@qyh213/easyauth-client 1.0.0-beta.1

package/dist/react.js

@@ -0,0 +1,733 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/react.tsx
+var react_exports = {};
+__export(react_exports, {
+  EasyAuthClient: () => EasyAuthClient,
+  EasyAuthError: () => EasyAuthError,
+  EasyAuthProvider: () => EasyAuthProvider,
+  LocalStorageTokenStorage: () => LocalStorageTokenStorage,
+  LoginForm: () => LoginForm,
+  MemoryTokenStorage: () => MemoryTokenStorage,
+  Protected: () => Protected,
+  ScopeError: () => ScopeError,
+  useAuthActions: () => useAuthActions,
+  useEasyAuth: () => useEasyAuth,
+  useEasyAuthClient: () => useEasyAuthClient,
+  useIsAuthenticated: () => useIsAuthenticated,
+  useUser: () => useUser
+});
+module.exports = __toCommonJS(react_exports);
+var import_react = require("react");
+
+// src/types.ts
+var EasyAuthError = class extends Error {
+  constructor(message, code, statusCode) {
+    super(message);
+    this.code = code;
+    this.statusCode = statusCode;
+    this.name = "EasyAuthError";
+  }
+};
+var ScopeError = class extends EasyAuthError {
+  constructor(message, requiredScopes, providedScopes) {
+    super(message, "INSUFFICIENT_SCOPES", 403);
+    this.requiredScopes = requiredScopes;
+    this.providedScopes = providedScopes;
+    this.name = "ScopeError";
+  }
+};
+var _LocalStorageTokenStorage = class _LocalStorageTokenStorage {
+  getToken() {
+    if (typeof window === "undefined") return null;
+    return localStorage.getItem(_LocalStorageTokenStorage.KEY);
+  }
+  setToken(token) {
+    if (typeof window === "undefined") return;
+    localStorage.setItem(_LocalStorageTokenStorage.KEY, token);
+  }
+  removeToken() {
+    if (typeof window === "undefined") return;
+    localStorage.removeItem(_LocalStorageTokenStorage.KEY);
+  }
+};
+_LocalStorageTokenStorage.KEY = "easy_auth_token";
+var LocalStorageTokenStorage = _LocalStorageTokenStorage;
+var MemoryTokenStorage = class {
+  constructor() {
+    this.token = null;
+  }
+  getToken() {
+    return this.token;
+  }
+  setToken(token) {
+    this.token = token;
+  }
+  removeToken() {
+    this.token = null;
+  }
+};
+
+// src/client.ts
+var EasyAuthClient = class {
+  constructor(config, tokenStorage) {
+    this.config = {
+      apiKey: "",
+      defaultTokenExpiry: 24,
+      ...config
+    };
+    this.tokenStorage = tokenStorage || new LocalStorageTokenStorage();
+  }
+  // ============ HTTP Utilities ============
+  async request(endpoint, options = {}, requireAuth = false) {
+    const url = `${this.config.baseUrl}${endpoint}`;
+    const headers = {
+      "Content-Type": "application/json",
+      ...options.headers || {}
+    };
+    if (this.config.apiKey && !requireAuth) {
+      headers["Authorization"] = `Bearer ${this.config.apiKey}`;
+    }
+    if (requireAuth) {
+      const token = this.getAccessToken();
+      if (token) {
+        headers["Authorization"] = `Bearer ${token}`;
+      }
+    }
+    try {
+      const response = await fetch(url, {
+        ...options,
+        headers
+      });
+      const data = await response.json();
+      if (!response.ok) {
+        if (response.status === 403 && data.required && data.provided) {
+          throw new ScopeError(
+            data.error || "Insufficient scopes",
+            data.required,
+            data.provided
+          );
+        }
+        throw new EasyAuthError(
+          data.error || `HTTP ${response.status}`,
+          data.code || "UNKNOWN_ERROR",
+          response.status
+        );
+      }
+      return data;
+    } catch (error) {
+      if (error instanceof EasyAuthError) {
+        throw error;
+      }
+      throw new EasyAuthError(
+        error instanceof Error ? error.message : "Network error",
+        "NETWORK_ERROR"
+      );
+    }
+  }
+  // ============ Configuration ============
+  /**
+   * Update the client's service configuration
+   */
+  configure(config) {
+    this.config = { ...this.config, ...config };
+  }
+  /**
+   * Get current configuration (without sensitive data)
+   */
+  getConfig() {
+    const { apiKey: _, ...rest } = this.config;
+    return rest;
+  }
+  // ============ Token Management ============
+  /**
+   * Get the stored access token
+   */
+  getAccessToken() {
+    return this.tokenStorage.getToken();
+  }
+  /**
+   * Store an access token
+   */
+  setAccessToken(token) {
+    this.tokenStorage.setToken(token);
+  }
+  /**
+   * Remove the stored access token (logout)
+   */
+  clearAccessToken() {
+    this.tokenStorage.removeToken();
+  }
+  /**
+   * Check if user is logged in
+   */
+  isLoggedIn() {
+    return !!this.getAccessToken();
+  }
+  // ============ Scope Validation ============
+  /**
+   * Introspect a token or API key and validate required scopes
+   */
+  async introspect(request) {
+    return this.request("/api/v1/introspect", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+  }
+  /**
+   * Validate the current token with optional scope checking
+   */
+  async validateWithScopes(requiredScopes) {
+    const token = this.getAccessToken();
+    if (!token) {
+      return { valid: false, error: "No token provided" };
+    }
+    if (!this.config.apiKey) {
+      return { valid: false, error: "Service API key not configured" };
+    }
+    try {
+      const serviceId = this.config.apiKey.split(".")[0];
+      const result = await this.introspect({
+        serviceId,
+        token,
+        requiredScopes
+      });
+      return {
+        valid: result.valid,
+        type: result.type === "bearer" ? "token" : "api_key",
+        scopes: result.scopes,
+        userId: result.userId,
+        email: result.email,
+        error: result.error
+      };
+    } catch (error) {
+      if (error instanceof ScopeError) {
+        return {
+          valid: false,
+          error: error.message,
+          scopes: error.providedScopes
+        };
+      }
+      if (error instanceof EasyAuthError && error.statusCode === 401) {
+        return { valid: false, error: "Invalid or expired token" };
+      }
+      throw error;
+    }
+  }
+  /**
+   * Check if the current user has all the required scopes
+   * Throws ScopeError if scopes are insufficient
+   */
+  async requireScopes(...requiredScopes) {
+    const result = await this.validateWithScopes(requiredScopes);
+    if (!result.valid) {
+      throw new EasyAuthError(
+        result.error || "Authentication required",
+        "UNAUTHORIZED",
+        401
+      );
+    }
+    const hasScopes = requiredScopes.every(
+      (scope) => result.scopes?.includes(scope)
+    );
+    if (!hasScopes) {
+      throw new ScopeError(
+        `Required scopes: ${requiredScopes.join(", ")}`,
+        requiredScopes,
+        result.scopes || []
+      );
+    }
+    return result;
+  }
+  /**
+   * Execute a function only if the user has the required scopes
+   */
+  async withScope(scopes, fn) {
+    await this.requireScopes(...scopes);
+    return fn();
+  }
+  // ============ Authentication ============
+  /**
+   * Login a user and store the access token
+   */
+  async login(credentials) {
+    if (!this.config.apiKey) {
+      throw new EasyAuthError(
+        "API key required for login. Configure the client first.",
+        "MISSING_API_KEY"
+      );
+    }
+    const response = await this.request("/api/v1/auth/login", {
+      method: "POST",
+      body: JSON.stringify({
+        email: credentials.email,
+        password: credentials.password,
+        expires_in_hours: credentials.expiresInHours || this.config.defaultTokenExpiry,
+        scopes: credentials.scopes
+      })
+    });
+    const token = {
+      accessToken: response.access_token,
+      tokenType: response.token_type,
+      expiresIn: response.expires_in,
+      expiresAt: response.expires_at,
+      userId: response.user_id,
+      email: response.email,
+      scopes: response.scopes
+    };
+    this.setAccessToken(token.accessToken);
+    return token;
+  }
+  /**
+   * Logout the current user
+   */
+  async logout() {
+    const token = this.getAccessToken();
+    if (token) {
+      try {
+        await this.request("/api/v1/auth/logout", {
+          method: "POST"
+        });
+      } catch (error) {
+      }
+    }
+    this.clearAccessToken();
+  }
+  /**
+   * Validate the current token or an API key
+   * @deprecated Use validateWithScopes instead
+   */
+  async validate(_credential) {
+    return this.validateWithScopes();
+  }
+  /**
+   * Refresh the current token
+   */
+  async refreshToken() {
+    const response = await this.request("/api/v1/auth/refresh", {
+      method: "POST"
+    }, true);
+    const token = {
+      accessToken: response.access_token,
+      tokenType: response.token_type,
+      expiresIn: response.expires_in,
+      expiresAt: response.expires_at,
+      userId: "",
+      // Refresh doesn't return user info
+      email: ""
+    };
+    this.setAccessToken(token.accessToken);
+    return token;
+  }
+  // ============ User Management ============
+  /**
+   * Create a new user (requires admin API key)
+   */
+  async createUser(request) {
+    const response = await this.request("/api/v1/users/create", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+    return {
+      userId: response.user_id,
+      email: response.email,
+      createdAt: response.created_at
+    };
+  }
+  /**
+   * List all users for the service
+   */
+  async listUsers() {
+    const response = await this.request("/api/v1/users/list");
+    return response.users;
+  }
+  /**
+   * Delete a user
+   */
+  async deleteUser(userId) {
+    await this.request("/api/v1/users/delete", {
+      method: "POST",
+      body: JSON.stringify({ user_id: userId })
+    });
+  }
+  /**
+   * Update user password
+   */
+  async updatePassword(userId, oldPassword, newPassword) {
+    await this.request("/api/v1/users/password", {
+      method: "POST",
+      body: JSON.stringify({
+        user_id: userId,
+        old_password: oldPassword,
+        new_password: newPassword
+      })
+    });
+  }
+  // ============ Scope Management ============
+  /**
+   * List custom scopes for the service
+   */
+  async listScopes() {
+    const response = await this.request("/api/v1/scopes/list");
+    return response.scopes;
+  }
+  /**
+   * Create a custom scope
+   */
+  async createScope(request) {
+    const response = await this.request("/api/v1/scopes/create", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+    return {
+      scopeId: response.scope_id,
+      name: response.name,
+      key: response.key,
+      description: response.description,
+      createdAt: response.created_at
+    };
+  }
+  /**
+   * Delete a custom scope
+   */
+  async deleteScope(scopeId) {
+    await this.request("/api/v1/scopes/delete", {
+      method: "POST",
+      body: JSON.stringify({ scope_id: scopeId })
+    });
+  }
+  // ============ API Key Management ============
+  /**
+   * List all API keys for the service
+   */
+  async listApiKeys() {
+    const response = await this.request("/api/v1/keys/list");
+    return response.apiKeys;
+  }
+  /**
+   * Create a new API key with optional custom scopes
+   */
+  async createApiKey(request) {
+    const response = await this.request("/api/v1/keys/create", {
+      method: "POST",
+      body: JSON.stringify({
+        name: request.name,
+        scope: request.scope || "service",
+        scopes: request.scopes,
+        key_type: request.keyType || "service",
+        tps_limit: request.tpsLimit || 100
+      })
+    });
+    return {
+      keyId: response.key_id,
+      apiKey: response.api_key,
+      name: response.name,
+      scope: response.scope,
+      scopes: response.scopes
+    };
+  }
+  /**
+   * Revoke an API key
+   */
+  async revokeApiKey(keyId) {
+    await this.request("/api/v1/keys/revoke", {
+      method: "POST",
+      body: JSON.stringify({ key_id: keyId })
+    });
+  }
+  // ============ Service Management ============
+  /**
+   * Onboard a new service (requires master admin key)
+   */
+  async onboardService(request, masterAdminKey) {
+    const response = await this.request("/api/v1/services/onboard", {
+      method: "POST",
+      headers: {
+        "x-onboarding-admin-key": masterAdminKey
+      },
+      body: JSON.stringify({
+        service_name: request.serviceName,
+        owner_email: request.ownerEmail
+      })
+    });
+    return {
+      serviceId: response.service_id,
+      serviceName: response.service_name,
+      ownerEmail: response.owner_email,
+      adminKeyId: response.admin_key_id,
+      serviceAdminApiKey: response.service_admin_api_key,
+      createdAt: response.created_at
+    };
+  }
+  /**
+   * Delete a service (requires master admin key)
+   */
+  async deleteService(serviceId, masterAdminKey) {
+    await this.request("/api/v1/services/deboard", {
+      method: "POST",
+      headers: {
+        "x-onboarding-admin-key": masterAdminKey
+      },
+      body: JSON.stringify({ service_id: serviceId })
+    });
+  }
+  // ============ Webhook Management ============
+  /**
+   * List webhooks
+   */
+  async listWebhooks() {
+    const response = await this.request(
+      "/api/v1/webhooks/list"
+    );
+    return response.webhooks;
+  }
+  /**
+   * Register a webhook
+   */
+  async registerWebhook(request) {
+    const response = await this.request("/api/v1/webhooks/register", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+    return {
+      webhookId: response.webhook_id,
+      url: response.url,
+      events: response.events,
+      active: response.active,
+      createdAt: response.created_at
+    };
+  }
+  /**
+   * Delete a webhook
+   */
+  async deleteWebhook(webhookId) {
+    await this.request("/api/v1/webhooks/delete", {
+      method: "POST",
+      body: JSON.stringify({ webhook_id: webhookId })
+    });
+  }
+};
+
+// src/react.tsx
+var import_jsx_runtime = require("react/jsx-runtime");
+var EasyAuthContext = (0, import_react.createContext)(null);
+function EasyAuthProvider({
+  config,
+  tokenStorage,
+  children,
+  validateOnMount = true,
+  validationInterval = 5 * 60 * 1e3
+}) {
+  const [client] = (0, import_react.useState)(() => new EasyAuthClient(config, tokenStorage));
+  const [isAuthenticated, setIsAuthenticated] = (0, import_react.useState)(false);
+  const [user, setUser] = (0, import_react.useState)(null);
+  const [isLoading, setIsLoading] = (0, import_react.useState)(true);
+  (0, import_react.useEffect)(() => {
+    const checkAuth = async () => {
+      const token = client.getAccessToken();
+      if (token && validateOnMount) {
+        try {
+          const result = await client.validate();
+          if (result.valid) {
+            setIsAuthenticated(true);
+          } else {
+            client.clearAccessToken();
+          }
+        } catch (error) {
+          client.clearAccessToken();
+        }
+      }
+      setIsLoading(false);
+    };
+    checkAuth();
+  }, [client, validateOnMount]);
+  (0, import_react.useEffect)(() => {
+    if (!isAuthenticated || !validationInterval) return;
+    const interval = setInterval(async () => {
+      try {
+        const result = await client.validate();
+        if (!result.valid) {
+          setIsAuthenticated(false);
+          setUser(null);
+        }
+      } catch (error) {
+        setIsAuthenticated(false);
+        setUser(null);
+      }
+    }, validationInterval);
+    return () => clearInterval(interval);
+  }, [client, isAuthenticated, validationInterval]);
+  const login = (0, import_react.useCallback)(
+    async (email, password) => {
+      setIsLoading(true);
+      try {
+        const token = await client.login({ email, password });
+        setIsAuthenticated(true);
+        setUser({
+          userId: token.userId,
+          email: token.email,
+          createdAt: (/* @__PURE__ */ new Date()).toISOString()
+        });
+      } finally {
+        setIsLoading(false);
+      }
+    },
+    [client]
+  );
+  const logout = (0, import_react.useCallback)(async () => {
+    setIsLoading(true);
+    try {
+      await client.logout();
+    } finally {
+      setIsAuthenticated(false);
+      setUser(null);
+      setIsLoading(false);
+    }
+  }, [client]);
+  const validate = (0, import_react.useCallback)(async () => {
+    const result = await client.validate();
+    if (!result.valid) {
+      setIsAuthenticated(false);
+      setUser(null);
+    }
+    return result;
+  }, [client]);
+  const value = {
+    client,
+    isAuthenticated,
+    user,
+    isLoading,
+    login,
+    logout,
+    validate
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(EasyAuthContext.Provider, { value, children });
+}
+function useEasyAuth() {
+  const context = (0, import_react.useContext)(EasyAuthContext);
+  if (!context) {
+    throw new Error("useEasyAuth must be used within EasyAuthProvider");
+  }
+  return context;
+}
+function useEasyAuthClient() {
+  return useEasyAuth().client;
+}
+function useIsAuthenticated() {
+  return useEasyAuth().isAuthenticated;
+}
+function useUser() {
+  return useEasyAuth().user;
+}
+function useAuthActions() {
+  const { login, logout, isLoading } = useEasyAuth();
+  return { login, logout, isLoading };
+}
+function Protected({ children, fallback = null }) {
+  const { isAuthenticated, isLoading } = useEasyAuth();
+  if (isLoading) {
+    return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children: fallback });
+  }
+  if (!isAuthenticated) {
+    return null;
+  }
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children });
+}
+function LoginForm({ onSuccess, onError, className }) {
+  const { login, isLoading } = useEasyAuth();
+  const [email, setEmail] = (0, import_react.useState)("");
+  const [password, setPassword] = (0, import_react.useState)("");
+  const [error, setError] = (0, import_react.useState)(null);
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    setError(null);
+    try {
+      await login(email, password);
+      onSuccess?.();
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "Login failed";
+      setError(message);
+      onError?.(err instanceof Error ? err : new Error(message));
+    }
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsxs)("form", { onSubmit: handleSubmit, className, children: [
+    error && /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { style: { color: "red", marginBottom: "1rem" }, children: error }),
+    /* @__PURE__ */ (0, import_jsx_runtime.jsxs)("div", { style: { marginBottom: "1rem" }, children: [
+      /* @__PURE__ */ (0, import_jsx_runtime.jsx)("label", { htmlFor: "email", children: "Email" }),
+      /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
+        "input",
+        {
+          id: "email",
+          type: "email",
+          value: email,
+          onChange: (e) => setEmail(e.target.value),
+          required: true,
+          style: { display: "block", width: "100%", padding: "0.5rem" }
+        }
+      )
+    ] }),
+    /* @__PURE__ */ (0, import_jsx_runtime.jsxs)("div", { style: { marginBottom: "1rem" }, children: [
+      /* @__PURE__ */ (0, import_jsx_runtime.jsx)("label", { htmlFor: "password", children: "Password" }),
+      /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
+        "input",
+        {
+          id: "password",
+          type: "password",
+          value: password,
+          onChange: (e) => setPassword(e.target.value),
+          required: true,
+          style: { display: "block", width: "100%", padding: "0.5rem" }
+        }
+      )
+    ] }),
+    /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
+      "button",
+      {
+        type: "submit",
+        disabled: isLoading,
+        style: {
+          padding: "0.5rem 1rem",
+          background: isLoading ? "#ccc" : "#007bff",
+          color: "white",
+          border: "none",
+          borderRadius: "4px",
+          cursor: isLoading ? "not-allowed" : "pointer"
+        },
+        children: isLoading ? "Logging in..." : "Login"
+      }
+    )
+  ] });
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  EasyAuthClient,
+  EasyAuthError,
+  EasyAuthProvider,
+  LocalStorageTokenStorage,
+  LoginForm,
+  MemoryTokenStorage,
+  Protected,
+  ScopeError,
+  useAuthActions,
+  useEasyAuth,
+  useEasyAuthClient,
+  useIsAuthenticated,
+  useUser
+});