@imtbl/auth-next-client 2.12.5-alpha.13 → 2.12.5-alpha.14

package/dist/browser/index.js

@@ -0,0 +1,10 @@
+import { createContext, useContext, useState, useCallback, useRef, useEffect, useMemo } from 'react';
+import { SessionProvider, useSession, signIn, signOut } from 'next-auth/react';
+import { decodeJwtPayload, Auth, AuthEvents } from '@imtbl/auth';
+export { MarketingConsentStatus } from '@imtbl/auth';
+import { jsx, jsxs } from 'react/jsx-runtime';
+import { useRouter } from 'next/navigation';
+
+var b="https://auth.immutable.com",w="platform_api",U="openid profile email offline_access transact",C="immutable",H="/api/auth";function I(s){if(!s)return Date.now()+9e5;try{let e=decodeJwtPayload(s);return e.exp&&typeof e.exp=="number"?e.exp*1e3:Date.now()+9e5}catch{return Date.now()+9e5}}var z=createContext(null);function W({children:s,config:e,basePath:d}){let[i,a]=useState(null),t=useRef(null),r=useRef(null),[f,k]=useState(!1),{data:l,update:h}=useSession();useEffect(()=>{if(typeof window>"u")return;let E=[e.clientId,e.redirectUri,e.popupRedirectUri||"",e.logoutRedirectUri||"",e.audience||w,e.scope||U,e.authenticationDomain||b,e.passportDomain||""].join(":");if(t.current===E&&r.current!==null)return;t.current=E;let u=new Auth({clientId:e.clientId,redirectUri:e.redirectUri,popupRedirectUri:e.popupRedirectUri,logoutRedirectUri:e.logoutRedirectUri,audience:e.audience||w,scope:e.scope||U,authenticationDomain:e.authenticationDomain||b,passportDomain:e.passportDomain});return r.current=u,a(u),k(!0),()=>{r.current=null,a(null),k(!1);}},[e]),useEffect(()=>{if(!i||!f)return;let E=async n=>{l?.accessToken&&n.accessToken!==l.accessToken&&await h({accessToken:n.accessToken,refreshToken:n.refreshToken,idToken:n.idToken,accessTokenExpires:I(n.accessToken),zkEvm:n.zkEvm});},u=async n=>{await h({accessToken:n.accessToken,refreshToken:n.refreshToken,idToken:n.idToken,accessTokenExpires:I(n.accessToken),zkEvm:n.zkEvm});},c=async n=>{console.warn("[auth-next-client] User removed from Auth SDK:",n.reason,n.error),await signOut({redirect:!1});},p=async()=>{await signOut({redirect:!1});};return i.eventEmitter.on(AuthEvents.LOGGED_IN,E),i.eventEmitter.on(AuthEvents.TOKEN_REFRESHED,u),i.eventEmitter.on(AuthEvents.USER_REMOVED,c),i.eventEmitter.on(AuthEvents.LOGGED_OUT,p),()=>{i.eventEmitter.removeListener(AuthEvents.LOGGED_IN,E),i.eventEmitter.removeListener(AuthEvents.TOKEN_REFRESHED,u),i.eventEmitter.removeListener(AuthEvents.USER_REMOVED,c),i.eventEmitter.removeListener(AuthEvents.LOGGED_OUT,p);}},[i,f,l,h]);let T=useMemo(()=>({auth:i,config:e,basePath:d}),[i,e,d]);return jsx(z.Provider,{value:T,children:s})}function Z({children:s,config:e,session:d,basePath:i=H}){return jsx(SessionProvider,{session:d,basePath:i,children:jsx(W,{config:e,basePath:i,children:s})})}function F(){let s=useContext(z),{data:e,status:d}=useSession(),[i,a]=useState(!1);if(!s)throw new Error("useImmutableAuth must be used within ImmutableAuthProvider");let t=e,{auth:r}=s,f=d==="loading",k=d==="authenticated"&&!!t,l=t?.user?{sub:t.user.sub,email:t.user.email,nickname:t.user.nickname}:null,h=useCallback(async u=>{if(!r)throw new Error("Auth not initialized");a(!0);try{let c=await r.login(u);if(!c)throw new Error("Login failed");let p={accessToken:c.accessToken,refreshToken:c.refreshToken,idToken:c.idToken,accessTokenExpires:I(c.accessToken),profile:{sub:c.profile.sub,email:c.profile.email,nickname:c.profile.nickname},zkEvm:c.zkEvm},n=await signIn(C,{tokens:JSON.stringify(p),redirect:!1});if(n?.error)throw new Error(`NextAuth sign-in failed: ${n.error}`);if(!n?.ok)throw new Error("NextAuth sign-in failed: unknown error")}finally{a(!1);}},[r]),T=useCallback(async()=>{if(r)try{await r.getLogoutUrl();}catch(u){console.warn("[auth-next-client] Logout cleanup error:",u),await signOut({redirect:!1});}else await signOut({redirect:!1});},[r]),E=useCallback(async()=>{if(r)try{let u=await r.getAccessToken();if(u)return u}catch{}if(t?.error)throw new Error(t.error==="TokenExpired"?"Session expired. Please log in again.":`Authentication error: ${t.error}`);if(t?.accessToken)return t.accessToken;throw new Error("No access token available")},[r,t]);return {user:l,session:t,isLoading:f,isLoggingIn:i,isAuthenticated:k,signIn:h,signOut:T,getAccessToken:E,auth:r}}function q(){let{getAccessToken:s}=F();return s}function Q(s,e){let{getAccessToken:d,auth:i}=F(),{ssr:a,data:t,fetchError:r}=s,f=!a||!!r,[k,l]=useState(t),[h,T]=useState(f),[E,u]=useState(r?new Error(r):null),c=useRef(!1),p=useRef(0),n=useRef({serverData:t,ssr:a,fetchError:r});useEffect(()=>{let m=n.current;(m.serverData!==t||m.ssr!==a||m.fetchError!==r)&&(n.current={serverData:t,ssr:a,fetchError:r},c.current=!1,p.current+=1,a&&!r?(l(t),T(!1),u(null)):(l(null),T(!0),u(r?new Error(r):null)));},[t,a,r]);let o=useCallback(async()=>{let m=p.current;T(!0),u(null);try{let g=await d(),y=await e(g);p.current===m&&l(y);}catch(g){p.current===m&&u(g instanceof Error?g:new Error(String(g)));}finally{p.current===m&&T(!1);}},[e,d]);return useEffect(()=>{c.current||f&&(!a&&!i||(c.current=!0,o()));},[f,a,i,o]),{data:k,isLoading:h,error:E,refetch:o}}function se(){return typeof window>"u"?new URLSearchParams:new URLSearchParams(window.location.search)}function ie({config:s,redirectTo:e="/",loadingComponent:d=null,errorComponent:i,onSuccess:a,onError:t}){let r=useRouter(),[f,k]=useState(null),l=useRef(!1);return useEffect(()=>{let h=se(),T=async()=>{try{let o=await new Auth({clientId:s.clientId,redirectUri:s.redirectUri,popupRedirectUri:s.popupRedirectUri,logoutRedirectUri:s.logoutRedirectUri,audience:s.audience||w,scope:s.scope||U,authenticationDomain:s.authenticationDomain||b,passportDomain:s.passportDomain}).loginCallback();if(window.opener){if(!o)throw new Error("Authentication failed: no user data received from login callback");let m={sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname};a&&await a(m),window.close();}else if(o){let m={accessToken:o.accessToken,refreshToken:o.refreshToken,idToken:o.idToken,accessTokenExpires:I(o.accessToken),profile:{sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname},zkEvm:o.zkEvm},g=await signIn(C,{tokens:JSON.stringify(m),redirect:!1});if(g?.error)throw new Error(`NextAuth sign-in failed: ${g.error}`);if(!g?.ok)throw new Error("NextAuth sign-in failed: unknown error");let y={sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname};a&&await a(y);let G=typeof e=="function"?e(y)||"/":e;r.replace(G);}else throw new Error("Authentication failed: no user data received from login callback")}catch(n){let o=n instanceof Error?n.message:"Authentication failed";t&&t(o),k(o);}},E=()=>{let n=h.get("error"),m=h.get("error_description")||n||"Authentication failed";t&&t(m),k(m);};if(l.current)return;let u=h.get("error"),c=h.get("code");if(u){l.current=!0,E();return}if(c){l.current=!0,T();return}l.current=!0;let p="Invalid callback: missing OAuth parameters. Please try logging in again.";t&&t(p),k(p);},[r,s,e,a,t]),f?i?i(f):jsxs("div",{style:{padding:"2rem",textAlign:"center"},children:[jsx("h2",{style:{color:"#dc3545"},children:"Authentication Error"}),jsx("p",{children:f}),jsx("button",{onClick:()=>r.push("/"),type:"button",style:{padding:"0.5rem 1rem",marginTop:"1rem",cursor:"pointer"},children:"Return to Home"})]}):d||jsx("div",{style:{padding:"2rem",textAlign:"center"},children:jsx("p",{children:"Completing authentication..."})})}
+
+export { ie as CallbackPage, Z as ImmutableAuthProvider, q as useAccessToken, Q as useHydratedData, F as useImmutableAuth };

package/dist/node/index.cjs

@@ -1,501 +1,19 @@
-'use client';
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+'use strict';
 
-// src/index.ts
-var src_exports = {};
-__export(src_exports, {
-  CallbackPage: () => CallbackPage,
-  ImmutableAuthProvider: () => ImmutableAuthProvider,
-  MarketingConsentStatus: () => import_auth4.MarketingConsentStatus,
-  useAccessToken: () => useAccessToken,
-  useHydratedData: () => useHydratedData,
-  useImmutableAuth: () => useImmutableAuth
-});
-module.exports = __toCommonJS(src_exports);
-
-// src/provider.tsx
-var import_react = require("react");
-var import_react2 = require("next-auth/react");
-var import_auth2 = require("@imtbl/auth");
-
-// src/utils/token.ts
-var import_auth = require("@imtbl/auth");
-
-// src/constants.ts
-var DEFAULT_AUTH_DOMAIN = "https://auth.immutable.com";
-var DEFAULT_AUDIENCE = "platform_api";
-var DEFAULT_SCOPE = "openid profile email offline_access transact";
-var IMMUTABLE_PROVIDER_ID = "immutable";
-var DEFAULT_NEXTAUTH_BASE_PATH = "/api/auth";
-var DEFAULT_TOKEN_EXPIRY_SECONDS = 900;
-var DEFAULT_TOKEN_EXPIRY_MS = DEFAULT_TOKEN_EXPIRY_SECONDS * 1e3;
-
-// src/utils/token.ts
-function getTokenExpiry(accessToken) {
-  if (!accessToken) {
-    return Date.now() + DEFAULT_TOKEN_EXPIRY_MS;
-  }
-  try {
-    const payload = (0, import_auth.decodeJwtPayload)(accessToken);
-    if (payload.exp && typeof payload.exp === "number") {
-      return payload.exp * 1e3;
-    }
-    return Date.now() + DEFAULT_TOKEN_EXPIRY_MS;
-  } catch {
-    return Date.now() + DEFAULT_TOKEN_EXPIRY_MS;
-  }
-}
-
-// src/provider.tsx
-var import_jsx_runtime = require("react/jsx-runtime");
-var ImmutableAuthContext = (0, import_react.createContext)(null);
-function ImmutableAuthInner({
-  children,
-  config,
-  basePath
-}) {
-  const [auth, setAuth] = (0, import_react.useState)(null);
-  const prevConfigRef = (0, import_react.useRef)(null);
-  const authInstanceRef = (0, import_react.useRef)(null);
-  const [isAuthReady, setIsAuthReady] = (0, import_react.useState)(false);
-  const { data: session, update: updateSession } = (0, import_react2.useSession)();
-  (0, import_react.useEffect)(() => {
-    if (typeof window === "undefined") return void 0;
-    const configKey = [
-      config.clientId,
-      config.redirectUri,
-      config.popupRedirectUri || "",
-      config.logoutRedirectUri || "",
-      config.audience || DEFAULT_AUDIENCE,
-      config.scope || DEFAULT_SCOPE,
-      config.authenticationDomain || DEFAULT_AUTH_DOMAIN,
-      config.passportDomain || ""
-    ].join(":");
-    if (prevConfigRef.current === configKey && authInstanceRef.current !== null) {
-      return void 0;
-    }
-    prevConfigRef.current = configKey;
-    const newAuth = new import_auth2.Auth({
-      clientId: config.clientId,
-      redirectUri: config.redirectUri,
-      popupRedirectUri: config.popupRedirectUri,
-      logoutRedirectUri: config.logoutRedirectUri,
-      audience: config.audience || DEFAULT_AUDIENCE,
-      scope: config.scope || DEFAULT_SCOPE,
-      authenticationDomain: config.authenticationDomain || DEFAULT_AUTH_DOMAIN,
-      passportDomain: config.passportDomain
-    });
-    authInstanceRef.current = newAuth;
-    setAuth(newAuth);
-    setIsAuthReady(true);
-    return () => {
-      authInstanceRef.current = null;
-      setAuth(null);
-      setIsAuthReady(false);
-    };
-  }, [config]);
-  (0, import_react.useEffect)(() => {
-    if (!auth || !isAuthReady) return void 0;
-    const handleLoggedIn = async (authUser) => {
-      if (session?.accessToken && authUser.accessToken !== session.accessToken) {
-        await updateSession({
-          accessToken: authUser.accessToken,
-          refreshToken: authUser.refreshToken,
-          idToken: authUser.idToken,
-          accessTokenExpires: getTokenExpiry(authUser.accessToken),
-          zkEvm: authUser.zkEvm
-        });
-      }
-    };
-    const handleTokenRefreshed = async (authUser) => {
-      await updateSession({
-        accessToken: authUser.accessToken,
-        refreshToken: authUser.refreshToken,
-        idToken: authUser.idToken,
-        accessTokenExpires: getTokenExpiry(authUser.accessToken),
-        zkEvm: authUser.zkEvm
-      });
-    };
-    const handleUserRemoved = async (payload) => {
-      console.warn("[auth-next-client] User removed from Auth SDK:", payload.reason, payload.error);
-      await (0, import_react2.signOut)({ redirect: false });
-    };
-    const handleLoggedOut = async () => {
-      await (0, import_react2.signOut)({ redirect: false });
-    };
-    auth.eventEmitter.on(import_auth2.AuthEvents.LOGGED_IN, handleLoggedIn);
-    auth.eventEmitter.on(import_auth2.AuthEvents.TOKEN_REFRESHED, handleTokenRefreshed);
-    auth.eventEmitter.on(import_auth2.AuthEvents.USER_REMOVED, handleUserRemoved);
-    auth.eventEmitter.on(import_auth2.AuthEvents.LOGGED_OUT, handleLoggedOut);
-    return () => {
-      auth.eventEmitter.removeListener(import_auth2.AuthEvents.LOGGED_IN, handleLoggedIn);
-      auth.eventEmitter.removeListener(import_auth2.AuthEvents.TOKEN_REFRESHED, handleTokenRefreshed);
-      auth.eventEmitter.removeListener(import_auth2.AuthEvents.USER_REMOVED, handleUserRemoved);
-      auth.eventEmitter.removeListener(import_auth2.AuthEvents.LOGGED_OUT, handleLoggedOut);
-    };
-  }, [auth, isAuthReady, session, updateSession]);
-  const contextValue = (0, import_react.useMemo)(
-    () => ({ auth, config, basePath }),
-    [auth, config, basePath]
-  );
-  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(ImmutableAuthContext.Provider, { value: contextValue, children });
-}
-function ImmutableAuthProvider({
-  children,
-  config,
-  session,
-  basePath = DEFAULT_NEXTAUTH_BASE_PATH
-}) {
-  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_react2.SessionProvider, { session, basePath, children: /* @__PURE__ */ (0, import_jsx_runtime.jsx)(ImmutableAuthInner, { config, basePath, children }) });
-}
-function useImmutableAuth() {
-  const context = (0, import_react.useContext)(ImmutableAuthContext);
-  const { data: sessionData, status } = (0, import_react2.useSession)();
-  const [isLoggingIn, setIsLoggingIn] = (0, import_react.useState)(false);
-  if (!context) {
-    throw new Error("useImmutableAuth must be used within ImmutableAuthProvider");
-  }
-  const session = sessionData;
-  const { auth } = context;
-  const isLoading = status === "loading";
-  const isAuthenticated = status === "authenticated" && !!session;
-  const user = session?.user ? {
-    sub: session.user.sub,
-    email: session.user.email,
-    nickname: session.user.nickname
-  } : null;
-  const handleSignIn = (0, import_react.useCallback)(async (options) => {
-    if (!auth) {
-      throw new Error("Auth not initialized");
-    }
-    setIsLoggingIn(true);
-    try {
-      const authUser = await auth.login(options);
-      if (!authUser) {
-        throw new Error("Login failed");
-      }
-      const tokenData = {
-        accessToken: authUser.accessToken,
-        refreshToken: authUser.refreshToken,
-        idToken: authUser.idToken,
-        accessTokenExpires: getTokenExpiry(authUser.accessToken),
-        profile: {
-          sub: authUser.profile.sub,
-          email: authUser.profile.email,
-          nickname: authUser.profile.nickname
-        },
-        zkEvm: authUser.zkEvm
-      };
-      const result = await (0, import_react2.signIn)(IMMUTABLE_PROVIDER_ID, {
-        tokens: JSON.stringify(tokenData),
-        redirect: false
-      });
-      if (result?.error) {
-        throw new Error(`NextAuth sign-in failed: ${result.error}`);
-      }
-      if (!result?.ok) {
-        throw new Error("NextAuth sign-in failed: unknown error");
-      }
-    } finally {
-      setIsLoggingIn(false);
-    }
-  }, [auth]);
-  const handleSignOut = (0, import_react.useCallback)(async () => {
-    if (auth) {
-      try {
-        await auth.getLogoutUrl();
-      } catch (error) {
-        console.warn("[auth-next-client] Logout cleanup error:", error);
-        await (0, import_react2.signOut)({ redirect: false });
-      }
-    } else {
-      await (0, import_react2.signOut)({ redirect: false });
-    }
-  }, [auth]);
-  const getAccessToken = (0, import_react.useCallback)(async () => {
-    if (auth) {
-      try {
-        const token = await auth.getAccessToken();
-        if (token) {
-          return token;
-        }
-      } catch {
-      }
-    }
-    if (session?.error) {
-      throw new Error(
-        session.error === "TokenExpired" ? "Session expired. Please log in again." : `Authentication error: ${session.error}`
-      );
-    }
-    if (session?.accessToken) {
-      return session.accessToken;
-    }
-    throw new Error("No access token available");
-  }, [auth, session]);
-  return {
-    user,
-    session,
-    isLoading,
-    isLoggingIn,
-    isAuthenticated,
-    signIn: handleSignIn,
-    signOut: handleSignOut,
-    getAccessToken,
-    auth
-  };
-}
-function useAccessToken() {
-  const { getAccessToken } = useImmutableAuth();
-  return getAccessToken;
-}
-function useHydratedData(props, fetcher) {
-  const { getAccessToken, auth } = useImmutableAuth();
-  const {
-    ssr,
-    data: serverData,
-    fetchError
-  } = props;
-  const needsClientFetch = !ssr || Boolean(fetchError);
-  const [data, setData] = (0, import_react.useState)(serverData);
-  const [isLoading, setIsLoading] = (0, import_react.useState)(needsClientFetch);
-  const [error, setError] = (0, import_react.useState)(
-    fetchError ? new Error(fetchError) : null
-  );
-  const hasFetchedRef = (0, import_react.useRef)(false);
-  const fetchIdRef = (0, import_react.useRef)(0);
-  const prevPropsRef = (0, import_react.useRef)({ serverData, ssr, fetchError });
-  (0, import_react.useEffect)(() => {
-    const prevProps = prevPropsRef.current;
-    const propsChanged = prevProps.serverData !== serverData || prevProps.ssr !== ssr || prevProps.fetchError !== fetchError;
-    if (propsChanged) {
-      prevPropsRef.current = { serverData, ssr, fetchError };
-      hasFetchedRef.current = false;
-      fetchIdRef.current += 1;
-      if (ssr && !fetchError) {
-        setData(serverData);
-        setIsLoading(false);
-        setError(null);
-      } else {
-        setData(null);
-        setIsLoading(true);
-        setError(fetchError ? new Error(fetchError) : null);
-      }
-    }
-  }, [serverData, ssr, fetchError]);
-  const fetchData = (0, import_react.useCallback)(async () => {
-    const currentFetchId = fetchIdRef.current;
-    setIsLoading(true);
-    setError(null);
-    try {
-      const token = await getAccessToken();
-      const result = await fetcher(token);
-      if (fetchIdRef.current === currentFetchId) {
-        setData(result);
-      }
-    } catch (err) {
-      if (fetchIdRef.current === currentFetchId) {
-        setError(err instanceof Error ? err : new Error(String(err)));
-      }
-    } finally {
-      if (fetchIdRef.current === currentFetchId) {
-        setIsLoading(false);
-      }
-    }
-  }, [fetcher, getAccessToken]);
-  (0, import_react.useEffect)(() => {
-    if (hasFetchedRef.current) return;
-    if (!needsClientFetch) return;
-    if (!ssr && !auth) return;
-    hasFetchedRef.current = true;
-    fetchData();
-  }, [needsClientFetch, ssr, auth, fetchData]);
-  return {
-    data,
-    isLoading,
-    error,
-    refetch: fetchData
-  };
-}
+var react = require('react');
+var react$1 = require('next-auth/react');
+var auth = require('@imtbl/auth');
+var jsxRuntime = require('react/jsx-runtime');
+var navigation = require('next/navigation');
 
-// src/callback.tsx
-var import_react3 = require("react");
-var import_navigation = require("next/navigation");
-var import_react4 = require("next-auth/react");
-var import_auth3 = require("@imtbl/auth");
-var import_jsx_runtime2 = require("react/jsx-runtime");
-function getSearchParams() {
-  if (typeof window === "undefined") {
-    return new URLSearchParams();
-  }
-  return new URLSearchParams(window.location.search);
-}
-function CallbackPage({
-  config,
-  redirectTo = "/",
-  loadingComponent = null,
-  errorComponent,
-  onSuccess,
-  onError
-}) {
-  const router = (0, import_navigation.useRouter)();
-  const [error, setError] = (0, import_react3.useState)(null);
-  const callbackProcessedRef = (0, import_react3.useRef)(false);
-  (0, import_react3.useEffect)(() => {
-    const searchParams = getSearchParams();
-    const handleCallback = async () => {
-      try {
-        const auth = new import_auth3.Auth({
-          clientId: config.clientId,
-          redirectUri: config.redirectUri,
-          popupRedirectUri: config.popupRedirectUri,
-          logoutRedirectUri: config.logoutRedirectUri,
-          audience: config.audience || DEFAULT_AUDIENCE,
-          scope: config.scope || DEFAULT_SCOPE,
-          authenticationDomain: config.authenticationDomain || DEFAULT_AUTH_DOMAIN,
-          passportDomain: config.passportDomain
-        });
-        const authUser = await auth.loginCallback();
-        if (window.opener) {
-          if (!authUser) {
-            throw new Error("Authentication failed: no user data received from login callback");
-          }
-          const user = {
-            sub: authUser.profile.sub,
-            email: authUser.profile.email,
-            nickname: authUser.profile.nickname
-          };
-          if (onSuccess) {
-            await onSuccess(user);
-          }
-          window.close();
-        } else if (authUser) {
-          const tokenData = {
-            accessToken: authUser.accessToken,
-            refreshToken: authUser.refreshToken,
-            idToken: authUser.idToken,
-            accessTokenExpires: getTokenExpiry(authUser.accessToken),
-            profile: {
-              sub: authUser.profile.sub,
-              email: authUser.profile.email,
-              nickname: authUser.profile.nickname
-            },
-            zkEvm: authUser.zkEvm
-          };
-          const result = await (0, import_react4.signIn)(IMMUTABLE_PROVIDER_ID, {
-            tokens: JSON.stringify(tokenData),
-            redirect: false
-          });
-          if (result?.error) {
-            throw new Error(`NextAuth sign-in failed: ${result.error}`);
-          }
-          if (!result?.ok) {
-            throw new Error("NextAuth sign-in failed: unknown error");
-          }
-          const user = {
-            sub: authUser.profile.sub,
-            email: authUser.profile.email,
-            nickname: authUser.profile.nickname
-          };
-          if (onSuccess) {
-            await onSuccess(user);
-          }
-          const resolvedRedirectTo = typeof redirectTo === "function" ? redirectTo(user) || "/" : redirectTo;
-          router.replace(resolvedRedirectTo);
-        } else {
-          throw new Error("Authentication failed: no user data received from login callback");
-        }
-      } catch (err) {
-        const errorMessage2 = err instanceof Error ? err.message : "Authentication failed";
-        if (onError) {
-          onError(errorMessage2);
-        }
-        setError(errorMessage2);
-      }
-    };
-    const handleOAuthError = () => {
-      const errorCode = searchParams.get("error");
-      const errorDescription = searchParams.get("error_description");
-      const errorMessage2 = errorDescription || errorCode || "Authentication failed";
-      if (onError) {
-        onError(errorMessage2);
-      }
-      setError(errorMessage2);
-    };
-    if (callbackProcessedRef.current) {
-      return;
-    }
-    const hasError = searchParams.get("error");
-    const hasCode = searchParams.get("code");
-    if (hasError) {
-      callbackProcessedRef.current = true;
-      handleOAuthError();
-      return;
-    }
-    if (hasCode) {
-      callbackProcessedRef.current = true;
-      handleCallback();
-      return;
-    }
-    callbackProcessedRef.current = true;
-    const errorMessage = "Invalid callback: missing OAuth parameters. Please try logging in again.";
-    if (onError) {
-      onError(errorMessage);
-    }
-    setError(errorMessage);
-  }, [router, config, redirectTo, onSuccess, onError]);
-  if (error) {
-    if (errorComponent) {
-      return errorComponent(error);
-    }
-    return /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("div", { style: { padding: "2rem", textAlign: "center" }, children: [
-      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("h2", { style: { color: "#dc3545" }, children: "Authentication Error" }),
-      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("p", { children: error }),
-      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(
-        "button",
-        {
-          onClick: () => router.push("/"),
-          type: "button",
-          style: {
-            padding: "0.5rem 1rem",
-            marginTop: "1rem",
-            cursor: "pointer"
-          },
-          children: "Return to Home"
-        }
-      )
-    ] });
-  }
-  if (loadingComponent) {
-    return loadingComponent;
-  }
-  return /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: { padding: "2rem", textAlign: "center" }, children: /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("p", { children: "Completing authentication..." }) });
-}
+var b="https://auth.immutable.com",w="platform_api",U="openid profile email offline_access transact",v="immutable",N="/api/auth";function I(s){if(!s)return Date.now()+9e5;try{let e=auth.decodeJwtPayload(s);return e.exp&&typeof e.exp=="number"?e.exp*1e3:Date.now()+9e5}catch{return Date.now()+9e5}}var H=react.createContext(null);function Y({children:s,config:e,basePath:d}){let[i,a]=react.useState(null),t=react.useRef(null),r=react.useRef(null),[f,k]=react.useState(!1),{data:l,update:h}=react$1.useSession();react.useEffect(()=>{if(typeof window>"u")return;let E=[e.clientId,e.redirectUri,e.popupRedirectUri||"",e.logoutRedirectUri||"",e.audience||w,e.scope||U,e.authenticationDomain||b,e.passportDomain||""].join(":");if(t.current===E&&r.current!==null)return;t.current=E;let u=new auth.Auth({clientId:e.clientId,redirectUri:e.redirectUri,popupRedirectUri:e.popupRedirectUri,logoutRedirectUri:e.logoutRedirectUri,audience:e.audience||w,scope:e.scope||U,authenticationDomain:e.authenticationDomain||b,passportDomain:e.passportDomain});return r.current=u,a(u),k(!0),()=>{r.current=null,a(null),k(!1);}},[e]),react.useEffect(()=>{if(!i||!f)return;let E=async n=>{l?.accessToken&&n.accessToken!==l.accessToken&&await h({accessToken:n.accessToken,refreshToken:n.refreshToken,idToken:n.idToken,accessTokenExpires:I(n.accessToken),zkEvm:n.zkEvm});},u=async n=>{await h({accessToken:n.accessToken,refreshToken:n.refreshToken,idToken:n.idToken,accessTokenExpires:I(n.accessToken),zkEvm:n.zkEvm});},c=async n=>{console.warn("[auth-next-client] User removed from Auth SDK:",n.reason,n.error),await react$1.signOut({redirect:!1});},p=async()=>{await react$1.signOut({redirect:!1});};return i.eventEmitter.on(auth.AuthEvents.LOGGED_IN,E),i.eventEmitter.on(auth.AuthEvents.TOKEN_REFRESHED,u),i.eventEmitter.on(auth.AuthEvents.USER_REMOVED,c),i.eventEmitter.on(auth.AuthEvents.LOGGED_OUT,p),()=>{i.eventEmitter.removeListener(auth.AuthEvents.LOGGED_IN,E),i.eventEmitter.removeListener(auth.AuthEvents.TOKEN_REFRESHED,u),i.eventEmitter.removeListener(auth.AuthEvents.USER_REMOVED,c),i.eventEmitter.removeListener(auth.AuthEvents.LOGGED_OUT,p);}},[i,f,l,h]);let T=react.useMemo(()=>({auth:i,config:e,basePath:d}),[i,e,d]);return jsxRuntime.jsx(H.Provider,{value:T,children:s})}function $({children:s,config:e,session:d,basePath:i=N}){return jsxRuntime.jsx(react$1.SessionProvider,{session:d,basePath:i,children:jsxRuntime.jsx(Y,{config:e,basePath:i,children:s})})}function S(){let s=react.useContext(H),{data:e,status:d}=react$1.useSession(),[i,a]=react.useState(!1);if(!s)throw new Error("useImmutableAuth must be used within ImmutableAuthProvider");let t=e,{auth:r}=s,f=d==="loading",k=d==="authenticated"&&!!t,l=t?.user?{sub:t.user.sub,email:t.user.email,nickname:t.user.nickname}:null,h=react.useCallback(async u=>{if(!r)throw new Error("Auth not initialized");a(!0);try{let c=await r.login(u);if(!c)throw new Error("Login failed");let p={accessToken:c.accessToken,refreshToken:c.refreshToken,idToken:c.idToken,accessTokenExpires:I(c.accessToken),profile:{sub:c.profile.sub,email:c.profile.email,nickname:c.profile.nickname},zkEvm:c.zkEvm},n=await react$1.signIn(v,{tokens:JSON.stringify(p),redirect:!1});if(n?.error)throw new Error(`NextAuth sign-in failed: ${n.error}`);if(!n?.ok)throw new Error("NextAuth sign-in failed: unknown error")}finally{a(!1);}},[r]),T=react.useCallback(async()=>{if(r)try{await r.getLogoutUrl();}catch(u){console.warn("[auth-next-client] Logout cleanup error:",u),await react$1.signOut({redirect:!1});}else await react$1.signOut({redirect:!1});},[r]),E=react.useCallback(async()=>{if(r)try{let u=await r.getAccessToken();if(u)return u}catch{}if(t?.error)throw new Error(t.error==="TokenExpired"?"Session expired. Please log in again.":`Authentication error: ${t.error}`);if(t?.accessToken)return t.accessToken;throw new Error("No access token available")},[r,t]);return {user:l,session:t,isLoading:f,isLoggingIn:i,isAuthenticated:k,signIn:h,signOut:T,getAccessToken:E,auth:r}}function W(){let{getAccessToken:s}=S();return s}function Z(s,e){let{getAccessToken:d,auth:i}=S(),{ssr:a,data:t,fetchError:r}=s,f=!a||!!r,[k,l]=react.useState(t),[h,T]=react.useState(f),[E,u]=react.useState(r?new Error(r):null),c=react.useRef(!1),p=react.useRef(0),n=react.useRef({serverData:t,ssr:a,fetchError:r});react.useEffect(()=>{let m=n.current;(m.serverData!==t||m.ssr!==a||m.fetchError!==r)&&(n.current={serverData:t,ssr:a,fetchError:r},c.current=!1,p.current+=1,a&&!r?(l(t),T(!1),u(null)):(l(null),T(!0),u(r?new Error(r):null)));},[t,a,r]);let o=react.useCallback(async()=>{let m=p.current;T(!0),u(null);try{let g=await d(),y=await e(g);p.current===m&&l(y);}catch(g){p.current===m&&u(g instanceof Error?g:new Error(String(g)));}finally{p.current===m&&T(!1);}},[e,d]);return react.useEffect(()=>{c.current||f&&(!a&&!i||(c.current=!0,o()));},[f,a,i,o]),{data:k,isLoading:h,error:E,refetch:o}}function ne(){return typeof window>"u"?new URLSearchParams:new URLSearchParams(window.location.search)}function oe({config:s,redirectTo:e="/",loadingComponent:d=null,errorComponent:i,onSuccess:a,onError:t}){let r=navigation.useRouter(),[f,k]=react.useState(null),l=react.useRef(!1);return react.useEffect(()=>{let h=ne(),T=async()=>{try{let o=await new auth.Auth({clientId:s.clientId,redirectUri:s.redirectUri,popupRedirectUri:s.popupRedirectUri,logoutRedirectUri:s.logoutRedirectUri,audience:s.audience||w,scope:s.scope||U,authenticationDomain:s.authenticationDomain||b,passportDomain:s.passportDomain}).loginCallback();if(window.opener){if(!o)throw new Error("Authentication failed: no user data received from login callback");let m={sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname};a&&await a(m),window.close();}else if(o){let m={accessToken:o.accessToken,refreshToken:o.refreshToken,idToken:o.idToken,accessTokenExpires:I(o.accessToken),profile:{sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname},zkEvm:o.zkEvm},g=await react$1.signIn(v,{tokens:JSON.stringify(m),redirect:!1});if(g?.error)throw new Error(`NextAuth sign-in failed: ${g.error}`);if(!g?.ok)throw new Error("NextAuth sign-in failed: unknown error");let y={sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname};a&&await a(y);let M=typeof e=="function"?e(y)||"/":e;r.replace(M);}else throw new Error("Authentication failed: no user data received from login callback")}catch(n){let o=n instanceof Error?n.message:"Authentication failed";t&&t(o),k(o);}},E=()=>{let n=h.get("error"),m=h.get("error_description")||n||"Authentication failed";t&&t(m),k(m);};if(l.current)return;let u=h.get("error"),c=h.get("code");if(u){l.current=!0,E();return}if(c){l.current=!0,T();return}l.current=!0;let p="Invalid callback: missing OAuth parameters. Please try logging in again.";t&&t(p),k(p);},[r,s,e,a,t]),f?i?i(f):jsxRuntime.jsxs("div",{style:{padding:"2rem",textAlign:"center"},children:[jsxRuntime.jsx("h2",{style:{color:"#dc3545"},children:"Authentication Error"}),jsxRuntime.jsx("p",{children:f}),jsxRuntime.jsx("button",{onClick:()=>r.push("/"),type:"button",style:{padding:"0.5rem 1rem",marginTop:"1rem",cursor:"pointer"},children:"Return to Home"})]}):d||jsxRuntime.jsx("div",{style:{padding:"2rem",textAlign:"center"},children:jsxRuntime.jsx("p",{children:"Completing authentication..."})})}
 
-// src/index.ts
-var import_auth4 = require("@imtbl/auth");
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  CallbackPage,
-  ImmutableAuthProvider,
-  MarketingConsentStatus,
-  useAccessToken,
-  useHydratedData,
-  useImmutableAuth
+Object.defineProperty(exports, "MarketingConsentStatus", {
+	enumerable: true,
+	get: function () { return auth.MarketingConsentStatus; }
 });
+exports.CallbackPage = oe;
+exports.ImmutableAuthProvider = $;
+exports.useAccessToken = W;
+exports.useHydratedData = Z;
+exports.useImmutableAuth = S;

package/dist/node/index.js

@@ -1,486 +1,10 @@
-'use client';
+import { createContext, useContext, useState, useCallback, useRef, useEffect, useMemo } from 'react';
+import { SessionProvider, useSession, signIn, signOut } from 'next-auth/react';
+import { decodeJwtPayload, Auth, AuthEvents } from '@imtbl/auth';
+export { MarketingConsentStatus } from '@imtbl/auth';
+import { jsx, jsxs } from 'react/jsx-runtime';
+import { useRouter } from 'next/navigation';
 
-// src/provider.tsx
-import {
-  createContext,
-  useContext,
-  useEffect,
-  useRef,
-  useState,
-  useCallback,
-  useMemo
-} from "react";
-import {
-  SessionProvider,
-  useSession,
-  signIn,
-  signOut
-} from "next-auth/react";
-import {
-  Auth,
-  AuthEvents
-} from "@imtbl/auth";
+var b="https://auth.immutable.com",w="platform_api",U="openid profile email offline_access transact",v="immutable",N="/api/auth";function I(s){if(!s)return Date.now()+9e5;try{let e=decodeJwtPayload(s);return e.exp&&typeof e.exp=="number"?e.exp*1e3:Date.now()+9e5}catch{return Date.now()+9e5}}var H=createContext(null);function Y({children:s,config:e,basePath:d}){let[i,a]=useState(null),t=useRef(null),r=useRef(null),[f,k]=useState(!1),{data:l,update:h}=useSession();useEffect(()=>{if(typeof window>"u")return;let E=[e.clientId,e.redirectUri,e.popupRedirectUri||"",e.logoutRedirectUri||"",e.audience||w,e.scope||U,e.authenticationDomain||b,e.passportDomain||""].join(":");if(t.current===E&&r.current!==null)return;t.current=E;let u=new Auth({clientId:e.clientId,redirectUri:e.redirectUri,popupRedirectUri:e.popupRedirectUri,logoutRedirectUri:e.logoutRedirectUri,audience:e.audience||w,scope:e.scope||U,authenticationDomain:e.authenticationDomain||b,passportDomain:e.passportDomain});return r.current=u,a(u),k(!0),()=>{r.current=null,a(null),k(!1);}},[e]),useEffect(()=>{if(!i||!f)return;let E=async n=>{l?.accessToken&&n.accessToken!==l.accessToken&&await h({accessToken:n.accessToken,refreshToken:n.refreshToken,idToken:n.idToken,accessTokenExpires:I(n.accessToken),zkEvm:n.zkEvm});},u=async n=>{await h({accessToken:n.accessToken,refreshToken:n.refreshToken,idToken:n.idToken,accessTokenExpires:I(n.accessToken),zkEvm:n.zkEvm});},c=async n=>{console.warn("[auth-next-client] User removed from Auth SDK:",n.reason,n.error),await signOut({redirect:!1});},p=async()=>{await signOut({redirect:!1});};return i.eventEmitter.on(AuthEvents.LOGGED_IN,E),i.eventEmitter.on(AuthEvents.TOKEN_REFRESHED,u),i.eventEmitter.on(AuthEvents.USER_REMOVED,c),i.eventEmitter.on(AuthEvents.LOGGED_OUT,p),()=>{i.eventEmitter.removeListener(AuthEvents.LOGGED_IN,E),i.eventEmitter.removeListener(AuthEvents.TOKEN_REFRESHED,u),i.eventEmitter.removeListener(AuthEvents.USER_REMOVED,c),i.eventEmitter.removeListener(AuthEvents.LOGGED_OUT,p);}},[i,f,l,h]);let T=useMemo(()=>({auth:i,config:e,basePath:d}),[i,e,d]);return jsx(H.Provider,{value:T,children:s})}function $({children:s,config:e,session:d,basePath:i=N}){return jsx(SessionProvider,{session:d,basePath:i,children:jsx(Y,{config:e,basePath:i,children:s})})}function S(){let s=useContext(H),{data:e,status:d}=useSession(),[i,a]=useState(!1);if(!s)throw new Error("useImmutableAuth must be used within ImmutableAuthProvider");let t=e,{auth:r}=s,f=d==="loading",k=d==="authenticated"&&!!t,l=t?.user?{sub:t.user.sub,email:t.user.email,nickname:t.user.nickname}:null,h=useCallback(async u=>{if(!r)throw new Error("Auth not initialized");a(!0);try{let c=await r.login(u);if(!c)throw new Error("Login failed");let p={accessToken:c.accessToken,refreshToken:c.refreshToken,idToken:c.idToken,accessTokenExpires:I(c.accessToken),profile:{sub:c.profile.sub,email:c.profile.email,nickname:c.profile.nickname},zkEvm:c.zkEvm},n=await signIn(v,{tokens:JSON.stringify(p),redirect:!1});if(n?.error)throw new Error(`NextAuth sign-in failed: ${n.error}`);if(!n?.ok)throw new Error("NextAuth sign-in failed: unknown error")}finally{a(!1);}},[r]),T=useCallback(async()=>{if(r)try{await r.getLogoutUrl();}catch(u){console.warn("[auth-next-client] Logout cleanup error:",u),await signOut({redirect:!1});}else await signOut({redirect:!1});},[r]),E=useCallback(async()=>{if(r)try{let u=await r.getAccessToken();if(u)return u}catch{}if(t?.error)throw new Error(t.error==="TokenExpired"?"Session expired. Please log in again.":`Authentication error: ${t.error}`);if(t?.accessToken)return t.accessToken;throw new Error("No access token available")},[r,t]);return {user:l,session:t,isLoading:f,isLoggingIn:i,isAuthenticated:k,signIn:h,signOut:T,getAccessToken:E,auth:r}}function W(){let{getAccessToken:s}=S();return s}function Z(s,e){let{getAccessToken:d,auth:i}=S(),{ssr:a,data:t,fetchError:r}=s,f=!a||!!r,[k,l]=useState(t),[h,T]=useState(f),[E,u]=useState(r?new Error(r):null),c=useRef(!1),p=useRef(0),n=useRef({serverData:t,ssr:a,fetchError:r});useEffect(()=>{let m=n.current;(m.serverData!==t||m.ssr!==a||m.fetchError!==r)&&(n.current={serverData:t,ssr:a,fetchError:r},c.current=!1,p.current+=1,a&&!r?(l(t),T(!1),u(null)):(l(null),T(!0),u(r?new Error(r):null)));},[t,a,r]);let o=useCallback(async()=>{let m=p.current;T(!0),u(null);try{let g=await d(),y=await e(g);p.current===m&&l(y);}catch(g){p.current===m&&u(g instanceof Error?g:new Error(String(g)));}finally{p.current===m&&T(!1);}},[e,d]);return useEffect(()=>{c.current||f&&(!a&&!i||(c.current=!0,o()));},[f,a,i,o]),{data:k,isLoading:h,error:E,refetch:o}}function ne(){return typeof window>"u"?new URLSearchParams:new URLSearchParams(window.location.search)}function oe({config:s,redirectTo:e="/",loadingComponent:d=null,errorComponent:i,onSuccess:a,onError:t}){let r=useRouter(),[f,k]=useState(null),l=useRef(!1);return useEffect(()=>{let h=ne(),T=async()=>{try{let o=await new Auth({clientId:s.clientId,redirectUri:s.redirectUri,popupRedirectUri:s.popupRedirectUri,logoutRedirectUri:s.logoutRedirectUri,audience:s.audience||w,scope:s.scope||U,authenticationDomain:s.authenticationDomain||b,passportDomain:s.passportDomain}).loginCallback();if(window.opener){if(!o)throw new Error("Authentication failed: no user data received from login callback");let m={sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname};a&&await a(m),window.close();}else if(o){let m={accessToken:o.accessToken,refreshToken:o.refreshToken,idToken:o.idToken,accessTokenExpires:I(o.accessToken),profile:{sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname},zkEvm:o.zkEvm},g=await signIn(v,{tokens:JSON.stringify(m),redirect:!1});if(g?.error)throw new Error(`NextAuth sign-in failed: ${g.error}`);if(!g?.ok)throw new Error("NextAuth sign-in failed: unknown error");let y={sub:o.profile.sub,email:o.profile.email,nickname:o.profile.nickname};a&&await a(y);let M=typeof e=="function"?e(y)||"/":e;r.replace(M);}else throw new Error("Authentication failed: no user data received from login callback")}catch(n){let o=n instanceof Error?n.message:"Authentication failed";t&&t(o),k(o);}},E=()=>{let n=h.get("error"),m=h.get("error_description")||n||"Authentication failed";t&&t(m),k(m);};if(l.current)return;let u=h.get("error"),c=h.get("code");if(u){l.current=!0,E();return}if(c){l.current=!0,T();return}l.current=!0;let p="Invalid callback: missing OAuth parameters. Please try logging in again.";t&&t(p),k(p);},[r,s,e,a,t]),f?i?i(f):jsxs("div",{style:{padding:"2rem",textAlign:"center"},children:[jsx("h2",{style:{color:"#dc3545"},children:"Authentication Error"}),jsx("p",{children:f}),jsx("button",{onClick:()=>r.push("/"),type:"button",style:{padding:"0.5rem 1rem",marginTop:"1rem",cursor:"pointer"},children:"Return to Home"})]}):d||jsx("div",{style:{padding:"2rem",textAlign:"center"},children:jsx("p",{children:"Completing authentication..."})})}
 
-// src/utils/token.ts
-import { decodeJwtPayload } from "@imtbl/auth";
-
-// src/constants.ts
-var DEFAULT_AUTH_DOMAIN = "https://auth.immutable.com";
-var DEFAULT_AUDIENCE = "platform_api";
-var DEFAULT_SCOPE = "openid profile email offline_access transact";
-var IMMUTABLE_PROVIDER_ID = "immutable";
-var DEFAULT_NEXTAUTH_BASE_PATH = "/api/auth";
-var DEFAULT_TOKEN_EXPIRY_SECONDS = 900;
-var DEFAULT_TOKEN_EXPIRY_MS = DEFAULT_TOKEN_EXPIRY_SECONDS * 1e3;
-
-// src/utils/token.ts
-function getTokenExpiry(accessToken) {
-  if (!accessToken) {
-    return Date.now() + DEFAULT_TOKEN_EXPIRY_MS;
-  }
-  try {
-    const payload = decodeJwtPayload(accessToken);
-    if (payload.exp && typeof payload.exp === "number") {
-      return payload.exp * 1e3;
-    }
-    return Date.now() + DEFAULT_TOKEN_EXPIRY_MS;
-  } catch {
-    return Date.now() + DEFAULT_TOKEN_EXPIRY_MS;
-  }
-}
-
-// src/provider.tsx
-import { jsx } from "react/jsx-runtime";
-var ImmutableAuthContext = createContext(null);
-function ImmutableAuthInner({
-  children,
-  config,
-  basePath
-}) {
-  const [auth, setAuth] = useState(null);
-  const prevConfigRef = useRef(null);
-  const authInstanceRef = useRef(null);
-  const [isAuthReady, setIsAuthReady] = useState(false);
-  const { data: session, update: updateSession } = useSession();
-  useEffect(() => {
-    if (typeof window === "undefined") return void 0;
-    const configKey = [
-      config.clientId,
-      config.redirectUri,
-      config.popupRedirectUri || "",
-      config.logoutRedirectUri || "",
-      config.audience || DEFAULT_AUDIENCE,
-      config.scope || DEFAULT_SCOPE,
-      config.authenticationDomain || DEFAULT_AUTH_DOMAIN,
-      config.passportDomain || ""
-    ].join(":");
-    if (prevConfigRef.current === configKey && authInstanceRef.current !== null) {
-      return void 0;
-    }
-    prevConfigRef.current = configKey;
-    const newAuth = new Auth({
-      clientId: config.clientId,
-      redirectUri: config.redirectUri,
-      popupRedirectUri: config.popupRedirectUri,
-      logoutRedirectUri: config.logoutRedirectUri,
-      audience: config.audience || DEFAULT_AUDIENCE,
-      scope: config.scope || DEFAULT_SCOPE,
-      authenticationDomain: config.authenticationDomain || DEFAULT_AUTH_DOMAIN,
-      passportDomain: config.passportDomain
-    });
-    authInstanceRef.current = newAuth;
-    setAuth(newAuth);
-    setIsAuthReady(true);
-    return () => {
-      authInstanceRef.current = null;
-      setAuth(null);
-      setIsAuthReady(false);
-    };
-  }, [config]);
-  useEffect(() => {
-    if (!auth || !isAuthReady) return void 0;
-    const handleLoggedIn = async (authUser) => {
-      if (session?.accessToken && authUser.accessToken !== session.accessToken) {
-        await updateSession({
-          accessToken: authUser.accessToken,
-          refreshToken: authUser.refreshToken,
-          idToken: authUser.idToken,
-          accessTokenExpires: getTokenExpiry(authUser.accessToken),
-          zkEvm: authUser.zkEvm
-        });
-      }
-    };
-    const handleTokenRefreshed = async (authUser) => {
-      await updateSession({
-        accessToken: authUser.accessToken,
-        refreshToken: authUser.refreshToken,
-        idToken: authUser.idToken,
-        accessTokenExpires: getTokenExpiry(authUser.accessToken),
-        zkEvm: authUser.zkEvm
-      });
-    };
-    const handleUserRemoved = async (payload) => {
-      console.warn("[auth-next-client] User removed from Auth SDK:", payload.reason, payload.error);
-      await signOut({ redirect: false });
-    };
-    const handleLoggedOut = async () => {
-      await signOut({ redirect: false });
-    };
-    auth.eventEmitter.on(AuthEvents.LOGGED_IN, handleLoggedIn);
-    auth.eventEmitter.on(AuthEvents.TOKEN_REFRESHED, handleTokenRefreshed);
-    auth.eventEmitter.on(AuthEvents.USER_REMOVED, handleUserRemoved);
-    auth.eventEmitter.on(AuthEvents.LOGGED_OUT, handleLoggedOut);
-    return () => {
-      auth.eventEmitter.removeListener(AuthEvents.LOGGED_IN, handleLoggedIn);
-      auth.eventEmitter.removeListener(AuthEvents.TOKEN_REFRESHED, handleTokenRefreshed);
-      auth.eventEmitter.removeListener(AuthEvents.USER_REMOVED, handleUserRemoved);
-      auth.eventEmitter.removeListener(AuthEvents.LOGGED_OUT, handleLoggedOut);
-    };
-  }, [auth, isAuthReady, session, updateSession]);
-  const contextValue = useMemo(
-    () => ({ auth, config, basePath }),
-    [auth, config, basePath]
-  );
-  return /* @__PURE__ */ jsx(ImmutableAuthContext.Provider, { value: contextValue, children });
-}
-function ImmutableAuthProvider({
-  children,
-  config,
-  session,
-  basePath = DEFAULT_NEXTAUTH_BASE_PATH
-}) {
-  return /* @__PURE__ */ jsx(SessionProvider, { session, basePath, children: /* @__PURE__ */ jsx(ImmutableAuthInner, { config, basePath, children }) });
-}
-function useImmutableAuth() {
-  const context = useContext(ImmutableAuthContext);
-  const { data: sessionData, status } = useSession();
-  const [isLoggingIn, setIsLoggingIn] = useState(false);
-  if (!context) {
-    throw new Error("useImmutableAuth must be used within ImmutableAuthProvider");
-  }
-  const session = sessionData;
-  const { auth } = context;
-  const isLoading = status === "loading";
-  const isAuthenticated = status === "authenticated" && !!session;
-  const user = session?.user ? {
-    sub: session.user.sub,
-    email: session.user.email,
-    nickname: session.user.nickname
-  } : null;
-  const handleSignIn = useCallback(async (options) => {
-    if (!auth) {
-      throw new Error("Auth not initialized");
-    }
-    setIsLoggingIn(true);
-    try {
-      const authUser = await auth.login(options);
-      if (!authUser) {
-        throw new Error("Login failed");
-      }
-      const tokenData = {
-        accessToken: authUser.accessToken,
-        refreshToken: authUser.refreshToken,
-        idToken: authUser.idToken,
-        accessTokenExpires: getTokenExpiry(authUser.accessToken),
-        profile: {
-          sub: authUser.profile.sub,
-          email: authUser.profile.email,
-          nickname: authUser.profile.nickname
-        },
-        zkEvm: authUser.zkEvm
-      };
-      const result = await signIn(IMMUTABLE_PROVIDER_ID, {
-        tokens: JSON.stringify(tokenData),
-        redirect: false
-      });
-      if (result?.error) {
-        throw new Error(`NextAuth sign-in failed: ${result.error}`);
-      }
-      if (!result?.ok) {
-        throw new Error("NextAuth sign-in failed: unknown error");
-      }
-    } finally {
-      setIsLoggingIn(false);
-    }
-  }, [auth]);
-  const handleSignOut = useCallback(async () => {
-    if (auth) {
-      try {
-        await auth.getLogoutUrl();
-      } catch (error) {
-        console.warn("[auth-next-client] Logout cleanup error:", error);
-        await signOut({ redirect: false });
-      }
-    } else {
-      await signOut({ redirect: false });
-    }
-  }, [auth]);
-  const getAccessToken = useCallback(async () => {
-    if (auth) {
-      try {
-        const token = await auth.getAccessToken();
-        if (token) {
-          return token;
-        }
-      } catch {
-      }
-    }
-    if (session?.error) {
-      throw new Error(
-        session.error === "TokenExpired" ? "Session expired. Please log in again." : `Authentication error: ${session.error}`
-      );
-    }
-    if (session?.accessToken) {
-      return session.accessToken;
-    }
-    throw new Error("No access token available");
-  }, [auth, session]);
-  return {
-    user,
-    session,
-    isLoading,
-    isLoggingIn,
-    isAuthenticated,
-    signIn: handleSignIn,
-    signOut: handleSignOut,
-    getAccessToken,
-    auth
-  };
-}
-function useAccessToken() {
-  const { getAccessToken } = useImmutableAuth();
-  return getAccessToken;
-}
-function useHydratedData(props, fetcher) {
-  const { getAccessToken, auth } = useImmutableAuth();
-  const {
-    ssr,
-    data: serverData,
-    fetchError
-  } = props;
-  const needsClientFetch = !ssr || Boolean(fetchError);
-  const [data, setData] = useState(serverData);
-  const [isLoading, setIsLoading] = useState(needsClientFetch);
-  const [error, setError] = useState(
-    fetchError ? new Error(fetchError) : null
-  );
-  const hasFetchedRef = useRef(false);
-  const fetchIdRef = useRef(0);
-  const prevPropsRef = useRef({ serverData, ssr, fetchError });
-  useEffect(() => {
-    const prevProps = prevPropsRef.current;
-    const propsChanged = prevProps.serverData !== serverData || prevProps.ssr !== ssr || prevProps.fetchError !== fetchError;
-    if (propsChanged) {
-      prevPropsRef.current = { serverData, ssr, fetchError };
-      hasFetchedRef.current = false;
-      fetchIdRef.current += 1;
-      if (ssr && !fetchError) {
-        setData(serverData);
-        setIsLoading(false);
-        setError(null);
-      } else {
-        setData(null);
-        setIsLoading(true);
-        setError(fetchError ? new Error(fetchError) : null);
-      }
-    }
-  }, [serverData, ssr, fetchError]);
-  const fetchData = useCallback(async () => {
-    const currentFetchId = fetchIdRef.current;
-    setIsLoading(true);
-    setError(null);
-    try {
-      const token = await getAccessToken();
-      const result = await fetcher(token);
-      if (fetchIdRef.current === currentFetchId) {
-        setData(result);
-      }
-    } catch (err) {
-      if (fetchIdRef.current === currentFetchId) {
-        setError(err instanceof Error ? err : new Error(String(err)));
-      }
-    } finally {
-      if (fetchIdRef.current === currentFetchId) {
-        setIsLoading(false);
-      }
-    }
-  }, [fetcher, getAccessToken]);
-  useEffect(() => {
-    if (hasFetchedRef.current) return;
-    if (!needsClientFetch) return;
-    if (!ssr && !auth) return;
-    hasFetchedRef.current = true;
-    fetchData();
-  }, [needsClientFetch, ssr, auth, fetchData]);
-  return {
-    data,
-    isLoading,
-    error,
-    refetch: fetchData
-  };
-}
-
-// src/callback.tsx
-import { useEffect as useEffect2, useState as useState2, useRef as useRef2 } from "react";
-import { useRouter } from "next/navigation";
-import { signIn as signIn2 } from "next-auth/react";
-import { Auth as Auth2 } from "@imtbl/auth";
-import { jsx as jsx2, jsxs } from "react/jsx-runtime";
-function getSearchParams() {
-  if (typeof window === "undefined") {
-    return new URLSearchParams();
-  }
-  return new URLSearchParams(window.location.search);
-}
-function CallbackPage({
-  config,
-  redirectTo = "/",
-  loadingComponent = null,
-  errorComponent,
-  onSuccess,
-  onError
-}) {
-  const router = useRouter();
-  const [error, setError] = useState2(null);
-  const callbackProcessedRef = useRef2(false);
-  useEffect2(() => {
-    const searchParams = getSearchParams();
-    const handleCallback = async () => {
-      try {
-        const auth = new Auth2({
-          clientId: config.clientId,
-          redirectUri: config.redirectUri,
-          popupRedirectUri: config.popupRedirectUri,
-          logoutRedirectUri: config.logoutRedirectUri,
-          audience: config.audience || DEFAULT_AUDIENCE,
-          scope: config.scope || DEFAULT_SCOPE,
-          authenticationDomain: config.authenticationDomain || DEFAULT_AUTH_DOMAIN,
-          passportDomain: config.passportDomain
-        });
-        const authUser = await auth.loginCallback();
-        if (window.opener) {
-          if (!authUser) {
-            throw new Error("Authentication failed: no user data received from login callback");
-          }
-          const user = {
-            sub: authUser.profile.sub,
-            email: authUser.profile.email,
-            nickname: authUser.profile.nickname
-          };
-          if (onSuccess) {
-            await onSuccess(user);
-          }
-          window.close();
-        } else if (authUser) {
-          const tokenData = {
-            accessToken: authUser.accessToken,
-            refreshToken: authUser.refreshToken,
-            idToken: authUser.idToken,
-            accessTokenExpires: getTokenExpiry(authUser.accessToken),
-            profile: {
-              sub: authUser.profile.sub,
-              email: authUser.profile.email,
-              nickname: authUser.profile.nickname
-            },
-            zkEvm: authUser.zkEvm
-          };
-          const result = await signIn2(IMMUTABLE_PROVIDER_ID, {
-            tokens: JSON.stringify(tokenData),
-            redirect: false
-          });
-          if (result?.error) {
-            throw new Error(`NextAuth sign-in failed: ${result.error}`);
-          }
-          if (!result?.ok) {
-            throw new Error("NextAuth sign-in failed: unknown error");
-          }
-          const user = {
-            sub: authUser.profile.sub,
-            email: authUser.profile.email,
-            nickname: authUser.profile.nickname
-          };
-          if (onSuccess) {
-            await onSuccess(user);
-          }
-          const resolvedRedirectTo = typeof redirectTo === "function" ? redirectTo(user) || "/" : redirectTo;
-          router.replace(resolvedRedirectTo);
-        } else {
-          throw new Error("Authentication failed: no user data received from login callback");
-        }
-      } catch (err) {
-        const errorMessage2 = err instanceof Error ? err.message : "Authentication failed";
-        if (onError) {
-          onError(errorMessage2);
-        }
-        setError(errorMessage2);
-      }
-    };
-    const handleOAuthError = () => {
-      const errorCode = searchParams.get("error");
-      const errorDescription = searchParams.get("error_description");
-      const errorMessage2 = errorDescription || errorCode || "Authentication failed";
-      if (onError) {
-        onError(errorMessage2);
-      }
-      setError(errorMessage2);
-    };
-    if (callbackProcessedRef.current) {
-      return;
-    }
-    const hasError = searchParams.get("error");
-    const hasCode = searchParams.get("code");
-    if (hasError) {
-      callbackProcessedRef.current = true;
-      handleOAuthError();
-      return;
-    }
-    if (hasCode) {
-      callbackProcessedRef.current = true;
-      handleCallback();
-      return;
-    }
-    callbackProcessedRef.current = true;
-    const errorMessage = "Invalid callback: missing OAuth parameters. Please try logging in again.";
-    if (onError) {
-      onError(errorMessage);
-    }
-    setError(errorMessage);
-  }, [router, config, redirectTo, onSuccess, onError]);
-  if (error) {
-    if (errorComponent) {
-      return errorComponent(error);
-    }
-    return /* @__PURE__ */ jsxs("div", { style: { padding: "2rem", textAlign: "center" }, children: [
-      /* @__PURE__ */ jsx2("h2", { style: { color: "#dc3545" }, children: "Authentication Error" }),
-      /* @__PURE__ */ jsx2("p", { children: error }),
-      /* @__PURE__ */ jsx2(
-        "button",
-        {
-          onClick: () => router.push("/"),
-          type: "button",
-          style: {
-            padding: "0.5rem 1rem",
-            marginTop: "1rem",
-            cursor: "pointer"
-          },
-          children: "Return to Home"
-        }
-      )
-    ] });
-  }
-  if (loadingComponent) {
-    return loadingComponent;
-  }
-  return /* @__PURE__ */ jsx2("div", { style: { padding: "2rem", textAlign: "center" }, children: /* @__PURE__ */ jsx2("p", { children: "Completing authentication..." }) });
-}
-
-// src/index.ts
-import { MarketingConsentStatus } from "@imtbl/auth";
-export {
-  CallbackPage,
-  ImmutableAuthProvider,
-  MarketingConsentStatus,
-  useAccessToken,
-  useHydratedData,
-  useImmutableAuth
-};
+export { oe as CallbackPage, $ as ImmutableAuthProvider, W as useAccessToken, Z as useHydratedData, S as useImmutableAuth };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@imtbl/auth-next-client",
-  "version": "2.12.5-alpha.13",
+  "version": "2.12.5-alpha.14",
   "description": "Immutable Auth.js v5 integration for Next.js - Client-side components",
   "author": "Immutable",
   "license": "Apache-2.0",
@@ -11,7 +11,7 @@
   "type": "module",
   "main": "./dist/node/index.cjs",
   "module": "./dist/node/index.js",
-  "types": "./dist/node/index.d.ts",
+  "types": "./dist/types/index.d.ts",
   "exports": {
     ".": {
       "development": {
@@ -20,15 +20,15 @@
         "default": "./dist/node/index.js"
       },
       "default": {
-        "types": "./dist/node/index.d.ts",
+        "types": "./dist/types/index.d.ts",
         "require": "./dist/node/index.cjs",
         "default": "./dist/node/index.js"
       }
     }
   },
   "dependencies": {
-    "@imtbl/auth": "2.12.5-alpha.13",
-    "@imtbl/auth-next-server": "2.12.5-alpha.13"
+    "@imtbl/auth": "2.12.5-alpha.14",
+    "@imtbl/auth-next-server": "2.12.5-alpha.14"
   },
   "peerDependencies": {
     "next": "^14.2.0 || ^15.0.0",
@@ -61,10 +61,12 @@
     "typescript": "^5.6.2"
   },
   "scripts": {
-    "build": "tsup && pnpm build:types",
-    "build:types": "tsc --project tsconfig.types.json",
-    "clean": "rm -rf dist",
-    "lint": "eslint src/**/*.{ts,tsx} --max-warnings=0",
+    "build": "pnpm transpile && pnpm typegen",
+    "transpile": "tsup src/index.ts --config ../../tsup.config.js",
+    "typegen": "tsc --customConditions default --emitDeclarationOnly --outDir dist/types",
+    "pack:root": "pnpm pack --pack-destination $(dirname $(pnpm root -w))",
+    "lint": "eslint ./src --ext .ts,.jsx,.tsx --max-warnings=0",
+    "typecheck": "tsc --customConditions default --noEmit --jsx preserve",
     "test": "jest --passWithNoTests"
   }
 }