@hiofu/apply-sdk 0.1.0

package/dist/react.cjs

@@ -0,0 +1,748 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/react.ts
+var react_exports = {};
+__export(react_exports, {
+  HiofuProvider: () => HiofuProvider,
+  useHiofu: () => useHiofu,
+  useHiofuApply: () => useHiofuApply
+});
+module.exports = __toCommonJS(react_exports);
+var import_react = require("react");
+
+// src/api.ts
+var DEFAULT_API_BASE = "https://api.hiofu.com/api";
+var HiofuApiError = class extends Error {
+  constructor(message, status, body) {
+    super(message);
+    this.status = status;
+    this.body = body;
+  }
+};
+async function jsonFetch(url, init = {}) {
+  const headers = new Headers(init.headers);
+  headers.set("Content-Type", "application/json");
+  if (init.token) headers.set("Authorization", `Bearer ${init.token}`);
+  const res = await fetch(url, { ...init, headers });
+  const text = await res.text();
+  let body = text;
+  try {
+    body = text ? JSON.parse(text) : null;
+  } catch {
+  }
+  if (!res.ok) {
+    const message = body?.message?.toString() ?? `Request failed (${res.status})`;
+    throw new HiofuApiError(message, res.status, body);
+  }
+  return body;
+}
+async function exchangeCode(config, args) {
+  const apiBase = config.apiBase ?? DEFAULT_API_BASE;
+  const json = await jsonFetch(`${apiBase}/oauth/token`, {
+    method: "POST",
+    body: JSON.stringify({
+      grant_type: "authorization_code",
+      client_id: config.clientId,
+      code: args.code,
+      code_verifier: args.verifier,
+      redirect_uri: args.redirectUri
+    })
+  });
+  return {
+    accessToken: json.data.access_token,
+    refreshToken: json.data.refresh_token ?? null,
+    expiresAt: Date.now() + json.data.expires_in * 1e3,
+    scopes: json.data.scope.split(" ").filter(Boolean)
+  };
+}
+async function refreshTokens(config, refreshToken) {
+  const apiBase = config.apiBase ?? DEFAULT_API_BASE;
+  const json = await jsonFetch(`${apiBase}/oauth/token`, {
+    method: "POST",
+    body: JSON.stringify({
+      grant_type: "refresh_token",
+      client_id: config.clientId,
+      refresh_token: refreshToken
+    })
+  });
+  return {
+    accessToken: json.data.access_token,
+    refreshToken: json.data.refresh_token ?? null,
+    expiresAt: Date.now() + json.data.expires_in * 1e3,
+    scopes: json.data.scope.split(" ").filter(Boolean)
+  };
+}
+async function revokeTokens(config, token) {
+  const apiBase = config.apiBase ?? DEFAULT_API_BASE;
+  await jsonFetch(`${apiBase}/oauth/revoke`, {
+    method: "POST",
+    body: JSON.stringify({ token, client_id: config.clientId })
+  });
+}
+async function fetchProfileBasic(config, token) {
+  const apiBase = config.apiBase ?? DEFAULT_API_BASE;
+  return jsonFetch(`${apiBase}/v1/partner/me`, { token });
+}
+async function fetchProfileFull(config, token) {
+  const apiBase = config.apiBase ?? DEFAULT_API_BASE;
+  return jsonFetch(`${apiBase}/v1/partner/me/full`, { token });
+}
+async function submitApplication(config, token, body) {
+  const apiBase = config.apiBase ?? DEFAULT_API_BASE;
+  return jsonFetch(`${apiBase}/v1/partner/applications`, {
+    method: "POST",
+    token,
+    headers: body.idempotencyKey ? {
+      "Idempotency-Key": body.idempotencyKey
+    } : void 0,
+    body: JSON.stringify(body)
+  });
+}
+
+// src/environment.ts
+var HiofuConfigurationError = class extends Error {
+  constructor(code, message, details) {
+    super(message);
+    this.name = "HiofuConfigurationError";
+    this.code = code;
+    this.details = details;
+  }
+};
+var PRODUCTION_ORIGINS = /* @__PURE__ */ new Set([
+  "https://hiofu.com",
+  "https://www.hiofu.com",
+  "https://api.hiofu.com"
+]);
+var SANDBOX_ORIGINS = /* @__PURE__ */ new Set([
+  "https://sandbox.hiofu.com",
+  "https://api.sandbox.hiofu.com"
+]);
+function keyMode(clientId) {
+  if (clientId.startsWith("pk_test_")) return "test";
+  if (clientId.startsWith("pk_live_")) return "live";
+  throw new HiofuConfigurationError(
+    "hiofu.configuration_error",
+    "Hiofu clientId must start with pk_test_ or pk_live_.",
+    { clientIdPrefix: clientId.slice(0, 8) }
+  );
+}
+function endpointMode(value) {
+  let url;
+  try {
+    url = new URL(value);
+  } catch {
+    throw new HiofuConfigurationError(
+      "hiofu.configuration_error",
+      "Hiofu origin and API URLs must be absolute URLs.",
+      { value }
+    );
+  }
+  if (["localhost", "127.0.0.1", "0.0.0.0"].includes(url.hostname)) {
+    return "local";
+  }
+  if (SANDBOX_ORIGINS.has(url.origin)) return "sandbox";
+  if (PRODUCTION_ORIGINS.has(url.origin)) return "production";
+  return "unknown";
+}
+function assertMode(mode, endpoint, field, value) {
+  if (endpoint === "local" || endpoint === "unknown") return;
+  if (mode === "test" && endpoint === "production") {
+    throw new HiofuConfigurationError(
+      "hiofu.environment_mismatch",
+      "pk_test_* client IDs must use sandbox Hiofu origins, not production.",
+      { field, value, expected: "sandbox", received: "production" }
+    );
+  }
+  if (mode === "live" && endpoint === "sandbox") {
+    throw new HiofuConfigurationError(
+      "hiofu.environment_mismatch",
+      "pk_live_* client IDs must use production Hiofu origins, not sandbox.",
+      { field, value, expected: "production", received: "sandbox" }
+    );
+  }
+}
+function validateEnvironmentConfig(config) {
+  const mode = keyMode(config.clientId);
+  assertMode(mode, endpointMode(config.hiofuOrigin), "hiofuOrigin", config.hiofuOrigin);
+  assertMode(mode, endpointMode(config.apiBase), "apiBase", config.apiBase);
+}
+
+// src/pkce.ts
+var CHARSET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
+function generateVerifier(length = 64) {
+  if (length < 43 || length > 128) {
+    throw new Error("PKCE verifier length must be 43..128");
+  }
+  const buf = new Uint8Array(length);
+  crypto.getRandomValues(buf);
+  let out = "";
+  for (let i = 0; i < length; i++) {
+    out += CHARSET[buf[i] % CHARSET.length];
+  }
+  return out;
+}
+function base64urlEncode(bytes) {
+  const u8 = new Uint8Array(bytes);
+  let str = "";
+  for (const b of u8) str += String.fromCharCode(b);
+  return btoa(str).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+async function generateChallenge(verifier) {
+  const data = new TextEncoder().encode(verifier);
+  const digest = await crypto.subtle.digest("SHA-256", data);
+  return base64urlEncode(digest);
+}
+function generateState(length = 43) {
+  return generateVerifier(length);
+}
+
+// src/popup.ts
+var DEFAULT_HIOFU_ORIGIN = "https://hiofu.com";
+var DEFAULT_AUTHORIZE_TIMEOUT_MS = 5 * 6e4;
+function resolveRedirectUri(config, hiofuOrigin) {
+  if (config.redirectUri) return config.redirectUri;
+  const hiofuBaseOrigin = new URL(hiofuOrigin).origin;
+  if (typeof window !== "undefined" && window.location.origin && window.location.origin !== hiofuBaseOrigin) {
+    return new URL("/oauth/callback.html", window.location.origin).toString();
+  }
+  return `${hiofuBaseOrigin}/oauth/callback-shim`;
+}
+async function authorize(config, scopes, context, callbacks) {
+  const hiofuOrigin = config.hiofuOrigin ?? DEFAULT_HIOFU_ORIGIN;
+  const hiofuBaseOrigin = new URL(hiofuOrigin).origin;
+  const redirectUri = resolveRedirectUri(config, hiofuOrigin);
+  const authorizeTimeoutMs = config.authorizeTimeoutMs ?? DEFAULT_AUTHORIZE_TIMEOUT_MS;
+  const verifier = generateVerifier();
+  const challenge = await generateChallenge(verifier);
+  const state = generateState();
+  const url = new URL(`${hiofuOrigin}/oauth/consent`);
+  url.searchParams.set("client_id", config.clientId);
+  url.searchParams.set("redirect_uri", redirectUri);
+  url.searchParams.set("scope", scopes.join(" "));
+  url.searchParams.set("state", state);
+  url.searchParams.set("code_challenge", challenge);
+  url.searchParams.set("code_challenge_method", "S256");
+  if (context?.jobId) url.searchParams.set("job_id", context.jobId);
+  if (context?.jobTitle) url.searchParams.set("job_title", context.jobTitle);
+  if (context?.employerId)
+    url.searchParams.set("employer_id", context.employerId);
+  if (context?.employerName)
+    url.searchParams.set("employer_name", context.employerName);
+  if (context?.variationId)
+    url.searchParams.set("variation_id", context.variationId);
+  const w = 480;
+  const h = 720;
+  const left = window.screenX + (window.outerWidth - w) / 2;
+  const top = window.screenY + (window.outerHeight - h) / 2;
+  const features = `popup=yes,width=${w},height=${h},left=${left},top=${top},scrollbars=yes`;
+  const popup = window.open(url.toString(), "hiofu_apply", features);
+  if (!popup) {
+    throw new Error("Popup blocked. Allow popups for this site to continue.");
+  }
+  callbacks?.onPopupOpened?.({ redirectUri });
+  try {
+    localStorage.removeItem("hiofu_oauth_result");
+  } catch {
+  }
+  return new Promise((resolve, reject) => {
+    let settled = false;
+    let focusTimer = null;
+    let overallTimeout = null;
+    let channel = null;
+    const cleanup = () => {
+      settled = true;
+      window.removeEventListener("message", onMessage);
+      window.removeEventListener("storage", onStorage);
+      window.removeEventListener("focus", onFocus);
+      window.clearInterval(poll);
+      if (focusTimer) clearTimeout(focusTimer);
+      if (overallTimeout) clearTimeout(overallTimeout);
+      if (channel) {
+        try {
+          channel.close();
+        } catch {
+        }
+      }
+      try {
+        localStorage.removeItem("hiofu_oauth_result");
+      } catch {
+      }
+    };
+    const handleResult = (data, channel2) => {
+      if (settled) return;
+      if (!data || data.type !== "hiofu_oauth") return;
+      const stateMatches = data.state === state;
+      callbacks?.onPopupResultReceived?.({
+        channel: channel2,
+        hasCode: Boolean(data.code),
+        hasError: Boolean(data.error),
+        stateMatches,
+        error: data.error ?? null,
+        variationId: data.variationId ?? null
+      });
+      if (!stateMatches) return;
+      if (data.error) {
+        cleanup();
+        try {
+          popup.close();
+        } catch {
+        }
+        callbacks?.onPopupClosed?.(
+          data.error === "access_denied" ? "denied" : "completed"
+        );
+        reject(new Error(data.error));
+        return;
+      }
+      if (data.code) {
+        cleanup();
+        try {
+          popup.close();
+        } catch {
+        }
+        callbacks?.onPopupClosed?.("completed");
+        resolve({
+          code: data.code,
+          state,
+          verifier,
+          redirectUri,
+          variationId: data.variationId ?? null
+        });
+      }
+    };
+    const redirectOrigin = new URL(redirectUri).origin;
+    const allowedOrigins = /* @__PURE__ */ new Set([hiofuBaseOrigin, redirectOrigin]);
+    const onMessage = (event) => {
+      if (settled) return;
+      if (!allowedOrigins.has(event.origin)) return;
+      handleResult(event.data, "message");
+    };
+    const onStorage = (event) => {
+      if (settled) return;
+      if (event.key !== "hiofu_oauth_result" || !event.newValue) return;
+      try {
+        handleResult(JSON.parse(event.newValue), "storage");
+      } catch {
+      }
+    };
+    if (typeof BroadcastChannel !== "undefined") {
+      try {
+        channel = new BroadcastChannel("hiofu_oauth");
+        channel.onmessage = (event) => {
+          if (settled) return;
+          handleResult(event.data, "broadcast");
+        };
+      } catch {
+        channel = null;
+      }
+    }
+    const onFocus = () => {
+      if (settled) return;
+      if (focusTimer) clearTimeout(focusTimer);
+      focusTimer = setTimeout(() => {
+        try {
+          const raw = localStorage.getItem("hiofu_oauth_result");
+          if (raw) {
+            handleResult(JSON.parse(raw), "focus_storage");
+            return;
+          }
+        } catch {
+        }
+      }, 3e3);
+    };
+    window.addEventListener("message", onMessage);
+    window.addEventListener("storage", onStorage);
+    window.addEventListener("focus", onFocus);
+    const poll = window.setInterval(() => {
+      if (settled) return;
+      try {
+        const href = popup.location.href;
+        if (href && href.includes("code=")) {
+          const popupUrl = new URL(href);
+          const code = popupUrl.searchParams.get("code");
+          const popupState = popupUrl.searchParams.get("state");
+          const error = popupUrl.searchParams.get("error");
+          const variationId = popupUrl.searchParams.get("variation_id");
+          if (code || error) {
+            handleResult({
+              type: "hiofu_oauth",
+              code,
+              state: popupState,
+              error,
+              variationId
+            }, "poll_url");
+            return;
+          }
+        }
+      } catch {
+      }
+      try {
+        const raw = localStorage.getItem("hiofu_oauth_result");
+        if (raw) {
+          handleResult(JSON.parse(raw), "poll_storage");
+          return;
+        }
+      } catch {
+      }
+      if (popup.closed) {
+        cleanup();
+        callbacks?.onPopupClosed?.("user_closed");
+        reject(new Error("Authorization popup closed before completion."));
+      }
+    }, 500);
+    overallTimeout = window.setTimeout(() => {
+      if (settled) return;
+      cleanup();
+      try {
+        popup.close();
+      } catch {
+      }
+      callbacks?.onPopupClosed?.("timed_out");
+      reject(new Error("Authorization timed out. Please try again."));
+    }, authorizeTimeoutMs);
+  });
+}
+
+// src/storage.ts
+var memory = /* @__PURE__ */ new Map();
+function readToken(clientId, storage) {
+  if (storage === "memory") return memory.get(clientId) ?? null;
+  if (typeof window === "undefined") return null;
+  try {
+    const raw = window.sessionStorage.getItem(`hiofu:${clientId}:token`);
+    if (!raw) return null;
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+}
+function writeToken(clientId, storage, token) {
+  if (storage === "memory") {
+    memory.set(clientId, token);
+    return;
+  }
+  if (typeof window === "undefined") return;
+  try {
+    window.sessionStorage.setItem(
+      `hiofu:${clientId}:token`,
+      JSON.stringify(token)
+    );
+  } catch {
+  }
+}
+function clearToken(clientId, storage) {
+  if (storage === "memory") {
+    memory.delete(clientId);
+    return;
+  }
+  if (typeof window === "undefined") return;
+  try {
+    window.sessionStorage.removeItem(`hiofu:${clientId}:token`);
+  } catch {
+  }
+}
+
+// src/client.ts
+var DEFAULT_AUTHORIZE_SCOPES = [
+  "profile.basic"
+];
+var DEFAULT_APPLY_SCOPES = [
+  "applications.write",
+  "passport.snapshot"
+];
+function dedupeScopes(scopes) {
+  return [...new Set(scopes)];
+}
+function normalizeApplyScopes(scopes) {
+  const normalized = [...scopes];
+  if (!normalized.includes("applications.write")) {
+    normalized.push("applications.write");
+  }
+  if (!normalized.includes("passport.snapshot")) {
+    normalized.push("passport.snapshot");
+  }
+  return dedupeScopes(normalized);
+}
+function generateIdempotencyKey() {
+  if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") {
+    return `hiofu_${crypto.randomUUID()}`;
+  }
+  return `hiofu_${Date.now()}_${Math.random().toString(36).slice(2, 10)}`;
+}
+function toPublicToken(token) {
+  return {
+    expiresAt: token.expiresAt,
+    scopes: [...token.scopes]
+  };
+}
+var HiofuClient = class {
+  constructor(config) {
+    this.listeners = /* @__PURE__ */ new Set();
+    if (!config.clientId) {
+      throw new Error("HiofuClient: clientId is required");
+    }
+    this.config = {
+      ...config,
+      hiofuOrigin: config.hiofuOrigin ?? "https://hiofu.com",
+      apiBase: config.apiBase ?? "https://api.hiofu.com/api",
+      storage: config.storage ?? "memory",
+      authorizeTimeoutMs: config.authorizeTimeoutMs ?? 5 * 6e4
+    };
+    validateEnvironmentConfig(this.config);
+  }
+  subscribe(listener) {
+    this.listeners.add(listener);
+    return () => {
+      this.listeners.delete(listener);
+    };
+  }
+  emit(event) {
+    try {
+      this.config.onEvent?.(event);
+    } catch {
+    }
+    for (const listener of this.listeners) {
+      try {
+        listener(event);
+      } catch {
+      }
+    }
+  }
+  /** Returns a usable access token, refreshing if needed. */
+  async getAccessToken() {
+    const token = readToken(this.config.clientId, this.config.storage);
+    if (!token) return null;
+    if (token.expiresAt - 3e4 > Date.now()) return token.accessToken;
+    if (!token.refreshToken) return null;
+    try {
+      const refreshed = await refreshTokens(this.config, token.refreshToken);
+      writeToken(this.config.clientId, this.config.storage, refreshed);
+      this.emit({ type: "token_issued", token: toPublicToken(refreshed) });
+      return refreshed.accessToken;
+    } catch {
+      clearToken(this.config.clientId, this.config.storage);
+      return null;
+    }
+  }
+  /** Open the popup, get a token. */
+  async authorize(scopes = this.config.scopes ?? DEFAULT_AUTHORIZE_SCOPES, context) {
+    const result = await authorize(this.config, dedupeScopes(scopes), context, {
+      onPopupOpened: ({ redirectUri }) => {
+        this.emit({ type: "popup_opened", redirectUri });
+      },
+      onPopupClosed: (reason) => {
+        this.emit({ type: "popup_closed", reason });
+      },
+      onPopupResultReceived: (details) => {
+        this.emit({ type: "popup_result_received", ...details });
+      }
+    });
+    const token = await exchangeCode(this.config, {
+      code: result.code,
+      verifier: result.verifier,
+      redirectUri: result.redirectUri
+    });
+    writeToken(this.config.clientId, this.config.storage, token);
+    const publicToken = toPublicToken(token);
+    this.emit({ type: "token_issued", token: publicToken });
+    return publicToken;
+  }
+  /** End-to-end apply: authorize if needed, then POST application. */
+  async apply(opts) {
+    this.emit({
+      type: "apply_started",
+      input: {
+        jobId: opts.jobId,
+        jobTitle: opts.jobTitle,
+        employerId: opts.employerId,
+        employerName: opts.employerName,
+        variationId: opts.variationId ?? void 0
+      }
+    });
+    try {
+      let access = await this.getAccessToken();
+      let token = readToken(
+        this.config.clientId,
+        this.config.storage
+      );
+      const needScopes = normalizeApplyScopes(
+        opts.scopes ?? this.config.applyScopes ?? this.config.scopes ?? DEFAULT_APPLY_SCOPES
+      );
+      const haveAllScopes = token && needScopes.every((scope) => token.scopes.includes(scope));
+      const requireApplicationReview = !opts.variationId;
+      const idempotencyKey = opts.idempotencyKey?.trim() || generateIdempotencyKey();
+      let selectedVariationId = opts.variationId ?? null;
+      if (!access || !haveAllScopes || requireApplicationReview) {
+        const auth = await authorize(this.config, needScopes, {
+          jobId: opts.jobId,
+          jobTitle: opts.jobTitle,
+          employerId: opts.employerId,
+          employerName: opts.employerName,
+          variationId: opts.variationId
+        }, {
+          onPopupOpened: ({ redirectUri }) => {
+            this.emit({ type: "popup_opened", redirectUri });
+          },
+          onPopupClosed: (reason) => {
+            this.emit({ type: "popup_closed", reason });
+          },
+          onPopupResultReceived: (details) => {
+            this.emit({ type: "popup_result_received", ...details });
+          }
+        });
+        const exchanged = await exchangeCode(this.config, {
+          code: auth.code,
+          verifier: auth.verifier,
+          redirectUri: auth.redirectUri
+        });
+        writeToken(this.config.clientId, this.config.storage, exchanged);
+        this.emit({ type: "token_issued", token: toPublicToken(exchanged) });
+        token = exchanged;
+        access = exchanged.accessToken;
+        selectedVariationId = auth.variationId ?? opts.variationId ?? null;
+      }
+      this.emit({
+        type: "apply_submitting",
+        idempotencyKey,
+        variationId: selectedVariationId
+      });
+      const json = await submitApplication(this.config, access, {
+        jobId: opts.jobId,
+        jobTitle: opts.jobTitle,
+        employerId: opts.employerId,
+        employerName: opts.employerName,
+        role: opts.role,
+        variationId: selectedVariationId ?? void 0,
+        idempotencyKey
+      });
+      const result = {
+        application: json.data.application,
+        authorization: toPublicToken(token),
+        idempotencyKey,
+        sharedView: json.data.sharedView ?? (selectedVariationId ? { type: "variation", label: null } : { type: "full_passport", label: null }),
+        versionNumber: json.data.versionNumber ?? null,
+        profile: json.data.profile ?? null,
+        evidence: json.data.evidence ?? null,
+        snapshot: json.data.snapshot ?? null,
+        delivery: json.data.delivery ?? null
+      };
+      this.emit({ type: "apply_success", result });
+      return result;
+    } catch (error) {
+      const err = error instanceof Error ? error : new Error(String(error));
+      this.emit({ type: "apply_error", error: err });
+      throw err;
+    }
+  }
+  async getProfile(scope = "basic") {
+    const token = await this.getAccessToken();
+    if (!token) throw new Error("Not authorised. Call authorize() or apply().");
+    return scope === "full" ? fetchProfileFull(this.config, token) : fetchProfileBasic(this.config, token);
+  }
+  async logout() {
+    const token = readToken(this.config.clientId, this.config.storage);
+    if (token?.accessToken) {
+      try {
+        await revokeTokens(this.config, token.accessToken);
+      } catch {
+      }
+    }
+    clearToken(this.config.clientId, this.config.storage);
+  }
+};
+
+// src/react.ts
+var Ctx = (0, import_react.createContext)(null);
+function HiofuProvider({ config, children }) {
+  const client = (0, import_react.useMemo)(() => new HiofuClient(config), [
+    config.clientId,
+    config.hiofuOrigin,
+    config.apiBase,
+    config.redirectUri,
+    config.storage,
+    config.applyScopes?.join(","),
+    config.scopes?.join(","),
+    config.authorizeTimeoutMs,
+    config.onEvent
+  ]);
+  return (0, import_react.createElement)(Ctx.Provider, { value: client }, children);
+}
+function useHiofu() {
+  const client = (0, import_react.useContext)(Ctx);
+  if (!client) {
+    throw new Error("useHiofu must be used inside <HiofuProvider>");
+  }
+  return client;
+}
+function useHiofuApply() {
+  const client = useHiofu();
+  const [status, setStatus] = (0, import_react.useState)("idle");
+  const [result, setResult] = (0, import_react.useState)(null);
+  const [error, setError] = (0, import_react.useState)(null);
+  (0, import_react.useEffect)(() => {
+    return client.subscribe((event) => {
+      switch (event.type) {
+        case "apply_started":
+          setStatus("authorising");
+          setResult(null);
+          setError(null);
+          break;
+        case "apply_submitting":
+          setStatus("submitting");
+          break;
+        case "apply_success":
+          setStatus("success");
+          setResult(event.result);
+          setError(null);
+          break;
+        case "apply_error":
+          setStatus("error");
+          setError(event.error);
+          break;
+        default:
+          break;
+      }
+    });
+  }, [client]);
+  const apply = (0, import_react.useCallback)(
+    async (opts) => {
+      setStatus("authorising");
+      setError(null);
+      setResult(null);
+      try {
+        return await client.apply(opts);
+      } catch (err) {
+        const e = err instanceof Error ? err : new Error(String(err));
+        setError(e);
+        setStatus("error");
+        throw e;
+      }
+    },
+    [client]
+  );
+  const reset = (0, import_react.useCallback)(() => {
+    setStatus("idle");
+    setResult(null);
+    setError(null);
+  }, []);
+  (0, import_react.useEffect)(() => {
+    void client.getAccessToken();
+  }, [client]);
+  return { status, result, error, apply, reset };
+}