@tern-secure/auth 1.0.0

package/dist/cjs/global.d.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=global.d.js.map

package/dist/cjs/global.d.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/cjs/index.js

@@ -0,0 +1,42 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var index_exports = {};
+__export(index_exports, {
+  CoreApiClient: () => import_coreApiClient.CoreApiClient,
+  SignIn: () => import_internal.SignIn,
+  TernSecureAuth: () => import_TernAuth.TernSecureAuth,
+  TernSecureBase: () => import_internal.TernSecureBase,
+  TernServerAuth: () => import_TernAuthServer.TernServerAuth,
+  coreApiClient: () => import_coreApiClient.coreApiClient
+});
+module.exports = __toCommonJS(index_exports);
+var import_TernAuth = require("./instance/TernAuth");
+var import_TernAuthServer = require("./instance/TernAuthServer");
+var import_coreApiClient = require("./instance/coreApiClient");
+var import_internal = require("./resources/internal");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  CoreApiClient,
+  SignIn,
+  TernSecureAuth,
+  TernSecureBase,
+  TernServerAuth,
+  coreApiClient
+});
+//# sourceMappingURL=index.js.map

package/dist/cjs/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/index.ts"],"sourcesContent":["export { TernSecureAuth } from './instance/TernAuth';\nexport type { TernAuth } from './instance/TernAuth';\nexport { TernServerAuth } from './instance/TernAuthServer';\nexport type { TernServerAuthOptions, AuthenticatedApp } from './instance/TernAuthServer';\n\nexport { CoreApiClient, coreApiClient } from './instance/coreApiClient';\nexport type { \n    ApiResponse, \n    ApiResponseJSON, \n    RequestOptions,\n    BeforeRequestHook,\n    AfterResponseHook\n} from './instance/coreApiClient';\n\nexport { SignIn, TernSecureBase } from './resources/internal';\n\nexport type {\n    TernSecureConfig,\n    SignInFormValuesTree,\n    SignInResponseTree,\n    ResendEmailVerification,\n    TernSecureUser,\n    TernSecureState\n} from '@tern-secure/types';"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,sBAA+B;AAE/B,4BAA+B;AAG/B,2BAA6C;AAS7C,sBAAuC;","names":[]}

package/dist/cjs/instance/TernAuth.js

@@ -0,0 +1,471 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var TernAuth_exports = {};
+__export(TernAuth_exports, {
+  TernSecureAuth: () => TernSecureAuth,
+  inBrowser: () => inBrowser
+});
+module.exports = __toCommonJS(TernAuth_exports);
+var import_errors = require("@tern-secure/shared/errors");
+var import_ternStatusEvent = require("@tern-secure/shared/ternStatusEvent");
+var import_url = require("@tern-secure/shared/url");
+var import_utils = require("@tern-secure/shared/utils");
+var import_app = require("firebase/app");
+var import_auth = require("firebase/auth");
+var import_web_extension = require("firebase/auth/web-extension");
+var import_installations = require("firebase/installations");
+var import_internal = require("../resources/internal");
+var import_construct = require("../utils/construct");
+var import_events = require("./events");
+function inBrowser() {
+  return typeof window !== "undefined";
+}
+class TernSecureAuth {
+  static version = "1.0.0";
+  static sdkMetadata = {
+    name: "@tern-secure/auth",
+    version: "1.0.0",
+    environment: process.env.NODE_ENV || "production"
+  };
+  static instance = null;
+  _currentUser = null;
+  signedInSession = null;
+  firebaseClientApp;
+  authStateUnsubscribe = null;
+  auth;
+  csrfToken;
+  isLoading = false;
+  error = null;
+  user = null;
+  __internal_country;
+  #domain;
+  #apiUrl;
+  #instanceType;
+  #status = "loading";
+  #listeners = [];
+  #options = {};
+  #authCookieManager;
+  #publicEventBus = (0, import_ternStatusEvent.createTernAuthEventBus)();
+  signIn;
+  signUp;
+  get isReady() {
+    return this.status === "ready";
+  }
+  get status() {
+    return this.#status;
+  }
+  get version() {
+    return TernSecureAuth.version;
+  }
+  set sdkMetadata(metadata) {
+    TernSecureAuth.sdkMetadata = metadata;
+  }
+  get sdkMetadata() {
+    return TernSecureAuth.sdkMetadata;
+  }
+  get requiresVerification() {
+    return this.#options.requiresVerification ?? true;
+  }
+  get apiUrl() {
+    return this.#apiUrl;
+  }
+  getApiUrl = () => this.#apiUrl;
+  get domain() {
+    if (inBrowser()) {
+      const strippedDomainString = (0, import_url.stripScheme)(
+        (0, import_utils.handleValueOrFn)(this.#domain, new URL(window.location.href))
+      );
+      if (this.#instanceType === "production") {
+        return strippedDomainString;
+      }
+      return strippedDomainString;
+    }
+    return "";
+  }
+  get instanceType() {
+    return this.#instanceType;
+  }
+  constructor(options) {
+    var _a;
+    this.#domain = (_a = options == null ? void 0 : options.ternSecureConfig) == null ? void 0 : _a.authDomain;
+    this.#apiUrl = (options == null ? void 0 : options.apiUrl) || "";
+    this.#instanceType = process.env.NODE_ENV || "production";
+    this.#publicEventBus.emit(import_ternStatusEvent.ternEvents.Status, "loading");
+    import_internal.TernSecureBase.ternsecure = this;
+  }
+  setLoading(isLoading) {
+    this.isLoading = isLoading;
+  }
+  authCookieManager() {
+    return this.#authCookieManager;
+  }
+  static getorCreateInstance(options) {
+    if (!this.instance) {
+      this.instance = new TernSecureAuth(options);
+    }
+    console.log("[TernSecureAuth] TernSecureAuth instance:", this.instance);
+    return this.instance;
+  }
+  static clearInstance() {
+    if (TernSecureAuth.instance) {
+      if (TernSecureAuth.instance.authStateUnsubscribe) {
+        TernSecureAuth.instance.authStateUnsubscribe();
+        TernSecureAuth.instance.authStateUnsubscribe = null;
+      }
+      TernSecureAuth.instance = null;
+    }
+  }
+  static initialize(options) {
+    const instance = this.getorCreateInstance(options);
+    instance.#initialize(options);
+    return instance;
+  }
+  #initialize = (options) => {
+    this.#options = this.#initOptions(options);
+    try {
+      if (!this.#options.ternSecureConfig) {
+        throw new Error("TernSecureConfig is required to initialize TernSecureAuth");
+      }
+      if (!this.#options.apiUrl) {
+        throw new Error("apiUrl is required to initialize TernSecureAuth");
+      }
+      this.initializeFirebaseApp(this.#options.ternSecureConfig);
+      this.authStateUnsubscribe = this.initAuthStateListener();
+      this._onIdTokenChanged();
+      this.#authCookieManager = new import_internal.AuthCookieManager();
+      this.csrfToken = this.#authCookieManager.getCSRFToken();
+      this.signIn = new import_internal.SignIn(this.auth, this.csrfToken);
+      this.signUp = new import_internal.SignUp(this.auth);
+      this.#setStatus("ready");
+      this.#publicEventBus.emit(import_ternStatusEvent.ternEvents.Status, "ready");
+      return this;
+    } catch (error) {
+      this.error = error;
+      this.#setStatus("error");
+      this.#publicEventBus.emit(import_ternStatusEvent.ternEvents.Status, "error");
+      throw error;
+    }
+  };
+  initializeFirebaseApp(config) {
+    const appName = config.appName || "[DEFAULT]";
+    this.firebaseClientApp = (0, import_app.getApps)().length === 0 ? (0, import_app.initializeApp)(config, appName) : (0, import_app.getApps)()[0];
+    const persistence = this.#setPersistence();
+    const auth = (0, import_auth.initializeAuth)(this.firebaseClientApp, {
+      persistence
+    });
+    this.auth = auth;
+    if (config.tenantId) {
+      this.auth.tenantId = config.tenantId;
+    }
+    this.#configureEmulator();
+    (0, import_installations.getInstallations)(this.firebaseClientApp);
+  }
+  signOut = async (options) => {
+    const redirectUrl = (options == null ? void 0 : options.redirectUrl) || this.#constructAfterSignOutUrl();
+    if (options == null ? void 0 : options.onBeforeSignOut) {
+      await options.onBeforeSignOut();
+    }
+    await this.auth.signOut();
+    if (options == null ? void 0 : options.onAfterSignOut) {
+      await options.onAfterSignOut();
+    }
+    if (inBrowser()) {
+      window.location.href = redirectUrl;
+    }
+    import_events.eventBus.emit(import_events.events.UserSignOut, null);
+    import_events.eventBus.emit(import_events.events.TokenRefreshed, { token: null });
+    this.#emit();
+  };
+  get currentSession() {
+    return this.signedInSession;
+  }
+  initAuthStateListener() {
+    return (0, import_auth.onAuthStateChanged)(this.auth, async (user) => {
+      await this.auth.authStateReady();
+      this._currentUser = user;
+      await this.updateCurrentSession();
+      import_events.eventBus.emit(import_events.events.UserChanged, this._currentUser);
+      this.#emit();
+    });
+  }
+  _onIdTokenChanged() {
+    return (0, import_auth.onIdTokenChanged)(this.auth, async (user) => {
+      await this.auth.authStateReady();
+      this._currentUser = user;
+      await this.updateCurrentSession();
+      import_events.eventBus.emit(import_events.events.TokenRefreshed, { token: user ? await user.getIdTokenResult() : null });
+      this.#emit();
+    });
+  }
+  onAuthStateChanged(callback) {
+    return (0, import_auth.onAuthStateChanged)(this.auth, callback);
+  }
+  onIdTokenChanged(callback) {
+    return (0, import_auth.onIdTokenChanged)(this.auth, callback);
+  }
+  async updateCurrentSession() {
+    if (!this._currentUser) {
+      this.signedInSession = null;
+      return;
+    }
+    try {
+      const res = await this._currentUser.getIdTokenResult();
+      this.signedInSession = {
+        status: "active",
+        token: res.token,
+        claims: res.claims,
+        issuedAtTime: res.issuedAtTime,
+        expirationTime: res.expirationTime,
+        authTime: res.authTime,
+        signInProvider: res.signInProvider || "unknown"
+      };
+    } catch (error) {
+      console.error("[TernSecureAuth] Error updating session:", error);
+      this.signedInSession = null;
+    }
+  }
+  async checkRedirectResult() {
+    try {
+      const result = await (0, import_auth.getRedirectResult)(this.auth);
+      if (result) {
+        return {
+          success: true,
+          user: result.user
+        };
+      }
+      return null;
+    } catch (error) {
+      const authError = (0, import_errors.handleFirebaseAuthError)(error);
+      return {
+        success: false,
+        message: authError.message,
+        error: authError.code,
+        user: null
+      };
+    }
+  }
+  addListener = (listener) => {
+    this.#listeners.push(listener);
+    if (this._currentUser) {
+      listener({
+        user: this._currentUser,
+        session: this.signedInSession
+      });
+    }
+    const unsubscribe = () => {
+      this.#listeners = this.#listeners.filter((l) => l !== listener);
+    };
+    return unsubscribe;
+  };
+  on = (...args) => {
+    this.#publicEventBus.on(...args);
+  };
+  off = (...args) => {
+    this.#publicEventBus.off(...args);
+  };
+  initialize(options) {
+    this._initialize(options);
+    return Promise.resolve();
+  }
+  static create(options) {
+    const instance = this.getorCreateInstance();
+    instance.initialize(options);
+    return instance;
+  }
+  _initialize = (options) => {
+    this.#options = this.#initOptions(options);
+    try {
+      if (!this.#options.ternSecureConfig) {
+        throw new Error("TernSecureConfig is required to initialize TernSecureAuth");
+      }
+      if (!this.#options.apiUrl) {
+        throw new Error("apiUrl is required to initialize TernSecureAuth");
+      }
+      this.#apiUrl = this.#options.apiUrl;
+      this.initializeFirebaseApp(this.#options.ternSecureConfig);
+      this.signIn = new import_internal.SignIn(this.auth, this.csrfToken);
+      this.signUp = new import_internal.SignUp(this.auth);
+      this.#setStatus("ready");
+    } catch (error) {
+      this.error = error;
+      this.#setStatus("error");
+      throw error;
+    }
+  };
+  constructUrlWithAuthRedirect = (to) => {
+    const baseUrl = window.location.origin;
+    const url = new URL(to, baseUrl);
+    if (url.origin === window.location.origin) {
+      return url.href;
+    }
+    return url.toString();
+  };
+  #buildUrl = (key, options) => {
+    var _a, _b;
+    if (!key || !this.isReady) {
+      return "";
+    }
+    const baseUrlConfig = key === "signInUrl" ? this.#options.signInUrl : this.#options.signUpUrl;
+    const defaultPagePath = key === "signInUrl" ? "/sign-in" : "/sign-up";
+    const base = baseUrlConfig || defaultPagePath;
+    let effectiveRedirectUrl;
+    if (key === "signInUrl" && "signInForceRedirectUrl" in options) {
+      effectiveRedirectUrl = options.signInForceRedirectUrl;
+    } else if (key === "signUpUrl" && "signUpForceRedirectUrl" in options) {
+      effectiveRedirectUrl = options.signUpForceRedirectUrl;
+    }
+    if (!effectiveRedirectUrl && inBrowser()) {
+      const currentUrlParams = new URLSearchParams(window.location.search);
+      const existingRedirectParam = currentUrlParams.get("redirect_url");
+      if (existingRedirectParam) {
+        effectiveRedirectUrl = existingRedirectParam;
+      }
+    }
+    if (!effectiveRedirectUrl && inBrowser()) {
+      effectiveRedirectUrl = window.location.pathname + window.location.search + window.location.hash;
+    }
+    if (effectiveRedirectUrl && inBrowser()) {
+      let signInPagePath;
+      try {
+        signInPagePath = this.#options.signInUrl ? new URL(this.#options.signInUrl, window.location.origin).pathname : defaultPagePath;
+      } catch {
+        signInPagePath = defaultPagePath;
+      }
+      let signUpPagePath;
+      try {
+        signUpPagePath = this.#options.signUpUrl ? new URL(this.#options.signUpUrl, window.location.origin).pathname : key === "signUpUrl" ? defaultPagePath : "/sign-in";
+      } catch {
+        signUpPagePath = key === "signUpUrl" ? defaultPagePath : "/sign-in";
+      }
+      const redirectTargetObj = new URL(effectiveRedirectUrl, window.location.origin);
+      if (redirectTargetObj.pathname === signInPagePath || redirectTargetObj.pathname === signUpPagePath) {
+        effectiveRedirectUrl = "/";
+      }
+    }
+    const paramsForBuildUrl = {
+      base,
+      searchParams: new URLSearchParams()
+    };
+    if (effectiveRedirectUrl) {
+      if (inBrowser()) {
+        const absoluteRedirectUrl = new URL(effectiveRedirectUrl, window.location.origin).href;
+        (_a = paramsForBuildUrl.searchParams) == null ? void 0 : _a.set("redirect", absoluteRedirectUrl);
+      } else {
+        (_b = paramsForBuildUrl.searchParams) == null ? void 0 : _b.set("redirect", effectiveRedirectUrl);
+      }
+    }
+    const constructedUrl = (0, import_construct.buildURL)(paramsForBuildUrl, {
+      stringify: true,
+      skipOrigin: false
+    });
+    if (typeof constructedUrl !== "string") {
+      console.error(
+        "[TernSecure] Error: buildURL did not return a string as expected. Falling back to base URL."
+      );
+      if (inBrowser()) {
+        try {
+          return new URL(base, window.location.origin).href;
+        } catch {
+          return base;
+        }
+      }
+      return base;
+    }
+    return this.constructUrlWithAuthRedirect(constructedUrl);
+  };
+  #constructAfterSignOutUrl = () => {
+    if (!this.#options.afterSignOutUrl) {
+      return "/";
+    }
+    return this.constructUrlWithAuthRedirect(this.#options.afterSignOutUrl);
+  };
+  constructSignInUrl = (options) => {
+    return this.#buildUrl("signInUrl", { ...options });
+  };
+  constructSignUpUrl = (options) => {
+    return this.#buildUrl("signUpUrl", { ...options });
+  };
+  __internal_setCountry = (country) => {
+    if (!this.__internal_country) {
+      this.__internal_country = country;
+    }
+  };
+  #initOptions = (options) => {
+    return {
+      ...options
+    };
+  };
+  #emit = () => {
+    if (this._currentUser) {
+      for (const listener of this.#listeners) {
+        listener({
+          user: this._currentUser
+        });
+      }
+    }
+  };
+  #setStatus(newStatus) {
+    if (this.#status !== newStatus) {
+      this.#status = newStatus;
+      this.#publicEventBus.emit(import_ternStatusEvent.ternEvents.Status, this.#status);
+      if (newStatus === "ready") {
+        this.#publicEventBus.emit(import_ternStatusEvent.ternEvents.Status, "ready");
+      }
+    }
+  }
+  #setPersistence = () => {
+    const persistenceType = this.#options.persistence || "none";
+    switch (persistenceType) {
+      case "browserCookie":
+        return import_web_extension.browserCookiePersistence;
+      case "session":
+        return import_auth.browserSessionPersistence;
+      case "local":
+        return import_auth.browserLocalPersistence;
+      case "none":
+      default:
+        return import_auth.inMemoryPersistence;
+    }
+  };
+  #emulatorHost = () => {
+    if (typeof process === "undefined") return void 0;
+    return process.env.FIREBASE_AUTH_EMULATOR_HOST;
+  };
+  #configureEmulator = () => {
+    const host = this.#emulatorHost();
+    const isDev = this.#instanceType === "development";
+    const shouldUseEmulator = isDev && !!host;
+    if (!shouldUseEmulator || !host) {
+      return;
+    }
+    const emulatorUrl = host.startsWith("http") ? host : `http://${host}`;
+    try {
+      (0, import_auth.connectAuthEmulator)(this.auth, emulatorUrl, { disableWarnings: true });
+      console.warn(`[TernSecure] Firebase Auth Emulator connected at ${emulatorUrl}`);
+    } catch (error) {
+      console.error("[TernSecure] Error connecting to Firebase Auth Emulator:", error);
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  TernSecureAuth,
+  inBrowser
+});
+//# sourceMappingURL=TernAuth.js.map

package/dist/cjs/instance/TernAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/instance/TernAuth.ts"],"sourcesContent":["import { handleFirebaseAuthError } from '@tern-secure/shared/errors';\nimport { createTernAuthEventBus, ternEvents } from '@tern-secure/shared/ternStatusEvent';\nimport { stripScheme } from '@tern-secure/shared/url';\nimport { handleValueOrFn } from '@tern-secure/shared/utils';\nimport type {\n  DomainOrProxyUrl,\n  InstanceType,\n  ListenerCallback,\n  RedirectOptions,\n  SignedInSession,\n  SignInRedirectOptions,\n  SignInResource,\n  SignInResponseTree,\n  SignOut,\n  SignOutOptions,\n  SignUpRedirectOptions,\n  SignUpResource,\n  TernSecureAuth as TernSecureAuthInterface,\n  TernSecureAuthOptions,\n  TernSecureAuthStatus,\n  TernSecureConfig,\n  TernSecureResources,\n  TernSecureSDK,\n  TernSecureUser,\n  UnsubscribeCallback,\n} from '@tern-secure/types';\nimport type { FirebaseApp } from 'firebase/app';\nimport { getApps, initializeApp } from 'firebase/app';\nimport type { Auth, Auth as TernAuth } from 'firebase/auth';\nimport {\n  browserLocalPersistence,\n  browserSessionPersistence,\n  connectAuthEmulator,\n  getRedirectResult,\n  initializeAuth,\n  inMemoryPersistence,\n  onAuthStateChanged,\n  onIdTokenChanged,\n} from 'firebase/auth';\nimport { browserCookiePersistence } from 'firebase/auth/web-extension';\nimport { getInstallations } from 'firebase/installations';\n\nimport { AuthCookieManager, SignIn, SignUp, TernSecureBase } from '../resources/internal';\nimport { buildURL } from '../utils/construct';\nimport { eventBus, events } from './events';\n\nexport function inBrowser(): boolean {\n  return typeof window !== 'undefined';\n}\n\nexport { TernAuth };\n\n/**\n * Firebase implementation of the TernSecureAuth interface\n */\nexport class TernSecureAuth implements TernSecureAuthInterface {\n  public static version: string = PACKAGE_VERSION;\n  public static sdkMetadata: TernSecureSDK = {\n    name: PACKAGE_NAME,\n    version: PACKAGE_VERSION,\n    environment: process.env.NODE_ENV || 'production',\n  };\n  private static instance: TernSecureAuth | null = null;\n  private _currentUser: TernSecureUser | null = null;\n  private signedInSession: SignedInSession | null = null;\n  private firebaseClientApp: FirebaseApp | undefined;\n  private authStateUnsubscribe: (() => void) | null = null;\n  private auth!: Auth;\n  private csrfToken: string | undefined;\n  public isLoading = false;\n  public error: Error | null = null;\n  public user: TernSecureUser | null | undefined = null;\n  public __internal_country?: string | null;\n  #domain: DomainOrProxyUrl['domain'];\n  #apiUrl!: string;\n  #instanceType?: InstanceType;\n  #status: TernSecureAuthInterface['status'] = 'loading';\n  #listeners: Array<(emission: TernSecureResources) => void> = [];\n  #options: TernSecureAuthOptions = {} as TernSecureAuthOptions;\n  #authCookieManager?: AuthCookieManager;\n  #publicEventBus = createTernAuthEventBus();\n\n  signIn!: SignInResource;\n  signUp!: SignUpResource;\n\n  get isReady(): boolean {\n    return this.status === 'ready';\n  }\n\n  get status(): TernSecureAuthInterface['status'] {\n    return this.#status;\n  }\n\n  get version(): string {\n    return TernSecureAuth.version;\n  }\n\n  set sdkMetadata(metadata: TernSecureSDK) {\n    TernSecureAuth.sdkMetadata = metadata;\n  }\n\n  get sdkMetadata(): TernSecureSDK {\n    return TernSecureAuth.sdkMetadata;\n  }\n\n  get requiresVerification(): boolean {\n    return this.#options.requiresVerification ?? true;\n  }\n\n  get apiUrl(): string {\n    return this.#apiUrl;\n  }\n\n  public getApiUrl = (): string => this.#apiUrl;\n\n  get domain(): string {\n    if (inBrowser()) {\n      const strippedDomainString = stripScheme(\n        handleValueOrFn(this.#domain, new URL(window.location.href)),\n      );\n      if (this.#instanceType === 'production') {\n        return strippedDomainString;\n      }\n      return strippedDomainString;\n    }\n    return '';\n  }\n\n  get instanceType() {\n    return this.#instanceType;\n  }\n\n  public constructor(options?: TernSecureAuthOptions) {\n    this.#domain = options?.ternSecureConfig?.authDomain;\n    this.#apiUrl = options?.apiUrl || '';\n    this.#instanceType = (process.env.NODE_ENV as InstanceType) || 'production';\n    this.#publicEventBus.emit(ternEvents.Status, 'loading');\n    TernSecureBase.ternsecure = this;\n  }\n\n  public setLoading(isLoading: boolean): void {\n    this.isLoading = isLoading;\n  }\n\n  public authCookieManager(): AuthCookieManager | undefined {\n    return this.#authCookieManager;\n  }\n\n  static getorCreateInstance(options?: TernSecureAuthOptions): TernSecureAuth {\n    if (!this.instance) {\n      this.instance = new TernSecureAuth(options);\n    }\n    console.log('[TernSecureAuth] TernSecureAuth instance:', this.instance);\n    return this.instance;\n  }\n\n  static clearInstance() {\n    if (TernSecureAuth.instance) {\n      if (TernSecureAuth.instance.authStateUnsubscribe) {\n        TernSecureAuth.instance.authStateUnsubscribe();\n        TernSecureAuth.instance.authStateUnsubscribe = null;\n      }\n      TernSecureAuth.instance = null;\n    }\n  }\n\n  public static initialize(options: TernSecureAuthOptions): TernSecureAuth {\n    const instance = this.getorCreateInstance(options);\n    instance.#initialize(options);\n    return instance;\n  }\n\n  #initialize = (options: TernSecureAuthOptions): TernSecureAuth => {\n    this.#options = this.#initOptions(options);\n\n    try {\n      if (!this.#options.ternSecureConfig) {\n        throw new Error('TernSecureConfig is required to initialize TernSecureAuth');\n      }\n\n      if (!this.#options.apiUrl) {\n        throw new Error('apiUrl is required to initialize TernSecureAuth');\n      }\n\n      this.initializeFirebaseApp(this.#options.ternSecureConfig);\n      this.authStateUnsubscribe = this.initAuthStateListener();\n      this._onIdTokenChanged();\n\n      this.#authCookieManager = new AuthCookieManager();\n      this.csrfToken = this.#authCookieManager.getCSRFToken();\n\n      this.signIn = new SignIn(this.auth, this.csrfToken);\n      this.signUp = new SignUp(this.auth);\n\n      this.#setStatus('ready');\n      this.#publicEventBus.emit(ternEvents.Status, 'ready');\n\n      return this;\n    } catch (error) {\n      this.error = error as Error;\n      this.#setStatus('error');\n      this.#publicEventBus.emit(ternEvents.Status, 'error');\n      throw error;\n    }\n  };\n\n  private initializeFirebaseApp(config: TernSecureConfig) {\n    const appName = config.appName || '[DEFAULT]';\n    this.firebaseClientApp = getApps().length === 0 ? initializeApp(config, appName) : getApps()[0];\n\n    const persistence = this.#setPersistence();\n    const auth = initializeAuth(this.firebaseClientApp, {\n      persistence,\n    });\n\n    this.auth = auth;\n\n    if (config.tenantId) {\n      this.auth.tenantId = config.tenantId;\n    }\n\n    this.#configureEmulator();\n\n    getInstallations(this.firebaseClientApp);\n  }\n\n  public signOut: SignOut = async (options?: SignOutOptions) => {\n    const redirectUrl = options?.redirectUrl || this.#constructAfterSignOutUrl();\n    if (options?.onBeforeSignOut) {\n      await options.onBeforeSignOut();\n    }\n\n    await this.auth.signOut();\n\n    if (options?.onAfterSignOut) {\n      await options.onAfterSignOut();\n    }\n    if (inBrowser()) {\n      window.location.href = redirectUrl;\n    }\n    eventBus.emit(events.UserSignOut, null);\n    eventBus.emit(events.TokenRefreshed, { token: null });\n    this.#emit();\n  };\n\n  get currentSession(): SignedInSession | null {\n    return this.signedInSession;\n  };\n\n  private initAuthStateListener(): () => void {\n    return onAuthStateChanged(this.auth, async (user: TernSecureUser | null) => {\n      await this.auth.authStateReady();\n      this._currentUser = user;\n      await this.updateCurrentSession();\n\n      eventBus.emit(events.UserChanged, this._currentUser);\n      this.#emit();\n    });\n  }\n\n  private _onIdTokenChanged(): () => void {\n    return onIdTokenChanged(this.auth, async (user: TernSecureUser | null) => {\n      await this.auth.authStateReady();\n      this._currentUser = user;\n      await this.updateCurrentSession();\n\n      eventBus.emit(events.TokenRefreshed, { token: user ? await user.getIdTokenResult() : null });\n      this.#emit();\n    });\n  }\n\n  public onAuthStateChanged(callback: (cb: any) => void): () => void {\n    return onAuthStateChanged(this.auth, callback);\n  }\n\n  public onIdTokenChanged(callback: (cb: any) => void): () => void {\n    return onIdTokenChanged(this.auth, callback);\n  }\n\n  private async updateCurrentSession(): Promise<void> {\n    if (!this._currentUser) {\n      this.signedInSession = null;\n      return;\n    }\n\n    try {\n      const res = await this._currentUser.getIdTokenResult();\n      this.signedInSession = {\n        status: 'active',\n        token: res.token,\n        claims: res.claims,\n        issuedAtTime: res.issuedAtTime,\n        expirationTime: res.expirationTime,\n        authTime: res.authTime,\n        signInProvider: res.signInProvider || 'unknown',\n      };\n    } catch (error) {\n      console.error('[TernSecureAuth] Error updating session:', error);\n      this.signedInSession = null;\n    }\n  }\n\n  public async checkRedirectResult(): Promise<SignInResponseTree | null> {\n    try {\n      const result = await getRedirectResult(this.auth);\n      if (result) {\n        return {\n          success: true,\n          user: result.user as TernSecureUser,\n        };\n      }\n      return null;\n    } catch (error) {\n      const authError = handleFirebaseAuthError(error);\n      return {\n        success: false,\n        message: authError.message,\n        error: authError.code,\n        user: null,\n      };\n    }\n  }\n\n  public addListener = (listener: ListenerCallback): UnsubscribeCallback => {\n    this.#listeners.push(listener);\n    if (this._currentUser) {\n      listener({\n        user: this._currentUser,\n        session: this.signedInSession,\n      });\n    }\n\n    const unsubscribe = () => {\n      this.#listeners = this.#listeners.filter(l => l !== listener);\n    };\n    return unsubscribe;\n  };\n\n  public on: TernSecureAuthInterface['on'] = (...args) => {\n    this.#publicEventBus.on(...args);\n  };\n\n  public off: TernSecureAuthInterface['off'] = (...args) => {\n    this.#publicEventBus.off(...args);\n  };\n\n  public initialize(options: TernSecureAuthOptions): Promise<void> {\n    this._initialize(options);\n    return Promise.resolve();\n  }\n\n  public static create(options: TernSecureAuthOptions): TernSecureAuth {\n    const instance = this.getorCreateInstance();\n    instance.initialize(options);\n    return instance;\n  }\n\n  _initialize = (options: TernSecureAuthOptions): void => {\n    this.#options = this.#initOptions(options);\n    try {\n      if (!this.#options.ternSecureConfig) {\n        throw new Error('TernSecureConfig is required to initialize TernSecureAuth');\n      }\n\n      if (!this.#options.apiUrl) {\n        throw new Error('apiUrl is required to initialize TernSecureAuth');\n      }\n\n      this.#apiUrl = this.#options.apiUrl;\n\n      this.initializeFirebaseApp(this.#options.ternSecureConfig);\n\n      this.signIn = new SignIn(this.auth, this.csrfToken);\n      this.signUp = new SignUp(this.auth);\n\n      this.#setStatus('ready');\n    } catch (error) {\n      this.error = error as Error;\n      this.#setStatus('error');\n      throw error;\n    }\n  };\n\n  public constructUrlWithAuthRedirect = (to: string): string => {\n    const baseUrl = window.location.origin;\n    const url = new URL(to, baseUrl);\n\n    if (url.origin === window.location.origin) {\n      return url.href;\n    }\n\n    return url.toString();\n  };\n\n  #buildUrl = (key: 'signInUrl' | 'signUpUrl', options: RedirectOptions): string => {\n    if (!key || !this.isReady) {\n      return '';\n    }\n\n    const baseUrlConfig = key === 'signInUrl' ? this.#options.signInUrl : this.#options.signUpUrl;\n    const defaultPagePath = key === 'signInUrl' ? '/sign-in' : '/sign-up';\n    const base = baseUrlConfig || defaultPagePath;\n\n    let effectiveRedirectUrl: string | null | undefined;\n\n    // Priority 1: Get redirect URL from options (signInForceRedirectUrl or signUpForceRedirectUrl)\n    if (key === 'signInUrl' && 'signInForceRedirectUrl' in options) {\n      effectiveRedirectUrl = options.signInForceRedirectUrl;\n    } else if (key === 'signUpUrl' && 'signUpForceRedirectUrl' in options) {\n      effectiveRedirectUrl = options.signUpForceRedirectUrl;\n    }\n\n    // Priority 2: If no force redirect from options, check 'redirect' param in current URL (only in browser)\n    if (!effectiveRedirectUrl && inBrowser()) {\n      const currentUrlParams = new URLSearchParams(window.location.search);\n      const existingRedirectParam = currentUrlParams.get('redirect_url');\n      if (existingRedirectParam) {\n        effectiveRedirectUrl = existingRedirectParam;\n      }\n    }\n\n    // Priority 3: If still no redirect URL, fallback to current page's full path (only in browser)\n    // This ensures that if the call originates from a page, it attempts to redirect back there by default.\n    if (!effectiveRedirectUrl && inBrowser()) {\n      effectiveRedirectUrl =\n        window.location.pathname + window.location.search + window.location.hash;\n    }\n\n    if (effectiveRedirectUrl && inBrowser()) {\n      let signInPagePath: string | undefined;\n      try {\n        signInPagePath = this.#options.signInUrl\n          ? new URL(this.#options.signInUrl, window.location.origin).pathname\n          : defaultPagePath;\n      } catch {\n        signInPagePath = defaultPagePath;\n      }\n\n      let signUpPagePath: string | undefined;\n      try {\n        signUpPagePath = this.#options.signUpUrl\n          ? new URL(this.#options.signUpUrl, window.location.origin).pathname\n          : key === 'signUpUrl'\n            ? defaultPagePath\n            : '/sign-in';\n      } catch {\n        signUpPagePath = key === 'signUpUrl' ? defaultPagePath : '/sign-in';\n      }\n\n      const redirectTargetObj = new URL(effectiveRedirectUrl, window.location.origin);\n\n      if (\n        redirectTargetObj.pathname === signInPagePath ||\n        redirectTargetObj.pathname === signUpPagePath\n      ) {\n        // If the intended redirect path is the sign-in or sign-up page itself,\n        // change the redirect target to the application root ('/').\n        effectiveRedirectUrl = '/';\n      }\n    }\n\n    const paramsForBuildUrl: Parameters<typeof buildURL>[0] = {\n      base,\n      searchParams: new URLSearchParams(),\n    };\n\n    if (effectiveRedirectUrl) {\n      // Check if a redirect URL was determined\n      if (inBrowser()) {\n        const absoluteRedirectUrl = new URL(effectiveRedirectUrl, window.location.origin).href;\n        paramsForBuildUrl.searchParams?.set('redirect', absoluteRedirectUrl);\n      } else {\n        // If not in browser, use the effectiveRedirectUrl as is.\n        // This assumes it's either absolute or a path the server can interpret.\n        paramsForBuildUrl.searchParams?.set('redirect', effectiveRedirectUrl);\n      }\n    }\n\n    const constructedUrl = buildURL(paramsForBuildUrl, {\n      stringify: true,\n      skipOrigin: false,\n    });\n\n    if (typeof constructedUrl !== 'string') {\n      console.error(\n        '[TernSecure] Error: buildURL did not return a string as expected. Falling back to base URL.',\n      );\n      if (inBrowser()) {\n        try {\n          return new URL(base, window.location.origin).href;\n        } catch {\n          return base;\n        }\n      }\n      return base;\n    }\n\n    return this.constructUrlWithAuthRedirect(constructedUrl);\n  };\n\n  #constructAfterSignOutUrl = (): string => {\n    if (!this.#options.afterSignOutUrl) {\n      return '/';\n    }\n    return this.constructUrlWithAuthRedirect(this.#options.afterSignOutUrl);\n  };\n\n  public constructSignInUrl = (options?: SignInRedirectOptions): string => {\n    return this.#buildUrl('signInUrl', { ...options });\n  };\n\n  public constructSignUpUrl = (options?: SignUpRedirectOptions): string => {\n    return this.#buildUrl('signUpUrl', { ...options });\n  };\n\n  __internal_setCountry = (country: string | null) => {\n    if (!this.__internal_country) {\n      this.__internal_country = country;\n    }\n  };\n\n  #initOptions = (options: TernSecureAuthOptions): TernSecureAuthOptions => {\n    return {\n      ...options,\n    };\n  };\n\n  #emit = (): void => {\n    if (this._currentUser) {\n      for (const listener of this.#listeners) {\n        listener({\n          user: this._currentUser,\n        });\n      }\n    }\n  };\n\n  #setStatus(newStatus: TernSecureAuthStatus): void {\n    if (this.#status !== newStatus) {\n      this.#status = newStatus;\n      this.#publicEventBus.emit(ternEvents.Status, this.#status);\n\n      if (newStatus === 'ready') {\n        this.#publicEventBus.emit(ternEvents.Status, 'ready');\n      }\n    }\n  }\n\n  #setPersistence = () => {\n    const persistenceType = this.#options.persistence || 'none';\n\n    switch (persistenceType) {\n      case 'browserCookie':\n        return browserCookiePersistence;\n      case 'session':\n        return browserSessionPersistence;\n      case 'local':\n        return browserLocalPersistence;\n      case 'none':\n      default:\n        return inMemoryPersistence;\n    }\n  };\n\n  #emulatorHost = (): string | undefined => {\n    if (typeof process === 'undefined') return undefined;\n    return process.env.FIREBASE_AUTH_EMULATOR_HOST;\n  };\n\n  #configureEmulator = (): void => {\n    const host = this.#emulatorHost();\n    const isDev = this.#instanceType === 'development';\n    const shouldUseEmulator = isDev && !!host;\n    if (!shouldUseEmulator || !host) {\n      return;\n    }\n\n    const emulatorUrl = host.startsWith('http') ? host : `http://${host}`;\n\n    try {\n      //(this.auth as unknown as any)._canInitEmulator = true;\n      connectAuthEmulator(this.auth, emulatorUrl, { disableWarnings: true });\n      console.warn(`[TernSecure] Firebase Auth Emulator connected at ${emulatorUrl}`);\n    } catch (error) {\n      console.error('[TernSecure] Error connecting to Firebase Auth Emulator:', error);\n    }\n  };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAAwC;AACxC,6BAAmD;AACnD,iBAA4B;AAC5B,mBAAgC;AAwBhC,iBAAuC;AAEvC,kBASO;AACP,2BAAyC;AACzC,2BAAiC;AAEjC,sBAAkE;AAClE,uBAAyB;AACzB,oBAAiC;AAE1B,SAAS,YAAqB;AACnC,SAAO,OAAO,WAAW;AAC3B;AAOO,MAAM,eAAkD;AAAA,EAC7D,OAAc,UAAkB;AAAA,EAChC,OAAc,cAA6B;AAAA,IACzC,MAAM;AAAA,IACN,SAAS;AAAA,IACT,aAAa,QAAQ,IAAI,YAAY;AAAA,EACvC;AAAA,EACA,OAAe,WAAkC;AAAA,EACzC,eAAsC;AAAA,EACtC,kBAA0C;AAAA,EAC1C;AAAA,EACA,uBAA4C;AAAA,EAC5C;AAAA,EACA;AAAA,EACD,YAAY;AAAA,EACZ,QAAsB;AAAA,EACtB,OAA0C;AAAA,EAC1C;AAAA,EACP;AAAA,EACA;AAAA,EACA;AAAA,EACA,UAA6C;AAAA,EAC7C,aAA6D,CAAC;AAAA,EAC9D,WAAkC,CAAC;AAAA,EACnC;AAAA,EACA,sBAAkB,+CAAuB;AAAA,EAEzC;AAAA,EACA;AAAA,EAEA,IAAI,UAAmB;AACrB,WAAO,KAAK,WAAW;AAAA,EACzB;AAAA,EAEA,IAAI,SAA4C;AAC9C,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,UAAkB;AACpB,WAAO,eAAe;AAAA,EACxB;AAAA,EAEA,IAAI,YAAY,UAAyB;AACvC,mBAAe,cAAc;AAAA,EAC/B;AAAA,EAEA,IAAI,cAA6B;AAC/B,WAAO,eAAe;AAAA,EACxB;AAAA,EAEA,IAAI,uBAAgC;AAClC,WAAO,KAAK,SAAS,wBAAwB;AAAA,EAC/C;AAAA,EAEA,IAAI,SAAiB;AACnB,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,YAAY,MAAc,KAAK;AAAA,EAEtC,IAAI,SAAiB;AACnB,QAAI,UAAU,GAAG;AACf,YAAM,2BAAuB;AAAA,YAC3B,8BAAgB,KAAK,SAAS,IAAI,IAAI,OAAO,SAAS,IAAI,CAAC;AAAA,MAC7D;AACA,UAAI,KAAK,kBAAkB,cAAc;AACvC,eAAO;AAAA,MACT;AACA,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,eAAe;AACjB,WAAO,KAAK;AAAA,EACd;AAAA,EAEO,YAAY,SAAiC;AApItD;AAqII,SAAK,WAAU,wCAAS,qBAAT,mBAA2B;AAC1C,SAAK,WAAU,mCAAS,WAAU;AAClC,SAAK,gBAAiB,QAAQ,IAAI,YAA6B;AAC/D,SAAK,gBAAgB,KAAK,kCAAW,QAAQ,SAAS;AACtD,mCAAe,aAAa;AAAA,EAC9B;AAAA,EAEO,WAAW,WAA0B;AAC1C,SAAK,YAAY;AAAA,EACnB;AAAA,EAEO,oBAAmD;AACxD,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,OAAO,oBAAoB,SAAiD;AAC1E,QAAI,CAAC,KAAK,UAAU;AAClB,WAAK,WAAW,IAAI,eAAe,OAAO;AAAA,IAC5C;AACA,YAAQ,IAAI,6CAA6C,KAAK,QAAQ;AACtE,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,OAAO,gBAAgB;AACrB,QAAI,eAAe,UAAU;AAC3B,UAAI,eAAe,SAAS,sBAAsB;AAChD,uBAAe,SAAS,qBAAqB;AAC7C,uBAAe,SAAS,uBAAuB;AAAA,MACjD;AACA,qBAAe,WAAW;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,OAAc,WAAW,SAAgD;AACvE,UAAM,WAAW,KAAK,oBAAoB,OAAO;AACjD,aAAS,YAAY,OAAO;AAC5B,WAAO;AAAA,EACT;AAAA,EAEA,cAAc,CAAC,YAAmD;AAChE,SAAK,WAAW,KAAK,aAAa,OAAO;AAEzC,QAAI;AACF,UAAI,CAAC,KAAK,SAAS,kBAAkB;AACnC,cAAM,IAAI,MAAM,2DAA2D;AAAA,MAC7E;AAEA,UAAI,CAAC,KAAK,SAAS,QAAQ;AACzB,cAAM,IAAI,MAAM,iDAAiD;AAAA,MACnE;AAEA,WAAK,sBAAsB,KAAK,SAAS,gBAAgB;AACzD,WAAK,uBAAuB,KAAK,sBAAsB;AACvD,WAAK,kBAAkB;AAEvB,WAAK,qBAAqB,IAAI,kCAAkB;AAChD,WAAK,YAAY,KAAK,mBAAmB,aAAa;AAEtD,WAAK,SAAS,IAAI,uBAAO,KAAK,MAAM,KAAK,SAAS;AAClD,WAAK,SAAS,IAAI,uBAAO,KAAK,IAAI;AAElC,WAAK,WAAW,OAAO;AACvB,WAAK,gBAAgB,KAAK,kCAAW,QAAQ,OAAO;AAEpD,aAAO;AAAA,IACT,SAAS,OAAO;AACd,WAAK,QAAQ;AACb,WAAK,WAAW,OAAO;AACvB,WAAK,gBAAgB,KAAK,kCAAW,QAAQ,OAAO;AACpD,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEQ,sBAAsB,QAA0B;AACtD,UAAM,UAAU,OAAO,WAAW;AAClC,SAAK,wBAAoB,oBAAQ,EAAE,WAAW,QAAI,0BAAc,QAAQ,OAAO,QAAI,oBAAQ,EAAE,CAAC;AAE9F,UAAM,cAAc,KAAK,gBAAgB;AACzC,UAAM,WAAO,4BAAe,KAAK,mBAAmB;AAAA,MAClD;AAAA,IACF,CAAC;AAED,SAAK,OAAO;AAEZ,QAAI,OAAO,UAAU;AACnB,WAAK,KAAK,WAAW,OAAO;AAAA,IAC9B;AAEA,SAAK,mBAAmB;AAExB,+CAAiB,KAAK,iBAAiB;AAAA,EACzC;AAAA,EAEO,UAAmB,OAAO,YAA6B;AAC5D,UAAM,eAAc,mCAAS,gBAAe,KAAK,0BAA0B;AAC3E,QAAI,mCAAS,iBAAiB;AAC5B,YAAM,QAAQ,gBAAgB;AAAA,IAChC;AAEA,UAAM,KAAK,KAAK,QAAQ;AAExB,QAAI,mCAAS,gBAAgB;AAC3B,YAAM,QAAQ,eAAe;AAAA,IAC/B;AACA,QAAI,UAAU,GAAG;AACf,aAAO,SAAS,OAAO;AAAA,IACzB;AACA,2BAAS,KAAK,qBAAO,aAAa,IAAI;AACtC,2BAAS,KAAK,qBAAO,gBAAgB,EAAE,OAAO,KAAK,CAAC;AACpD,SAAK,MAAM;AAAA,EACb;AAAA,EAEA,IAAI,iBAAyC;AAC3C,WAAO,KAAK;AAAA,EACd;AAAA,EAEQ,wBAAoC;AAC1C,eAAO,gCAAmB,KAAK,MAAM,OAAO,SAAgC;AAC1E,YAAM,KAAK,KAAK,eAAe;AAC/B,WAAK,eAAe;AACpB,YAAM,KAAK,qBAAqB;AAEhC,6BAAS,KAAK,qBAAO,aAAa,KAAK,YAAY;AACnD,WAAK,MAAM;AAAA,IACb,CAAC;AAAA,EACH;AAAA,EAEQ,oBAAgC;AACtC,eAAO,8BAAiB,KAAK,MAAM,OAAO,SAAgC;AACxE,YAAM,KAAK,KAAK,eAAe;AAC/B,WAAK,eAAe;AACpB,YAAM,KAAK,qBAAqB;AAEhC,6BAAS,KAAK,qBAAO,gBAAgB,EAAE,OAAO,OAAO,MAAM,KAAK,iBAAiB,IAAI,KAAK,CAAC;AAC3F,WAAK,MAAM;AAAA,IACb,CAAC;AAAA,EACH;AAAA,EAEO,mBAAmB,UAAyC;AACjE,eAAO,gCAAmB,KAAK,MAAM,QAAQ;AAAA,EAC/C;AAAA,EAEO,iBAAiB,UAAyC;AAC/D,eAAO,8BAAiB,KAAK,MAAM,QAAQ;AAAA,EAC7C;AAAA,EAEA,MAAc,uBAAsC;AAClD,QAAI,CAAC,KAAK,cAAc;AACtB,WAAK,kBAAkB;AACvB;AAAA,IACF;AAEA,QAAI;AACF,YAAM,MAAM,MAAM,KAAK,aAAa,iBAAiB;AACrD,WAAK,kBAAkB;AAAA,QACrB,QAAQ;AAAA,QACR,OAAO,IAAI;AAAA,QACX,QAAQ,IAAI;AAAA,QACZ,cAAc,IAAI;AAAA,QAClB,gBAAgB,IAAI;AAAA,QACpB,UAAU,IAAI;AAAA,QACd,gBAAgB,IAAI,kBAAkB;AAAA,MACxC;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,4CAA4C,KAAK;AAC/D,WAAK,kBAAkB;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,MAAa,sBAA0D;AACrE,QAAI;AACF,YAAM,SAAS,UAAM,+BAAkB,KAAK,IAAI;AAChD,UAAI,QAAQ;AACV,eAAO;AAAA,UACL,SAAS;AAAA,UACT,MAAM,OAAO;AAAA,QACf;AAAA,MACF;AACA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,YAAM,gBAAY,uCAAwB,KAAK;AAC/C,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,UAAU;AAAA,QACnB,OAAO,UAAU;AAAA,QACjB,MAAM;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA,EAEO,cAAc,CAAC,aAAoD;AACxE,SAAK,WAAW,KAAK,QAAQ;AAC7B,QAAI,KAAK,cAAc;AACrB,eAAS;AAAA,QACP,MAAM,KAAK;AAAA,QACX,SAAS,KAAK;AAAA,MAChB,CAAC;AAAA,IACH;AAEA,UAAM,cAAc,MAAM;AACxB,WAAK,aAAa,KAAK,WAAW,OAAO,OAAK,MAAM,QAAQ;AAAA,IAC9D;AACA,WAAO;AAAA,EACT;AAAA,EAEO,KAAoC,IAAI,SAAS;AACtD,SAAK,gBAAgB,GAAG,GAAG,IAAI;AAAA,EACjC;AAAA,EAEO,MAAsC,IAAI,SAAS;AACxD,SAAK,gBAAgB,IAAI,GAAG,IAAI;AAAA,EAClC;AAAA,EAEO,WAAW,SAA+C;AAC/D,SAAK,YAAY,OAAO;AACxB,WAAO,QAAQ,QAAQ;AAAA,EACzB;AAAA,EAEA,OAAc,OAAO,SAAgD;AACnE,UAAM,WAAW,KAAK,oBAAoB;AAC1C,aAAS,WAAW,OAAO;AAC3B,WAAO;AAAA,EACT;AAAA,EAEA,cAAc,CAAC,YAAyC;AACtD,SAAK,WAAW,KAAK,aAAa,OAAO;AACzC,QAAI;AACF,UAAI,CAAC,KAAK,SAAS,kBAAkB;AACnC,cAAM,IAAI,MAAM,2DAA2D;AAAA,MAC7E;AAEA,UAAI,CAAC,KAAK,SAAS,QAAQ;AACzB,cAAM,IAAI,MAAM,iDAAiD;AAAA,MACnE;AAEA,WAAK,UAAU,KAAK,SAAS;AAE7B,WAAK,sBAAsB,KAAK,SAAS,gBAAgB;AAEzD,WAAK,SAAS,IAAI,uBAAO,KAAK,MAAM,KAAK,SAAS;AAClD,WAAK,SAAS,IAAI,uBAAO,KAAK,IAAI;AAElC,WAAK,WAAW,OAAO;AAAA,IACzB,SAAS,OAAO;AACd,WAAK,QAAQ;AACb,WAAK,WAAW,OAAO;AACvB,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEO,+BAA+B,CAAC,OAAuB;AAC5D,UAAM,UAAU,OAAO,SAAS;AAChC,UAAM,MAAM,IAAI,IAAI,IAAI,OAAO;AAE/B,QAAI,IAAI,WAAW,OAAO,SAAS,QAAQ;AACzC,aAAO,IAAI;AAAA,IACb;AAEA,WAAO,IAAI,SAAS;AAAA,EACtB;AAAA,EAEA,YAAY,CAAC,KAAgC,YAAqC;AA1YpF;AA2YI,QAAI,CAAC,OAAO,CAAC,KAAK,SAAS;AACzB,aAAO;AAAA,IACT;AAEA,UAAM,gBAAgB,QAAQ,cAAc,KAAK,SAAS,YAAY,KAAK,SAAS;AACpF,UAAM,kBAAkB,QAAQ,cAAc,aAAa;AAC3D,UAAM,OAAO,iBAAiB;AAE9B,QAAI;AAGJ,QAAI,QAAQ,eAAe,4BAA4B,SAAS;AAC9D,6BAAuB,QAAQ;AAAA,IACjC,WAAW,QAAQ,eAAe,4BAA4B,SAAS;AACrE,6BAAuB,QAAQ;AAAA,IACjC;AAGA,QAAI,CAAC,wBAAwB,UAAU,GAAG;AACxC,YAAM,mBAAmB,IAAI,gBAAgB,OAAO,SAAS,MAAM;AACnE,YAAM,wBAAwB,iBAAiB,IAAI,cAAc;AACjE,UAAI,uBAAuB;AACzB,+BAAuB;AAAA,MACzB;AAAA,IACF;AAIA,QAAI,CAAC,wBAAwB,UAAU,GAAG;AACxC,6BACE,OAAO,SAAS,WAAW,OAAO,SAAS,SAAS,OAAO,SAAS;AAAA,IACxE;AAEA,QAAI,wBAAwB,UAAU,GAAG;AACvC,UAAI;AACJ,UAAI;AACF,yBAAiB,KAAK,SAAS,YAC3B,IAAI,IAAI,KAAK,SAAS,WAAW,OAAO,SAAS,MAAM,EAAE,WACzD;AAAA,MACN,QAAQ;AACN,yBAAiB;AAAA,MACnB;AAEA,UAAI;AACJ,UAAI;AACF,yBAAiB,KAAK,SAAS,YAC3B,IAAI,IAAI,KAAK,SAAS,WAAW,OAAO,SAAS,MAAM,EAAE,WACzD,QAAQ,cACN,kBACA;AAAA,MACR,QAAQ;AACN,yBAAiB,QAAQ,cAAc,kBAAkB;AAAA,MAC3D;AAEA,YAAM,oBAAoB,IAAI,IAAI,sBAAsB,OAAO,SAAS,MAAM;AAE9E,UACE,kBAAkB,aAAa,kBAC/B,kBAAkB,aAAa,gBAC/B;AAGA,+BAAuB;AAAA,MACzB;AAAA,IACF;AAEA,UAAM,oBAAoD;AAAA,MACxD;AAAA,MACA,cAAc,IAAI,gBAAgB;AAAA,IACpC;AAEA,QAAI,sBAAsB;AAExB,UAAI,UAAU,GAAG;AACf,cAAM,sBAAsB,IAAI,IAAI,sBAAsB,OAAO,SAAS,MAAM,EAAE;AAClF,gCAAkB,iBAAlB,mBAAgC,IAAI,YAAY;AAAA,MAClD,OAAO;AAGL,gCAAkB,iBAAlB,mBAAgC,IAAI,YAAY;AAAA,MAClD;AAAA,IACF;AAEA,UAAM,qBAAiB,2BAAS,mBAAmB;AAAA,MACjD,WAAW;AAAA,MACX,YAAY;AAAA,IACd,CAAC;AAED,QAAI,OAAO,mBAAmB,UAAU;AACtC,cAAQ;AAAA,QACN;AAAA,MACF;AACA,UAAI,UAAU,GAAG;AACf,YAAI;AACF,iBAAO,IAAI,IAAI,MAAM,OAAO,SAAS,MAAM,EAAE;AAAA,QAC/C,QAAQ;AACN,iBAAO;AAAA,QACT;AAAA,MACF;AACA,aAAO;AAAA,IACT;AAEA,WAAO,KAAK,6BAA6B,cAAc;AAAA,EACzD;AAAA,EAEA,4BAA4B,MAAc;AACxC,QAAI,CAAC,KAAK,SAAS,iBAAiB;AAClC,aAAO;AAAA,IACT;AACA,WAAO,KAAK,6BAA6B,KAAK,SAAS,eAAe;AAAA,EACxE;AAAA,EAEO,qBAAqB,CAAC,YAA4C;AACvE,WAAO,KAAK,UAAU,aAAa,EAAE,GAAG,QAAQ,CAAC;AAAA,EACnD;AAAA,EAEO,qBAAqB,CAAC,YAA4C;AACvE,WAAO,KAAK,UAAU,aAAa,EAAE,GAAG,QAAQ,CAAC;AAAA,EACnD;AAAA,EAEA,wBAAwB,CAAC,YAA2B;AAClD,QAAI,CAAC,KAAK,oBAAoB;AAC5B,WAAK,qBAAqB;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,eAAe,CAAC,YAA0D;AACxE,WAAO;AAAA,MACL,GAAG;AAAA,IACL;AAAA,EACF;AAAA,EAEA,QAAQ,MAAY;AAClB,QAAI,KAAK,cAAc;AACrB,iBAAW,YAAY,KAAK,YAAY;AACtC,iBAAS;AAAA,UACP,MAAM,KAAK;AAAA,QACb,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAAA,EAEA,WAAW,WAAuC;AAChD,QAAI,KAAK,YAAY,WAAW;AAC9B,WAAK,UAAU;AACf,WAAK,gBAAgB,KAAK,kCAAW,QAAQ,KAAK,OAAO;AAEzD,UAAI,cAAc,SAAS;AACzB,aAAK,gBAAgB,KAAK,kCAAW,QAAQ,OAAO;AAAA,MACtD;AAAA,IACF;AAAA,EACF;AAAA,EAEA,kBAAkB,MAAM;AACtB,UAAM,kBAAkB,KAAK,SAAS,eAAe;AAErD,YAAQ,iBAAiB;AAAA,MACvB,KAAK;AACH,eAAO;AAAA,MACT,KAAK;AACH,eAAO;AAAA,MACT,KAAK;AACH,eAAO;AAAA,MACT,KAAK;AAAA,MACL;AACE,eAAO;AAAA,IACX;AAAA,EACF;AAAA,EAEA,gBAAgB,MAA0B;AACxC,QAAI,OAAO,YAAY,YAAa,QAAO;AAC3C,WAAO,QAAQ,IAAI;AAAA,EACrB;AAAA,EAEA,qBAAqB,MAAY;AAC/B,UAAM,OAAO,KAAK,cAAc;AAChC,UAAM,QAAQ,KAAK,kBAAkB;AACrC,UAAM,oBAAoB,SAAS,CAAC,CAAC;AACrC,QAAI,CAAC,qBAAqB,CAAC,MAAM;AAC/B;AAAA,IACF;AAEA,UAAM,cAAc,KAAK,WAAW,MAAM,IAAI,OAAO,UAAU,IAAI;AAEnE,QAAI;AAEF,2CAAoB,KAAK,MAAM,aAAa,EAAE,iBAAiB,KAAK,CAAC;AACrE,cAAQ,KAAK,oDAAoD,WAAW,EAAE;AAAA,IAChF,SAAS,OAAO;AACd,cAAQ,MAAM,4DAA4D,KAAK;AAAA,IACjF;AAAA,EACF;AACF;","names":[]}

package/dist/cjs/instance/TernAuthServer.js

@@ -0,0 +1,95 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var TernAuthServer_exports = {};
+__export(TernAuthServer_exports, {
+  TernServerAuth: () => TernServerAuth
+});
+module.exports = __toCommonJS(TernAuthServer_exports);
+var import_app = require("firebase/app");
+var import_auth = require("firebase/auth");
+class TernServerAuth {
+  static instance = null;
+  auth;
+  #options = {};
+  constructor() {
+  }
+  static getInstance() {
+    if (!this.instance) {
+      this.instance = new TernServerAuth();
+    }
+    return this.instance;
+  }
+  static initialize(options) {
+    const instance = this.getInstance();
+    instance.#initialize(options);
+    return instance;
+  }
+  #initialize(options) {
+    this.#options = this.#initOptions(options);
+  }
+  static clearInstance() {
+    this.instance = null;
+  }
+  getAuthIdToken = async () => {
+    await this.auth.authStateReady();
+    if (!this.auth.currentUser) return;
+    return await (0, import_auth.getIdToken)(this.auth.currentUser);
+  };
+  getAuthenticatedAppFromHeaders = async (headers) => {
+    const authHeader = headers.get("Authorization");
+    const idToken = authHeader == null ? void 0 : authHeader.split("Bearer ")[1];
+    let appSettings = {};
+    appSettings = {
+      releaseOnDeref: headers
+    };
+    if (idToken && idToken.trim()) {
+      appSettings.authIdToken = idToken;
+    }
+    return this.getServerApp(appSettings);
+  };
+  getServerApp = async (appSettings) => {
+    const firebaseServerConfig = this.#options.firebaseServerConfig;
+    if (!firebaseServerConfig) {
+      throw new Error(
+        "Firebase server configuration is required to initialize the server app"
+      );
+    }
+    const firebaseServerApp = (0, import_app.initializeServerApp)(
+      firebaseServerConfig,
+      appSettings || {}
+    );
+    this.auth = (0, import_auth.getAuth)(firebaseServerApp);
+    await this.auth.authStateReady();
+    return {
+      firebaseServerApp,
+      currentUser: this.auth.currentUser,
+      auth: this.auth
+    };
+  };
+  #initOptions = (options) => {
+    return {
+      ...options
+    };
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  TernServerAuth
+});
+//# sourceMappingURL=TernAuthServer.js.map