@hemia/auth-sdk 0.0.2 → 0.0.4

package/dist/hemia-auth-sdk.esm.js

@@ -1,9 +1,9 @@
 import 'reflect-metadata';
-import { Get, Req, Res, Post, HttpError, BadRequestError, CustomHttpError, InternalServerError } from '@hemia/common';
+import { BadRequestError, CustomHttpError, InternalServerError, Get, Req, Res, Post, HttpError } from '@hemia/common';
 import { HMNetworkServices } from '@hemia/network-services';
+import { JwtManager } from '@hemia/jwt-manager';
 import { randomBytes, createHash } from 'crypto';
-import { injectable } from 'inversify';
-import { CacheService } from '@hemia/cache-manager';
+import { injectable, inject } from 'inversify';
 
 /******************************************************************************
 Copyright (c) Microsoft Corporation.
@@ -42,196 +42,6 @@ typeof SuppressedError === "function" ? SuppressedError : function (error, suppr
     return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
 };
 
-class SessionError extends Error {
-    constructor(message, code, redirectTo) {
-        super(message);
-        this.code = code;
-        this.redirectTo = redirectTo;
-        this.name = this.constructor.name;
-        Error.captureStackTrace(this, this.constructor);
-    }
-}
-class SessionNotFoundError extends SessionError {
-    constructor(message = 'Sesión no encontrada') {
-        super(message, 'SESSION_NOT_FOUND', '/?session=required');
-    }
-}
-class SessionExpiredError extends SessionError {
-    constructor(message = 'Sesión expirada') {
-        super(message, 'SESSION_EXPIRED', '/session-expired?session=expired');
-    }
-}
-class SessionInvalidError extends SessionError {
-    constructor(message = 'Sesión inválida') {
-        super(message, 'SESSION_INVALID', '/?session=invalid');
-    }
-}
-class TokenRefreshFailedError extends SessionError {
-    constructor(message = 'Error al renovar tokens') {
-        super(message, 'TOKEN_REFRESH_FAILED', '/session-expired?session=expired');
-    }
-}
-class InvalidTokenFormatError extends SessionError {
-    constructor(message = 'Formato de token inválido') {
-        super(message, 'INVALID_TOKEN_FORMAT', '/?session=invalid');
-    }
-}
-
-/**
- * Controller Abstracto Reutilizable
- * Gestiona automáticamente Login, Callback, Me y Logout.
- */
-class AbstractAuthController {
-    constructor(authService) {
-        this.authService = authService;
-    }
-    async login(req, res) {
-        try {
-            const autoParam = typeof req.query.auto === 'string' ? req.query.auto : 'false';
-            const { loginUrl, tempState } = this.authService.generateLoginParams(autoParam);
-            res.cookie('auth_flow', JSON.stringify(tempState), {
-                httpOnly: true,
-                secure: process.env.NODE_ENV === 'production',
-                maxAge: 300000 // 5 min
-            });
-            res.redirect(loginUrl);
-        }
-        catch (error) {
-            console.error('Login Error:', error);
-            res.status(500).send('Login initialization failed');
-        }
-    }
-    async callback(req, res) {
-        try {
-            const { code, state } = req.query;
-            const authFlowCookie = req.cookies['auth_flow'];
-            if (!authFlowCookie) {
-                res.status(400).send('Missing auth flow cookie');
-                return;
-            }
-            const storedState = JSON.parse(authFlowCookie);
-            const result = await this.authService.handleCallback(code, state, storedState);
-            res.cookie('x-session', result.sessionId, {
-                httpOnly: true,
-                secure: process.env.NODE_ENV === 'production',
-                sameSite: 'lax',
-                maxAge: result.expiresIn * 1000,
-                path: '/'
-            });
-            res.clearCookie('auth_flow');
-            res.redirect(result.redirectUrl);
-        }
-        catch (error) {
-            console.error('Callback Error:', error);
-            if (error instanceof HttpError) {
-                res.status(error.statusCode).json({
-                    success: false,
-                    message: error.message,
-                    error: error.error
-                });
-                return;
-            }
-            res.status(500).json({
-                success: false,
-                message: 'Failed to complete authentication',
-                error: error.message
-            });
-        }
-    }
-    async me(req, res) {
-        const sessionId = req.cookies['x-session'];
-        if (!sessionId) {
-            return res.status(401).json({
-                success: false,
-                message: 'No session found',
-                data: {
-                    redirect_to: '/?session=required'
-                },
-                error: {
-                    message: 'Session is missing',
-                    code: 'SESSION_MISSING'
-                }
-            });
-        }
-        try {
-            const result = await this.authService.getSessionUser(sessionId);
-            return res.status(200).json({
-                success: true,
-                data: result
-            });
-        }
-        catch (error) {
-            res.clearCookie('x-session', {
-                httpOnly: true,
-                secure: process.env.NODE_ENV === 'production',
-                sameSite: 'lax',
-            });
-            if (error instanceof SessionError) {
-                return res.status(401).json({
-                    success: false,
-                    message: error.message,
-                    data: {
-                        redirect_to: error.redirectTo || '/login'
-                    },
-                    error: {
-                        message: error.message,
-                        code: error.code
-                    }
-                });
-            }
-            else {
-                return res.status(500).json({
-                    success: false,
-                    message: 'Failed to retrieve session user',
-                    error: error.message
-                });
-            }
-        }
-    }
-    async logout(req, res) {
-        const sessionId = req.cookies['x-session'];
-        if (sessionId) {
-            await this.authService.logout(sessionId);
-        }
-        res.clearCookie('x-session', {
-            httpOnly: true,
-            secure: process.env.NODE_ENV === 'production',
-            sameSite: 'lax',
-        });
-        return res.status(200).json({ success: true });
-    }
-}
-__decorate([
-    Get('/login'),
-    __param(0, Req()),
-    __param(1, Res()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "login", null);
-__decorate([
-    Get('/callback'),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "callback", null);
-__decorate([
-    Get('/me'),
-    __param(0, Req()),
-    __param(1, Res()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "me", null);
-__decorate([
-    Post('/logout'),
-    __param(0, Req()),
-    __param(1, Res()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "logout", null);
-
 /**
  * Utilidades para manejo de PKCE y codificación Base64URL
  */
@@ -276,31 +86,51 @@ class Generators {
     }
 }
 
-let AuthCacheService = class AuthCacheService {
-    constructor(cacheClient) {
-        this.cacheClient = cacheClient;
+class SessionError extends Error {
+    constructor(message, code, redirectTo) {
+        super(message);
+        this.code = code;
+        this.redirectTo = redirectTo;
+        this.name = this.constructor.name;
+        Error.captureStackTrace(this, this.constructor);
     }
-    async set(key, value, ttlSeconds) {
-        await this.cacheClient.setObject(key, value, ttlSeconds);
+}
+class SessionNotFoundError extends SessionError {
+    constructor(message = 'Sesión no encontrada') {
+        super(message, 'SESSION_NOT_FOUND', '/?session=required');
     }
-    async get(key) {
-        return await this.cacheClient.getObject(key);
+}
+class SessionExpiredError extends SessionError {
+    constructor(message = 'Sesión expirada') {
+        super(message, 'SESSION_EXPIRED', '/session-expired?session=expired');
     }
-    async delete(key) {
-        await this.cacheClient.deleteKey(key);
+}
+class SessionInvalidError extends SessionError {
+    constructor(message = 'Sesión inválida') {
+        super(message, 'SESSION_INVALID', '/?session=invalid');
     }
-};
-AuthCacheService = __decorate([
-    injectable(),
-    __metadata("design:paramtypes", [CacheService])
-], AuthCacheService);
+}
+class TokenRefreshFailedError extends SessionError {
+    constructor(message = 'Error al renovar tokens') {
+        super(message, 'TOKEN_REFRESH_FAILED', '/session-expired?session=expired');
+    }
+}
+class InvalidTokenFormatError extends SessionError {
+    constructor(message = 'Formato de token inválido') {
+        super(message, 'INVALID_TOKEN_FORMAT', '/?session=invalid');
+    }
+}
 
 let AuthService = class AuthService {
-    constructor(config, storage, jwtManager) {
+    // private networkServices: HMNetworkServices;
+    // private jwtManager: JwtManager
+    constructor(config, storage, networkServices, jwtManager) {
         this.config = config;
         this.storage = storage;
+        this.networkServices = networkServices;
         this.jwtManager = jwtManager;
-        this.networkServices = new HMNetworkServices(this.config.ssoBaseUrl);
+        // this.networkServices = new HMNetworkServices(this.config.ssoBaseUrl);
+        // this.jwtManager = new JwtManager();
     }
     /**
      * Genera los parámetros necesarios para iniciar el login SSO
@@ -437,7 +267,7 @@ let AuthService = class AuthService {
      */
     async decodeIdToken(idToken) {
         try {
-            const decode = this.jwtManager.decode(idToken);
+            const decode = this.jwtManager.getClaims(idToken);
             if (!decode) {
                 return null;
             }
@@ -484,13 +314,196 @@ let AuthService = class AuthService {
 };
 AuthService = __decorate([
     injectable(),
-    __metadata("design:paramtypes", [Object, AuthCacheService, Object])
+    __metadata("design:paramtypes", [Object, Object, HMNetworkServices,
+        JwtManager])
 ], AuthService);
 
-const registerAuthSdk = (container, config, cacheService, jwtManager) => {
-    container.bind(AuthService).toDynamicValue(() => {
-        return new AuthService(config, cacheService, jwtManager);
+const AUTH_SERVICE_ID = 'AuthService';
+
+/**
+ * Controller Abstracto Reutilizable
+ * Gestiona automáticamente Login, Callback, Me y Logout.
+ */
+let AbstractAuthController = class AbstractAuthController {
+    constructor() { }
+    async login(req, res) {
+        try {
+            const autoParam = typeof req.query.auto === 'string' ? req.query.auto : 'false';
+            const { loginUrl, tempState } = this.authService.generateLoginParams(autoParam);
+            res.cookie('auth_flow', JSON.stringify(tempState), {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === 'production',
+                maxAge: 300000 // 5 min
+            });
+            res.redirect(loginUrl);
+        }
+        catch (error) {
+            console.error('Login Error:', error);
+            res.status(500).send('Login initialization failed');
+        }
+    }
+    async callback(req, res) {
+        try {
+            const { code, state } = req.query;
+            const authFlowCookie = req.cookies['auth_flow'];
+            if (!authFlowCookie) {
+                res.status(400).send('Missing auth flow cookie');
+                return;
+            }
+            const storedState = JSON.parse(authFlowCookie);
+            const result = await this.authService.handleCallback(code, state, storedState);
+            res.cookie('x-session', result.sessionId, {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === 'production',
+                sameSite: 'lax',
+                maxAge: result.expiresIn * 1000,
+                path: '/'
+            });
+            res.clearCookie('auth_flow');
+            res.redirect(result.redirectUrl);
+        }
+        catch (error) {
+            console.error('Callback Error:', error);
+            if (error instanceof HttpError) {
+                res.status(error.statusCode).json({
+                    success: false,
+                    message: error.message,
+                    error: error.error
+                });
+                return;
+            }
+            res.status(500).json({
+                success: false,
+                message: 'Failed to complete authentication',
+                error: error.message
+            });
+        }
+    }
+    async me(req, res) {
+        const sessionId = req.cookies['x-session'];
+        if (!sessionId) {
+            return res.status(401).json({
+                success: false,
+                message: 'No session found',
+                data: {
+                    redirect_to: '/?session=required'
+                },
+                error: {
+                    message: 'Session is missing',
+                    code: 'SESSION_MISSING'
+                }
+            });
+        }
+        try {
+            const result = await this.authService.getSessionUser(sessionId);
+            return res.status(200).json({
+                success: true,
+                data: result
+            });
+        }
+        catch (error) {
+            res.clearCookie('x-session', {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === 'production',
+                sameSite: 'lax',
+            });
+            if (error instanceof SessionError) {
+                return res.status(401).json({
+                    success: false,
+                    message: error.message,
+                    data: {
+                        redirect_to: error.redirectTo || '/login'
+                    },
+                    error: {
+                        message: error.message,
+                        code: error.code
+                    }
+                });
+            }
+            else {
+                return res.status(500).json({
+                    success: false,
+                    message: 'Failed to retrieve session user',
+                    error: error.message
+                });
+            }
+        }
+    }
+    async logout(req, res) {
+        const sessionId = req.cookies['x-session'];
+        if (sessionId) {
+            await this.authService.logout(sessionId);
+        }
+        res.clearCookie('x-session', {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === 'production',
+            sameSite: 'lax',
+        });
+        return res.status(200).json({ success: true });
+    }
+};
+__decorate([
+    inject(AUTH_SERVICE_ID),
+    __metadata("design:type", AuthService)
+], AbstractAuthController.prototype, "authService", void 0);
+__decorate([
+    Get('/login'),
+    __param(0, Req()),
+    __param(1, Res()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], AbstractAuthController.prototype, "login", null);
+__decorate([
+    Get('/callback'),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], AbstractAuthController.prototype, "callback", null);
+__decorate([
+    Get('/me'),
+    __param(0, Req()),
+    __param(1, Res()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], AbstractAuthController.prototype, "me", null);
+__decorate([
+    Post('/logout'),
+    __param(0, Req()),
+    __param(1, Res()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], AbstractAuthController.prototype, "logout", null);
+AbstractAuthController = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [])
+], AbstractAuthController);
+
+class AuthCacheAdapter {
+    constructor(externalCache) {
+        this.externalCache = externalCache;
+    }
+    async set(key, value, ttlSeconds) {
+        await this.externalCache.setObject(key, value, ttlSeconds);
+    }
+    async get(key) {
+        return await this.externalCache.getObject(key);
+    }
+    async delete(key) {
+        await this.externalCache.deleteKey(key);
+    }
+}
+
+const registerAuthSdk = (bind, config, cacheFactory) => {
+    bind(AUTH_SERVICE_ID).toDynamicValue(async (context) => {
+        const rawCache = await Promise.resolve(cacheFactory(context));
+        const storageAdapter = new AuthCacheAdapter(rawCache);
+        const network = new HMNetworkServices(config.ssoBaseUrl);
+        const jwt = new JwtManager();
+        return new AuthService(config, storageAdapter, network, jwt);
     }).inSingletonScope();
 };
 
-export { AbstractAuthController, AuthCacheService, AuthService, InvalidTokenFormatError, SessionError, SessionExpiredError, SessionInvalidError, SessionNotFoundError, TokenRefreshFailedError, registerAuthSdk };
+export { AUTH_SERVICE_ID, AbstractAuthController, AuthService, InvalidTokenFormatError, SessionError, SessionExpiredError, SessionInvalidError, SessionNotFoundError, TokenRefreshFailedError, registerAuthSdk };

package/dist/hemia-auth-sdk.js

@@ -3,9 +3,9 @@
 require('reflect-metadata');
 var common = require('@hemia/common');
 var networkServices = require('@hemia/network-services');
+var jwtManager = require('@hemia/jwt-manager');
 var crypto = require('crypto');
 var inversify = require('inversify');
-var cacheManager = require('@hemia/cache-manager');
 
 /******************************************************************************
 Copyright (c) Microsoft Corporation.
@@ -44,196 +44,6 @@ typeof SuppressedError === "function" ? SuppressedError : function (error, suppr
     return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
 };
 
-class SessionError extends Error {
-    constructor(message, code, redirectTo) {
-        super(message);
-        this.code = code;
-        this.redirectTo = redirectTo;
-        this.name = this.constructor.name;
-        Error.captureStackTrace(this, this.constructor);
-    }
-}
-class SessionNotFoundError extends SessionError {
-    constructor(message = 'Sesión no encontrada') {
-        super(message, 'SESSION_NOT_FOUND', '/?session=required');
-    }
-}
-class SessionExpiredError extends SessionError {
-    constructor(message = 'Sesión expirada') {
-        super(message, 'SESSION_EXPIRED', '/session-expired?session=expired');
-    }
-}
-class SessionInvalidError extends SessionError {
-    constructor(message = 'Sesión inválida') {
-        super(message, 'SESSION_INVALID', '/?session=invalid');
-    }
-}
-class TokenRefreshFailedError extends SessionError {
-    constructor(message = 'Error al renovar tokens') {
-        super(message, 'TOKEN_REFRESH_FAILED', '/session-expired?session=expired');
-    }
-}
-class InvalidTokenFormatError extends SessionError {
-    constructor(message = 'Formato de token inválido') {
-        super(message, 'INVALID_TOKEN_FORMAT', '/?session=invalid');
-    }
-}
-
-/**
- * Controller Abstracto Reutilizable
- * Gestiona automáticamente Login, Callback, Me y Logout.
- */
-class AbstractAuthController {
-    constructor(authService) {
-        this.authService = authService;
-    }
-    async login(req, res) {
-        try {
-            const autoParam = typeof req.query.auto === 'string' ? req.query.auto : 'false';
-            const { loginUrl, tempState } = this.authService.generateLoginParams(autoParam);
-            res.cookie('auth_flow', JSON.stringify(tempState), {
-                httpOnly: true,
-                secure: process.env.NODE_ENV === 'production',
-                maxAge: 300000 // 5 min
-            });
-            res.redirect(loginUrl);
-        }
-        catch (error) {
-            console.error('Login Error:', error);
-            res.status(500).send('Login initialization failed');
-        }
-    }
-    async callback(req, res) {
-        try {
-            const { code, state } = req.query;
-            const authFlowCookie = req.cookies['auth_flow'];
-            if (!authFlowCookie) {
-                res.status(400).send('Missing auth flow cookie');
-                return;
-            }
-            const storedState = JSON.parse(authFlowCookie);
-            const result = await this.authService.handleCallback(code, state, storedState);
-            res.cookie('x-session', result.sessionId, {
-                httpOnly: true,
-                secure: process.env.NODE_ENV === 'production',
-                sameSite: 'lax',
-                maxAge: result.expiresIn * 1000,
-                path: '/'
-            });
-            res.clearCookie('auth_flow');
-            res.redirect(result.redirectUrl);
-        }
-        catch (error) {
-            console.error('Callback Error:', error);
-            if (error instanceof common.HttpError) {
-                res.status(error.statusCode).json({
-                    success: false,
-                    message: error.message,
-                    error: error.error
-                });
-                return;
-            }
-            res.status(500).json({
-                success: false,
-                message: 'Failed to complete authentication',
-                error: error.message
-            });
-        }
-    }
-    async me(req, res) {
-        const sessionId = req.cookies['x-session'];
-        if (!sessionId) {
-            return res.status(401).json({
-                success: false,
-                message: 'No session found',
-                data: {
-                    redirect_to: '/?session=required'
-                },
-                error: {
-                    message: 'Session is missing',
-                    code: 'SESSION_MISSING'
-                }
-            });
-        }
-        try {
-            const result = await this.authService.getSessionUser(sessionId);
-            return res.status(200).json({
-                success: true,
-                data: result
-            });
-        }
-        catch (error) {
-            res.clearCookie('x-session', {
-                httpOnly: true,
-                secure: process.env.NODE_ENV === 'production',
-                sameSite: 'lax',
-            });
-            if (error instanceof SessionError) {
-                return res.status(401).json({
-                    success: false,
-                    message: error.message,
-                    data: {
-                        redirect_to: error.redirectTo || '/login'
-                    },
-                    error: {
-                        message: error.message,
-                        code: error.code
-                    }
-                });
-            }
-            else {
-                return res.status(500).json({
-                    success: false,
-                    message: 'Failed to retrieve session user',
-                    error: error.message
-                });
-            }
-        }
-    }
-    async logout(req, res) {
-        const sessionId = req.cookies['x-session'];
-        if (sessionId) {
-            await this.authService.logout(sessionId);
-        }
-        res.clearCookie('x-session', {
-            httpOnly: true,
-            secure: process.env.NODE_ENV === 'production',
-            sameSite: 'lax',
-        });
-        return res.status(200).json({ success: true });
-    }
-}
-__decorate([
-    common.Get('/login'),
-    __param(0, common.Req()),
-    __param(1, common.Res()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "login", null);
-__decorate([
-    common.Get('/callback'),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "callback", null);
-__decorate([
-    common.Get('/me'),
-    __param(0, common.Req()),
-    __param(1, common.Res()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "me", null);
-__decorate([
-    common.Post('/logout'),
-    __param(0, common.Req()),
-    __param(1, common.Res()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object]),
-    __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "logout", null);
-
 /**
  * Utilidades para manejo de PKCE y codificación Base64URL
  */
@@ -278,31 +88,51 @@ class Generators {
     }
 }
 
-exports.AuthCacheService = class AuthCacheService {
-    constructor(cacheClient) {
-        this.cacheClient = cacheClient;
+class SessionError extends Error {
+    constructor(message, code, redirectTo) {
+        super(message);
+        this.code = code;
+        this.redirectTo = redirectTo;
+        this.name = this.constructor.name;
+        Error.captureStackTrace(this, this.constructor);
     }
-    async set(key, value, ttlSeconds) {
-        await this.cacheClient.setObject(key, value, ttlSeconds);
+}
+class SessionNotFoundError extends SessionError {
+    constructor(message = 'Sesión no encontrada') {
+        super(message, 'SESSION_NOT_FOUND', '/?session=required');
     }
-    async get(key) {
-        return await this.cacheClient.getObject(key);
+}
+class SessionExpiredError extends SessionError {
+    constructor(message = 'Sesión expirada') {
+        super(message, 'SESSION_EXPIRED', '/session-expired?session=expired');
     }
-    async delete(key) {
-        await this.cacheClient.deleteKey(key);
+}
+class SessionInvalidError extends SessionError {
+    constructor(message = 'Sesión inválida') {
+        super(message, 'SESSION_INVALID', '/?session=invalid');
     }
-};
-exports.AuthCacheService = __decorate([
-    inversify.injectable(),
-    __metadata("design:paramtypes", [cacheManager.CacheService])
-], exports.AuthCacheService);
+}
+class TokenRefreshFailedError extends SessionError {
+    constructor(message = 'Error al renovar tokens') {
+        super(message, 'TOKEN_REFRESH_FAILED', '/session-expired?session=expired');
+    }
+}
+class InvalidTokenFormatError extends SessionError {
+    constructor(message = 'Formato de token inválido') {
+        super(message, 'INVALID_TOKEN_FORMAT', '/?session=invalid');
+    }
+}
 
 exports.AuthService = class AuthService {
-    constructor(config, storage, jwtManager) {
+    // private networkServices: HMNetworkServices;
+    // private jwtManager: JwtManager
+    constructor(config, storage, networkServices, jwtManager) {
         this.config = config;
         this.storage = storage;
+        this.networkServices = networkServices;
         this.jwtManager = jwtManager;
-        this.networkServices = new networkServices.HMNetworkServices(this.config.ssoBaseUrl);
+        // this.networkServices = new HMNetworkServices(this.config.ssoBaseUrl);
+        // this.jwtManager = new JwtManager();
     }
     /**
      * Genera los parámetros necesarios para iniciar el login SSO
@@ -439,7 +269,7 @@ exports.AuthService = class AuthService {
      */
     async decodeIdToken(idToken) {
         try {
-            const decode = this.jwtManager.decode(idToken);
+            const decode = this.jwtManager.getClaims(idToken);
             if (!decode) {
                 return null;
             }
@@ -486,16 +316,199 @@ exports.AuthService = class AuthService {
 };
 exports.AuthService = __decorate([
     inversify.injectable(),
-    __metadata("design:paramtypes", [Object, exports.AuthCacheService, Object])
+    __metadata("design:paramtypes", [Object, Object, networkServices.HMNetworkServices,
+        jwtManager.JwtManager])
 ], exports.AuthService);
 
-const registerAuthSdk = (container, config, cacheService, jwtManager) => {
-    container.bind(exports.AuthService).toDynamicValue(() => {
-        return new exports.AuthService(config, cacheService, jwtManager);
+const AUTH_SERVICE_ID = 'AuthService';
+
+/**
+ * Controller Abstracto Reutilizable
+ * Gestiona automáticamente Login, Callback, Me y Logout.
+ */
+exports.AbstractAuthController = class AbstractAuthController {
+    constructor() { }
+    async login(req, res) {
+        try {
+            const autoParam = typeof req.query.auto === 'string' ? req.query.auto : 'false';
+            const { loginUrl, tempState } = this.authService.generateLoginParams(autoParam);
+            res.cookie('auth_flow', JSON.stringify(tempState), {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === 'production',
+                maxAge: 300000 // 5 min
+            });
+            res.redirect(loginUrl);
+        }
+        catch (error) {
+            console.error('Login Error:', error);
+            res.status(500).send('Login initialization failed');
+        }
+    }
+    async callback(req, res) {
+        try {
+            const { code, state } = req.query;
+            const authFlowCookie = req.cookies['auth_flow'];
+            if (!authFlowCookie) {
+                res.status(400).send('Missing auth flow cookie');
+                return;
+            }
+            const storedState = JSON.parse(authFlowCookie);
+            const result = await this.authService.handleCallback(code, state, storedState);
+            res.cookie('x-session', result.sessionId, {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === 'production',
+                sameSite: 'lax',
+                maxAge: result.expiresIn * 1000,
+                path: '/'
+            });
+            res.clearCookie('auth_flow');
+            res.redirect(result.redirectUrl);
+        }
+        catch (error) {
+            console.error('Callback Error:', error);
+            if (error instanceof common.HttpError) {
+                res.status(error.statusCode).json({
+                    success: false,
+                    message: error.message,
+                    error: error.error
+                });
+                return;
+            }
+            res.status(500).json({
+                success: false,
+                message: 'Failed to complete authentication',
+                error: error.message
+            });
+        }
+    }
+    async me(req, res) {
+        const sessionId = req.cookies['x-session'];
+        if (!sessionId) {
+            return res.status(401).json({
+                success: false,
+                message: 'No session found',
+                data: {
+                    redirect_to: '/?session=required'
+                },
+                error: {
+                    message: 'Session is missing',
+                    code: 'SESSION_MISSING'
+                }
+            });
+        }
+        try {
+            const result = await this.authService.getSessionUser(sessionId);
+            return res.status(200).json({
+                success: true,
+                data: result
+            });
+        }
+        catch (error) {
+            res.clearCookie('x-session', {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === 'production',
+                sameSite: 'lax',
+            });
+            if (error instanceof SessionError) {
+                return res.status(401).json({
+                    success: false,
+                    message: error.message,
+                    data: {
+                        redirect_to: error.redirectTo || '/login'
+                    },
+                    error: {
+                        message: error.message,
+                        code: error.code
+                    }
+                });
+            }
+            else {
+                return res.status(500).json({
+                    success: false,
+                    message: 'Failed to retrieve session user',
+                    error: error.message
+                });
+            }
+        }
+    }
+    async logout(req, res) {
+        const sessionId = req.cookies['x-session'];
+        if (sessionId) {
+            await this.authService.logout(sessionId);
+        }
+        res.clearCookie('x-session', {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === 'production',
+            sameSite: 'lax',
+        });
+        return res.status(200).json({ success: true });
+    }
+};
+__decorate([
+    inversify.inject(AUTH_SERVICE_ID),
+    __metadata("design:type", exports.AuthService)
+], exports.AbstractAuthController.prototype, "authService", void 0);
+__decorate([
+    common.Get('/login'),
+    __param(0, common.Req()),
+    __param(1, common.Res()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], exports.AbstractAuthController.prototype, "login", null);
+__decorate([
+    common.Get('/callback'),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], exports.AbstractAuthController.prototype, "callback", null);
+__decorate([
+    common.Get('/me'),
+    __param(0, common.Req()),
+    __param(1, common.Res()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], exports.AbstractAuthController.prototype, "me", null);
+__decorate([
+    common.Post('/logout'),
+    __param(0, common.Req()),
+    __param(1, common.Res()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object]),
+    __metadata("design:returntype", Promise)
+], exports.AbstractAuthController.prototype, "logout", null);
+exports.AbstractAuthController = __decorate([
+    inversify.injectable(),
+    __metadata("design:paramtypes", [])
+], exports.AbstractAuthController);
+
+class AuthCacheAdapter {
+    constructor(externalCache) {
+        this.externalCache = externalCache;
+    }
+    async set(key, value, ttlSeconds) {
+        await this.externalCache.setObject(key, value, ttlSeconds);
+    }
+    async get(key) {
+        return await this.externalCache.getObject(key);
+    }
+    async delete(key) {
+        await this.externalCache.deleteKey(key);
+    }
+}
+
+const registerAuthSdk = (bind, config, cacheFactory) => {
+    bind(AUTH_SERVICE_ID).toDynamicValue(async (context) => {
+        const rawCache = await Promise.resolve(cacheFactory(context));
+        const storageAdapter = new AuthCacheAdapter(rawCache);
+        const network = new networkServices.HMNetworkServices(config.ssoBaseUrl);
+        const jwt = new jwtManager.JwtManager();
+        return new exports.AuthService(config, storageAdapter, network, jwt);
     }).inSingletonScope();
 };
 
-exports.AbstractAuthController = AbstractAuthController;
+exports.AUTH_SERVICE_ID = AUTH_SERVICE_ID;
 exports.InvalidTokenFormatError = InvalidTokenFormatError;
 exports.SessionError = SessionError;
 exports.SessionExpiredError = SessionExpiredError;

package/dist/types/adapters/index.d.ts

@@ -0,0 +1 @@
+export * from "./internal.adapter";

package/dist/types/adapters/internal.adapter.d.ts

@@ -0,0 +1,13 @@
+import { ISessionStorage } from "../types";
+export interface IHemiaCacheService {
+    setObject<T>(key: string, value: T, expireTime?: number): Promise<void>;
+    getObject<T>(key: string): Promise<T | null>;
+    deleteKey(key: string): Promise<void>;
+}
+export declare class AuthCacheAdapter implements ISessionStorage {
+    private externalCache;
+    constructor(externalCache: IHemiaCacheService);
+    set<T>(key: string, value: T, ttlSeconds?: number): Promise<void>;
+    get<T>(key: string): Promise<T | null>;
+    delete(key: string): Promise<void>;
+}

package/dist/types/constants.d.ts

@@ -0,0 +1 @@
+export declare const AUTH_SERVICE_ID = "AuthService";

package/dist/types/controllers/abstract-auth.controller.d.ts

@@ -6,7 +6,7 @@ import { AuthService } from "../services/auth.service";
  */
 export declare abstract class AbstractAuthController {
     protected readonly authService: AuthService;
-    protected constructor(authService: AuthService);
+    protected constructor();
     login(req: Request, res: Response): Promise<void>;
     callback(req: Request, res: Response): Promise<void>;
     me(req: Request, res: Response): Promise<Response>;

package/dist/types/index.d.ts

@@ -4,3 +4,4 @@ export * from "./services";
 export * from "./types";
 export * from "./errors";
 export * from "./ioc";
+export * from "./constants";

package/dist/types/ioc.d.ts

@@ -1,4 +1,5 @@
-import { Container } from "inversify";
-import { IAuthConfig, IJwtManager } from "./types";
-import { AuthCacheService } from "./services";
-export declare const registerAuthSdk: (container: Container, config: IAuthConfig, cacheService: AuthCacheService, jwtManager: IJwtManager) => void;
+import { Bind, ResolutionContext } from "inversify";
+import { IAuthConfig } from "./types";
+import { IHemiaCacheService } from "./adapters";
+export type CacheFactory = (context: ResolutionContext) => Promise<IHemiaCacheService> | IHemiaCacheService;
+export declare const registerAuthSdk: (bind: Bind, config: IAuthConfig, cacheFactory: CacheFactory) => void;

package/dist/types/services/auth.service.d.ts

@@ -1,11 +1,12 @@
-import { IAuthConfig, ICallbackResponse, IJwtManager, ILoginParams, ISessionUser, IStoredState } from '../types';
-import { AuthCacheService } from './cache.service';
+import { HMNetworkServices } from '@hemia/network-services';
+import { JwtManager } from '@hemia/jwt-manager';
+import { IAuthConfig, ICallbackResponse, ILoginParams, ISessionStorage, ISessionUser, IStoredState } from '../types';
 export declare class AuthService {
-    private config;
-    private storage;
-    private jwtManager;
-    private networkServices;
-    constructor(config: IAuthConfig, storage: AuthCacheService, jwtManager: IJwtManager);
+    private readonly config;
+    private readonly storage;
+    private readonly networkServices;
+    private readonly jwtManager;
+    constructor(config: IAuthConfig, storage: ISessionStorage, networkServices: HMNetworkServices, jwtManager: JwtManager);
     /**
      * Genera los parámetros necesarios para iniciar el login SSO
      * @param auto

package/dist/types/services/index.d.ts

@@ -1,2 +1 @@
 export * from "./auth.service";
-export * from "./cache.service";

package/dist/types/types/index.d.ts

@@ -8,3 +8,4 @@ export * from "./session-user-response.interface";
 export * from "./jwt-manager.interface";
 export * from "./standard-claims.interface";
 export * from "./session-data.interface";
+export * from "./session-storage.interface";

package/dist/types/types/session-storage.interface.d.ts

@@ -0,0 +1,5 @@
+export interface ISessionStorage {
+    set(key: string, value: any, ttlSeconds: number): Promise<void>;
+    get<T>(key: string): Promise<T | null>;
+    delete(key: string): Promise<void>;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hemia/auth-sdk",
-  "version": "0.0.2",
+  "version": "0.0.4",
   "description": "Hemia SDK for authentication",
   "main": "dist/hemia-auth-sdk.js",
   "module": "dist/hemia-auth-sdk.esm.js",
@@ -23,6 +23,7 @@
     "@hemia/network-services": "^0.0.3",
     "@hemia/common": "^0.0.2",
     "@hemia/cache-manager": "^0.0.5",
+    "@hemia/jwt-manager": "^0.0.4",
     "@types/express": "^4.17.21",
     "express": "^5.2.1",
     "events": "^3.3.0",
@@ -45,9 +46,10 @@
     "inversify": "^7.11.0",
     "@hemia/common": "^0.0.2",
     "@hemia/network-services": "^0.0.3",
-    "@hemia/cache-manager": "^0.0.5"
+    "@hemia/cache-manager": "^0.0.5",
+    "@hemia/jwt-manager": "^0.0.4"
   },
   "dependencies": {
-    
+   
   }
 }

package/dist/types/services/cache.service.d.ts

@@ -1,8 +0,0 @@
-import { CacheService as CacheServiceClient } from "@hemia/cache-manager";
-export declare class AuthCacheService {
-    private cacheClient;
-    constructor(cacheClient: CacheServiceClient);
-    set<T>(key: string, value: T, ttlSeconds?: number): Promise<void>;
-    get<T>(key: string): Promise<T | null>;
-    delete(key: string): Promise<void>;
-}