@schemavaults/auth-client-sdk 0.5.0

package/dist/lib/send-authenticate-request.js

@@ -0,0 +1,133 @@
+import isPrivateBetaEnabled from "../lib/is-private-beta";
+import { PKCE_ProofKeyManager, authenticateResultSchema, } from "@schemavaults/auth-common";
+import { credentialsSchema } from "../lib/credentials-schema";
+import { isValidAuthenticationOutcomeType, } from "./authentication-outcome-type";
+const PRIVATE_BETA = isPrivateBetaEnabled();
+// Send an authentication request to the auth server, hopefully get an authorization code back, else throw an error
+export async function sendAuthenticateRequest(opts) {
+    const credentials = opts.credentials;
+    const code_challenge = opts.code_challenge;
+    const authentication_type = opts.authentication_type;
+    const adapter = opts.adapter;
+    const env = opts.app_environment;
+    if (env === "development") {
+        console.log("[sendAuthenticateRequest] sending request to the auth server...");
+    }
+    if (!isValidAuthenticationOutcomeType(authentication_type)) {
+        throw new Error("Invalid authentication outcome type");
+    }
+    const parsed_credentials = credentialsSchema.safeParse(credentials);
+    if (!parsed_credentials.success) {
+        console.error(parsed_credentials.error);
+        throw new Error("Invalid credentials");
+    }
+    const parsed_code_challenge = PKCE_ProofKeyManager.codeChallengeSchema.safeParse(code_challenge.code_challenge);
+    if (!parsed_code_challenge.success) {
+        console.error(parsed_code_challenge.error);
+        throw new Error("Invalid code challenge");
+    }
+    if (code_challenge.code_challenge_method !== "S256") {
+        throw new Error("Invalid code challenge method");
+    }
+    if (authentication_type === "reset-password") {
+        throw new Error("Not implemented");
+    }
+    if (!credentials.email) {
+        throw new Error("Email is required");
+    }
+    if (authentication_type === "login" && !credentials.password) {
+        throw new Error("Password is required");
+    }
+    if (authentication_type === "register") {
+        if (!credentials.password) {
+            throw new Error("Password is required");
+        }
+        if (!credentials.confirm) {
+            throw new Error("Password confirmation is required");
+        }
+        if (credentials.password !== credentials.confirm) {
+            throw new Error("Passwords do not match");
+        }
+        if (PRIVATE_BETA && !credentials.invite_code) {
+            throw new Error("Invite code is required while in private beta");
+        }
+    }
+    const auth_request_body = {
+        credentials: {
+            email: credentials.email,
+            password: credentials.password,
+        },
+        invite_code: credentials.invite_code,
+        code_challenge: code_challenge.code_challenge,
+        challenge_time: code_challenge.challenge_time,
+    };
+    let response;
+    try {
+        if (env === "development") {
+            console.log("[sendAuthenticateRequest] Sending POST request via adapter");
+        }
+        const authentication_request_response = await adapter.sendPOSTRequest(`/api/auth/${authentication_type}`, auth_request_body, {});
+        if (!authentication_request_response) {
+            throw new Error("No response received from client auth adapter HTTP client");
+        }
+        response = authentication_request_response;
+    }
+    catch (e) {
+        console.error("Failed to send HTTP authentication request: ", e);
+        throw new Error("Failed to send HTTP authentication request");
+    }
+    if (typeof response.status === "number" && response.status >= 500) {
+        let errorMsg = "Unknown server-side error handling authentication request :(";
+        try {
+            if (typeof response.data === "object" && response.data !== null) {
+                if ("message" in response.data &&
+                    typeof response.data.message === "string") {
+                    errorMsg = response.data.message;
+                }
+            }
+        }
+        catch (error) {
+            void error;
+        }
+        throw new Error(errorMsg);
+    }
+    if (typeof response.status === "number" && response.status === 404) {
+        throw new Error("User does not exist! Ensure that you have the correct credentials!");
+    }
+    if (typeof response.status === "number" && response.status === 409) {
+        throw new Error("User already exists! Try logging in.");
+    }
+    try {
+        if (!response.ok) {
+            if (response.status === 401) {
+                throw new Error("Invalid credentials");
+            }
+            else if (response.status === 404 && authentication_type === "login") {
+                throw new Error("User does not exist! Ensure that you have the correct credentials!");
+            }
+            throw new Error("Failed to authenticate");
+        }
+        const response_body_json = response.data;
+        const parsed_auth_response = await authenticateResultSchema.safeParseAsync(response_body_json);
+        if (!parsed_auth_response.success) {
+            throw new Error(parsed_auth_response.error.errors.join(", "));
+        }
+        const data = parsed_auth_response.data;
+        if (!data.success) {
+            throw new Error(data.message);
+        }
+        const authorization_code = data.authorization_code;
+        if (typeof authorization_code !== "string") {
+            throw new Error("Invalid authorization code");
+        }
+        return authorization_code;
+    }
+    catch (e) {
+        if (e instanceof Error && e.message.includes("Invalid credentials")) {
+            throw new Error("Invalid credentials");
+        }
+        console.error("Failed to parse authentication response: ", e);
+        throw new Error("Failed to parse authentication response");
+    }
+}
+//# sourceMappingURL=send-authenticate-request.js.map

package/dist/lib/send-authenticate-request.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"send-authenticate-request.js","sourceRoot":"","sources":["../../src/lib/send-authenticate-request.ts"],"names":[],"mappings":"AAAA,OAAO,oBAAoB,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAEL,oBAAoB,EACpB,wBAAwB,GACzB,MAAM,2BAA2B,CAAC;AAKnC,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EACL,gCAAgC,GAEjC,MAAM,+BAA+B,CAAC;AAIvC,MAAM,YAAY,GAAY,oBAAoB,EAAE,CAAC;AAErD,mHAAmH;AACnH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,IAAqC;IAErC,MAAM,WAAW,GAAgB,IAAI,CAAC,WAAW,CAAC;IAClD,MAAM,cAAc,GAA6B,IAAI,CAAC,cAAc,CAAC;IACrE,MAAM,mBAAmB,GACvB,IAAI,CAAC,mBAAmB,CAAC;IAC3B,MAAM,OAAO,GAAmC,IAAI,CAAC,OAAO,CAAC;IAC7D,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC;IAEjC,IAAI,GAAG,KAAK,aAAa,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CACT,iEAAiE,CAClE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,gCAAgC,CAAC,mBAAmB,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACpE,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACzC,CAAC;IAED,MAAM,qBAAqB,GACzB,oBAAoB,CAAC,mBAAmB,CAAC,SAAS,CAChD,cAAc,CAAC,cAAc,CAC9B,CAAC;IACJ,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,CAAC;QACnC,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,cAAc,CAAC,qBAAqB,KAAK,MAAM,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IAED,IAAI,mBAAmB,KAAK,gBAAgB,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IAED,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACvC,CAAC;IAED,IAAI,mBAAmB,KAAK,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAC7D,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,mBAAmB,KAAK,UAAU,EAAE,CAAC;QACvC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QACD,IAAI,WAAW,CAAC,QAAQ,KAAK,WAAW,CAAC,OAAO,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,YAAY,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,MAAM,iBAAiB,GAAG;QACxB,WAAW,EAAE;YACX,KAAK,EAAE,WAAW,CAAC,KAAK;YACxB,QAAQ,EAAE,WAAW,CAAC,QAAQ;SAC/B;QACD,WAAW,EAAE,WAAW,CAAC,WAAW;QACpC,cAAc,EAAE,cAAc,CAAC,cAAc;QAC7C,cAAc,EAAE,cAAc,CAAC,cAAc;KAC9C,CAAC;IAEF,IAAI,QAA2C,CAAC;IAChD,IAAI,CAAC;QACH,IAAI,GAAG,KAAK,aAAa,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,+BAA+B,GACnC,MAAM,OAAO,CAAC,eAAe,CAC3B,aAAa,mBAAmB,EAAE,EAClC,iBAAiB,EACjB,EAAE,CACH,CAAC;QACJ,IAAI,CAAC,+BAA+B,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAC;QACJ,CAAC;QACD,QAAQ,GAAG,+BAA+B,CAAC;IAC7C,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;QACjE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,OAAO,QAAQ,CAAC,MAAM,KAAK,QAAQ,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;QAClE,IAAI,QAAQ,GACV,8DAA8D,CAAC;QACjE,IAAI,CAAC;YACH,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;gBAChE,IACE,SAAS,IAAI,QAAQ,CAAC,IAAI;oBAC1B,OAAO,QAAQ,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,EACzC,CAAC;oBACD,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;gBACnC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,KAAK,KAAK,CAAC;QACb,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IAED,IAAI,OAAO,QAAQ,CAAC,MAAM,KAAK,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACnE,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,QAAQ,CAAC,MAAM,KAAK,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,CAAC;QACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACzC,CAAC;iBAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,mBAAmB,KAAK,OAAO,EAAE,CAAC;gBACtE,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5C,CAAC;QACD,MAAM,kBAAkB,GAAG,QAAQ,CAAC,IAAI,CAAC;QAEzC,MAAM,oBAAoB,GACxB,MAAM,wBAAwB,CAAC,cAAc,CAAC,kBAAkB,CAAC,CAAC;QAEpE,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAChE,CAAC;QACD,MAAM,IAAI,GAAG,oBAAoB,CAAC,IAAI,CAAC;QAEvC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChC,CAAC;QAED,MAAM,kBAAkB,GAAuB,IAAI,CAAC,kBAAkB,CAAC;QAEvE,IAAI,OAAO,kBAAkB,KAAK,QAAQ,EAAE,CAAC;YAC3C,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,OAAO,kBAAmC,CAAC;IAC7C,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,IAAI,CAAC,YAAY,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;YACpE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,CAAC,CAAC,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;AACH,CAAC"}

package/dist/types/IAuthClientConstructorOptions.d.ts

@@ -0,0 +1,14 @@
+import type { SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
+import type { ISchemaVaultsAuthClientAdapter } from "./ISchemaVaultsAuthClientAdapter";
+export interface IAuthClientConstructorOptions {
+    adapter: ISchemaVaultsAuthClientAdapter;
+    auth_server_uri: string;
+    successful_authentication_redirect_uri: string;
+    successful_logout_redirect_uri?: string;
+    authorize_uri?: string;
+    app_id: string;
+    default_audiences?: string[];
+    debug?: boolean;
+    app_env: SchemaVaultsAppEnvironment;
+}
+export type { IAuthClientConstructorOptions as InitializeAuthClientOptions };

package/dist/types/IAuthClientConstructorOptions.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=IAuthClientConstructorOptions.js.map

package/dist/types/IAuthClientConstructorOptions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"IAuthClientConstructorOptions.js","sourceRoot":"","sources":["../../src/types/IAuthClientConstructorOptions.ts"],"names":[],"mappings":""}

package/dist/types/ISchemaVaultsAuthClient.d.ts

@@ -0,0 +1,59 @@
+import type { AccessToken, RefreshToken, UserData, CodeChallengeWithDetails } from "@schemavaults/auth-common";
+import type { Credentials } from "../types/credentials";
+import type { AuthenticationOutcomeType } from "../lib/authentication-outcome-type";
+import type { AcquireAccessTokenOptions } from "../types/acquire-access-token-options";
+import type { AppId } from "@schemavaults/app-definitions";
+export interface ISchemaVaultsAuthClient {
+    app_id: AppId;
+    auth_server_uri: string;
+    login: () => Promise<void>;
+    register: () => Promise<void>;
+    successful_logout_redirect_uri: string | undefined;
+    logout: () => Promise<void>;
+    generateCodeChallenge: () => Promise<CodeChallengeWithDetails>;
+    sendAuthenticateRequest: (authentication_type: AuthenticationOutcomeType, credentials: Credentials, code_challenge: CodeChallengeWithDetails) => Promise<string>;
+    successful_authentication_redirect_uri: string;
+    authorize_uri: string | undefined;
+    handleSuccessfulAuthentication: (authorization_code: string, challenge_time: number, code_verifier?: string) => Promise<void>;
+    getAccessTokenFromCache: (token_id: string) => AccessToken | null;
+    getRefreshTokenFromCache: () => RefreshToken | null;
+    hasHttpOnlyRefreshToken: () => boolean;
+    /**
+     *
+     * @param opts Options for the type & how the access token should be retrieved
+     * @param ensure_fresh Make sure this access token is acquired from the auth server "fresh"; don't use one from the cache (if it exists)
+     * @returns AccessToken
+     */
+    acquireAccessToken: (opts: AcquireAccessTokenOptions) => Promise<AccessToken>;
+    secure: boolean;
+    currentUser: UserData | null;
+    /**
+     * @name onAuthStateChanged
+     * @param listener A callback that is called whenever an auth state change event is emitted
+     * @param listener_id A unique ID for this listener, to allow it to be removed. A uuid is generated if an ID is not supplied.
+     * @returns The listener_id that the callback was registered with
+     */
+    onAuthStateChanged: (listener: () => void, listener_id?: string) => string;
+    /**
+     * @name removeAuthStateChangeListener
+     * @param listener_id A unique ID for the listener callback to remove
+     * @returns None
+     * @throws if no callback with listener_id exists, or if it was unable to be deleted
+     */
+    removeAuthStateChangeListener: (listener_id: string) => void;
+    /**
+     * @name loadSavedAuthorizationCodeVerifiers
+     * @returns Code verifiers saved by auth adapter
+     */
+    loadSavedAuthorizationCodeVerifiers: () => Promise<Record<number, string>>;
+    /**
+     * @name isAuthenticated
+     * @returns Getter that returns true if there is a user currently signed in, false otherwise
+     */
+    isAuthenticated: boolean;
+    /**
+     * Return true if feature is supported by this auth client / adapter
+     * @param feature_name A feature name, e.g. 'http-only-refresh-token'
+     */
+    supports(feature_name: string): boolean;
+}

package/dist/types/ISchemaVaultsAuthClient.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=ISchemaVaultsAuthClient.js.map

package/dist/types/ISchemaVaultsAuthClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ISchemaVaultsAuthClient.js","sourceRoot":"","sources":["../../src/types/ISchemaVaultsAuthClient.ts"],"names":[],"mappings":""}

package/dist/types/ISchemaVaultsAuthClientAdapter.d.ts

@@ -0,0 +1,62 @@
+import type { AccessToken, RefreshToken, UserData } from "@schemavaults/auth-common";
+interface AuthClientCodeVerifierActions {
+    storeCodeVerifier: (codeVerifier: string, challenge_time: number) => void;
+    loadCodeVerifier: (challenge_time: number) => string | null;
+    loadCodeVerifiers: () => Record<number, string>;
+    clearCodeVerifiers: () => void;
+    clearCodeVerifier: (challenge_time: number) => void;
+}
+interface AuthClientUserDataActions {
+    storeUserData: (userData: UserData) => void;
+    getUserData: () => UserData | null;
+    clearUserData: () => void;
+}
+interface AuthClientAuthTokensActions {
+    storeRefreshToken: (refresh_token: RefreshToken) => void;
+    storeAccessToken: (token_id: string, access_token: AccessToken) => void;
+    doesSupportHttpOnlyRefreshToken?: undefined | (() => boolean);
+    clearHttpOnlyRefreshToken?: () => Promise<void>;
+    /**
+     * @name hasHttpOnlyRefreshToken
+     * @returns True if an HTTP-only refresh token cookie has been marked as received
+     */
+    hasHttpOnlyRefreshToken?: undefined | (() => boolean);
+    /**
+     * @name hasRefreshToken
+     * @returns True if there is either:
+     *    1.) a RefreshToken stored locally, or
+     *    2.) an HTTP-only refresh token cookie has been marked as received
+     */
+    hasRefreshToken: () => boolean;
+    /**
+     * @name getRefreshToken
+     * @description Loads a RefreshToken stored locally.
+     *    However, it's possible that we have an 'HTTP-only refresh token cookie' received-- in this case, null is returned here.
+     * @returns a RefreshToken stored locally, or null if one is not found (that is accessible to JS).
+     * @see hasRefreshToken, doesSupportHttpOnlyRefreshToken
+     */
+    getRefreshToken: () => RefreshToken | null;
+    /**
+     * @name getAccessToken
+     * @argument token_id - The ID of the token to retrieve (usually the desired server audience)
+     * @description Loads an AccessToken stored locally.
+     * @returns an AccessToken stored locally, or null if one is not found
+     */
+    getAccessToken: (token_id: string) => AccessToken | null;
+    clearAuthTokens: () => Promise<void>;
+    clearAccessToken: (token_id: string) => void;
+    clearAccessTokens: () => void;
+}
+export interface IAuthClientPOSTResultType<T extends object> {
+    status: number;
+    ok: boolean;
+    data: T;
+}
+interface AuthClientNetworkActions {
+    sendPOSTRequest: (url: string, body: Record<string, unknown>, headers: Record<string, string>) => Promise<IAuthClientPOSTResultType<object>>;
+}
+export interface ISchemaVaultsAuthClientAdapter extends AuthClientCodeVerifierActions, AuthClientUserDataActions, AuthClientAuthTokensActions, AuthClientNetworkActions {
+    redirect: (uri: string) => void | Promise<void>;
+    uuid: () => string;
+}
+export {};

package/dist/types/ISchemaVaultsAuthClientAdapter.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=ISchemaVaultsAuthClientAdapter.js.map

package/dist/types/ISchemaVaultsAuthClientAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ISchemaVaultsAuthClientAdapter.js","sourceRoot":"","sources":["../../src/types/ISchemaVaultsAuthClientAdapter.ts"],"names":[],"mappings":""}

package/dist/types/ISendAuthenticateRequestOptions.d.ts

@@ -0,0 +1,13 @@
+import type { AuthenticationOutcomeType } from "../lib/authentication-outcome-type";
+import type { ISchemaVaultsAuthClientAdapter } from "../types/ISchemaVaultsAuthClientAdapter";
+import type { Credentials } from "./credentials";
+import type { CodeChallengeWithDetails } from "@schemavaults/auth-common";
+import type { SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
+export interface ISendAuthenticateRequestOptions {
+    adapter: ISchemaVaultsAuthClientAdapter;
+    authentication_type: AuthenticationOutcomeType;
+    credentials: Credentials;
+    code_challenge: CodeChallengeWithDetails;
+    app_environment: SchemaVaultsAppEnvironment;
+}
+export type { ISendAuthenticateRequestOptions as SendAuthenticateRequestOptions };

package/dist/types/ISendAuthenticateRequestOptions.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=ISendAuthenticateRequestOptions.js.map

package/dist/types/ISendAuthenticateRequestOptions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ISendAuthenticateRequestOptions.js","sourceRoot":"","sources":["../../src/types/ISendAuthenticateRequestOptions.ts"],"names":[],"mappings":""}

package/dist/types/UserData.d.ts

@@ -0,0 +1 @@
+export type { UserData } from "@schemavaults/auth-common";

package/dist/types/UserData.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=UserData.js.map

package/dist/types/UserData.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserData.js","sourceRoot":"","sources":["../../src/types/UserData.ts"],"names":[],"mappings":""}

package/dist/types/acquire-access-token-options.d.ts

@@ -0,0 +1,8 @@
+import type { RefreshToken } from "@schemavaults/auth-common";
+export type AcquireAccessTokenOptions = {
+    refresh_token?: RefreshToken;
+    token_id: string;
+    audience: string;
+    ensure_fresh?: boolean;
+    dont_cache?: boolean;
+};

package/dist/types/acquire-access-token-options.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=acquire-access-token-options.js.map

package/dist/types/acquire-access-token-options.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"acquire-access-token-options.js","sourceRoot":"","sources":["../../src/types/acquire-access-token-options.ts"],"names":[],"mappings":""}

package/dist/types/credentials.d.ts

@@ -0,0 +1,3 @@
+import type { credentialsSchema } from "../lib/credentials-schema";
+import type { z } from "zod";
+export type Credentials = z.infer<typeof credentialsSchema>;

package/dist/types/credentials.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=credentials.js.map

package/dist/types/credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/types/credentials.ts"],"names":[],"mappings":""}

package/dist/types/framework-adapter-interface.d.ts

@@ -0,0 +1,36 @@
+import type { AccessToken, RefreshToken, UserData } from "@schemavaults/auth-common";
+interface AuthClientCodeVerifierActions {
+    storeCodeVerifier: (codeVerifier: string, challenge_time: number) => void;
+    loadCodeVerifier: (challenge_time: number) => string | null;
+    loadCodeVerifiers: () => Record<number, string>;
+    clearCodeVerifiers: () => void;
+    clearCodeVerifier: (challenge_time: number) => void;
+}
+interface AuthClientUserDataActions {
+    storeUserData: (userData: UserData) => void;
+    getUserData: () => UserData | null;
+    clearUserData: () => void;
+}
+interface AuthClientAuthTokensActions {
+    storeRefreshToken: (refresh_token: RefreshToken) => void;
+    storeAccessToken: (token_id: string, access_token: AccessToken) => void;
+    setHttpOnlyRefreshTokenReceived?: undefined | (() => void);
+    doesSupportHttpOnlyRefreshToken?: undefined | (() => boolean);
+    getRefreshToken: () => RefreshToken | null;
+    getAccessToken: (token_id: string) => AccessToken | null;
+    clearAuthTokens: () => void;
+    clearAccessToken: (token_id: string) => void;
+}
+export interface IAuthClientPOSTResultType<T extends object> {
+    status: number;
+    ok: boolean;
+    data: T;
+}
+interface AuthClientNetworkActions {
+    sendPOSTRequest: (url: string, body: Record<string, unknown>, headers: Record<string, string>) => Promise<IAuthClientPOSTResultType<object>>;
+}
+export interface ISchemaVaultsAuthClientAdapter extends AuthClientCodeVerifierActions, AuthClientUserDataActions, AuthClientAuthTokensActions, AuthClientNetworkActions {
+    redirect: (uri: string) => void | Promise<void>;
+    uuid: () => string;
+}
+export {};

package/dist/types/framework-adapter-interface.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=framework-adapter-interface.js.map

package/dist/types/framework-adapter-interface.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"framework-adapter-interface.js","sourceRoot":"","sources":["../../src/types/framework-adapter-interface.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@schemavaults/auth-client-sdk",
+  "description": "TypeScript SDK for interacting with SchemaVaults Auth server or protected resources",
+  "version": "0.5.0",
+  "license": "UNLICENSED",
+  "private": false,
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/schemavaults/auth.git",
+    "directory": "packages/auth-client-sdk"
+  },
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "dependencies": {
+    "zod": "3.23.8",
+    "@schemavaults/auth-common": "0.7.27",
+    "@schemavaults/app-definitions": "0.6.1"
+  },
+  "scripts": {
+    "build": "tsc --project tsconfig.json && tsc-alias --project tsconfig.json",
+    "postbuild": "bun run cleanup",
+    "test": "NODE_ENV=test bun test",
+    "cleanup:compiled_tests_in_dist_directory": "find ./dist -type f \\( -name \"*.test.js\" -o -name \"*.test.js.map\" -o -name \"*.test.d.ts\" \\) -delete",
+    "cleanup": "bun run cleanup:compiled_tests_in_dist_directory",
+    "lint": "eslint src --ext .ts,.tsx"
+  },
+  "devDependencies": {
+    "typescript": "5.9.3",
+    "bun-types": "1.3.6",
+    "tsc-alias": "1.8.16",
+    "eslint": "9.39.1",
+    "@eslint/js": "9.39.1",
+    "globals": "16.5.0",
+    "@typescript-eslint/eslint-plugin": "8.48.1",
+    "@typescript-eslint/parser": "8.48.1"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "packageManager": "bun@1.3.6"
+}