@propelauth/nextjs 0.0.86 → 0.0.92

package/dist/client/index.js

@@ -258,7 +258,7 @@ function isEqual(a, b) {
 }
 
 // src/client/AuthProvider.tsx
-var import_navigation = require("next/navigation");
+var import_navigation = require("next/navigation.js");
 
 // src/client/useUser.tsx
 var import_react = require("react");

package/dist/client/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/client/index.ts","../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo} from \"../user\"\nexport {UserFromToken, OrgMemberInfo} from \"../user\"\nexport {AuthProvider} from \"./AuthProvider\"\nexport type {AuthProviderProps} from \"./AuthProvider\"\nexport {useUser, User} from \"./useUser\"\nexport type {UseUser, UseUserLoading, UseUserLoggedIn, UseUserNotLoggedIn} from \"./useUser\"\nexport {useHostedPageUrls} from \"./useHostedPageUrls\"\nexport {useLogoutFunction} from \"./useLogoutFunction\"\nexport {useRedirectFunctions, RedirectToLogin, RedirectToSignup} from \"./useRedirectFunctions\"\nexport type {RedirectProps} from \"./useRedirectFunctions\"\nexport {useRefreshAuth} from \"./useRefreshAuth\"","export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation\";\nimport {User} from \"./useUser\";\nimport {toOrgIdToOrgMemberInfo} from \"../user\";\n\ninterface InternalAuthState {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    logout: () => Promise<void>\n\n    redirectToLoginPage: () => void\n    redirectToSignupPage: () => void\n    redirectToAccountPage: () => void\n    redirectToOrgPage: (orgId?: string) => void\n    redirectToCreateOrgPage: () => void\n    redirectToSetupSAMLPage: (orgId: string) => void\n\n    getSignupPageUrl(): string\n\n    getLoginPageUrl(): string\n\n    getAccountPageUrl(): string\n\n    getOrgPageUrl(orgId?: string): string\n\n    getCreateOrgPageUrl(): string\n\n    getSetupSAMLPageUrl(orgId: string): string\n\n    refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n    authUrl: string\n    children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\ntype AuthState = {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    // There's no good way to trigger server components to reload outside of router.refresh()\n    // This is our workaround until the app router has something better\n    authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n    loading: true,\n    userAndAccessToken: {\n        user: undefined,\n        accessToken: undefined,\n    },\n    authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n    const authChangeDetected = !_state.loading && !isEqual(action.user, _state.userAndAccessToken.user)\n\n    if (!action.user) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: undefined,\n                accessToken: undefined,\n            },\n            authChangeDetected,\n        }\n    } else if (_state.loading) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected,\n        }\n    } else {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected\n        }\n    }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n    const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n    const router = useRouter()\n\n    const dispatch = useCallback((action: AuthStateAction) => {\n        dispatchInner(action)\n        saveUserToLocalStorage(action.user)\n    }, [dispatchInner])\n\n    // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n    // Once server actions isn't alpha, we can hopefully use that instead\n    useEffect(() => {\n        if (authState.authChangeDetected) {\n            router.refresh()\n        }\n    }, [authState.authChangeDetected, router])\n\n    // Trigger an initial refresh\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshAuthInfo() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        refreshAuthInfo()\n        return () => {\n            didCancel = true\n        }\n    }, [])\n\n\n    // Periodically refresh the token\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshToken() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        async function onStorageEvent(event: StorageEvent) {\n            if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)) {\n                await refreshToken()\n            }\n        }\n\n        // TODO: Retry logic if the request fails\n        const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n        if (hasWindow()) {\n            window.addEventListener(\"storage\", onStorageEvent)\n            window.addEventListener(\"online\", refreshToken)\n            window.addEventListener(\"focus\", refreshToken)\n        }\n\n        return () => {\n            didCancel = true\n            clearInterval(interval)\n            if (hasWindow()) {\n                window.removeEventListener(\"storage\", onStorageEvent)\n                window.removeEventListener(\"online\", refreshToken)\n                window.removeEventListener(\"focus\", refreshToken)\n            }\n        }\n    }, [dispatch, authState.userAndAccessToken.user])\n\n\n    const logout = useCallback(async () => {\n        await fetch(\"/api/auth/logout\", {\n            method: \"POST\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n        dispatch({user: undefined, accessToken: undefined})\n    }, [dispatch])\n\n    const getLoginPageUrl = () => \"/api/auth/login\"\n    const getSignupPageUrl = () => \"/api/auth/signup\"\n    const getAccountPageUrl = useCallback(() => {\n        return `${props.authUrl}/account`\n    }, [props.authUrl])\n    const getOrgPageUrl = useCallback(\n        (orgId?: string) => {\n            if (orgId) {\n                return `${props.authUrl}/org?id=${orgId}`\n            } else {\n                return `${props.authUrl}/org`\n            }\n        },\n        [props.authUrl]\n    )\n    const getCreateOrgPageUrl = useCallback(() => {\n        return `${props.authUrl}/create_org`\n    }, [props.authUrl])\n\n    const getSetupSAMLPageUrl = useCallback(\n        (orgId: string) => {\n            return `${props.authUrl}/saml?id=${orgId}`\n        },\n        [props.authUrl]\n    )\n\n    const redirectTo = (url: string) => {\n        window.location.href = url\n    }\n\n    const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n    const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n    const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n    const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n    const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n    const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n    const refreshAuthInfo = async () => {\n        const action = await apiGetUserInfo()\n        dispatch(action)\n        return action.user\n    }\n\n    const value = {\n        loading: authState.loading,\n        userAndAccessToken: authState.userAndAccessToken,\n        logout,\n        redirectToLoginPage,\n        redirectToSignupPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n        redirectToSetupSAMLPage,\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n        refreshAuthInfo,\n    }\n    return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n    try {\n        const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n            method: \"GET\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n\n        if (userInfoResponse.ok) {\n            const {userinfo, accessToken, impersonatorUserId} = await userInfoResponse.json()\n            const user = new User({\n                userId: userinfo.user_id,\n                email: userinfo.email,\n                emailConfirmed: userinfo.email_confirmed,\n                hasPassword: userinfo.has_password,\n                username: userinfo.username,\n                firstName: userinfo.first_name,\n                lastName: userinfo.last_name,\n                pictureUrl: userinfo.picture_url,\n                orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n                mfaEnabled: userinfo.mfa_enabled,\n                canCreateOrgs: userinfo.can_create_orgs,\n                updatePasswordRequired: userinfo.update_password_required,\n                createdAt: userinfo.created_at,\n                lastActiveAt: userinfo.last_active_at,\n                impersonatorUserId,\n            })\n\n            return {user, accessToken}\n        } else if (userInfoResponse.status === 401) {\n            return {user: undefined, accessToken: undefined}\n        } else {\n            console.log(\"Failed to refresh token\", userInfoResponse)\n        }\n    } catch (e) {\n        console.log(\"Failed to refresh token\", e)\n    }\n    throw new Error(\"Failed to refresh token\")\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n    return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n    if (user) {\n        localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n    } else {\n        localStorage.setItem(USER_INFO_KEY, \"{}\")\n    }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n    if (!newValue) {\n        return false\n    } else if (!user) {\n        return newValue === \"{}\"\n    }\n\n    const parsed = JSON.parse(newValue)\n    if (!parsed) {\n        return false\n    }\n\n    return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n    if (typeof a !== typeof b) {\n        return false\n    }\n\n    if (Array.isArray(a) !== Array.isArray(b)) {\n        return false\n    }\n\n    if (Array.isArray(a)) {\n        const aArray = a as any[]\n        const bArray = b as any[]\n        if (aArray.length !== bArray.length) {\n            return false\n        }\n\n        for (let i = 0; i < aArray.length; i++) {\n            if (!isEqual(aArray[i], bArray[i])) {\n                return false\n            }\n        }\n\n        return true\n    }\n\n    if (typeof a === \"object\") {\n        const aKeys = Object.keys(a)\n        const bKeys = Object.keys(b)\n        if (aKeys.length !== bKeys.length) {\n            return false\n        }\n\n        for (const key of aKeys) {\n            if (!isEqual(a[key], b[key])) {\n                return false\n            }\n        }\n\n        return true\n    } else {\n        return a === b\n    }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n    public userId: string\n    public email: string\n    public emailConfirmed: boolean\n    public hasPassword: boolean\n\n    public username?: string\n    public firstName?: string\n    public lastName?: string\n    public pictureUrl?: string\n\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    public mfaEnabled: boolean\n    public canCreateOrgs: boolean\n    public updatePasswordRequired: boolean\n\n    public createdAt: number\n    public lastActiveAt: number\n\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor({\n                    userId,\n                    email,\n                    emailConfirmed,\n                    hasPassword,\n                    username,\n                    firstName,\n                    lastName,\n                    pictureUrl,\n                    orgIdToOrgMemberInfo,\n                    mfaEnabled,\n                    canCreateOrgs,\n                    updatePasswordRequired,\n                    createdAt,\n                    lastActiveAt,\n                    legacyUserId,\n                    impersonatorUserId,\n                }: {\n        userId: string\n        email: string\n        emailConfirmed: boolean\n        hasPassword: boolean\n        username?: string\n        firstName?: string\n        lastName?: string\n        pictureUrl?: string\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n        mfaEnabled: boolean\n        canCreateOrgs: boolean\n        updatePasswordRequired: boolean\n        createdAt: number\n        lastActiveAt: number\n        legacyUserId?: string\n        impersonatorUserId?: string\n    }) {\n        this.userId = userId\n        this.email = email\n        this.emailConfirmed = emailConfirmed\n        this.hasPassword = hasPassword\n        this.username = username\n        this.firstName = firstName\n        this.lastName = lastName\n        this.pictureUrl = pictureUrl\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n        this.mfaEnabled = mfaEnabled\n        this.canCreateOrgs = canCreateOrgs\n        this.updatePasswordRequired = updatePasswordRequired\n        this.createdAt = createdAt\n        this.lastActiveAt = lastActiveAt\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        return this.orgIdToOrgMemberInfo?.[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n}\n\nexport type UseUserLoading = {\n    loading: true\n    isLoggedIn: never\n    user: never\n    accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n    loading: false\n    isLoggedIn: true\n    user: User\n    accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n    loading: false\n    isLoggedIn: false\n    user: undefined\n    accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useUser must be used within an AuthProvider\")\n    }\n\n    const {loading, userAndAccessToken} = context\n    if (loading) {\n        return {\n            loading: true,\n            isLoggedIn: undefined as never,\n            user: undefined as never,\n            accessToken: undefined as never,\n        }\n    } else if (userAndAccessToken.user) {\n        return {\n            loading: false,\n            isLoggedIn: true,\n            user: userAndAccessToken.user,\n            accessToken: userAndAccessToken.accessToken,\n        }\n    } else {\n        return {\n            loading: false,\n            isLoggedIn: false,\n            user: undefined,\n            accessToken: undefined,\n        }\n    }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n    }\n    const {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    } = context\n    return {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n    }\n    const { logout } = context\n    return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n    }\n    const {\n        redirectToAccountPage,\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    } = context\n    return {\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    }\n}\n\nexport interface RedirectProps {\n    children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n    const { redirectToSignupPage } = useRedirectFunctions()\n\n    useEffect(() => {\n        redirectToSignupPage()\n    }, [])\n\n    return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n    const { redirectToLoginPage } = useRedirectFunctions()\n    useEffect(() => {\n        redirectToLoginPage()\n    }, [])\n    return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n    }\n    const { refreshAuthInfo } = context\n    return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AAwCO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACzOA,IAAAA,gBAAwD;;;ACCjD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADvEA,wBAAwB;;;AEFxB,mBAAyB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAuBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAiBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAlF5D;AAmFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,cAAU,yBAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AF9HO,IAAM,cAAc,cAAAC,QAAM,cAA6C,MAAS;AAmBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAUA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,mBAAmB,IAAI;AAElG,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,QAAI,0BAAW,kBAAkB,gBAAgB;AAChF,QAAM,aAAS,6BAAU;AAEzB,QAAM,eAAW,2BAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,+BAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,+BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeC,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,+BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAAG;AAC1G,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAGhD,QAAM,aAAS,2BAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,QAAW,aAAa,OAAS,CAAC;AAAA,EACtD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,wBAAoB,2BAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,oBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,0BAAsB,2BAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,0BAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,aAAS,MAAM;AACf,WAAO,OAAO;AAAA,EAClB;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,8BAAAD,QAAA,cAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAUA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAC,UAAU,aAAa,mBAAkB,IAAI,MAAM,iBAAiB,KAAK;AAChF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB;AAAA,QACJ,CAAC;AAED,eAAO,EAAC,MAAM,YAAW;AAAA,MAC7B,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,QAAW,aAAa,OAAS;AAAA,MACnD,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AGlTA,IAAAE,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,IAAAC,gBAA6C;AAGtC,SAAS,uBAAuB;AACnC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,+BAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,8BAAAC,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,+BAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,8BAAAA,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;;;AC5CA,IAAAC,gBAA2B;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["import_react","React","refreshAuthInfo","import_react","import_react","import_react","React","import_react"]}
+{"version":3,"sources":["../../src/client/index.ts","../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo} from \"../user\"\nexport {UserFromToken, OrgMemberInfo} from \"../user\"\nexport {AuthProvider} from \"./AuthProvider\"\nexport type {AuthProviderProps} from \"./AuthProvider\"\nexport {useUser, User} from \"./useUser\"\nexport type {UseUser, UseUserLoading, UseUserLoggedIn, UseUserNotLoggedIn} from \"./useUser\"\nexport {useHostedPageUrls} from \"./useHostedPageUrls\"\nexport {useLogoutFunction} from \"./useLogoutFunction\"\nexport {useRedirectFunctions, RedirectToLogin, RedirectToSignup} from \"./useRedirectFunctions\"\nexport type {RedirectProps} from \"./useRedirectFunctions\"\nexport {useRefreshAuth} from \"./useRefreshAuth\"","export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation.js\";\nimport {User} from \"./useUser\";\nimport {toOrgIdToOrgMemberInfo} from \"../user\";\n\ninterface InternalAuthState {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    logout: () => Promise<void>\n\n    redirectToLoginPage: () => void\n    redirectToSignupPage: () => void\n    redirectToAccountPage: () => void\n    redirectToOrgPage: (orgId?: string) => void\n    redirectToCreateOrgPage: () => void\n    redirectToSetupSAMLPage: (orgId: string) => void\n\n    getSignupPageUrl(): string\n\n    getLoginPageUrl(): string\n\n    getAccountPageUrl(): string\n\n    getOrgPageUrl(orgId?: string): string\n\n    getCreateOrgPageUrl(): string\n\n    getSetupSAMLPageUrl(orgId: string): string\n\n    refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n    authUrl: string\n    children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\ntype AuthState = {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    // There's no good way to trigger server components to reload outside of router.refresh()\n    // This is our workaround until the app router has something better\n    authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n    loading: true,\n    userAndAccessToken: {\n        user: undefined,\n        accessToken: undefined,\n    },\n    authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n    const authChangeDetected = !_state.loading && !isEqual(action.user, _state.userAndAccessToken.user)\n\n    if (!action.user) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: undefined,\n                accessToken: undefined,\n            },\n            authChangeDetected,\n        }\n    } else if (_state.loading) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected,\n        }\n    } else {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected\n        }\n    }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n    const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n    const router = useRouter()\n\n    const dispatch = useCallback((action: AuthStateAction) => {\n        dispatchInner(action)\n        saveUserToLocalStorage(action.user)\n    }, [dispatchInner])\n\n    // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n    // Once server actions isn't alpha, we can hopefully use that instead\n    useEffect(() => {\n        if (authState.authChangeDetected) {\n            router.refresh()\n        }\n    }, [authState.authChangeDetected, router])\n\n    // Trigger an initial refresh\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshAuthInfo() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        refreshAuthInfo()\n        return () => {\n            didCancel = true\n        }\n    }, [])\n\n\n    // Periodically refresh the token\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshToken() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        async function onStorageEvent(event: StorageEvent) {\n            if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)) {\n                await refreshToken()\n            }\n        }\n\n        // TODO: Retry logic if the request fails\n        const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n        if (hasWindow()) {\n            window.addEventListener(\"storage\", onStorageEvent)\n            window.addEventListener(\"online\", refreshToken)\n            window.addEventListener(\"focus\", refreshToken)\n        }\n\n        return () => {\n            didCancel = true\n            clearInterval(interval)\n            if (hasWindow()) {\n                window.removeEventListener(\"storage\", onStorageEvent)\n                window.removeEventListener(\"online\", refreshToken)\n                window.removeEventListener(\"focus\", refreshToken)\n            }\n        }\n    }, [dispatch, authState.userAndAccessToken.user])\n\n\n    const logout = useCallback(async () => {\n        await fetch(\"/api/auth/logout\", {\n            method: \"POST\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n        dispatch({user: undefined, accessToken: undefined})\n    }, [dispatch])\n\n    const getLoginPageUrl = () => \"/api/auth/login\"\n    const getSignupPageUrl = () => \"/api/auth/signup\"\n    const getAccountPageUrl = useCallback(() => {\n        return `${props.authUrl}/account`\n    }, [props.authUrl])\n    const getOrgPageUrl = useCallback(\n        (orgId?: string) => {\n            if (orgId) {\n                return `${props.authUrl}/org?id=${orgId}`\n            } else {\n                return `${props.authUrl}/org`\n            }\n        },\n        [props.authUrl]\n    )\n    const getCreateOrgPageUrl = useCallback(() => {\n        return `${props.authUrl}/create_org`\n    }, [props.authUrl])\n\n    const getSetupSAMLPageUrl = useCallback(\n        (orgId: string) => {\n            return `${props.authUrl}/saml?id=${orgId}`\n        },\n        [props.authUrl]\n    )\n\n    const redirectTo = (url: string) => {\n        window.location.href = url\n    }\n\n    const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n    const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n    const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n    const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n    const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n    const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n    const refreshAuthInfo = async () => {\n        const action = await apiGetUserInfo()\n        dispatch(action)\n        return action.user\n    }\n\n    const value = {\n        loading: authState.loading,\n        userAndAccessToken: authState.userAndAccessToken,\n        logout,\n        redirectToLoginPage,\n        redirectToSignupPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n        redirectToSetupSAMLPage,\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n        refreshAuthInfo,\n    }\n    return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n    try {\n        const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n            method: \"GET\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n\n        if (userInfoResponse.ok) {\n            const {userinfo, accessToken, impersonatorUserId} = await userInfoResponse.json()\n            const user = new User({\n                userId: userinfo.user_id,\n                email: userinfo.email,\n                emailConfirmed: userinfo.email_confirmed,\n                hasPassword: userinfo.has_password,\n                username: userinfo.username,\n                firstName: userinfo.first_name,\n                lastName: userinfo.last_name,\n                pictureUrl: userinfo.picture_url,\n                orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n                mfaEnabled: userinfo.mfa_enabled,\n                canCreateOrgs: userinfo.can_create_orgs,\n                updatePasswordRequired: userinfo.update_password_required,\n                createdAt: userinfo.created_at,\n                lastActiveAt: userinfo.last_active_at,\n                impersonatorUserId,\n            })\n\n            return {user, accessToken}\n        } else if (userInfoResponse.status === 401) {\n            return {user: undefined, accessToken: undefined}\n        } else {\n            console.log(\"Failed to refresh token\", userInfoResponse)\n        }\n    } catch (e) {\n        console.log(\"Failed to refresh token\", e)\n    }\n    throw new Error(\"Failed to refresh token\")\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n    return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n    if (user) {\n        localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n    } else {\n        localStorage.setItem(USER_INFO_KEY, \"{}\")\n    }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n    if (!newValue) {\n        return false\n    } else if (!user) {\n        return newValue === \"{}\"\n    }\n\n    const parsed = JSON.parse(newValue)\n    if (!parsed) {\n        return false\n    }\n\n    return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n    if (typeof a !== typeof b) {\n        return false\n    }\n\n    if (Array.isArray(a) !== Array.isArray(b)) {\n        return false\n    }\n\n    if (Array.isArray(a)) {\n        const aArray = a as any[]\n        const bArray = b as any[]\n        if (aArray.length !== bArray.length) {\n            return false\n        }\n\n        for (let i = 0; i < aArray.length; i++) {\n            if (!isEqual(aArray[i], bArray[i])) {\n                return false\n            }\n        }\n\n        return true\n    }\n\n    if (typeof a === \"object\") {\n        const aKeys = Object.keys(a)\n        const bKeys = Object.keys(b)\n        if (aKeys.length !== bKeys.length) {\n            return false\n        }\n\n        for (const key of aKeys) {\n            if (!isEqual(a[key], b[key])) {\n                return false\n            }\n        }\n\n        return true\n    } else {\n        return a === b\n    }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n    public userId: string\n    public email: string\n    public emailConfirmed: boolean\n    public hasPassword: boolean\n\n    public username?: string\n    public firstName?: string\n    public lastName?: string\n    public pictureUrl?: string\n\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    public mfaEnabled: boolean\n    public canCreateOrgs: boolean\n    public updatePasswordRequired: boolean\n\n    public createdAt: number\n    public lastActiveAt: number\n\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor({\n                    userId,\n                    email,\n                    emailConfirmed,\n                    hasPassword,\n                    username,\n                    firstName,\n                    lastName,\n                    pictureUrl,\n                    orgIdToOrgMemberInfo,\n                    mfaEnabled,\n                    canCreateOrgs,\n                    updatePasswordRequired,\n                    createdAt,\n                    lastActiveAt,\n                    legacyUserId,\n                    impersonatorUserId,\n                }: {\n        userId: string\n        email: string\n        emailConfirmed: boolean\n        hasPassword: boolean\n        username?: string\n        firstName?: string\n        lastName?: string\n        pictureUrl?: string\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n        mfaEnabled: boolean\n        canCreateOrgs: boolean\n        updatePasswordRequired: boolean\n        createdAt: number\n        lastActiveAt: number\n        legacyUserId?: string\n        impersonatorUserId?: string\n    }) {\n        this.userId = userId\n        this.email = email\n        this.emailConfirmed = emailConfirmed\n        this.hasPassword = hasPassword\n        this.username = username\n        this.firstName = firstName\n        this.lastName = lastName\n        this.pictureUrl = pictureUrl\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n        this.mfaEnabled = mfaEnabled\n        this.canCreateOrgs = canCreateOrgs\n        this.updatePasswordRequired = updatePasswordRequired\n        this.createdAt = createdAt\n        this.lastActiveAt = lastActiveAt\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        return this.orgIdToOrgMemberInfo?.[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n}\n\nexport type UseUserLoading = {\n    loading: true\n    isLoggedIn: never\n    user: never\n    accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n    loading: false\n    isLoggedIn: true\n    user: User\n    accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n    loading: false\n    isLoggedIn: false\n    user: undefined\n    accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useUser must be used within an AuthProvider\")\n    }\n\n    const {loading, userAndAccessToken} = context\n    if (loading) {\n        return {\n            loading: true,\n            isLoggedIn: undefined as never,\n            user: undefined as never,\n            accessToken: undefined as never,\n        }\n    } else if (userAndAccessToken.user) {\n        return {\n            loading: false,\n            isLoggedIn: true,\n            user: userAndAccessToken.user,\n            accessToken: userAndAccessToken.accessToken,\n        }\n    } else {\n        return {\n            loading: false,\n            isLoggedIn: false,\n            user: undefined,\n            accessToken: undefined,\n        }\n    }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n    }\n    const {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    } = context\n    return {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n    }\n    const { logout } = context\n    return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n    }\n    const {\n        redirectToAccountPage,\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    } = context\n    return {\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    }\n}\n\nexport interface RedirectProps {\n    children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n    const { redirectToSignupPage } = useRedirectFunctions()\n\n    useEffect(() => {\n        redirectToSignupPage()\n    }, [])\n\n    return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n    const { redirectToLoginPage } = useRedirectFunctions()\n    useEffect(() => {\n        redirectToLoginPage()\n    }, [])\n    return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n    }\n    const { refreshAuthInfo } = context\n    return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AAwCO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACzOA,IAAAA,gBAAwD;;;ACCjD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADvEA,wBAAwB;;;AEFxB,mBAAyB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAuBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAiBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAlF5D;AAmFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,cAAU,yBAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AF9HO,IAAM,cAAc,cAAAC,QAAM,cAA6C,MAAS;AAmBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAUA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,mBAAmB,IAAI;AAElG,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,QAAI,0BAAW,kBAAkB,gBAAgB;AAChF,QAAM,aAAS,6BAAU;AAEzB,QAAM,eAAW,2BAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,+BAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,+BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeC,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,+BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAAG;AAC1G,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAGhD,QAAM,aAAS,2BAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,QAAW,aAAa,OAAS,CAAC;AAAA,EACtD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,wBAAoB,2BAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,oBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,0BAAsB,2BAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,0BAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,aAAS,MAAM;AACf,WAAO,OAAO;AAAA,EAClB;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,8BAAAD,QAAA,cAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAUA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAC,UAAU,aAAa,mBAAkB,IAAI,MAAM,iBAAiB,KAAK;AAChF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB;AAAA,QACJ,CAAC;AAED,eAAO,EAAC,MAAM,YAAW;AAAA,MAC7B,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,QAAW,aAAa,OAAS;AAAA,MACnD,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AGlTA,IAAAE,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,IAAAC,gBAA6C;AAGtC,SAAS,uBAAuB;AACnC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,+BAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,8BAAAC,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,+BAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,8BAAAA,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;;;AC5CA,IAAAC,gBAA2B;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["import_react","React","refreshAuthInfo","import_react","import_react","import_react","React","import_react"]}

package/dist/client/index.mjs

@@ -213,7 +213,7 @@ function isEqual(a, b) {
 }
 
 // src/client/AuthProvider.tsx
-import { useRouter } from "next/navigation";
+import { useRouter } from "next/navigation.js";
 
 // src/client/useUser.tsx
 import { useContext } from "react";

package/dist/client/index.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation\";\nimport {User} from \"./useUser\";\nimport {toOrgIdToOrgMemberInfo} from \"../user\";\n\ninterface InternalAuthState {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    logout: () => Promise<void>\n\n    redirectToLoginPage: () => void\n    redirectToSignupPage: () => void\n    redirectToAccountPage: () => void\n    redirectToOrgPage: (orgId?: string) => void\n    redirectToCreateOrgPage: () => void\n    redirectToSetupSAMLPage: (orgId: string) => void\n\n    getSignupPageUrl(): string\n\n    getLoginPageUrl(): string\n\n    getAccountPageUrl(): string\n\n    getOrgPageUrl(orgId?: string): string\n\n    getCreateOrgPageUrl(): string\n\n    getSetupSAMLPageUrl(orgId: string): string\n\n    refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n    authUrl: string\n    children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\ntype AuthState = {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    // There's no good way to trigger server components to reload outside of router.refresh()\n    // This is our workaround until the app router has something better\n    authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n    loading: true,\n    userAndAccessToken: {\n        user: undefined,\n        accessToken: undefined,\n    },\n    authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n    const authChangeDetected = !_state.loading && !isEqual(action.user, _state.userAndAccessToken.user)\n\n    if (!action.user) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: undefined,\n                accessToken: undefined,\n            },\n            authChangeDetected,\n        }\n    } else if (_state.loading) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected,\n        }\n    } else {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected\n        }\n    }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n    const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n    const router = useRouter()\n\n    const dispatch = useCallback((action: AuthStateAction) => {\n        dispatchInner(action)\n        saveUserToLocalStorage(action.user)\n    }, [dispatchInner])\n\n    // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n    // Once server actions isn't alpha, we can hopefully use that instead\n    useEffect(() => {\n        if (authState.authChangeDetected) {\n            router.refresh()\n        }\n    }, [authState.authChangeDetected, router])\n\n    // Trigger an initial refresh\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshAuthInfo() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        refreshAuthInfo()\n        return () => {\n            didCancel = true\n        }\n    }, [])\n\n\n    // Periodically refresh the token\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshToken() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        async function onStorageEvent(event: StorageEvent) {\n            if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)) {\n                await refreshToken()\n            }\n        }\n\n        // TODO: Retry logic if the request fails\n        const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n        if (hasWindow()) {\n            window.addEventListener(\"storage\", onStorageEvent)\n            window.addEventListener(\"online\", refreshToken)\n            window.addEventListener(\"focus\", refreshToken)\n        }\n\n        return () => {\n            didCancel = true\n            clearInterval(interval)\n            if (hasWindow()) {\n                window.removeEventListener(\"storage\", onStorageEvent)\n                window.removeEventListener(\"online\", refreshToken)\n                window.removeEventListener(\"focus\", refreshToken)\n            }\n        }\n    }, [dispatch, authState.userAndAccessToken.user])\n\n\n    const logout = useCallback(async () => {\n        await fetch(\"/api/auth/logout\", {\n            method: \"POST\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n        dispatch({user: undefined, accessToken: undefined})\n    }, [dispatch])\n\n    const getLoginPageUrl = () => \"/api/auth/login\"\n    const getSignupPageUrl = () => \"/api/auth/signup\"\n    const getAccountPageUrl = useCallback(() => {\n        return `${props.authUrl}/account`\n    }, [props.authUrl])\n    const getOrgPageUrl = useCallback(\n        (orgId?: string) => {\n            if (orgId) {\n                return `${props.authUrl}/org?id=${orgId}`\n            } else {\n                return `${props.authUrl}/org`\n            }\n        },\n        [props.authUrl]\n    )\n    const getCreateOrgPageUrl = useCallback(() => {\n        return `${props.authUrl}/create_org`\n    }, [props.authUrl])\n\n    const getSetupSAMLPageUrl = useCallback(\n        (orgId: string) => {\n            return `${props.authUrl}/saml?id=${orgId}`\n        },\n        [props.authUrl]\n    )\n\n    const redirectTo = (url: string) => {\n        window.location.href = url\n    }\n\n    const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n    const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n    const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n    const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n    const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n    const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n    const refreshAuthInfo = async () => {\n        const action = await apiGetUserInfo()\n        dispatch(action)\n        return action.user\n    }\n\n    const value = {\n        loading: authState.loading,\n        userAndAccessToken: authState.userAndAccessToken,\n        logout,\n        redirectToLoginPage,\n        redirectToSignupPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n        redirectToSetupSAMLPage,\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n        refreshAuthInfo,\n    }\n    return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n    try {\n        const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n            method: \"GET\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n\n        if (userInfoResponse.ok) {\n            const {userinfo, accessToken, impersonatorUserId} = await userInfoResponse.json()\n            const user = new User({\n                userId: userinfo.user_id,\n                email: userinfo.email,\n                emailConfirmed: userinfo.email_confirmed,\n                hasPassword: userinfo.has_password,\n                username: userinfo.username,\n                firstName: userinfo.first_name,\n                lastName: userinfo.last_name,\n                pictureUrl: userinfo.picture_url,\n                orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n                mfaEnabled: userinfo.mfa_enabled,\n                canCreateOrgs: userinfo.can_create_orgs,\n                updatePasswordRequired: userinfo.update_password_required,\n                createdAt: userinfo.created_at,\n                lastActiveAt: userinfo.last_active_at,\n                impersonatorUserId,\n            })\n\n            return {user, accessToken}\n        } else if (userInfoResponse.status === 401) {\n            return {user: undefined, accessToken: undefined}\n        } else {\n            console.log(\"Failed to refresh token\", userInfoResponse)\n        }\n    } catch (e) {\n        console.log(\"Failed to refresh token\", e)\n    }\n    throw new Error(\"Failed to refresh token\")\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n    return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n    if (user) {\n        localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n    } else {\n        localStorage.setItem(USER_INFO_KEY, \"{}\")\n    }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n    if (!newValue) {\n        return false\n    } else if (!user) {\n        return newValue === \"{}\"\n    }\n\n    const parsed = JSON.parse(newValue)\n    if (!parsed) {\n        return false\n    }\n\n    return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n    if (typeof a !== typeof b) {\n        return false\n    }\n\n    if (Array.isArray(a) !== Array.isArray(b)) {\n        return false\n    }\n\n    if (Array.isArray(a)) {\n        const aArray = a as any[]\n        const bArray = b as any[]\n        if (aArray.length !== bArray.length) {\n            return false\n        }\n\n        for (let i = 0; i < aArray.length; i++) {\n            if (!isEqual(aArray[i], bArray[i])) {\n                return false\n            }\n        }\n\n        return true\n    }\n\n    if (typeof a === \"object\") {\n        const aKeys = Object.keys(a)\n        const bKeys = Object.keys(b)\n        if (aKeys.length !== bKeys.length) {\n            return false\n        }\n\n        for (const key of aKeys) {\n            if (!isEqual(a[key], b[key])) {\n                return false\n            }\n        }\n\n        return true\n    } else {\n        return a === b\n    }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n    public userId: string\n    public email: string\n    public emailConfirmed: boolean\n    public hasPassword: boolean\n\n    public username?: string\n    public firstName?: string\n    public lastName?: string\n    public pictureUrl?: string\n\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    public mfaEnabled: boolean\n    public canCreateOrgs: boolean\n    public updatePasswordRequired: boolean\n\n    public createdAt: number\n    public lastActiveAt: number\n\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor({\n                    userId,\n                    email,\n                    emailConfirmed,\n                    hasPassword,\n                    username,\n                    firstName,\n                    lastName,\n                    pictureUrl,\n                    orgIdToOrgMemberInfo,\n                    mfaEnabled,\n                    canCreateOrgs,\n                    updatePasswordRequired,\n                    createdAt,\n                    lastActiveAt,\n                    legacyUserId,\n                    impersonatorUserId,\n                }: {\n        userId: string\n        email: string\n        emailConfirmed: boolean\n        hasPassword: boolean\n        username?: string\n        firstName?: string\n        lastName?: string\n        pictureUrl?: string\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n        mfaEnabled: boolean\n        canCreateOrgs: boolean\n        updatePasswordRequired: boolean\n        createdAt: number\n        lastActiveAt: number\n        legacyUserId?: string\n        impersonatorUserId?: string\n    }) {\n        this.userId = userId\n        this.email = email\n        this.emailConfirmed = emailConfirmed\n        this.hasPassword = hasPassword\n        this.username = username\n        this.firstName = firstName\n        this.lastName = lastName\n        this.pictureUrl = pictureUrl\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n        this.mfaEnabled = mfaEnabled\n        this.canCreateOrgs = canCreateOrgs\n        this.updatePasswordRequired = updatePasswordRequired\n        this.createdAt = createdAt\n        this.lastActiveAt = lastActiveAt\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        return this.orgIdToOrgMemberInfo?.[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n}\n\nexport type UseUserLoading = {\n    loading: true\n    isLoggedIn: never\n    user: never\n    accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n    loading: false\n    isLoggedIn: true\n    user: User\n    accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n    loading: false\n    isLoggedIn: false\n    user: undefined\n    accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useUser must be used within an AuthProvider\")\n    }\n\n    const {loading, userAndAccessToken} = context\n    if (loading) {\n        return {\n            loading: true,\n            isLoggedIn: undefined as never,\n            user: undefined as never,\n            accessToken: undefined as never,\n        }\n    } else if (userAndAccessToken.user) {\n        return {\n            loading: false,\n            isLoggedIn: true,\n            user: userAndAccessToken.user,\n            accessToken: userAndAccessToken.accessToken,\n        }\n    } else {\n        return {\n            loading: false,\n            isLoggedIn: false,\n            user: undefined,\n            accessToken: undefined,\n        }\n    }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n    }\n    const {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    } = context\n    return {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n    }\n    const { logout } = context\n    return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n    }\n    const {\n        redirectToAccountPage,\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    } = context\n    return {\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    }\n}\n\nexport interface RedirectProps {\n    children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n    const { redirectToSignupPage } = useRedirectFunctions()\n\n    useEffect(() => {\n        redirectToSignupPage()\n    }, [])\n\n    return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n    const { redirectToLoginPage } = useRedirectFunctions()\n    useEffect(() => {\n        redirectToLoginPage()\n    }, [])\n    return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n    }\n    const { refreshAuthInfo } = context\n    return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AAwCO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACzOA,OAAO,SAAQ,aAAa,WAAW,kBAAiB;;;ACCjD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADvEA,SAAQ,iBAAgB;;;AEFxB,SAAQ,kBAAiB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAuBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAiBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAlF5D;AAmFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,UAAU,WAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AF9HO,IAAM,cAAc,MAAM,cAA6C,MAAS;AAmBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAUA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,mBAAmB,IAAI;AAElG,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,IAAI,WAAW,kBAAkB,gBAAgB;AAChF,QAAM,SAAS,UAAU;AAEzB,QAAM,WAAW,YAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,YAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeA,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAAG;AAC1G,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAGhD,QAAM,SAAS,YAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,QAAW,aAAa,OAAS,CAAC;AAAA,EACtD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,oBAAoB,YAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,gBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,sBAAsB,YAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,sBAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,aAAS,MAAM;AACf,WAAO,OAAO;AAAA,EAClB;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,oCAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAUA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAC,UAAU,aAAa,mBAAkB,IAAI,MAAM,iBAAiB,KAAK;AAChF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB;AAAA,QACJ,CAAC;AAED,eAAO,EAAC,MAAM,YAAW;AAAA,MAC7B,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,QAAW,aAAa,OAAS;AAAA,MACnD,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AGlTA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,OAAOC,UAAS,cAAAC,aAAY,aAAAC,kBAAiB;AAGtC,SAAS,uBAAuB;AACnC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,EAAAC,WAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,EAAAD,WAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;;;AC5CA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["refreshAuthInfo","useContext","useContext","useContext","useContext","React","useContext","useEffect","useContext","useEffect","React","useContext","useContext"]}
+{"version":3,"sources":["../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation.js\";\nimport {User} from \"./useUser\";\nimport {toOrgIdToOrgMemberInfo} from \"../user\";\n\ninterface InternalAuthState {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    logout: () => Promise<void>\n\n    redirectToLoginPage: () => void\n    redirectToSignupPage: () => void\n    redirectToAccountPage: () => void\n    redirectToOrgPage: (orgId?: string) => void\n    redirectToCreateOrgPage: () => void\n    redirectToSetupSAMLPage: (orgId: string) => void\n\n    getSignupPageUrl(): string\n\n    getLoginPageUrl(): string\n\n    getAccountPageUrl(): string\n\n    getOrgPageUrl(orgId?: string): string\n\n    getCreateOrgPageUrl(): string\n\n    getSetupSAMLPageUrl(orgId: string): string\n\n    refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n    authUrl: string\n    children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\ntype AuthState = {\n    loading: boolean\n    userAndAccessToken: UserAndAccessToken\n\n    // There's no good way to trigger server components to reload outside of router.refresh()\n    // This is our workaround until the app router has something better\n    authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n    loading: true,\n    userAndAccessToken: {\n        user: undefined,\n        accessToken: undefined,\n    },\n    authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n    const authChangeDetected = !_state.loading && !isEqual(action.user, _state.userAndAccessToken.user)\n\n    if (!action.user) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: undefined,\n                accessToken: undefined,\n            },\n            authChangeDetected,\n        }\n    } else if (_state.loading) {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected,\n        }\n    } else {\n        return {\n            loading: false,\n            userAndAccessToken: {\n                user: action.user,\n                accessToken: action.accessToken,\n            },\n            authChangeDetected\n        }\n    }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n    const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n    const router = useRouter()\n\n    const dispatch = useCallback((action: AuthStateAction) => {\n        dispatchInner(action)\n        saveUserToLocalStorage(action.user)\n    }, [dispatchInner])\n\n    // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n    // Once server actions isn't alpha, we can hopefully use that instead\n    useEffect(() => {\n        if (authState.authChangeDetected) {\n            router.refresh()\n        }\n    }, [authState.authChangeDetected, router])\n\n    // Trigger an initial refresh\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshAuthInfo() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        refreshAuthInfo()\n        return () => {\n            didCancel = true\n        }\n    }, [])\n\n\n    // Periodically refresh the token\n    useEffect(() => {\n        let didCancel = false\n\n        async function refreshToken() {\n            const action = await apiGetUserInfo()\n            if (!didCancel) {\n                dispatch(action)\n            }\n        }\n\n        async function onStorageEvent(event: StorageEvent) {\n            if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)) {\n                await refreshToken()\n            }\n        }\n\n        // TODO: Retry logic if the request fails\n        const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n        if (hasWindow()) {\n            window.addEventListener(\"storage\", onStorageEvent)\n            window.addEventListener(\"online\", refreshToken)\n            window.addEventListener(\"focus\", refreshToken)\n        }\n\n        return () => {\n            didCancel = true\n            clearInterval(interval)\n            if (hasWindow()) {\n                window.removeEventListener(\"storage\", onStorageEvent)\n                window.removeEventListener(\"online\", refreshToken)\n                window.removeEventListener(\"focus\", refreshToken)\n            }\n        }\n    }, [dispatch, authState.userAndAccessToken.user])\n\n\n    const logout = useCallback(async () => {\n        await fetch(\"/api/auth/logout\", {\n            method: \"POST\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n        dispatch({user: undefined, accessToken: undefined})\n    }, [dispatch])\n\n    const getLoginPageUrl = () => \"/api/auth/login\"\n    const getSignupPageUrl = () => \"/api/auth/signup\"\n    const getAccountPageUrl = useCallback(() => {\n        return `${props.authUrl}/account`\n    }, [props.authUrl])\n    const getOrgPageUrl = useCallback(\n        (orgId?: string) => {\n            if (orgId) {\n                return `${props.authUrl}/org?id=${orgId}`\n            } else {\n                return `${props.authUrl}/org`\n            }\n        },\n        [props.authUrl]\n    )\n    const getCreateOrgPageUrl = useCallback(() => {\n        return `${props.authUrl}/create_org`\n    }, [props.authUrl])\n\n    const getSetupSAMLPageUrl = useCallback(\n        (orgId: string) => {\n            return `${props.authUrl}/saml?id=${orgId}`\n        },\n        [props.authUrl]\n    )\n\n    const redirectTo = (url: string) => {\n        window.location.href = url\n    }\n\n    const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n    const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n    const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n    const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n    const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n    const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n    const refreshAuthInfo = async () => {\n        const action = await apiGetUserInfo()\n        dispatch(action)\n        return action.user\n    }\n\n    const value = {\n        loading: authState.loading,\n        userAndAccessToken: authState.userAndAccessToken,\n        logout,\n        redirectToLoginPage,\n        redirectToSignupPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n        redirectToSetupSAMLPage,\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n        refreshAuthInfo,\n    }\n    return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = {\n    user: User\n    accessToken: string\n} | {\n    user: undefined\n    accessToken: undefined\n}\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n    try {\n        const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n            method: \"GET\",\n            headers: {\n                \"Content-Type\": \"application/json\",\n            },\n            credentials: \"include\",\n        })\n\n        if (userInfoResponse.ok) {\n            const {userinfo, accessToken, impersonatorUserId} = await userInfoResponse.json()\n            const user = new User({\n                userId: userinfo.user_id,\n                email: userinfo.email,\n                emailConfirmed: userinfo.email_confirmed,\n                hasPassword: userinfo.has_password,\n                username: userinfo.username,\n                firstName: userinfo.first_name,\n                lastName: userinfo.last_name,\n                pictureUrl: userinfo.picture_url,\n                orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n                mfaEnabled: userinfo.mfa_enabled,\n                canCreateOrgs: userinfo.can_create_orgs,\n                updatePasswordRequired: userinfo.update_password_required,\n                createdAt: userinfo.created_at,\n                lastActiveAt: userinfo.last_active_at,\n                impersonatorUserId,\n            })\n\n            return {user, accessToken}\n        } else if (userInfoResponse.status === 401) {\n            return {user: undefined, accessToken: undefined}\n        } else {\n            console.log(\"Failed to refresh token\", userInfoResponse)\n        }\n    } catch (e) {\n        console.log(\"Failed to refresh token\", e)\n    }\n    throw new Error(\"Failed to refresh token\")\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n    return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n    if (user) {\n        localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n    } else {\n        localStorage.setItem(USER_INFO_KEY, \"{}\")\n    }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n    if (!newValue) {\n        return false\n    } else if (!user) {\n        return newValue === \"{}\"\n    }\n\n    const parsed = JSON.parse(newValue)\n    if (!parsed) {\n        return false\n    }\n\n    return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n    if (typeof a !== typeof b) {\n        return false\n    }\n\n    if (Array.isArray(a) !== Array.isArray(b)) {\n        return false\n    }\n\n    if (Array.isArray(a)) {\n        const aArray = a as any[]\n        const bArray = b as any[]\n        if (aArray.length !== bArray.length) {\n            return false\n        }\n\n        for (let i = 0; i < aArray.length; i++) {\n            if (!isEqual(aArray[i], bArray[i])) {\n                return false\n            }\n        }\n\n        return true\n    }\n\n    if (typeof a === \"object\") {\n        const aKeys = Object.keys(a)\n        const bKeys = Object.keys(b)\n        if (aKeys.length !== bKeys.length) {\n            return false\n        }\n\n        for (const key of aKeys) {\n            if (!isEqual(a[key], b[key])) {\n                return false\n            }\n        }\n\n        return true\n    } else {\n        return a === b\n    }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n    public userId: string\n    public email: string\n    public emailConfirmed: boolean\n    public hasPassword: boolean\n\n    public username?: string\n    public firstName?: string\n    public lastName?: string\n    public pictureUrl?: string\n\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    public mfaEnabled: boolean\n    public canCreateOrgs: boolean\n    public updatePasswordRequired: boolean\n\n    public createdAt: number\n    public lastActiveAt: number\n\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor({\n                    userId,\n                    email,\n                    emailConfirmed,\n                    hasPassword,\n                    username,\n                    firstName,\n                    lastName,\n                    pictureUrl,\n                    orgIdToOrgMemberInfo,\n                    mfaEnabled,\n                    canCreateOrgs,\n                    updatePasswordRequired,\n                    createdAt,\n                    lastActiveAt,\n                    legacyUserId,\n                    impersonatorUserId,\n                }: {\n        userId: string\n        email: string\n        emailConfirmed: boolean\n        hasPassword: boolean\n        username?: string\n        firstName?: string\n        lastName?: string\n        pictureUrl?: string\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n        mfaEnabled: boolean\n        canCreateOrgs: boolean\n        updatePasswordRequired: boolean\n        createdAt: number\n        lastActiveAt: number\n        legacyUserId?: string\n        impersonatorUserId?: string\n    }) {\n        this.userId = userId\n        this.email = email\n        this.emailConfirmed = emailConfirmed\n        this.hasPassword = hasPassword\n        this.username = username\n        this.firstName = firstName\n        this.lastName = lastName\n        this.pictureUrl = pictureUrl\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n        this.mfaEnabled = mfaEnabled\n        this.canCreateOrgs = canCreateOrgs\n        this.updatePasswordRequired = updatePasswordRequired\n        this.createdAt = createdAt\n        this.lastActiveAt = lastActiveAt\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        return this.orgIdToOrgMemberInfo?.[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n}\n\nexport type UseUserLoading = {\n    loading: true\n    isLoggedIn: never\n    user: never\n    accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n    loading: false\n    isLoggedIn: true\n    user: User\n    accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n    loading: false\n    isLoggedIn: false\n    user: undefined\n    accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useUser must be used within an AuthProvider\")\n    }\n\n    const {loading, userAndAccessToken} = context\n    if (loading) {\n        return {\n            loading: true,\n            isLoggedIn: undefined as never,\n            user: undefined as never,\n            accessToken: undefined as never,\n        }\n    } else if (userAndAccessToken.user) {\n        return {\n            loading: false,\n            isLoggedIn: true,\n            user: userAndAccessToken.user,\n            accessToken: userAndAccessToken.accessToken,\n        }\n    } else {\n        return {\n            loading: false,\n            isLoggedIn: false,\n            user: undefined,\n            accessToken: undefined,\n        }\n    }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n    }\n    const {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    } = context\n    return {\n        getLoginPageUrl,\n        getSignupPageUrl,\n        getAccountPageUrl,\n        getOrgPageUrl,\n        getCreateOrgPageUrl,\n        getSetupSAMLPageUrl,\n    }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n    }\n    const { logout } = context\n    return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n    }\n    const {\n        redirectToAccountPage,\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    } = context\n    return {\n        redirectToSignupPage,\n        redirectToLoginPage,\n        redirectToAccountPage,\n        redirectToOrgPage,\n        redirectToCreateOrgPage,\n    }\n}\n\nexport interface RedirectProps {\n    children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n    const { redirectToSignupPage } = useRedirectFunctions()\n\n    useEffect(() => {\n        redirectToSignupPage()\n    }, [])\n\n    return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n    const { redirectToLoginPage } = useRedirectFunctions()\n    useEffect(() => {\n        redirectToLoginPage()\n    }, [])\n    return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n    const context = useContext(AuthContext)\n    if (context === undefined) {\n        throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n    }\n    const { refreshAuthInfo } = context\n    return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AAwCO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACzOA,OAAO,SAAQ,aAAa,WAAW,kBAAiB;;;ACCjD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADvEA,SAAQ,iBAAgB;;;AEFxB,SAAQ,kBAAiB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAuBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAiBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAlF5D;AAmFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,UAAU,WAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AF9HO,IAAM,cAAc,MAAM,cAA6C,MAAS;AAmBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAUA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,mBAAmB,IAAI;AAElG,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,IAAI,WAAW,kBAAkB,gBAAgB;AAChF,QAAM,SAAS,UAAU;AAEzB,QAAM,WAAW,YAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,YAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeA,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAAG;AAC1G,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAGhD,QAAM,SAAS,YAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,QAAW,aAAa,OAAS,CAAC;AAAA,EACtD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,oBAAoB,YAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,gBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,sBAAsB,YAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,sBAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,aAAS,MAAM;AACf,WAAO,OAAO;AAAA,EAClB;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,oCAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAUA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAC,UAAU,aAAa,mBAAkB,IAAI,MAAM,iBAAiB,KAAK;AAChF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB;AAAA,QACJ,CAAC;AAED,eAAO,EAAC,MAAM,YAAW;AAAA,MAC7B,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,QAAW,aAAa,OAAS;AAAA,MACnD,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AGlTA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,OAAOC,UAAS,cAAAC,aAAY,aAAAC,kBAAiB;AAGtC,SAAS,uBAAuB;AACnC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,EAAAC,WAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,EAAAD,WAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;;;AC5CA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["refreshAuthInfo","useContext","useContext","useContext","useContext","React","useContext","useEffect","useContext","useEffect","React","useContext","useContext"]}

package/dist/server/app-router/index.d.ts

@@ -1,4 +1,4 @@
-import { NextRequest } from 'next/server';
+import { NextRequest } from 'next/server.js';
 
 declare class UnauthorizedException extends Error {
     readonly message: string;

package/dist/server/app-router/index.js

@@ -77,9 +77,9 @@ var ConfigurationException = class extends Error {
 };
 
 // src/server/app-router.ts
-var import_navigation = require("next/navigation");
-var import_headers = require("next/headers");
-var import_server = require("next/server");
+var import_navigation = require("next/navigation.js");
+var import_headers = require("next/headers.js");
+var import_server = require("next/server.js");
 
 // src/user.ts
 var UserFromToken = class {

package/dist/server/app-router/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/server/app-router-index.ts","../../../src/server/exceptions.ts","../../../src/server/app-router.ts","../../../src/user.ts","../../../src/server/shared.ts"],"sourcesContent":["export {UnauthorizedException, ConfigurationException} from \"./exceptions\"\nexport {getRouteHandlers, getUser, getUserOrRedirect, getAccessToken, authMiddleware} from \"./app-router\"\nexport type {RouteHandlerArgs} from \"./app-router\"\n","export class UnauthorizedException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 401\n    }\n}\n\nexport class ConfigurationException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 500\n    }\n}\n","import {redirect} from \"next/navigation\";\nimport {cookies, headers} from \"next/headers\";\nimport {NextRequest, NextResponse} from \"next/server\";\nimport {\n    ACCESS_TOKEN_COOKIE_NAME,\n    CALLBACK_PATH,\n    COOKIE_OPTIONS,\n    CUSTOM_HEADER_FOR_ACCESS_TOKEN,\n    getAuthUrlOrigin,\n    getIntegrationApiKey,\n    getRedirectUri,\n    LOGIN_PATH,\n    LOGOUT_PATH,\n    REFRESH_TOKEN_COOKIE_NAME,\n    refreshTokenWithAccessAndRefreshToken,\n    STATE_COOKIE_NAME,\n    USERINFO_PATH,\n    validateAccessToken,\n    validateAccessTokenOrUndefined\n} from \"./shared\";\nimport {UserFromToken} from \"./index\"\n\nexport async function getUserOrRedirect(): Promise<UserFromToken> {\n    const user = await getUser()\n    if (user) {\n        return user\n    } else {\n        redirect(LOGIN_PATH)\n        throw new Error(\"Redirecting to login\")\n    }\n}\n\nexport async function getUser(): Promise<UserFromToken | undefined> {\n    const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return user\n        }\n    }\n    return undefined\n}\n\nexport async function getAccessToken(): Promise<string | undefined> {\n    return headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n}\n\n// Purpose of this middleware is just to keep the access token cookie alive\n// In an ideal world, this could be done in `getUser`, however, you can't\n//   set a cookie in a server component.\n// There also doesn't seem to be any way right now to set a cookie in a\n//   middleware and pass it forward (you can only set them on the response).\n// You CAN, however, pass in custom headers,\n//   so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\nexport async function authMiddleware(req: NextRequest): Promise<Response> {\n    if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n        throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n    } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n        // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n        return NextResponse.next()\n    }\n\n    const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n    // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n    if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(\"Unauthorized\", {status: 401, headers})\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    // If we are authenticated, we can continue\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return NextResponse.next()\n        }\n    }\n\n    // Otherwise, we need to refresh the access token\n    if (refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const response = NextResponse.next()\n            response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n            response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n            return response\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    return NextResponse.next()\n}\n\nexport type RouteHandlerArgs = {\n    postLoginRedirectPathFn?: (req: NextRequest) => string\n}\n\nexport function getRouteHandlers(args?: RouteHandlerArgs) {\n    const authUrlOrigin = getAuthUrlOrigin()\n    const redirectUri = getRedirectUri()\n    const integrationApiKey = getIntegrationApiKey()\n\n    function loginGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    function signupGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            getAuthUrlOrigin() + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    async function callbackGetHandler(req: NextRequest) {\n        const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n        if (!oauthState || oauthState.length !== 64) {\n            console.log(\"No oauth state found\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const queryParams = req.nextUrl.searchParams\n        const state = queryParams.get(\"state\")\n        const code = queryParams.get(\"code\")\n        if (state !== oauthState) {\n            console.log(\"Mismatch between states, redirecting to login\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const oauth_token_body = {\n            redirect_uri: redirectUri,\n            code,\n        }\n        const url = `${authUrlOrigin}/propelauth/ssr/token`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(oauth_token_body),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (response.ok) {\n            const data = await response.json()\n\n            const accessToken = data.access_token\n            const path = args?.postLoginRedirectPathFn ? args.postLoginRedirectPathFn(req) : \"/\"\n            if (!path) {\n                console.log(\"postLoginPathFn returned undefined\")\n                return new Response(\"Unexpected error\", {status: 500})\n            }\n\n            const headers = new Headers()\n            headers.append(\"Location\", path)\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            return new Response(null, {\n                status: 302,\n                headers\n            })\n        } else if (response.status === 401) {\n            return new Response(\"Unexpected error\", {status: 500})\n        } else {\n            return new Response(\"Unexpected error\", {status: 500})\n        }\n    }\n\n    async function userinfoGetHandler(req: NextRequest) {\n        const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n        if (accessToken) {\n            const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n            const response = await fetch(path, {\n                headers: {\n                    \"Content-Type\": \"application/json\",\n                    \"Authorization\": \"Bearer \" + accessToken,\n                }\n            })\n            if (response.ok) {\n                const userFromToken = await validateAccessToken(accessToken)\n                const data = await response.json()\n                const jsonResponse = {\n                    userinfo: data,\n                    accessToken,\n                    impersonatorUserId: userFromToken.impersonatorUserId\n                }\n                return new Response(JSON.stringify(jsonResponse), {\n                    status: 200,\n                    headers: {\n                        \"Content-Type\": \"application/json\",\n                    }\n                })\n            } else if (response.status === 401) {\n                return new Response(null, {status: 401})\n            } else {\n                return new Response(null, {status: 500})\n            }\n        }\n        return new Response(null, {status: 401})\n    }\n\n    async function logoutPostHandler(req: NextRequest) {\n        const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n        if (!refresh_token) {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(null, {status: 200, headers})\n        }\n\n        const logoutBody = {refresh_token}\n        const url = `${authUrlOrigin}/api/backend/v1/logout`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(logoutBody),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (!response.ok) {\n            console.log(\n                \"Unable to logout, clearing cookies and continuing anyway\",\n                response.status,\n                response.statusText\n            )\n        }\n        const headers = new Headers()\n        headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        return new Response(null, {status: 200, headers})\n    }\n\n    function getRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"login\") {\n            return loginGetHandler()\n        } else if (params.slug === \"signup\") {\n            return signupGetHandler()\n        } else if (params.slug === \"callback\") {\n            return callbackGetHandler(req)\n        } else if (params.slug === \"userinfo\") {\n            return userinfoGetHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    function postRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"logout\") {\n            return logoutPostHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    return {\n        getRouteHandler,\n        postRouteHandler\n    }\n}\n\nfunction randomState(): string {\n    const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n    return Array.from(randomBytes)\n        .map((b) => b.toString(16).padStart(2, \"0\"))\n        .join(\"\")\n}\n\n","export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n    refreshToken: string\n    accessToken: string\n    error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n    error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n    error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n    RefreshAndAccessTokens\n    | RefreshAndAccessTokensUnauthorizedError\n    | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n    httpOnly: true,\n    sameSite: \"lax\",\n    secure: true,\n    path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n    return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n    const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n    if (!authUrl) {\n        throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n    }\n    return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n    const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n    if (!redirectUri) {\n        throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n    }\n    return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n    const integrationApiKey = process.env.PROPELAUTH_API_KEY\n    if (!integrationApiKey) {\n        throw new Error(\"PROPELAUTH_API_KEY is not set\")\n    }\n    return integrationApiKey\n}\n\nexport function getVerifierKey() {\n    const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n    if (!verifierKey) {\n        throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n    }\n    return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n    const body = {\n        refresh_token: refreshToken,\n    }\n    const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n    const response = await fetch(url, {\n        method: \"POST\",\n        body: JSON.stringify(body),\n        headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: \"Bearer \" + getIntegrationApiKey(),\n        },\n    })\n\n    if (response.ok) {\n        const data = await response.json()\n        const newRefreshToken = data.refresh_token\n        const {\n            access_token: accessToken,\n            expires_at_seconds: expiresAtSeconds,\n        } = data.access_token\n\n        return {\n            refreshToken: newRefreshToken,\n            accessToken,\n            error: \"none\",\n        }\n    } else if (response.status === 400) {\n        return {error: \"unauthorized\"}\n    } else {\n        return {error: \"unexpected\"}\n    }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n    try {\n        return await validateAccessToken(accessToken)\n    } catch (err) {\n        if (err instanceof ConfigurationException) {\n            throw err\n        } else if (err instanceof UnauthorizedException) {\n            return undefined\n        } else {\n            console.log(\"Error validating access token\", err)\n            return undefined\n        }\n    }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n    let publicKey\n    try {\n        publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n    } catch (err) {\n        console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n        throw new ConfigurationException(\"Invalid verifier key\")\n    }\n\n    if (!accessToken) {\n        throw new UnauthorizedException(\"No access token provided\")\n    }\n\n    let accessTokenWithoutBearer = accessToken\n    if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n        accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n    }\n\n    try {\n        const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n            issuer: getAuthUrlOrigin(),\n            algorithms: [\"RS256\"],\n        })\n\n        return toUser(<InternalUser>payload)\n    } catch (e) {\n        if (e instanceof Error) {\n            throw new UnauthorizedException(e.message)\n        } else {\n            throw new UnauthorizedException(\"Unable to decode jwt\")\n        }\n    }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,wBAAuB;AACvB,qBAA+B;AAC/B,oBAAwC;;;ACFjC,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACxOA,WAAsB;AAqBf,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAEvC,IAAM,iBAA0C;AAAA,EACnD,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAEO,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO;AACX;AAEO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,KAAK;AAChC,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,IAAI,iCAAiC,GAAG;AAChD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;AFvIA,SAAsB,oBAA4C;AAAA;AAC9D,UAAM,OAAO,MAAM,QAAQ;AAC3B,QAAI,MAAM;AACN,aAAO;AAAA,IACX,OAAO;AACH,sCAAS,UAAU;AACnB,YAAM,IAAI,MAAM,sBAAsB;AAAA,IAC1C;AAAA,EACJ;AAAA;AAEA,SAAsB,UAA8C;AAAA;AAhCpE;AAiCI,UAAM,kBAAc,wBAAQ,EAAE,IAAI,8BAA8B,OAAK,iCAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AACA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,iBAA8C;AAAA;AA3CpE;AA4CI,eAAO,wBAAQ,EAAE,IAAI,8BAA8B,OAAK,iCAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAAA,EACrG;AAAA;AASA,SAAsB,eAAe,KAAqC;AAAA;AAtD1E;AAuDI,QAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,YAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,IAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,aAAO,2BAAa,KAAK;AAAA,IAC7B;AAEA,UAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,UAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,QAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MAC9D,OAAO;AACH,cAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,2BAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO,2BAAa,KAAK;AAAA,MAC7B;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMC,YAAW,2BAAa,KAAK;AACnC,QAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,QAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,eAAOA;AAAA,MACX,OAAO;AACH,cAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,2BAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO,2BAAa,KAAK;AAAA,EAC7B;AAAA;AAMO,SAAS,iBAAiB,MAAyB;AACtD,QAAM,gBAAgB,iBAAiB;AACvC,QAAM,cAAc,eAAe;AACnC,QAAM,oBAAoB,qBAAqB;AAE/C,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,iBAAiB,IAAI,4CAA4C,cAAc,YAAY,QAAQ;AACvG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAjKxD;AAkKQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,QAAO,6BAAM,2BAA0B,KAAK,wBAAwB,GAAG,IAAI;AACjF,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,QACzD;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAvNxD;AAwNQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,gBAAgB,MAAM,oBAAoB,WAAW;AAC3D,gBAAM,OAAO,MAAM,SAAS,KAAK;AACjC,gBAAM,eAAe;AAAA,YACjB,UAAU;AAAA,YACV;AAAA,YACA,oBAAoB,cAAc;AAAA,UACtC;AACA,iBAAO,IAAI,SAAS,KAAK,UAAU,YAAY,GAAG;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,IAC3C;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AAxPvD;AAyPQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MACpD;AAEA,YAAM,aAAa,EAAC,cAAa;AACjC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,IACpD;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAC,OAAM,GAAiC;AAC/E,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAC,OAAM,GAAiC;AAChF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;","names":["headers","response"]}
+{"version":3,"sources":["../../../src/server/app-router-index.ts","../../../src/server/exceptions.ts","../../../src/server/app-router.ts","../../../src/user.ts","../../../src/server/shared.ts"],"sourcesContent":["export {UnauthorizedException, ConfigurationException} from \"./exceptions\"\nexport {getRouteHandlers, getUser, getUserOrRedirect, getAccessToken, authMiddleware} from \"./app-router\"\nexport type {RouteHandlerArgs} from \"./app-router\"\n","export class UnauthorizedException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 401\n    }\n}\n\nexport class ConfigurationException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 500\n    }\n}\n","import {redirect} from \"next/navigation.js\";\nimport {cookies, headers} from \"next/headers.js\";\nimport {NextRequest, NextResponse} from \"next/server.js\";\nimport {\n    ACCESS_TOKEN_COOKIE_NAME,\n    CALLBACK_PATH,\n    COOKIE_OPTIONS,\n    CUSTOM_HEADER_FOR_ACCESS_TOKEN,\n    getAuthUrlOrigin,\n    getIntegrationApiKey,\n    getRedirectUri,\n    LOGIN_PATH,\n    LOGOUT_PATH,\n    REFRESH_TOKEN_COOKIE_NAME,\n    refreshTokenWithAccessAndRefreshToken,\n    STATE_COOKIE_NAME,\n    USERINFO_PATH,\n    validateAccessToken,\n    validateAccessTokenOrUndefined\n} from \"./shared\";\nimport {UserFromToken} from \"./index\"\n\nexport async function getUserOrRedirect(): Promise<UserFromToken> {\n    const user = await getUser()\n    if (user) {\n        return user\n    } else {\n        redirect(LOGIN_PATH)\n        throw new Error(\"Redirecting to login\")\n    }\n}\n\nexport async function getUser(): Promise<UserFromToken | undefined> {\n    const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return user\n        }\n    }\n    return undefined\n}\n\nexport async function getAccessToken(): Promise<string | undefined> {\n    return headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n}\n\n// Purpose of this middleware is just to keep the access token cookie alive\n// In an ideal world, this could be done in `getUser`, however, you can't\n//   set a cookie in a server component.\n// There also doesn't seem to be any way right now to set a cookie in a\n//   middleware and pass it forward (you can only set them on the response).\n// You CAN, however, pass in custom headers,\n//   so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\nexport async function authMiddleware(req: NextRequest): Promise<Response> {\n    if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n        throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n    } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n        // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n        return NextResponse.next()\n    }\n\n    const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n    // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n    if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(\"Unauthorized\", {status: 401, headers})\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    // If we are authenticated, we can continue\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return NextResponse.next()\n        }\n    }\n\n    // Otherwise, we need to refresh the access token\n    if (refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const response = NextResponse.next()\n            response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n            response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n            return response\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    return NextResponse.next()\n}\n\nexport type RouteHandlerArgs = {\n    postLoginRedirectPathFn?: (req: NextRequest) => string\n}\n\nexport function getRouteHandlers(args?: RouteHandlerArgs) {\n    const authUrlOrigin = getAuthUrlOrigin()\n    const redirectUri = getRedirectUri()\n    const integrationApiKey = getIntegrationApiKey()\n\n    function loginGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    function signupGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            getAuthUrlOrigin() + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    async function callbackGetHandler(req: NextRequest) {\n        const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n        if (!oauthState || oauthState.length !== 64) {\n            console.log(\"No oauth state found\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const queryParams = req.nextUrl.searchParams\n        const state = queryParams.get(\"state\")\n        const code = queryParams.get(\"code\")\n        if (state !== oauthState) {\n            console.log(\"Mismatch between states, redirecting to login\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const oauth_token_body = {\n            redirect_uri: redirectUri,\n            code,\n        }\n        const url = `${authUrlOrigin}/propelauth/ssr/token`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(oauth_token_body),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (response.ok) {\n            const data = await response.json()\n\n            const accessToken = data.access_token\n            const path = args?.postLoginRedirectPathFn ? args.postLoginRedirectPathFn(req) : \"/\"\n            if (!path) {\n                console.log(\"postLoginPathFn returned undefined\")\n                return new Response(\"Unexpected error\", {status: 500})\n            }\n\n            const headers = new Headers()\n            headers.append(\"Location\", path)\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            return new Response(null, {\n                status: 302,\n                headers\n            })\n        } else if (response.status === 401) {\n            return new Response(\"Unexpected error\", {status: 500})\n        } else {\n            return new Response(\"Unexpected error\", {status: 500})\n        }\n    }\n\n    async function userinfoGetHandler(req: NextRequest) {\n        const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n        if (accessToken) {\n            const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n            const response = await fetch(path, {\n                headers: {\n                    \"Content-Type\": \"application/json\",\n                    \"Authorization\": \"Bearer \" + accessToken,\n                }\n            })\n            if (response.ok) {\n                const userFromToken = await validateAccessToken(accessToken)\n                const data = await response.json()\n                const jsonResponse = {\n                    userinfo: data,\n                    accessToken,\n                    impersonatorUserId: userFromToken.impersonatorUserId\n                }\n                return new Response(JSON.stringify(jsonResponse), {\n                    status: 200,\n                    headers: {\n                        \"Content-Type\": \"application/json\",\n                    }\n                })\n            } else if (response.status === 401) {\n                return new Response(null, {status: 401})\n            } else {\n                return new Response(null, {status: 500})\n            }\n        }\n        return new Response(null, {status: 401})\n    }\n\n    async function logoutPostHandler(req: NextRequest) {\n        const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n        if (!refresh_token) {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(null, {status: 200, headers})\n        }\n\n        const logoutBody = {refresh_token}\n        const url = `${authUrlOrigin}/api/backend/v1/logout`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(logoutBody),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (!response.ok) {\n            console.log(\n                \"Unable to logout, clearing cookies and continuing anyway\",\n                response.status,\n                response.statusText\n            )\n        }\n        const headers = new Headers()\n        headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        return new Response(null, {status: 200, headers})\n    }\n\n    function getRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"login\") {\n            return loginGetHandler()\n        } else if (params.slug === \"signup\") {\n            return signupGetHandler()\n        } else if (params.slug === \"callback\") {\n            return callbackGetHandler(req)\n        } else if (params.slug === \"userinfo\") {\n            return userinfoGetHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    function postRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"logout\") {\n            return logoutPostHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    return {\n        getRouteHandler,\n        postRouteHandler\n    }\n}\n\nfunction randomState(): string {\n    const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n    return Array.from(randomBytes)\n        .map((b) => b.toString(16).padStart(2, \"0\"))\n        .join(\"\")\n}\n\n","export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n    refreshToken: string\n    accessToken: string\n    error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n    error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n    error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n    RefreshAndAccessTokens\n    | RefreshAndAccessTokensUnauthorizedError\n    | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n    httpOnly: true,\n    sameSite: \"lax\",\n    secure: true,\n    path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n    return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n    const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n    if (!authUrl) {\n        throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n    }\n    return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n    const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n    if (!redirectUri) {\n        throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n    }\n    return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n    const integrationApiKey = process.env.PROPELAUTH_API_KEY\n    if (!integrationApiKey) {\n        throw new Error(\"PROPELAUTH_API_KEY is not set\")\n    }\n    return integrationApiKey\n}\n\nexport function getVerifierKey() {\n    const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n    if (!verifierKey) {\n        throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n    }\n    return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n    const body = {\n        refresh_token: refreshToken,\n    }\n    const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n    const response = await fetch(url, {\n        method: \"POST\",\n        body: JSON.stringify(body),\n        headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: \"Bearer \" + getIntegrationApiKey(),\n        },\n    })\n\n    if (response.ok) {\n        const data = await response.json()\n        const newRefreshToken = data.refresh_token\n        const {\n            access_token: accessToken,\n            expires_at_seconds: expiresAtSeconds,\n        } = data.access_token\n\n        return {\n            refreshToken: newRefreshToken,\n            accessToken,\n            error: \"none\",\n        }\n    } else if (response.status === 400) {\n        return {error: \"unauthorized\"}\n    } else {\n        return {error: \"unexpected\"}\n    }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n    try {\n        return await validateAccessToken(accessToken)\n    } catch (err) {\n        if (err instanceof ConfigurationException) {\n            throw err\n        } else if (err instanceof UnauthorizedException) {\n            return undefined\n        } else {\n            console.log(\"Error validating access token\", err)\n            return undefined\n        }\n    }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n    let publicKey\n    try {\n        publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n    } catch (err) {\n        console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n        throw new ConfigurationException(\"Invalid verifier key\")\n    }\n\n    if (!accessToken) {\n        throw new UnauthorizedException(\"No access token provided\")\n    }\n\n    let accessTokenWithoutBearer = accessToken\n    if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n        accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n    }\n\n    try {\n        const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n            issuer: getAuthUrlOrigin(),\n            algorithms: [\"RS256\"],\n        })\n\n        return toUser(<InternalUser>payload)\n    } catch (e) {\n        if (e instanceof Error) {\n            throw new UnauthorizedException(e.message)\n        } else {\n            throw new UnauthorizedException(\"Unable to decode jwt\")\n        }\n    }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,wBAAuB;AACvB,qBAA+B;AAC/B,oBAAwC;;;ACFjC,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACxOA,WAAsB;AAqBf,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAEvC,IAAM,iBAA0C;AAAA,EACnD,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAEO,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO;AACX;AAEO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,KAAK;AAChC,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,IAAI,iCAAiC,GAAG;AAChD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;AFvIA,SAAsB,oBAA4C;AAAA;AAC9D,UAAM,OAAO,MAAM,QAAQ;AAC3B,QAAI,MAAM;AACN,aAAO;AAAA,IACX,OAAO;AACH,sCAAS,UAAU;AACnB,YAAM,IAAI,MAAM,sBAAsB;AAAA,IAC1C;AAAA,EACJ;AAAA;AAEA,SAAsB,UAA8C;AAAA;AAhCpE;AAiCI,UAAM,kBAAc,wBAAQ,EAAE,IAAI,8BAA8B,OAAK,iCAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AACA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,iBAA8C;AAAA;AA3CpE;AA4CI,eAAO,wBAAQ,EAAE,IAAI,8BAA8B,OAAK,iCAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAAA,EACrG;AAAA;AASA,SAAsB,eAAe,KAAqC;AAAA;AAtD1E;AAuDI,QAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,YAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,IAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,aAAO,2BAAa,KAAK;AAAA,IAC7B;AAEA,UAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,UAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,QAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MAC9D,OAAO;AACH,cAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,2BAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO,2BAAa,KAAK;AAAA,MAC7B;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMC,YAAW,2BAAa,KAAK;AACnC,QAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,QAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,eAAOA;AAAA,MACX,OAAO;AACH,cAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,2BAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO,2BAAa,KAAK;AAAA,EAC7B;AAAA;AAMO,SAAS,iBAAiB,MAAyB;AACtD,QAAM,gBAAgB,iBAAiB;AACvC,QAAM,cAAc,eAAe;AACnC,QAAM,oBAAoB,qBAAqB;AAE/C,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,iBAAiB,IAAI,4CAA4C,cAAc,YAAY,QAAQ;AACvG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAjKxD;AAkKQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,QAAO,6BAAM,2BAA0B,KAAK,wBAAwB,GAAG,IAAI;AACjF,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,QACzD;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAvNxD;AAwNQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,gBAAgB,MAAM,oBAAoB,WAAW;AAC3D,gBAAM,OAAO,MAAM,SAAS,KAAK;AACjC,gBAAM,eAAe;AAAA,YACjB,UAAU;AAAA,YACV;AAAA,YACA,oBAAoB,cAAc;AAAA,UACtC;AACA,iBAAO,IAAI,SAAS,KAAK,UAAU,YAAY,GAAG;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,IAC3C;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AAxPvD;AAyPQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MACpD;AAEA,YAAM,aAAa,EAAC,cAAa;AACjC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,IACpD;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAC,OAAM,GAAiC;AAC/E,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAC,OAAM,GAAiC;AAChF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;","names":["headers","response"]}

package/dist/server/app-router/index.mjs

@@ -36,9 +36,9 @@ var ConfigurationException = class extends Error {
 };
 
 // src/server/app-router.ts
-import { redirect } from "next/navigation";
-import { cookies, headers } from "next/headers";
-import { NextResponse } from "next/server";
+import { redirect } from "next/navigation.js";
+import { cookies, headers } from "next/headers.js";
+import { NextResponse } from "next/server.js";
 
 // src/user.ts
 var UserFromToken = class {

package/dist/server/app-router/index.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/server/exceptions.ts","../../../src/server/app-router.ts","../../../src/user.ts","../../../src/server/shared.ts"],"sourcesContent":["export class UnauthorizedException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 401\n    }\n}\n\nexport class ConfigurationException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 500\n    }\n}\n","import {redirect} from \"next/navigation\";\nimport {cookies, headers} from \"next/headers\";\nimport {NextRequest, NextResponse} from \"next/server\";\nimport {\n    ACCESS_TOKEN_COOKIE_NAME,\n    CALLBACK_PATH,\n    COOKIE_OPTIONS,\n    CUSTOM_HEADER_FOR_ACCESS_TOKEN,\n    getAuthUrlOrigin,\n    getIntegrationApiKey,\n    getRedirectUri,\n    LOGIN_PATH,\n    LOGOUT_PATH,\n    REFRESH_TOKEN_COOKIE_NAME,\n    refreshTokenWithAccessAndRefreshToken,\n    STATE_COOKIE_NAME,\n    USERINFO_PATH,\n    validateAccessToken,\n    validateAccessTokenOrUndefined\n} from \"./shared\";\nimport {UserFromToken} from \"./index\"\n\nexport async function getUserOrRedirect(): Promise<UserFromToken> {\n    const user = await getUser()\n    if (user) {\n        return user\n    } else {\n        redirect(LOGIN_PATH)\n        throw new Error(\"Redirecting to login\")\n    }\n}\n\nexport async function getUser(): Promise<UserFromToken | undefined> {\n    const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return user\n        }\n    }\n    return undefined\n}\n\nexport async function getAccessToken(): Promise<string | undefined> {\n    return headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n}\n\n// Purpose of this middleware is just to keep the access token cookie alive\n// In an ideal world, this could be done in `getUser`, however, you can't\n//   set a cookie in a server component.\n// There also doesn't seem to be any way right now to set a cookie in a\n//   middleware and pass it forward (you can only set them on the response).\n// You CAN, however, pass in custom headers,\n//   so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\nexport async function authMiddleware(req: NextRequest): Promise<Response> {\n    if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n        throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n    } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n        // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n        return NextResponse.next()\n    }\n\n    const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n    // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n    if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(\"Unauthorized\", {status: 401, headers})\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    // If we are authenticated, we can continue\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return NextResponse.next()\n        }\n    }\n\n    // Otherwise, we need to refresh the access token\n    if (refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const response = NextResponse.next()\n            response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n            response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n            return response\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    return NextResponse.next()\n}\n\nexport type RouteHandlerArgs = {\n    postLoginRedirectPathFn?: (req: NextRequest) => string\n}\n\nexport function getRouteHandlers(args?: RouteHandlerArgs) {\n    const authUrlOrigin = getAuthUrlOrigin()\n    const redirectUri = getRedirectUri()\n    const integrationApiKey = getIntegrationApiKey()\n\n    function loginGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    function signupGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            getAuthUrlOrigin() + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    async function callbackGetHandler(req: NextRequest) {\n        const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n        if (!oauthState || oauthState.length !== 64) {\n            console.log(\"No oauth state found\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const queryParams = req.nextUrl.searchParams\n        const state = queryParams.get(\"state\")\n        const code = queryParams.get(\"code\")\n        if (state !== oauthState) {\n            console.log(\"Mismatch between states, redirecting to login\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const oauth_token_body = {\n            redirect_uri: redirectUri,\n            code,\n        }\n        const url = `${authUrlOrigin}/propelauth/ssr/token`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(oauth_token_body),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (response.ok) {\n            const data = await response.json()\n\n            const accessToken = data.access_token\n            const path = args?.postLoginRedirectPathFn ? args.postLoginRedirectPathFn(req) : \"/\"\n            if (!path) {\n                console.log(\"postLoginPathFn returned undefined\")\n                return new Response(\"Unexpected error\", {status: 500})\n            }\n\n            const headers = new Headers()\n            headers.append(\"Location\", path)\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            return new Response(null, {\n                status: 302,\n                headers\n            })\n        } else if (response.status === 401) {\n            return new Response(\"Unexpected error\", {status: 500})\n        } else {\n            return new Response(\"Unexpected error\", {status: 500})\n        }\n    }\n\n    async function userinfoGetHandler(req: NextRequest) {\n        const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n        if (accessToken) {\n            const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n            const response = await fetch(path, {\n                headers: {\n                    \"Content-Type\": \"application/json\",\n                    \"Authorization\": \"Bearer \" + accessToken,\n                }\n            })\n            if (response.ok) {\n                const userFromToken = await validateAccessToken(accessToken)\n                const data = await response.json()\n                const jsonResponse = {\n                    userinfo: data,\n                    accessToken,\n                    impersonatorUserId: userFromToken.impersonatorUserId\n                }\n                return new Response(JSON.stringify(jsonResponse), {\n                    status: 200,\n                    headers: {\n                        \"Content-Type\": \"application/json\",\n                    }\n                })\n            } else if (response.status === 401) {\n                return new Response(null, {status: 401})\n            } else {\n                return new Response(null, {status: 500})\n            }\n        }\n        return new Response(null, {status: 401})\n    }\n\n    async function logoutPostHandler(req: NextRequest) {\n        const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n        if (!refresh_token) {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(null, {status: 200, headers})\n        }\n\n        const logoutBody = {refresh_token}\n        const url = `${authUrlOrigin}/api/backend/v1/logout`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(logoutBody),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (!response.ok) {\n            console.log(\n                \"Unable to logout, clearing cookies and continuing anyway\",\n                response.status,\n                response.statusText\n            )\n        }\n        const headers = new Headers()\n        headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        return new Response(null, {status: 200, headers})\n    }\n\n    function getRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"login\") {\n            return loginGetHandler()\n        } else if (params.slug === \"signup\") {\n            return signupGetHandler()\n        } else if (params.slug === \"callback\") {\n            return callbackGetHandler(req)\n        } else if (params.slug === \"userinfo\") {\n            return userinfoGetHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    function postRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"logout\") {\n            return logoutPostHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    return {\n        getRouteHandler,\n        postRouteHandler\n    }\n}\n\nfunction randomState(): string {\n    const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n    return Array.from(randomBytes)\n        .map((b) => b.toString(16).padStart(2, \"0\"))\n        .join(\"\")\n}\n\n","export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n    refreshToken: string\n    accessToken: string\n    error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n    error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n    error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n    RefreshAndAccessTokens\n    | RefreshAndAccessTokensUnauthorizedError\n    | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n    httpOnly: true,\n    sameSite: \"lax\",\n    secure: true,\n    path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n    return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n    const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n    if (!authUrl) {\n        throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n    }\n    return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n    const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n    if (!redirectUri) {\n        throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n    }\n    return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n    const integrationApiKey = process.env.PROPELAUTH_API_KEY\n    if (!integrationApiKey) {\n        throw new Error(\"PROPELAUTH_API_KEY is not set\")\n    }\n    return integrationApiKey\n}\n\nexport function getVerifierKey() {\n    const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n    if (!verifierKey) {\n        throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n    }\n    return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n    const body = {\n        refresh_token: refreshToken,\n    }\n    const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n    const response = await fetch(url, {\n        method: \"POST\",\n        body: JSON.stringify(body),\n        headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: \"Bearer \" + getIntegrationApiKey(),\n        },\n    })\n\n    if (response.ok) {\n        const data = await response.json()\n        const newRefreshToken = data.refresh_token\n        const {\n            access_token: accessToken,\n            expires_at_seconds: expiresAtSeconds,\n        } = data.access_token\n\n        return {\n            refreshToken: newRefreshToken,\n            accessToken,\n            error: \"none\",\n        }\n    } else if (response.status === 400) {\n        return {error: \"unauthorized\"}\n    } else {\n        return {error: \"unexpected\"}\n    }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n    try {\n        return await validateAccessToken(accessToken)\n    } catch (err) {\n        if (err instanceof ConfigurationException) {\n            throw err\n        } else if (err instanceof UnauthorizedException) {\n            return undefined\n        } else {\n            console.log(\"Error validating access token\", err)\n            return undefined\n        }\n    }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n    let publicKey\n    try {\n        publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n    } catch (err) {\n        console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n        throw new ConfigurationException(\"Invalid verifier key\")\n    }\n\n    if (!accessToken) {\n        throw new UnauthorizedException(\"No access token provided\")\n    }\n\n    let accessTokenWithoutBearer = accessToken\n    if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n        accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n    }\n\n    try {\n        const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n            issuer: getAuthUrlOrigin(),\n            algorithms: [\"RS256\"],\n        })\n\n        return toUser(<InternalUser>payload)\n    } catch (e) {\n        if (e instanceof Error) {\n            throw new UnauthorizedException(e.message)\n        } else {\n            throw new UnauthorizedException(\"Unable to decode jwt\")\n        }\n    }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,SAAQ,gBAAe;AACvB,SAAQ,SAAS,eAAc;AAC/B,SAAqB,oBAAmB;;;ACFjC,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACxOA,YAAY,UAAU;AAqBf,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAEvC,IAAM,iBAA0C;AAAA,EACnD,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAEO,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO;AACX;AAEO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,KAAK;AAChC,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,IAAI,iCAAiC,GAAG;AAChD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;AFvIA,SAAsB,oBAA4C;AAAA;AAC9D,UAAM,OAAO,MAAM,QAAQ;AAC3B,QAAI,MAAM;AACN,aAAO;AAAA,IACX,OAAO;AACH,eAAS,UAAU;AACnB,YAAM,IAAI,MAAM,sBAAsB;AAAA,IAC1C;AAAA,EACJ;AAAA;AAEA,SAAsB,UAA8C;AAAA;AAhCpE;AAiCI,UAAM,cAAc,QAAQ,EAAE,IAAI,8BAA8B,OAAK,aAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AACA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,iBAA8C;AAAA;AA3CpE;AA4CI,WAAO,QAAQ,EAAE,IAAI,8BAA8B,OAAK,aAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAAA,EACrG;AAAA;AASA,SAAsB,eAAe,KAAqC;AAAA;AAtD1E;AAuDI,QAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,YAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,IAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,aAAO,aAAa,KAAK;AAAA,IAC7B;AAEA,UAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,UAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,QAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MAC9D,OAAO;AACH,cAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,aAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO,aAAa,KAAK;AAAA,MAC7B;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMC,YAAW,aAAa,KAAK;AACnC,QAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,QAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,eAAOA;AAAA,MACX,OAAO;AACH,cAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,aAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO,aAAa,KAAK;AAAA,EAC7B;AAAA;AAMO,SAAS,iBAAiB,MAAyB;AACtD,QAAM,gBAAgB,iBAAiB;AACvC,QAAM,cAAc,eAAe;AACnC,QAAM,oBAAoB,qBAAqB;AAE/C,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,iBAAiB,IAAI,4CAA4C,cAAc,YAAY,QAAQ;AACvG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAjKxD;AAkKQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,QAAO,6BAAM,2BAA0B,KAAK,wBAAwB,GAAG,IAAI;AACjF,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,QACzD;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAvNxD;AAwNQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,gBAAgB,MAAM,oBAAoB,WAAW;AAC3D,gBAAM,OAAO,MAAM,SAAS,KAAK;AACjC,gBAAM,eAAe;AAAA,YACjB,UAAU;AAAA,YACV;AAAA,YACA,oBAAoB,cAAc;AAAA,UACtC;AACA,iBAAO,IAAI,SAAS,KAAK,UAAU,YAAY,GAAG;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,IAC3C;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AAxPvD;AAyPQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MACpD;AAEA,YAAM,aAAa,EAAC,cAAa;AACjC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,IACpD;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAC,OAAM,GAAiC;AAC/E,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAC,OAAM,GAAiC;AAChF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;","names":["headers","response"]}
+{"version":3,"sources":["../../../src/server/exceptions.ts","../../../src/server/app-router.ts","../../../src/user.ts","../../../src/server/shared.ts"],"sourcesContent":["export class UnauthorizedException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 401\n    }\n}\n\nexport class ConfigurationException extends Error {\n    readonly message: string\n    readonly status: number\n\n    constructor(message: string) {\n        super(message)\n        this.message = message\n        this.status = 500\n    }\n}\n","import {redirect} from \"next/navigation.js\";\nimport {cookies, headers} from \"next/headers.js\";\nimport {NextRequest, NextResponse} from \"next/server.js\";\nimport {\n    ACCESS_TOKEN_COOKIE_NAME,\n    CALLBACK_PATH,\n    COOKIE_OPTIONS,\n    CUSTOM_HEADER_FOR_ACCESS_TOKEN,\n    getAuthUrlOrigin,\n    getIntegrationApiKey,\n    getRedirectUri,\n    LOGIN_PATH,\n    LOGOUT_PATH,\n    REFRESH_TOKEN_COOKIE_NAME,\n    refreshTokenWithAccessAndRefreshToken,\n    STATE_COOKIE_NAME,\n    USERINFO_PATH,\n    validateAccessToken,\n    validateAccessTokenOrUndefined\n} from \"./shared\";\nimport {UserFromToken} from \"./index\"\n\nexport async function getUserOrRedirect(): Promise<UserFromToken> {\n    const user = await getUser()\n    if (user) {\n        return user\n    } else {\n        redirect(LOGIN_PATH)\n        throw new Error(\"Redirecting to login\")\n    }\n}\n\nexport async function getUser(): Promise<UserFromToken | undefined> {\n    const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return user\n        }\n    }\n    return undefined\n}\n\nexport async function getAccessToken(): Promise<string | undefined> {\n    return headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n}\n\n// Purpose of this middleware is just to keep the access token cookie alive\n// In an ideal world, this could be done in `getUser`, however, you can't\n//   set a cookie in a server component.\n// There also doesn't seem to be any way right now to set a cookie in a\n//   middleware and pass it forward (you can only set them on the response).\n// You CAN, however, pass in custom headers,\n//   so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\nexport async function authMiddleware(req: NextRequest): Promise<Response> {\n    if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n        throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n    } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n        // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n        return NextResponse.next()\n    }\n\n    const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n    const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n    // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n    if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(\"Unauthorized\", {status: 401, headers})\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    // If we are authenticated, we can continue\n    if (accessToken) {\n        const user = await validateAccessTokenOrUndefined(accessToken)\n        if (user) {\n            return NextResponse.next()\n        }\n    }\n\n    // Otherwise, we need to refresh the access token\n    if (refreshToken) {\n        const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n        if (response.error === \"unexpected\") {\n            throw new Error(\"Unexpected error while refreshing access token\")\n        } else if (response.error === \"unauthorized\") {\n            const response = NextResponse.next()\n            response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n            response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n            return response\n        } else {\n            const headers = new Headers(req.headers)\n            // Pass along the new access token in a header since cookies don't work\n            headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n            const nextResponse = NextResponse.next({\n                request: {\n                    headers\n                }\n            })\n            nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n            nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n            return nextResponse\n        }\n    }\n\n    return NextResponse.next()\n}\n\nexport type RouteHandlerArgs = {\n    postLoginRedirectPathFn?: (req: NextRequest) => string\n}\n\nexport function getRouteHandlers(args?: RouteHandlerArgs) {\n    const authUrlOrigin = getAuthUrlOrigin()\n    const redirectUri = getRedirectUri()\n    const integrationApiKey = getIntegrationApiKey()\n\n    function loginGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    function signupGetHandler() {\n        const state = randomState()\n        const authorize_url =\n            getAuthUrlOrigin() + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n        return new Response(null, {\n            status: 302,\n            headers: {\n                Location: authorize_url,\n                \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n            }\n        })\n    }\n\n    async function callbackGetHandler(req: NextRequest) {\n        const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n        if (!oauthState || oauthState.length !== 64) {\n            console.log(\"No oauth state found\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const queryParams = req.nextUrl.searchParams\n        const state = queryParams.get(\"state\")\n        const code = queryParams.get(\"code\")\n        if (state !== oauthState) {\n            console.log(\"Mismatch between states, redirecting to login\")\n            return new Response(null, {status: 302, headers: {Location: LOGIN_PATH}})\n        }\n\n        const oauth_token_body = {\n            redirect_uri: redirectUri,\n            code,\n        }\n        const url = `${authUrlOrigin}/propelauth/ssr/token`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(oauth_token_body),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (response.ok) {\n            const data = await response.json()\n\n            const accessToken = data.access_token\n            const path = args?.postLoginRedirectPathFn ? args.postLoginRedirectPathFn(req) : \"/\"\n            if (!path) {\n                console.log(\"postLoginPathFn returned undefined\")\n                return new Response(\"Unexpected error\", {status: 500})\n            }\n\n            const headers = new Headers()\n            headers.append(\"Location\", path)\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n            return new Response(null, {\n                status: 302,\n                headers\n            })\n        } else if (response.status === 401) {\n            return new Response(\"Unexpected error\", {status: 500})\n        } else {\n            return new Response(\"Unexpected error\", {status: 500})\n        }\n    }\n\n    async function userinfoGetHandler(req: NextRequest) {\n        const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n        if (accessToken) {\n            const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n            const response = await fetch(path, {\n                headers: {\n                    \"Content-Type\": \"application/json\",\n                    \"Authorization\": \"Bearer \" + accessToken,\n                }\n            })\n            if (response.ok) {\n                const userFromToken = await validateAccessToken(accessToken)\n                const data = await response.json()\n                const jsonResponse = {\n                    userinfo: data,\n                    accessToken,\n                    impersonatorUserId: userFromToken.impersonatorUserId\n                }\n                return new Response(JSON.stringify(jsonResponse), {\n                    status: 200,\n                    headers: {\n                        \"Content-Type\": \"application/json\",\n                    }\n                })\n            } else if (response.status === 401) {\n                return new Response(null, {status: 401})\n            } else {\n                return new Response(null, {status: 500})\n            }\n        }\n        return new Response(null, {status: 401})\n    }\n\n    async function logoutPostHandler(req: NextRequest) {\n        const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n        if (!refresh_token) {\n            const headers = new Headers()\n            headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n            return new Response(null, {status: 200, headers})\n        }\n\n        const logoutBody = {refresh_token}\n        const url = `${authUrlOrigin}/api/backend/v1/logout`\n        const response = await fetch(url, {\n            method: \"POST\",\n            body: JSON.stringify(logoutBody),\n            headers: {\n                \"Content-Type\": \"application/json\",\n                Authorization: \"Bearer \" + integrationApiKey,\n            },\n        })\n\n        if (!response.ok) {\n            console.log(\n                \"Unable to logout, clearing cookies and continuing anyway\",\n                response.status,\n                response.statusText\n            )\n        }\n        const headers = new Headers()\n        headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n        return new Response(null, {status: 200, headers})\n    }\n\n    function getRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"login\") {\n            return loginGetHandler()\n        } else if (params.slug === \"signup\") {\n            return signupGetHandler()\n        } else if (params.slug === \"callback\") {\n            return callbackGetHandler(req)\n        } else if (params.slug === \"userinfo\") {\n            return userinfoGetHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    function postRouteHandler(req: NextRequest, {params}: { params: { slug: string } }) {\n        if (params.slug === \"logout\") {\n            return logoutPostHandler(req)\n        } else {\n            return new Response(\"\", {status: 404})\n        }\n    }\n\n    return {\n        getRouteHandler,\n        postRouteHandler\n    }\n}\n\nfunction randomState(): string {\n    const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n    return Array.from(randomBytes)\n        .map((b) => b.toString(16).padStart(2, \"0\"))\n        .join(\"\")\n}\n\n","export class UserFromToken {\n    public userId: string\n    public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n    // Metadata about the user\n    public email: string\n    public firstName?: string\n    public lastName?: string\n    public username?: string\n\n    // If you used our migration APIs to migrate this user from a different system,\n    //   this is their original ID from that system.\n    public legacyUserId?: string\n    public impersonatorUserId?: string\n\n    constructor(\n        userId: string,\n        email: string,\n        orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n        firstName?: string,\n        lastName?: string,\n        username?: string,\n        legacyUserId?: string,\n        impersonatorUserId?: string\n    ) {\n        this.userId = userId\n        this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n        this.email = email\n        this.firstName = firstName\n        this.lastName = lastName\n        this.username = username\n\n        this.legacyUserId = legacyUserId\n        this.impersonatorUserId = impersonatorUserId\n    }\n\n    public getOrg(orgId: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        return this.orgIdToOrgMemberInfo[orgId]\n    }\n\n    public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n        if (!this.orgIdToOrgMemberInfo) {\n            return undefined\n        }\n\n        const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n        for (const orgId in this.orgIdToOrgMemberInfo) {\n            const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n            if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n                return orgMemberInfo\n            }\n        }\n\n        return undefined\n    }\n\n    public getOrgs(): OrgMemberInfo[] {\n        if (!this.orgIdToOrgMemberInfo) {\n            return []\n        }\n\n        return Object.values(this.orgIdToOrgMemberInfo)\n    }\n\n    public isImpersonating(): boolean {\n        return !!this.impersonatorUserId\n    }\n\n    public static fromJSON(json: string): UserFromToken {\n        const obj = JSON.parse(json)\n        const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n        for (const orgId in obj.orgIdToOrgMemberInfo) {\n            orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n                JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n            )\n        }\n        return new UserFromToken(\n            obj.userId,\n            obj.email,\n            orgIdToOrgMemberInfo,\n            obj.firstName,\n            obj.lastName,\n            obj.username,\n            obj.legacyUserId,\n            obj.impersonatorUserId\n        )\n    }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n    [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n    public orgId: string\n    public orgName: string\n    public orgMetadata: { [key: string]: any }\n    public urlSafeOrgName: string\n\n    private userAssignedRole: string\n    private userInheritedRolesPlusCurrentRole: string[]\n    private userPermissions: string[]\n\n    constructor(\n        orgId: string,\n        orgName: string,\n        orgMetadata: { [key: string]: any },\n        urlSafeOrgName: string,\n        userAssignedRole: string,\n        userInheritedRolesPlusCurrentRole: string[],\n        userPermissions: string[]\n    ) {\n        this.orgId = orgId\n        this.orgName = orgName\n        this.orgMetadata = orgMetadata\n        this.urlSafeOrgName = urlSafeOrgName\n\n        this.userAssignedRole = userAssignedRole\n        this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n        this.userPermissions = userPermissions\n    }\n\n    // validation methods\n\n    public isRole(role: string): boolean {\n        return this.userAssignedRole === role\n    }\n\n    public isAtLeastRole(role: string): boolean {\n        return this.userInheritedRolesPlusCurrentRole.includes(role)\n    }\n\n    public hasPermission(permission: string): boolean {\n        return this.userPermissions.includes(permission)\n    }\n\n    public hasAllPermissions(permissions: string[]): boolean {\n        return permissions.every((permission) => this.hasPermission(permission))\n    }\n\n    public static fromJSON(json: string): OrgMemberInfo {\n        const obj = JSON.parse(json)\n        return new OrgMemberInfo(\n            obj.orgId,\n            obj.orgName,\n            obj.orgMetadata,\n            obj.urlSafeOrgName,\n            obj.userAssignedRole,\n            obj.userInheritedRolesPlusCurrentRole,\n            obj.userPermissions\n        )\n    }\n\n    // getters for the private fields\n\n    get assignedRole(): string {\n        return this.userAssignedRole\n    }\n\n    get inheritedRolesPlusCurrentRole(): string[] {\n        return this.userInheritedRolesPlusCurrentRole\n    }\n\n    get permissions(): string[] {\n        return this.userPermissions\n    }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n    org_id: string\n    org_name: string\n    org_metadata: { [key: string]: any }\n    url_safe_org_name: string\n    user_role: string\n    inherited_user_roles_plus_current_role: string[]\n    user_permissions: string[]\n}\nexport type InternalUser = {\n    user_id: string\n    org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n    email: string\n    first_name?: string\n    last_name?: string\n    username?: string\n\n    // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n    legacy_user_id?: string\n    impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n    return new UserFromToken(\n        snake_case.user_id,\n        snake_case.email,\n        toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n        snake_case.first_name,\n        snake_case.last_name,\n        snake_case.username,\n        snake_case.legacy_user_id,\n        snake_case.impersonatorUserId\n    )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n    [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n    if (snake_case === undefined) {\n        return undefined\n    }\n    const camelCase: OrgIdToOrgMemberInfo = {}\n\n    for (const key of Object.keys(snake_case)) {\n        const snakeCaseValue = snake_case[key]\n        if (snakeCaseValue) {\n            camelCase[key] = new OrgMemberInfo(\n                snakeCaseValue.org_id,\n                snakeCaseValue.org_name,\n                snakeCaseValue.org_metadata,\n                snakeCaseValue.url_safe_org_name,\n                snakeCaseValue.user_role,\n                snakeCaseValue.inherited_user_roles_plus_current_role,\n                snakeCaseValue.user_permissions\n            )\n        }\n    }\n\n    return camelCase\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n    refreshToken: string\n    accessToken: string\n    error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n    error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n    error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n    RefreshAndAccessTokens\n    | RefreshAndAccessTokensUnauthorizedError\n    | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n    httpOnly: true,\n    sameSite: \"lax\",\n    secure: true,\n    path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n    return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n    const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n    if (!authUrl) {\n        throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n    }\n    return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n    const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n    if (!redirectUri) {\n        throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n    }\n    return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n    const integrationApiKey = process.env.PROPELAUTH_API_KEY\n    if (!integrationApiKey) {\n        throw new Error(\"PROPELAUTH_API_KEY is not set\")\n    }\n    return integrationApiKey\n}\n\nexport function getVerifierKey() {\n    const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n    if (!verifierKey) {\n        throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n    }\n    return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n    const body = {\n        refresh_token: refreshToken,\n    }\n    const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n    const response = await fetch(url, {\n        method: \"POST\",\n        body: JSON.stringify(body),\n        headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: \"Bearer \" + getIntegrationApiKey(),\n        },\n    })\n\n    if (response.ok) {\n        const data = await response.json()\n        const newRefreshToken = data.refresh_token\n        const {\n            access_token: accessToken,\n            expires_at_seconds: expiresAtSeconds,\n        } = data.access_token\n\n        return {\n            refreshToken: newRefreshToken,\n            accessToken,\n            error: \"none\",\n        }\n    } else if (response.status === 400) {\n        return {error: \"unauthorized\"}\n    } else {\n        return {error: \"unexpected\"}\n    }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n    try {\n        return await validateAccessToken(accessToken)\n    } catch (err) {\n        if (err instanceof ConfigurationException) {\n            throw err\n        } else if (err instanceof UnauthorizedException) {\n            return undefined\n        } else {\n            console.log(\"Error validating access token\", err)\n            return undefined\n        }\n    }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n    let publicKey\n    try {\n        publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n    } catch (err) {\n        console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n        throw new ConfigurationException(\"Invalid verifier key\")\n    }\n\n    if (!accessToken) {\n        throw new UnauthorizedException(\"No access token provided\")\n    }\n\n    let accessTokenWithoutBearer = accessToken\n    if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n        accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n    }\n\n    try {\n        const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n            issuer: getAuthUrlOrigin(),\n            algorithms: [\"RS256\"],\n        })\n\n        return toUser(<InternalUser>payload)\n    } catch (e) {\n        if (e instanceof Error) {\n            throw new UnauthorizedException(e.message)\n        } else {\n            throw new UnauthorizedException(\"Unable to decode jwt\")\n        }\n    }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,SAAQ,gBAAe;AACvB,SAAQ,SAAS,eAAc;AAC/B,SAAqB,oBAAmB;;;ACFjC,IAAM,gBAAN,MAAoB;AAAA,EAevB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ACxOA,YAAY,UAAU;AAqBf,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAEvC,IAAM,iBAA0C;AAAA,EACnD,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAEO,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO;AACX;AAEO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,KAAK;AAChC,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,IAAI,iCAAiC,GAAG;AAChD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;AFvIA,SAAsB,oBAA4C;AAAA;AAC9D,UAAM,OAAO,MAAM,QAAQ;AAC3B,QAAI,MAAM;AACN,aAAO;AAAA,IACX,OAAO;AACH,eAAS,UAAU;AACnB,YAAM,IAAI,MAAM,sBAAsB;AAAA,IAC1C;AAAA,EACJ;AAAA;AAEA,SAAsB,UAA8C;AAAA;AAhCpE;AAiCI,UAAM,cAAc,QAAQ,EAAE,IAAI,8BAA8B,OAAK,aAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AACA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,iBAA8C;AAAA;AA3CpE;AA4CI,WAAO,QAAQ,EAAE,IAAI,8BAA8B,OAAK,aAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAAA,EACrG;AAAA;AASA,SAAsB,eAAe,KAAqC;AAAA;AAtD1E;AAuDI,QAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,YAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,IAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,aAAO,aAAa,KAAK;AAAA,IAC7B;AAEA,UAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,UAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,QAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MAC9D,OAAO;AACH,cAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,aAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO,aAAa,KAAK;AAAA,MAC7B;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAMC,YAAW,aAAa,KAAK;AACnC,QAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,QAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,eAAOA;AAAA,MACX,OAAO;AACH,cAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,QAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,cAAM,eAAe,aAAa,KAAK;AAAA,UACnC,SAAS;AAAA,YACL,SAAAA;AAAA,UACJ;AAAA,QACJ,CAAC;AACD,qBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,qBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO,aAAa,KAAK;AAAA,EAC7B;AAAA;AAMO,SAAS,iBAAiB,MAAyB;AACtD,QAAM,gBAAgB,iBAAiB;AACvC,QAAM,cAAc,eAAe;AACnC,QAAM,oBAAoB,qBAAqB;AAE/C,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,iBAAiB,IAAI,4CAA4C,cAAc,YAAY,QAAQ;AACvG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAjKxD;AAkKQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAS,EAAC,UAAU,WAAU,EAAC,CAAC;AAAA,MAC5E;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,QAAO,6BAAM,2BAA0B,KAAK,wBAAwB,GAAG,IAAI;AACjF,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,QACzD;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAC,QAAQ,IAAG,CAAC;AAAA,MACzD;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAvNxD;AAwNQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,gBAAgB,MAAM,oBAAoB,WAAW;AAC3D,gBAAM,OAAO,MAAM,SAAS,KAAK;AACjC,gBAAM,eAAe;AAAA,YACjB,UAAU;AAAA,YACV;AAAA,YACA,oBAAoB,cAAc;AAAA,UACtC;AACA,iBAAO,IAAI,SAAS,KAAK,UAAU,YAAY,GAAG;AAAA,YAC9C,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,QAC3C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,IAAG,CAAC;AAAA,IAC3C;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AAxPvD;AAyPQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,MACpD;AAEA,YAAM,aAAa,EAAC,cAAa;AACjC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,IACpD;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAC,OAAM,GAAiC;AAC/E,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAC,OAAM,GAAiC;AAChF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAC,QAAQ,IAAG,CAAC;AAAA,IACzC;AAAA,EACJ;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;","names":["headers","response"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@propelauth/nextjs",
-  "version": "0.0.86",
+  "version": "0.0.92",
   "exports": {
     "./server": {
       "browser": "./dist/server/index.mjs",