}

package/dist/cjs/types.d.ts

@@ -0,0 +1,65 @@
+/** Configuration required to initialize the FreJun OAuth client. */
+export interface FrejunOAuthConfig {
+    clientId: string;
+    clientSecret: string;
+    /** Optional override for the redirect URI registered with the app. */
+    redirectUri?: string;
+    /** Extra query params appended to the authorization URL (e.g. state, username). */
+    extraParams?: Record<string, string>;
+}
+/** Response from `GET /oauth/token/` — creating tokens from an auth code. */
+export interface CreateTokenResponse {
+    success: boolean;
+    message: string;
+    access_token: string;
+    refresh_token: string;
+    expires_in: number;
+    token_type: string;
+    org_identifier: string;
+}
+/**
+ * Response from `POST /oauth/token/refresh/`.
+ * The API returns `access`/`refresh` but the SDK normalizes them to
+ * `access_token`/`refresh_token` for consistency with CreateTokenResponse.
+ */
+export interface RefreshTokenResponse {
+    success: boolean;
+    message: string;
+    access_token: string;
+    refresh_token: string;
+    expires_in: number;
+    org_identifier: string;
+}
+/** Response from `POST /oauth/verify-token/`. */
+export interface VerifyTokenResponse {
+    [key: string]: unknown;
+}
+/** Response from `POST /oauth/disconnect-oauth-app/`. */
+export interface DisconnectResponse {
+    success: boolean;
+    message: string;
+}
+/** Data received via the postMessage / redirect after user authorization. */
+export interface AuthCodeData {
+    code: string;
+    email: string;
+    [key: string]: string;
+}
+/** Typed event map for the FrejunOAuth event emitter. */
+export interface FrejunOAuthEvents {
+    /** Fired when an authorization code is received from the popup. */
+    authCode: (data: AuthCodeData) => void;
+    /** Fired when new access/refresh tokens are created from an auth code. */
+    tokens: (data: CreateTokenResponse) => void;
+    /** Fired when tokens are refreshed. */
+    tokensRefreshed: (data: RefreshTokenResponse) => void;
+    /** Fired on any error during the OAuth flow. */
+    error: (error: Error) => void;
+}
+/** Error thrown when a FreJun API request fails. */
+export declare class FrejunApiError extends Error {
+    readonly statusCode: number;
+    readonly responseBody: unknown;
+    constructor(message: string, statusCode: number, responseBody: unknown);
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/cjs/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,oEAAoE;AACpE,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,sEAAsE;IACtE,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mFAAmF;IACnF,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACtC;AAED,6EAA6E;AAC7E,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,iDAAiD;AACjD,MAAM,WAAW,mBAAmB;IAClC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,yDAAyD;AACzD,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,6EAA6E;AAC7E,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;CACvB;AAED,yDAAyD;AACzD,MAAM,WAAW,iBAAiB;IAChC,mEAAmE;IACnE,QAAQ,EAAE,CAAC,IAAI,EAAE,YAAY,KAAK,IAAI,CAAC;IACvC,0EAA0E;IAC1E,MAAM,EAAE,CAAC,IAAI,EAAE,mBAAmB,KAAK,IAAI,CAAC;IAC5C,uCAAuC;IACvC,eAAe,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,IAAI,CAAC;IACtD,gDAAgD;IAChD,KAAK,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CAC/B;AAED,oDAAoD;AACpD,qBAAa,cAAe,SAAQ,KAAK;IACvC,SAAgB,UAAU,EAAE,MAAM,CAAC;IACnC,SAAgB,YAAY,EAAE,OAAO,CAAC;gBAE1B,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO;CAMvE"}

package/dist/cjs/types.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FrejunApiError = void 0;
+/** Error thrown when a FreJun API request fails. */
+class FrejunApiError extends Error {
+    constructor(message, statusCode, responseBody) {
+        super(message);
+        this.name = 'FrejunApiError';
+        this.statusCode = statusCode;
+        this.responseBody = responseBody;
+    }
+}
+exports.FrejunApiError = FrejunApiError;
+//# sourceMappingURL=types.js.map

package/dist/cjs/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":";;;AAiEA,oDAAoD;AACpD,MAAa,cAAe,SAAQ,KAAK;IAIvC,YAAY,OAAe,EAAE,UAAkB,EAAE,YAAqB;QACpE,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACnC,CAAC;CACF;AAVD,wCAUC"}

package/dist/esm/FrejunOAuth.d.ts

@@ -0,0 +1,54 @@
+import { FrejunOAuthConfig, FrejunOAuthEvents, CreateTokenResponse, RefreshTokenResponse, VerifyTokenResponse, DisconnectResponse } from './types.js';
+type EventName = keyof FrejunOAuthEvents;
+/**
+ * FreJun OAuth 2.0 client.
+ *
+ * Handles the browser popup authorization flow, token creation / refresh / verification,
+ * and exposes an event emitter so consumers can react to token changes.
+ *
+ * ```ts
+ * const oauth = new FrejunOAuth({ clientId: '...', clientSecret: '...' });
+ * oauth.on('tokens', (data) => saveTokens(data));
+ * oauth.openAuthPopup();
+ * ```
+ */
+export declare class FrejunOAuth {
+    private readonly config;
+    private listeners;
+    private onceListeners;
+    private popup;
+    private messageHandler;
+    constructor(config: FrejunOAuthConfig);
+    /** Build the FreJun authorization URL with all configured query params. */
+    getAuthorizationUrl(): string;
+    /**
+     * Open the FreJun consent page in a popup and listen for the authorization
+     * code via `window.postMessage`.
+     *
+     * **Browser-only** — throws in non-browser environments.
+     */
+    openAuthPopup(): void;
+    /** Exchange an authorization code for access & refresh tokens. Emits `'tokens'`. */
+    createTokens(code: string): Promise<CreateTokenResponse>;
+    /** Refresh an expired access token. Emits `'tokensRefreshed'`. */
+    refreshTokens(refreshToken: string): Promise<RefreshTokenResponse>;
+    /** Verify whether a token (access or refresh) is still valid. */
+    verifyToken(token: string): Promise<VerifyTokenResponse>;
+    /**
+     * Disconnect the OAuth app from the organization.
+     * Revokes all refresh tokens for this client and org, and removes the app-org link.
+     */
+    disconnect(refreshToken: string): Promise<DisconnectResponse>;
+    /** Subscribe to an event. */
+    on<E extends EventName>(event: E, listener: FrejunOAuthEvents[E]): this;
+    /** Unsubscribe from an event. */
+    off<E extends EventName>(event: E, listener: FrejunOAuthEvents[E]): this;
+    /** Subscribe to an event — listener is automatically removed after the first call. */
+    once<E extends EventName>(event: E, listener: FrejunOAuthEvents[E]): this;
+    /** Remove all listeners and close the popup if open. */
+    destroy(): void;
+    private emit;
+    private cleanupPopup;
+}
+export {};
+//# sourceMappingURL=FrejunOAuth.d.ts.map

package/dist/esm/FrejunOAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"FrejunOAuth.d.ts","sourceRoot":"","sources":["../../src/FrejunOAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,iBAAiB,EAEjB,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,YAAY,CAAC;AAMpB,KAAK,SAAS,GAAG,MAAM,iBAAiB,CAAC;AAEzC;;;;;;;;;;;GAWG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAoB;IAC3C,OAAO,CAAC,SAAS,CAAuC;IACxD,OAAO,CAAC,aAAa,CAAuC;IAC5D,OAAO,CAAC,KAAK,CAAuB;IACpC,OAAO,CAAC,cAAc,CAAgD;gBAE1D,MAAM,EAAE,iBAAiB;IAWrC,2EAA2E;IAC3E,mBAAmB,IAAI,MAAM;IAqB7B;;;;;OAKG;IACH,aAAa,IAAI,IAAI;IAkDrB,oFAAoF;IAC9E,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAU9D,kEAAkE;IAC5D,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAUxE,iEAAiE;IAC3D,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAI9D;;;OAGG;IACG,UAAU,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAYnE,6BAA6B;IAC7B,EAAE,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAQvE,iCAAiC;IACjC,GAAG,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAMxE,sFAAsF;IACtF,IAAI,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,IAAI;IAczE,wDAAwD;IACxD,OAAO,IAAI,IAAI;IAUf,OAAO,CAAC,IAAI;IAuBZ,OAAO,CAAC,YAAY;CAUrB"}

package/dist/esm/FrejunOAuth.js

@@ -0,0 +1,186 @@
+import * as api from './api.js';
+const AUTHORIZATION_URL = 'https://product.frejun.com/oauth/authorize/';
+const EXPECTED_ORIGIN = 'https://product.frejun.com';
+/**
+ * FreJun OAuth 2.0 client.
+ *
+ * Handles the browser popup authorization flow, token creation / refresh / verification,
+ * and exposes an event emitter so consumers can react to token changes.
+ *
+ * ```ts
+ * const oauth = new FrejunOAuth({ clientId: '...', clientSecret: '...' });
+ * oauth.on('tokens', (data) => saveTokens(data));
+ * oauth.openAuthPopup();
+ * ```
+ */
+export class FrejunOAuth {
+    constructor(config) {
+        this.listeners = new Map();
+        this.onceListeners = new Map();
+        this.popup = null;
+        this.messageHandler = null;
+        if (!config.clientId || !config.clientSecret) {
+            throw new Error('clientId and clientSecret are required');
+        }
+        this.config = config;
+    }
+    // ---------------------------------------------------------------------------
+    // Authorization URL
+    // ---------------------------------------------------------------------------
+    /** Build the FreJun authorization URL with all configured query params. */
+    getAuthorizationUrl() {
+        const url = new URL(AUTHORIZATION_URL);
+        url.searchParams.set('client_id', this.config.clientId);
+        if (this.config.redirectUri) {
+            url.searchParams.set('redirect_uri', this.config.redirectUri);
+        }
+        if (this.config.extraParams) {
+            for (const [key, value] of Object.entries(this.config.extraParams)) {
+                url.searchParams.set(key, value);
+            }
+        }
+        return url.toString();
+    }
+    // ---------------------------------------------------------------------------
+    // Browser popup flow
+    // ---------------------------------------------------------------------------
+    /**
+     * Open the FreJun consent page in a popup and listen for the authorization
+     * code via `window.postMessage`.
+     *
+     * **Browser-only** — throws in non-browser environments.
+     */
+    openAuthPopup() {
+        if (typeof window === 'undefined') {
+            throw new Error('openAuthPopup() is only available in browser environments');
+        }
+        const authUrl = this.getAuthorizationUrl();
+        // Center the popup on screen
+        const width = 600;
+        const height = 700;
+        const left = Math.round((screen.width - width) / 2);
+        const top = Math.round((screen.height - height) / 2);
+        this.popup = window.open(authUrl, 'frejun-oauth', `width=${width},height=${height},left=${left},top=${top},scrollbars=yes`);
+        this.messageHandler = (event) => {
+            // Only accept messages from the FreJun consent page
+            if (event.origin !== EXPECTED_ORIGIN || !event.data)
+                return;
+            if (event.data.eventName !== 'oauth-code')
+                return;
+            const { code, email, ...otherParams } = (event.data.data || {});
+            // Clean up popup + listener regardless of outcome
+            this.cleanupPopup();
+            if (!code) {
+                this.emit('error', new Error('OAuth authorization was declined or no code received'));
+                return;
+            }
+            const authCodeData = { code, email, ...otherParams };
+            this.emit('authCode', authCodeData);
+            // Automatically exchange the code for tokens
+            this.createTokens(code).catch((err) => {
+                this.emit('error', err instanceof Error ? err : new Error(String(err)));
+            });
+        };
+        window.addEventListener('message', this.messageHandler);
+    }
+    // ---------------------------------------------------------------------------
+    // Token operations
+    // ---------------------------------------------------------------------------
+    /** Exchange an authorization code for access & refresh tokens. Emits `'tokens'`. */
+    async createTokens(code) {
+        const response = await api.createTokens(this.config.clientId, this.config.clientSecret, code);
+        this.emit('tokens', response);
+        return response;
+    }
+    /** Refresh an expired access token. Emits `'tokensRefreshed'`. */
+    async refreshTokens(refreshToken) {
+        const response = await api.refreshTokens(this.config.clientId, this.config.clientSecret, refreshToken);
+        this.emit('tokensRefreshed', response);
+        return response;
+    }
+    /** Verify whether a token (access or refresh) is still valid. */
+    async verifyToken(token) {
+        return api.verifyToken(token);
+    }
+    /**
+     * Disconnect the OAuth app from the organization.
+     * Revokes all refresh tokens for this client and org, and removes the app-org link.
+     */
+    async disconnect(refreshToken) {
+        return api.disconnect(this.config.clientId, this.config.clientSecret, refreshToken);
+    }
+    // ---------------------------------------------------------------------------
+    // Event emitter (isomorphic — no Node `events` dependency)
+    // ---------------------------------------------------------------------------
+    /** Subscribe to an event. */
+    on(event, listener) {
+        if (!this.listeners.has(event)) {
+            this.listeners.set(event, new Set());
+        }
+        this.listeners.get(event).add(listener);
+        return this;
+    }
+    /** Unsubscribe from an event. */
+    off(event, listener) {
+        var _a, _b;
+        (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.delete(listener);
+        (_b = this.onceListeners.get(event)) === null || _b === void 0 ? void 0 : _b.delete(listener);
+        return this;
+    }
+    /** Subscribe to an event — listener is automatically removed after the first call. */
+    once(event, listener) {
+        if (!this.onceListeners.has(event)) {
+            this.onceListeners.set(event, new Set());
+        }
+        this.onceListeners.get(event).add(listener);
+        // Also register in the main listeners map so it fires normally
+        this.on(event, listener);
+        return this;
+    }
+    // ---------------------------------------------------------------------------
+    // Lifecycle
+    // ---------------------------------------------------------------------------
+    /** Remove all listeners and close the popup if open. */
+    destroy() {
+        this.cleanupPopup();
+        this.listeners.clear();
+        this.onceListeners.clear();
+    }
+    // ---------------------------------------------------------------------------
+    // Internals
+    // ---------------------------------------------------------------------------
+    emit(event, ...args) {
+        var _a;
+        const listeners = this.listeners.get(event);
+        if (!listeners)
+            return;
+        for (const listener of listeners) {
+            try {
+                listener(...args);
+            }
+            catch (err) {
+                // Avoid swallowing errors silently — log to console
+                console.error(`Error in "${event}" listener:`, err);
+            }
+        }
+        // Remove one-shot listeners after firing
+        const onceSet = this.onceListeners.get(event);
+        if (onceSet) {
+            for (const listener of onceSet) {
+                (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.delete(listener);
+            }
+            onceSet.clear();
+        }
+    }
+    cleanupPopup() {
+        if (this.messageHandler && typeof window !== 'undefined') {
+            window.removeEventListener('message', this.messageHandler);
+            this.messageHandler = null;
+        }
+        if (this.popup && !this.popup.closed) {
+            this.popup.close();
+        }
+        this.popup = null;
+    }
+}
+//# sourceMappingURL=FrejunOAuth.js.map

package/dist/esm/FrejunOAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"FrejunOAuth.js","sourceRoot":"","sources":["../../src/FrejunOAuth.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,GAAG,MAAM,UAAU,CAAC;AAEhC,MAAM,iBAAiB,GAAG,6CAA6C,CAAC;AACxE,MAAM,eAAe,GAAG,4BAA4B,CAAC;AAIrD;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,WAAW;IAOtB,YAAY,MAAyB;QAL7B,cAAS,GAAG,IAAI,GAAG,EAA4B,CAAC;QAChD,kBAAa,GAAG,IAAI,GAAG,EAA4B,CAAC;QACpD,UAAK,GAAkB,IAAI,CAAC;QAC5B,mBAAc,GAA2C,IAAI,CAAC;QAGpE,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,8EAA8E;IAC9E,oBAAoB;IACpB,8EAA8E;IAE9E,2EAA2E;IAC3E,mBAAmB;QACjB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACvC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAExD,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;gBACnE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;IACxB,CAAC;IAED,8EAA8E;IAC9E,qBAAqB;IACrB,8EAA8E;IAE9E;;;;;OAKG;IACH,aAAa;QACX,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAE3C,6BAA6B;QAC7B,MAAM,KAAK,GAAG,GAAG,CAAC;QAClB,MAAM,MAAM,GAAG,GAAG,CAAC;QACnB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAErD,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,IAAI,CACtB,OAAO,EACP,cAAc,EACd,SAAS,KAAK,WAAW,MAAM,SAAS,IAAI,QAAQ,GAAG,iBAAiB,CACzE,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,CAAC,KAAmB,EAAE,EAAE;YAC5C,oDAAoD;YACpD,IAAI,KAAK,CAAC,MAAM,KAAK,eAAe,IAAI,CAAC,KAAK,CAAC,IAAI;gBAAE,OAAO;YAC5D,IAAI,KAAK,CAAC,IAAI,CAAC,SAAS,KAAK,YAAY;gBAAE,OAAO;YAElD,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAA2B,CAAC;YAE1F,kDAAkD;YAClD,IAAI,CAAC,YAAY,EAAE,CAAC;YAEpB,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC,CAAC;gBACtF,OAAO;YACT,CAAC;YAED,MAAM,YAAY,GAAiB,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,CAAC;YACnE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;YAEpC,6CAA6C;YAC7C,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;gBAC7C,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1E,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAED,8EAA8E;IAC9E,mBAAmB;IACnB,8EAA8E;IAE9E,oFAAoF;IACpF,KAAK,CAAC,YAAY,CAAC,IAAY;QAC7B,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,YAAY,CACrC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,IAAI,CACL,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC9B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,kEAAkE;IAClE,KAAK,CAAC,aAAa,CAAC,YAAoB;QACtC,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,aAAa,CACtC,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,YAAY,CACb,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;QACvC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,iEAAiE;IACjE,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,OAAO,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU,CAAC,YAAoB;QACnC,OAAO,GAAG,CAAC,UAAU,CACnB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,YAAY,CACb,CAAC;IACJ,CAAC;IAED,8EAA8E;IAC9E,2DAA2D;IAC3D,8EAA8E;IAE9E,6BAA6B;IAC7B,EAAE,CAAsB,KAAQ,EAAE,QAA8B;QAC9D,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iCAAiC;IACjC,GAAG,CAAsB,KAAQ,EAAE,QAA8B;;QAC/D,MAAA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAA,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sFAAsF;IACtF,IAAI,CAAsB,KAAQ,EAAE,QAA8B;QAChE,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;QAC3C,CAAC;QACD,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC7C,+DAA+D;QAC/D,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8EAA8E;IAC9E,YAAY;IACZ,8EAA8E;IAE9E,wDAAwD;IACxD,OAAO;QACL,IAAI,CAAC,YAAY,EAAE,CAAC;QACpB,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACvB,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;IAC7B,CAAC;IAED,8EAA8E;IAC9E,YAAY;IACZ,8EAA8E;IAEtE,IAAI,CAAsB,KAAQ,EAAE,GAAG,IAAsC;;QACnF,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC5C,IAAI,CAAC,SAAS;YAAE,OAAO;QAEvB,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC;gBACF,QAAqB,CAAC,GAAG,IAAI,CAAC,CAAC;YAClC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,oDAAoD;gBACpD,OAAO,CAAC,KAAK,CAAC,aAAa,KAAK,aAAa,EAAE,GAAG,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC9C,IAAI,OAAO,EAAE,CAAC;YACZ,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;gBAC/B,MAAA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC9C,CAAC;YACD,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,CAAC;IACH,CAAC;IAEO,YAAY;QAClB,IAAI,IAAI,CAAC,cAAc,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YACzD,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YAC3D,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACrC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;CACF"}

package/dist/esm/api.d.ts

@@ -0,0 +1,22 @@
+import { CreateTokenResponse, RefreshTokenResponse, VerifyTokenResponse, DisconnectResponse } from './types.js';
+/**
+ * Exchange an authorization code for access and refresh tokens.
+ * `GET /oauth/token/?code=<code>`
+ */
+export declare function createTokens(clientId: string, clientSecret: string, code: string): Promise<CreateTokenResponse>;
+/**
+ * Refresh an expired access token.
+ * `POST /oauth/token/refresh/`
+ */
+export declare function refreshTokens(clientId: string, clientSecret: string, refreshToken: string): Promise<RefreshTokenResponse>;
+/**
+ * Verify whether an access or refresh token is still valid.
+ * `POST /oauth/verify-token/`  (no Authorization header required)
+ */
+export declare function verifyToken(token: string): Promise<VerifyTokenResponse>;
+/**
+ * Disconnect the OAuth app from the org associated with the refresh token.
+ * `POST /oauth/disconnect-oauth-app/`
+ */
+export declare function disconnect(clientId: string, clientSecret: string, refreshToken: string): Promise<DisconnectResponse>;
+//# sourceMappingURL=api.d.ts.map

package/dist/esm/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,YAAY,CAAC;AA2BpB;;;GAGG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,mBAAmB,CAAC,CAQ9B;AAED;;;GAGG;AACH,wBAAsB,aAAa,CACjC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,oBAAoB,CAAC,CAoB/B;AAED;;;GAGG;AACH,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAO7E;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAC9B,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAW7B"}

package/dist/esm/api.js

@@ -0,0 +1,87 @@
+import { FrejunApiError, } from './types.js';
+const BASE_URL = 'https://api.frejun.com/api/v2';
+/** Base64-encode client credentials for the Authorization header. */
+function encodeCredentials(clientId, clientSecret) {
+    const raw = `${clientId}:${clientSecret}`;
+    if (typeof btoa === 'function') {
+        return btoa(raw);
+    }
+    // Node.js fallback
+    return Buffer.from(raw).toString('base64');
+}
+/** Parse a JSON response body; throw FrejunApiError on non-2xx status. */
+async function handleResponse(response) {
+    const body = await response.json().catch(() => null);
+    if (!response.ok) {
+        throw new FrejunApiError(`FreJun API error: ${response.status} ${response.statusText}`, response.status, body);
+    }
+    return body;
+}
+/**
+ * Exchange an authorization code for access and refresh tokens.
+ * `GET /oauth/token/?code=<code>`
+ */
+export async function createTokens(clientId, clientSecret, code) {
+    const credentials = encodeCredentials(clientId, clientSecret);
+    const url = `${BASE_URL}/oauth/token/?code=${encodeURIComponent(code)}`;
+    const response = await fetch(url, {
+        method: 'GET',
+        headers: { Authorization: `Bearer ${credentials}` },
+    });
+    return handleResponse(response);
+}
+/**
+ * Refresh an expired access token.
+ * `POST /oauth/token/refresh/`
+ */
+export async function refreshTokens(clientId, clientSecret, refreshToken) {
+    var _a, _b;
+    const credentials = encodeCredentials(clientId, clientSecret);
+    const response = await fetch(`${BASE_URL}/oauth/token/refresh/`, {
+        method: 'POST',
+        headers: {
+            Authorization: `Bearer ${credentials}`,
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({ refresh: refreshToken }),
+    });
+    const raw = await handleResponse(response);
+    // Normalize `access`/`refresh` → `access_token`/`refresh_token`
+    return {
+        success: raw.success,
+        message: raw.message,
+        access_token: ((_a = raw.access) !== null && _a !== void 0 ? _a : raw.access_token),
+        refresh_token: ((_b = raw.refresh) !== null && _b !== void 0 ? _b : raw.refresh_token),
+        expires_in: raw.expires_in,
+        org_identifier: raw.org_identifier,
+    };
+}
+/**
+ * Verify whether an access or refresh token is still valid.
+ * `POST /oauth/verify-token/`  (no Authorization header required)
+ */
+export async function verifyToken(token) {
+    const response = await fetch(`${BASE_URL}/oauth/verify-token/`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ token }),
+    });
+    return handleResponse(response);
+}
+/**
+ * Disconnect the OAuth app from the org associated with the refresh token.
+ * `POST /oauth/disconnect-oauth-app/`
+ */
+export async function disconnect(clientId, clientSecret, refreshToken) {
+    const credentials = encodeCredentials(clientId, clientSecret);
+    const response = await fetch(`${BASE_URL}/oauth/disconnect-oauth-app/`, {
+        method: 'POST',
+        headers: {
+            Authorization: `Bearer ${credentials}`,
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({ refresh: refreshToken }),
+    });
+    return handleResponse(response);
+}
+//# sourceMappingURL=api.js.map

package/dist/esm/api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.js","sourceRoot":"","sources":["../../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,GAKf,MAAM,YAAY,CAAC;AAEpB,MAAM,QAAQ,GAAG,+BAA+B,CAAC;AAEjD,qEAAqE;AACrE,SAAS,iBAAiB,CAAC,QAAgB,EAAE,YAAoB;IAC/D,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,YAAY,EAAE,CAAC;IAC1C,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,CAAC;IACD,mBAAmB;IACnB,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC7C,CAAC;AAED,0EAA0E;AAC1E,KAAK,UAAU,cAAc,CAAI,QAAkB;IACjD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IACrD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,cAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,EAC7D,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;IACJ,CAAC;IACD,OAAO,IAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAgB,EAChB,YAAoB,EACpB,IAAY;IAEZ,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC9D,MAAM,GAAG,GAAG,GAAG,QAAQ,sBAAsB,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;IACxE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;KACpD,CAAC,CAAC;IACH,OAAO,cAAc,CAAsB,QAAQ,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,QAAgB,EAChB,YAAoB,EACpB,YAAoB;;IAEpB,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,uBAAuB,EAAE;QAC/D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;KAChD,CAAC,CAAC;IACH,MAAM,GAAG,GAAG,MAAM,cAAc,CAA0B,QAAQ,CAAC,CAAC;IACpE,gEAAgE;IAChE,OAAO;QACL,OAAO,EAAE,GAAG,CAAC,OAAkB;QAC/B,OAAO,EAAE,GAAG,CAAC,OAAiB;QAC9B,YAAY,EAAE,CAAC,MAAA,GAAG,CAAC,MAAM,mCAAI,GAAG,CAAC,YAAY,CAAW;QACxD,aAAa,EAAE,CAAC,MAAA,GAAG,CAAC,OAAO,mCAAI,GAAG,CAAC,aAAa,CAAW;QAC3D,UAAU,EAAE,GAAG,CAAC,UAAoB;QACpC,cAAc,EAAE,GAAG,CAAC,cAAwB;KAC7C,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,sBAAsB,EAAE;QAC9D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC;KAChC,CAAC,CAAC;IACH,OAAO,cAAc,CAAsB,QAAQ,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,QAAgB,EAChB,YAAoB,EACpB,YAAoB;IAEpB,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,8BAA8B,EAAE;QACtE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;KAChD,CAAC,CAAC;IACH,OAAO,cAAc,CAAqB,QAAQ,CAAC,CAAC;AACtD,CAAC"}

package/dist/esm/index.d.ts

@@ -0,0 +1,4 @@
+export { FrejunOAuth } from './FrejunOAuth.js';
+export type { FrejunOAuthConfig, FrejunOAuthEvents, AuthCodeData, CreateTokenResponse, RefreshTokenResponse, VerifyTokenResponse, DisconnectResponse, } from './types.js';
+export { FrejunApiError } from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/esm/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,YAAY,EACV,iBAAiB,EACjB,iBAAiB,EACjB,YAAY,EACZ,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC"}

package/dist/esm/index.js

@@ -0,0 +1,3 @@
+export { FrejunOAuth } from './FrejunOAuth.js';
+export { FrejunApiError } from './types.js';
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAY/C,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC"}

package/dist/esm/types.d.ts

@@ -0,0 +1,65 @@
+/** Configuration required to initialize the FreJun OAuth client. */
+export interface FrejunOAuthConfig {
+    clientId: string;
+    clientSecret: string;
+    /** Optional override for the redirect URI registered with the app. */
+    redirectUri?: string;
+    /** Extra query params appended to the authorization URL (e.g. state, username). */
+    extraParams?: Record<string, string>;
+}
+/** Response from `GET /oauth/token/` — creating tokens from an auth code. */
+export interface CreateTokenResponse {
+    success: boolean;
+    message: string;
+    access_token: string;
+    refresh_token: string;
+    expires_in: number;
+    token_type: string;
+    org_identifier: string;
+}
+/**
+ * Response from `POST /oauth/token/refresh/`.
+ * The API returns `access`/`refresh` but the SDK normalizes them to
+ * `access_token`/`refresh_token` for consistency with CreateTokenResponse.
+ */
+export interface RefreshTokenResponse {
+    success: boolean;
+    message: string;
+    access_token: string;
+    refresh_token: string;
+    expires_in: number;
+    org_identifier: string;
+}
+/** Response from `POST /oauth/verify-token/`. */
+export interface VerifyTokenResponse {
+    [key: string]: unknown;
+}
+/** Response from `POST /oauth/disconnect-oauth-app/`. */
+export interface DisconnectResponse {
+    success: boolean;
+    message: string;
+}
+/** Data received via the postMessage / redirect after user authorization. */
+export interface AuthCodeData {
+    code: string;
+    email: string;
+    [key: string]: string;
+}
+/** Typed event map for the FrejunOAuth event emitter. */
+export interface FrejunOAuthEvents {
+    /** Fired when an authorization code is received from the popup. */
+    authCode: (data: AuthCodeData) => void;
+    /** Fired when new access/refresh tokens are created from an auth code. */
+    tokens: (data: CreateTokenResponse) => void;
+    /** Fired when tokens are refreshed. */
+    tokensRefreshed: (data: RefreshTokenResponse) => void;
+    /** Fired on any error during the OAuth flow. */
+    error: (error: Error) => void;
+}
+/** Error thrown when a FreJun API request fails. */
+export declare class FrejunApiError extends Error {
+    readonly statusCode: number;
+    readonly responseBody: unknown;
+    constructor(message: string, statusCode: number, responseBody: unknown);
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/esm/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,oEAAoE;AACpE,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,sEAAsE;IACtE,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mFAAmF;IACnF,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACtC;AAED,6EAA6E;AAC7E,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,iDAAiD;AACjD,MAAM,WAAW,mBAAmB;IAClC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,yDAAyD;AACzD,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,6EAA6E;AAC7E,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;CACvB;AAED,yDAAyD;AACzD,MAAM,WAAW,iBAAiB;IAChC,mEAAmE;IACnE,QAAQ,EAAE,CAAC,IAAI,EAAE,YAAY,KAAK,IAAI,CAAC;IACvC,0EAA0E;IAC1E,MAAM,EAAE,CAAC,IAAI,EAAE,mBAAmB,KAAK,IAAI,CAAC;IAC5C,uCAAuC;IACvC,eAAe,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,IAAI,CAAC;IACtD,gDAAgD;IAChD,KAAK,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CAC/B;AAED,oDAAoD;AACpD,qBAAa,cAAe,SAAQ,KAAK;IACvC,SAAgB,UAAU,EAAE,MAAM,CAAC;IACnC,SAAgB,YAAY,EAAE,OAAO,CAAC;gBAE1B,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO;CAMvE"}

package/dist/esm/types.js

@@ -0,0 +1,10 @@
+/** Error thrown when a FreJun API request fails. */
+export class FrejunApiError extends Error {
+    constructor(message, statusCode, responseBody) {
+        super(message);
+        this.name = 'FrejunApiError';
+        this.statusCode = statusCode;
+        this.responseBody = responseBody;
+    }
+}
+//# sourceMappingURL=types.js.map

package/dist/esm/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAiEA,oDAAoD;AACpD,MAAM,OAAO,cAAe,SAAQ,KAAK;IAIvC,YAAY,OAAe,EAAE,UAAkB,EAAE,YAAqB;QACpE,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACnC,CAAC;CACF"}

package/package.json

@@ -0,0 +1,39 @@
+{
+  "name": "@frejun/oauth",
+  "version": "1.0.0",
+  "description": "FreJun OAuth 2.0 SDK — browser popup flow, token management, and event-driven token notifications",
+  "main": "dist/cjs/index.js",
+  "module": "dist/esm/index.js",
+  "types": "dist/cjs/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/cjs/index.d.ts",
+      "import": "./dist/esm/index.js",
+      "require": "./dist/cjs/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "sideEffects": false,
+  "scripts": {
+    "build:cjs": "tsc -p tsconfig.cjs.json",
+    "build:esm": "tsc -p tsconfig.esm.json",
+    "build": "npm run build:cjs && npm run build:esm",
+    "clean": "rimraf dist",
+    "prepublishOnly": "npm run clean && npm run build"
+  },
+  "keywords": [
+    "frejun",
+    "oauth",
+    "oauth2",
+    "authentication",
+    "tokens"
+  ],
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^25.5.0",
+    "rimraf": "^5.0.0",
+    "typescript": "^5.4.0"
+  }
+}