@ogcio/sag-client 0.2.0

package/dist/auth.js

@@ -0,0 +1,154 @@
+/**
+ * Standalone authentication helpers for the Secure API Gateway.
+ *
+ * These are pure functions — no React, no framework dependency.
+ * They accept `gatewayUrl` (and optionally `appName`) so they
+ * can be called without a SagClient instance.
+ */
+/**
+ * Check if the user is authenticated against the gateway.
+ */
+export async function checkAuth(gatewayUrl) {
+    try {
+        const res = await fetch(`${gatewayUrl}/auth/status`, {
+            credentials: "include",
+        });
+        return (await res.json());
+    }
+    catch (error) {
+        console.error("Error checking auth", error);
+        return { authenticated: false };
+    }
+}
+/**
+ * Check if the authentication service (Logto) is reachable.
+ */
+export async function checkHealth(gatewayUrl) {
+    try {
+        const res = await fetch(`${gatewayUrl}/auth/health`, {
+            credentials: "include",
+        });
+        const data = (await res.json());
+        return { available: res.ok && data.status === "healthy" };
+    }
+    catch (_a) {
+        return { available: false };
+    }
+}
+/**
+ * Invalidate the current server session so the next sign-in
+ * fetches fresh claims.  Used after onboarding completes (the user
+ * gains new roles that must appear in the next ID token).
+ */
+export async function invalidateSession(gatewayUrl) {
+    await fetch(`${gatewayUrl}/auth/invalidate-session`, {
+        method: "POST",
+        credentials: "include",
+    });
+}
+/**
+ * Fetch structured organization data for the authenticated user.
+ * Requires an active session. Returns an empty array if not authenticated.
+ */
+export async function fetchOrganizations(gatewayUrl) {
+    var _a;
+    try {
+        const res = await fetch(`${gatewayUrl}/auth/organizations`, {
+            credentials: "include",
+        });
+        if (!res.ok)
+            return [];
+        const data = (await res.json());
+        return (_a = data.organizations) !== null && _a !== void 0 ? _a : [];
+    }
+    catch (_b) {
+        return [];
+    }
+}
+/**
+ * Set the user's currently selected organization on the gateway.
+ * Persists as a signed cookie.
+ */
+export async function selectOrganization(gatewayUrl, organizationId) {
+    try {
+        const res = await fetch(`${gatewayUrl}/auth/select-organization`, {
+            method: "POST",
+            credentials: "include",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({ organizationId }),
+        });
+        return res.ok;
+    }
+    catch (_a) {
+        return false;
+    }
+}
+/**
+ * Get the user's currently selected organization from the gateway.
+ */
+export async function getSelectedOrganization(gatewayUrl) {
+    var _a;
+    try {
+        const res = await fetch(`${gatewayUrl}/auth/selected-organization`, {
+            credentials: "include",
+        });
+        if (!res.ok)
+            return null;
+        const data = (await res.json());
+        return (_a = data.organizationId) !== null && _a !== void 0 ? _a : null;
+    }
+    catch (_b) {
+        return null;
+    }
+}
+/**
+ * Clear the user's organization selection on the gateway.
+ */
+export async function clearSelectedOrganization(gatewayUrl) {
+    try {
+        const res = await fetch(`${gatewayUrl}/auth/selected-organization`, {
+            method: "DELETE",
+            credentials: "include",
+        });
+        return res.ok;
+    }
+    catch (_a) {
+        return false;
+    }
+}
+/**
+ * Submit a hidden form via POST to trigger a full-page navigation.
+ *
+ * Using POST (instead of GET via window.location.href) provides CSRF
+ * protection: browsers do not send sameSite:"lax" cookies on cross-site
+ * POST requests, so an attacker page cannot trigger auth actions.
+ */
+function postNavigate(url) {
+    const form = document.createElement("form");
+    form.method = "POST";
+    form.action = url;
+    document.body.appendChild(form);
+    form.submit();
+}
+/**
+ * Redirect the user to the gateway sign-in endpoint.
+ *
+ * @param gatewayUrl - Secure API Gateway base URL.
+ * @param app        - Application name registered in the gateway.
+ * @param options    - Optional sign-in options (connector, redirectUrl).
+ */
+export function signIn(gatewayUrl, app, options) {
+    const params = new URLSearchParams({ app });
+    if (options === null || options === void 0 ? void 0 : options.connector)
+        params.set("connector", options.connector);
+    if (options === null || options === void 0 ? void 0 : options.redirectUrl)
+        params.set("redirectUrl", options.redirectUrl);
+    postNavigate(`${gatewayUrl}/auth/sign-in?${params.toString()}`);
+}
+/**
+ * Redirect the user to the gateway sign-out endpoint.
+ */
+export function signOut(gatewayUrl, app) {
+    postNavigate(`${gatewayUrl}/auth/sign-out?app=${encodeURIComponent(app)}`);
+}
+//# sourceMappingURL=auth.js.map

package/dist/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,UAAkB;IAChD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,cAAc,EAAE;YACnD,WAAW,EAAE,SAAS;SACvB,CAAC,CAAA;QACF,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAe,CAAA;IACzC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,KAAK,CAAC,CAAA;QAC3C,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAA;IACjC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,cAAc,EAAE;YACnD,WAAW,EAAE,SAAS;SACvB,CAAC,CAAA;QACF,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAwB,CAAA;QACtD,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,EAAE,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAA;IAC3D,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAA;IAC7B,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,UAAkB;IACxD,MAAM,KAAK,CAAC,GAAG,UAAU,0BAA0B,EAAE;QACnD,MAAM,EAAE,MAAM;QACd,WAAW,EAAE,SAAS;KACvB,CAAC,CAAA;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,UAAkB;;IAElB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,qBAAqB,EAAE;YAC1D,WAAW,EAAE,SAAS;SACvB,CAAC,CAAA;QACF,IAAI,CAAC,GAAG,CAAC,EAAE;YAAE,OAAO,EAAE,CAAA;QACtB,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA2C,CAAA;QACzE,OAAO,MAAA,IAAI,CAAC,aAAa,mCAAI,EAAE,CAAA;IACjC,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,EAAE,CAAA;IACX,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,UAAkB,EAClB,cAAsB;IAEtB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,2BAA2B,EAAE;YAChE,MAAM,EAAE,MAAM;YACd,WAAW,EAAE,SAAS;YACtB,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,cAAc,EAAE,CAAC;SACzC,CAAC,CAAA;QACF,OAAO,GAAG,CAAC,EAAE,CAAA;IACf,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,UAAkB;;IAElB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,6BAA6B,EAAE;YAClE,WAAW,EAAE,SAAS;SACvB,CAAC,CAAA;QACF,IAAI,CAAC,GAAG,CAAC,EAAE;YAAE,OAAO,IAAI,CAAA;QACxB,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAuC,CAAA;QACrE,OAAO,MAAA,IAAI,CAAC,cAAc,mCAAI,IAAI,CAAA;IACpC,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,6BAA6B,EAAE;YAClE,MAAM,EAAE,QAAQ;YAChB,WAAW,EAAE,SAAS;SACvB,CAAC,CAAA;QACF,OAAO,GAAG,CAAC,EAAE,CAAA;IACf,CAAC;IAAC,WAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,YAAY,CAAC,GAAW;IAC/B,MAAM,IAAI,GAAG,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAA;IAC3C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACpB,IAAI,CAAC,MAAM,GAAG,GAAG,CAAA;IACjB,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;IAC/B,IAAI,CAAC,MAAM,EAAE,CAAA;AACf,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,MAAM,CACpB,UAAkB,EAClB,GAAW,EACX,OAAuB;IAEvB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC,CAAA;IAC3C,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS;QAAE,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,SAAS,CAAC,CAAA;IAClE,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW;QAAE,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,WAAW,CAAC,CAAA;IACxE,YAAY,CAAC,GAAG,UAAU,iBAAiB,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;AACjE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,OAAO,CAAC,UAAkB,EAAE,GAAW;IACrD,YAAY,CAAC,GAAG,UAAU,sBAAsB,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;AAC5E,CAAC"}

package/dist/client.d.ts

@@ -0,0 +1,93 @@
+/**
+ * SagClient — framework-agnostic client for the Secure API Gateway.
+ *
+ * Encapsulates `gatewayUrl` and `appName` so consumers don't have to
+ * pass them to every function call.
+ *
+ * ```ts
+ * const client = new SagClient({ gatewayUrl: "http://localhost:3333", appName: "cars" })
+ * const status = await client.checkAuth()
+ * const { data } = await client.fetch<Car[]>("/cars")
+ * ```
+ */
+import type { AuthStatus, GatewayFetchOptions, MutationMethod, OrganizationInfo, SagClientConfig, SignInOptions } from "./types";
+export declare class SagClient {
+    readonly gatewayUrl: string;
+    readonly appName: string;
+    private readonly onSessionExpired?;
+    constructor(config: SagClientConfig);
+    /** Check if the user is authenticated. */
+    checkAuth(): Promise<AuthStatus>;
+    /** Check if the authentication service (Logto) is reachable. */
+    checkHealth(): Promise<{
+        available: boolean;
+    }>;
+    /**
+     * Redirect the user to the gateway sign-in endpoint.
+     *
+     * @param options - Optional sign-in options (connector selection, redirect URL).
+     */
+    signIn(options?: SignInOptions): void;
+    /** Redirect the user to the gateway sign-out endpoint. */
+    signOut(): void;
+    /**
+     * Invalidate the server session so the next sign-in fetches fresh claims.
+     * Use after onboarding or any flow that changes the user's roles.
+     */
+    invalidateSession(): Promise<void>;
+    /**
+     * Fetch structured organization data for the authenticated user.
+     * Requires an active session. Returns an empty array if not authenticated.
+     */
+    fetchOrganizations(): Promise<OrganizationInfo[]>;
+    /** Set the user's currently selected organization. */
+    selectOrganization(organizationId: string): Promise<boolean>;
+    /** Get the user's currently selected organization ID. */
+    getSelectedOrganization(): Promise<string | null>;
+    /** Clear the user's organization selection. */
+    clearSelectedOrganization(): Promise<boolean>;
+    /**
+     * Fetch data from the gateway.
+     *
+     * @param path    - Gateway path (e.g. "/cars", "/weather")
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    fetch<T>(path: string, options?: GatewayFetchOptions): Promise<{
+        data: T;
+    }>;
+    /**
+     * Create a fetcher function bound to this client's configuration.
+     *
+     * The returned function accepts an absolute URL and returns
+     * `{ data: T }`. Suitable for passing to SWR, TanStack Query,
+     * or calling directly.
+     *
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    createFetcher<T>(options?: GatewayFetchOptions): (url: string) => Promise<{
+        data: T;
+    }>;
+    /**
+     * Perform a mutation (POST, PUT, PATCH, DELETE) through the gateway.
+     *
+     * @param path    - Gateway path (e.g. "/profile/api/v1/users/123")
+     * @param method  - HTTP method
+     * @param body    - Optional JSON-serializable request body
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    mutate<T>(path: string, method: MutationMethod, body?: unknown, options?: GatewayFetchOptions): Promise<{
+        data: T;
+    }>;
+    /**
+     * Create a mutator function bound to this client's configuration.
+     *
+     * The returned function accepts an absolute URL, HTTP method, and
+     * optional body. Suitable for imperative mutation calls.
+     *
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    createMutator<T>(options?: GatewayFetchOptions): (url: string, method: MutationMethod, body?: unknown) => Promise<{
+        data: T;
+    }>;
+}
+//# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAcH,OAAO,KAAK,EACV,UAAU,EACV,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,aAAa,EACd,MAAM,SAAS,CAAA;AAEhB,qBAAa,SAAS;IACpB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAA;IAC3B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAA;IACxB,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAY;gBAElC,MAAM,EAAE,eAAe;IAQnC,0CAA0C;IAC1C,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC;IAIhC,gEAAgE;IAChE,WAAW,IAAI,OAAO,CAAC;QAAE,SAAS,EAAE,OAAO,CAAA;KAAE,CAAC;IAI9C;;;;OAIG;IACH,MAAM,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,IAAI;IAIrC,0DAA0D;IAC1D,OAAO,IAAI,IAAI;IAIf;;;OAGG;IACH,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAIlC;;;OAGG;IACH,kBAAkB,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;IAIjD,sDAAsD;IACtD,kBAAkB,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5D,yDAAyD;IACzD,uBAAuB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIjD,+CAA+C;IAC/C,yBAAyB,IAAI,OAAO,CAAC,OAAO,CAAC;IAM7C;;;;;OAKG;IACG,KAAK,CAAC,CAAC,EACX,IAAI,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QAAE,IAAI,EAAE,CAAC,CAAA;KAAE,CAAC;IAMvB;;;;;;;;OAQG;IACH,aAAa,CAAC,CAAC,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,IAAI,EAAE,CAAC,CAAA;KAAE,CAAC;IAWxC;;;;;;;OAOG;IACG,MAAM,CAAC,CAAC,EACZ,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,cAAc,EACtB,IAAI,CAAC,EAAE,OAAO,EACd,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QAAE,IAAI,EAAE,CAAC,CAAA;KAAE,CAAC;IAMvB;;;;;;;OAOG;IACH,aAAa,CAAC,CAAC,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,CACD,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,cAAc,EACtB,IAAI,CAAC,EAAE,OAAO,KACX,OAAO,CAAC;QAAE,IAAI,EAAE,CAAC,CAAA;KAAE,CAAC;CAQ1B"}

package/dist/client.js

@@ -0,0 +1,118 @@
+/**
+ * SagClient — framework-agnostic client for the Secure API Gateway.
+ *
+ * Encapsulates `gatewayUrl` and `appName` so consumers don't have to
+ * pass them to every function call.
+ *
+ * ```ts
+ * const client = new SagClient({ gatewayUrl: "http://localhost:3333", appName: "cars" })
+ * const status = await client.checkAuth()
+ * const { data } = await client.fetch<Car[]>("/cars")
+ * ```
+ */
+import { checkAuth as checkAuthFn, checkHealth as checkHealthFn, clearSelectedOrganization as clearSelectedOrgFn, fetchOrganizations as fetchOrganizationsFn, getSelectedOrganization as getSelectedOrgFn, invalidateSession as invalidateSessionFn, selectOrganization as selectOrgFn, signIn as signInFn, signOut as signOutFn, } from "./auth";
+import { createGatewayFetcher, createGatewayMutator } from "./fetcher";
+export class SagClient {
+    constructor(config) {
+        this.gatewayUrl = config.gatewayUrl;
+        this.appName = config.appName;
+        this.onSessionExpired = config.onSessionExpired;
+    }
+    // ── Auth ─────────────────────────────────────────────────
+    /** Check if the user is authenticated. */
+    checkAuth() {
+        return checkAuthFn(this.gatewayUrl);
+    }
+    /** Check if the authentication service (Logto) is reachable. */
+    checkHealth() {
+        return checkHealthFn(this.gatewayUrl);
+    }
+    /**
+     * Redirect the user to the gateway sign-in endpoint.
+     *
+     * @param options - Optional sign-in options (connector selection, redirect URL).
+     */
+    signIn(options) {
+        signInFn(this.gatewayUrl, this.appName, options);
+    }
+    /** Redirect the user to the gateway sign-out endpoint. */
+    signOut() {
+        signOutFn(this.gatewayUrl, this.appName);
+    }
+    /**
+     * Invalidate the server session so the next sign-in fetches fresh claims.
+     * Use after onboarding or any flow that changes the user's roles.
+     */
+    invalidateSession() {
+        return invalidateSessionFn(this.gatewayUrl);
+    }
+    /**
+     * Fetch structured organization data for the authenticated user.
+     * Requires an active session. Returns an empty array if not authenticated.
+     */
+    fetchOrganizations() {
+        return fetchOrganizationsFn(this.gatewayUrl);
+    }
+    /** Set the user's currently selected organization. */
+    selectOrganization(organizationId) {
+        return selectOrgFn(this.gatewayUrl, organizationId);
+    }
+    /** Get the user's currently selected organization ID. */
+    getSelectedOrganization() {
+        return getSelectedOrgFn(this.gatewayUrl);
+    }
+    /** Clear the user's organization selection. */
+    clearSelectedOrganization() {
+        return clearSelectedOrgFn(this.gatewayUrl);
+    }
+    // ── Fetching ─────────────────────────────────────────────
+    /**
+     * Fetch data from the gateway.
+     *
+     * @param path    - Gateway path (e.g. "/cars", "/weather")
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    async fetch(path, options) {
+        const url = `${this.gatewayUrl}${path}`;
+        const fetcher = this.createFetcher(options);
+        return fetcher(url);
+    }
+    /**
+     * Create a fetcher function bound to this client's configuration.
+     *
+     * The returned function accepts an absolute URL and returns
+     * `{ data: T }`. Suitable for passing to SWR, TanStack Query,
+     * or calling directly.
+     *
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    createFetcher(options) {
+        return createGatewayFetcher(this.gatewayUrl, this.appName, this.onSessionExpired, options);
+    }
+    // ── Mutations ───────────────────────────────────────────────
+    /**
+     * Perform a mutation (POST, PUT, PATCH, DELETE) through the gateway.
+     *
+     * @param path    - Gateway path (e.g. "/profile/api/v1/users/123")
+     * @param method  - HTTP method
+     * @param body    - Optional JSON-serializable request body
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    async mutate(path, method, body, options) {
+        const url = `${this.gatewayUrl}${path}`;
+        const mutator = this.createMutator(options);
+        return mutator(url, method, body);
+    }
+    /**
+     * Create a mutator function bound to this client's configuration.
+     *
+     * The returned function accepts an absolute URL, HTTP method, and
+     * optional body. Suitable for imperative mutation calls.
+     *
+     * @param options - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+     */
+    createMutator(options) {
+        return createGatewayMutator(this.gatewayUrl, this.appName, this.onSessionExpired, options);
+    }
+}
+//# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EACL,SAAS,IAAI,WAAW,EACxB,WAAW,IAAI,aAAa,EAC5B,yBAAyB,IAAI,kBAAkB,EAC/C,kBAAkB,IAAI,oBAAoB,EAC1C,uBAAuB,IAAI,gBAAgB,EAC3C,iBAAiB,IAAI,mBAAmB,EACxC,kBAAkB,IAAI,WAAW,EACjC,MAAM,IAAI,QAAQ,EAClB,OAAO,IAAI,SAAS,GACrB,MAAM,QAAQ,CAAA;AACf,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAUtE,MAAM,OAAO,SAAS;IAKpB,YAAY,MAAuB;QACjC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAA;QACnC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAA;QAC7B,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAA;IACjD,CAAC;IAED,4DAA4D;IAE5D,0CAA0C;IAC1C,SAAS;QACP,OAAO,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IACrC,CAAC;IAED,gEAAgE;IAChE,WAAW;QACT,OAAO,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IACvC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAAuB;QAC5B,QAAQ,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IAClD,CAAC;IAED,0DAA0D;IAC1D,OAAO;QACL,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;IAC1C,CAAC;IAED;;;OAGG;IACH,iBAAiB;QACf,OAAO,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;IAED;;;OAGG;IACH,kBAAkB;QAChB,OAAO,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC9C,CAAC;IAED,sDAAsD;IACtD,kBAAkB,CAAC,cAAsB;QACvC,OAAO,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAA;IACrD,CAAC;IAED,yDAAyD;IACzD,uBAAuB;QACrB,OAAO,gBAAgB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC1C,CAAC;IAED,+CAA+C;IAC/C,yBAAyB;QACvB,OAAO,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC5C,CAAC;IAED,4DAA4D;IAE5D;;;;;OAKG;IACH,KAAK,CAAC,KAAK,CACT,IAAY,EACZ,OAA6B;QAE7B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAA;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAI,OAAO,CAAC,CAAA;QAC9C,OAAO,OAAO,CAAC,GAAG,CAAC,CAAA;IACrB,CAAC;IAED;;;;;;;;OAQG;IACH,aAAa,CACX,OAA6B;QAE7B,OAAO,oBAAoB,CACzB,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,gBAAgB,EACrB,OAAO,CACR,CAAA;IACH,CAAC;IAED,+DAA+D;IAE/D;;;;;;;OAOG;IACH,KAAK,CAAC,MAAM,CACV,IAAY,EACZ,MAAsB,EACtB,IAAc,EACd,OAA6B;QAE7B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAA;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAI,OAAO,CAAC,CAAA;QAC9C,OAAO,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;IACnC,CAAC;IAED;;;;;;;OAOG;IACH,aAAa,CACX,OAA6B;QAM7B,OAAO,oBAAoB,CACzB,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,gBAAgB,EACrB,OAAO,CACR,CAAA;IACH,CAAC;CACF"}

package/dist/fetcher.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Framework-agnostic gateway fetcher with error handling.
+ *
+ * - On 401 (session expired / invalid grant): calls the `onSessionExpired`
+ *   callback (default: redirect to sign-in).
+ * - On non-OK responses: attempts to parse the gateway JSON body for
+ *   user-friendly error messages (e.g. 503 LOGTO_UNAVAILABLE).
+ */
+import { type GatewayFetchOptions, type MutationMethod } from "./types";
+/**
+ * Create a fetcher function bound to a specific gateway + application.
+ *
+ * The returned function is suitable for passing to SWR, TanStack Query,
+ * or calling directly.
+ *
+ * @param gatewayUrl - Secure API Gateway base URL
+ * @param appName    - Application name (sent as X-Application header)
+ * @param onSessionExpired - Called on 401. Default: redirect to sign-in.
+ * @param options    - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+ */
+export declare function createGatewayFetcher<T>(gatewayUrl: string, appName: string, onSessionExpired?: () => void, options?: GatewayFetchOptions): (url: string) => Promise<{
+    data: T;
+}>;
+/**
+ * Create a mutator function bound to a specific gateway + application.
+ *
+ * Unlike `createGatewayFetcher` (GET-only / SWR-compatible), this factory
+ * returns a function that accepts an HTTP method and optional JSON body,
+ * suitable for POST, PUT, PATCH, and DELETE operations.
+ *
+ * @param gatewayUrl - Secure API Gateway base URL
+ * @param appName    - Application name (sent as X-Application header)
+ * @param onSessionExpired - Called on 401. Default: redirect to sign-in.
+ * @param options    - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+ */
+export declare function createGatewayMutator<T>(gatewayUrl: string, appName: string, onSessionExpired?: () => void, options?: GatewayFetchOptions): (url: string, method: MutationMethod, body?: unknown) => Promise<{
+    data: T;
+}>;
+//# sourceMappingURL=fetcher.d.ts.map

package/dist/fetcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetcher.d.ts","sourceRoot":"","sources":["../src/fetcher.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAEL,KAAK,mBAAmB,EACxB,KAAK,cAAc,EAGpB,MAAM,SAAS,CAAA;AAEhB;;;;;;;;;;GAUG;AACH,wBAAgB,oBAAoB,CAAC,CAAC,EACpC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,gBAAgB,CAAC,EAAE,MAAM,IAAI,EAC7B,OAAO,CAAC,EAAE,mBAAmB,GAC5B,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC;IAAE,IAAI,EAAE,CAAC,CAAA;CAAE,CAAC,CAoDvC;AA6DD;;;;;;;;;;;GAWG;AACH,wBAAgB,oBAAoB,CAAC,CAAC,EACpC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,gBAAgB,CAAC,EAAE,MAAM,IAAI,EAC7B,OAAO,CAAC,EAAE,mBAAmB,GAC5B,CACD,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,cAAc,EACtB,IAAI,CAAC,EAAE,OAAO,KACX,OAAO,CAAC;IAAE,IAAI,EAAE,CAAC,CAAA;CAAE,CAAC,CAoBxB"}

package/dist/fetcher.js

@@ -0,0 +1,141 @@
+/**
+ * Framework-agnostic gateway fetcher with error handling.
+ *
+ * - On 401 (session expired / invalid grant): calls the `onSessionExpired`
+ *   callback (default: redirect to sign-in).
+ * - On non-OK responses: attempts to parse the gateway JSON body for
+ *   user-friendly error messages (e.g. 503 LOGTO_UNAVAILABLE).
+ */
+import { signIn } from "./auth";
+import { ACTOR_TYPE_HEADER, ORGANIZATION_ID_HEADER, SagFetchError, } from "./types";
+/**
+ * Create a fetcher function bound to a specific gateway + application.
+ *
+ * The returned function is suitable for passing to SWR, TanStack Query,
+ * or calling directly.
+ *
+ * @param gatewayUrl - Secure API Gateway base URL
+ * @param appName    - Application name (sent as X-Application header)
+ * @param onSessionExpired - Called on 401. Default: redirect to sign-in.
+ * @param options    - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+ */
+export function createGatewayFetcher(gatewayUrl, appName, onSessionExpired, options) {
+    return async (url) => {
+        const headers = {
+            "X-Application": appName,
+        };
+        if (options === null || options === void 0 ? void 0 : options.actorType) {
+            headers[ACTOR_TYPE_HEADER] = options.actorType;
+        }
+        if (options === null || options === void 0 ? void 0 : options.organizationId) {
+            headers[ORGANIZATION_ID_HEADER] = options.organizationId;
+        }
+        const response = await fetch(url, {
+            credentials: "include",
+            headers,
+        });
+        if (response.status === 401) {
+            if (onSessionExpired) {
+                onSessionExpired();
+            }
+            else {
+                signIn(gatewayUrl, appName);
+            }
+            throw new SagFetchError("Session expired. Redirecting to sign in\u2026", 401);
+        }
+        if (!response.ok) {
+            let message = `HTTP error! status: ${response.status} ${response.statusText}`;
+            let code;
+            // Use gateway error body when available (503 LOGTO_UNAVAILABLE, etc.)
+            try {
+                const body = (await response.json());
+                if (body.details)
+                    message = body.details;
+                else if (body.error)
+                    message = body.error;
+                if (body.code)
+                    code = body.code;
+            }
+            catch (_a) {
+                // Non-JSON or empty body — keep default message
+            }
+            throw new SagFetchError(message, response.status, code);
+        }
+        return response.json();
+    };
+}
+/**
+ * Build gateway request headers from options.
+ */
+function buildHeaders(appName, options) {
+    const headers = {
+        "X-Application": appName,
+    };
+    if (options === null || options === void 0 ? void 0 : options.actorType) {
+        headers[ACTOR_TYPE_HEADER] = options.actorType;
+    }
+    if (options === null || options === void 0 ? void 0 : options.organizationId) {
+        headers[ORGANIZATION_ID_HEADER] = options.organizationId;
+    }
+    return headers;
+}
+/**
+ * Handle non-OK gateway responses consistently.
+ */
+async function handleErrorResponse(response, gatewayUrl, appName, onSessionExpired) {
+    if (response.status === 401) {
+        if (onSessionExpired) {
+            onSessionExpired();
+        }
+        else {
+            signIn(gatewayUrl, appName);
+        }
+        throw new SagFetchError("Session expired. Redirecting to sign in\u2026", 401);
+    }
+    let message = `HTTP error! status: ${response.status} ${response.statusText}`;
+    let code;
+    try {
+        const body = (await response.json());
+        if (body.details)
+            message = body.details;
+        else if (body.error)
+            message = body.error;
+        if (body.code)
+            code = body.code;
+    }
+    catch (_a) {
+        // Non-JSON or empty body — keep default message
+    }
+    throw new SagFetchError(message, response.status, code);
+}
+/**
+ * Create a mutator function bound to a specific gateway + application.
+ *
+ * Unlike `createGatewayFetcher` (GET-only / SWR-compatible), this factory
+ * returns a function that accepts an HTTP method and optional JSON body,
+ * suitable for POST, PUT, PATCH, and DELETE operations.
+ *
+ * @param gatewayUrl - Secure API Gateway base URL
+ * @param appName    - Application name (sent as X-Application header)
+ * @param onSessionExpired - Called on 401. Default: redirect to sign-in.
+ * @param options    - Optional fetch options (e.g. `{ actorType: "m2m" }`)
+ */
+export function createGatewayMutator(gatewayUrl, appName, onSessionExpired, options) {
+    return async (url, method, body) => {
+        const headers = buildHeaders(appName, options);
+        if (body !== undefined) {
+            headers["Content-Type"] = "application/json";
+        }
+        const response = await fetch(url, {
+            method,
+            credentials: "include",
+            headers,
+            body: body !== undefined ? JSON.stringify(body) : undefined,
+        });
+        if (!response.ok) {
+            await handleErrorResponse(response, gatewayUrl, appName, onSessionExpired);
+        }
+        return response.json();
+    };
+}
+//# sourceMappingURL=fetcher.js.map

package/dist/fetcher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetcher.js","sourceRoot":"","sources":["../src/fetcher.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC/B,OAAO,EACL,iBAAiB,EAGjB,sBAAsB,EACtB,aAAa,GACd,MAAM,SAAS,CAAA;AAEhB;;;;;;;;;;GAUG;AACH,MAAM,UAAU,oBAAoB,CAClC,UAAkB,EAClB,OAAe,EACf,gBAA6B,EAC7B,OAA6B;IAE7B,OAAO,KAAK,EAAE,GAAW,EAAE,EAAE;QAC3B,MAAM,OAAO,GAA2B;YACtC,eAAe,EAAE,OAAO;SACzB,CAAA;QACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,iBAAiB,CAAC,GAAG,OAAO,CAAC,SAAS,CAAA;QAChD,CAAC;QACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,EAAE,CAAC;YAC5B,OAAO,CAAC,sBAAsB,CAAC,GAAG,OAAO,CAAC,cAAc,CAAA;QAC1D,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,WAAW,EAAE,SAAS;YACtB,OAAO;SACR,CAAC,CAAA;QAEF,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,IAAI,gBAAgB,EAAE,CAAC;gBACrB,gBAAgB,EAAE,CAAA;YACpB,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;YAC7B,CAAC;YACD,MAAM,IAAI,aAAa,CACrB,+CAA+C,EAC/C,GAAG,CACJ,CAAA;QACH,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,OAAO,GAAG,uBAAuB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAA;YAC7E,IAAI,IAAwB,CAAA;YAE5B,sEAAsE;YACtE,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAIlC,CAAA;gBACD,IAAI,IAAI,CAAC,OAAO;oBAAE,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;qBACnC,IAAI,IAAI,CAAC,KAAK;oBAAE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAA;gBACzC,IAAI,IAAI,CAAC,IAAI;oBAAE,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;YACjC,CAAC;YAAC,WAAM,CAAC;gBACP,gDAAgD;YAClD,CAAC;YAED,MAAM,IAAI,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;QACzD,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAA0B,CAAA;IAChD,CAAC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CACnB,OAAe,EACf,OAA6B;IAE7B,MAAM,OAAO,GAA2B;QACtC,eAAe,EAAE,OAAO;KACzB,CAAA;IACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;QACvB,OAAO,CAAC,iBAAiB,CAAC,GAAG,OAAO,CAAC,SAAS,CAAA;IAChD,CAAC;IACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,EAAE,CAAC;QAC5B,OAAO,CAAC,sBAAsB,CAAC,GAAG,OAAO,CAAC,cAAc,CAAA;IAC1D,CAAC;IACD,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAChC,QAAkB,EAClB,UAAkB,EAClB,OAAe,EACf,gBAA6B;IAE7B,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QAC5B,IAAI,gBAAgB,EAAE,CAAC;YACrB,gBAAgB,EAAE,CAAA;QACpB,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,MAAM,IAAI,aAAa,CACrB,+CAA+C,EAC/C,GAAG,CACJ,CAAA;IACH,CAAC;IAED,IAAI,OAAO,GAAG,uBAAuB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAA;IAC7E,IAAI,IAAwB,CAAA;IAE5B,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAIlC,CAAA;QACD,IAAI,IAAI,CAAC,OAAO;YAAE,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;aACnC,IAAI,IAAI,CAAC,KAAK;YAAE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAA;QACzC,IAAI,IAAI,CAAC,IAAI;YAAE,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;IACjC,CAAC;IAAC,WAAM,CAAC;QACP,gDAAgD;IAClD,CAAC;IAED,MAAM,IAAI,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;AACzD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,oBAAoB,CAClC,UAAkB,EAClB,OAAe,EACf,gBAA6B,EAC7B,OAA6B;IAM7B,OAAO,KAAK,EAAE,GAAW,EAAE,MAAsB,EAAE,IAAc,EAAE,EAAE;QACnE,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QAC9C,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAA;QAC9C,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM;YACN,WAAW,EAAE,SAAS;YACtB,OAAO;YACP,IAAI,EAAE,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;SAC5D,CAAC,CAAA;QAEF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,mBAAmB,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAA;QAC5E,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAA0B,CAAA;IAChD,CAAC,CAAA;AACH,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,9 @@
+export { checkAuth, checkHealth, clearSelectedOrganization, fetchOrganizations, getSelectedOrganization, invalidateSession, selectOrganization, signIn, signOut, } from "./auth";
+export { SagClient } from "./client";
+export { createGatewayFetcher, createGatewayMutator } from "./fetcher";
+export type { OnboardingRedirectParams, WrongLoginMethodParams, } from "./onboarding";
+export { buildOnboardingRedirectUrl, buildWrongLoginMethodRedirect, CLEAR_SESSION_PATH, ONBOARDING_PATH, ONBOARDING_SOURCE_PARAM, WRONG_LOGIN_METHOD_PATH, WRONG_LOGIN_RETURN_URL_PARAM, } from "./onboarding";
+export { ALLOWED_SIGNIN_METHODS, CONNECTOR_ENTRAID, CONNECTOR_MYGOVID, DEFAULT_PUBLIC_SERVANT_ROLES, INACTIVE_PS_ORG_ROLE, isCitizen, isCitizenOnboarded, isInactivePublicServant, isPublicServant, ORG_ROLE_ADMIN, ORG_ROLE_MEMBER, ROLE_NAME_ONBOARDED_CITIZEN, } from "./roles";
+export type { ActorType, AuthClaims, AuthStatus, AuthUser, GatewayFetchOptions, GatewayMutationOptions, MutationMethod, OrganizationInfo, SagClientConfig, SignInOptions, UseAuthResult, } from "./types";
+export { ACTOR_TYPE_HEADER, ORGANIZATION_ID_HEADER, SagFetchError, } from "./types";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,SAAS,EACT,WAAW,EACX,yBAAyB,EACzB,kBAAkB,EAClB,uBAAuB,EACvB,iBAAiB,EACjB,kBAAkB,EAClB,MAAM,EACN,OAAO,GACR,MAAM,QAAQ,CAAA;AACf,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAGpC,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AACtE,YAAY,EACV,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,cAAc,CAAA;AAGrB,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,EAC7B,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,uBAAuB,EACvB,4BAA4B,GAC7B,MAAM,cAAc,CAAA;AAErB,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,EACjB,4BAA4B,EAC5B,oBAAoB,EACpB,SAAS,EACT,kBAAkB,EAClB,uBAAuB,EACvB,eAAe,EACf,cAAc,EACd,eAAe,EACf,2BAA2B,GAC5B,MAAM,SAAS,CAAA;AAGhB,YAAY,EACV,SAAS,EACT,UAAU,EACV,UAAU,EACV,QAAQ,EACR,mBAAmB,EACnB,sBAAsB,EACtB,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,aAAa,EACb,aAAa,GACd,MAAM,SAAS,CAAA;AAChB,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EACtB,aAAa,GACd,MAAM,SAAS,CAAA"}

package/dist/index.js

@@ -0,0 +1,12 @@
+// ── Client ───────────────────────────────────────────────────
+// ── Standalone auth functions ────────────────────────────────
+export { checkAuth, checkHealth, clearSelectedOrganization, fetchOrganizations, getSelectedOrganization, invalidateSession, selectOrganization, signIn, signOut, } from "./auth";
+export { SagClient } from "./client";
+// ── Fetcher / Mutator factories ─────────────────────────────
+export { createGatewayFetcher, createGatewayMutator } from "./fetcher";
+// ── Onboarding helpers ──────────────────────────────────────
+export { buildOnboardingRedirectUrl, buildWrongLoginMethodRedirect, CLEAR_SESSION_PATH, ONBOARDING_PATH, ONBOARDING_SOURCE_PARAM, WRONG_LOGIN_METHOD_PATH, WRONG_LOGIN_RETURN_URL_PARAM, } from "./onboarding";
+// ── Role detection utilities ────────────────────────────────
+export { ALLOWED_SIGNIN_METHODS, CONNECTOR_ENTRAID, CONNECTOR_MYGOVID, DEFAULT_PUBLIC_SERVANT_ROLES, INACTIVE_PS_ORG_ROLE, isCitizen, isCitizenOnboarded, isInactivePublicServant, isPublicServant, ORG_ROLE_ADMIN, ORG_ROLE_MEMBER, ROLE_NAME_ONBOARDED_CITIZEN, } from "./roles";
+export { ACTOR_TYPE_HEADER, ORGANIZATION_ID_HEADER, SagFetchError, } from "./types";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,gEAAgE;AAEhE,gEAAgE;AAChE,OAAO,EACL,SAAS,EACT,WAAW,EACX,yBAAyB,EACzB,kBAAkB,EAClB,uBAAuB,EACvB,iBAAiB,EACjB,kBAAkB,EAClB,MAAM,EACN,OAAO,GACR,MAAM,QAAQ,CAAA;AACf,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAEpC,+DAA+D;AAC/D,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAMtE,+DAA+D;AAC/D,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,EAC7B,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,uBAAuB,EACvB,4BAA4B,GAC7B,MAAM,cAAc,CAAA;AACrB,+DAA+D;AAC/D,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,EACjB,4BAA4B,EAC5B,oBAAoB,EACpB,SAAS,EACT,kBAAkB,EAClB,uBAAuB,EACvB,eAAe,EACf,cAAc,EACd,eAAe,EACf,2BAA2B,GAC5B,MAAM,SAAS,CAAA;AAgBhB,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EACtB,aAAa,GACd,MAAM,SAAS,CAAA"}