@omerlo/omerlo-webkit 0.0.2

package/README.md

@@ -0,0 +1,208 @@
+# Omerlo WebKit
+
+This webkit is a wapper arround Omerlo's API to create quickly a website using Omerlo.
+
+The user's session and tokens will be managed by Omerlo Webkit. The connection state is dispatched
+over all window's tab, no need to refresh other tabs.
+
+## Using the omerlo webkit
+
+###
+
+Install the package `omerlo-webkit`
+
+```sh
+npm i omerlo-webkit
+```
+
+### Create the .env
+
+Copy the `.env.dist` to `.env` then update its values to match your Omerlo's application informations.
+
+### Create the server's hooks
+
+Create (or update) the file `src/hooks.server.ts` and add required hooks as follow
+
+```ts
+import type { Handle } from "@sveltejs/kit";
+
+import { handleUserToken, handleReaderApi } from 'omerlo-webkit/reader/server';
+import { sequence } from "@sveltejs/kit/hooks";
+
+// You can add custom hooks too
+const handleLocale: Handle = async ({ event, resolve }) => {
+    const userLocale = 'en'; // you can fetch this value from cookie or w.e
+    event.url.searchParams.append('locale', userLocale);
+    return resolve(event);
+}
+
+export const handle = sequence(handleLocale, handleUserToken, handleReaderApi);
+```
+
+### Layout `layout.server.ts`
+
+To automatically load the user session, you have to load the user's session as following
+
+```ts
+// +layout.server.ts
+import type { LayoutServerLoad } from './$types';
+
+import { loadUserSession } from 'omerlo-webkit/reader/server';
+import { type UserSession } from 'omerlo-webkit/reader';
+
+export const load: LayoutServerLoad = async ({ fetch, cookies }) => {
+  const userSession: UserSession = await loadUserSession(fetch, cookies);
+
+  return { userSession };
+};
+```
+
+Then you need to use the component `OmerloWebkit` and give him the `userSession` previously loaded.
+
+```ts
+// +layout.svelte
+<script lang="ts">
+  import { OmerloWebkit } from 'omerlo-webkit'
+  let { data, children } = $props();
+</script>
+
+<OmerloWebkit userSession={data.userSession}>
+  {@render children?.()}
+</OmerloWebkit>
+```
+
+### Use Reader API
+
+To use reader API, you can use the function `useReader` passing the sveltekit `fetch` function.
+
+```ts
+// +page.ts
+import type { PageLoad } from './$types';
+import { useReader } from 'omerlo-webkit';
+
+export const load: PageLoad = async ({ fetch }) => {
+  const oauthProviders = await useReader(fetch).listOauthProviders();
+  return { oauthProviders };
+};
+```
+
+## Connecting user using Oauth Provider (such as Google).
+
+You'll need to create a login endpoint to add some required params such as the `state`.
+
+```ts
+// +server.ts
+import { error, redirect, type RequestHandler } from "@sveltejs/kit";
+import { env } from '$env/dynamic/private';
+import jwt from 'jsonwebtoken';
+
+export const GET: RequestHandler = ({ url }) => {
+  const oauthUrl = url.searchParams.get('oauthUrl');
+  const oauthProviderId = url.searchParams.get('oauthProviderId');
+
+  if (!oauthUrl) error(400, 'Missing oauthUrl query parameter');
+  if (!oauthProviderId) error(400, 'Missing oauthProviderId query parameter');
+
+  const currentPath = url.searchParams.get('currentPath') || '/';
+  const state = jwt.sign({ currentPath, oauthProviderId }, env.PRIVATE_JWT_SECRET, { expiresIn: '1h' })
+
+  const redirectUrl = new URL(oauthUrl);
+  redirectUrl.searchParams.set('state', state);
+  redirectUrl.searchParams.set('redirect_uri', url.origin +'/oauth/callback');
+
+  redirect(302, redirectUrl);
+}
+```
+
+And then create a callback action.
+
+```ts
+import { error, redirect, type RequestHandler } from "@sveltejs/kit";
+import { env } from '$env/dynamic/private';
+import jwt from 'jsonwebtoken';
+import { exchangeAuthorizationCode, setAuthorizationCookies } from "omerlo-webkit/reader/server";
+
+export const GET: RequestHandler = async ({ url, cookies }) => {
+  const redirectUri = url.origin + url.pathname;
+  const state = getRequiredQueryParams(url, 'state');
+  const code = getRequiredQueryParams(url, 'code');
+  const {oauthProviderId, currentPath} = parseJwt(state);
+
+  try {
+    const token = await exchangeAuthorizationCode({code, redirectUri, oauthProviderId})
+    setAuthorizationCookies(cookies, token);
+  } catch(_err) {
+    error(401, "Could not authenticate from the provider");
+  }
+
+  redirect(303, currentPath);
+}
+
+function getRequiredQueryParams(url: URL, paramsName: string): string {
+  const value = url.searchParams.get(paramsName);
+
+  if (!value) {
+    error(400, `Missing ${paramsName}`);
+  }
+
+  return value;
+}
+
+interface State {
+  oauthProviderId: string,
+  currentPath: string
+}
+
+function parseJwt(state: string): State {
+  try {
+    return jwt.verify(state, env.PRIVATE_JWT_SECRET) as State;
+  } catch(_err) {
+    error(400, 'Invalid state');
+  }
+}
+```
+
+## Logout your user
+
+To logout your user you can create an endpoint that will drop cookies used for authentication.
+
+```ts
+// +server.ts
+import { json, type RequestHandler } from "@sveltejs/kit";
+import { clearAuthorizationCookies } from 'omerlo-webkit/reader/server';
+
+export const DELETE: RequestHandler = ({ cookies }) => {
+  clearAuthorizationCookies(cookies);
+  return json(201);
+}
+```
+
+When a user is logout for any reason (401 or manually logout), the `invalidate('omerlo:user_session)` is triggered,
+allowing you to reload component / page that have `depends('omerlo:user_session)`.
+
+Plus the user's session store is updated cross tabs. It mean the user will be logout from every tabs.
+
+## Use user's informations
+
+```ts
+<script lang="ts">
+  import { getUserSession } from 'omerlo-webkit/reader';
+
+  let { data } = $props();
+  const userSession = getUserSession();
+</script>
+
+<!-- Some token may not be linked to a reader accounts -->
+<!-- In that case, the user will be null -->
+{#if $userSession.user}
+  Your name: {$userSession.user?.name}
+{/if}
+
+{#if $userSession.verified}
+  <div> You has been verified </div>
+{/if}
+
+{#if $userSession.authenticated}
+  <div> You has been authenticated </div>
+{/if}
+```

package/dist/components/OmerloWebkit.svelte

@@ -0,0 +1,26 @@
+<script lang="ts">
+  import { initUserSession, type UserSession } from "../omerlo/reader/stores/user_session";
+  import { onDestroy, onMount } from "svelte";
+
+  export let userSession: UserSession;
+  let selfComponent: HTMLDivElement;
+
+  const _userSession = initUserSession(userSession);
+
+  onMount(() => {
+    selfComponent.addEventListener('logout', () => {
+      _userSession.handleLogout();
+    });
+  });
+
+  onDestroy(() => {
+    if (selfComponent) {
+      selfComponent.removeEventListener('logout', _userSession.handleLogout, true);
+    }
+  });
+</script>
+
+<div id="omerlo-webkit" bind:this={selfComponent}>
+  <slot></slot>
+</div>
+

package/dist/components/OmerloWebkit.svelte.d.ts

@@ -0,0 +1,30 @@
+import { type UserSession } from "../omerlo/reader/stores/user_session";
+interface $$__sveltets_2_IsomorphicComponent<Props extends Record<string, any> = any, Events extends Record<string, any> = any, Slots extends Record<string, any> = any, Exports = {}, Bindings = string> {
+    new (options: import('svelte').ComponentConstructorOptions<Props>): import('svelte').SvelteComponent<Props, Events, Slots> & {
+        $$bindings?: Bindings;
+    } & Exports;
+    (internal: unknown, props: Props & {
+        $$events?: Events;
+        $$slots?: Slots;
+    }): Exports & {
+        $set?: any;
+        $on?: any;
+    };
+    z_$$bindings?: Bindings;
+}
+type $$__sveltets_2_PropsWithChildren<Props, Slots> = Props & (Slots extends {
+    default: any;
+} ? Props extends Record<string, never> ? any : {
+    children?: any;
+} : {});
+declare const OmerloWebkit: $$__sveltets_2_IsomorphicComponent<$$__sveltets_2_PropsWithChildren<{
+    userSession: UserSession;
+}, {
+    default: {};
+}>, {
+    [evt: string]: CustomEvent<any>;
+}, {
+    default: {};
+}, {}, string>;
+type OmerloWebkit = InstanceType<typeof OmerloWebkit>;
+export default OmerloWebkit;

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export { default as OmerloWebkit } from './components/OmerloWebkit.svelte';
+export * from './omerlo/index';

package/dist/index.js

@@ -0,0 +1,3 @@
+// Reexport your entry components here
+export { default as OmerloWebkit } from './components/OmerloWebkit.svelte';
+export * from './omerlo/index';

package/dist/omerlo/index.d.ts

@@ -0,0 +1,13 @@
+export declare const useReader: (f: typeof fetch) => {
+    notifications: {
+        listTopics: (params?: Partial<import("./reader/utils/api").PagingParams>) => Promise<import("./reader/utils/api").ApiResponse<import("./reader/endpoints/notification").TopicSummary[]>>;
+        subscribeToTopic: (params: import("./reader/endpoints/notification").SubscribtionParams) => Promise<import("./reader/utils/api").ApiResponse<unknown>>;
+        unsubscribeFromTopic: (params: import("./reader/endpoints/notification").SubscribtionParams) => Promise<import("./reader/utils/api").ApiResponse<unknown>>;
+    };
+    listOauthProviders: (params?: Partial<import("./reader/utils/api").PagingParams>) => Promise<import("./reader/utils/api").ApiResponse<import("./reader").OauthProviderSummary[]>>;
+    getOauthUser: () => Promise<import("./reader/utils/api").ApiResponse<import("./reader").OauthUser>>;
+    registerDevice: (params: import("./reader/endpoints/device").DeviceParams) => Promise<import("./reader/utils/api").ApiResponse<unknown>>;
+    userInfo: () => Promise<import("./reader/utils/api").ApiResponse<import("./reader").UserInfo>>;
+    verifyAccount: (params: import("./reader").VerifyAccountParams) => void;
+    validateAccount: (params: import("./reader").ValidateAccountParams) => void;
+};

package/dist/omerlo/index.js

@@ -0,0 +1,2 @@
+import * as Reader from './reader/fetchers';
+export const useReader = Reader.fetchers;

package/dist/omerlo/reader/endpoints/accounts.d.ts

@@ -0,0 +1,19 @@
+export declare const accountsFetchers: (f: typeof fetch) => {
+    userInfo: () => Promise<import("../utils/api").ApiResponse<UserInfo>>;
+    verifyAccount: (params: VerifyAccountParams) => void;
+    validateAccount: (params: ValidateAccountParams) => void;
+};
+export interface ValidateAccountParams {
+    email: string;
+    callbackUrl: string;
+}
+export declare function validateAccount(f: typeof fetch): (params: ValidateAccountParams) => void;
+export interface VerifyAccountParams {
+    verification_token: string;
+}
+export declare function verifyAccount(f: typeof fetch): (params: VerifyAccountParams) => void;
+export declare function getUserInfo(f: typeof fetch): () => Promise<import("../utils/api").ApiResponse<UserInfo>>;
+export interface UserInfo {
+    name: string;
+    email: string;
+}

package/dist/omerlo/reader/endpoints/accounts.js

@@ -0,0 +1,42 @@
+import { request } from '../utils/request';
+export const accountsFetchers = (f) => {
+    return {
+        userInfo: getUserInfo(f),
+        verifyAccount: verifyAccount(f),
+        validateAccount: validateAccount(f)
+    };
+};
+//
+// Validate an account using the bearer token.
+//
+export function validateAccount(f) {
+    return (params) => {
+        const queryParams = { email: params.email, callback_url: params.callbackUrl };
+        const opts = { queryParams, method: 'post' };
+        request(f, '/account/validate', opts);
+    };
+}
+//
+// Verify an account using the signed JWT token generate on account validation.
+//
+export function verifyAccount(f) {
+    return (params) => {
+        const opts = { queryParams: params };
+        request(f, '/account/verify', opts);
+    };
+}
+//
+// Get user's informations associated to the bearer token.
+//
+export function getUserInfo(f) {
+    return async () => {
+        const opts = { parser: parseUserInfo };
+        return request(f, '/account/me', opts);
+    };
+}
+function parseUserInfo(data, _assoc) {
+    return {
+        name: data.name,
+        email: data.email
+    };
+}

package/dist/omerlo/reader/endpoints/device.d.ts

@@ -0,0 +1,8 @@
+export declare const deviceFetchers: (f: typeof fetch) => {
+    registerDevice: (params: DeviceParams) => Promise<import("../utils/api").ApiResponse<unknown>>;
+};
+export interface DeviceParams {
+    pushToken: string;
+    name: string;
+}
+export declare function registerDevice(f: typeof fetch): (params: DeviceParams) => Promise<import("../utils/api").ApiResponse<unknown>>;

package/dist/omerlo/reader/endpoints/device.js

@@ -0,0 +1,13 @@
+import { request } from '../utils/request';
+export const deviceFetchers = (f) => {
+    return {
+        registerDevice: registerDevice(f),
+    };
+};
+export function registerDevice(f) {
+    return (params) => {
+        const body = { push_token: params.pushToken, name: params.name };
+        const opts = { body, method: 'post' };
+        return request(f, '/devices/register', opts);
+    };
+}

package/dist/omerlo/reader/endpoints/notification.d.ts

@@ -0,0 +1,23 @@
+import { type ApiAssocs, type ApiData, type PagingParams } from '../utils/api';
+import { type LocalesMetadata } from '../utils/response';
+export declare const notificationFetchers: (f: typeof fetch) => {
+    listTopics: (params?: Partial<PagingParams>) => Promise<import("../utils/api").ApiResponse<TopicSummary[]>>;
+    subscribeToTopic: (params: SubscribtionParams) => Promise<import("../utils/api").ApiResponse<unknown>>;
+    unsubscribeFromTopic: (params: SubscribtionParams) => Promise<import("../utils/api").ApiResponse<unknown>>;
+};
+export declare function listTopics(f: typeof fetch): (params?: Partial<PagingParams>) => Promise<import("../utils/api").ApiResponse<TopicSummary[]>>;
+export declare function parseTopicSummary(data: ApiData, _assocs: ApiAssocs): TopicSummary;
+export interface TopicSummary {
+    id: string;
+    name: string;
+    meta: {
+        locales: LocalesMetadata;
+    };
+    updatedAt: Date;
+}
+export interface SubscribtionParams {
+    topicId: string;
+    pushToken: string;
+}
+export declare function subscribeToTopic(f: typeof fetch): (params: SubscribtionParams) => Promise<import("../utils/api").ApiResponse<unknown>>;
+export declare function unsubscribeFromTopic(f: typeof fetch): (params: SubscribtionParams) => Promise<import("../utils/api").ApiResponse<unknown>>;

package/dist/omerlo/reader/endpoints/notification.js

@@ -0,0 +1,40 @@
+import { request } from '../utils/request';
+import { parseMany } from '../utils/api';
+import { parseLocalesMetadata } from '../utils/response';
+export const notificationFetchers = (f) => {
+    return {
+        listTopics: listTopics(f),
+        subscribeToTopic: subscribeToTopic(f),
+        unsubscribeFromTopic: unsubscribeFromTopic(f),
+    };
+};
+export function listTopics(f) {
+    return (params) => {
+        const opts = { queryParams: params, parser: parseMany(parseTopicSummary) };
+        return request(f, '/topics', opts);
+    };
+}
+export function parseTopicSummary(data, _assocs) {
+    return {
+        id: data.id,
+        name: data.localized.name,
+        meta: {
+            locales: parseLocalesMetadata(data.meta)
+        },
+        updatedAt: data.updated_at
+    };
+}
+export function subscribeToTopic(f) {
+    return (params) => {
+        const body = { push_token: params.pushToken };
+        const opts = { method: 'post', body };
+        return request(f, '/topics/${params.topicId}/subscribe', opts);
+    };
+}
+export function unsubscribeFromTopic(f) {
+    return (params) => {
+        const body = { push_token: params.pushToken };
+        const opts = { method: 'post', body };
+        return request(f, '/topics/${params.topicId}/unsubscribe', opts);
+    };
+}

package/dist/omerlo/reader/endpoints/oauth.d.ts

@@ -0,0 +1,23 @@
+import { type ApiAssocs, type ApiData, type PagingParams } from '../utils/api';
+export declare const oauthFetchers: (f: typeof fetch) => {
+    listOauthProviders: (params?: Partial<PagingParams>) => Promise<import("../utils/api").ApiResponse<OauthProviderSummary[]>>;
+    getOauthUser: () => Promise<import("../utils/api").ApiResponse<OauthUser>>;
+};
+export declare function listOauthProviders(f: typeof fetch): (params?: Partial<PagingParams>) => Promise<import("../utils/api").ApiResponse<OauthProviderSummary[]>>;
+export declare function parseOauthProviderSummary(data: ApiData, _assocs: ApiAssocs): OauthProviderSummary;
+export interface OauthProviderSummary {
+    id: string;
+    clientId: string;
+    type: string;
+    authenticateUrl: string;
+    insertedAt: Date;
+    updatedAt: Date;
+}
+export declare function getOauthUser(f: typeof fetch): () => Promise<import("../utils/api").ApiResponse<OauthUser>>;
+export declare function parseOauthUser(data: ApiData, _assoc: ApiAssocs): OauthUser;
+export interface OauthUser {
+    id: string;
+    name: string;
+    email: string;
+    verifiedAt: Date | null;
+}

package/dist/omerlo/reader/endpoints/oauth.js

@@ -0,0 +1,38 @@
+import { request } from '../utils/request';
+import { parseMany } from '../utils/api';
+export const oauthFetchers = (f) => {
+    return {
+        listOauthProviders: listOauthProviders(f),
+        getOauthUser: getOauthUser(f),
+    };
+};
+export function listOauthProviders(f) {
+    return (params) => {
+        const opts = { queryParams: params, parser: parseMany(parseOauthProviderSummary) };
+        return request(f, '/oauth-providers', opts);
+    };
+}
+export function parseOauthProviderSummary(data, _assocs) {
+    return {
+        id: data.id,
+        clientId: data.client_id,
+        type: data.type,
+        authenticateUrl: data.authenticate_url,
+        insertedAt: data.inserted_at,
+        updatedAt: data.updated_at
+    };
+}
+export function getOauthUser(f) {
+    return () => {
+        const opts = { parser: parseOauthUser };
+        return request(f, '/oauth/user', opts);
+    };
+}
+export function parseOauthUser(data, _assoc) {
+    return {
+        id: data.id,
+        name: data.name,
+        email: data.email,
+        verifiedAt: data.verified_at
+    };
+}

package/dist/omerlo/reader/fetchers.d.ts

@@ -0,0 +1,13 @@
+export declare const fetchers: (f: typeof fetch) => {
+    notifications: {
+        listTopics: (params?: Partial<import("./utils/api").PagingParams>) => Promise<import("./utils/api").ApiResponse<import("./endpoints/notification").TopicSummary[]>>;
+        subscribeToTopic: (params: import("./endpoints/notification").SubscribtionParams) => Promise<import("./utils/api").ApiResponse<unknown>>;
+        unsubscribeFromTopic: (params: import("./endpoints/notification").SubscribtionParams) => Promise<import("./utils/api").ApiResponse<unknown>>;
+    };
+    listOauthProviders: (params?: Partial<import("./utils/api").PagingParams>) => Promise<import("./utils/api").ApiResponse<import("./endpoints/oauth").OauthProviderSummary[]>>;
+    getOauthUser: () => Promise<import("./utils/api").ApiResponse<import("./endpoints/oauth").OauthUser>>;
+    registerDevice: (params: import("./endpoints/device").DeviceParams) => Promise<import("./utils/api").ApiResponse<unknown>>;
+    userInfo: () => Promise<import("./utils/api").ApiResponse<import("./endpoints/accounts").UserInfo>>;
+    verifyAccount: (params: import("./endpoints/accounts").VerifyAccountParams) => void;
+    validateAccount: (params: import("./endpoints/accounts").ValidateAccountParams) => void;
+};

package/dist/omerlo/reader/fetchers.js

@@ -0,0 +1,12 @@
+import { accountsFetchers } from './endpoints/accounts';
+import { deviceFetchers } from './endpoints/device';
+import { notificationFetchers } from './endpoints/notification';
+import { oauthFetchers } from './endpoints/oauth';
+export const fetchers = (f) => {
+    return {
+        ...accountsFetchers(f),
+        ...deviceFetchers(f),
+        ...oauthFetchers(f),
+        notifications: notificationFetchers(f),
+    };
+};

package/dist/omerlo/reader/index.d.ts

@@ -0,0 +1,3 @@
+export * from './stores/user_session';
+export type * from './endpoints/oauth';
+export type * from './endpoints/accounts';

package/dist/omerlo/reader/index.js

@@ -0,0 +1 @@
+export * from './stores/user_session';

package/dist/omerlo/reader/server/hooks.d.ts

@@ -0,0 +1,3 @@
+import { type Handle } from "@sveltejs/kit";
+export declare const proxyHook: Handle;
+export declare const handleUserToken: Handle;

package/dist/omerlo/reader/server/hooks.js

@@ -0,0 +1,73 @@
+import { error } from "@sveltejs/kit";
+import { env } from '$env/dynamic/private';
+import { ApiError } from "../utils/api";
+import { clearAuthorizationCookies, clearAuthorizationUsingHeader, getAccessTokenFromCookie, getApplicationToken, getRefreshTokenFromCookie, setAuthorizationCookies } from "./utils";
+import { refresh } from "./token";
+// NOTE: inspired by https://sami.website/blog/sveltekit-api-reverse-proxy
+const handleApiProxy = async ({ event, ...tail }) => {
+    event.url.host = env.PRIVATE_OMERLO_HOST;
+    event.url.protocol = env.PRIVATE_OMERLO_PROTOCOL;
+    event.request.headers.delete('cookie');
+    event.request.headers.set('x-omerlo-media-id', env.PRIVATE_OMERLO_MEDIA_ID);
+    let accessToken = event.locals.accessToken;
+    if (!accessToken) {
+        accessToken = await getApplicationToken();
+    }
+    event.request.headers.set('Authorization', `Bearer ${accessToken}`);
+    return await fetch(event.url.toString(), {
+        body: event.request.body,
+        method: event.request.method,
+        headers: event.request.headers,
+        duplex: 'half'
+    })
+        .then(async (resp) => {
+        const headers = new Headers();
+        if (resp.status === 401 && event.locals.accessToken) {
+            clearAuthorizationUsingHeader(headers);
+            event.locals.accessToken = undefined;
+            resp = await handleApiProxy({ event, ...tail });
+        }
+        const responseOpts = {
+            headers: headers,
+            status: resp.status,
+            statusText: resp.statusText,
+        };
+        return new Response(resp.body, responseOpts);
+    })
+        .catch((err) => {
+        console.log("Could not proxy API request: ", err);
+        error(500, 'Something went wrong');
+    });
+};
+export const proxyHook = async ({ event, resolve }) => {
+    if (event.url.pathname.startsWith('/api/media/v1')) {
+        return await handleApiProxy({ event, resolve });
+    }
+    return resolve(event);
+};
+export const handleUserToken = async ({ event, resolve }) => {
+    const accessToken = getAccessTokenFromCookie(event.cookies);
+    const refreshToken = getRefreshTokenFromCookie(event.cookies);
+    const opts = {
+        filterSerializedResponseHeaders: (name) => name == 'x-logout',
+    };
+    if (accessToken) {
+        event.locals.accessToken = accessToken;
+        return resolve(event, opts);
+    }
+    if (!refreshToken) {
+        return resolve(event, opts);
+    }
+    try {
+        const token = await refresh(refreshToken);
+        setAuthorizationCookies(event.cookies, token);
+        event.locals.accessToken = token.accessToken;
+    }
+    catch (err) {
+        if (err instanceof ApiError && err.status == 401) {
+            event.setHeaders({ 'x-logout': 'true' });
+            clearAuthorizationCookies(event.cookies);
+        }
+    }
+    return resolve(event);
+};

package/dist/omerlo/reader/server/index.d.ts

@@ -0,0 +1,4 @@
+export declare const handleReaderApi: import("@sveltejs/kit").Handle;
+export declare const handleUserToken: import("@sveltejs/kit").Handle;
+export * from './token';
+export * from './utils';

package/dist/omerlo/reader/server/index.js

@@ -0,0 +1,5 @@
+import * as Hooks from './hooks';
+export const handleReaderApi = Hooks.proxyHook;
+export const handleUserToken = Hooks.handleUserToken;
+export * from './token';
+export * from './utils';

package/dist/omerlo/reader/server/token.d.ts

@@ -0,0 +1,23 @@
+export interface exchangeAuthorizationCodeParams {
+    code: string;
+    redirectUri: string;
+    oauthProviderId: string;
+}
+/**
+  * Exchange an authorization code for an omerlo's token.
+  */
+export declare function exchangeAuthorizationCode(params: exchangeAuthorizationCodeParams): Promise<OmerloToken>;
+/**
+  * Refresh the user's token.
+  */
+export declare function refresh(refreshToken: string): Promise<OmerloToken>;
+/**
+  * Authenticate anonymously a user to get an anonymous token.
+  */
+export declare function getAnonymousToken(scope: string): Promise<OmerloToken>;
+export interface OmerloToken {
+    accessToken: string;
+    refreshToken: string;
+    expiresIn: number;
+    tokenType: string;
+}

package/dist/omerlo/reader/server/token.js

@@ -0,0 +1,63 @@
+import { env } from '$env/dynamic/private';
+import { ApiError } from '../utils/api';
+/**
+  * Exchange an authorization code for an omerlo's token.
+  */
+export async function exchangeAuthorizationCode(params) {
+    const url = getTokenEndpoint();
+    url.pathname = '/api/media/v1/oauth/token';
+    url.searchParams.append('client_id', env.PRIVATE_OMERLO_CLIENT_ID);
+    url.searchParams.append('grant_type', 'authorization_code');
+    url.searchParams.append('code', params.code);
+    url.searchParams.append('redirect_uri', params.redirectUri);
+    url.searchParams.append('oauth_provider_id', params.oauthProviderId);
+    const resp = await fetch(url, { method: 'POST' });
+    if (resp.ok) {
+        return await resp.json().then(parseTokenResponse);
+    }
+    const payload = await resp.json();
+    throw new ApiError(resp.status, payload.error, resp.statusText);
+}
+/**
+  * Refresh the user's token.
+  */
+export async function refresh(refreshToken) {
+    const url = getTokenEndpoint();
+    url.pathname = '/api/media/v1/oauth/token';
+    url.searchParams.append('grant_type', 'refresh_token');
+    url.searchParams.append('refresh_token', refreshToken);
+    const resp = await fetch(url, { method: 'POST' });
+    if (resp.ok) {
+        return await resp.json().then(parseTokenResponse);
+    }
+    const payload = await resp.json();
+    throw new ApiError(resp.status, payload.error, resp.statusText);
+}
+/**
+  * Authenticate anonymously a user to get an anonymous token.
+  */
+export async function getAnonymousToken(scope) {
+    const url = getTokenEndpoint();
+    url.pathname = '/api/media/v1/oauth/token';
+    url.searchParams.append('grant_type', 'client_credentials');
+    url.searchParams.append('scope', scope);
+    url.searchParams.append('client_id', env.PRIVATE_OMERLO_CLIENT_ID);
+    url.searchParams.append('client_secret', env.PRIVATE_OMERLO_CLIENT_SECRET);
+    const resp = await fetch(url, { method: 'POST' });
+    if (resp.ok) {
+        return await resp.json().then(parseTokenResponse);
+    }
+    const payload = await resp.json();
+    throw new ApiError(resp.status, payload.error, resp.statusText);
+}
+function getTokenEndpoint() {
+    return new URL(`${env.PRIVATE_OMERLO_PROTOCOL}://${env.PRIVATE_OMERLO_HOST}`);
+}
+function parseTokenResponse(data) {
+    return {
+        accessToken: data.access_token,
+        refreshToken: data.refresh_token,
+        expiresIn: data.expires_in,
+        tokenType: data.token_type,
+    };
+}

package/dist/omerlo/reader/server/utils.d.ts

@@ -0,0 +1,14 @@
+import type { UserSession } from "../stores/user_session";
+import type { Cookies } from '@sveltejs/kit';
+import { type OmerloToken } from "./token";
+export declare function loadUserSession(f: typeof fetch, cookies: Cookies): Promise<UserSession>;
+export declare function isAuthenticated(cookies: Cookies): boolean;
+export declare function setAuthorizationCookies(cookies: Cookies, token: OmerloToken): void;
+export declare function clearAuthorizationCookies(cookies: Cookies): void;
+export declare function clearAuthorizationUsingHeader(headers: Headers): void;
+export declare function getAccessTokenFromCookie(cookies: Cookies): string | null;
+export declare function getRefreshTokenFromCookie(cookies: Cookies): string | null;
+/**
+  * Get the token used by the application.
+  */
+export declare function getApplicationToken(): Promise<string>;

package/dist/omerlo/reader/server/utils.js

@@ -0,0 +1,82 @@
+import { useReader } from "../..";
+import { getAnonymousToken, refresh } from "./token";
+export async function loadUserSession(f, cookies) {
+    const userSession = { verified: false, authenticated: false, user: null };
+    if (isAuthenticated(cookies)) {
+        userSession.authenticated = true;
+        try {
+            const userInfo = await useReader(f).userInfo().then((resp) => resp.data);
+            userSession.verified = true;
+            userSession.user = userInfo;
+        }
+        catch (_e) {
+            userSession.verified = false;
+        }
+    }
+    return userSession;
+}
+export function isAuthenticated(cookies) {
+    return cookies.get('logged_in') == 'true';
+}
+const accessTokenCookieName = 'access_token';
+const refreshTokenCookieName = 'refresh_token';
+export function setAuthorizationCookies(cookies, token) {
+    cookies.set('logged_in', 'true', { path: '/', httpOnly: false });
+    cookies.set(accessTokenCookieName, token.accessToken, { httpOnly: true, path: '/', maxAge: token.expiresIn - 60 });
+    cookies.set(refreshTokenCookieName, token.refreshToken, { httpOnly: true, path: '/' });
+}
+export function clearAuthorizationCookies(cookies) {
+    cookies.delete(accessTokenCookieName, { path: '/' });
+    cookies.delete(refreshTokenCookieName, { path: '/' });
+    cookies.delete('logged_in', { path: '/', httpOnly: false });
+}
+export function clearAuthorizationUsingHeader(headers) {
+    headers.append('Set-Cookie', `${accessTokenCookieName}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
+    headers.append('Set-Cookie', `${refreshTokenCookieName}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
+    headers.append('Set-Cookie', `logged_in=; Path=/; Secure; SameSite=Lax; Max-Age=0`);
+    headers.append('x-logout', `true`);
+}
+export function getAccessTokenFromCookie(cookies) {
+    return cookies.get(accessTokenCookieName) || null;
+}
+export function getRefreshTokenFromCookie(cookies) {
+    return cookies.get(refreshTokenCookieName) || null;
+}
+const applicationToken = {
+    accessToken: '',
+    refreshToken: '',
+    expiredAt: 0,
+    init: false,
+};
+/**
+  * Get the token used by the application.
+  */
+export async function getApplicationToken() {
+    if (!applicationToken.init) {
+        await newApplicationToken();
+    }
+    else if (applicationToken.expiredAt < new Date().getTime()) {
+        await refreshApplicationToken();
+    }
+    return applicationToken.accessToken;
+}
+async function refreshApplicationToken() {
+    if (!applicationToken.refreshToken) {
+        throw new Error('Could not refresh the application token because the refresh token is null');
+    }
+    const token = await refresh(applicationToken.refreshToken);
+    applicationToken.accessToken = token.accessToken;
+    applicationToken.refreshToken = token.refreshToken;
+    const date = new Date();
+    const timestamps = date.setSeconds(date.getSeconds() + token.expiresIn - 60);
+    applicationToken.expiredAt = timestamps;
+}
+async function newApplicationToken() {
+    const token = await getAnonymousToken('application');
+    applicationToken.init = true;
+    applicationToken.accessToken = token.accessToken;
+    applicationToken.refreshToken = token.refreshToken;
+    const date = new Date();
+    const timestamps = date.setSeconds(date.getSeconds() + token.expiresIn - 60);
+    applicationToken.expiredAt = timestamps;
+}

package/dist/omerlo/reader/stores/user_session.d.ts

@@ -0,0 +1,14 @@
+import type { UserInfo } from "../endpoints/accounts";
+import { type Readable } from "svelte/store";
+export interface UserSession {
+    user: UserInfo | null;
+    verified: boolean;
+    authenticated: boolean;
+}
+export declare function initUserSession(session: UserSession): ReadableUserSession;
+interface ReadableUserSession extends Readable<UserSession> {
+    refresh: () => void;
+    handleLogout: () => void;
+}
+export declare function getUserSession(): ReadableUserSession;
+export {};

package/dist/omerlo/reader/stores/user_session.js

@@ -0,0 +1,58 @@
+import { getContext, setContext } from "svelte";
+import { writable } from "svelte/store";
+import { browser } from "$app/environment";
+import { useReader } from "../..";
+import { invalidate } from "$app/navigation";
+const anonymousUserSession = {
+    user: null,
+    verified: false,
+    authenticated: false,
+};
+export function initUserSession(session) {
+    const { subscribe, update, set } = writable(session);
+    if (browser) {
+        localStorage.setItem('user_session', JSON.stringify(session));
+        addEventListener('storage', (event) => {
+            if (event.key != 'user_session')
+                return;
+            if (!event.newValue) {
+                set(anonymousUserSession);
+            }
+            else {
+                const userSession = JSON.parse(event.newValue);
+                set(userSession);
+            }
+        });
+    }
+    const ctx = {
+        subscribe,
+        handleLogout: () => {
+            if (!browser) {
+                throw new Error("MUST NOT call refresh on user session from server side.");
+            }
+            invalidate('omerlo:user_session');
+            update(updateUserInfo(null, false));
+        },
+        refresh: async () => {
+            if (!browser) {
+                throw new Error("MUST NOT call refresh on user session from server side.");
+            }
+            const userInfo = await useReader(fetch).userInfo().then((resp) => resp.data);
+            update(updateUserInfo(userInfo, true));
+        }
+    };
+    setContext('user_session', ctx);
+    return ctx;
+}
+const updateUserInfo = (userInfo, authenticated) => {
+    return (session) => {
+        session.user = userInfo;
+        session.verified = userInfo != null;
+        session.authenticated = authenticated;
+        localStorage.setItem('user_session', JSON.stringify(session));
+        return session;
+    };
+};
+export function getUserSession() {
+    return getContext('user_session');
+}

package/dist/omerlo/reader/utils/api.d.ts

@@ -0,0 +1,29 @@
+import { type Assoc } from './assocs';
+export type ApiAssocs = Record<string, Record<string, Assoc>>;
+export declare function parseApiResponse<T>(response: Response, parser: (data: ApiData, assocs: ApiAssocs) => T): Promise<ApiResponse<T>>;
+export declare function parseMany<T>(parser: (data: ApiData, assocs: ApiAssocs) => T): (response: ApiData[], assocs: ApiAssocs) => T[];
+export interface ApiResponse<T> {
+    ok: boolean;
+    errors: ApiData[];
+    status: number;
+    parser: (data: ApiData, assocs: ApiAssocs) => T;
+    data: T | null;
+    meta: ApiResponseMeta | null;
+}
+export interface ApiResponseMeta {
+    next: string | null;
+}
+export interface ApiParams {
+    locale?: string | null;
+}
+export interface PagingParams extends ApiParams {
+    limit?: number | null;
+    after?: string | null;
+    before?: string | null;
+}
+export type ApiData = any;
+export declare class ApiError extends Error {
+    readonly status: number;
+    readonly payload: any;
+    constructor(status: number, payload: any, ...params: any[]);
+}

package/dist/omerlo/reader/utils/api.js

@@ -0,0 +1,27 @@
+import { parseAssocs } from './assocs';
+export async function parseApiResponse(response, parser) {
+    const payload = await response.json();
+    let data = null, meta = null;
+    if (response.ok) {
+        parseAssocs(payload.assocs);
+        meta = payload.meta;
+        data = parser(payload.data, payload.assocs);
+    }
+    const errors = payload.errors || [];
+    return { ok: response.ok, status: response.status, parser, meta, data, errors };
+}
+export function parseMany(parser) {
+    return (response, assocs) => {
+        return response.map((data) => parser(data, assocs));
+    };
+}
+export class ApiError extends Error {
+    status;
+    payload;
+    constructor(status, payload, ...params) {
+        super(...params);
+        this.status = status;
+        this.payload = payload;
+    }
+}
+/* eslint-enable @typescript-eslint/no-explicit-any */

package/dist/omerlo/reader/utils/assocs.d.ts

@@ -0,0 +1,15 @@
+import type { ApiAssocs } from './api';
+export declare function registerAssocParser(assocName: string, parser: (arg: unknown) => unknown): void;
+/**
+ * Return the assoc corresponding the given `id`
+ */
+export declare function getAssoc<T>(assocs: ApiAssocs, name: string, id: string): T;
+/**
+ * Return assocs corresponding given `ids`
+ */
+export declare function getAssocs<T>(assocs: ApiAssocs, name: string, ids: string[]): T[];
+/**
+ * Parse all assocs using an ordering system to prevent any clone.
+ */
+export declare function parseAssocs(apiAssocs: ApiAssocs): void;
+export type Assoc = unknown;

package/dist/omerlo/reader/utils/assocs.js

@@ -0,0 +1,32 @@
+const assocsParsers = {};
+export function registerAssocParser(assocName, parser) {
+    assocsParsers[assocName] = parser;
+}
+/**
+ * Return the assoc corresponding the given `id`
+ */
+export function getAssoc(assocs, name, id) {
+    const assoc = assocs[name]?.[id];
+    if (assoc == undefined) {
+        console.error(`Assoc ${name} not found`);
+    }
+    return assoc;
+}
+/**
+ * Return assocs corresponding given `ids`
+ */
+export function getAssocs(assocs, name, ids) {
+    return ids.map((id) => getAssoc(assocs, name, id));
+}
+/**
+ * Parse all assocs using an ordering system to prevent any clone.
+ */
+export function parseAssocs(apiAssocs) {
+    for (const assocName in apiAssocs) {
+        const assocs = apiAssocs[assocName];
+        for (const assocId in assocs) {
+            const assoc = assocs[assocId];
+            assocs[assocId] = assocsParsers[assocName](assoc, apiAssocs);
+        }
+    }
+}

package/dist/omerlo/reader/utils/request.d.ts

@@ -0,0 +1,15 @@
+import type { ApiAssocs, ApiData, ApiResponse } from './api';
+type FetchOptions<T> = {
+    parser?: (data: ApiData, assocs: ApiAssocs) => T;
+    queryParams?: ApiData;
+    method?: string;
+    body?: ApiData;
+};
+export declare function request<T>(f: typeof fetch, path: string, opts: FetchOptions<T>): Promise<ApiResponse<T>>;
+type DirtyFetchOptions = {
+    queryParams?: ApiData;
+    method?: string;
+    body?: ApiData;
+};
+export declare function dirtyRequest(f: typeof fetch, path: string, opts?: DirtyFetchOptions): Promise<Response>;
+export {};

package/dist/omerlo/reader/utils/request.js

@@ -0,0 +1,27 @@
+import { parseApiResponse } from './api';
+import { BROWSER } from 'esm-env';
+export async function request(f, path, opts) {
+    const parser = opts.parser || ((data) => data);
+    return dirtyRequest(f, path, opts).then(async (resp) => {
+        return parseApiResponse(resp, parser);
+    });
+}
+export async function dirtyRequest(f, path, opts) {
+    const queryParams = new URLSearchParams();
+    path = `/api/media/v1${path}`;
+    if (opts?.queryParams) {
+        Object.entries(opts.queryParams).forEach(([key, value]) => {
+            queryParams.append(key, String(value));
+        });
+        path = `${path}?${queryParams}`;
+    }
+    const headers = { 'Content-Type': 'application/json' };
+    const resp = await f(path.toString(), { method: opts.method, body: JSON.stringify(opts.body), headers });
+    if (BROWSER && resp.headers.get('x-logout') == 'true') {
+        const webkitComponent = document.getElementById('omerlo-webkit');
+        if (webkitComponent) {
+            webkitComponent.dispatchEvent(new Event('logout'));
+        }
+    }
+    return resp;
+}

package/dist/omerlo/reader/utils/response.d.ts

@@ -0,0 +1,6 @@
+import type { ApiData } from "./api";
+export interface LocalesMetadata {
+    current: string;
+    available: string[];
+}
+export declare function parseLocalesMetadata(meta: ApiData): LocalesMetadata;

package/dist/omerlo/reader/utils/response.js

@@ -0,0 +1,6 @@
+export function parseLocalesMetadata(meta) {
+    return {
+        current: meta.current,
+        available: meta.available,
+    };
+}

package/dist/omerlo/server.d.ts

@@ -0,0 +1 @@
+export * as Reader from './reader/server';

package/dist/omerlo/server.js

@@ -0,0 +1 @@
+export * as Reader from './reader/server';

package/eslint.config.js

@@ -0,0 +1,34 @@
+import prettier from 'eslint-config-prettier';
+import js from '@eslint/js';
+import svelte from 'eslint-plugin-svelte';
+import ts from 'typescript-eslint';
+import globals from 'globals';
+
+export default ts.config(
+  js.configs.recommended,
+  ...ts.configs.recommended,
+  ...svelte.configs['flat/recommended'],
+  prettier,
+  ...svelte.configs['flat/prettier'],
+  {
+    files: ['**/*.svelte'],
+
+    languageOptions: {
+      globals: {
+        ...globals.browser,
+        ...globals.node,
+      },
+      parserOptions: {
+        parser: ts.parser
+      }
+    }
+  },
+  {
+    ignores: ['build/', '.svelte-kit/', 'dist/']
+  },
+  {
+    rules: {
+      '@typescript-eslint/no-unused-vars': ['warn', { argsIgnorePattern: '^_' }]
+    }
+  }
+);

package/package.json

@@ -0,0 +1,79 @@
+{
+  "name": "@omerlo/omerlo-webkit",
+  "version": "0.0.2",
+  "scripts": {
+    "dev": "vite dev",
+    "build": "vite build && npm run package",
+    "preview": "vite preview",
+    "package": "svelte-kit sync && svelte-package && publint",
+    "prepublishOnly": "npm run package",
+    "check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
+    "check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
+    "format": "prettier --write .",
+    "lint": "prettier --check . && eslint ."
+  },
+  "files": [
+    "dist",
+    "!dist/**/*.test.*",
+    "!dist/**/*.spec.*"
+  ],
+  "sideEffects": [
+    "**/*.css"
+  ],
+  "svelte": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "svelte": "./dist/index.js"
+    },
+    "./reader": {
+      "types": "./dist/omerlo/reader/index.d.ts",
+      "svelte": "./dist/omerlo/reader/index.js"
+    },
+    "./reader/server": {
+      "types": "./dist/omerlo/reader/server/index.d.ts",
+      "svelte": "./dist/omerlo/reader/server/index.js"
+    }
+  },
+  "peerDependencies": {
+    "@sveltejs/kit": "^2.0.0",
+    "svelte": "^5.0.0"
+  },
+  "devDependencies": {
+    "@sveltejs/adapter-auto": "^3.0.0",
+    "@sveltejs/kit": "^2.0.0",
+    "@sveltejs/package": "^2.0.0",
+    "@sveltejs/vite-plugin-svelte": "^4.0.0",
+    "@types/eslint": "^9.6.0",
+    "@types/eslint-config-prettier": "^6.11.3",
+    "autoprefixer": "^10.4.20",
+    "eslint": "^9.7.0",
+    "eslint-config-prettier": "^9.1.0",
+    "eslint-plugin-svelte": "^2.36.0",
+    "globals": "^15.0.0",
+    "prettier": "^3.3.2",
+    "prettier-plugin-svelte": "^3.2.6",
+    "prettier-plugin-tailwindcss": "^0.6.5",
+    "publint": "^0.2.0",
+    "svelte": "^5.0.0",
+    "svelte-check": "^4.0.0",
+    "typescript": "^5.0.0",
+    "typescript-eslint": "^8.0.0",
+    "vite": "^5.0.11"
+  },
+  "description": "This webkit is a wapper arround Omerlo's API to create quickly a website using Omerlo.",
+  "main": "eslint.config.js",
+  "directories": { },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Omerlo-Technologies/omerlo-webkit.git"
+  },
+  "author": "Omerlo Technologies",
+  "license": "ISC",
+  "bugs": {
+    "url": "https://github.com/Omerlo-Technologies/omerlo-webkit/issues"
+  },
+  "homepage": "https://github.com/Omerlo-Technologies/omerlo-webkit#readme"
+}