@mdxui/auth 1.1.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +128 -1
- package/dist/{auth-Ba2f778e.d.ts → auth-maeYSYU_.d.ts} +4 -1
- package/dist/hooks/index.d.ts +92 -2
- package/dist/hooks/index.js +84 -0
- package/dist/hooks/index.js.map +1 -1
- package/dist/{index-Bl4BwORF.d.ts → index-BOMpMKyG.d.ts} +105 -2
- package/dist/index.d.ts +8 -3
- package/dist/index.js +1651 -36
- package/dist/index.js.map +1 -1
- package/dist/providers/index.d.ts +3 -2
- package/dist/providers/index.js +85 -2
- package/dist/providers/index.js.map +1 -1
- package/dist/schemas/index.d.ts +5 -0
- package/dist/schemas/index.js +1 -1
- package/dist/schemas/index.js.map +1 -1
- package/dist/shell/index.d.ts +675 -0
- package/dist/shell/index.js +1025 -0
- package/dist/shell/index.js.map +1 -0
- package/dist/types/index.d.ts +1 -1
- package/dist/types-8tixck1H.d.ts +123 -0
- package/dist/vault/index.d.ts +192 -0
- package/dist/vault/index.js +692 -0
- package/dist/vault/index.js.map +1 -0
- package/dist/widgets/index.d.ts +1 -1
- package/package.json +27 -13
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
export { A as AuthGate, I as IdentityProvider, W as WidgetsProvider, u as useThemeDetection } from '../index-
|
|
1
|
+
export { A as AuthGate, I as IdentityProvider, d as VaultClient, e as VaultContextState, V as VaultProvider, f as VaultProviderProps, W as WidgetsProvider, u as useThemeDetection, b as useVaultContext, c as useVaultContextOptional } from '../index-BOMpMKyG.js';
|
|
2
2
|
import 'react/jsx-runtime';
|
|
3
|
-
import '../auth-
|
|
3
|
+
import '../auth-maeYSYU_.js';
|
|
4
4
|
import 'react';
|
|
5
|
+
import '../types-8tixck1H.js';
|
package/dist/providers/index.js
CHANGED
|
@@ -96,6 +96,7 @@ function IdentityProvider({
|
|
|
96
96
|
}
|
|
97
97
|
|
|
98
98
|
// src/providers/auth-gate.tsx
|
|
99
|
+
import { useEffect as useEffect2, useRef } from "react";
|
|
99
100
|
import { useAuth } from "@workos-inc/authkit-react";
|
|
100
101
|
import { Fragment, jsx as jsx3, jsxs } from "react/jsx-runtime";
|
|
101
102
|
function DefaultLoadingComponent() {
|
|
@@ -128,7 +129,19 @@ function AuthGate({
|
|
|
128
129
|
onUnauthenticated = "landing",
|
|
129
130
|
redirectUrl
|
|
130
131
|
}) {
|
|
131
|
-
const { user, isLoading } = useAuth();
|
|
132
|
+
const { user, isLoading, signIn } = useAuth();
|
|
133
|
+
const signInCalled = useRef(false);
|
|
134
|
+
useEffect2(() => {
|
|
135
|
+
if (onUnauthenticated === "signIn" && !isLoading && !user && !signInCalled.current) {
|
|
136
|
+
signInCalled.current = true;
|
|
137
|
+
signIn();
|
|
138
|
+
}
|
|
139
|
+
}, [onUnauthenticated, isLoading, user, signIn]);
|
|
140
|
+
useEffect2(() => {
|
|
141
|
+
if (user) {
|
|
142
|
+
signInCalled.current = false;
|
|
143
|
+
}
|
|
144
|
+
}, [user]);
|
|
132
145
|
if (!required) {
|
|
133
146
|
return /* @__PURE__ */ jsx3(Fragment, { children });
|
|
134
147
|
}
|
|
@@ -139,6 +152,8 @@ function AuthGate({
|
|
|
139
152
|
return /* @__PURE__ */ jsx3(Fragment, { children });
|
|
140
153
|
}
|
|
141
154
|
switch (onUnauthenticated) {
|
|
155
|
+
case "signIn":
|
|
156
|
+
return /* @__PURE__ */ jsx3(Fragment, { children: loadingComponent ?? /* @__PURE__ */ jsx3(DefaultLoadingComponent, {}) });
|
|
142
157
|
case "redirect":
|
|
143
158
|
if (redirectUrl && typeof window !== "undefined") {
|
|
144
159
|
window.location.href = redirectUrl;
|
|
@@ -152,10 +167,78 @@ function AuthGate({
|
|
|
152
167
|
return /* @__PURE__ */ jsx3(Fragment, { children: landingComponent ?? /* @__PURE__ */ jsx3(DefaultLandingPage, {}) });
|
|
153
168
|
}
|
|
154
169
|
}
|
|
170
|
+
|
|
171
|
+
// src/providers/vault-provider.tsx
|
|
172
|
+
import { createContext, useContext, useMemo } from "react";
|
|
173
|
+
import { jsx as jsx4 } from "react/jsx-runtime";
|
|
174
|
+
var VaultContext = createContext(null);
|
|
175
|
+
var defaultFields = [
|
|
176
|
+
{ key: "api_key", label: "API Key", type: "password", required: true }
|
|
177
|
+
];
|
|
178
|
+
function VaultProvider({
|
|
179
|
+
children,
|
|
180
|
+
client,
|
|
181
|
+
initialItems = []
|
|
182
|
+
}) {
|
|
183
|
+
const contextValue = useMemo(() => {
|
|
184
|
+
const getIntegrationFields = (integrationId) => {
|
|
185
|
+
if (client?.getIntegrationFields) {
|
|
186
|
+
return client.getIntegrationFields(integrationId);
|
|
187
|
+
}
|
|
188
|
+
return defaultFields;
|
|
189
|
+
};
|
|
190
|
+
return {
|
|
191
|
+
client: client ?? null,
|
|
192
|
+
items: initialItems,
|
|
193
|
+
loading: false,
|
|
194
|
+
error: null,
|
|
195
|
+
reload: async () => {
|
|
196
|
+
if (!client) {
|
|
197
|
+
console.warn("VaultProvider: No client provided, cannot reload");
|
|
198
|
+
return;
|
|
199
|
+
}
|
|
200
|
+
await client.list();
|
|
201
|
+
},
|
|
202
|
+
createItem: async (integrationId, credentials) => {
|
|
203
|
+
if (!client) {
|
|
204
|
+
throw new Error("VaultProvider: No client provided");
|
|
205
|
+
}
|
|
206
|
+
await client.create(integrationId, credentials);
|
|
207
|
+
},
|
|
208
|
+
rotateItem: async (id, credentials) => {
|
|
209
|
+
if (!client) {
|
|
210
|
+
throw new Error("VaultProvider: No client provided");
|
|
211
|
+
}
|
|
212
|
+
await client.rotate(id, credentials);
|
|
213
|
+
},
|
|
214
|
+
deleteItem: async (id) => {
|
|
215
|
+
if (!client) {
|
|
216
|
+
throw new Error("VaultProvider: No client provided");
|
|
217
|
+
}
|
|
218
|
+
await client.delete(id);
|
|
219
|
+
},
|
|
220
|
+
getIntegrationFields
|
|
221
|
+
};
|
|
222
|
+
}, [client, initialItems]);
|
|
223
|
+
return /* @__PURE__ */ jsx4(VaultContext.Provider, { value: contextValue, children });
|
|
224
|
+
}
|
|
225
|
+
function useVaultContext() {
|
|
226
|
+
const context = useContext(VaultContext);
|
|
227
|
+
if (!context) {
|
|
228
|
+
throw new Error("useVaultContext must be used within a VaultProvider");
|
|
229
|
+
}
|
|
230
|
+
return context;
|
|
231
|
+
}
|
|
232
|
+
function useVaultContextOptional() {
|
|
233
|
+
return useContext(VaultContext);
|
|
234
|
+
}
|
|
155
235
|
export {
|
|
156
236
|
AuthGate,
|
|
157
237
|
IdentityProvider,
|
|
238
|
+
VaultProvider,
|
|
158
239
|
WidgetsProvider,
|
|
159
|
-
useThemeDetection
|
|
240
|
+
useThemeDetection,
|
|
241
|
+
useVaultContext,
|
|
242
|
+
useVaultContextOptional
|
|
160
243
|
};
|
|
161
244
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/providers/identity-provider.tsx","../../src/providers/widgets-provider.tsx","../../src/providers/auth-gate.tsx"],"sourcesContent":["'use client'\n\nimport { AuthKitProvider } from '@workos-inc/authkit-react'\nimport type { IdentityProviderProps } from '../types/auth'\nimport { WidgetsProvider } from './widgets-provider'\n\n/**\n * Identity provider that wraps your app with WorkOS AuthKit authentication.\n *\n * This provider sets up authentication context for your application and\n * automatically includes the WidgetsProvider for WorkOS widgets.\n *\n * @example\n * ```tsx\n * import { IdentityProvider } from '@mdxui/auth'\n *\n * function App() {\n * return (\n * <IdentityProvider\n * clientId=\"client_xxx\"\n * devMode={process.env.NODE_ENV === 'development'}\n * >\n * <YourApp />\n * </IdentityProvider>\n * )\n * }\n * ```\n *\n * @example\n * ```tsx\n * // With custom redirect URI\n * <IdentityProvider\n * clientId=\"client_xxx\"\n * redirectUri=\"https://app.example.com/dashboard\"\n * onRedirectCallback={() => {\n * // Custom callback after auth redirect\n * }}\n * >\n * <YourApp />\n * </IdentityProvider>\n * ```\n */\nexport function IdentityProvider({\n clientId,\n apiHostname,\n devMode,\n redirectUri,\n onRedirectCallback,\n children,\n}: IdentityProviderProps) {\n // Build redirect URI - defaults to current origin\n const resolvedRedirectUri =\n redirectUri ??\n (typeof window !== 'undefined' ? window.location.origin : undefined)\n\n // Default redirect callback - clear auth params from URL\n const handleRedirectCallback =\n onRedirectCallback ??\n (() => {\n if (typeof window !== 'undefined') {\n const url = new URL(window.location.href)\n url.searchParams.delete('code')\n url.searchParams.delete('state')\n window.history.replaceState({}, '', url.pathname)\n }\n })\n\n return (\n <AuthKitProvider\n clientId={clientId}\n apiHostname={apiHostname}\n devMode={devMode}\n redirectUri={resolvedRedirectUri}\n onRedirectCallback={handleRedirectCallback}\n >\n <WidgetsProvider>{children}</WidgetsProvider>\n </AuthKitProvider>\n )\n}\n\n/**\n * Minimal identity provider without WidgetsProvider\n *\n * Use this if you want to set up widgets separately or don't need them.\n *\n * @example\n * ```tsx\n * import { IdentityProviderMinimal, WidgetsProvider } from '@mdxui/auth'\n *\n * function App() {\n * return (\n * <IdentityProviderMinimal clientId=\"client_xxx\">\n * <WidgetsProvider appearance=\"dark\">\n * <YourApp />\n * </WidgetsProvider>\n * </IdentityProviderMinimal>\n * )\n * }\n * ```\n */\nexport function IdentityProviderMinimal({\n clientId,\n apiHostname,\n devMode,\n redirectUri,\n onRedirectCallback,\n children,\n}: IdentityProviderProps) {\n const resolvedRedirectUri =\n redirectUri ??\n (typeof window !== 'undefined' ? window.location.origin : undefined)\n\n const handleRedirectCallback =\n onRedirectCallback ??\n (() => {\n if (typeof window !== 'undefined') {\n const url = new URL(window.location.href)\n url.searchParams.delete('code')\n url.searchParams.delete('state')\n window.history.replaceState({}, '', url.pathname)\n }\n })\n\n return (\n <AuthKitProvider\n clientId={clientId}\n apiHostname={apiHostname}\n devMode={devMode}\n redirectUri={resolvedRedirectUri}\n onRedirectCallback={handleRedirectCallback}\n >\n {children}\n </AuthKitProvider>\n )\n}\n","'use client'\n\nimport { WorkOsWidgets } from '@workos-inc/widgets'\nimport { useEffect, useState } from 'react'\nimport type { WidgetsProviderProps } from '../types/auth'\n\n/**\n * Hook to detect dark mode from document class or system preference\n *\n * @returns Object with isDark state and mounted flag\n *\n * @example\n * ```tsx\n * const { isDark, mounted } = useThemeDetection()\n * const appearance = mounted ? (isDark ? 'dark' : 'light') : 'inherit'\n * ```\n */\nexport function useThemeDetection() {\n const [mounted, setMounted] = useState(false)\n const [isDark, setIsDark] = useState(false)\n\n useEffect(() => {\n setMounted(true)\n\n const checkDarkMode = () => {\n const isDarkClass = document.documentElement.classList.contains('dark')\n const prefersDark = window.matchMedia(\n '(prefers-color-scheme: dark)'\n ).matches\n setIsDark(\n isDarkClass ||\n (!document.documentElement.classList.contains('light') && prefersDark)\n )\n }\n\n checkDarkMode()\n\n // Watch for class changes on html element\n const observer = new MutationObserver(checkDarkMode)\n observer.observe(document.documentElement, {\n attributes: true,\n attributeFilter: ['class'],\n })\n\n // Watch for system preference changes\n const mediaQuery = window.matchMedia('(prefers-color-scheme: dark)')\n mediaQuery.addEventListener('change', checkDarkMode)\n\n return () => {\n observer.disconnect()\n mediaQuery.removeEventListener('change', checkDarkMode)\n }\n }, [])\n\n return { isDark, mounted }\n}\n\n/**\n * Provider for WorkOS widgets with automatic theme detection\n *\n * Wraps children with WorkOsWidgets context and automatically detects\n * light/dark mode from document classes or system preference.\n *\n * @example\n * ```tsx\n * import { WidgetsProvider } from '@mdxui/auth'\n * import { UserProfile } from '@mdxui/auth/widgets'\n *\n * function App() {\n * return (\n * <WidgetsProvider>\n * <UserProfile authToken={getAccessToken} />\n * </WidgetsProvider>\n * )\n * }\n * ```\n *\n * @example\n * ```tsx\n * // With explicit theme\n * <WidgetsProvider appearance=\"dark\" radius=\"large\">\n * <UserProfile authToken={token} />\n * </WidgetsProvider>\n * ```\n */\nexport function WidgetsProvider({\n children,\n appearance,\n radius = 'medium',\n scaling = '100%',\n}: WidgetsProviderProps) {\n const { isDark, mounted } = useThemeDetection()\n\n // Use provided appearance, or auto-detect from theme\n // Use \"inherit\" until mounted to avoid hydration mismatch\n const resolvedAppearance =\n appearance ?? (mounted ? (isDark ? 'dark' : 'light') : 'inherit')\n\n return (\n <WorkOsWidgets\n theme={{\n appearance: resolvedAppearance,\n radius,\n scaling,\n }}\n elements={{\n primaryButton: {\n variant: 'solid',\n },\n secondaryButton: {\n variant: 'outline',\n },\n }}\n >\n {children}\n </WorkOsWidgets>\n )\n}\n","'use client'\n\nimport { useAuth } from '@workos-inc/authkit-react'\nimport type { AuthGateProps } from '../types/auth'\n\n/**\n * Default loading component shown while checking authentication\n */\nfunction DefaultLoadingComponent() {\n return (\n <div className=\"min-h-screen bg-background flex items-center justify-center\">\n <div className=\"flex flex-col items-center gap-4\">\n <div className=\"h-8 w-8 animate-spin rounded-full border-4 border-primary border-t-transparent\" />\n <p className=\"text-sm text-muted-foreground\">Loading...</p>\n </div>\n </div>\n )\n}\n\n/**\n * Default landing page component shown when user is not authenticated\n */\nfunction DefaultLandingPage() {\n const { signIn } = useAuth()\n\n return (\n <div className=\"min-h-screen bg-background flex flex-col items-center justify-center p-4\">\n <div className=\"text-center max-w-md\">\n <h1 className=\"text-3xl font-bold tracking-tight mb-4\">Welcome</h1>\n <p className=\"text-muted-foreground mb-8\">\n Sign in to access your dashboard.\n </p>\n <button\n type=\"button\"\n onClick={() => signIn()}\n className=\"inline-flex items-center justify-center gap-2 whitespace-nowrap rounded-[var(--radius-md)] text-sm font-medium transition-colors bg-primary text-primary-foreground hover:bg-primary/90 h-10 px-6\"\n >\n Sign In\n </button>\n </div>\n </div>\n )\n}\n\n/**\n * AuthGate handles authentication state and shows appropriate UI:\n * - Loading state while checking auth\n * - Landing page or redirect when not authenticated\n * - Children (protected content) when authenticated\n *\n * @example\n * ```tsx\n * import { AuthGate } from '@mdxui/auth'\n *\n * function App() {\n * return (\n * <AuthGate>\n * <ProtectedDashboard />\n * </AuthGate>\n * )\n * }\n * ```\n *\n * @example\n * ```tsx\n * // With custom components\n * <AuthGate\n * loadingComponent={<CustomSpinner />}\n * landingComponent={<CustomLandingPage />}\n * >\n * <Dashboard />\n * </AuthGate>\n * ```\n *\n * @example\n * ```tsx\n * // Allow unauthenticated access\n * <AuthGate required={false}>\n * <PublicContent />\n * </AuthGate>\n * ```\n *\n * @example\n * ```tsx\n * // Redirect to external URL when not authenticated\n * <AuthGate\n * onUnauthenticated=\"redirect\"\n * redirectUrl=\"https://marketing.example.com\"\n * >\n * <Dashboard />\n * </AuthGate>\n * ```\n */\nexport function AuthGate({\n children,\n required = true,\n loadingComponent,\n landingComponent,\n onUnauthenticated = 'landing',\n redirectUrl,\n}: AuthGateProps) {\n const { user, isLoading } = useAuth()\n\n // If auth is not required, always show children\n if (!required) {\n return <>{children}</>\n }\n\n // Show loading state while checking authentication\n if (isLoading) {\n return <>{loadingComponent ?? <DefaultLoadingComponent />}</>\n }\n\n // User is authenticated, show protected content\n if (user) {\n return <>{children}</>\n }\n\n // User is not authenticated - handle based on config\n switch (onUnauthenticated) {\n case 'redirect':\n // Redirect to external URL\n if (redirectUrl && typeof window !== 'undefined') {\n window.location.href = redirectUrl\n return (\n <div className=\"min-h-screen bg-background flex items-center justify-center\">\n <p className=\"text-sm text-muted-foreground\">Redirecting...</p>\n </div>\n )\n }\n // Fall through to landing if no redirect URL\n return <>{landingComponent ?? <DefaultLandingPage />}</>\n\n case 'allow':\n // Allow access even without auth (shows children)\n return <>{children}</>\n\n case 'landing':\n default:\n // Show landing page (custom or default)\n return <>{landingComponent ?? <DefaultLandingPage />}</>\n }\n}\n"],"mappings":";AAEA,SAAS,uBAAuB;;;ACAhC,SAAS,qBAAqB;AAC9B,SAAS,WAAW,gBAAgB;AAgGhC;AAlFG,SAAS,oBAAoB;AAClC,QAAM,CAAC,SAAS,UAAU,IAAI,SAAS,KAAK;AAC5C,QAAM,CAAC,QAAQ,SAAS,IAAI,SAAS,KAAK;AAE1C,YAAU,MAAM;AACd,eAAW,IAAI;AAEf,UAAM,gBAAgB,MAAM;AAC1B,YAAM,cAAc,SAAS,gBAAgB,UAAU,SAAS,MAAM;AACtE,YAAM,cAAc,OAAO;AAAA,QACzB;AAAA,MACF,EAAE;AACF;AAAA,QACE,eACG,CAAC,SAAS,gBAAgB,UAAU,SAAS,OAAO,KAAK;AAAA,MAC9D;AAAA,IACF;AAEA,kBAAc;AAGd,UAAM,WAAW,IAAI,iBAAiB,aAAa;AACnD,aAAS,QAAQ,SAAS,iBAAiB;AAAA,MACzC,YAAY;AAAA,MACZ,iBAAiB,CAAC,OAAO;AAAA,IAC3B,CAAC;AAGD,UAAM,aAAa,OAAO,WAAW,8BAA8B;AACnE,eAAW,iBAAiB,UAAU,aAAa;AAEnD,WAAO,MAAM;AACX,eAAS,WAAW;AACpB,iBAAW,oBAAoB,UAAU,aAAa;AAAA,IACxD;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,SAAO,EAAE,QAAQ,QAAQ;AAC3B;AA8BO,SAAS,gBAAgB;AAAA,EAC9B;AAAA,EACA;AAAA,EACA,SAAS;AAAA,EACT,UAAU;AACZ,GAAyB;AACvB,QAAM,EAAE,QAAQ,QAAQ,IAAI,kBAAkB;AAI9C,QAAM,qBACJ,eAAe,UAAW,SAAS,SAAS,UAAW;AAEzD,SACE;AAAA,IAAC;AAAA;AAAA,MACC,OAAO;AAAA,QACL,YAAY;AAAA,QACZ;AAAA,QACA;AAAA,MACF;AAAA,MACA,UAAU;AAAA,QACR,eAAe;AAAA,UACb,SAAS;AAAA,QACX;AAAA,QACA,iBAAiB;AAAA,UACf,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MAEC;AAAA;AAAA,EACH;AAEJ;;;AD1CM,gBAAAA,YAAA;AAjCC,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAA0B;AAExB,QAAM,sBACJ,gBACC,OAAO,WAAW,cAAc,OAAO,SAAS,SAAS;AAG5D,QAAM,yBACJ,uBACC,MAAM;AACL,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,MAAM,IAAI,IAAI,OAAO,SAAS,IAAI;AACxC,UAAI,aAAa,OAAO,MAAM;AAC9B,UAAI,aAAa,OAAO,OAAO;AAC/B,aAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,IAAI,QAAQ;AAAA,IAClD;AAAA,EACF;AAEF,SACE,gBAAAA;AAAA,IAAC;AAAA;AAAA,MACC;AAAA,MACA;AAAA,MACA;AAAA,MACA,aAAa;AAAA,MACb,oBAAoB;AAAA,MAEpB,0BAAAA,KAAC,mBAAiB,UAAS;AAAA;AAAA,EAC7B;AAEJ;;;AE5EA,SAAS,eAAe;AASlB,SA8FK,UA7FH,OAAAC,MADF;AAHN,SAAS,0BAA0B;AACjC,SACE,gBAAAA,KAAC,SAAI,WAAU,+DACb,+BAAC,SAAI,WAAU,oCACb;AAAA,oBAAAA,KAAC,SAAI,WAAU,kFAAiF;AAAA,IAChG,gBAAAA,KAAC,OAAE,WAAU,iCAAgC,wBAAU;AAAA,KACzD,GACF;AAEJ;AAKA,SAAS,qBAAqB;AAC5B,QAAM,EAAE,OAAO,IAAI,QAAQ;AAE3B,SACE,gBAAAA,KAAC,SAAI,WAAU,4EACb,+BAAC,SAAI,WAAU,wBACb;AAAA,oBAAAA,KAAC,QAAG,WAAU,0CAAyC,qBAAO;AAAA,IAC9D,gBAAAA,KAAC,OAAE,WAAU,8BAA6B,+CAE1C;AAAA,IACA,gBAAAA;AAAA,MAAC;AAAA;AAAA,QACC,MAAK;AAAA,QACL,SAAS,MAAM,OAAO;AAAA,QACtB,WAAU;AAAA,QACX;AAAA;AAAA,IAED;AAAA,KACF,GACF;AAEJ;AAmDO,SAAS,SAAS;AAAA,EACvB;AAAA,EACA,WAAW;AAAA,EACX;AAAA,EACA;AAAA,EACA,oBAAoB;AAAA,EACpB;AACF,GAAkB;AAChB,QAAM,EAAE,MAAM,UAAU,IAAI,QAAQ;AAGpC,MAAI,CAAC,UAAU;AACb,WAAO,gBAAAA,KAAA,YAAG,UAAS;AAAA,EACrB;AAGA,MAAI,WAAW;AACb,WAAO,gBAAAA,KAAA,YAAG,8BAAoB,gBAAAA,KAAC,2BAAwB,GAAG;AAAA,EAC5D;AAGA,MAAI,MAAM;AACR,WAAO,gBAAAA,KAAA,YAAG,UAAS;AAAA,EACrB;AAGA,UAAQ,mBAAmB;AAAA,IACzB,KAAK;AAEH,UAAI,eAAe,OAAO,WAAW,aAAa;AAChD,eAAO,SAAS,OAAO;AACvB,eACE,gBAAAA,KAAC,SAAI,WAAU,+DACb,0BAAAA,KAAC,OAAE,WAAU,iCAAgC,4BAAc,GAC7D;AAAA,MAEJ;AAEA,aAAO,gBAAAA,KAAA,YAAG,8BAAoB,gBAAAA,KAAC,sBAAmB,GAAG;AAAA,IAEvD,KAAK;AAEH,aAAO,gBAAAA,KAAA,YAAG,UAAS;AAAA,IAErB,KAAK;AAAA,IACL;AAEE,aAAO,gBAAAA,KAAA,YAAG,8BAAoB,gBAAAA,KAAC,sBAAmB,GAAG;AAAA,EACzD;AACF;","names":["jsx","jsx"]}
|
|
1
|
+
{"version":3,"sources":["../../src/providers/identity-provider.tsx","../../src/providers/widgets-provider.tsx","../../src/providers/auth-gate.tsx","../../src/providers/vault-provider.tsx"],"sourcesContent":["'use client'\n\nimport { AuthKitProvider } from '@workos-inc/authkit-react'\nimport type { IdentityProviderProps } from '../types/auth'\nimport { WidgetsProvider } from './widgets-provider'\n\n/**\n * Identity provider that wraps your app with WorkOS AuthKit authentication.\n *\n * This provider sets up authentication context for your application and\n * automatically includes the WidgetsProvider for WorkOS widgets.\n *\n * @example\n * ```tsx\n * import { IdentityProvider } from '@mdxui/auth'\n *\n * function App() {\n * return (\n * <IdentityProvider\n * clientId=\"client_xxx\"\n * devMode={process.env.NODE_ENV === 'development'}\n * >\n * <YourApp />\n * </IdentityProvider>\n * )\n * }\n * ```\n *\n * @example\n * ```tsx\n * // With custom redirect URI\n * <IdentityProvider\n * clientId=\"client_xxx\"\n * redirectUri=\"https://app.example.com/dashboard\"\n * onRedirectCallback={() => {\n * // Custom callback after auth redirect\n * }}\n * >\n * <YourApp />\n * </IdentityProvider>\n * ```\n */\nexport function IdentityProvider({\n clientId,\n apiHostname,\n devMode,\n redirectUri,\n onRedirectCallback,\n children,\n}: IdentityProviderProps) {\n // Build redirect URI - defaults to current origin (no trailing slash)\n // Note: WorkOS AuthKit internally appends a trailing slash, so register\n // \"https://yourdomain.com/\" (with slash) in WorkOS dashboard\n const resolvedRedirectUri =\n redirectUri ??\n (typeof window !== 'undefined' ? window.location.origin : undefined)\n\n // Default redirect callback - clear auth params from URL\n const handleRedirectCallback =\n onRedirectCallback ??\n (() => {\n if (typeof window !== 'undefined') {\n const url = new URL(window.location.href)\n url.searchParams.delete('code')\n url.searchParams.delete('state')\n window.history.replaceState({}, '', url.pathname)\n }\n })\n\n return (\n <AuthKitProvider\n clientId={clientId}\n apiHostname={apiHostname}\n devMode={devMode}\n redirectUri={resolvedRedirectUri}\n onRedirectCallback={handleRedirectCallback}\n >\n <WidgetsProvider>{children}</WidgetsProvider>\n </AuthKitProvider>\n )\n}\n\n/**\n * Minimal identity provider without WidgetsProvider\n *\n * Use this if you want to set up widgets separately or don't need them.\n *\n * @example\n * ```tsx\n * import { IdentityProviderMinimal, WidgetsProvider } from '@mdxui/auth'\n *\n * function App() {\n * return (\n * <IdentityProviderMinimal clientId=\"client_xxx\">\n * <WidgetsProvider appearance=\"dark\">\n * <YourApp />\n * </WidgetsProvider>\n * </IdentityProviderMinimal>\n * )\n * }\n * ```\n */\nexport function IdentityProviderMinimal({\n clientId,\n apiHostname,\n devMode,\n redirectUri,\n onRedirectCallback,\n children,\n}: IdentityProviderProps) {\n const resolvedRedirectUri =\n redirectUri ??\n (typeof window !== 'undefined' ? window.location.origin : undefined)\n\n const handleRedirectCallback =\n onRedirectCallback ??\n (() => {\n if (typeof window !== 'undefined') {\n const url = new URL(window.location.href)\n url.searchParams.delete('code')\n url.searchParams.delete('state')\n window.history.replaceState({}, '', url.pathname)\n }\n })\n\n return (\n <AuthKitProvider\n clientId={clientId}\n apiHostname={apiHostname}\n devMode={devMode}\n redirectUri={resolvedRedirectUri}\n onRedirectCallback={handleRedirectCallback}\n >\n {children}\n </AuthKitProvider>\n )\n}\n","'use client'\n\nimport { WorkOsWidgets } from '@workos-inc/widgets'\nimport { useEffect, useState } from 'react'\nimport type { WidgetsProviderProps } from '../types/auth'\n\n/**\n * Hook to detect dark mode from document class or system preference\n *\n * @returns Object with isDark state and mounted flag\n *\n * @example\n * ```tsx\n * const { isDark, mounted } = useThemeDetection()\n * const appearance = mounted ? (isDark ? 'dark' : 'light') : 'inherit'\n * ```\n */\nexport function useThemeDetection() {\n const [mounted, setMounted] = useState(false)\n const [isDark, setIsDark] = useState(false)\n\n useEffect(() => {\n setMounted(true)\n\n const checkDarkMode = () => {\n const isDarkClass = document.documentElement.classList.contains('dark')\n const prefersDark = window.matchMedia(\n '(prefers-color-scheme: dark)'\n ).matches\n setIsDark(\n isDarkClass ||\n (!document.documentElement.classList.contains('light') && prefersDark)\n )\n }\n\n checkDarkMode()\n\n // Watch for class changes on html element\n const observer = new MutationObserver(checkDarkMode)\n observer.observe(document.documentElement, {\n attributes: true,\n attributeFilter: ['class'],\n })\n\n // Watch for system preference changes\n const mediaQuery = window.matchMedia('(prefers-color-scheme: dark)')\n mediaQuery.addEventListener('change', checkDarkMode)\n\n return () => {\n observer.disconnect()\n mediaQuery.removeEventListener('change', checkDarkMode)\n }\n }, [])\n\n return { isDark, mounted }\n}\n\n/**\n * Provider for WorkOS widgets with automatic theme detection\n *\n * Wraps children with WorkOsWidgets context and automatically detects\n * light/dark mode from document classes or system preference.\n *\n * @example\n * ```tsx\n * import { WidgetsProvider } from '@mdxui/auth'\n * import { UserProfile } from '@mdxui/auth/widgets'\n *\n * function App() {\n * return (\n * <WidgetsProvider>\n * <UserProfile authToken={getAccessToken} />\n * </WidgetsProvider>\n * )\n * }\n * ```\n *\n * @example\n * ```tsx\n * // With explicit theme\n * <WidgetsProvider appearance=\"dark\" radius=\"large\">\n * <UserProfile authToken={token} />\n * </WidgetsProvider>\n * ```\n */\nexport function WidgetsProvider({\n children,\n appearance,\n radius = 'medium',\n scaling = '100%',\n}: WidgetsProviderProps) {\n const { isDark, mounted } = useThemeDetection()\n\n // Use provided appearance, or auto-detect from theme\n // Use \"inherit\" until mounted to avoid hydration mismatch\n const resolvedAppearance =\n appearance ?? (mounted ? (isDark ? 'dark' : 'light') : 'inherit')\n\n // Note: Widgets always use api.workos.com - custom Authentication API domains\n // do NOT support widget endpoints. Only authentication uses custom domains.\n return (\n <WorkOsWidgets\n theme={{\n appearance: resolvedAppearance,\n radius,\n scaling,\n }}\n elements={{\n primaryButton: {\n variant: 'solid',\n },\n secondaryButton: {\n variant: 'outline',\n },\n }}\n >\n {children}\n </WorkOsWidgets>\n )\n}\n","'use client'\n\nimport { useEffect, useRef } from 'react'\nimport { useAuth } from '@workos-inc/authkit-react'\nimport type { AuthGateProps } from '../types/auth'\n\n/**\n * Default loading component shown while checking authentication\n */\nfunction DefaultLoadingComponent() {\n return (\n <div className=\"min-h-screen bg-background flex items-center justify-center\">\n <div className=\"flex flex-col items-center gap-4\">\n <div className=\"h-8 w-8 animate-spin rounded-full border-4 border-primary border-t-transparent\" />\n <p className=\"text-sm text-muted-foreground\">Loading...</p>\n </div>\n </div>\n )\n}\n\n/**\n * Default landing page component shown when user is not authenticated\n */\nfunction DefaultLandingPage() {\n const { signIn } = useAuth()\n\n return (\n <div className=\"min-h-screen bg-background flex flex-col items-center justify-center p-4\">\n <div className=\"text-center max-w-md\">\n <h1 className=\"text-3xl font-bold tracking-tight mb-4\">Welcome</h1>\n <p className=\"text-muted-foreground mb-8\">\n Sign in to access your dashboard.\n </p>\n <button\n type=\"button\"\n onClick={() => signIn()}\n className=\"inline-flex items-center justify-center gap-2 whitespace-nowrap rounded-[var(--radius-md)] text-sm font-medium transition-colors bg-primary text-primary-foreground hover:bg-primary/90 h-10 px-6\"\n >\n Sign In\n </button>\n </div>\n </div>\n )\n}\n\n/**\n * AuthGate handles authentication state and shows appropriate UI:\n * - Loading state while checking auth\n * - Landing page or redirect when not authenticated\n * - Children (protected content) when authenticated\n *\n * @example\n * ```tsx\n * import { AuthGate } from '@mdxui/auth'\n *\n * function App() {\n * return (\n * <AuthGate>\n * <ProtectedDashboard />\n * </AuthGate>\n * )\n * }\n * ```\n *\n * @example\n * ```tsx\n * // With custom components\n * <AuthGate\n * loadingComponent={<CustomSpinner />}\n * landingComponent={<CustomLandingPage />}\n * >\n * <Dashboard />\n * </AuthGate>\n * ```\n *\n * @example\n * ```tsx\n * // Allow unauthenticated access\n * <AuthGate required={false}>\n * <PublicContent />\n * </AuthGate>\n * ```\n *\n * @example\n * ```tsx\n * // Redirect to external URL when not authenticated\n * <AuthGate\n * onUnauthenticated=\"redirect\"\n * redirectUrl=\"https://marketing.example.com\"\n * >\n * <Dashboard />\n * </AuthGate>\n * ```\n */\nexport function AuthGate({\n children,\n required = true,\n loadingComponent,\n landingComponent,\n onUnauthenticated = 'landing',\n redirectUrl,\n}: AuthGateProps) {\n const { user, isLoading, signIn } = useAuth()\n const signInCalled = useRef(false)\n\n // Auto sign-in effect for 'signIn' mode\n useEffect(() => {\n if (onUnauthenticated === 'signIn' && !isLoading && !user && !signInCalled.current) {\n signInCalled.current = true\n signIn()\n }\n }, [onUnauthenticated, isLoading, user, signIn])\n\n // Reset flag when user logs in\n useEffect(() => {\n if (user) {\n signInCalled.current = false\n }\n }, [user])\n\n // If auth is not required, always show children\n if (!required) {\n return <>{children}</>\n }\n\n // Show loading state while checking authentication\n if (isLoading) {\n return <>{loadingComponent ?? <DefaultLoadingComponent />}</>\n }\n\n // User is authenticated, show protected content\n if (user) {\n return <>{children}</>\n }\n\n // User is not authenticated - handle based on config\n switch (onUnauthenticated) {\n case 'signIn':\n // Auto sign-in mode - show loading while redirecting to auth\n return <>{loadingComponent ?? <DefaultLoadingComponent />}</>\n\n case 'redirect':\n // Redirect to external URL\n if (redirectUrl && typeof window !== 'undefined') {\n window.location.href = redirectUrl\n return (\n <div className=\"min-h-screen bg-background flex items-center justify-center\">\n <p className=\"text-sm text-muted-foreground\">Redirecting...</p>\n </div>\n )\n }\n // Fall through to landing if no redirect URL\n return <>{landingComponent ?? <DefaultLandingPage />}</>\n\n case 'allow':\n // Allow access even without auth (shows children)\n return <>{children}</>\n\n case 'landing':\n default:\n // Show landing page (custom or default)\n return <>{landingComponent ?? <DefaultLandingPage />}</>\n }\n}\n","'use client'\n\nimport { createContext, useContext, useMemo, type ReactNode } from 'react'\nimport type { VaultItem, VaultField } from '../vault/types'\n\n/**\n * Vault client interface\n *\n * Defines the contract for a vault backend. The actual implementation\n * can be provided by vault.do SDK or any other vault service.\n */\nexport interface VaultClient {\n /** List all vault items */\n list: () => Promise<VaultItem[]>\n /** Create a new vault item */\n create: (integrationId: string, credentials: Record<string, string>) => Promise<VaultItem>\n /** Rotate credentials for an existing vault item */\n rotate: (id: string, credentials: Record<string, string>) => Promise<VaultItem>\n /** Delete a vault item */\n delete: (id: string) => Promise<void>\n /** Get field configuration for an integration */\n getIntegrationFields?: (integrationId: string) => VaultField[]\n}\n\n/**\n * Vault context state\n */\nexport interface VaultContextState {\n /** The vault client instance */\n client: VaultClient | null\n /** Vault items currently loaded */\n items: VaultItem[]\n /** Whether the vault is currently loading */\n loading: boolean\n /** Error message if vault operations failed */\n error: string | null\n /** Reload vault items */\n reload: () => Promise<void>\n /** Create a new vault item */\n createItem: (integrationId: string, credentials: Record<string, string>) => Promise<void>\n /** Rotate credentials for an existing item */\n rotateItem: (id: string, credentials: Record<string, string>) => Promise<void>\n /** Delete a vault item */\n deleteItem: (id: string) => Promise<void>\n /** Get field configuration for an integration */\n getIntegrationFields: (integrationId: string) => VaultField[]\n}\n\nconst VaultContext = createContext<VaultContextState | null>(null)\n\n/**\n * Props for VaultProvider\n */\nexport interface VaultProviderProps {\n /** Children to render */\n children: ReactNode\n /** Optional vault client implementation */\n client?: VaultClient\n /** Initial items to display (for SSR or static rendering) */\n initialItems?: VaultItem[]\n}\n\n/**\n * Default fields for unknown integrations\n */\nconst defaultFields: VaultField[] = [\n { key: 'api_key', label: 'API Key', type: 'password', required: true }\n]\n\n/**\n * Provider for vault state and operations\n *\n * Provides context for vault components to access the vault client\n * and perform CRUD operations on credentials.\n *\n * The actual vault.do SDK integration will be done in vault.do/react.\n * This provider is designed to be a generic wrapper that can work\n * with any vault backend implementation.\n *\n * @example\n * ```tsx\n * import { VaultProvider } from '@mdxui/auth'\n *\n * // Basic usage with a custom client\n * function App() {\n * return (\n * <VaultProvider client={myVaultClient}>\n * <VaultDashboard />\n * </VaultProvider>\n * )\n * }\n *\n * // Static/SSR usage with initial items\n * function App() {\n * return (\n * <VaultProvider initialItems={serverSideItems}>\n * <VaultDashboard />\n * </VaultProvider>\n * )\n * }\n * ```\n */\nexport function VaultProvider({\n children,\n client,\n initialItems = [],\n}: VaultProviderProps) {\n // Note: In a real implementation, this would use useState and useEffect\n // to manage state and load items from the client. For now, we provide\n // a basic structure that the vault.do SDK can extend.\n\n const contextValue = useMemo<VaultContextState>(() => {\n const getIntegrationFields = (integrationId: string): VaultField[] => {\n if (client?.getIntegrationFields) {\n return client.getIntegrationFields(integrationId)\n }\n return defaultFields\n }\n\n return {\n client: client ?? null,\n items: initialItems,\n loading: false,\n error: null,\n reload: async () => {\n if (!client) {\n console.warn('VaultProvider: No client provided, cannot reload')\n return\n }\n // Implementation would update state here\n await client.list()\n },\n createItem: async (integrationId, credentials) => {\n if (!client) {\n throw new Error('VaultProvider: No client provided')\n }\n await client.create(integrationId, credentials)\n },\n rotateItem: async (id, credentials) => {\n if (!client) {\n throw new Error('VaultProvider: No client provided')\n }\n await client.rotate(id, credentials)\n },\n deleteItem: async (id) => {\n if (!client) {\n throw new Error('VaultProvider: No client provided')\n }\n await client.delete(id)\n },\n getIntegrationFields,\n }\n }, [client, initialItems])\n\n return (\n <VaultContext.Provider value={contextValue}>\n {children}\n </VaultContext.Provider>\n )\n}\n\n/**\n * Hook to access vault context\n *\n * Must be used within a VaultProvider.\n *\n * @throws Error if used outside of VaultProvider\n */\nexport function useVaultContext(): VaultContextState {\n const context = useContext(VaultContext)\n if (!context) {\n throw new Error('useVaultContext must be used within a VaultProvider')\n }\n return context\n}\n\n/**\n * Hook to optionally access vault context\n *\n * Returns null if not within a VaultProvider.\n */\nexport function useVaultContextOptional(): VaultContextState | null {\n return useContext(VaultContext)\n}\n"],"mappings":";AAEA,SAAS,uBAAuB;;;ACAhC,SAAS,qBAAqB;AAC9B,SAAS,WAAW,gBAAgB;AAkGhC;AApFG,SAAS,oBAAoB;AAClC,QAAM,CAAC,SAAS,UAAU,IAAI,SAAS,KAAK;AAC5C,QAAM,CAAC,QAAQ,SAAS,IAAI,SAAS,KAAK;AAE1C,YAAU,MAAM;AACd,eAAW,IAAI;AAEf,UAAM,gBAAgB,MAAM;AAC1B,YAAM,cAAc,SAAS,gBAAgB,UAAU,SAAS,MAAM;AACtE,YAAM,cAAc,OAAO;AAAA,QACzB;AAAA,MACF,EAAE;AACF;AAAA,QACE,eACG,CAAC,SAAS,gBAAgB,UAAU,SAAS,OAAO,KAAK;AAAA,MAC9D;AAAA,IACF;AAEA,kBAAc;AAGd,UAAM,WAAW,IAAI,iBAAiB,aAAa;AACnD,aAAS,QAAQ,SAAS,iBAAiB;AAAA,MACzC,YAAY;AAAA,MACZ,iBAAiB,CAAC,OAAO;AAAA,IAC3B,CAAC;AAGD,UAAM,aAAa,OAAO,WAAW,8BAA8B;AACnE,eAAW,iBAAiB,UAAU,aAAa;AAEnD,WAAO,MAAM;AACX,eAAS,WAAW;AACpB,iBAAW,oBAAoB,UAAU,aAAa;AAAA,IACxD;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,SAAO,EAAE,QAAQ,QAAQ;AAC3B;AA8BO,SAAS,gBAAgB;AAAA,EAC9B;AAAA,EACA;AAAA,EACA,SAAS;AAAA,EACT,UAAU;AACZ,GAAyB;AACvB,QAAM,EAAE,QAAQ,QAAQ,IAAI,kBAAkB;AAI9C,QAAM,qBACJ,eAAe,UAAW,SAAS,SAAS,UAAW;AAIzD,SACE;AAAA,IAAC;AAAA;AAAA,MACC,OAAO;AAAA,QACL,YAAY;AAAA,QACZ;AAAA,QACA;AAAA,MACF;AAAA,MACA,UAAU;AAAA,QACR,eAAe;AAAA,UACb,SAAS;AAAA,QACX;AAAA,QACA,iBAAiB;AAAA,UACf,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MAEC;AAAA;AAAA,EACH;AAEJ;;;AD1CM,gBAAAA,YAAA;AAnCC,SAAS,iBAAiB;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAA0B;AAIxB,QAAM,sBACJ,gBACC,OAAO,WAAW,cAAc,OAAO,SAAS,SAAS;AAG5D,QAAM,yBACJ,uBACC,MAAM;AACL,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,MAAM,IAAI,IAAI,OAAO,SAAS,IAAI;AACxC,UAAI,aAAa,OAAO,MAAM;AAC9B,UAAI,aAAa,OAAO,OAAO;AAC/B,aAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,IAAI,QAAQ;AAAA,IAClD;AAAA,EACF;AAEF,SACE,gBAAAA;AAAA,IAAC;AAAA;AAAA,MACC;AAAA,MACA;AAAA,MACA;AAAA,MACA,aAAa;AAAA,MACb,oBAAoB;AAAA,MAEpB,0BAAAA,KAAC,mBAAiB,UAAS;AAAA;AAAA,EAC7B;AAEJ;;;AE9EA,SAAS,aAAAC,YAAW,cAAc;AAClC,SAAS,eAAe;AASlB,SA8GK,UA7GH,OAAAC,MADF;AAHN,SAAS,0BAA0B;AACjC,SACE,gBAAAA,KAAC,SAAI,WAAU,+DACb,+BAAC,SAAI,WAAU,oCACb;AAAA,oBAAAA,KAAC,SAAI,WAAU,kFAAiF;AAAA,IAChG,gBAAAA,KAAC,OAAE,WAAU,iCAAgC,wBAAU;AAAA,KACzD,GACF;AAEJ;AAKA,SAAS,qBAAqB;AAC5B,QAAM,EAAE,OAAO,IAAI,QAAQ;AAE3B,SACE,gBAAAA,KAAC,SAAI,WAAU,4EACb,+BAAC,SAAI,WAAU,wBACb;AAAA,oBAAAA,KAAC,QAAG,WAAU,0CAAyC,qBAAO;AAAA,IAC9D,gBAAAA,KAAC,OAAE,WAAU,8BAA6B,+CAE1C;AAAA,IACA,gBAAAA;AAAA,MAAC;AAAA;AAAA,QACC,MAAK;AAAA,QACL,SAAS,MAAM,OAAO;AAAA,QACtB,WAAU;AAAA,QACX;AAAA;AAAA,IAED;AAAA,KACF,GACF;AAEJ;AAmDO,SAAS,SAAS;AAAA,EACvB;AAAA,EACA,WAAW;AAAA,EACX;AAAA,EACA;AAAA,EACA,oBAAoB;AAAA,EACpB;AACF,GAAkB;AAChB,QAAM,EAAE,MAAM,WAAW,OAAO,IAAI,QAAQ;AAC5C,QAAM,eAAe,OAAO,KAAK;AAGjC,EAAAD,WAAU,MAAM;AACd,QAAI,sBAAsB,YAAY,CAAC,aAAa,CAAC,QAAQ,CAAC,aAAa,SAAS;AAClF,mBAAa,UAAU;AACvB,aAAO;AAAA,IACT;AAAA,EACF,GAAG,CAAC,mBAAmB,WAAW,MAAM,MAAM,CAAC;AAG/C,EAAAA,WAAU,MAAM;AACd,QAAI,MAAM;AACR,mBAAa,UAAU;AAAA,IACzB;AAAA,EACF,GAAG,CAAC,IAAI,CAAC;AAGT,MAAI,CAAC,UAAU;AACb,WAAO,gBAAAC,KAAA,YAAG,UAAS;AAAA,EACrB;AAGA,MAAI,WAAW;AACb,WAAO,gBAAAA,KAAA,YAAG,8BAAoB,gBAAAA,KAAC,2BAAwB,GAAG;AAAA,EAC5D;AAGA,MAAI,MAAM;AACR,WAAO,gBAAAA,KAAA,YAAG,UAAS;AAAA,EACrB;AAGA,UAAQ,mBAAmB;AAAA,IACzB,KAAK;AAEH,aAAO,gBAAAA,KAAA,YAAG,8BAAoB,gBAAAA,KAAC,2BAAwB,GAAG;AAAA,IAE5D,KAAK;AAEH,UAAI,eAAe,OAAO,WAAW,aAAa;AAChD,eAAO,SAAS,OAAO;AACvB,eACE,gBAAAA,KAAC,SAAI,WAAU,+DACb,0BAAAA,KAAC,OAAE,WAAU,iCAAgC,4BAAc,GAC7D;AAAA,MAEJ;AAEA,aAAO,gBAAAA,KAAA,YAAG,8BAAoB,gBAAAA,KAAC,sBAAmB,GAAG;AAAA,IAEvD,KAAK;AAEH,aAAO,gBAAAA,KAAA,YAAG,UAAS;AAAA,IAErB,KAAK;AAAA,IACL;AAEE,aAAO,gBAAAA,KAAA,YAAG,8BAAoB,gBAAAA,KAAC,sBAAmB,GAAG;AAAA,EACzD;AACF;;;ACjKA,SAAS,eAAe,YAAY,eAA+B;AAyJ/D,gBAAAC,YAAA;AA3GJ,IAAM,eAAe,cAAwC,IAAI;AAiBjE,IAAM,gBAA8B;AAAA,EAClC,EAAE,KAAK,WAAW,OAAO,WAAW,MAAM,YAAY,UAAU,KAAK;AACvE;AAmCO,SAAS,cAAc;AAAA,EAC5B;AAAA,EACA;AAAA,EACA,eAAe,CAAC;AAClB,GAAuB;AAKrB,QAAM,eAAe,QAA2B,MAAM;AACpD,UAAM,uBAAuB,CAAC,kBAAwC;AACpE,UAAI,QAAQ,sBAAsB;AAChC,eAAO,OAAO,qBAAqB,aAAa;AAAA,MAClD;AACA,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,MACL,QAAQ,UAAU;AAAA,MAClB,OAAO;AAAA,MACP,SAAS;AAAA,MACT,OAAO;AAAA,MACP,QAAQ,YAAY;AAClB,YAAI,CAAC,QAAQ;AACX,kBAAQ,KAAK,kDAAkD;AAC/D;AAAA,QACF;AAEA,cAAM,OAAO,KAAK;AAAA,MACpB;AAAA,MACA,YAAY,OAAO,eAAe,gBAAgB;AAChD,YAAI,CAAC,QAAQ;AACX,gBAAM,IAAI,MAAM,mCAAmC;AAAA,QACrD;AACA,cAAM,OAAO,OAAO,eAAe,WAAW;AAAA,MAChD;AAAA,MACA,YAAY,OAAO,IAAI,gBAAgB;AACrC,YAAI,CAAC,QAAQ;AACX,gBAAM,IAAI,MAAM,mCAAmC;AAAA,QACrD;AACA,cAAM,OAAO,OAAO,IAAI,WAAW;AAAA,MACrC;AAAA,MACA,YAAY,OAAO,OAAO;AACxB,YAAI,CAAC,QAAQ;AACX,gBAAM,IAAI,MAAM,mCAAmC;AAAA,QACrD;AACA,cAAM,OAAO,OAAO,EAAE;AAAA,MACxB;AAAA,MACA;AAAA,IACF;AAAA,EACF,GAAG,CAAC,QAAQ,YAAY,CAAC;AAEzB,SACE,gBAAAA,KAAC,aAAa,UAAb,EAAsB,OAAO,cAC3B,UACH;AAEJ;AASO,SAAS,kBAAqC;AACnD,QAAM,UAAU,WAAW,YAAY;AACvC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,qDAAqD;AAAA,EACvE;AACA,SAAO;AACT;AAOO,SAAS,0BAAoD;AAClE,SAAO,WAAW,YAAY;AAChC;","names":["jsx","useEffect","jsx","jsx"]}
|
package/dist/schemas/index.d.ts
CHANGED
|
@@ -25,6 +25,7 @@ declare const UnauthenticatedActionSchema: z.ZodEnum<{
|
|
|
25
25
|
landing: "landing";
|
|
26
26
|
redirect: "redirect";
|
|
27
27
|
allow: "allow";
|
|
28
|
+
signIn: "signIn";
|
|
28
29
|
}>;
|
|
29
30
|
type UnauthenticatedAction = z.infer<typeof UnauthenticatedActionSchema>;
|
|
30
31
|
/**
|
|
@@ -36,6 +37,7 @@ declare const AuthGatePropsSchema: z.ZodObject<{
|
|
|
36
37
|
landing: "landing";
|
|
37
38
|
redirect: "redirect";
|
|
38
39
|
allow: "allow";
|
|
40
|
+
signIn: "signIn";
|
|
39
41
|
}>>;
|
|
40
42
|
redirectUrl: z.ZodOptional<z.ZodString>;
|
|
41
43
|
}, z.core.$strip>;
|
|
@@ -73,6 +75,9 @@ declare const ScalingSchema: z.ZodEnum<{
|
|
|
73
75
|
type Scaling = z.infer<typeof ScalingSchema>;
|
|
74
76
|
/**
|
|
75
77
|
* WidgetsProviderPropsSchema - Props for WidgetsProvider component
|
|
78
|
+
*
|
|
79
|
+
* Note: Widgets always use api.workos.com - WorkOS custom domains do NOT
|
|
80
|
+
* support widget endpoints. Only authentication uses custom domains.
|
|
76
81
|
*/
|
|
77
82
|
declare const WidgetsProviderPropsSchema: z.ZodObject<{
|
|
78
83
|
appearance: z.ZodOptional<z.ZodEnum<{
|
package/dist/schemas/index.js
CHANGED
|
@@ -64,7 +64,7 @@ var IdentityProviderPropsSchema = z4.object({
|
|
|
64
64
|
redirectUri: z4.string().url().optional().describe("Redirect URI after authentication")
|
|
65
65
|
/** Note: onRedirectCallback and children are React-specific, not in schema */
|
|
66
66
|
});
|
|
67
|
-
var UnauthenticatedActionSchema = z4.enum(["landing", "redirect", "allow"]);
|
|
67
|
+
var UnauthenticatedActionSchema = z4.enum(["landing", "redirect", "allow", "signIn"]);
|
|
68
68
|
var AuthGatePropsSchema = z4.object({
|
|
69
69
|
/** Whether authentication is required (default: true) */
|
|
70
70
|
required: z4.boolean().optional().describe("Whether authentication is required"),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/schemas/auth-user.ts","../../src/schemas/auth-session.ts","../../src/schemas/auth-organization.ts","../../src/schemas/provider-props.ts","../../src/schemas/widget-props.ts"],"sourcesContent":["/**\n * AuthUser Schema\n *\n * Extends mdxui's UserIdentitySchema with WorkOS-specific fields.\n * AuthUser is fully compatible with UserIdentity - it can be used\n * anywhere a UserIdentity is expected.\n */\n\nimport { z } from 'zod'\nimport { UserIdentitySchema } from 'mdxui/zod'\n\n/**\n * AuthUserSchema - Extended user identity for WorkOS AuthKit\n *\n * Extends UserIdentitySchema with WorkOS-specific fields like\n * verification status and timestamps.\n *\n * @example\n * ```tsx\n * import { AuthUserSchema } from '@mdxui/auth/schemas'\n *\n * const result = AuthUserSchema.safeParse(user)\n * if (result.success) {\n * console.log(result.data.emailVerified)\n * }\n * ```\n */\nexport const AuthUserSchema = UserIdentitySchema.extend({\n // Override to be more specific (WorkOS guarantees string ID)\n id: z.string().describe('User ID from WorkOS'),\n\n // WorkOS requires email (not optional like UserIdentity)\n email: z.string().email().describe('Email address'),\n\n // WorkOS-specific fields not in UserIdentity\n emailVerified: z.boolean().describe('Email verification status'),\n\n // Timestamps\n createdAt: z.string().datetime().describe('Account creation timestamp'),\n updatedAt: z.string().datetime().describe('Last update timestamp'),\n lastSignInAt: z\n .string()\n .datetime()\n .nullable()\n .optional()\n .describe('Last sign-in timestamp'),\n})\n\n/**\n * AuthUser type inferred from schema\n *\n * This type is compatible with UserIdentity - an AuthUser can be\n * assigned to a variable of type UserIdentity.\n */\nexport type AuthUser = z.infer<typeof AuthUserSchema>\n","/**\n * AuthSession Schema\n *\n * Extends mdxui's SessionSchema with WorkOS-specific fields.\n */\n\nimport { z } from 'zod'\nimport { SessionSchema } from 'mdxui/zod'\n\n/**\n * ImpersonatorSchema - Info about admin impersonating a user\n */\nexport const ImpersonatorSchema = z.object({\n /** Impersonator's email address */\n email: z.string().email().describe(\"Impersonator's email address\"),\n /** Reason for impersonation */\n reason: z.string().optional().describe('Reason for impersonation'),\n})\n\nexport type Impersonator = z.infer<typeof ImpersonatorSchema>\n\n/**\n * AuthSessionSchema - Extended session for WorkOS AuthKit\n *\n * Extends SessionSchema with WorkOS-specific fields like\n * impersonation support.\n *\n * @example\n * ```tsx\n * import { AuthSessionSchema } from '@mdxui/auth/schemas'\n *\n * const result = AuthSessionSchema.safeParse(session)\n * if (result.success && result.data.impersonator) {\n * console.log('Being impersonated by:', result.data.impersonator.email)\n * }\n * ```\n */\nexport const AuthSessionSchema = SessionSchema.extend({\n // Override userId to be string (WorkOS uses string IDs)\n userId: z.string().describe('User ID'),\n\n // WorkOS-specific: impersonation support\n impersonator: ImpersonatorSchema.optional().describe(\n 'Impersonator info (if being impersonated)',\n ),\n})\n\n/**\n * AuthSession type inferred from schema\n */\nexport type AuthSession = z.infer<typeof AuthSessionSchema>\n","/**\n * AuthOrganization Schema\n *\n * Organization type for WorkOS AuthKit.\n */\n\nimport { z } from 'zod'\n\n/**\n * AuthOrganizationSchema - WorkOS organization\n *\n * Represents an organization/workspace in WorkOS.\n *\n * @example\n * ```tsx\n * import { AuthOrganizationSchema } from '@mdxui/auth/schemas'\n *\n * const result = AuthOrganizationSchema.safeParse(org)\n * if (result.success) {\n * console.log('Organization:', result.data.name)\n * }\n * ```\n */\nexport const AuthOrganizationSchema = z.object({\n /** Organization ID */\n id: z.string().describe('Organization ID'),\n /** Organization display name */\n name: z.string().describe('Organization name'),\n /** Organization slug (URL-friendly identifier) */\n slug: z.string().optional().describe('Organization slug'),\n /** Organization logo URL */\n logoUrl: z.string().url().optional().describe('Organization logo URL'),\n /** Whether the organization is active */\n active: z.boolean().optional().describe('Whether organization is active'),\n /** Custom domains for the organization */\n domains: z\n .array(z.string())\n .optional()\n .describe('Custom domains for the organization'),\n /** Additional metadata */\n metadata: z\n .record(z.string(), z.unknown())\n .optional()\n .describe('Additional metadata'),\n})\n\n/**\n * AuthOrganization type inferred from schema\n */\nexport type AuthOrganization = z.infer<typeof AuthOrganizationSchema>\n","/**\n * Provider Props Schemas\n *\n * Zod schemas for authentication provider component props.\n */\n\nimport { z } from 'zod'\n\n/**\n * IdentityProviderPropsSchema - Props for IdentityProvider component\n */\nexport const IdentityProviderPropsSchema = z.object({\n /** WorkOS client ID */\n clientId: z.string().describe('WorkOS client ID'),\n /** Optional API hostname override */\n apiHostname: z.string().optional().describe('Optional API hostname override'),\n /** Enable dev mode for local development */\n devMode: z.boolean().optional().describe('Enable dev mode for local development'),\n /** Redirect URI after authentication */\n redirectUri: z.string().url().optional().describe('Redirect URI after authentication'),\n /** Note: onRedirectCallback and children are React-specific, not in schema */\n})\n\nexport type IdentityProviderPropsSchemaType = z.infer<typeof IdentityProviderPropsSchema>\n\n/**\n * UnauthenticatedActionSchema - What to do when unauthenticated\n */\nexport const UnauthenticatedActionSchema = z.enum(['landing', 'redirect', 'allow'])\n\nexport type UnauthenticatedAction = z.infer<typeof UnauthenticatedActionSchema>\n\n/**\n * AuthGatePropsSchema - Props for AuthGate component\n */\nexport const AuthGatePropsSchema = z.object({\n /** Whether authentication is required (default: true) */\n required: z.boolean().optional().describe('Whether authentication is required'),\n /** What to do when unauthenticated */\n onUnauthenticated: UnauthenticatedActionSchema.optional().describe(\n 'What to do when unauthenticated',\n ),\n /** URL to redirect to when unauthenticated (if onUnauthenticated is \"redirect\") */\n redirectUrl: z\n .string()\n .url()\n .optional()\n .describe('URL to redirect to when unauthenticated'),\n /** Note: children, loadingComponent, landingComponent are React-specific */\n})\n\nexport type AuthGatePropsSchemaType = z.infer<typeof AuthGatePropsSchema>\n\n/**\n * AppearanceSchema - Theme appearance mode\n */\nexport const AppearanceSchema = z.enum(['light', 'dark', 'inherit'])\n\nexport type Appearance = z.infer<typeof AppearanceSchema>\n\n/**\n * RadiusSchema - Border radius style\n */\nexport const RadiusSchema = z.enum(['none', 'small', 'medium', 'large', 'full'])\n\nexport type Radius = z.infer<typeof RadiusSchema>\n\n/**\n * ScalingSchema - Scaling factor\n */\nexport const ScalingSchema = z.enum(['90%', '95%', '100%', '105%', '110%'])\n\nexport type Scaling = z.infer<typeof ScalingSchema>\n\n/**\n * WidgetsProviderPropsSchema - Props for WidgetsProvider component\n */\nexport const WidgetsProviderPropsSchema = z.object({\n /** Theme appearance mode */\n appearance: AppearanceSchema.optional().describe('Theme appearance mode'),\n /** Border radius style */\n radius: RadiusSchema.optional().describe('Border radius style'),\n /** Scaling factor */\n scaling: ScalingSchema.optional().describe('Scaling factor'),\n /** Note: children is React-specific, not in schema */\n})\n\nexport type WidgetsProviderPropsSchemaType = z.infer<typeof WidgetsProviderPropsSchema>\n","/**\n * Widget Props Schemas\n *\n * Zod schemas for WorkOS widget component props.\n */\n\nimport { z } from 'zod'\n\n/**\n * AuthTokenSchema - Auth token type\n *\n * Can be a string or a function that returns a Promise<string>.\n * Functions are represented as 'function' string in schema validation\n * since Zod can't validate function signatures.\n */\nexport const AuthTokenSchema = z.union([\n z.string().describe('Static auth token'),\n z.literal('function').describe('Token getter function'),\n])\n\n// Note: The actual TypeScript type is more specific\nexport type AuthTokenSchemaType = z.infer<typeof AuthTokenSchema>\n\n/**\n * BaseWidgetPropsSchema - Common props for all widget wrappers\n */\nexport const BaseWidgetPropsSchema = z.object({\n /** Auth token for the widget (string or getter function) */\n authToken: z.string().describe('Auth token for the widget'),\n /** CSS class name */\n className: z.string().optional().describe('CSS class name'),\n})\n\nexport type BaseWidgetPropsSchemaType = z.infer<typeof BaseWidgetPropsSchema>\n\n/**\n * OrganizationWidgetPropsSchema - Props for widgets that support organization context\n */\nexport const OrganizationWidgetPropsSchema = BaseWidgetPropsSchema.extend({\n /** Organization ID for org-scoped widgets */\n organizationId: z\n .string()\n .optional()\n .describe('Organization ID for org-scoped widgets'),\n})\n\nexport type OrganizationWidgetPropsSchemaType = z.infer<\n typeof OrganizationWidgetPropsSchema\n>\n\n/**\n * UseWidgetTokenOptionsSchema - Props for useWidgetToken hook\n */\nexport const UseWidgetTokenOptionsSchema = z.object({\n /** Widget type to fetch token for */\n widget: z.string().describe('Widget type to fetch token for'),\n /** Organization ID for org-scoped widgets */\n organizationId: z\n .string()\n .optional()\n .describe('Organization ID for org-scoped widgets'),\n /** Custom endpoint for fetching widget token */\n endpoint: z\n .string()\n .url()\n .optional()\n .describe('Custom endpoint for fetching widget token'),\n})\n\nexport type UseWidgetTokenOptionsSchemaType = z.infer<typeof UseWidgetTokenOptionsSchema>\n\n/**\n * UseWidgetTokenResultSchema - Result from useWidgetToken hook\n */\nexport const UseWidgetTokenResultSchema = z.object({\n /** The fetched token */\n token: z.string().nullable().describe('The fetched token'),\n /** Whether token is being fetched */\n loading: z.boolean().describe('Whether token is being fetched'),\n /** Error message if fetch failed */\n error: z.string().nullable().describe('Error message if fetch failed'),\n /** Note: refetch function is React-specific, not in schema */\n})\n\nexport type UseWidgetTokenResultSchemaType = z.infer<typeof UseWidgetTokenResultSchema>\n"],"mappings":";AAQA,SAAS,SAAS;AAClB,SAAS,0BAA0B;AAkB5B,IAAM,iBAAiB,mBAAmB,OAAO;AAAA;AAAA,EAEtD,IAAI,EAAE,OAAO,EAAE,SAAS,qBAAqB;AAAA;AAAA,EAG7C,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,eAAe;AAAA;AAAA,EAGlD,eAAe,EAAE,QAAQ,EAAE,SAAS,2BAA2B;AAAA;AAAA,EAG/D,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,4BAA4B;AAAA,EACtE,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,uBAAuB;AAAA,EACjE,cAAc,EACX,OAAO,EACP,SAAS,EACT,SAAS,EACT,SAAS,EACT,SAAS,wBAAwB;AACtC,CAAC;;;ACxCD,SAAS,KAAAA,UAAS;AAClB,SAAS,qBAAqB;AAKvB,IAAM,qBAAqBA,GAAE,OAAO;AAAA;AAAA,EAEzC,OAAOA,GAAE,OAAO,EAAE,MAAM,EAAE,SAAS,8BAA8B;AAAA;AAAA,EAEjE,QAAQA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,0BAA0B;AACnE,CAAC;AAoBM,IAAM,oBAAoB,cAAc,OAAO;AAAA;AAAA,EAEpD,QAAQA,GAAE,OAAO,EAAE,SAAS,SAAS;AAAA;AAAA,EAGrC,cAAc,mBAAmB,SAAS,EAAE;AAAA,IAC1C;AAAA,EACF;AACF,CAAC;;;ACvCD,SAAS,KAAAC,UAAS;AAiBX,IAAM,yBAAyBA,GAAE,OAAO;AAAA;AAAA,EAE7C,IAAIA,GAAE,OAAO,EAAE,SAAS,iBAAiB;AAAA;AAAA,EAEzC,MAAMA,GAAE,OAAO,EAAE,SAAS,mBAAmB;AAAA;AAAA,EAE7C,MAAMA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,mBAAmB;AAAA;AAAA,EAExD,SAASA,GAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,uBAAuB;AAAA;AAAA,EAErE,QAAQA,GAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAExE,SAASA,GACN,MAAMA,GAAE,OAAO,CAAC,EAChB,SAAS,EACT,SAAS,qCAAqC;AAAA;AAAA,EAEjD,UAAUA,GACP,OAAOA,GAAE,OAAO,GAAGA,GAAE,QAAQ,CAAC,EAC9B,SAAS,EACT,SAAS,qBAAqB;AACnC,CAAC;;;ACtCD,SAAS,KAAAC,UAAS;AAKX,IAAM,8BAA8BA,GAAE,OAAO;AAAA;AAAA,EAElD,UAAUA,GAAE,OAAO,EAAE,SAAS,kBAAkB;AAAA;AAAA,EAEhD,aAAaA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAE5E,SAASA,GAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,uCAAuC;AAAA;AAAA,EAEhF,aAAaA,GAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,mCAAmC;AAAA;AAEvF,CAAC;AAOM,IAAM,8BAA8BA,GAAE,KAAK,CAAC,WAAW,YAAY,OAAO,CAAC;AAO3E,IAAM,sBAAsBA,GAAE,OAAO;AAAA;AAAA,EAE1C,UAAUA,GAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,oCAAoC;AAAA;AAAA,EAE9E,mBAAmB,4BAA4B,SAAS,EAAE;AAAA,IACxD;AAAA,EACF;AAAA;AAAA,EAEA,aAAaA,GACV,OAAO,EACP,IAAI,EACJ,SAAS,EACT,SAAS,yCAAyC;AAAA;AAEvD,CAAC;AAOM,IAAM,mBAAmBA,GAAE,KAAK,CAAC,SAAS,QAAQ,SAAS,CAAC;AAO5D,IAAM,eAAeA,GAAE,KAAK,CAAC,QAAQ,SAAS,UAAU,SAAS,MAAM,CAAC;AAOxE,IAAM,gBAAgBA,GAAE,KAAK,CAAC,OAAO,OAAO,QAAQ,QAAQ,MAAM,CAAC;AAOnE,IAAM,6BAA6BA,GAAE,OAAO;AAAA;AAAA,EAEjD,YAAY,iBAAiB,SAAS,EAAE,SAAS,uBAAuB;AAAA;AAAA,EAExE,QAAQ,aAAa,SAAS,EAAE,SAAS,qBAAqB;AAAA;AAAA,EAE9D,SAAS,cAAc,SAAS,EAAE,SAAS,gBAAgB;AAAA;AAE7D,CAAC;;;AC/ED,SAAS,KAAAC,UAAS;AASX,IAAM,kBAAkBA,GAAE,MAAM;AAAA,EACrCA,GAAE,OAAO,EAAE,SAAS,mBAAmB;AAAA,EACvCA,GAAE,QAAQ,UAAU,EAAE,SAAS,uBAAuB;AACxD,CAAC;AAQM,IAAM,wBAAwBA,GAAE,OAAO;AAAA;AAAA,EAE5C,WAAWA,GAAE,OAAO,EAAE,SAAS,2BAA2B;AAAA;AAAA,EAE1D,WAAWA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,gBAAgB;AAC5D,CAAC;AAOM,IAAM,gCAAgC,sBAAsB,OAAO;AAAA;AAAA,EAExE,gBAAgBA,GACb,OAAO,EACP,SAAS,EACT,SAAS,wCAAwC;AACtD,CAAC;AASM,IAAM,8BAA8BA,GAAE,OAAO;AAAA;AAAA,EAElD,QAAQA,GAAE,OAAO,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAE5D,gBAAgBA,GACb,OAAO,EACP,SAAS,EACT,SAAS,wCAAwC;AAAA;AAAA,EAEpD,UAAUA,GACP,OAAO,EACP,IAAI,EACJ,SAAS,EACT,SAAS,2CAA2C;AACzD,CAAC;AAOM,IAAM,6BAA6BA,GAAE,OAAO;AAAA;AAAA,EAEjD,OAAOA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,mBAAmB;AAAA;AAAA,EAEzD,SAASA,GAAE,QAAQ,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAE9D,OAAOA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,+BAA+B;AAAA;AAEvE,CAAC;","names":["z","z","z","z"]}
|
|
1
|
+
{"version":3,"sources":["../../src/schemas/auth-user.ts","../../src/schemas/auth-session.ts","../../src/schemas/auth-organization.ts","../../src/schemas/provider-props.ts","../../src/schemas/widget-props.ts"],"sourcesContent":["/**\n * AuthUser Schema\n *\n * Extends mdxui's UserIdentitySchema with WorkOS-specific fields.\n * AuthUser is fully compatible with UserIdentity - it can be used\n * anywhere a UserIdentity is expected.\n */\n\nimport { z } from 'zod'\nimport { UserIdentitySchema } from 'mdxui/zod'\n\n/**\n * AuthUserSchema - Extended user identity for WorkOS AuthKit\n *\n * Extends UserIdentitySchema with WorkOS-specific fields like\n * verification status and timestamps.\n *\n * @example\n * ```tsx\n * import { AuthUserSchema } from '@mdxui/auth/schemas'\n *\n * const result = AuthUserSchema.safeParse(user)\n * if (result.success) {\n * console.log(result.data.emailVerified)\n * }\n * ```\n */\nexport const AuthUserSchema = UserIdentitySchema.extend({\n // Override to be more specific (WorkOS guarantees string ID)\n id: z.string().describe('User ID from WorkOS'),\n\n // WorkOS requires email (not optional like UserIdentity)\n email: z.string().email().describe('Email address'),\n\n // WorkOS-specific fields not in UserIdentity\n emailVerified: z.boolean().describe('Email verification status'),\n\n // Timestamps\n createdAt: z.string().datetime().describe('Account creation timestamp'),\n updatedAt: z.string().datetime().describe('Last update timestamp'),\n lastSignInAt: z\n .string()\n .datetime()\n .nullable()\n .optional()\n .describe('Last sign-in timestamp'),\n})\n\n/**\n * AuthUser type inferred from schema\n *\n * This type is compatible with UserIdentity - an AuthUser can be\n * assigned to a variable of type UserIdentity.\n */\nexport type AuthUser = z.infer<typeof AuthUserSchema>\n","/**\n * AuthSession Schema\n *\n * Extends mdxui's SessionSchema with WorkOS-specific fields.\n */\n\nimport { z } from 'zod'\nimport { SessionSchema } from 'mdxui/zod'\n\n/**\n * ImpersonatorSchema - Info about admin impersonating a user\n */\nexport const ImpersonatorSchema = z.object({\n /** Impersonator's email address */\n email: z.string().email().describe(\"Impersonator's email address\"),\n /** Reason for impersonation */\n reason: z.string().optional().describe('Reason for impersonation'),\n})\n\nexport type Impersonator = z.infer<typeof ImpersonatorSchema>\n\n/**\n * AuthSessionSchema - Extended session for WorkOS AuthKit\n *\n * Extends SessionSchema with WorkOS-specific fields like\n * impersonation support.\n *\n * @example\n * ```tsx\n * import { AuthSessionSchema } from '@mdxui/auth/schemas'\n *\n * const result = AuthSessionSchema.safeParse(session)\n * if (result.success && result.data.impersonator) {\n * console.log('Being impersonated by:', result.data.impersonator.email)\n * }\n * ```\n */\nexport const AuthSessionSchema = SessionSchema.extend({\n // Override userId to be string (WorkOS uses string IDs)\n userId: z.string().describe('User ID'),\n\n // WorkOS-specific: impersonation support\n impersonator: ImpersonatorSchema.optional().describe(\n 'Impersonator info (if being impersonated)',\n ),\n})\n\n/**\n * AuthSession type inferred from schema\n */\nexport type AuthSession = z.infer<typeof AuthSessionSchema>\n","/**\n * AuthOrganization Schema\n *\n * Organization type for WorkOS AuthKit.\n */\n\nimport { z } from 'zod'\n\n/**\n * AuthOrganizationSchema - WorkOS organization\n *\n * Represents an organization/workspace in WorkOS.\n *\n * @example\n * ```tsx\n * import { AuthOrganizationSchema } from '@mdxui/auth/schemas'\n *\n * const result = AuthOrganizationSchema.safeParse(org)\n * if (result.success) {\n * console.log('Organization:', result.data.name)\n * }\n * ```\n */\nexport const AuthOrganizationSchema = z.object({\n /** Organization ID */\n id: z.string().describe('Organization ID'),\n /** Organization display name */\n name: z.string().describe('Organization name'),\n /** Organization slug (URL-friendly identifier) */\n slug: z.string().optional().describe('Organization slug'),\n /** Organization logo URL */\n logoUrl: z.string().url().optional().describe('Organization logo URL'),\n /** Whether the organization is active */\n active: z.boolean().optional().describe('Whether organization is active'),\n /** Custom domains for the organization */\n domains: z\n .array(z.string())\n .optional()\n .describe('Custom domains for the organization'),\n /** Additional metadata */\n metadata: z\n .record(z.string(), z.unknown())\n .optional()\n .describe('Additional metadata'),\n})\n\n/**\n * AuthOrganization type inferred from schema\n */\nexport type AuthOrganization = z.infer<typeof AuthOrganizationSchema>\n","/**\n * Provider Props Schemas\n *\n * Zod schemas for authentication provider component props.\n */\n\nimport { z } from 'zod'\n\n/**\n * IdentityProviderPropsSchema - Props for IdentityProvider component\n */\nexport const IdentityProviderPropsSchema = z.object({\n /** WorkOS client ID */\n clientId: z.string().describe('WorkOS client ID'),\n /** Optional API hostname override */\n apiHostname: z.string().optional().describe('Optional API hostname override'),\n /** Enable dev mode for local development */\n devMode: z.boolean().optional().describe('Enable dev mode for local development'),\n /** Redirect URI after authentication */\n redirectUri: z.string().url().optional().describe('Redirect URI after authentication'),\n /** Note: onRedirectCallback and children are React-specific, not in schema */\n})\n\nexport type IdentityProviderPropsSchemaType = z.infer<typeof IdentityProviderPropsSchema>\n\n/**\n * UnauthenticatedActionSchema - What to do when unauthenticated\n */\nexport const UnauthenticatedActionSchema = z.enum(['landing', 'redirect', 'allow', 'signIn'])\n\nexport type UnauthenticatedAction = z.infer<typeof UnauthenticatedActionSchema>\n\n/**\n * AuthGatePropsSchema - Props for AuthGate component\n */\nexport const AuthGatePropsSchema = z.object({\n /** Whether authentication is required (default: true) */\n required: z.boolean().optional().describe('Whether authentication is required'),\n /** What to do when unauthenticated */\n onUnauthenticated: UnauthenticatedActionSchema.optional().describe(\n 'What to do when unauthenticated',\n ),\n /** URL to redirect to when unauthenticated (if onUnauthenticated is \"redirect\") */\n redirectUrl: z\n .string()\n .url()\n .optional()\n .describe('URL to redirect to when unauthenticated'),\n /** Note: children, loadingComponent, landingComponent are React-specific */\n})\n\nexport type AuthGatePropsSchemaType = z.infer<typeof AuthGatePropsSchema>\n\n/**\n * AppearanceSchema - Theme appearance mode\n */\nexport const AppearanceSchema = z.enum(['light', 'dark', 'inherit'])\n\nexport type Appearance = z.infer<typeof AppearanceSchema>\n\n/**\n * RadiusSchema - Border radius style\n */\nexport const RadiusSchema = z.enum(['none', 'small', 'medium', 'large', 'full'])\n\nexport type Radius = z.infer<typeof RadiusSchema>\n\n/**\n * ScalingSchema - Scaling factor\n */\nexport const ScalingSchema = z.enum(['90%', '95%', '100%', '105%', '110%'])\n\nexport type Scaling = z.infer<typeof ScalingSchema>\n\n/**\n * WidgetsProviderPropsSchema - Props for WidgetsProvider component\n *\n * Note: Widgets always use api.workos.com - WorkOS custom domains do NOT\n * support widget endpoints. Only authentication uses custom domains.\n */\nexport const WidgetsProviderPropsSchema = z.object({\n /** Theme appearance mode */\n appearance: AppearanceSchema.optional().describe('Theme appearance mode'),\n /** Border radius style */\n radius: RadiusSchema.optional().describe('Border radius style'),\n /** Scaling factor */\n scaling: ScalingSchema.optional().describe('Scaling factor'),\n /** Note: children is React-specific, not in schema */\n})\n\nexport type WidgetsProviderPropsSchemaType = z.infer<typeof WidgetsProviderPropsSchema>\n","/**\n * Widget Props Schemas\n *\n * Zod schemas for WorkOS widget component props.\n */\n\nimport { z } from 'zod'\n\n/**\n * AuthTokenSchema - Auth token type\n *\n * Can be a string or a function that returns a Promise<string>.\n * Functions are represented as 'function' string in schema validation\n * since Zod can't validate function signatures.\n */\nexport const AuthTokenSchema = z.union([\n z.string().describe('Static auth token'),\n z.literal('function').describe('Token getter function'),\n])\n\n// Note: The actual TypeScript type is more specific\nexport type AuthTokenSchemaType = z.infer<typeof AuthTokenSchema>\n\n/**\n * BaseWidgetPropsSchema - Common props for all widget wrappers\n */\nexport const BaseWidgetPropsSchema = z.object({\n /** Auth token for the widget (string or getter function) */\n authToken: z.string().describe('Auth token for the widget'),\n /** CSS class name */\n className: z.string().optional().describe('CSS class name'),\n})\n\nexport type BaseWidgetPropsSchemaType = z.infer<typeof BaseWidgetPropsSchema>\n\n/**\n * OrganizationWidgetPropsSchema - Props for widgets that support organization context\n */\nexport const OrganizationWidgetPropsSchema = BaseWidgetPropsSchema.extend({\n /** Organization ID for org-scoped widgets */\n organizationId: z\n .string()\n .optional()\n .describe('Organization ID for org-scoped widgets'),\n})\n\nexport type OrganizationWidgetPropsSchemaType = z.infer<\n typeof OrganizationWidgetPropsSchema\n>\n\n/**\n * UseWidgetTokenOptionsSchema - Props for useWidgetToken hook\n */\nexport const UseWidgetTokenOptionsSchema = z.object({\n /** Widget type to fetch token for */\n widget: z.string().describe('Widget type to fetch token for'),\n /** Organization ID for org-scoped widgets */\n organizationId: z\n .string()\n .optional()\n .describe('Organization ID for org-scoped widgets'),\n /** Custom endpoint for fetching widget token */\n endpoint: z\n .string()\n .url()\n .optional()\n .describe('Custom endpoint for fetching widget token'),\n})\n\nexport type UseWidgetTokenOptionsSchemaType = z.infer<typeof UseWidgetTokenOptionsSchema>\n\n/**\n * UseWidgetTokenResultSchema - Result from useWidgetToken hook\n */\nexport const UseWidgetTokenResultSchema = z.object({\n /** The fetched token */\n token: z.string().nullable().describe('The fetched token'),\n /** Whether token is being fetched */\n loading: z.boolean().describe('Whether token is being fetched'),\n /** Error message if fetch failed */\n error: z.string().nullable().describe('Error message if fetch failed'),\n /** Note: refetch function is React-specific, not in schema */\n})\n\nexport type UseWidgetTokenResultSchemaType = z.infer<typeof UseWidgetTokenResultSchema>\n"],"mappings":";AAQA,SAAS,SAAS;AAClB,SAAS,0BAA0B;AAkB5B,IAAM,iBAAiB,mBAAmB,OAAO;AAAA;AAAA,EAEtD,IAAI,EAAE,OAAO,EAAE,SAAS,qBAAqB;AAAA;AAAA,EAG7C,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,eAAe;AAAA;AAAA,EAGlD,eAAe,EAAE,QAAQ,EAAE,SAAS,2BAA2B;AAAA;AAAA,EAG/D,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,4BAA4B;AAAA,EACtE,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,uBAAuB;AAAA,EACjE,cAAc,EACX,OAAO,EACP,SAAS,EACT,SAAS,EACT,SAAS,EACT,SAAS,wBAAwB;AACtC,CAAC;;;ACxCD,SAAS,KAAAA,UAAS;AAClB,SAAS,qBAAqB;AAKvB,IAAM,qBAAqBA,GAAE,OAAO;AAAA;AAAA,EAEzC,OAAOA,GAAE,OAAO,EAAE,MAAM,EAAE,SAAS,8BAA8B;AAAA;AAAA,EAEjE,QAAQA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,0BAA0B;AACnE,CAAC;AAoBM,IAAM,oBAAoB,cAAc,OAAO;AAAA;AAAA,EAEpD,QAAQA,GAAE,OAAO,EAAE,SAAS,SAAS;AAAA;AAAA,EAGrC,cAAc,mBAAmB,SAAS,EAAE;AAAA,IAC1C;AAAA,EACF;AACF,CAAC;;;ACvCD,SAAS,KAAAC,UAAS;AAiBX,IAAM,yBAAyBA,GAAE,OAAO;AAAA;AAAA,EAE7C,IAAIA,GAAE,OAAO,EAAE,SAAS,iBAAiB;AAAA;AAAA,EAEzC,MAAMA,GAAE,OAAO,EAAE,SAAS,mBAAmB;AAAA;AAAA,EAE7C,MAAMA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,mBAAmB;AAAA;AAAA,EAExD,SAASA,GAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,uBAAuB;AAAA;AAAA,EAErE,QAAQA,GAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAExE,SAASA,GACN,MAAMA,GAAE,OAAO,CAAC,EAChB,SAAS,EACT,SAAS,qCAAqC;AAAA;AAAA,EAEjD,UAAUA,GACP,OAAOA,GAAE,OAAO,GAAGA,GAAE,QAAQ,CAAC,EAC9B,SAAS,EACT,SAAS,qBAAqB;AACnC,CAAC;;;ACtCD,SAAS,KAAAC,UAAS;AAKX,IAAM,8BAA8BA,GAAE,OAAO;AAAA;AAAA,EAElD,UAAUA,GAAE,OAAO,EAAE,SAAS,kBAAkB;AAAA;AAAA,EAEhD,aAAaA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAE5E,SAASA,GAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,uCAAuC;AAAA;AAAA,EAEhF,aAAaA,GAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,mCAAmC;AAAA;AAEvF,CAAC;AAOM,IAAM,8BAA8BA,GAAE,KAAK,CAAC,WAAW,YAAY,SAAS,QAAQ,CAAC;AAOrF,IAAM,sBAAsBA,GAAE,OAAO;AAAA;AAAA,EAE1C,UAAUA,GAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,oCAAoC;AAAA;AAAA,EAE9E,mBAAmB,4BAA4B,SAAS,EAAE;AAAA,IACxD;AAAA,EACF;AAAA;AAAA,EAEA,aAAaA,GACV,OAAO,EACP,IAAI,EACJ,SAAS,EACT,SAAS,yCAAyC;AAAA;AAEvD,CAAC;AAOM,IAAM,mBAAmBA,GAAE,KAAK,CAAC,SAAS,QAAQ,SAAS,CAAC;AAO5D,IAAM,eAAeA,GAAE,KAAK,CAAC,QAAQ,SAAS,UAAU,SAAS,MAAM,CAAC;AAOxE,IAAM,gBAAgBA,GAAE,KAAK,CAAC,OAAO,OAAO,QAAQ,QAAQ,MAAM,CAAC;AAUnE,IAAM,6BAA6BA,GAAE,OAAO;AAAA;AAAA,EAEjD,YAAY,iBAAiB,SAAS,EAAE,SAAS,uBAAuB;AAAA;AAAA,EAExE,QAAQ,aAAa,SAAS,EAAE,SAAS,qBAAqB;AAAA;AAAA,EAE9D,SAAS,cAAc,SAAS,EAAE,SAAS,gBAAgB;AAAA;AAE7D,CAAC;;;AClFD,SAAS,KAAAC,UAAS;AASX,IAAM,kBAAkBA,GAAE,MAAM;AAAA,EACrCA,GAAE,OAAO,EAAE,SAAS,mBAAmB;AAAA,EACvCA,GAAE,QAAQ,UAAU,EAAE,SAAS,uBAAuB;AACxD,CAAC;AAQM,IAAM,wBAAwBA,GAAE,OAAO;AAAA;AAAA,EAE5C,WAAWA,GAAE,OAAO,EAAE,SAAS,2BAA2B;AAAA;AAAA,EAE1D,WAAWA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,gBAAgB;AAC5D,CAAC;AAOM,IAAM,gCAAgC,sBAAsB,OAAO;AAAA;AAAA,EAExE,gBAAgBA,GACb,OAAO,EACP,SAAS,EACT,SAAS,wCAAwC;AACtD,CAAC;AASM,IAAM,8BAA8BA,GAAE,OAAO;AAAA;AAAA,EAElD,QAAQA,GAAE,OAAO,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAE5D,gBAAgBA,GACb,OAAO,EACP,SAAS,EACT,SAAS,wCAAwC;AAAA;AAAA,EAEpD,UAAUA,GACP,OAAO,EACP,IAAI,EACJ,SAAS,EACT,SAAS,2CAA2C;AACzD,CAAC;AAOM,IAAM,6BAA6BA,GAAE,OAAO;AAAA;AAAA,EAEjD,OAAOA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,mBAAmB;AAAA;AAAA,EAEzD,SAASA,GAAE,QAAQ,EAAE,SAAS,gCAAgC;AAAA;AAAA,EAE9D,OAAOA,GAAE,OAAO,EAAE,SAAS,EAAE,SAAS,+BAA+B;AAAA;AAEvE,CAAC;","names":["z","z","z","z"]}
|