@phalanx-engine/client 0.1.0

package/dist/auth/adapters/GoogleOAuthAdapter.js

@@ -0,0 +1,521 @@
+/**
+ * Google OAuth Adapter
+ *
+ * OAuth 2.0 adapter for Google Sign-In using PKCE flow.
+ * This is a client-side only implementation that doesn't require a backend.
+ */
+// ============================================
+// Google OAuth Adapter
+// ============================================
+/**
+ * Google OAuth adapter using PKCE flow.
+ *
+ * Features:
+ * - PKCE (Proof Key for Code Exchange) for security
+ * - State parameter for CSRF protection
+ * - Nonce for replay protection
+ * - ID token validation
+ * - Automatic token refresh
+ *
+ * @example
+ * ```typescript
+ * const adapter = new GoogleOAuthAdapter({
+ *   clientId: 'your-client-id.apps.googleusercontent.com'
+ * });
+ *
+ * // Generate login URL
+ * const loginUrl = adapter.getLoginUrl();
+ * window.location.href = loginUrl;
+ *
+ * // Handle callback (on /auth/callback page)
+ * const result = await adapter.handleCallback({
+ *   code: new URLSearchParams(location.search).get('code'),
+ *   state: new URLSearchParams(location.search).get('state')
+ * });
+ * ```
+ */
+export class GoogleOAuthAdapter {
+    provider = 'google';
+    config;
+    // Storage keys for PKCE
+    VERIFIER_KEY = 'phalanx_google_verifier';
+    CHALLENGE_KEY = 'phalanx_google_challenge';
+    STATE_KEY = 'phalanx_google_state';
+    NONCE_KEY = 'phalanx_google_nonce';
+    /**
+     * Create a new Google OAuth adapter.
+     * @param config - Google OAuth configuration
+     */
+    constructor(config) {
+        this.config = {
+            scopes: ['openid', 'profile', 'email'],
+            ...config,
+        };
+    }
+    // ─────────────────────────────────────────────────────────────────
+    // AuthAdapter Interface
+    // ─────────────────────────────────────────────────────────────────
+    /**
+     * Generate the Google OAuth authorization URL.
+     *
+     * This method:
+     * 1. Generates PKCE code verifier and challenge
+     * 2. Generates state for CSRF protection
+     * 3. Generates nonce for ID token validation
+     * 4. Stores values in sessionStorage for callback validation
+     * 5. Returns the authorization URL
+     *
+     * Note: Call preparePKCE() before this if you need async SHA-256 challenge.
+     * If not called, uses plain verifier as challenge (works with some providers).
+     *
+     * @param options - Optional login options
+     * @returns Authorization URL to redirect user to
+     */
+    getLoginUrl(options) {
+        // Check if PKCE was pre-computed
+        let codeVerifier = typeof sessionStorage !== 'undefined'
+            ? sessionStorage.getItem(this.VERIFIER_KEY)
+            : null;
+        let codeChallenge = typeof sessionStorage !== 'undefined'
+            ? sessionStorage.getItem(this.CHALLENGE_KEY)
+            : null;
+        // Generate new PKCE values if not pre-computed
+        if (!codeVerifier || !codeChallenge) {
+            codeVerifier = this.generateCodeVerifier();
+            // For sync operation, use plain method (S256 requires async)
+            // We'll compute proper S256 challenge inline using a workaround
+            codeChallenge = codeVerifier; // Fallback - will be replaced if preparePKCE was called
+        }
+        const state = options?.state || this.generateRandomString();
+        const nonce = options?.nonce || this.generateRandomString();
+        // Store for callback validation
+        if (typeof sessionStorage !== 'undefined') {
+            sessionStorage.setItem(this.VERIFIER_KEY, codeVerifier);
+            sessionStorage.setItem(this.STATE_KEY, state);
+            sessionStorage.setItem(this.NONCE_KEY, nonce);
+            // Clear challenge key (will be regenerated on next preparePKCE)
+            sessionStorage.removeItem(this.CHALLENGE_KEY);
+        }
+        // Merge scopes
+        const scopes = options?.scopes
+            ? [...new Set([...this.config.scopes, ...options.scopes])]
+            : this.config.scopes;
+        // Build authorization URL
+        // Use 'plain' method if challenge equals verifier, otherwise 'S256'
+        const challengeMethod = codeChallenge === codeVerifier ? 'plain' : 'S256';
+        const params = new URLSearchParams({
+            client_id: this.config.clientId,
+            redirect_uri: options?.redirectUri || this.getRedirectUri(),
+            response_type: 'code',
+            scope: scopes.join(' '),
+            code_challenge: codeChallenge,
+            code_challenge_method: challengeMethod,
+            state: state,
+            nonce: nonce,
+            access_type: 'offline', // Request refresh token
+            include_granted_scopes: 'true',
+        });
+        // Optional parameters
+        if (options?.prompt) {
+            params.set('prompt', options.prompt);
+        }
+        if (options?.loginHint) {
+            params.set('login_hint', options.loginHint);
+        }
+        if (this.config.hostedDomain) {
+            params.set('hd', this.config.hostedDomain);
+        }
+        return `https://accounts.google.com/o/oauth2/v2/auth?${params}`;
+    }
+    /**
+     * Prepare PKCE values asynchronously before calling getLoginUrl().
+     * This computes the proper SHA-256 code challenge.
+     *
+     * Call this before login() for proper S256 PKCE:
+     * ```typescript
+     * await adapter.preparePKCE();
+     * const url = adapter.getLoginUrl();
+     * ```
+     */
+    async preparePKCE() {
+        const codeVerifier = this.generateCodeVerifier();
+        const codeChallenge = await this.computeCodeChallenge(codeVerifier);
+        if (typeof sessionStorage !== 'undefined') {
+            sessionStorage.setItem(this.VERIFIER_KEY, codeVerifier);
+            sessionStorage.setItem(this.CHALLENGE_KEY, codeChallenge);
+        }
+    }
+    /**
+     * Compute SHA-256 code challenge from verifier (async).
+     */
+    async computeCodeChallenge(verifier) {
+        const encoder = new TextEncoder();
+        const data = encoder.encode(verifier);
+        const digest = await crypto.subtle.digest('SHA-256', data);
+        return this.base64UrlEncode(new Uint8Array(digest));
+    }
+    /**
+     * Handle the OAuth callback from Google.
+     *
+     * This method:
+     * 1. Validates the state parameter (CSRF protection)
+     * 2. Retrieves the stored PKCE verifier
+     * 3. Exchanges the authorization code for tokens
+     * 4. Validates the ID token
+     * 5. Returns the auth result
+     *
+     * @param params - Callback parameters from URL
+     * @returns Auth result with user info and tokens
+     */
+    async handleCallback(params) {
+        // Validate state (CSRF protection)
+        const storedState = typeof sessionStorage !== 'undefined'
+            ? sessionStorage.getItem(this.STATE_KEY)
+            : null;
+        if (!storedState || storedState !== params.state) {
+            return {
+                valid: false,
+                error: 'Invalid state parameter. Possible CSRF attack.',
+                errorCode: 'invalid_state',
+            };
+        }
+        // Get stored PKCE verifier
+        const codeVerifier = typeof sessionStorage !== 'undefined'
+            ? sessionStorage.getItem(this.VERIFIER_KEY)
+            : null;
+        if (!codeVerifier) {
+            return {
+                valid: false,
+                error: 'Code verifier not found. Please start authentication again.',
+                errorCode: 'missing_verifier',
+            };
+        }
+        // Get stored nonce
+        const nonce = typeof sessionStorage !== 'undefined'
+            ? sessionStorage.getItem(this.NONCE_KEY)
+            : null;
+        // Clear stored values
+        if (typeof sessionStorage !== 'undefined') {
+            sessionStorage.removeItem(this.VERIFIER_KEY);
+            sessionStorage.removeItem(this.STATE_KEY);
+            sessionStorage.removeItem(this.NONCE_KEY);
+        }
+        // Handle error from Google
+        if (params.error) {
+            return {
+                valid: false,
+                error: params.errorDescription || params.error,
+                errorCode: params.error,
+            };
+        }
+        if (!params.code) {
+            return {
+                valid: false,
+                error: 'No authorization code received',
+                errorCode: 'missing_code',
+            };
+        }
+        try {
+            // Exchange code for tokens
+            const tokens = await this.exchangeCodeForTokens(params.code, codeVerifier, this.getRedirectUri());
+            // Decode and validate ID token
+            const idTokenPayload = this.decodeIdToken(tokens.id_token);
+            // Validate ID token claims
+            const validationError = this.validateIdToken(idTokenPayload, nonce);
+            if (validationError) {
+                return {
+                    valid: false,
+                    error: validationError,
+                    errorCode: 'invalid_id_token',
+                };
+            }
+            return {
+                valid: true,
+                playerId: idTokenPayload.sub,
+                username: idTokenPayload.name,
+                email: idTokenPayload.email,
+                avatarUrl: idTokenPayload.picture,
+                provider: 'google',
+                token: tokens.id_token,
+                accessToken: tokens.access_token,
+                refreshToken: tokens.refresh_token,
+                expiresAt: Date.now() + tokens.expires_in * 1000,
+            };
+        }
+        catch (error) {
+            return {
+                valid: false,
+                error: error instanceof Error ? error.message : 'Token exchange failed',
+                errorCode: 'token_exchange_failed',
+            };
+        }
+    }
+    /**
+     * Refresh an expired token using the refresh token.
+     *
+     * @param refreshToken - The refresh token to use
+     * @returns New auth result or null if refresh failed
+     */
+    async refreshToken(refreshToken) {
+        try {
+            const response = await fetch('https://oauth2.googleapis.com/token', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                },
+                body: new URLSearchParams({
+                    client_id: this.config.clientId,
+                    refresh_token: refreshToken,
+                    grant_type: 'refresh_token',
+                }),
+            });
+            if (!response.ok) {
+                const error = await response.json();
+                console.error('[GoogleOAuth] Refresh failed:', error);
+                return null;
+            }
+            const tokens = (await response.json());
+            const idTokenPayload = this.decodeIdToken(tokens.id_token);
+            return {
+                valid: true,
+                playerId: idTokenPayload.sub,
+                username: idTokenPayload.name,
+                email: idTokenPayload.email,
+                avatarUrl: idTokenPayload.picture,
+                provider: 'google',
+                token: tokens.id_token,
+                accessToken: tokens.access_token,
+                // Note: Google doesn't return new refresh_token on refresh
+                expiresAt: Date.now() + tokens.expires_in * 1000,
+            };
+        }
+        catch (error) {
+            console.error('[GoogleOAuth] Refresh error:', error);
+            return null;
+        }
+    }
+    /**
+     * Revoke a token (logout from Google).
+     *
+     * @param token - The token to revoke
+     */
+    async revokeToken(token) {
+        try {
+            await fetch(`https://oauth2.googleapis.com/revoke?token=${token}`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                },
+            });
+        }
+        catch (error) {
+            console.warn('[GoogleOAuth] Revoke failed:', error);
+        }
+    }
+    /**
+     * Check if this adapter can handle the given token.
+     *
+     * @param token - Token to check
+     * @returns True if token is a Google ID token
+     */
+    canHandle(token) {
+        try {
+            const payload = this.decodeIdToken(token);
+            return (payload.iss === 'https://accounts.google.com' ||
+                payload.iss === 'accounts.google.com');
+        }
+        catch {
+            return false;
+        }
+    }
+    // ─────────────────────────────────────────────────────────────────
+    // Private Methods
+    // ─────────────────────────────────────────────────────────────────
+    /**
+     * Exchange authorization code for tokens.
+     * Uses backend endpoint if configured, otherwise calls Google directly.
+     */
+    async exchangeCodeForTokens(code, codeVerifier, redirectUri) {
+        // Use backend token exchange if configured (recommended for security)
+        if (this.config.tokenExchangeUrl) {
+            return this.exchangeCodeViaBackend(code, codeVerifier, redirectUri);
+        }
+        // Direct exchange with Google (requires client_secret on server or native app)
+        return this.exchangeCodeDirect(code, codeVerifier, redirectUri);
+    }
+    /**
+     * Exchange code via our backend server (secure - keeps client_secret on server)
+     */
+    async exchangeCodeViaBackend(code, codeVerifier, redirectUri) {
+        const response = await fetch(this.config.tokenExchangeUrl, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+            },
+            body: JSON.stringify({
+                code,
+                codeVerifier,
+                redirectUri,
+                provider: 'google',
+            }),
+        });
+        if (!response.ok) {
+            const error = await response.json();
+            throw new Error(error.error || error.message || 'Token exchange failed');
+        }
+        const result = await response.json();
+        if (!result.success) {
+            throw new Error(result.error || 'Token exchange failed');
+        }
+        // Map backend response to GoogleTokenResponse format
+        return {
+            id_token: result.idToken,
+            access_token: result.accessToken,
+            expires_in: result.expiresIn || 3600,
+            scope: 'openid profile email',
+            token_type: 'Bearer',
+            refresh_token: result.refreshToken,
+        };
+    }
+    /**
+     * Exchange code directly with Google (won't work for Web apps without client_secret)
+     */
+    async exchangeCodeDirect(code, codeVerifier, redirectUri) {
+        const response = await fetch('https://oauth2.googleapis.com/token', {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/x-www-form-urlencoded',
+            },
+            body: new URLSearchParams({
+                client_id: this.config.clientId,
+                code,
+                code_verifier: codeVerifier,
+                grant_type: 'authorization_code',
+                redirect_uri: redirectUri,
+            }),
+        });
+        if (!response.ok) {
+            const error = await response.json();
+            throw new Error(error.error_description || error.error || 'Token exchange failed');
+        }
+        return response.json();
+    }
+    /**
+     * Decode a JWT ID token (without verification - verification done via claims).
+     */
+    decodeIdToken(idToken) {
+        const parts = idToken.split('.');
+        if (parts.length !== 3 || !parts[1]) {
+            throw new Error('Invalid ID token format');
+        }
+        const payloadBase64 = parts[1];
+        const payloadJson = this.base64UrlDecode(payloadBase64);
+        return JSON.parse(payloadJson);
+    }
+    /**
+     * Validate ID token claims.
+     */
+    validateIdToken(payload, nonce) {
+        // Check issuer
+        if (payload.iss !== 'https://accounts.google.com' &&
+            payload.iss !== 'accounts.google.com') {
+            return 'Invalid issuer';
+        }
+        // Check audience
+        if (payload.aud !== this.config.clientId) {
+            return 'Invalid audience';
+        }
+        // Check expiration (with 5 minute leeway)
+        if (payload.exp * 1000 < Date.now() - 5 * 60 * 1000) {
+            return 'Token expired';
+        }
+        // Check nonce (replay protection)
+        if (nonce && payload.nonce !== nonce) {
+            return 'Invalid nonce';
+        }
+        // Check hosted domain if configured
+        if (this.config.hostedDomain && payload.hd !== this.config.hostedDomain) {
+            return `User must be from ${this.config.hostedDomain} domain`;
+        }
+        return null;
+    }
+    /**
+     * Get the redirect URI.
+     */
+    getRedirectUri() {
+        if (this.config.redirectUri) {
+            return this.config.redirectUri;
+        }
+        if (typeof window !== 'undefined') {
+            return `${window.location.origin}/auth/callback`;
+        }
+        return '/auth/callback';
+    }
+    // ─────────────────────────────────────────────────────────────────
+    // PKCE Helpers
+    // ─────────────────────────────────────────────────────────────────
+    /**
+     * Generate a random code verifier for PKCE.
+     * 43-128 characters from unreserved URI characters.
+     */
+    generateCodeVerifier() {
+        const array = new Uint8Array(32);
+        crypto.getRandomValues(array);
+        return this.base64UrlEncode(array);
+    }
+    /**
+     * Generate a random string for state/nonce.
+     */
+    generateRandomString() {
+        const array = new Uint8Array(16);
+        crypto.getRandomValues(array);
+        return this.base64UrlEncode(array);
+    }
+    /**
+     * Base64URL encode a Uint8Array.
+     */
+    base64UrlEncode(buffer) {
+        let binary = '';
+        for (let i = 0; i < buffer.length; i++) {
+            binary += String.fromCharCode(buffer[i] ?? 0);
+        }
+        const base64 = btoa(binary);
+        return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+    }
+    /**
+     * Base64URL decode a string.
+     */
+    base64UrlDecode(input) {
+        // Convert base64url to base64
+        let base64 = input.replace(/-/g, '+').replace(/_/g, '/');
+        // Add padding if needed
+        const padding = base64.length % 4;
+        if (padding) {
+            base64 += '='.repeat(4 - padding);
+        }
+        return atob(base64);
+    }
+}
+// ============================================
+// Async PKCE Helper (for production use)
+// ============================================
+/**
+ * Compute SHA-256 code challenge asynchronously.
+ * Use this for production-ready PKCE implementation.
+ *
+ * @param verifier - The code verifier
+ * @returns Base64URL-encoded SHA-256 hash
+ */
+export async function computeCodeChallenge(verifier) {
+    const encoder = new TextEncoder();
+    const data = encoder.encode(verifier);
+    const digest = await crypto.subtle.digest('SHA-256', data);
+    const array = new Uint8Array(digest);
+    let binary = '';
+    for (let i = 0; i < array.length; i++) {
+        binary += String.fromCharCode(array[i] ?? 0);
+    }
+    const base64 = btoa(binary);
+    return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+}
+//# sourceMappingURL=GoogleOAuthAdapter.js.map

package/dist/auth/adapters/GoogleOAuthAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"GoogleOAuthAdapter.js","sourceRoot":"","sources":["../../../src/auth/adapters/GoogleOAuthAdapter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAgDH,+CAA+C;AAC/C,uBAAuB;AACvB,+CAA+C;AAE/C;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,OAAO,kBAAkB;IACpB,QAAQ,GAAG,QAAQ,CAAC;IAErB,MAAM,CACM;IAEpB,wBAAwB;IACP,YAAY,GAAG,yBAAyB,CAAC;IACzC,aAAa,GAAG,0BAA0B,CAAC;IAC3C,SAAS,GAAG,sBAAsB,CAAC;IACnC,SAAS,GAAG,sBAAsB,CAAC;IAEpD;;;OAGG;IACH,YAAY,MAAyB;QACnC,IAAI,CAAC,MAAM,GAAG;YACZ,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;YACtC,GAAG,MAAM;SACV,CAAC;IACJ,CAAC;IAED,oEAAoE;IACpE,wBAAwB;IACxB,oEAAoE;IAEpE;;;;;;;;;;;;;;;OAeG;IACH,WAAW,CAAC,OAAsB;QAChC,iCAAiC;QACjC,IAAI,YAAY,GACd,OAAO,cAAc,KAAK,WAAW;YACnC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC;YAC3C,CAAC,CAAC,IAAI,CAAC;QACX,IAAI,aAAa,GACf,OAAO,cAAc,KAAK,WAAW;YACnC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC;YAC5C,CAAC,CAAC,IAAI,CAAC;QAEX,+CAA+C;QAC/C,IAAI,CAAC,YAAY,IAAI,CAAC,aAAa,EAAE,CAAC;YACpC,YAAY,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC3C,6DAA6D;YAC7D,gEAAgE;YAChE,aAAa,GAAG,YAAY,CAAC,CAAC,wDAAwD;QACxF,CAAC;QAED,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5D,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAE5D,gCAAgC;QAChC,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE,CAAC;YAC1C,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAC9C,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAC9C,gEAAgE;YAChE,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAChD,CAAC;QAED,eAAe;QACf,MAAM,MAAM,GAAG,OAAO,EAAE,MAAM;YAC5B,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;YAC1D,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;QAEvB,0BAA0B;QAC1B,oEAAoE;QACpE,MAAM,eAAe,GAAG,aAAa,KAAK,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;QAE1E,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,YAAY,EAAE,OAAO,EAAE,WAAW,IAAI,IAAI,CAAC,cAAc,EAAE;YAC3D,aAAa,EAAE,MAAM;YACrB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YACvB,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,eAAe;YACtC,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,KAAK;YACZ,WAAW,EAAE,SAAS,EAAE,wBAAwB;YAChD,sBAAsB,EAAE,MAAM;SAC/B,CAAC,CAAC;QAEH,sBAAsB;QACtB,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CAAC,YAAY,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7B,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,gDAAgD,MAAM,EAAE,CAAC;IAClE,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAW;QACf,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QACjD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC;QAEpE,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE,CAAC;YAC1C,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,oBAAoB,CAAC,QAAgB;QACjD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,cAAc,CAAC,MAAsB;QACzC,mCAAmC;QACnC,MAAM,WAAW,GACf,OAAO,cAAc,KAAK,WAAW;YACnC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YACxC,CAAC,CAAC,IAAI,CAAC;QAEX,IAAI,CAAC,WAAW,IAAI,WAAW,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC;YACjD,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,gDAAgD;gBACvD,SAAS,EAAE,eAAe;aAC3B,CAAC;QACJ,CAAC;QAED,2BAA2B;QAC3B,MAAM,YAAY,GAChB,OAAO,cAAc,KAAK,WAAW;YACnC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC;YAC3C,CAAC,CAAC,IAAI,CAAC;QAEX,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,6DAA6D;gBACpE,SAAS,EAAE,kBAAkB;aAC9B,CAAC;QACJ,CAAC;QAED,mBAAmB;QACnB,MAAM,KAAK,GACT,OAAO,cAAc,KAAK,WAAW;YACnC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YACxC,CAAC,CAAC,IAAI,CAAC;QAEX,sBAAsB;QACtB,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE,CAAC;YAC1C,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC7C,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC1C,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC5C,CAAC;QAED,2BAA2B;QAC3B,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,MAAM,CAAC,gBAAgB,IAAI,MAAM,CAAC,KAAK;gBAC9C,SAAS,EAAE,MAAM,CAAC,KAAK;aACxB,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,gCAAgC;gBACvC,SAAS,EAAE,cAAc;aAC1B,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,2BAA2B;YAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAC7C,MAAM,CAAC,IAAI,EACX,YAAY,EACZ,IAAI,CAAC,cAAc,EAAE,CACtB,CAAC;YAEF,+BAA+B;YAC/B,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAE3D,2BAA2B;YAC3B,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;YACpE,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,eAAe;oBACtB,SAAS,EAAE,kBAAkB;iBAC9B,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,QAAQ,EAAE,cAAc,CAAC,GAAG;gBAC5B,QAAQ,EAAE,cAAc,CAAC,IAAI;gBAC7B,KAAK,EAAE,cAAc,CAAC,KAAK;gBAC3B,SAAS,EAAE,cAAc,CAAC,OAAO;gBACjC,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,MAAM,CAAC,QAAQ;gBACtB,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,YAAY,EAAE,MAAM,CAAC,aAAa;gBAClC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,GAAG,IAAI;aACjD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EACH,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB;gBAClE,SAAS,EAAE,uBAAuB;aACnC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY,CAAC,YAAoB;QACrC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,qCAAqC,EAAE;gBAClE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,IAAI,eAAe,CAAC;oBACxB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC/B,aAAa,EAAE,YAAY;oBAC3B,UAAU,EAAE,eAAe;iBAC5B,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACpC,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,KAAK,CAAC,CAAC;gBACtD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAwB,CAAC;YAC9D,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAE3D,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,QAAQ,EAAE,cAAc,CAAC,GAAG;gBAC5B,QAAQ,EAAE,cAAc,CAAC,IAAI;gBAC7B,KAAK,EAAE,cAAc,CAAC,KAAK;gBAC3B,SAAS,EAAE,cAAc,CAAC,OAAO;gBACjC,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,MAAM,CAAC,QAAQ;gBACtB,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,2DAA2D;gBAC3D,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,GAAG,IAAI;aACjD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YACrD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,8CAA8C,KAAK,EAAE,EAAE;gBACjE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;aACF,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,KAAa;QACrB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAC1C,OAAO,CACL,OAAO,CAAC,GAAG,KAAK,6BAA6B;gBAC7C,OAAO,CAAC,GAAG,KAAK,qBAAqB,CACtC,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,kBAAkB;IAClB,oEAAoE;IAEpE;;;OAGG;IACK,KAAK,CAAC,qBAAqB,CACjC,IAAY,EACZ,YAAoB,EACpB,WAAmB;QAEnB,sEAAsE;QACtE,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;QACtE,CAAC;QAED,+EAA+E;QAC/E,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAClE,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,sBAAsB,CAClC,IAAY,EACZ,YAAoB,EACpB,WAAmB;QAEnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAiB,EAAE;YAC1D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,IAAI;gBACJ,YAAY;gBACZ,WAAW;gBACX,QAAQ,EAAE,QAAQ;aACnB,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,IAAI,uBAAuB,CACxD,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAErC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC;QAC3D,CAAC;QAED,qDAAqD;QACrD,OAAO;YACL,QAAQ,EAAE,MAAM,CAAC,OAAO;YACxB,YAAY,EAAE,MAAM,CAAC,WAAW;YAChC,UAAU,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI;YACpC,KAAK,EAAE,sBAAsB;YAC7B,UAAU,EAAE,QAAQ;YACpB,aAAa,EAAE,MAAM,CAAC,YAAY;SACnC,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,kBAAkB,CAC9B,IAAY,EACZ,YAAoB,EACpB,WAAmB;QAEnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,qCAAqC,EAAE;YAClE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;aACpD;YACD,IAAI,EAAE,IAAI,eAAe,CAAC;gBACxB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC/B,IAAI;gBACJ,aAAa,EAAE,YAAY;gBAC3B,UAAU,EAAE,oBAAoB;gBAChC,YAAY,EAAE,WAAW;aAC1B,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,KAAK,CAAC,iBAAiB,IAAI,KAAK,CAAC,KAAK,IAAI,uBAAuB,CAClE,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,OAAe;QACnC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QAED,MAAM,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC/B,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACK,eAAe,CACrB,OAA6B,EAC7B,KAAoB;QAEpB,eAAe;QACf,IACE,OAAO,CAAC,GAAG,KAAK,6BAA6B;YAC7C,OAAO,CAAC,GAAG,KAAK,qBAAqB,EACrC,CAAC;YACD,OAAO,gBAAgB,CAAC;QAC1B,CAAC;QAED,iBAAiB;QACjB,IAAI,OAAO,CAAC,GAAG,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACzC,OAAO,kBAAkB,CAAC;QAC5B,CAAC;QAED,0CAA0C;QAC1C,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;YACpD,OAAO,eAAe,CAAC;QACzB,CAAC;QAED,kCAAkC;QAClC,IAAI,KAAK,IAAI,OAAO,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;YACrC,OAAO,eAAe,CAAC;QACzB,CAAC;QAED,oCAAoC;QACpC,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,OAAO,CAAC,EAAE,KAAK,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACxE,OAAO,qBAAqB,IAAI,CAAC,MAAM,CAAC,YAAY,SAAS,CAAC;QAChE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,cAAc;QACpB,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;QACjC,CAAC;QACD,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YAClC,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,gBAAgB,CAAC;QACnD,CAAC;QACD,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,oEAAoE;IACpE,eAAe;IACf,oEAAoE;IAEpE;;;OAGG;IACK,oBAAoB;QAC1B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAGD;;OAEG;IACK,oBAAoB;QAC1B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,MAAkB;QACxC,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAChD,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5B,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,KAAa;QACnC,8BAA8B;QAC9B,IAAI,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAEzD,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;QACpC,CAAC;QAED,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;CACF;AAED,+CAA+C;AAC/C,yCAAyC;AACzC,+CAA+C;AAE/C;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,QAAgB;IACzD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IAErC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5B,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC"}

package/dist/auth/index.d.ts

@@ -0,0 +1,45 @@
+/**
+ * Phalanx Auth Module
+ *
+ * Managed OAuth authentication for Phalanx games.
+ * Provides drop-in authentication with Google, Discord, and Steam.
+ *
+ * ## Quick Start
+ *
+ * ```typescript
+ * import { AuthManager } from '@phalanx-engine/client/auth';
+ *
+ * const auth = new AuthManager({
+ *   provider: 'google',
+ *   google: {
+ *     clientId: 'your-client-id.apps.googleusercontent.com'
+ *   }
+ * });
+ *
+ * // Check for existing session
+ * const hasSession = await auth.checkSession();
+ *
+ * if (!hasSession) {
+ *   // Login with popup
+ *   await auth.loginWithPopup();
+ * }
+ *
+ * // Get token for Phalanx client
+ * const client = await PhalanxClient.create({
+ *   serverUrl: 'http://localhost:3000',
+ *   playerId: auth.getUser()!.id,
+ *   username: auth.getUser()!.username || 'Player',
+ *   authToken: auth.getToken()!
+ * });
+ * ```
+ *
+ * @packageDocumentation
+ */
+export { AuthManager } from './AuthManager.js';
+export type { AuthManagerConfig } from './AuthManager.js';
+export { GoogleOAuthAdapter } from './adapters/GoogleOAuthAdapter.js';
+export { computeCodeChallenge } from './adapters/GoogleOAuthAdapter.js';
+export { LocalStorageAdapter, MemoryStorageAdapter } from './storage.js';
+export type { AuthStorage } from './storage.js';
+export type { AuthAdapter, LoginOptions, CallbackParams, AuthResult, AuthUser, AuthState, StoredAuthData, AuthError, GoogleOAuthConfig, DiscordOAuthConfig, SteamAuthConfig, } from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAMH,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,YAAY,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAM1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AACtE,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAUxE,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACzE,YAAY,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAMhD,YAAY,EAEV,WAAW,EACX,YAAY,EACZ,cAAc,EACd,UAAU,EAGV,QAAQ,EACR,SAAS,EACT,cAAc,EACd,SAAS,EAGT,iBAAiB,EACjB,kBAAkB,EAClB,eAAe,GAChB,MAAM,YAAY,CAAC"}

package/dist/auth/index.js

@@ -0,0 +1,54 @@
+/**
+ * Phalanx Auth Module
+ *
+ * Managed OAuth authentication for Phalanx games.
+ * Provides drop-in authentication with Google, Discord, and Steam.
+ *
+ * ## Quick Start
+ *
+ * ```typescript
+ * import { AuthManager } from '@phalanx-engine/client/auth';
+ *
+ * const auth = new AuthManager({
+ *   provider: 'google',
+ *   google: {
+ *     clientId: 'your-client-id.apps.googleusercontent.com'
+ *   }
+ * });
+ *
+ * // Check for existing session
+ * const hasSession = await auth.checkSession();
+ *
+ * if (!hasSession) {
+ *   // Login with popup
+ *   await auth.loginWithPopup();
+ * }
+ *
+ * // Get token for Phalanx client
+ * const client = await PhalanxClient.create({
+ *   serverUrl: 'http://localhost:3000',
+ *   playerId: auth.getUser()!.id,
+ *   username: auth.getUser()!.username || 'Player',
+ *   authToken: auth.getToken()!
+ * });
+ * ```
+ *
+ * @packageDocumentation
+ */
+// ============================================
+// Main Auth Manager
+// ============================================
+export { AuthManager } from './AuthManager.js';
+// ============================================
+// OAuth Adapters
+// ============================================
+export { GoogleOAuthAdapter } from './adapters/GoogleOAuthAdapter.js';
+export { computeCodeChallenge } from './adapters/GoogleOAuthAdapter.js';
+// Future adapters:
+// export { DiscordOAuthAdapter } from './adapters/DiscordOAuthAdapter.js';
+// export { SteamAuthAdapter } from './adapters/SteamAuthAdapter.js';
+// ============================================
+// Storage
+// ============================================
+export { LocalStorageAdapter, MemoryStorageAdapter } from './storage.js';
+//# sourceMappingURL=index.js.map

package/dist/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAEH,+CAA+C;AAC/C,oBAAoB;AACpB,+CAA+C;AAE/C,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAG/C,+CAA+C;AAC/C,iBAAiB;AACjB,+CAA+C;AAE/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AACtE,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAExE,mBAAmB;AACnB,2EAA2E;AAC3E,qEAAqE;AAErE,+CAA+C;AAC/C,UAAU;AACV,+CAA+C;AAE/C,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC"}