@hexclave/tanstack-start 1.0.23 → 1.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/dist/components/elements/sidebar-layout.js +1 -1
  2. package/dist/esm/components/elements/sidebar-layout.js +1 -1
  3. package/dist/esm/generated/env.js +20 -20
  4. package/dist/esm/generated/env.js.map +1 -1
  5. package/dist/esm/generated/quetzal-translations.d.ts +2 -2
  6. package/dist/esm/lib/auth.js +2 -2
  7. package/dist/esm/lib/auth.js.map +1 -1
  8. package/dist/esm/lib/hexclave-app/apps/implementations/common.js +1 -1
  9. package/dist/esm/lib/hexclave-app/url-targets.test.js +7 -7
  10. package/dist/esm/lib/hexclave-app/url-targets.test.js.map +1 -1
  11. package/dist/generated/env.js +20 -20
  12. package/dist/generated/env.js.map +1 -1
  13. package/dist/generated/quetzal-translations.d.ts +2 -2
  14. package/dist/lib/auth.js +2 -2
  15. package/dist/lib/auth.js.map +1 -1
  16. package/dist/lib/hexclave-app/apps/implementations/common.js +1 -1
  17. package/dist/lib/hexclave-app/url-targets.test.js +7 -7
  18. package/dist/lib/hexclave-app/url-targets.test.js.map +1 -1
  19. package/package.json +3 -3
  20. package/src/lib/auth.ts +2 -2
  21. package/src/lib/hexclave-app/url-targets.test.ts +7 -7
package/dist/lib/auth.js CHANGED
@@ -86,13 +86,13 @@ function consumeOAuthCallbackQueryParams(options) {
86
86
  const cookieResult = (0, __cookie_js.consumeVerifierAndStateCookie)(expectedState);
87
87
  if (!cookieResult) {
88
88
  console.warn(_hexclave_shared_dist_utils_strings.deindent`
89
- Stack found an outer OAuth callback state in the query parameters, but not in cookies.
89
+ Hexclave found an outer OAuth callback state in the query parameters, but not in cookies.
90
90
 
91
91
  This could have multiple reasons:
92
92
  - The cookie expired, because the OAuth flow took too long.
93
93
  - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.
94
94
  - The cookie was already consumed by this page, and the user already logged in.
95
- - You are using another OAuth client library with the same callback URL as Stack.
95
+ - You are using another OAuth client library with the same callback URL as Hexclave.
96
96
  - The user opened the OAuth callback page from their history.
97
97
 
98
98
  Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.
package/dist/lib/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","names":["KnownErrors","HexclaveAssertionError","KnownError","Result"],"sources":["../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { KnownError, KnownErrors, HexclaveClientInterface } from \"@hexclave/shared\";\nimport { InternalSession } from \"@hexclave/shared/dist/sessions\";\nimport { HexclaveAssertionError, throwErr } from \"@hexclave/shared/dist/utils/errors\";\nimport { Result } from \"@hexclave/shared/dist/utils/results\";\nimport { deindent } from \"@hexclave/shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\nexport async function getNewOAuthProviderOrScopeUrl(\n iface: HexclaveClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n },\n session: InternalSession,\n): Promise<string> {\n const { codeChallenge, state } = await saveVerifierAndState();\n return await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n codeChallenge,\n state,\n type: \"link\",\n session,\n providerScope: options.providerScope,\n });\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\ntype OAuthCallbackConsumptionResult =\n | {\n type: \"oauth-response\",\n originalUrl: URL,\n codeVerifier: string,\n state: string,\n }\n | {\n type: \"known-error\",\n error: KnownError,\n };\n\nconst oauthErrorParams = [\"error\", \"error_description\", \"errorCode\", \"message\", \"details\"] as const;\n\nfunction removeOAuthErrorParamsFromHistory(originalUrl: URL): void {\n const newUrl = new URL(originalUrl);\n for (const param of oauthErrorParams) {\n newUrl.searchParams.delete(param);\n }\n window.history.replaceState({}, \"\", newUrl.toString());\n}\n\nfunction getProviderOAuthErrorFromUrl(originalUrl: URL): KnownError | null {\n const providerError = originalUrl.searchParams.get(\"error\");\n const providerErrorDescription = originalUrl.searchParams.get(\"error_description\");\n if (providerError == null && providerErrorDescription == null) {\n return null;\n }\n\n switch (providerError) {\n case \"access_denied\":\n case \"consent_required\": {\n return new KnownErrors.OAuthProviderAccessDenied();\n }\n case \"server_error\":\n case \"temporarily_unavailable\":\n default: {\n return new KnownErrors.OAuthProviderTemporarilyUnavailable();\n }\n }\n}\n\nfunction consumeOAuthCallbackQueryParams(options?: {\n dontWarnAboutMissingQueryParams?: boolean,\n}): OAuthCallbackConsumptionResult | null {\n const requiredParams = [\"code\", \"state\"];\n const originalUrl = new URL(window.location.href);\n const knownErrorCode = originalUrl.searchParams.get(\"errorCode\");\n const knownErrorMessage = originalUrl.searchParams.get(\"message\");\n if (knownErrorCode && knownErrorMessage) {\n const details = originalUrl.searchParams.get(\"details\");\n let detailsJson = {};\n if (details) {\n try {\n detailsJson = JSON.parse(details);\n } catch (error) {\n throw new HexclaveAssertionError(\"OAuth callback returned malformed known-error details\", {\n details,\n cause: error,\n });\n }\n }\n\n removeOAuthErrorParamsFromHistory(originalUrl);\n\n return {\n type: \"known-error\",\n error: KnownError.fromJson({\n code: knownErrorCode,\n message: knownErrorMessage,\n details: detailsJson,\n }),\n };\n }\n\n const providerOAuthError = getProviderOAuthErrorFromUrl(originalUrl);\n if (providerOAuthError != null && !requiredParams.every(param => originalUrl.searchParams.has(param))) {\n removeOAuthErrorParamsFromHistory(originalUrl);\n return {\n type: \"known-error\",\n error: providerOAuthError,\n };\n }\n\n for (const param of requiredParams) {\n if (!originalUrl.searchParams.has(param)) {\n if (!options?.dontWarnAboutMissingQueryParams) {\n console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n }\n return null;\n }\n }\n\n const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n if (!cookieResult) {\n // If the state can't be found in the cookies, then the callback wasn't meant for us.\n // Maybe the website uses another OAuth library?\n console.warn(deindent`\n Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n\n This could have multiple reasons:\n - The cookie expired, because the OAuth flow took too long.\n - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n - The cookie was already consumed by this page, and the user already logged in.\n - You are using another OAuth client library with the same callback URL as Stack.\n - The user opened the OAuth callback page from their history.\n\n Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n `);\n return null;\n }\n\n\n const newUrl = new URL(originalUrl);\n for (const param of requiredParams) {\n newUrl.searchParams.delete(param);\n }\n\n // let's get rid of the authorization code in the history as we\n // don't redirect to `redirectUrl` if there's a validation error\n // (as the redirectUrl might be malicious!).\n //\n // We use history.replaceState instead of location.assign(...) to\n // prevent an unnecessary reload\n window.history.replaceState({}, \"\", newUrl.toString());\n\n return {\n type: \"oauth-response\",\n originalUrl,\n codeVerifier: cookieResult.codeVerifier,\n state: expectedState,\n };\n}\n\nexport async function callOAuthCallback(\n iface: HexclaveClientInterface,\n redirectUrl: string,\n options?: {\n dontWarnAboutMissingQueryParams?: boolean,\n },\n) {\n // note: this part of the function (until the return) needs\n // to be synchronous, to prevent race conditions when\n // callOAuthCallback is called multiple times in parallel\n const consumed = consumeOAuthCallbackQueryParams(options);\n if (!consumed) return Result.ok(undefined);\n if (consumed.type === \"known-error\") {\n throw consumed.error;\n }\n\n // the rest can be asynchronous (we now know that we are the\n // intended recipient of the callback, and the only instance\n // of callOAuthCallback that's running)\n try {\n return Result.ok(await iface.callOAuthCallback({\n oauthParams: consumed.originalUrl.searchParams,\n redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n codeVerifier: consumed.codeVerifier,\n state: consumed.state,\n }));\n } catch (e) {\n if (KnownError.isKnownError(e)) {\n throw e;\n }\n throw new HexclaveAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n }\n}\n"],"mappings":";;;;;;;;;;AAWA,eAAsB,8BACpB,OACA,SAMA,SACiB;CACjB,MAAM,EAAE,eAAe,UAAU,6CAA4B;AAC7D,QAAO,MAAM,MAAM,YAAY;EAC7B,UAAU,QAAQ;EAClB,uDAAkC,QAAQ,aAAa,cAAc;EACrE,4DAAuC,QAAQ,kBAAkB,mBAAmB;EACpF,oEAA+C,OAAO,SAAS,MAAM,2BAA2B;EAChG;EACA;EACA,MAAM;EACN;EACA,eAAe,QAAQ;EACxB,CAAC;;AAoBJ,MAAM,mBAAmB;CAAC;CAAS;CAAqB;CAAa;CAAW;CAAU;AAE1F,SAAS,kCAAkC,aAAwB;CACjE,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,iBAClB,QAAO,aAAa,OAAO,MAAM;AAEnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;;AAGxD,SAAS,6BAA6B,aAAqC;CACzE,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ;CAC3D,MAAM,2BAA2B,YAAY,aAAa,IAAI,oBAAoB;AAClF,KAAI,iBAAiB,QAAQ,4BAA4B,KACvD,QAAO;AAGT,SAAQ,eAAR;EACE,KAAK;EACL,KAAK,mBACH,QAAO,IAAIA,6BAAY,2BAA2B;EAIpD,QACE,QAAO,IAAIA,6BAAY,qCAAqC;;;AAKlE,SAAS,gCAAgC,SAEC;CACxC,MAAM,iBAAiB,CAAC,QAAQ,QAAQ;CACxC,MAAM,cAAc,IAAI,IAAI,OAAO,SAAS,KAAK;CACjD,MAAM,iBAAiB,YAAY,aAAa,IAAI,YAAY;CAChE,MAAM,oBAAoB,YAAY,aAAa,IAAI,UAAU;AACjE,KAAI,kBAAkB,mBAAmB;EACvC,MAAM,UAAU,YAAY,aAAa,IAAI,UAAU;EACvD,IAAI,cAAc,EAAE;AACpB,MAAI,QACF,KAAI;AACF,iBAAc,KAAK,MAAM,QAAQ;WAC1B,OAAO;AACd,SAAM,IAAIC,0DAAuB,yDAAyD;IACxF;IACA,OAAO;IACR,CAAC;;AAIN,oCAAkC,YAAY;AAE9C,SAAO;GACL,MAAM;GACN,OAAOC,4BAAW,SAAS;IACzB,MAAM;IACN,SAAS;IACT,SAAS;IACV,CAAC;GACH;;CAGH,MAAM,qBAAqB,6BAA6B,YAAY;AACpE,KAAI,sBAAsB,QAAQ,CAAC,eAAe,OAAM,UAAS,YAAY,aAAa,IAAI,MAAM,CAAC,EAAE;AACrG,oCAAkC,YAAY;AAC9C,SAAO;GACL,MAAM;GACN,OAAO;GACR;;AAGH,MAAK,MAAM,SAAS,eAClB,KAAI,CAAC,YAAY,aAAa,IAAI,MAAM,EAAE;AACxC,MAAI,CAAC,SAAS,gCACZ,SAAQ,qBAAK,IAAI,MAAM,uDAAuD,MAAM,2EAA2E,CAAC;AAElK,SAAO;;CAIX,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ,qDAAa,wDAAwD;CAChI,MAAM,8DAA6C,cAAc;AAEjE,KAAI,CAAC,cAAc;AAGjB,UAAQ,KAAK,4CAAQ;;;;;;;;;;;MAWnB;AACF,SAAO;;CAIT,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,eAClB,QAAO,aAAa,OAAO,MAAM;AASnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,QAAO;EACL,MAAM;EACN;EACA,cAAc,aAAa;EAC3B,OAAO;EACR;;AAGH,eAAsB,kBACpB,OACA,aACA,SAGA;CAIA,MAAM,WAAW,gCAAgC,QAAQ;AACzD,KAAI,CAAC,SAAU,QAAOC,2CAAO,GAAG,OAAU;AAC1C,KAAI,SAAS,SAAS,cACpB,OAAM,SAAS;AAMjB,KAAI;AACF,SAAOA,2CAAO,GAAG,MAAM,MAAM,kBAAkB;GAC7C,aAAa,SAAS,YAAY;GAClC,uDAAkC,aAAa,cAAc;GAC7D,cAAc,SAAS;GACvB,OAAO,SAAS;GACjB,CAAC,CAAC;UACI,GAAG;AACV,MAAID,4BAAW,aAAa,EAAE,CAC5B,OAAM;AAER,QAAM,IAAID,0DAAuB,6DAA6D,EAAE,OAAO,GAAG,CAAC"}
1
+ {"version":3,"file":"auth.js","names":["KnownErrors","HexclaveAssertionError","KnownError","Result"],"sources":["../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { KnownError, KnownErrors, HexclaveClientInterface } from \"@hexclave/shared\";\nimport { InternalSession } from \"@hexclave/shared/dist/sessions\";\nimport { HexclaveAssertionError, throwErr } from \"@hexclave/shared/dist/utils/errors\";\nimport { Result } from \"@hexclave/shared/dist/utils/results\";\nimport { deindent } from \"@hexclave/shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\nexport async function getNewOAuthProviderOrScopeUrl(\n iface: HexclaveClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n },\n session: InternalSession,\n): Promise<string> {\n const { codeChallenge, state } = await saveVerifierAndState();\n return await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n codeChallenge,\n state,\n type: \"link\",\n session,\n providerScope: options.providerScope,\n });\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\ntype OAuthCallbackConsumptionResult =\n | {\n type: \"oauth-response\",\n originalUrl: URL,\n codeVerifier: string,\n state: string,\n }\n | {\n type: \"known-error\",\n error: KnownError,\n };\n\nconst oauthErrorParams = [\"error\", \"error_description\", \"errorCode\", \"message\", \"details\"] as const;\n\nfunction removeOAuthErrorParamsFromHistory(originalUrl: URL): void {\n const newUrl = new URL(originalUrl);\n for (const param of oauthErrorParams) {\n newUrl.searchParams.delete(param);\n }\n window.history.replaceState({}, \"\", newUrl.toString());\n}\n\nfunction getProviderOAuthErrorFromUrl(originalUrl: URL): KnownError | null {\n const providerError = originalUrl.searchParams.get(\"error\");\n const providerErrorDescription = originalUrl.searchParams.get(\"error_description\");\n if (providerError == null && providerErrorDescription == null) {\n return null;\n }\n\n switch (providerError) {\n case \"access_denied\":\n case \"consent_required\": {\n return new KnownErrors.OAuthProviderAccessDenied();\n }\n case \"server_error\":\n case \"temporarily_unavailable\":\n default: {\n return new KnownErrors.OAuthProviderTemporarilyUnavailable();\n }\n }\n}\n\nfunction consumeOAuthCallbackQueryParams(options?: {\n dontWarnAboutMissingQueryParams?: boolean,\n}): OAuthCallbackConsumptionResult | null {\n const requiredParams = [\"code\", \"state\"];\n const originalUrl = new URL(window.location.href);\n const knownErrorCode = originalUrl.searchParams.get(\"errorCode\");\n const knownErrorMessage = originalUrl.searchParams.get(\"message\");\n if (knownErrorCode && knownErrorMessage) {\n const details = originalUrl.searchParams.get(\"details\");\n let detailsJson = {};\n if (details) {\n try {\n detailsJson = JSON.parse(details);\n } catch (error) {\n throw new HexclaveAssertionError(\"OAuth callback returned malformed known-error details\", {\n details,\n cause: error,\n });\n }\n }\n\n removeOAuthErrorParamsFromHistory(originalUrl);\n\n return {\n type: \"known-error\",\n error: KnownError.fromJson({\n code: knownErrorCode,\n message: knownErrorMessage,\n details: detailsJson,\n }),\n };\n }\n\n const providerOAuthError = getProviderOAuthErrorFromUrl(originalUrl);\n if (providerOAuthError != null && !requiredParams.every(param => originalUrl.searchParams.has(param))) {\n removeOAuthErrorParamsFromHistory(originalUrl);\n return {\n type: \"known-error\",\n error: providerOAuthError,\n };\n }\n\n for (const param of requiredParams) {\n if (!originalUrl.searchParams.has(param)) {\n if (!options?.dontWarnAboutMissingQueryParams) {\n console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n }\n return null;\n }\n }\n\n const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n if (!cookieResult) {\n // If the state can't be found in the cookies, then the callback wasn't meant for us.\n // Maybe the website uses another OAuth library?\n console.warn(deindent`\n Hexclave found an outer OAuth callback state in the query parameters, but not in cookies.\n\n This could have multiple reasons:\n - The cookie expired, because the OAuth flow took too long.\n - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n - The cookie was already consumed by this page, and the user already logged in.\n - You are using another OAuth client library with the same callback URL as Hexclave.\n - The user opened the OAuth callback page from their history.\n\n Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n `);\n return null;\n }\n\n\n const newUrl = new URL(originalUrl);\n for (const param of requiredParams) {\n newUrl.searchParams.delete(param);\n }\n\n // let's get rid of the authorization code in the history as we\n // don't redirect to `redirectUrl` if there's a validation error\n // (as the redirectUrl might be malicious!).\n //\n // We use history.replaceState instead of location.assign(...) to\n // prevent an unnecessary reload\n window.history.replaceState({}, \"\", newUrl.toString());\n\n return {\n type: \"oauth-response\",\n originalUrl,\n codeVerifier: cookieResult.codeVerifier,\n state: expectedState,\n };\n}\n\nexport async function callOAuthCallback(\n iface: HexclaveClientInterface,\n redirectUrl: string,\n options?: {\n dontWarnAboutMissingQueryParams?: boolean,\n },\n) {\n // note: this part of the function (until the return) needs\n // to be synchronous, to prevent race conditions when\n // callOAuthCallback is called multiple times in parallel\n const consumed = consumeOAuthCallbackQueryParams(options);\n if (!consumed) return Result.ok(undefined);\n if (consumed.type === \"known-error\") {\n throw consumed.error;\n }\n\n // the rest can be asynchronous (we now know that we are the\n // intended recipient of the callback, and the only instance\n // of callOAuthCallback that's running)\n try {\n return Result.ok(await iface.callOAuthCallback({\n oauthParams: consumed.originalUrl.searchParams,\n redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n codeVerifier: consumed.codeVerifier,\n state: consumed.state,\n }));\n } catch (e) {\n if (KnownError.isKnownError(e)) {\n throw e;\n }\n throw new HexclaveAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n }\n}\n"],"mappings":";;;;;;;;;;AAWA,eAAsB,8BACpB,OACA,SAMA,SACiB;CACjB,MAAM,EAAE,eAAe,UAAU,6CAA4B;AAC7D,QAAO,MAAM,MAAM,YAAY;EAC7B,UAAU,QAAQ;EAClB,uDAAkC,QAAQ,aAAa,cAAc;EACrE,4DAAuC,QAAQ,kBAAkB,mBAAmB;EACpF,oEAA+C,OAAO,SAAS,MAAM,2BAA2B;EAChG;EACA;EACA,MAAM;EACN;EACA,eAAe,QAAQ;EACxB,CAAC;;AAoBJ,MAAM,mBAAmB;CAAC;CAAS;CAAqB;CAAa;CAAW;CAAU;AAE1F,SAAS,kCAAkC,aAAwB;CACjE,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,iBAClB,QAAO,aAAa,OAAO,MAAM;AAEnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;;AAGxD,SAAS,6BAA6B,aAAqC;CACzE,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ;CAC3D,MAAM,2BAA2B,YAAY,aAAa,IAAI,oBAAoB;AAClF,KAAI,iBAAiB,QAAQ,4BAA4B,KACvD,QAAO;AAGT,SAAQ,eAAR;EACE,KAAK;EACL,KAAK,mBACH,QAAO,IAAIA,6BAAY,2BAA2B;EAIpD,QACE,QAAO,IAAIA,6BAAY,qCAAqC;;;AAKlE,SAAS,gCAAgC,SAEC;CACxC,MAAM,iBAAiB,CAAC,QAAQ,QAAQ;CACxC,MAAM,cAAc,IAAI,IAAI,OAAO,SAAS,KAAK;CACjD,MAAM,iBAAiB,YAAY,aAAa,IAAI,YAAY;CAChE,MAAM,oBAAoB,YAAY,aAAa,IAAI,UAAU;AACjE,KAAI,kBAAkB,mBAAmB;EACvC,MAAM,UAAU,YAAY,aAAa,IAAI,UAAU;EACvD,IAAI,cAAc,EAAE;AACpB,MAAI,QACF,KAAI;AACF,iBAAc,KAAK,MAAM,QAAQ;WAC1B,OAAO;AACd,SAAM,IAAIC,0DAAuB,yDAAyD;IACxF;IACA,OAAO;IACR,CAAC;;AAIN,oCAAkC,YAAY;AAE9C,SAAO;GACL,MAAM;GACN,OAAOC,4BAAW,SAAS;IACzB,MAAM;IACN,SAAS;IACT,SAAS;IACV,CAAC;GACH;;CAGH,MAAM,qBAAqB,6BAA6B,YAAY;AACpE,KAAI,sBAAsB,QAAQ,CAAC,eAAe,OAAM,UAAS,YAAY,aAAa,IAAI,MAAM,CAAC,EAAE;AACrG,oCAAkC,YAAY;AAC9C,SAAO;GACL,MAAM;GACN,OAAO;GACR;;AAGH,MAAK,MAAM,SAAS,eAClB,KAAI,CAAC,YAAY,aAAa,IAAI,MAAM,EAAE;AACxC,MAAI,CAAC,SAAS,gCACZ,SAAQ,qBAAK,IAAI,MAAM,uDAAuD,MAAM,2EAA2E,CAAC;AAElK,SAAO;;CAIX,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ,qDAAa,wDAAwD;CAChI,MAAM,8DAA6C,cAAc;AAEjE,KAAI,CAAC,cAAc;AAGjB,UAAQ,KAAK,4CAAQ;;;;;;;;;;;MAWnB;AACF,SAAO;;CAIT,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,eAClB,QAAO,aAAa,OAAO,MAAM;AASnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,QAAO;EACL,MAAM;EACN;EACA,cAAc,aAAa;EAC3B,OAAO;EACR;;AAGH,eAAsB,kBACpB,OACA,aACA,SAGA;CAIA,MAAM,WAAW,gCAAgC,QAAQ;AACzD,KAAI,CAAC,SAAU,QAAOC,2CAAO,GAAG,OAAU;AAC1C,KAAI,SAAS,SAAS,cACpB,OAAM,SAAS;AAMjB,KAAI;AACF,SAAOA,2CAAO,GAAG,MAAM,MAAM,kBAAkB;GAC7C,aAAa,SAAS,YAAY;GAClC,uDAAkC,aAAa,cAAc;GAC7D,cAAc,SAAS;GACvB,OAAO,SAAS;GACjB,CAAC,CAAC;UACI,GAAG;AACV,MAAID,4BAAW,aAAa,EAAE,CAC5B,OAAM;AAER,QAAM,IAAID,0DAAuB,6DAA6D,EAAE,OAAO,GAAG,CAAC"}
package/dist/lib/hexclave-app/apps/implementations/common.js CHANGED
@@ -17,7 +17,7 @@ let ____________generated_env_js = require("../../../../generated/env.js");
17
17
  let ______url_targets_js = require("../../url-targets.js");
18
18
 
19
19
  //#region src/lib/hexclave-app/apps/implementations/common.ts
20
- const clientVersion = "js @hexclave/tanstack-start@1.0.23";
20
+ const clientVersion = "js @hexclave/tanstack-start@1.0.24";
21
21
  if (clientVersion.startsWith("STACK_COMPILE_TIME")) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Client version was not replaced. Something went wrong during build!");
22
22
  const replaceHexclavePortPrefix = (input) => {
23
23
  if (!input) return input;
package/dist/lib/hexclave-app/url-targets.test.js CHANGED
@@ -77,7 +77,7 @@ let __url_targets_js = require("./url-targets.js");
77
77
  })).toThrowError(/cannot be a custom page/);
78
78
  });
79
79
  (0, vitest.it)("uses hosted defaults for unspecified URLs", () => {
80
- vitest.vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
80
+ vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
81
81
  const urls = (0, __url_targets_js.resolveHandlerUrls)({
82
82
  projectId: "project-id",
83
83
  urls: {
@@ -90,7 +90,7 @@ let __url_targets_js = require("./url-targets.js");
90
90
  (0, vitest.expect)(urls.cliAuthConfirm).toBe("https://project-id.example-stack-hosted.test/handler/cli-auth-confirm");
91
91
  });
92
92
  (0, vitest.it)("keeps redirect-only post-auth targets local even when the default target is hosted", () => {
93
- vitest.vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
93
+ vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
94
94
  const urls = (0, __url_targets_js.resolveHandlerUrls)({
95
95
  projectId: "project-id",
96
96
  urls: { default: { type: "hosted" } }
@@ -127,7 +127,7 @@ let __url_targets_js = require("./url-targets.js");
127
127
  `);
128
128
  });
129
129
  (0, vitest.it)("inherits a hosted default target for the OAuth callback", () => {
130
- vitest.vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
130
+ vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
131
131
  const urls = (0, __url_targets_js.resolveHandlerUrls)({
132
132
  projectId: "project-id",
133
133
  urls: { default: { type: "hosted" } }
@@ -155,7 +155,7 @@ let __url_targets_js = require("./url-targets.js");
155
155
  })).toBe("https://app.example.test/cli/authorize?login_code=login-code");
156
156
  });
157
157
  (0, vitest.it)("uses default target for unknown /handler/* pages", () => {
158
- vitest.vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
158
+ vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
159
159
  (0, vitest.expect)((0, __url_targets_js.resolveUnknownHandlerPathFallbackUrl)({
160
160
  defaultTarget: { type: "hosted" },
161
161
  projectId: "project-id",
@@ -163,7 +163,7 @@ let __url_targets_js = require("./url-targets.js");
163
163
  })).toBe("https://project-id.example-stack-hosted.test/handler/custom-page");
164
164
  });
165
165
  (0, vitest.it)("uses the full hosted handler URL template when configured", () => {
166
- vitest.vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}");
166
+ vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}");
167
167
  vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX", "93");
168
168
  const urls = (0, __url_targets_js.resolveHandlerUrls)({
169
169
  projectId: "project-id",
@@ -173,14 +173,14 @@ let __url_targets_js = require("./url-targets.js");
173
173
  (0, vitest.expect)(urls.accountSettings).toBe("http://project-id.localhost:9309/handler/account-settings");
174
174
  });
175
175
  (0, vitest.it)("validates the hosted handler URL template placeholders", () => {
176
- vitest.vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/handler");
176
+ vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/handler");
177
177
  (0, vitest.expect)(() => (0, __url_targets_js.resolveHandlerUrls)({
178
178
  projectId: "project-id",
179
179
  urls: { default: { type: "hosted" } }
180
180
  })).toThrowError(/\{projectId\} and \{hostedPath\}/);
181
181
  });
182
182
  (0, vitest.it)("rejects hosted handler URL templates that put the project ID in the path", () => {
183
- vitest.vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/{hostedPath}");
183
+ vitest.vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/{hostedPath}");
184
184
  (0, vitest.expect)(() => (0, __url_targets_js.resolveHandlerUrls)({
185
185
  projectId: "project-id",
186
186
  urls: { default: { type: "hosted" } }
package/dist/lib/hexclave-app/url-targets.test.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"url-targets.test.js","names":[],"sources":["../../../src/lib/hexclave-app/url-targets.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { afterEach, describe, expect, it, vi } from \"vitest\";\nimport { buildCliAuthConfirmUrl, getPagePrompt, isLocalHandlerUrlTarget, resolveHandlerUrls, resolveUnknownHandlerPathFallbackUrl } from \"./url-targets\";\n\ndescribe(\"handler URL targets\", () => {\n afterEach(() => {\n vi.unstubAllEnvs();\n });\n\n it(\"treats handler-component targets the same as omitted values\", () => {\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: \"/custom-handler\",\n signIn: { type: \"handler-component\" },\n },\n });\n\n expect(urls.signIn).toBe(\"/custom-handler/sign-in\");\n });\n\n it(\"treats custom v0 page targets like legacy string targets\", () => {\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: \"/custom-handler\",\n signIn: { type: \"handler-component\" },\n signUp: { type: \"custom\", url: \"/sign-up-explicit\", version: 0 },\n },\n });\n\n expect(urls.signIn).toBe(\"/custom-handler/sign-in\");\n expect(urls.signUp).toBe(\"/sign-up-explicit\");\n });\n\n it(\"throws on v0 custom target for handler page\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: { type: \"custom\", url: \"/custom-handler\", version: 0 },\n },\n })).toThrowError(/cannot be a custom page/);\n });\n\n it(\"supports the latest documented custom target version\", () => {\n const signInPrompt = getPagePrompt(\"signIn\");\n if (signInPrompt == null) {\n throw new Error(\"Expected signIn prompt metadata to exist\");\n }\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n signIn: { type: \"custom\", url: \"/custom-sign-in\", version: signInPrompt.latestVersion },\n },\n });\n\n expect(urls.signIn).toBe(\"/custom-sign-in\");\n });\n\n it(\"throws on custom target versions newer than the latest supported version\", () => {\n const signInPrompt = getPagePrompt(\"signIn\");\n if (signInPrompt == null) {\n throw new Error(\"Expected signIn prompt metadata to exist\");\n }\n\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n signIn: { type: \"custom\", url: \"/custom-sign-in\", version: signInPrompt.latestVersion + 1 },\n },\n })).toThrowError(/Unsupported custom page version/);\n });\n\n it(\"throws on non-zero custom version for handler page\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: { type: \"custom\", url: \"/custom-handler\", version: 1 },\n },\n })).toThrowError(/cannot be a custom page/);\n });\n\n it(\"uses hosted defaults for unspecified URLs\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n signUp: \"/sign-up\",\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signUp).toBe(\"/sign-up\");\n expect(urls.signIn).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-in\");\n expect(urls.cliAuthConfirm).toBe(\"https://project-id.example-stack-hosted.test/handler/cli-auth-confirm\");\n });\n\n it(\"keeps redirect-only post-auth targets local even when the default target is hosted\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signIn).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-in\");\n expect(urls.signOut).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-out\");\n expect(urls.home).toBe(\"/\");\n expect(urls.afterSignIn).toBe(\"/\");\n expect(urls.afterSignUp).toBe(\"/\");\n expect(urls.afterSignOut).toBe(\"/\");\n });\n\n it(\"rejects absolute OAuth callback string targets\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n oauthCallback: \"https://app.example.test/oauth-callback\",\n },\n })).toThrowErrorMatchingInlineSnapshot(`\n [HexclaveAssertionError: OAuth callback URLs must be relative.\n\n This is likely an error in Hexclave. Please make sure you are running the newest version and report it.]\n `);\n });\n\n it(\"rejects absolute OAuth callback custom targets\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n oauthCallback: { type: \"custom\", url: \"https://app.example.test/oauth-callback\", version: 0 },\n },\n })).toThrowErrorMatchingInlineSnapshot(`\n [HexclaveAssertionError: OAuth callback URLs must be relative.\n\n This is likely an error in Hexclave. Please make sure you are running the newest version and report it.]\n `);\n });\n\n it(\"inherits a hosted default target for the OAuth callback\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signIn).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-in\");\n expect(urls.oauthCallback).toBe(\"https://project-id.example-stack-hosted.test/handler/oauth-callback\");\n });\n\n it(\"supports custom CLI auth confirmation targets\", () => {\n const cliAuthConfirmPrompt = getPagePrompt(\"cliAuthConfirm\");\n if (cliAuthConfirmPrompt == null) {\n throw new Error(\"Expected cliAuthConfirm prompt metadata to exist\");\n }\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n cliAuthConfirm: { type: \"custom\", url: \"/cli/authorize\", version: cliAuthConfirmPrompt.latestVersion },\n },\n });\n\n expect(urls.cliAuthConfirm).toBe(\"/cli/authorize\");\n });\n\n it(\"builds CLI auth login URLs from the resolved confirmation target\", () => {\n expect(buildCliAuthConfirmUrl({\n cliAuthConfirmUrl: \"/cli/authorize\",\n appUrl: \"https://app.example.test/base\",\n loginCode: \"login-code\",\n })).toBe(\"https://app.example.test/cli/authorize?login_code=login-code\");\n });\n\n it(\"uses default target for unknown /handler/* pages\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const url = resolveUnknownHandlerPathFallbackUrl({\n defaultTarget: { type: \"hosted\" },\n projectId: \"project-id\",\n unknownPath: \"custom-page\",\n });\n\n expect(url).toBe(\"https://project-id.example-stack-hosted.test/handler/custom-page\");\n });\n\n it(\"uses the full hosted handler URL template when configured\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE\", \"http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}\");\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX\", \"93\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signIn).toBe(\"http://project-id.localhost:9309/handler/sign-in\");\n expect(urls.accountSettings).toBe(\"http://project-id.localhost:9309/handler/account-settings\");\n });\n\n it(\"validates the hosted handler URL template placeholders\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE\", \"http://localhost:9309/{projectId}/handler\");\n\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n })).toThrowError(/\\{projectId\\} and \\{hostedPath\\}/);\n });\n\n it(\"rejects hosted handler URL templates that put the project ID in the path\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE\", \"http://localhost:9309/{projectId}/{hostedPath}\");\n\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n })).toThrowErrorMatchingInlineSnapshot(`\n [HexclaveAssertionError: The hosted handler URL template must put {projectId} in the hostname.\n\n This is likely an error in Hexclave. Please make sure you are running the newest version and report it.]\n `);\n });\n});\n\ndescribe(\"isLocalHandlerUrlTarget\", () => {\n it(\"treats relative handler URLs as local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"/handler/sign-in\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(true);\n });\n\n it(\"treats same-origin absolute handler URLs as local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"http://p91.localhost:9101/handler/sign-in\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(true);\n });\n\n it(\"treats cross-origin absolute handler URLs as non-local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"https://project-id.built-with-hexclave.com/handler/sign-in\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(false);\n });\n\n it(\"treats non-handler paths as non-local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"/projects\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(false);\n });\n});\n"],"mappings":";;;;;qBAOS,6BAA6B;AACpC,6BAAgB;AACd,YAAG,eAAe;GAClB;AAEF,gBAAG,qEAAqE;AAStE,8DARgC;GAC9B,WAAW;GACX,MAAM;IACJ,SAAS;IACT,QAAQ,EAAE,MAAM,qBAAqB;IACtC;GACF,CAAC,CAEU,OAAO,CAAC,KAAK,0BAA0B;GACnD;AAEF,gBAAG,kEAAkE;EACnE,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM;IACJ,SAAS;IACT,QAAQ,EAAE,MAAM,qBAAqB;IACrC,QAAQ;KAAE,MAAM;KAAU,KAAK;KAAqB,SAAS;KAAG;IACjE;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,0BAA0B;AACnD,qBAAO,KAAK,OAAO,CAAC,KAAK,oBAAoB;GAC7C;AAEF,gBAAG,qDAAqD;AACtD,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS;IAAG,EAChE;GACF,CAAC,CAAC,CAAC,aAAa,0BAA0B;GAC3C;AAEF,gBAAG,8DAA8D;EAC/D,MAAM,mDAA6B,SAAS;AAC5C,MAAI,gBAAgB,KAClB,OAAM,IAAI,MAAM,2CAA2C;AAU7D,8DAPgC;GAC9B,WAAW;GACX,MAAM,EACJ,QAAQ;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS,aAAa;IAAe,EACxF;GACF,CAAC,CAEU,OAAO,CAAC,KAAK,kBAAkB;GAC3C;AAEF,gBAAG,kFAAkF;EACnF,MAAM,mDAA6B,SAAS;AAC5C,MAAI,gBAAgB,KAClB,OAAM,IAAI,MAAM,2CAA2C;AAG7D,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,QAAQ;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS,aAAa,gBAAgB;IAAG,EAC5F;GACF,CAAC,CAAC,CAAC,aAAa,kCAAkC;GACnD;AAEF,gBAAG,4DAA4D;AAC7D,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS;IAAG,EAChE;GACF,CAAC,CAAC,CAAC,aAAa,0BAA0B;GAC3C;AAEF,gBAAG,mDAAmD;AACpD,YAAG,QAAQ,kDAAkD,6BAA6B;EAE1F,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM;IACJ,QAAQ;IACR,SAAS,EAAE,MAAM,UAAU;IAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,WAAW;AACpC,qBAAO,KAAK,OAAO,CAAC,KAAK,+DAA+D;AACxF,qBAAO,KAAK,eAAe,CAAC,KAAK,wEAAwE;GACzG;AAEF,gBAAG,4FAA4F;AAC7F,YAAG,QAAQ,kDAAkD,6BAA6B;EAE1F,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,+DAA+D;AACxF,qBAAO,KAAK,QAAQ,CAAC,KAAK,gEAAgE;AAC1F,qBAAO,KAAK,KAAK,CAAC,KAAK,IAAI;AAC3B,qBAAO,KAAK,YAAY,CAAC,KAAK,IAAI;AAClC,qBAAO,KAAK,YAAY,CAAC,KAAK,IAAI;AAClC,qBAAO,KAAK,aAAa,CAAC,KAAK,IAAI;GACnC;AAEF,gBAAG,wDAAwD;AACzD,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,eAAe,2CAChB;GACF,CAAC,CAAC,CAAC,mCAAmC;;;;MAIrC;GACF;AAEF,gBAAG,wDAAwD;AACzD,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,eAAe;IAAE,MAAM;IAAU,KAAK;IAA2C,SAAS;IAAG,EAC9F;GACF,CAAC,CAAC,CAAC,mCAAmC;;;;MAIrC;GACF;AAEF,gBAAG,iEAAiE;AAClE,YAAG,QAAQ,kDAAkD,6BAA6B;EAE1F,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,+DAA+D;AACxF,qBAAO,KAAK,cAAc,CAAC,KAAK,sEAAsE;GACtG;AAEF,gBAAG,uDAAuD;EACxD,MAAM,2DAAqC,iBAAiB;AAC5D,MAAI,wBAAwB,KAC1B,OAAM,IAAI,MAAM,mDAAmD;AAUrE,8DAPgC;GAC9B,WAAW;GACX,MAAM,EACJ,gBAAgB;IAAE,MAAM;IAAU,KAAK;IAAkB,SAAS,qBAAqB;IAAe,EACvG;GACF,CAAC,CAEU,eAAe,CAAC,KAAK,iBAAiB;GAClD;AAEF,gBAAG,0EAA0E;AAC3E,kEAA8B;GAC5B,mBAAmB;GACnB,QAAQ;GACR,WAAW;GACZ,CAAC,CAAC,CAAC,KAAK,+DAA+D;GACxE;AAEF,gBAAG,0DAA0D;AAC3D,YAAG,QAAQ,kDAAkD,6BAA6B;AAQ1F,gFANiD;GAC/C,eAAe,EAAE,MAAM,UAAU;GACjC,WAAW;GACX,aAAa;GACd,CAAC,CAES,CAAC,KAAK,mEAAmE;GACpF;AAEF,gBAAG,mEAAmE;AACpE,YAAG,QAAQ,iDAAiD,sFAAsF;AAClJ,YAAG,QAAQ,oCAAoC,KAAK;EAEpD,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,mDAAmD;AAC5E,qBAAO,KAAK,gBAAgB,CAAC,KAAK,4DAA4D;GAC9F;AAEF,gBAAG,gEAAgE;AACjE,YAAG,QAAQ,iDAAiD,4CAA4C;AAExG,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC,CAAC,CAAC,aAAa,mCAAmC;GACpD;AAEF,gBAAG,kFAAkF;AACnF,YAAG,QAAQ,iDAAiD,iDAAiD;AAE7G,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC,CAAC,CAAC,mCAAmC;;;;MAIrC;GACF;EACF;qBAEO,iCAAiC;AACxC,gBAAG,uDAAuD;AACxD,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,KAAK;GACd;AAEF,gBAAG,mEAAmE;AACpE,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,KAAK;GACd;AAEF,gBAAG,wEAAwE;AACzE,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,MAAM;GACf;AAEF,gBAAG,uDAAuD;AACxD,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,MAAM;GACf;EACF"}
1
+ {"version":3,"file":"url-targets.test.js","names":[],"sources":["../../../src/lib/hexclave-app/url-targets.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { afterEach, describe, expect, it, vi } from \"vitest\";\nimport { buildCliAuthConfirmUrl, getPagePrompt, isLocalHandlerUrlTarget, resolveHandlerUrls, resolveUnknownHandlerPathFallbackUrl } from \"./url-targets\";\n\ndescribe(\"handler URL targets\", () => {\n afterEach(() => {\n vi.unstubAllEnvs();\n });\n\n it(\"treats handler-component targets the same as omitted values\", () => {\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: \"/custom-handler\",\n signIn: { type: \"handler-component\" },\n },\n });\n\n expect(urls.signIn).toBe(\"/custom-handler/sign-in\");\n });\n\n it(\"treats custom v0 page targets like legacy string targets\", () => {\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: \"/custom-handler\",\n signIn: { type: \"handler-component\" },\n signUp: { type: \"custom\", url: \"/sign-up-explicit\", version: 0 },\n },\n });\n\n expect(urls.signIn).toBe(\"/custom-handler/sign-in\");\n expect(urls.signUp).toBe(\"/sign-up-explicit\");\n });\n\n it(\"throws on v0 custom target for handler page\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: { type: \"custom\", url: \"/custom-handler\", version: 0 },\n },\n })).toThrowError(/cannot be a custom page/);\n });\n\n it(\"supports the latest documented custom target version\", () => {\n const signInPrompt = getPagePrompt(\"signIn\");\n if (signInPrompt == null) {\n throw new Error(\"Expected signIn prompt metadata to exist\");\n }\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n signIn: { type: \"custom\", url: \"/custom-sign-in\", version: signInPrompt.latestVersion },\n },\n });\n\n expect(urls.signIn).toBe(\"/custom-sign-in\");\n });\n\n it(\"throws on custom target versions newer than the latest supported version\", () => {\n const signInPrompt = getPagePrompt(\"signIn\");\n if (signInPrompt == null) {\n throw new Error(\"Expected signIn prompt metadata to exist\");\n }\n\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n signIn: { type: \"custom\", url: \"/custom-sign-in\", version: signInPrompt.latestVersion + 1 },\n },\n })).toThrowError(/Unsupported custom page version/);\n });\n\n it(\"throws on non-zero custom version for handler page\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n handler: { type: \"custom\", url: \"/custom-handler\", version: 1 },\n },\n })).toThrowError(/cannot be a custom page/);\n });\n\n it(\"uses hosted defaults for unspecified URLs\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n signUp: \"/sign-up\",\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signUp).toBe(\"/sign-up\");\n expect(urls.signIn).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-in\");\n expect(urls.cliAuthConfirm).toBe(\"https://project-id.example-stack-hosted.test/handler/cli-auth-confirm\");\n });\n\n it(\"keeps redirect-only post-auth targets local even when the default target is hosted\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signIn).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-in\");\n expect(urls.signOut).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-out\");\n expect(urls.home).toBe(\"/\");\n expect(urls.afterSignIn).toBe(\"/\");\n expect(urls.afterSignUp).toBe(\"/\");\n expect(urls.afterSignOut).toBe(\"/\");\n });\n\n it(\"rejects absolute OAuth callback string targets\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n oauthCallback: \"https://app.example.test/oauth-callback\",\n },\n })).toThrowErrorMatchingInlineSnapshot(`\n [HexclaveAssertionError: OAuth callback URLs must be relative.\n\n This is likely an error in Hexclave. Please make sure you are running the newest version and report it.]\n `);\n });\n\n it(\"rejects absolute OAuth callback custom targets\", () => {\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n oauthCallback: { type: \"custom\", url: \"https://app.example.test/oauth-callback\", version: 0 },\n },\n })).toThrowErrorMatchingInlineSnapshot(`\n [HexclaveAssertionError: OAuth callback URLs must be relative.\n\n This is likely an error in Hexclave. Please make sure you are running the newest version and report it.]\n `);\n });\n\n it(\"inherits a hosted default target for the OAuth callback\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signIn).toBe(\"https://project-id.example-stack-hosted.test/handler/sign-in\");\n expect(urls.oauthCallback).toBe(\"https://project-id.example-stack-hosted.test/handler/oauth-callback\");\n });\n\n it(\"supports custom CLI auth confirmation targets\", () => {\n const cliAuthConfirmPrompt = getPagePrompt(\"cliAuthConfirm\");\n if (cliAuthConfirmPrompt == null) {\n throw new Error(\"Expected cliAuthConfirm prompt metadata to exist\");\n }\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n cliAuthConfirm: { type: \"custom\", url: \"/cli/authorize\", version: cliAuthConfirmPrompt.latestVersion },\n },\n });\n\n expect(urls.cliAuthConfirm).toBe(\"/cli/authorize\");\n });\n\n it(\"builds CLI auth login URLs from the resolved confirmation target\", () => {\n expect(buildCliAuthConfirmUrl({\n cliAuthConfirmUrl: \"/cli/authorize\",\n appUrl: \"https://app.example.test/base\",\n loginCode: \"login-code\",\n })).toBe(\"https://app.example.test/cli/authorize?login_code=login-code\");\n });\n\n it(\"uses default target for unknown /handler/* pages\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX\", \".example-stack-hosted.test\");\n\n const url = resolveUnknownHandlerPathFallbackUrl({\n defaultTarget: { type: \"hosted\" },\n projectId: \"project-id\",\n unknownPath: \"custom-page\",\n });\n\n expect(url).toBe(\"https://project-id.example-stack-hosted.test/handler/custom-page\");\n });\n\n it(\"uses the full hosted handler URL template when configured\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE\", \"http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}\");\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX\", \"93\");\n\n const urls = resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n });\n\n expect(urls.signIn).toBe(\"http://project-id.localhost:9309/handler/sign-in\");\n expect(urls.accountSettings).toBe(\"http://project-id.localhost:9309/handler/account-settings\");\n });\n\n it(\"validates the hosted handler URL template placeholders\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE\", \"http://localhost:9309/{projectId}/handler\");\n\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n })).toThrowError(/\\{projectId\\} and \\{hostedPath\\}/);\n });\n\n it(\"rejects hosted handler URL templates that put the project ID in the path\", () => {\n vi.stubEnv(\"NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE\", \"http://localhost:9309/{projectId}/{hostedPath}\");\n\n expect(() => resolveHandlerUrls({\n projectId: \"project-id\",\n urls: {\n default: { type: \"hosted\" },\n },\n })).toThrowErrorMatchingInlineSnapshot(`\n [HexclaveAssertionError: The hosted handler URL template must put {projectId} in the hostname.\n\n This is likely an error in Hexclave. Please make sure you are running the newest version and report it.]\n `);\n });\n});\n\ndescribe(\"isLocalHandlerUrlTarget\", () => {\n it(\"treats relative handler URLs as local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"/handler/sign-in\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(true);\n });\n\n it(\"treats same-origin absolute handler URLs as local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"http://p91.localhost:9101/handler/sign-in\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(true);\n });\n\n it(\"treats cross-origin absolute handler URLs as non-local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"https://project-id.built-with-hexclave.com/handler/sign-in\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(false);\n });\n\n it(\"treats non-handler paths as non-local targets\", () => {\n expect(isLocalHandlerUrlTarget({\n targetUrl: \"/projects\",\n handlerPath: \"/handler\",\n currentOrigin: \"http://p91.localhost:9101\",\n })).toBe(false);\n });\n});\n"],"mappings":";;;;;qBAOS,6BAA6B;AACpC,6BAAgB;AACd,YAAG,eAAe;GAClB;AAEF,gBAAG,qEAAqE;AAStE,8DARgC;GAC9B,WAAW;GACX,MAAM;IACJ,SAAS;IACT,QAAQ,EAAE,MAAM,qBAAqB;IACtC;GACF,CAAC,CAEU,OAAO,CAAC,KAAK,0BAA0B;GACnD;AAEF,gBAAG,kEAAkE;EACnE,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM;IACJ,SAAS;IACT,QAAQ,EAAE,MAAM,qBAAqB;IACrC,QAAQ;KAAE,MAAM;KAAU,KAAK;KAAqB,SAAS;KAAG;IACjE;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,0BAA0B;AACnD,qBAAO,KAAK,OAAO,CAAC,KAAK,oBAAoB;GAC7C;AAEF,gBAAG,qDAAqD;AACtD,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS;IAAG,EAChE;GACF,CAAC,CAAC,CAAC,aAAa,0BAA0B;GAC3C;AAEF,gBAAG,8DAA8D;EAC/D,MAAM,mDAA6B,SAAS;AAC5C,MAAI,gBAAgB,KAClB,OAAM,IAAI,MAAM,2CAA2C;AAU7D,8DAPgC;GAC9B,WAAW;GACX,MAAM,EACJ,QAAQ;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS,aAAa;IAAe,EACxF;GACF,CAAC,CAEU,OAAO,CAAC,KAAK,kBAAkB;GAC3C;AAEF,gBAAG,kFAAkF;EACnF,MAAM,mDAA6B,SAAS;AAC5C,MAAI,gBAAgB,KAClB,OAAM,IAAI,MAAM,2CAA2C;AAG7D,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,QAAQ;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS,aAAa,gBAAgB;IAAG,EAC5F;GACF,CAAC,CAAC,CAAC,aAAa,kCAAkC;GACnD;AAEF,gBAAG,4DAA4D;AAC7D,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS;IAAE,MAAM;IAAU,KAAK;IAAmB,SAAS;IAAG,EAChE;GACF,CAAC,CAAC,CAAC,aAAa,0BAA0B;GAC3C;AAEF,gBAAG,mDAAmD;AACpD,YAAG,QAAQ,qDAAqD,6BAA6B;EAE7F,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM;IACJ,QAAQ;IACR,SAAS,EAAE,MAAM,UAAU;IAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,WAAW;AACpC,qBAAO,KAAK,OAAO,CAAC,KAAK,+DAA+D;AACxF,qBAAO,KAAK,eAAe,CAAC,KAAK,wEAAwE;GACzG;AAEF,gBAAG,4FAA4F;AAC7F,YAAG,QAAQ,qDAAqD,6BAA6B;EAE7F,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,+DAA+D;AACxF,qBAAO,KAAK,QAAQ,CAAC,KAAK,gEAAgE;AAC1F,qBAAO,KAAK,KAAK,CAAC,KAAK,IAAI;AAC3B,qBAAO,KAAK,YAAY,CAAC,KAAK,IAAI;AAClC,qBAAO,KAAK,YAAY,CAAC,KAAK,IAAI;AAClC,qBAAO,KAAK,aAAa,CAAC,KAAK,IAAI;GACnC;AAEF,gBAAG,wDAAwD;AACzD,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,eAAe,2CAChB;GACF,CAAC,CAAC,CAAC,mCAAmC;;;;MAIrC;GACF;AAEF,gBAAG,wDAAwD;AACzD,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,eAAe;IAAE,MAAM;IAAU,KAAK;IAA2C,SAAS;IAAG,EAC9F;GACF,CAAC,CAAC,CAAC,mCAAmC;;;;MAIrC;GACF;AAEF,gBAAG,iEAAiE;AAClE,YAAG,QAAQ,qDAAqD,6BAA6B;EAE7F,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,+DAA+D;AACxF,qBAAO,KAAK,cAAc,CAAC,KAAK,sEAAsE;GACtG;AAEF,gBAAG,uDAAuD;EACxD,MAAM,2DAAqC,iBAAiB;AAC5D,MAAI,wBAAwB,KAC1B,OAAM,IAAI,MAAM,mDAAmD;AAUrE,8DAPgC;GAC9B,WAAW;GACX,MAAM,EACJ,gBAAgB;IAAE,MAAM;IAAU,KAAK;IAAkB,SAAS,qBAAqB;IAAe,EACvG;GACF,CAAC,CAEU,eAAe,CAAC,KAAK,iBAAiB;GAClD;AAEF,gBAAG,0EAA0E;AAC3E,kEAA8B;GAC5B,mBAAmB;GACnB,QAAQ;GACR,WAAW;GACZ,CAAC,CAAC,CAAC,KAAK,+DAA+D;GACxE;AAEF,gBAAG,0DAA0D;AAC3D,YAAG,QAAQ,qDAAqD,6BAA6B;AAQ7F,gFANiD;GAC/C,eAAe,EAAE,MAAM,UAAU;GACjC,WAAW;GACX,aAAa;GACd,CAAC,CAES,CAAC,KAAK,mEAAmE;GACpF;AAEF,gBAAG,mEAAmE;AACpE,YAAG,QAAQ,oDAAoD,sFAAsF;AACrJ,YAAG,QAAQ,oCAAoC,KAAK;EAEpD,MAAM,gDAA0B;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC;AAEF,qBAAO,KAAK,OAAO,CAAC,KAAK,mDAAmD;AAC5E,qBAAO,KAAK,gBAAgB,CAAC,KAAK,4DAA4D;GAC9F;AAEF,gBAAG,gEAAgE;AACjE,YAAG,QAAQ,oDAAoD,4CAA4C;AAE3G,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC,CAAC,CAAC,aAAa,mCAAmC;GACpD;AAEF,gBAAG,kFAAkF;AACnF,YAAG,QAAQ,oDAAoD,iDAAiD;AAEhH,oEAAgC;GAC9B,WAAW;GACX,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACF,CAAC,CAAC,CAAC,mCAAmC;;;;MAIrC;GACF;EACF;qBAEO,iCAAiC;AACxC,gBAAG,uDAAuD;AACxD,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,KAAK;GACd;AAEF,gBAAG,mEAAmE;AACpE,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,KAAK;GACd;AAEF,gBAAG,wEAAwE;AACzE,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,MAAM;GACf;AAEF,gBAAG,uDAAuD;AACxD,mEAA+B;GAC7B,WAAW;GACX,aAAa;GACb,eAAe;GAChB,CAAC,CAAC,CAAC,KAAK,MAAM;GACf;EACF"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "//": "THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template (FOR package.json FILES, PLEASE EDIT package-template.json)",
3
3
  "name": "@hexclave/tanstack-start",
4
- "version": "1.0.23",
4
+ "version": "1.0.24",
5
5
  "repository": "https://github.com/hexclave/hexclave",
6
6
  "sideEffects": false,
7
7
  "main": "./dist/index.js",
@@ -86,8 +86,8 @@
86
86
  "rrweb": "^1.1.3",
87
87
  "tsx": "^4.21.0",
88
88
  "yup": "^1.7.1",
89
- "@hexclave/shared": "1.0.23",
90
- "@hexclave/ui": "1.0.23"
89
+ "@hexclave/shared": "1.0.24",
90
+ "@hexclave/ui": "1.0.24"
91
91
  },
92
92
  "peerDependencies": {
93
93
  "@types/react": ">=18.0.0",
package/src/lib/auth.ts CHANGED
@@ -138,13 +138,13 @@ function consumeOAuthCallbackQueryParams(options?: {
138
138
  // If the state can't be found in the cookies, then the callback wasn't meant for us.
139
139
  // Maybe the website uses another OAuth library?
140
140
  console.warn(deindent`
141
- Stack found an outer OAuth callback state in the query parameters, but not in cookies.
141
+ Hexclave found an outer OAuth callback state in the query parameters, but not in cookies.
142
142
 
143
143
  This could have multiple reasons:
144
144
  - The cookie expired, because the OAuth flow took too long.
145
145
  - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.
146
146
  - The cookie was already consumed by this page, and the user already logged in.
147
- - You are using another OAuth client library with the same callback URL as Stack.
147
+ - You are using another OAuth client library with the same callback URL as Hexclave.
148
148
  - The user opened the OAuth callback page from their history.
149
149
 
150
150
  Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.
package/src/lib/hexclave-app/url-targets.test.ts CHANGED
@@ -85,7 +85,7 @@ describe("handler URL targets", () => {
85
85
  });
86
86
 
87
87
  it("uses hosted defaults for unspecified URLs", () => {
88
- vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
88
+ vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
89
89
 
90
90
  const urls = resolveHandlerUrls({
91
91
  projectId: "project-id",
@@ -101,7 +101,7 @@ describe("handler URL targets", () => {
101
101
  });
102
102
 
103
103
  it("keeps redirect-only post-auth targets local even when the default target is hosted", () => {
104
- vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
104
+ vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
105
105
 
106
106
  const urls = resolveHandlerUrls({
107
107
  projectId: "project-id",
@@ -145,7 +145,7 @@ describe("handler URL targets", () => {
145
145
  });
146
146
 
147
147
  it("inherits a hosted default target for the OAuth callback", () => {
148
- vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
148
+ vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
149
149
 
150
150
  const urls = resolveHandlerUrls({
151
151
  projectId: "project-id",
@@ -183,7 +183,7 @@ describe("handler URL targets", () => {
183
183
  });
184
184
 
185
185
  it("uses default target for unknown /handler/* pages", () => {
186
- vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
186
+ vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
187
187
 
188
188
  const url = resolveUnknownHandlerPathFallbackUrl({
189
189
  defaultTarget: { type: "hosted" },
@@ -195,7 +195,7 @@ describe("handler URL targets", () => {
195
195
  });
196
196
 
197
197
  it("uses the full hosted handler URL template when configured", () => {
198
- vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}");
198
+ vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}");
199
199
  vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX", "93");
200
200
 
201
201
  const urls = resolveHandlerUrls({
@@ -210,7 +210,7 @@ describe("handler URL targets", () => {
210
210
  });
211
211
 
212
212
  it("validates the hosted handler URL template placeholders", () => {
213
- vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/handler");
213
+ vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/handler");
214
214
 
215
215
  expect(() => resolveHandlerUrls({
216
216
  projectId: "project-id",
@@ -221,7 +221,7 @@ describe("handler URL targets", () => {
221
221
  });
222
222
 
223
223
  it("rejects hosted handler URL templates that put the project ID in the path", () => {
224
- vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/{hostedPath}");
224
+ vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/{hostedPath}");
225
225
 
226
226
  expect(() => resolveHandlerUrls({
227
227
  projectId: "project-id",