@hexclave/next 1.0.0 → 1.0.1

package/dist/index.d.ts

@@ -19,10 +19,10 @@ import { CliAuthConfirmation, CliAuthConfirmationState, CliAuthConfirmationStatu
 import { EmailVerification } from "./components-page/email-verification.js";
 import { ForgotPassword } from "./components-page/forgot-password.js";
 import { PasswordReset } from "./components-page/password-reset.js";
-import StackHandler from "./components-page/stack-handler.js";
-import { useStackApp, useUser } from "./lib/hooks.js";
-import NextStackProvider from "./providers/stack-provider.js";
-import { StackTheme } from "./providers/theme-provider.js";
+import { HexclaveHandler, StackHandler } from "./components-page/stack-handler.js";
+import { useHexclaveApp, useStackApp, useUser } from "./lib/hooks.js";
+import { HexclaveProvider, StackProvider } from "./providers/stack-provider.js";
+import { HexclaveTheme, StackTheme } from "./providers/theme-provider.js";
 import { AuthPage } from "./components-page/auth-page.js";
 import { SignIn } from "./components-page/sign-in.js";
 import { SignUp } from "./components-page/sign-up.js";
@@ -36,5 +36,5 @@ import { OAuthButtonGroup } from "./components/oauth-button-group.js";
 import { SelectedTeamSwitcher } from "./components/selected-team-switcher.js";
 import { TeamSwitcher } from "./components/team-switcher.js";
 import { UserButton } from "./components/user-button.js";
-import { StackConfig, StackConfig as HexclaveConfig, defineStackConfig, defineStackConfig as defineHexclaveConfig } from "@hexclave/shared/config";
-export { AccountSettings, AdminDomainConfig, AdminEmailConfig, AdminEmailOutbox, AdminEmailOutboxRecipient, AdminEmailOutboxSimpleStatus, AdminEmailOutboxStatus, AdminOAuthProviderConfig, AdminOwnedProject, AdminProject, AdminProjectConfig, AdminProjectConfigUpdateOptions, AdminProjectCreateOptions, AdminProjectPermission, AdminProjectPermissionDefinition, AdminProjectPermissionDefinitionCreateOptions, AdminProjectPermissionDefinitionUpdateOptions, AdminProjectUpdateOptions, AdminSendAttemptError, AdminSentEmail, AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, type AnalyticsOptions, type AnalyticsReplayOptions, Auth, AuthPage, CliAuthConfirmation, type CliAuthConfirmationState, type CliAuthConfirmationStatus, Connection, ContactChannel, CredentialSignIn, CredentialSignUp, CurrentInternalServerUser, CurrentInternalUser, CurrentServerUser, CurrentUser, EditableTeamMemberProfile, EmailOutboxListOptions, EmailOutboxListResult, EmailOutboxUpdateOptions, EmailVerification, ForgotPassword, GetCurrentUserOptions, GetCurrentUserOptions as GetUserOptions, HandlerUrlOptions, HandlerUrls, HexclaveAdminApp, HexclaveAdminAppConstructor, HexclaveAdminAppConstructorOptions, HexclaveClientApp, HexclaveClientAppConstructor, HexclaveClientAppConstructorOptions, HexclaveClientAppJson, type HexclaveConfig, StackHandler as HexclaveHandler, StackHandler, NextStackProvider as HexclaveProvider, NextStackProvider as StackProvider, HexclaveServerApp, HexclaveServerAppConstructor, HexclaveServerAppConstructorOptions, StackTheme as HexclaveTheme, StackTheme, InternalApiKey, InternalApiKeyBase, InternalApiKeyBaseCrudRead, InternalApiKeyCreateOptions, InternalApiKeyFirstView, MagicLinkSignIn, MessageCard, OAuthButton, OAuthButtonGroup, OAuthConnection, OAuthProvider, OAuthProviderConfig, OAuthScopesOnSignIn, PasswordReset, Project, ProjectConfig, PushedConfigSource, ReceivedTeamInvitation, ResolvedHandlerUrls, SelectedTeamSwitcher, SentTeamInvitation, ServerContactChannel, ServerListUsersOptions, ServerOAuthProvider, ServerTeam, ServerTeamCreateOptions, ServerTeamMemberProfile, ServerTeamUpdateOptions, ServerTeamUser, ServerUser, SignIn, SignUp, StackAdminApp, StackAdminAppConstructor, StackAdminAppConstructorOptions, StackClientApp, StackClientAppConstructor, StackClientAppConstructorOptions, StackClientAppJson, type StackConfig, StackServerApp, StackServerAppConstructor, StackServerAppConstructorOptions, Team, TeamCreateOptions, TeamInvitation, TeamMemberProfile, TeamSwitcher, TeamUpdateOptions, TeamUser, User, UserAvatar, UserButton, defineHexclaveConfig, defineStackConfig, getConvexProvidersConfig, getPagePrompt, stackAppInternalsSymbol, useCliAuthConfirmation, useStackApp as useHexclaveApp, useStackApp, useUser };
+import { HexclaveConfig, StackConfig, defineHexclaveConfig, defineStackConfig } from "@hexclave/shared/config";
+export { AccountSettings, AdminDomainConfig, AdminEmailConfig, AdminEmailOutbox, AdminEmailOutboxRecipient, AdminEmailOutboxSimpleStatus, AdminEmailOutboxStatus, AdminOAuthProviderConfig, AdminOwnedProject, AdminProject, AdminProjectConfig, AdminProjectConfigUpdateOptions, AdminProjectCreateOptions, AdminProjectPermission, AdminProjectPermissionDefinition, AdminProjectPermissionDefinitionCreateOptions, AdminProjectPermissionDefinitionUpdateOptions, AdminProjectUpdateOptions, AdminSendAttemptError, AdminSentEmail, AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, type AnalyticsOptions, type AnalyticsReplayOptions, Auth, AuthPage, CliAuthConfirmation, type CliAuthConfirmationState, type CliAuthConfirmationStatus, Connection, ContactChannel, CredentialSignIn, CredentialSignUp, CurrentInternalServerUser, CurrentInternalUser, CurrentServerUser, CurrentUser, EditableTeamMemberProfile, EmailOutboxListOptions, EmailOutboxListResult, EmailOutboxUpdateOptions, EmailVerification, ForgotPassword, GetCurrentUserOptions, GetCurrentUserOptions as GetUserOptions, HandlerUrlOptions, HandlerUrls, HexclaveAdminApp, HexclaveAdminAppConstructor, HexclaveAdminAppConstructorOptions, HexclaveClientApp, HexclaveClientAppConstructor, HexclaveClientAppConstructorOptions, HexclaveClientAppJson, type HexclaveConfig, HexclaveHandler, HexclaveProvider, HexclaveServerApp, HexclaveServerAppConstructor, HexclaveServerAppConstructorOptions, HexclaveTheme, InternalApiKey, InternalApiKeyBase, InternalApiKeyBaseCrudRead, InternalApiKeyCreateOptions, InternalApiKeyFirstView, MagicLinkSignIn, MessageCard, OAuthButton, OAuthButtonGroup, OAuthConnection, OAuthProvider, OAuthProviderConfig, OAuthScopesOnSignIn, PasswordReset, Project, ProjectConfig, PushedConfigSource, ReceivedTeamInvitation, ResolvedHandlerUrls, SelectedTeamSwitcher, SentTeamInvitation, ServerContactChannel, ServerListUsersOptions, ServerOAuthProvider, ServerTeam, ServerTeamCreateOptions, ServerTeamMemberProfile, ServerTeamUpdateOptions, ServerTeamUser, ServerUser, SignIn, SignUp, StackAdminApp, StackAdminAppConstructor, StackAdminAppConstructorOptions, StackClientApp, StackClientAppConstructor, StackClientAppConstructorOptions, StackClientAppJson, type StackConfig, StackHandler, StackProvider, StackServerApp, StackServerAppConstructor, StackServerAppConstructorOptions, StackTheme, Team, TeamCreateOptions, TeamInvitation, TeamMemberProfile, TeamSwitcher, TeamUpdateOptions, TeamUser, User, UserAvatar, UserButton, defineHexclaveConfig, defineStackConfig, getConvexProvidersConfig, getPagePrompt, stackAppInternalsSymbol, useCliAuthConfirmation, useHexclaveApp, useStackApp, useUser };

package/dist/index.js

@@ -1,13 +1,10 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_chunk = require('./chunk-BE-pF4vm.js');
-require("./internal/deprecation-warning.js");
 let __integrations_convex_js = require("./integrations/convex.js");
-let _stackframe_stack_shared_config = require("@hexclave/shared/config");
+let _hexclave_shared_config = require("@hexclave/shared/config");
 let __components_page_stack_handler_js = require("./components-page/stack-handler.js");
-__components_page_stack_handler_js = require_chunk.__toESM(__components_page_stack_handler_js);
 let __lib_hooks_js = require("./lib/hooks.js");
 let __providers_stack_provider_js = require("./providers/stack-provider.js");
-__providers_stack_provider_js = require_chunk.__toESM(__providers_stack_provider_js);
 let __providers_theme_provider_js = require("./providers/theme-provider.js");
 let __components_page_account_settings_js = require("./components-page/account-settings.js");
 let __components_page_auth_page_js = require("./components-page/auth-page.js");
@@ -73,19 +70,19 @@ Object.defineProperty(exports, 'ForgotPassword', {
 Object.defineProperty(exports, 'HexclaveHandler', {
   enumerable: true,
   get: function () {
-    return __components_page_stack_handler_js.default;
+    return __components_page_stack_handler_js.HexclaveHandler;
   }
 });
 Object.defineProperty(exports, 'HexclaveProvider', {
   enumerable: true,
   get: function () {
-    return __providers_stack_provider_js.default;
+    return __providers_stack_provider_js.HexclaveProvider;
   }
 });
 Object.defineProperty(exports, 'HexclaveTheme', {
   enumerable: true,
   get: function () {
-    return __providers_theme_provider_js.StackTheme;
+    return __providers_theme_provider_js.HexclaveTheme;
   }
 });
 Object.defineProperty(exports, 'MagicLinkSignIn', {
@@ -139,13 +136,13 @@ Object.defineProperty(exports, 'SignUp', {
 Object.defineProperty(exports, 'StackHandler', {
   enumerable: true,
   get: function () {
-    return __components_page_stack_handler_js.default;
+    return __components_page_stack_handler_js.StackHandler;
   }
 });
 Object.defineProperty(exports, 'StackProvider', {
   enumerable: true,
   get: function () {
-    return __providers_stack_provider_js.default;
+    return __providers_stack_provider_js.StackProvider;
   }
 });
 Object.defineProperty(exports, 'StackTheme', {
@@ -175,13 +172,13 @@ Object.defineProperty(exports, 'UserButton', {
 Object.defineProperty(exports, 'defineHexclaveConfig', {
   enumerable: true,
   get: function () {
-    return _stackframe_stack_shared_config.defineStackConfig;
+    return _hexclave_shared_config.defineHexclaveConfig;
   }
 });
 Object.defineProperty(exports, 'defineStackConfig', {
   enumerable: true,
   get: function () {
-    return _stackframe_stack_shared_config.defineStackConfig;
+    return _hexclave_shared_config.defineStackConfig;
   }
 });
 Object.defineProperty(exports, 'getConvexProvidersConfig', {
@@ -199,7 +196,7 @@ Object.defineProperty(exports, 'useCliAuthConfirmation', {
 Object.defineProperty(exports, 'useHexclaveApp', {
   enumerable: true,
   get: function () {
-    return __lib_hooks_js.useStackApp;
+    return __lib_hooks_js.useHexclaveApp;
   }
 });
 Object.defineProperty(exports, 'useStackApp', {

package/dist/integrations/convex/component/convex.config.d.ts

@@ -1,4 +1,4 @@
-import { n as FunctionReference } from "../../../storage-DxMLntUt.js";
+import { n as FunctionReference } from "../../../storage-kTmOAWHW.js";
 
 //#region ../../node_modules/.pnpm/convex@1.27.0_react@19.2.1/node_modules/convex/dist/cjs-types/server/components/index.d.ts
 interface ComponentExports {

package/dist/integrations/convex.js

@@ -1,6 +1,6 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_chunk = require('../chunk-BE-pF4vm.js');
-let _stackframe_stack_shared_dist_utils_urls = require("@hexclave/shared/dist/utils/urls");
+let _hexclave_shared_dist_utils_urls = require("@hexclave/shared/dist/utils/urls");
 let ___lib_stack_app_apps_implementations_common_js = require("../lib/stack-app/apps/implementations/common.js");
 
 //#region src/integrations/convex.ts
@@ -9,13 +9,13 @@ function getConvexProvidersConfig(options) {
 	const projectId = options.projectId;
 	return [{
 		type: "customJwt",
-		issuer: new URL(_stackframe_stack_shared_dist_utils_urls.urlString`/api/v1/projects/${projectId}`, baseUrl),
-		jwks: new URL(_stackframe_stack_shared_dist_utils_urls.urlString`/api/v1/projects/${projectId}/.well-known/jwks.json`, baseUrl),
+		issuer: new URL(_hexclave_shared_dist_utils_urls.urlString`/api/v1/projects/${projectId}`, baseUrl),
+		jwks: new URL(_hexclave_shared_dist_utils_urls.urlString`/api/v1/projects/${projectId}/.well-known/jwks.json`, baseUrl),
 		algorithm: "ES256"
 	}, {
 		type: "customJwt",
-		issuer: new URL(_stackframe_stack_shared_dist_utils_urls.urlString`/api/v1/projects-anonymous-users/${projectId}`, baseUrl),
-		jwks: new URL(_stackframe_stack_shared_dist_utils_urls.urlString`/api/v1/projects/${projectId}/.well-known/jwks.json?include_anonymous=true`, baseUrl),
+		issuer: new URL(_hexclave_shared_dist_utils_urls.urlString`/api/v1/projects-anonymous-users/${projectId}`, baseUrl),
+		jwks: new URL(_hexclave_shared_dist_utils_urls.urlString`/api/v1/projects/${projectId}/.well-known/jwks.json?include_anonymous=true`, baseUrl),
 		algorithm: "ES256"
 	}];
 }

package/dist/integrations/convex.js.map

@@ -1 +1 @@
-{"version":3,"file":"convex.js","names":["defaultBaseUrl"],"sources":["../../src/integrations/convex.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { urlString } from \"@stackframe/stack-shared/dist/utils/urls\";\nimport { defaultBaseUrl } from \"../lib/stack-app/apps/implementations/common\";\n\nexport function getConvexProvidersConfig(options: {\n  baseUrl?: string,\n  projectId: string,\n}) {\n  const baseUrl = options.baseUrl || defaultBaseUrl;\n  const projectId = options.projectId;\n  return [\n    {\n      type: \"customJwt\",\n      issuer: new URL(urlString`/api/v1/projects/${projectId}`, baseUrl),\n      jwks: new URL(urlString`/api/v1/projects/${projectId}/.well-known/jwks.json`, baseUrl),\n      algorithm: \"ES256\",\n    },\n    {\n      type: \"customJwt\",\n      issuer: new URL(urlString`/api/v1/projects-anonymous-users/${projectId}`, baseUrl),\n      jwks: new URL(urlString`/api/v1/projects/${projectId}/.well-known/jwks.json?include_anonymous=true`, baseUrl),\n      algorithm: \"ES256\",\n    },\n  ];\n}\n"],"mappings":";;;;;;AAOA,SAAgB,yBAAyB,SAGtC;CACD,MAAM,UAAU,QAAQ,WAAWA;CACnC,MAAM,YAAY,QAAQ;AAC1B,QAAO,CACL;EACE,MAAM;EACN,QAAQ,IAAI,IAAI,kDAAS,oBAAoB,aAAa,QAAQ;EAClE,MAAM,IAAI,IAAI,kDAAS,oBAAoB,UAAU,yBAAyB,QAAQ;EACtF,WAAW;EACZ,EACD;EACE,MAAM;EACN,QAAQ,IAAI,IAAI,kDAAS,oCAAoC,aAAa,QAAQ;EAClF,MAAM,IAAI,IAAI,kDAAS,oBAAoB,UAAU,gDAAgD,QAAQ;EAC7G,WAAW;EACZ,CACF"}
+{"version":3,"file":"convex.js","names":["defaultBaseUrl"],"sources":["../../src/integrations/convex.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { urlString } from \"@hexclave/shared/dist/utils/urls\";\nimport { defaultBaseUrl } from \"../lib/stack-app/apps/implementations/common\";\n\nexport function getConvexProvidersConfig(options: {\n  baseUrl?: string,\n  projectId: string,\n}) {\n  const baseUrl = options.baseUrl || defaultBaseUrl;\n  const projectId = options.projectId;\n  return [\n    {\n      type: \"customJwt\",\n      issuer: new URL(urlString`/api/v1/projects/${projectId}`, baseUrl),\n      jwks: new URL(urlString`/api/v1/projects/${projectId}/.well-known/jwks.json`, baseUrl),\n      algorithm: \"ES256\",\n    },\n    {\n      type: \"customJwt\",\n      issuer: new URL(urlString`/api/v1/projects-anonymous-users/${projectId}`, baseUrl),\n      jwks: new URL(urlString`/api/v1/projects/${projectId}/.well-known/jwks.json?include_anonymous=true`, baseUrl),\n      algorithm: \"ES256\",\n    },\n  ];\n}\n"],"mappings":";;;;;;AAOA,SAAgB,yBAAyB,SAGtC;CACD,MAAM,UAAU,QAAQ,WAAWA;CACnC,MAAM,YAAY,QAAQ;AAC1B,QAAO,CACL;EACE,MAAM;EACN,QAAQ,IAAI,IAAI,0CAAS,oBAAoB,aAAa,QAAQ;EAClE,MAAM,IAAI,IAAI,0CAAS,oBAAoB,UAAU,yBAAyB,QAAQ;EACtF,WAAW;EACZ,EACD;EACE,MAAM;EACN,QAAQ,IAAI,IAAI,0CAAS,oCAAoC,aAAa,QAAQ;EAClF,MAAM,IAAI,IAAI,0CAAS,oBAAoB,UAAU,gDAAgD,QAAQ;EAC7G,WAAW;EACZ,CACF"}

package/dist/lib/auth.js

@@ -1,9 +1,9 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_chunk = require('../chunk-BE-pF4vm.js');
-let _stackframe_stack_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
-let _stackframe_stack_shared = require("@hexclave/shared");
-let _stackframe_stack_shared_dist_utils_strings = require("@hexclave/shared/dist/utils/strings");
-let _stackframe_stack_shared_dist_utils_results = require("@hexclave/shared/dist/utils/results");
+let _hexclave_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
+let _hexclave_shared = require("@hexclave/shared");
+let _hexclave_shared_dist_utils_results = require("@hexclave/shared/dist/utils/results");
+let _hexclave_shared_dist_utils_strings = require("@hexclave/shared/dist/utils/strings");
 let ___utils_url_js = require("../utils/url.js");
 let __cookie_js = require("./cookie.js");
 
@@ -40,7 +40,7 @@ function consumeOAuthCallbackQueryParams(options) {
 		if (details) try {
 			detailsJson = JSON.parse(details);
 		} catch (error) {
-			throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("OAuth callback returned malformed known-error details", {
+			throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("OAuth callback returned malformed known-error details", {
 				details,
 				cause: error
 			});
@@ -50,7 +50,7 @@ function consumeOAuthCallbackQueryParams(options) {
 		window.history.replaceState({}, "", newUrl.toString());
 		return {
 			type: "known-error",
-			error: _stackframe_stack_shared.KnownError.fromJson({
+			error: _hexclave_shared.KnownError.fromJson({
 				code: knownErrorCode,
 				message: knownErrorMessage,
 				details: detailsJson
@@ -61,10 +61,10 @@ function consumeOAuthCallbackQueryParams(options) {
 		if (!options?.dontWarnAboutMissingQueryParams) console.warn(/* @__PURE__ */ new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));
 		return null;
 	}
-	const expectedState = originalUrl.searchParams.get("state") ?? (0, _stackframe_stack_shared_dist_utils_errors.throwErr)("This should never happen; isn't state required above?");
+	const expectedState = originalUrl.searchParams.get("state") ?? (0, _hexclave_shared_dist_utils_errors.throwErr)("This should never happen; isn't state required above?");
 	const cookieResult = (0, __cookie_js.consumeVerifierAndStateCookie)(expectedState);
 	if (!cookieResult) {
-		console.warn(_stackframe_stack_shared_dist_utils_strings.deindent`
+		console.warn(_hexclave_shared_dist_utils_strings.deindent`
       Stack found an outer OAuth callback state in the query parameters, but not in cookies.
 
       This could have multiple reasons:
@@ -90,18 +90,18 @@ function consumeOAuthCallbackQueryParams(options) {
 }
 async function callOAuthCallback(iface, redirectUrl, options) {
 	const consumed = consumeOAuthCallbackQueryParams(options);
-	if (!consumed) return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
+	if (!consumed) return _hexclave_shared_dist_utils_results.Result.ok(void 0);
 	if (consumed.type === "known-error") throw consumed.error;
 	try {
-		return _stackframe_stack_shared_dist_utils_results.Result.ok(await iface.callOAuthCallback({
+		return _hexclave_shared_dist_utils_results.Result.ok(await iface.callOAuthCallback({
 			oauthParams: consumed.originalUrl.searchParams,
 			redirectUri: (0, ___utils_url_js.constructRedirectUrl)(redirectUrl, "redirectUri"),
 			codeVerifier: consumed.codeVerifier,
 			state: consumed.state
 		}));
 	} catch (e) {
-		if (_stackframe_stack_shared.KnownError.isKnownError(e)) throw e;
-		throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Error signing in during OAuth callback. Please try again.", { cause: e });
+		if (_hexclave_shared.KnownError.isKnownError(e)) throw e;
+		throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Error signing in during OAuth callback. Please try again.", { cause: e });
 	}
 }
 

package/dist/lib/auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.js","names":["HexclaveAssertionError","KnownError","Result"],"sources":["../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { KnownError, HexclaveClientInterface } from \"@stackframe/stack-shared\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { HexclaveAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { deindent } from \"@stackframe/stack-shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\nexport async function getNewOAuthProviderOrScopeUrl(\n  iface: HexclaveClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  },\n  session: InternalSession,\n): Promise<string> {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  return await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n    afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n    codeChallenge,\n    state,\n    type: \"link\",\n    session,\n    providerScope: options.providerScope,\n  });\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\ntype OAuthCallbackConsumptionResult =\n  | {\n    type: \"oauth-response\",\n    originalUrl: URL,\n    codeVerifier: string,\n    state: string,\n  }\n  | {\n    type: \"known-error\",\n    error: KnownError,\n  };\n\nfunction consumeOAuthCallbackQueryParams(options?: {\n  dontWarnAboutMissingQueryParams?: boolean,\n}): OAuthCallbackConsumptionResult | null {\n  const oauthErrorParams = [\"error\", \"error_description\", \"errorCode\", \"message\", \"details\"] as const;\n  const requiredParams = [\"code\", \"state\"];\n  const originalUrl = new URL(window.location.href);\n  const knownErrorCode = originalUrl.searchParams.get(\"errorCode\");\n  const knownErrorMessage = originalUrl.searchParams.get(\"message\");\n  if (knownErrorCode && knownErrorMessage) {\n    const details = originalUrl.searchParams.get(\"details\");\n    let detailsJson = {};\n    if (details) {\n      try {\n        detailsJson = JSON.parse(details);\n      } catch (error) {\n        throw new HexclaveAssertionError(\"OAuth callback returned malformed known-error details\", {\n          details,\n          cause: error,\n        });\n      }\n    }\n\n    const newUrl = new URL(originalUrl);\n    for (const param of oauthErrorParams) {\n      newUrl.searchParams.delete(param);\n    }\n    window.history.replaceState({}, \"\", newUrl.toString());\n\n    return {\n      type: \"known-error\",\n      error: KnownError.fromJson({\n        code: knownErrorCode,\n        message: knownErrorMessage,\n        details: detailsJson,\n      }),\n    };\n  }\n\n  for (const param of requiredParams) {\n    if (!originalUrl.searchParams.has(param)) {\n      if (!options?.dontWarnAboutMissingQueryParams) {\n        console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n      }\n      return null;\n    }\n  }\n\n  const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n  const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n  if (!cookieResult) {\n    // If the state can't be found in the cookies, then the callback wasn't meant for us.\n    // Maybe the website uses another OAuth library?\n    console.warn(deindent`\n      Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n\n      This could have multiple reasons:\n        - The cookie expired, because the OAuth flow took too long.\n        - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n        - The cookie was already consumed by this page, and the user already logged in.\n        - You are using another OAuth client library with the same callback URL as Stack.\n        - The user opened the OAuth callback page from their history.\n\n      Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n    `);\n    return null;\n  }\n\n\n  const newUrl = new URL(originalUrl);\n  for (const param of requiredParams) {\n    newUrl.searchParams.delete(param);\n  }\n\n  // let's get rid of the authorization code in the history as we\n  // don't redirect to `redirectUrl` if there's a validation error\n  // (as the redirectUrl might be malicious!).\n  //\n  // We use history.replaceState instead of location.assign(...) to\n  // prevent an unnecessary reload\n  window.history.replaceState({}, \"\", newUrl.toString());\n\n  return {\n    type: \"oauth-response\",\n    originalUrl,\n    codeVerifier: cookieResult.codeVerifier,\n    state: expectedState,\n  };\n}\n\nexport async function callOAuthCallback(\n  iface: HexclaveClientInterface,\n  redirectUrl: string,\n  options?: {\n    dontWarnAboutMissingQueryParams?: boolean,\n  },\n) {\n  // note: this part of the function (until the return) needs\n  // to be synchronous, to prevent race conditions when\n  // callOAuthCallback is called multiple times in parallel\n  const consumed = consumeOAuthCallbackQueryParams(options);\n  if (!consumed) return Result.ok(undefined);\n  if (consumed.type === \"known-error\") {\n    throw consumed.error;\n  }\n\n  // the rest can be asynchronous (we now know that we are the\n  // intended recipient of the callback, and the only instance\n  // of callOAuthCallback that's running)\n  try {\n    return Result.ok(await iface.callOAuthCallback({\n      oauthParams: consumed.originalUrl.searchParams,\n      redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n      codeVerifier: consumed.codeVerifier,\n      state: consumed.state,\n    }));\n  } catch (e) {\n    if (KnownError.isKnownError(e)) {\n      throw e;\n    }\n    throw new HexclaveAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n  }\n}\n"],"mappings":";;;;;;;;;;AAWA,eAAsB,8BACpB,OACA,SAMA,SACiB;CACjB,MAAM,EAAE,eAAe,UAAU,6CAA4B;AAC7D,QAAO,MAAM,MAAM,YAAY;EAC7B,UAAU,QAAQ;EAClB,uDAAkC,QAAQ,aAAa,cAAc;EACrE,4DAAuC,QAAQ,kBAAkB,mBAAmB;EACpF,oEAA+C,OAAO,SAAS,MAAM,2BAA2B;EAChG;EACA;EACA,MAAM;EACN;EACA,eAAe,QAAQ;EACxB,CAAC;;AAoBJ,SAAS,gCAAgC,SAEC;CACxC,MAAM,mBAAmB;EAAC;EAAS;EAAqB;EAAa;EAAW;EAAU;CAC1F,MAAM,iBAAiB,CAAC,QAAQ,QAAQ;CACxC,MAAM,cAAc,IAAI,IAAI,OAAO,SAAS,KAAK;CACjD,MAAM,iBAAiB,YAAY,aAAa,IAAI,YAAY;CAChE,MAAM,oBAAoB,YAAY,aAAa,IAAI,UAAU;AACjE,KAAI,kBAAkB,mBAAmB;EACvC,MAAM,UAAU,YAAY,aAAa,IAAI,UAAU;EACvD,IAAI,cAAc,EAAE;AACpB,MAAI,QACF,KAAI;AACF,iBAAc,KAAK,MAAM,QAAQ;WAC1B,OAAO;AACd,SAAM,IAAIA,kEAAuB,yDAAyD;IACxF;IACA,OAAO;IACR,CAAC;;EAIN,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,OAAK,MAAM,SAAS,iBAClB,QAAO,aAAa,OAAO,MAAM;AAEnC,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,SAAO;GACL,MAAM;GACN,OAAOC,oCAAW,SAAS;IACzB,MAAM;IACN,SAAS;IACT,SAAS;IACV,CAAC;GACH;;AAGH,MAAK,MAAM,SAAS,eAClB,KAAI,CAAC,YAAY,aAAa,IAAI,MAAM,EAAE;AACxC,MAAI,CAAC,SAAS,gCACZ,SAAQ,qBAAK,IAAI,MAAM,uDAAuD,MAAM,2EAA2E,CAAC;AAElK,SAAO;;CAIX,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ,6DAAa,wDAAwD;CAChI,MAAM,8DAA6C,cAAc;AAEjE,KAAI,CAAC,cAAc;AAGjB,UAAQ,KAAK,oDAAQ;;;;;;;;;;;MAWnB;AACF,SAAO;;CAIT,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,eAClB,QAAO,aAAa,OAAO,MAAM;AASnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,QAAO;EACL,MAAM;EACN;EACA,cAAc,aAAa;EAC3B,OAAO;EACR;;AAGH,eAAsB,kBACpB,OACA,aACA,SAGA;CAIA,MAAM,WAAW,gCAAgC,QAAQ;AACzD,KAAI,CAAC,SAAU,QAAOC,mDAAO,GAAG,OAAU;AAC1C,KAAI,SAAS,SAAS,cACpB,OAAM,SAAS;AAMjB,KAAI;AACF,SAAOA,mDAAO,GAAG,MAAM,MAAM,kBAAkB;GAC7C,aAAa,SAAS,YAAY;GAClC,uDAAkC,aAAa,cAAc;GAC7D,cAAc,SAAS;GACvB,OAAO,SAAS;GACjB,CAAC,CAAC;UACI,GAAG;AACV,MAAID,oCAAW,aAAa,EAAE,CAC5B,OAAM;AAER,QAAM,IAAID,kEAAuB,6DAA6D,EAAE,OAAO,GAAG,CAAC"}
+{"version":3,"file":"auth.js","names":["HexclaveAssertionError","KnownError","Result"],"sources":["../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { KnownError, HexclaveClientInterface } from \"@hexclave/shared\";\nimport { InternalSession } from \"@hexclave/shared/dist/sessions\";\nimport { HexclaveAssertionError, throwErr } from \"@hexclave/shared/dist/utils/errors\";\nimport { Result } from \"@hexclave/shared/dist/utils/results\";\nimport { deindent } from \"@hexclave/shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\nexport async function getNewOAuthProviderOrScopeUrl(\n  iface: HexclaveClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  },\n  session: InternalSession,\n): Promise<string> {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  return await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n    afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n    codeChallenge,\n    state,\n    type: \"link\",\n    session,\n    providerScope: options.providerScope,\n  });\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\ntype OAuthCallbackConsumptionResult =\n  | {\n    type: \"oauth-response\",\n    originalUrl: URL,\n    codeVerifier: string,\n    state: string,\n  }\n  | {\n    type: \"known-error\",\n    error: KnownError,\n  };\n\nfunction consumeOAuthCallbackQueryParams(options?: {\n  dontWarnAboutMissingQueryParams?: boolean,\n}): OAuthCallbackConsumptionResult | null {\n  const oauthErrorParams = [\"error\", \"error_description\", \"errorCode\", \"message\", \"details\"] as const;\n  const requiredParams = [\"code\", \"state\"];\n  const originalUrl = new URL(window.location.href);\n  const knownErrorCode = originalUrl.searchParams.get(\"errorCode\");\n  const knownErrorMessage = originalUrl.searchParams.get(\"message\");\n  if (knownErrorCode && knownErrorMessage) {\n    const details = originalUrl.searchParams.get(\"details\");\n    let detailsJson = {};\n    if (details) {\n      try {\n        detailsJson = JSON.parse(details);\n      } catch (error) {\n        throw new HexclaveAssertionError(\"OAuth callback returned malformed known-error details\", {\n          details,\n          cause: error,\n        });\n      }\n    }\n\n    const newUrl = new URL(originalUrl);\n    for (const param of oauthErrorParams) {\n      newUrl.searchParams.delete(param);\n    }\n    window.history.replaceState({}, \"\", newUrl.toString());\n\n    return {\n      type: \"known-error\",\n      error: KnownError.fromJson({\n        code: knownErrorCode,\n        message: knownErrorMessage,\n        details: detailsJson,\n      }),\n    };\n  }\n\n  for (const param of requiredParams) {\n    if (!originalUrl.searchParams.has(param)) {\n      if (!options?.dontWarnAboutMissingQueryParams) {\n        console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n      }\n      return null;\n    }\n  }\n\n  const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n  const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n  if (!cookieResult) {\n    // If the state can't be found in the cookies, then the callback wasn't meant for us.\n    // Maybe the website uses another OAuth library?\n    console.warn(deindent`\n      Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n\n      This could have multiple reasons:\n        - The cookie expired, because the OAuth flow took too long.\n        - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n        - The cookie was already consumed by this page, and the user already logged in.\n        - You are using another OAuth client library with the same callback URL as Stack.\n        - The user opened the OAuth callback page from their history.\n\n      Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n    `);\n    return null;\n  }\n\n\n  const newUrl = new URL(originalUrl);\n  for (const param of requiredParams) {\n    newUrl.searchParams.delete(param);\n  }\n\n  // let's get rid of the authorization code in the history as we\n  // don't redirect to `redirectUrl` if there's a validation error\n  // (as the redirectUrl might be malicious!).\n  //\n  // We use history.replaceState instead of location.assign(...) to\n  // prevent an unnecessary reload\n  window.history.replaceState({}, \"\", newUrl.toString());\n\n  return {\n    type: \"oauth-response\",\n    originalUrl,\n    codeVerifier: cookieResult.codeVerifier,\n    state: expectedState,\n  };\n}\n\nexport async function callOAuthCallback(\n  iface: HexclaveClientInterface,\n  redirectUrl: string,\n  options?: {\n    dontWarnAboutMissingQueryParams?: boolean,\n  },\n) {\n  // note: this part of the function (until the return) needs\n  // to be synchronous, to prevent race conditions when\n  // callOAuthCallback is called multiple times in parallel\n  const consumed = consumeOAuthCallbackQueryParams(options);\n  if (!consumed) return Result.ok(undefined);\n  if (consumed.type === \"known-error\") {\n    throw consumed.error;\n  }\n\n  // the rest can be asynchronous (we now know that we are the\n  // intended recipient of the callback, and the only instance\n  // of callOAuthCallback that's running)\n  try {\n    return Result.ok(await iface.callOAuthCallback({\n      oauthParams: consumed.originalUrl.searchParams,\n      redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n      codeVerifier: consumed.codeVerifier,\n      state: consumed.state,\n    }));\n  } catch (e) {\n    if (KnownError.isKnownError(e)) {\n      throw e;\n    }\n    throw new HexclaveAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n  }\n}\n"],"mappings":";;;;;;;;;;AAWA,eAAsB,8BACpB,OACA,SAMA,SACiB;CACjB,MAAM,EAAE,eAAe,UAAU,6CAA4B;AAC7D,QAAO,MAAM,MAAM,YAAY;EAC7B,UAAU,QAAQ;EAClB,uDAAkC,QAAQ,aAAa,cAAc;EACrE,4DAAuC,QAAQ,kBAAkB,mBAAmB;EACpF,oEAA+C,OAAO,SAAS,MAAM,2BAA2B;EAChG;EACA;EACA,MAAM;EACN;EACA,eAAe,QAAQ;EACxB,CAAC;;AAoBJ,SAAS,gCAAgC,SAEC;CACxC,MAAM,mBAAmB;EAAC;EAAS;EAAqB;EAAa;EAAW;EAAU;CAC1F,MAAM,iBAAiB,CAAC,QAAQ,QAAQ;CACxC,MAAM,cAAc,IAAI,IAAI,OAAO,SAAS,KAAK;CACjD,MAAM,iBAAiB,YAAY,aAAa,IAAI,YAAY;CAChE,MAAM,oBAAoB,YAAY,aAAa,IAAI,UAAU;AACjE,KAAI,kBAAkB,mBAAmB;EACvC,MAAM,UAAU,YAAY,aAAa,IAAI,UAAU;EACvD,IAAI,cAAc,EAAE;AACpB,MAAI,QACF,KAAI;AACF,iBAAc,KAAK,MAAM,QAAQ;WAC1B,OAAO;AACd,SAAM,IAAIA,0DAAuB,yDAAyD;IACxF;IACA,OAAO;IACR,CAAC;;EAIN,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,OAAK,MAAM,SAAS,iBAClB,QAAO,aAAa,OAAO,MAAM;AAEnC,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,SAAO;GACL,MAAM;GACN,OAAOC,4BAAW,SAAS;IACzB,MAAM;IACN,SAAS;IACT,SAAS;IACV,CAAC;GACH;;AAGH,MAAK,MAAM,SAAS,eAClB,KAAI,CAAC,YAAY,aAAa,IAAI,MAAM,EAAE;AACxC,MAAI,CAAC,SAAS,gCACZ,SAAQ,qBAAK,IAAI,MAAM,uDAAuD,MAAM,2EAA2E,CAAC;AAElK,SAAO;;CAIX,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ,qDAAa,wDAAwD;CAChI,MAAM,8DAA6C,cAAc;AAEjE,KAAI,CAAC,cAAc;AAGjB,UAAQ,KAAK,4CAAQ;;;;;;;;;;;MAWnB;AACF,SAAO;;CAIT,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,eAClB,QAAO,aAAa,OAAO,MAAM;AASnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,QAAO;EACL,MAAM;EACN;EACA,cAAc,aAAa;EAC3B,OAAO;EACR;;AAGH,eAAsB,kBACpB,OACA,aACA,SAGA;CAIA,MAAM,WAAW,gCAAgC,QAAQ;AACzD,KAAI,CAAC,SAAU,QAAOC,2CAAO,GAAG,OAAU;AAC1C,KAAI,SAAS,SAAS,cACpB,OAAM,SAAS;AAMjB,KAAI;AACF,SAAOA,2CAAO,GAAG,MAAM,MAAM,kBAAkB;GAC7C,aAAa,SAAS,YAAY;GAClC,uDAAkC,aAAa,cAAc;GAC7D,cAAc,SAAS;GACvB,OAAO,SAAS;GACjB,CAAC,CAAC;UACI,GAAG;AACV,MAAID,4BAAW,aAAa,EAAE,CAC5B,OAAM;AAER,QAAM,IAAID,0DAAuB,6DAA6D,EAAE,OAAO,GAAG,CAAC"}

package/dist/lib/auth.test.js

@@ -1,5 +1,5 @@
 const require_chunk = require('../chunk-BE-pF4vm.js');
-let _stackframe_stack_shared = require("@hexclave/shared");
+let _hexclave_shared = require("@hexclave/shared");
 let vitest = require("vitest");
 let __auth_js = require("./auth.js");
 
@@ -17,7 +17,7 @@ vitest.vi.mock("./cookie", async (importOriginal) => {
 (0, vitest.describe)("getNewOAuthProviderOrScopeUrl", () => {
 	(0, vitest.it)("returns the OAuth URL without performing navigation", async () => {
 		window.history.replaceState({}, "", "/account?after_auth_return_to=%2Fsettings");
-		const iface = new _stackframe_stack_shared.HexclaveClientInterface({
+		const iface = new _hexclave_shared.HexclaveClientInterface({
 			clientVersion: "test",
 			getBaseUrl: () => "https://api.example.com",
 			getApiUrls: () => ["https://api.example.com"],

package/dist/lib/auth.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.test.js","names":["vi","HexclaveClientInterface"],"sources":["../../src/lib/auth.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\n// @vitest-environment jsdom\n\nimport { HexclaveClientInterface } from \"@stackframe/stack-shared\";\nimport { describe, expect, it, vi } from \"vitest\";\nimport { getNewOAuthProviderOrScopeUrl } from \"./auth\";\n\nvi.mock(\"./cookie\", async (importOriginal) => {\n  const actual = await importOriginal<typeof import(\"./cookie\")>();\n  return {\n    ...actual,\n    saveVerifierAndState: async () => ({\n      codeChallenge: \"<stripped code challenge>\",\n      state: \"<stripped state>\",\n    }),\n  };\n});\n\ndescribe(\"getNewOAuthProviderOrScopeUrl\", () => {\n  it(\"returns the OAuth URL without performing navigation\", async () => {\n    window.history.replaceState({}, \"\", \"/account?after_auth_return_to=%2Fsettings\");\n\n    const iface = new HexclaveClientInterface({\n      clientVersion: \"test\",\n      getBaseUrl: () => \"https://api.example.com\",\n      getApiUrls: () => [\"https://api.example.com\"],\n      extraRequestHeaders: {},\n      projectId: \"00000000-0000-4000-8000-000000000000\",\n      publishableClientKey: \"pck_test\",\n    });\n    const session = iface.createSession({ refreshToken: null, accessToken: null });\n\n    const location = await getNewOAuthProviderOrScopeUrl(\n      iface,\n      {\n        provider: \"github\",\n        redirectUrl: \"/handler/oauth-callback\",\n        errorRedirectUrl: \"/handler/error\",\n        providerScope: \"repo user\",\n      },\n      session,\n    );\n\n    const url = new URL(location);\n    expect(`${url.origin}${url.pathname}`).toBe(\"https://api.example.com/api/v1/auth/oauth/authorize/github\");\n    expect(Object.fromEntries(url.searchParams.entries())).toMatchInlineSnapshot(`\n      {\n        \"after_callback_redirect_url\": \"http://localhost:3000/account?after_auth_return_to=%2Fsettings\",\n        \"client_id\": \"00000000-0000-4000-8000-000000000000\",\n        \"client_secret\": \"pck_test\",\n        \"code_challenge\": \"<stripped code challenge>\",\n        \"code_challenge_method\": \"S256\",\n        \"error_redirect_url\": \"http://localhost:3000/handler/error?after_auth_return_to=%2Fsettings\",\n        \"grant_type\": \"authorization_code\",\n        \"provider_scope\": \"repo user\",\n        \"redirect_uri\": \"http://localhost:3000/handler/oauth-callback?after_auth_return_to=%2Fsettings\",\n        \"response_type\": \"code\",\n        \"scope\": \"legacy\",\n        \"state\": \"<stripped state>\",\n        \"type\": \"link\",\n      }\n    `);\n  });\n});\n"],"mappings":";;;;;;;AAUAA,UAAG,KAAK,YAAY,OAAO,mBAAmB;AAE5C,QAAO;EACL,GAFa,MAAM,gBAA2C;EAG9D,sBAAsB,aAAa;GACjC,eAAe;GACf,OAAO;GACR;EACF;EACD;qBAEO,uCAAuC;AAC9C,gBAAG,uDAAuD,YAAY;AACpE,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,4CAA4C;EAEhF,MAAM,QAAQ,IAAIC,iDAAwB;GACxC,eAAe;GACf,kBAAkB;GAClB,kBAAkB,CAAC,0BAA0B;GAC7C,qBAAqB,EAAE;GACvB,WAAW;GACX,sBAAsB;GACvB,CAAC;EAGF,MAAM,WAAW,mDACf,OACA;GACE,UAAU;GACV,aAAa;GACb,kBAAkB;GAClB,eAAe;GAChB,EATa,MAAM,cAAc;GAAE,cAAc;GAAM,aAAa;GAAM,CAAC,CAW7E;EAED,MAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,qBAAO,GAAG,IAAI,SAAS,IAAI,WAAW,CAAC,KAAK,6DAA6D;AACzG,qBAAO,OAAO,YAAY,IAAI,aAAa,SAAS,CAAC,CAAC,CAAC,sBAAsB;;;;;;;;;;;;;;;;MAgB3E;GACF;EACF"}
+{"version":3,"file":"auth.test.js","names":["vi","HexclaveClientInterface"],"sources":["../../src/lib/auth.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\n// @vitest-environment jsdom\n\nimport { HexclaveClientInterface } from \"@hexclave/shared\";\nimport { describe, expect, it, vi } from \"vitest\";\nimport { getNewOAuthProviderOrScopeUrl } from \"./auth\";\n\nvi.mock(\"./cookie\", async (importOriginal) => {\n  const actual = await importOriginal<typeof import(\"./cookie\")>();\n  return {\n    ...actual,\n    saveVerifierAndState: async () => ({\n      codeChallenge: \"<stripped code challenge>\",\n      state: \"<stripped state>\",\n    }),\n  };\n});\n\ndescribe(\"getNewOAuthProviderOrScopeUrl\", () => {\n  it(\"returns the OAuth URL without performing navigation\", async () => {\n    window.history.replaceState({}, \"\", \"/account?after_auth_return_to=%2Fsettings\");\n\n    const iface = new HexclaveClientInterface({\n      clientVersion: \"test\",\n      getBaseUrl: () => \"https://api.example.com\",\n      getApiUrls: () => [\"https://api.example.com\"],\n      extraRequestHeaders: {},\n      projectId: \"00000000-0000-4000-8000-000000000000\",\n      publishableClientKey: \"pck_test\",\n    });\n    const session = iface.createSession({ refreshToken: null, accessToken: null });\n\n    const location = await getNewOAuthProviderOrScopeUrl(\n      iface,\n      {\n        provider: \"github\",\n        redirectUrl: \"/handler/oauth-callback\",\n        errorRedirectUrl: \"/handler/error\",\n        providerScope: \"repo user\",\n      },\n      session,\n    );\n\n    const url = new URL(location);\n    expect(`${url.origin}${url.pathname}`).toBe(\"https://api.example.com/api/v1/auth/oauth/authorize/github\");\n    expect(Object.fromEntries(url.searchParams.entries())).toMatchInlineSnapshot(`\n      {\n        \"after_callback_redirect_url\": \"http://localhost:3000/account?after_auth_return_to=%2Fsettings\",\n        \"client_id\": \"00000000-0000-4000-8000-000000000000\",\n        \"client_secret\": \"pck_test\",\n        \"code_challenge\": \"<stripped code challenge>\",\n        \"code_challenge_method\": \"S256\",\n        \"error_redirect_url\": \"http://localhost:3000/handler/error?after_auth_return_to=%2Fsettings\",\n        \"grant_type\": \"authorization_code\",\n        \"provider_scope\": \"repo user\",\n        \"redirect_uri\": \"http://localhost:3000/handler/oauth-callback?after_auth_return_to=%2Fsettings\",\n        \"response_type\": \"code\",\n        \"scope\": \"legacy\",\n        \"state\": \"<stripped state>\",\n        \"type\": \"link\",\n      }\n    `);\n  });\n});\n"],"mappings":";;;;;;;AAUAA,UAAG,KAAK,YAAY,OAAO,mBAAmB;AAE5C,QAAO;EACL,GAFa,MAAM,gBAA2C;EAG9D,sBAAsB,aAAa;GACjC,eAAe;GACf,OAAO;GACR;EACF;EACD;qBAEO,uCAAuC;AAC9C,gBAAG,uDAAuD,YAAY;AACpE,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,4CAA4C;EAEhF,MAAM,QAAQ,IAAIC,yCAAwB;GACxC,eAAe;GACf,kBAAkB;GAClB,kBAAkB,CAAC,0BAA0B;GAC7C,qBAAqB,EAAE;GACvB,WAAW;GACX,sBAAsB;GACvB,CAAC;EAGF,MAAM,WAAW,mDACf,OACA;GACE,UAAU;GACV,aAAa;GACb,kBAAkB;GAClB,eAAe;GAChB,EATa,MAAM,cAAc;GAAE,cAAc;GAAM,aAAa;GAAM,CAAC,CAW7E;EAED,MAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,qBAAO,GAAG,IAAI,SAAS,IAAI,WAAW,CAAC,KAAK,6DAA6D;AACzG,qBAAO,OAAO,YAAY,IAAI,aAAa,SAAS,CAAC,CAAC,CAAC,sBAAsB;;;;;;;;;;;;;;;;MAgB3E;GACF;EACF"}

package/dist/lib/cookie.js

@@ -1,8 +1,8 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_chunk = require('../chunk-BE-pF4vm.js');
-let _stackframe_stack_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
-let _stackframe_stack_sc_force_react_server = require("@hexclave/sc/force-react-server");
-let _stackframe_stack_shared_dist_utils_env = require("@hexclave/shared/dist/utils/env");
+let _hexclave_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
+let _hexclave_sc_force_react_server = require("@hexclave/sc/force-react-server");
+let _hexclave_shared_dist_utils_env = require("@hexclave/shared/dist/utils/env");
 let js_cookie = require("js-cookie");
 js_cookie = require_chunk.__toESM(js_cookie);
 
@@ -117,11 +117,11 @@ const token68ParamRE = new RegExp("^(" + token68Match + ")(?:$|[,\\s])(.*)");
 //#endregion
 //#region src/lib/cookie.ts
 function ensureClient() {
-	if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) throw new Error("cookieClient functions can only be called in a browser environment, yet window is undefined");
+	if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) throw new Error("cookieClient functions can only be called in a browser environment, yet window is undefined");
 }
 async function createPlaceholderCookieHelper() {
 	function throwError() {
-		throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Throwing cookie helper is just a placeholder. This should never be called");
+		throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Throwing cookie helper is just a placeholder. This should never be called");
 	}
 	return {
 		get: throwError,
@@ -135,16 +135,16 @@ function requiresSecureAttribute(name) {
 	return name.startsWith("__Host-");
 }
 function validateCookieOptions(name, options) {
-	if (requiresSecureAttribute(name) && options.domain !== void 0) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("__Host- cookies must not specify a Domain attribute");
+	if (requiresSecureAttribute(name) && options.domain !== void 0) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("__Host- cookies must not specify a Domain attribute");
 }
 async function createCookieHelper() {
-	if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return createBrowserCookieHelper();
-	else return createNextCookieHelper(await (0, _stackframe_stack_sc_force_react_server.cookies)(), await (0, _stackframe_stack_sc_force_react_server.headers)());
+	if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return createBrowserCookieHelper();
+	else return createNextCookieHelper(await (0, _hexclave_sc_force_react_server.cookies)(), await (0, _hexclave_sc_force_react_server.headers)());
 }
 function createCookieHelperSync() {
-	if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return createBrowserCookieHelper();
+	if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return createBrowserCookieHelper();
 	function throwError() {
-		throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Synchronous server cookie helpers are not available on this platform");
+		throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Synchronous server cookie helpers are not available on this platform");
 	}
 	return {
 		get: throwError,
@@ -164,7 +164,7 @@ function createBrowserCookieHelper() {
 	};
 }
 function handleCookieError(e, options) {
-	if (e instanceof Error && e.message.includes("Cookies can only be modified in")) if (options.noOpIfServerComponent) {} else throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Attempted to set cookie in server component. Pass { noOpIfServerComponent: true } in the options of Stack's cookie functions if this is intentional and you want to ignore this error. Read more: https://nextjs.org/docs/app/api-reference/functions/cookies#options");
+	if (e instanceof Error && e.message.includes("Cookies can only be modified in")) if (options.noOpIfServerComponent) {} else throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Attempted to set cookie in server component. Pass { noOpIfServerComponent: true } in the options of Stack's cookie functions if this is intentional and you want to ignore this error. Read more: https://nextjs.org/docs/app/api-reference/functions/cookies#options");
 	else throw e;
 }
 function createNextCookieHelper(rscCookiesAwaited, rscHeadersAwaited) {
@@ -247,8 +247,8 @@ async function getCookie(name) {
 	return (await createCookieHelper()).get(name);
 }
 async function isSecure() {
-	if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return determineSecureFromClientContext();
-	return determineSecureFromServerContext(await (0, _stackframe_stack_sc_force_react_server.cookies)(), await (0, _stackframe_stack_sc_force_react_server.headers)());
+	if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return determineSecureFromClientContext();
+	return determineSecureFromServerContext(await (0, _hexclave_sc_force_react_server.cookies)(), await (0, _hexclave_sc_force_react_server.headers)());
 }
 function determineSecureFromClientContext() {
 	return typeof window !== "undefined" && window.location.protocol === "https:";