@judo/auth 0.1.0

package/dist/provider/principal-context.d.ts

@@ -0,0 +1,54 @@
+import { ReactNode } from 'react';
+import { PrincipalData } from '../hooks/use-auth';
+/**
+ * Context providing backend principal data with refresh/override capabilities.
+ *
+ * This is separate from `useAuth().principal` which provides OIDC-claim-mapped data.
+ * `usePrincipal()` provides the **backend** principal fetched from `GET /~principal`.
+ */
+export interface PrincipalContextType {
+    /** Backend principal data, or null if not yet fetched / not authenticated */
+    principal: PrincipalData | null;
+    /** Whether the principal is currently being fetched */
+    isLoading: boolean;
+    /** Re-fetch principal from the backend. Triggers a re-render of the subtree. */
+    refreshPrincipal: () => Promise<void>;
+    /** Override principal data locally. Pass null to clear. */
+    setPrincipal: (data: PrincipalData | null) => void;
+}
+/**
+ * Props for PrincipalProvider.
+ */
+export interface PrincipalProviderProps {
+    /**
+     * Async function that fetches the principal from the backend.
+     * If omitted, the provider will not auto-fetch and principal stays null.
+     *
+     * Typically wired as: `() => api.getPrincipal().then(r => r.data)`
+     */
+    fetchPrincipal?: () => Promise<Record<string, unknown>>;
+    children: ReactNode;
+}
+/**
+ * Access the backend principal context.
+ * Must be used within a PrincipalProvider.
+ *
+ * @throws Error if used outside PrincipalProvider
+ */
+export declare function usePrincipal(): PrincipalContextType;
+/**
+ * Optionally access the backend principal context.
+ * Returns null when used outside PrincipalProvider (safe for optional auth scenarios).
+ */
+export declare function usePrincipalOptional(): PrincipalContextType | null;
+/**
+ * Provides backend principal state with auto-fetch, refresh, and local override.
+ *
+ * On mount, if `fetchPrincipal` is provided, the principal is fetched automatically.
+ * Use `refreshPrincipal()` to re-fetch and `setPrincipal()` for local overrides.
+ *
+ * Place inside the auth boundary (after authentication is confirmed) and inside
+ * the API provider (so `fetchPrincipal` can call API methods).
+ */
+export declare function PrincipalProvider({ fetchPrincipal, children }: PrincipalProviderProps): import("react/jsx-runtime").JSX.Element;
+//# sourceMappingURL=principal-context.d.ts.map

package/dist/provider/principal-context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"principal-context.d.ts","sourceRoot":"","sources":["../../src/provider/principal-context.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,SAAS,EAAgF,MAAM,OAAO,CAAC;AACrH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAMvD;;;;;GAKG;AACH,MAAM,WAAW,oBAAoB;IACpC,6EAA6E;IAC7E,SAAS,EAAE,aAAa,GAAG,IAAI,CAAC;IAChC,uDAAuD;IACvD,SAAS,EAAE,OAAO,CAAC;IACnB,gFAAgF;IAChF,gBAAgB,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IACtC,2DAA2D;IAC3D,YAAY,EAAE,CAAC,IAAI,EAAE,aAAa,GAAG,IAAI,KAAK,IAAI,CAAC;CACnD;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACtC;;;;;OAKG;IACH,cAAc,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,QAAQ,EAAE,SAAS,CAAC;CACpB;AAYD;;;;;GAKG;AACH,wBAAgB,YAAY,IAAI,oBAAoB,CAMnD;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,IAAI,oBAAoB,GAAG,IAAI,CAElE;AAMD;;;;;;;;GAQG;AACH,wBAAgB,iBAAiB,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,EAAE,sBAAsB,2CAyCrF"}

package/dist/provider/realm-cache.d.ts

@@ -0,0 +1,37 @@
+import { UserManager, UserManagerSettings } from 'oidc-client-ts';
+/**
+ * Get or create a UserManager for the given realm.
+ * Uses caching to ensure actors with the same realm share sessions.
+ *
+ * @param realm - The realm identifier
+ * @param config - UserManager configuration
+ * @returns UserManager instance for the realm
+ */
+export declare function getOrCreateUserManager(realm: string, config: UserManagerSettings): UserManager;
+/**
+ * Clear a specific realm from the cache.
+ * Useful for testing or when a realm needs to be re-initialized.
+ *
+ * @param realm - The realm to clear
+ */
+export declare function clearRealmCache(realm: string): void;
+/**
+ * Clear all realms from the cache.
+ * Useful for testing.
+ */
+export declare function clearAllRealmCache(): void;
+/**
+ * Check if a realm exists in the cache.
+ *
+ * @param realm - The realm to check
+ * @returns true if the realm is cached
+ */
+export declare function hasRealmInCache(realm: string): boolean;
+/**
+ * Get the number of cached realms.
+ * Useful for testing.
+ *
+ * @returns Number of cached realms
+ */
+export declare function getCachedRealmCount(): number;
+//# sourceMappingURL=realm-cache.d.ts.map

package/dist/provider/realm-cache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"realm-cache.d.ts","sourceRoot":"","sources":["../../src/provider/realm-cache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAQ1D;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,mBAAmB,GAAG,WAAW,CAK9F;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAEnD;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEtD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,IAAI,MAAM,CAE5C"}

package/dist/utils/claim-mapping.d.ts

@@ -0,0 +1,18 @@
+import { ClaimType } from '@judo/model-api';
+import { ClaimMapping } from '../config';
+/**
+ * Map ClaimType enum to OIDC claim key.
+ *
+ * @param type - ClaimType enum value
+ * @returns OIDC claim key string
+ */
+export declare function claimTypeToKey(type: ClaimType): string;
+/**
+ * Map OIDC claims profile to principal data using claim mappings.
+ *
+ * @param profile - OIDC user profile claims
+ * @param mappings - Claim mappings from auth config
+ * @returns Mapped principal data
+ */
+export declare function mapClaimsToPrincipal(profile: Record<string, unknown> | undefined, mappings: ClaimMapping[]): Record<string, unknown>;
+//# sourceMappingURL=claim-mapping.d.ts.map

package/dist/utils/claim-mapping.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"claim-mapping.d.ts","sourceRoot":"","sources":["../../src/utils/claim-mapping.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAE9C;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,SAAS,GAAG,MAAM,CAOtD;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CACnC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,EAC5C,QAAQ,EAAE,YAAY,EAAE,GACtB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAiCzB"}

package/dist/utils/index.d.ts

@@ -0,0 +1,2 @@
+export { claimTypeToKey, mapClaimsToPrincipal } from './claim-mapping';
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC"}

package/package.json

@@ -0,0 +1,62 @@
+{
+  "name": "@judo/auth",
+  "version": "0.1.0",
+  "description": "OIDC authentication layer for JUDO UI Runtime",
+  "license": "EPL-2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/BlackBeltTechnology/judo-frontend-runtime.git",
+    "directory": "packages/auth"
+  },
+  "files": [
+    "dist",
+    "LICENSE",
+    "README.md"
+  ],
+  "type": "module",
+  "sideEffects": false,
+  "main": "./dist/index.js",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "@judo/model-api": "0.1.0",
+    "@judo/model-loader": "0.1.0"
+  },
+  "devDependencies": {
+    "@emotion/react": "^11.14.0",
+    "@emotion/styled": "^11.14.1",
+    "@testing-library/react": "^16.3.2",
+    "@types/react": "^19.2.14",
+    "oidc-client-ts": "^3.4.1",
+    "react-oidc-context": "^3.3.0",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.18",
+    "@judo/model-api": "0.1.0",
+    "@judo/model-loader": "0.1.0",
+    "@judo/testing": "0.1.0"
+  },
+  "peerDependencies": {
+    "@mui/material": "^7.0.0",
+    "oidc-client-ts": "^3.0.0",
+    "react": "^19.0.0",
+    "react-oidc-context": "^3.0.0",
+    "@judo/model-api": "0.1.0",
+    "@judo/model-loader": "0.1.0"
+  },
+  "scripts": {
+    "build": "vite build",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "type-check": "tsgo --noEmit"
+  }
+}