@tern-secure/auth 1.0.0

package/dist/cjs/resources/Base.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/resources/Base.ts"],"sourcesContent":["import { isValidBrowserOnline } from '@tern-secure/shared/browser';\nimport type { TernSecureApiErrorJSON } from '@tern-secure/types';\n\nimport type { ApiRequestInit, ApiResponse, ApiResponseJSON } from '../instance/coreApiClient';\nimport { coreApiClient } from '../instance/coreApiClient';\nimport { TernSecureAPIResponseError } from './Error';\nimport type { AuthCookieManager,TernSecureAuth } from './internal';\n\nexport type HTTPMethod =\n  | 'CONNECT'\n  | 'DELETE'\n  | 'GET'\n  | 'HEAD'\n  | 'OPTIONS'\n  | 'PATCH'\n  | 'POST'\n  | 'PUT'\n  | 'TRACE';\n\nexport type PostMutateParams = {\n  action?: string | undefined;\n  body?: any;\n  method?: HTTPMethod | undefined;\n  path?: string;\n};\n\nexport abstract class TernSecureBase {\n  static ternsecure: TernSecureAuth;\n\n  static get apiUrl() {\n    return TernSecureBase.ternsecure.getApiUrl();\n  }\n\n  static get authCookieManager(): AuthCookieManager | undefined {\n    return this.ternsecure.authCookieManager();\n  }\n  protected get authCookieManager(): AuthCookieManager | undefined {\n    return TernSecureBase.authCookieManager;\n  }\n\n  /**\n   * Core method to fetch data from API endpoints using coreApiClient\n   * This method handles the complete request lifecycle including error handling\n   */\n  static async fetchFromCoreApi(requestInit: ApiRequestInit): Promise<ApiResponseJSON<any> | null> {\n    if (!TernSecureBase.apiUrl) {\n      throw new Error('API URL is not defined. Make sure TernSecureAuth is properly initialized.');\n    }\n\n    const apiUrl = this.ternsecure.apiUrl;\n\n    let apiResponse: ApiResponse<any>;\n    try {\n      apiResponse = await coreApiClient.request(requestInit, { apiUrl });\n    } catch (error) {\n      if (!isValidBrowserOnline()) {\n        console.warn(error);\n        return null;\n      }\n      throw error;\n    }\n\n    const { payload, status, statusText, headers } = apiResponse;\n\n    if (headers) {\n      const country = headers.get('x-country');\n      this.ternsecure.__internal_setCountry(country ? country.toLowerCase() : null);\n    }\n\n    if (status >= 200 && status <= 299) {\n      return payload;\n    }\n\n    if (status >= 400) {\n      const errors = payload?.errors as TernSecureApiErrorJSON[];\n      const message = errors?.[0]?.message;\n\n      const apiResponseOptions: ConstructorParameters<typeof TernSecureAPIResponseError>[1] = {\n        data: errors,\n        status,\n      };\n      if (status === 429 && headers) {\n        const retryAfter = headers.get('retry-After');\n        if (retryAfter) {\n          const value = parseInt(retryAfter, 10);\n          if (!isNaN(value)) {\n            apiResponseOptions.retryAfter = value;\n          }\n        }\n      }\n\n      throw new TernSecureAPIResponseError(message || statusText, apiResponseOptions);\n    }\n\n    return null;\n  }\n\n  /**\n   * Convenience method for making POST requests\n   */\n  static async basePost(params: PostMutateParams): Promise<ApiResponseJSON<any> | null> {\n    return this.fetchFromCoreApi({ ...params, method: 'POST' });\n  }\n\n  /**\n   * Instance method to fetch data from API endpoints\n   */\n  protected async fetchFromCoreApi(\n    requestInit: ApiRequestInit,\n  ): Promise<ApiResponseJSON<any> | null> {\n    return TernSecureBase.fetchFromCoreApi(requestInit);\n  }\n\n  /**\n   * Instance method for making POST requests\n   */\n  protected async basePost(params: PostMutateParams): Promise<ApiResponseJSON<any> | null> {\n    return TernSecureBase.basePost(params);\n  }\n\n  /**\n   * Protected instance method for making POST requests with specific path and body\n   * This is designed to be used by child classes like SignIn\n   */\n  protected async _post(params: PostMutateParams): Promise<ApiResponseJSON<any> | null> {\n    return this.basePost({\n      path: params.path,\n      body: params.body\n    });\n  }\n\n  static async makeApiRequest(requestInit: ApiRequestInit): Promise<ApiResponseJSON<any> | null> {\n    return this.fetchFromCoreApi(requestInit);\n  }\n\n  protected async makeApiRequest(\n    requestInit: ApiRequestInit,\n  ): Promise<ApiResponseJSON<any> | null> {\n    return this.fetchFromCoreApi(requestInit);\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,qBAAqC;AAIrC,2BAA8B;AAC9B,mBAA2C;AAqBpC,MAAe,eAAe;AAAA,EACnC,OAAO;AAAA,EAEP,WAAW,SAAS;AAClB,WAAO,eAAe,WAAW,UAAU;AAAA,EAC7C;AAAA,EAEA,WAAW,oBAAmD;AAC5D,WAAO,KAAK,WAAW,kBAAkB;AAAA,EAC3C;AAAA,EACA,IAAc,oBAAmD;AAC/D,WAAO,eAAe;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,aAAa,iBAAiB,aAAmE;AA5CnG;AA6CI,QAAI,CAAC,eAAe,QAAQ;AAC1B,YAAM,IAAI,MAAM,2EAA2E;AAAA,IAC7F;AAEA,UAAM,SAAS,KAAK,WAAW;AAE/B,QAAI;AACJ,QAAI;AACF,oBAAc,MAAM,mCAAc,QAAQ,aAAa,EAAE,OAAO,CAAC;AAAA,IACnE,SAAS,OAAO;AACd,UAAI,KAAC,qCAAqB,GAAG;AAC3B,gBAAQ,KAAK,KAAK;AAClB,eAAO;AAAA,MACT;AACA,YAAM;AAAA,IACR;AAEA,UAAM,EAAE,SAAS,QAAQ,YAAY,QAAQ,IAAI;AAEjD,QAAI,SAAS;AACX,YAAM,UAAU,QAAQ,IAAI,WAAW;AACvC,WAAK,WAAW,sBAAsB,UAAU,QAAQ,YAAY,IAAI,IAAI;AAAA,IAC9E;AAEA,QAAI,UAAU,OAAO,UAAU,KAAK;AAClC,aAAO;AAAA,IACT;AAEA,QAAI,UAAU,KAAK;AACjB,YAAM,SAAS,mCAAS;AACxB,YAAM,WAAU,sCAAS,OAAT,mBAAa;AAE7B,YAAM,qBAAkF;AAAA,QACtF,MAAM;AAAA,QACN;AAAA,MACF;AACA,UAAI,WAAW,OAAO,SAAS;AAC7B,cAAM,aAAa,QAAQ,IAAI,aAAa;AAC5C,YAAI,YAAY;AACd,gBAAM,QAAQ,SAAS,YAAY,EAAE;AACrC,cAAI,CAAC,MAAM,KAAK,GAAG;AACjB,+BAAmB,aAAa;AAAA,UAClC;AAAA,QACF;AAAA,MACF;AAEA,YAAM,IAAI,wCAA2B,WAAW,YAAY,kBAAkB;AAAA,IAChF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,SAAS,QAAgE;AACpF,WAAO,KAAK,iBAAiB,EAAE,GAAG,QAAQ,QAAQ,OAAO,CAAC;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA,EAKA,MAAgB,iBACd,aACsC;AACtC,WAAO,eAAe,iBAAiB,WAAW;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAgB,SAAS,QAAgE;AACvF,WAAO,eAAe,SAAS,MAAM;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAgB,MAAM,QAAgE;AACpF,WAAO,KAAK,SAAS;AAAA,MACnB,MAAM,OAAO;AAAA,MACb,MAAM,OAAO;AAAA,IACf,CAAC;AAAA,EACH;AAAA,EAEA,aAAa,eAAe,aAAmE;AAC7F,WAAO,KAAK,iBAAiB,WAAW;AAAA,EAC1C;AAAA,EAEA,MAAgB,eACd,aACsC;AACtC,WAAO,KAAK,iBAAiB,WAAW;AAAA,EAC1C;AACF;","names":[]}

package/dist/cjs/resources/Error.js

@@ -0,0 +1,31 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var Error_exports = {};
+__export(Error_exports, {
+  TernSecureAPIResponseError: () => import_errors_api.TernSecureAPIResponseError,
+  TernSecureRuntimeError: () => import_errors_api.TernSecureRuntimeError
+});
+module.exports = __toCommonJS(Error_exports);
+var import_errors_api = require("@tern-secure/shared/errors-api");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  TernSecureAPIResponseError,
+  TernSecureRuntimeError
+});
+//# sourceMappingURL=Error.js.map

package/dist/cjs/resources/Error.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/resources/Error.ts"],"sourcesContent":["export {\n  TernSecureAPIResponseError,\n  TernSecureRuntimeError,\n} from \"@tern-secure/shared/errors-api\";\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,wBAGO;","names":[]}

package/dist/cjs/resources/SignIn.js

@@ -0,0 +1,224 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var SignIn_exports = {};
+__export(SignIn_exports, {
+  SignIn: () => SignIn
+});
+module.exports = __toCommonJS(SignIn_exports);
+var import_errors = require("@tern-secure/shared/errors");
+var import_auth = require("firebase/auth");
+var import_Base = require("./Base");
+class SignIn extends import_Base.TernSecureBase {
+  pathRoot = "/sessions/createsession";
+  status;
+  auth;
+  csrfToken;
+  _currentUser = null;
+  constructor(auth, csrfToken) {
+    super();
+    this.auth = auth;
+    this.csrfToken = csrfToken;
+  }
+  signInWithCredential = async (credential) => {
+    const idToken = await credential.user.getIdToken();
+    const params = {
+      idToken,
+      csrfToken: this.csrfToken
+    };
+    return this._post({
+      path: this.pathRoot,
+      body: params
+    });
+  };
+  withEmailAndPassword = async (params) => {
+    try {
+      const { email, password } = params;
+      const userCredential = await (0, import_auth.signInWithEmailAndPassword)(
+        this.auth,
+        email,
+        password
+      );
+      await this.signInWithCredential(userCredential);
+      const { user } = userCredential;
+      return {
+        success: true,
+        message: "Authentication successful",
+        user,
+        error: !user.emailVerified ? "REQUIRES_VERIFICATION" : "AUTHENTICATED"
+      };
+    } catch (error) {
+      const authError = (0, import_errors.handleFirebaseAuthError)(error);
+      return {
+        success: false,
+        message: authError.message,
+        error: authError.code,
+        user: null
+      };
+    }
+  };
+  withCredential = async (params) => {
+    try {
+      const { email, password } = params;
+      const userCredential = await (0, import_auth.signInWithEmailAndPassword)(
+        this.auth,
+        email,
+        password
+      );
+      await this.signInWithCredential(userCredential);
+    } catch (error) {
+      const authError = (0, import_errors.handleFirebaseAuthError)(error);
+      console.error(authError);
+    }
+  };
+  withSocialProvider = async (provider, options) => {
+    try {
+      if ((options == null ? void 0 : options.mode) === "redirect") {
+        const redirectResult = await this.authRedirectResult();
+        if (redirectResult) {
+          if (redirectResult.success) {
+            console.log("Redirect after sign in");
+          }
+          return redirectResult;
+        }
+        await this._signInWithRedirect(provider);
+        return;
+      } else {
+        await this._signInWithPopUp(provider);
+        return {
+          success: true,
+          message: "Sign in successful"
+        };
+      }
+    } catch (error) {
+      return {
+        success: false,
+        message: error.message || `Sign in with ${provider} failed`,
+        error,
+        user: null
+      };
+    }
+  };
+  completeMfaSignIn = async (_mfaToken, _mfaContext) => {
+    throw new Error("Method not implemented.");
+  };
+  sendPasswordResetEmail = async (email) => {
+    console.log(`Sending password reset email to ${email}`);
+  };
+  resendEmailVerification = async () => {
+    const user = this._currentUser;
+    if (!user) {
+      throw new Error("No user is currently signed in");
+    }
+    await user.reload();
+    if (user.emailVerified) {
+      return {
+        success: true,
+        message: "Email is already verified. You can sign in.",
+        isVerified: true
+      };
+    }
+    const actionCodeSettings = {
+      url: "/sign-in",
+      // TODO: Make this configurable
+      handleCodeInApp: true
+    };
+    await (0, import_auth.sendEmailVerification)(user, actionCodeSettings);
+    return {
+      success: true,
+      message: "Verification email sent. Please check your inbox.",
+      isVerified: false
+    };
+  };
+  getProviderConfig(providerName) {
+    switch (providerName.toLowerCase()) {
+      case "google": {
+        const googleProvider = new import_auth.GoogleAuthProvider();
+        return {
+          provider: googleProvider,
+          customParameters: {
+            login_hint: "user@example.com",
+            prompt: "select_account"
+          }
+        };
+      }
+      case "microsoft": {
+        const microsoftProvider = new import_auth.OAuthProvider("microsoft.com");
+        return {
+          provider: microsoftProvider,
+          customParameters: {
+            prompt: "consent"
+          }
+        };
+      }
+      default:
+        throw new Error(`Unsupported provider: ${providerName}`);
+    }
+  }
+  async authRedirectResult() {
+    try {
+      const result = await (0, import_auth.getRedirectResult)(this.auth);
+      if (result) {
+        const user = result.user;
+        return {
+          success: true,
+          user
+        };
+      }
+      return null;
+    } catch (error) {
+      const authError = (0, import_errors.handleFirebaseAuthError)(error);
+      return {
+        success: false,
+        message: authError.message,
+        error: authError.code,
+        user: null
+      };
+    }
+  }
+  async executeAuthMethod(authMethod, providerName) {
+    const config = this.getProviderConfig(providerName);
+    config.provider.setCustomParameters(config.customParameters);
+    try {
+      await authMethod(this.auth, config.provider);
+      return { success: true, message: "Authentication initiated" };
+    } catch (error) {
+      const authError = (0, import_errors.handleFirebaseAuthError)(error);
+      return {
+        success: false,
+        message: authError.message,
+        error: authError.code,
+        user: null
+      };
+    }
+  }
+  async _signInWithRedirect(providerName) {
+    return this.executeAuthMethod(import_auth.signInWithRedirect, providerName);
+  }
+  async _signInWithPopUp(providerName) {
+    return this.executeAuthMethod(import_auth.signInWithPopup, providerName);
+  }
+  async checkRedirectResult() {
+    return this.authRedirectResult();
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  SignIn
+});
+//# sourceMappingURL=SignIn.js.map

package/dist/cjs/resources/SignIn.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/resources/SignIn.ts"],"sourcesContent":["import { handleFirebaseAuthError } from \"@tern-secure/shared/errors\";\nimport type {\n  ResendEmailVerification,\n  SignInFormValuesTree,\n  SignInResource,\n  SignInResponseTree,\n  SignInStatus,\n  TernSecureUser,\n} from \"@tern-secure/types\";\nimport type {\n  Auth,\n  UserCredential} from \"firebase/auth\";\nimport {\n  getRedirectResult,\n  GoogleAuthProvider,\n  OAuthProvider,\n  sendEmailVerification,\n  signInWithEmailAndPassword,\n  signInWithPopup,\n  signInWithRedirect\n} from \"firebase/auth\";\n\nimport { TernSecureBase } from \"./Base\";\n\ninterface ProviderConfig {\n  provider: GoogleAuthProvider | OAuthProvider;\n  customParameters: Record<string, string>;\n}\n\nexport type TernRequestInit = RequestInit;\n\nexport type SignInParams = {\n  idToken: string;\n  csrfToken: string | undefined;\n};\n\n\n\ntype FirebaseAuthResult = UserCredential | void;\n\ntype AuthMethodFunction = (\n  auth: Auth,\n  provider: GoogleAuthProvider | OAuthProvider\n) => Promise<FirebaseAuthResult>;\n\nexport class SignIn extends TernSecureBase implements SignInResource {\n  pathRoot = '/sessions/createsession';\n  \n  status?: SignInStatus | undefined;\n  private auth: Auth;\n  private csrfToken: string | undefined;\n  private _currentUser: TernSecureUser | null = null;\n\n  constructor(auth: Auth, csrfToken: string | undefined) {\n    super();\n    this.auth = auth;\n    this.csrfToken = csrfToken;\n  }\n\n\n  signInWithCredential = async (credential: UserCredential) => {\n    const idToken = await credential.user.getIdToken();\n    const params = {\n      idToken: idToken,\n      csrfToken: this.csrfToken,\n    };\n\n    return this._post({\n      path: this.pathRoot,\n      body: params,\n    });\n  };\n\n  \n\n\n  withEmailAndPassword = async (\n    params: SignInFormValuesTree\n  ): Promise<SignInResponseTree> => {\n    try {\n      const { email, password } = params;\n      const userCredential = await signInWithEmailAndPassword(\n        this.auth,\n        email,\n        password\n      );\n      \n     await this.signInWithCredential(userCredential);\n\n      const { user } = userCredential;\n      return {\n        success: true,\n        message: \"Authentication successful\",\n        user,\n        error: !user.emailVerified ? \"REQUIRES_VERIFICATION\" : \"AUTHENTICATED\",\n      };\n    } catch (error) {\n      const authError = handleFirebaseAuthError(error);\n      return {\n        success: false,\n        message: authError.message,\n        error: authError.code,\n        user: null,\n      };\n    }\n  };\n\n  withCredential = async (params: SignInFormValuesTree): Promise<void> => {\n    try {\n      const { email, password } = params;\n      const userCredential = await signInWithEmailAndPassword(\n        this.auth,\n        email,\n        password\n      );\n      await this.signInWithCredential(userCredential);\n    } catch (error) {\n      const authError = handleFirebaseAuthError(error);\n      console.error(authError);\n    }\n  };\n\n  withSocialProvider = async (\n    provider: string,\n    options?: {\n      mode?: \"popup\" | \"redirect\";\n    }\n  ): Promise<SignInResponseTree | void> => {\n    try {\n      if (options?.mode === \"redirect\") {\n        const redirectResult = await this.authRedirectResult();\n\n        if (redirectResult) {\n          if (redirectResult.success) {\n            console.log(\"Redirect after sign in\");\n          }\n          return redirectResult;\n        }\n\n        await this._signInWithRedirect(provider);\n        return;\n      } else {\n        await this._signInWithPopUp(provider);\n        return {\n          success: true,\n          message: \"Sign in successful\",\n        };\n      }\n    } catch (error: any) {\n      return {\n        success: false,\n        message: error.message || `Sign in with ${provider} failed`,\n        error,\n        user: null,\n      };\n    }\n  };\n\n  completeMfaSignIn = async (\n    _mfaToken: string,\n    _mfaContext?: any\n  ): Promise<SignInResponseTree> => {\n    throw new Error(\"Method not implemented.\");\n  };\n\n  sendPasswordResetEmail = async (email: string): Promise<void> => {\n    console.log(`Sending password reset email to ${email}`);\n  };\n\n  resendEmailVerification = async (): Promise<ResendEmailVerification> => {\n    const user = this._currentUser;\n    if (!user) {\n      throw new Error(\"No user is currently signed in\");\n    }\n\n    await user.reload();\n\n    if (user.emailVerified) {\n      return {\n        success: true,\n        message: \"Email is already verified. You can sign in.\",\n        isVerified: true,\n      };\n    }\n\n    const actionCodeSettings = {\n      url: \"/sign-in\", // TODO: Make this configurable\n      handleCodeInApp: true,\n    };\n\n    await sendEmailVerification(user, actionCodeSettings);\n    return {\n      success: true,\n      message: \"Verification email sent. Please check your inbox.\",\n      isVerified: false,\n    };\n  };\n\n  private getProviderConfig(providerName: string): ProviderConfig {\n    switch (providerName.toLowerCase()) {\n      case \"google\": {\n        const googleProvider = new GoogleAuthProvider();\n        return {\n          provider: googleProvider,\n          customParameters: {\n            login_hint: \"user@example.com\",\n            prompt: \"select_account\",\n          },\n        };\n      }\n      case \"microsoft\": {\n        const microsoftProvider = new OAuthProvider(\"microsoft.com\");\n        return {\n          provider: microsoftProvider,\n          customParameters: {\n            prompt: \"consent\",\n          },\n        };\n      }\n      default:\n        throw new Error(`Unsupported provider: ${providerName}`);\n    }\n  }\n\n  private async authRedirectResult(): Promise<SignInResponseTree | null> {\n    try {\n      const result = await getRedirectResult(this.auth);\n\n      if (result) {\n        const user = result.user;\n        return {\n          success: true,\n          user,\n        };\n      }\n      return null;\n    } catch (error) {\n      const authError = handleFirebaseAuthError(error);\n      return {\n        success: false,\n        message: authError.message,\n        error: authError.code,\n        user: null,\n      };\n    }\n  }\n\n  private async executeAuthMethod(\n    authMethod: AuthMethodFunction,\n    providerName: string\n  ): Promise<SignInResponseTree> {\n    const config = this.getProviderConfig(providerName);\n    config.provider.setCustomParameters(config.customParameters);\n    try {\n      await authMethod(this.auth, config.provider);\n      return { success: true, message: \"Authentication initiated\" };\n    } catch (error) {\n      const authError = handleFirebaseAuthError(error);\n      return {\n        success: false,\n        message: authError.message,\n        error: authError.code,\n        user: null,\n      };\n    }\n  }\n\n  private async _signInWithRedirect(\n    providerName: string\n  ): Promise<SignInResponseTree> {\n    return this.executeAuthMethod(signInWithRedirect, providerName);\n  }\n\n  private async _signInWithPopUp(\n    providerName: string\n  ): Promise<SignInResponseTree> {\n    return this.executeAuthMethod(signInWithPopup, providerName);\n  }\n\n  public async checkRedirectResult(): Promise<SignInResponseTree | null> {\n    return this.authRedirectResult();\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAAwC;AAYxC,kBAQO;AAEP,kBAA+B;AAuBxB,MAAM,eAAe,2BAAyC;AAAA,EACnE,WAAW;AAAA,EAEX;AAAA,EACQ;AAAA,EACA;AAAA,EACA,eAAsC;AAAA,EAE9C,YAAY,MAAY,WAA+B;AACrD,UAAM;AACN,SAAK,OAAO;AACZ,SAAK,YAAY;AAAA,EACnB;AAAA,EAGA,uBAAuB,OAAO,eAA+B;AAC3D,UAAM,UAAU,MAAM,WAAW,KAAK,WAAW;AACjD,UAAM,SAAS;AAAA,MACb;AAAA,MACA,WAAW,KAAK;AAAA,IAClB;AAEA,WAAO,KAAK,MAAM;AAAA,MAChB,MAAM,KAAK;AAAA,MACX,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AAAA,EAKA,uBAAuB,OACrB,WACgC;AAChC,QAAI;AACF,YAAM,EAAE,OAAO,SAAS,IAAI;AAC5B,YAAM,iBAAiB,UAAM;AAAA,QAC3B,KAAK;AAAA,QACL;AAAA,QACA;AAAA,MACF;AAED,YAAM,KAAK,qBAAqB,cAAc;AAE7C,YAAM,EAAE,KAAK,IAAI;AACjB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT;AAAA,QACA,OAAO,CAAC,KAAK,gBAAgB,0BAA0B;AAAA,MACzD;AAAA,IACF,SAAS,OAAO;AACd,YAAM,gBAAY,uCAAwB,KAAK;AAC/C,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,UAAU;AAAA,QACnB,OAAO,UAAU;AAAA,QACjB,MAAM;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA,EAEA,iBAAiB,OAAO,WAAgD;AACtE,QAAI;AACF,YAAM,EAAE,OAAO,SAAS,IAAI;AAC5B,YAAM,iBAAiB,UAAM;AAAA,QAC3B,KAAK;AAAA,QACL;AAAA,QACA;AAAA,MACF;AACA,YAAM,KAAK,qBAAqB,cAAc;AAAA,IAChD,SAAS,OAAO;AACd,YAAM,gBAAY,uCAAwB,KAAK;AAC/C,cAAQ,MAAM,SAAS;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,qBAAqB,OACnB,UACA,YAGuC;AACvC,QAAI;AACF,WAAI,mCAAS,UAAS,YAAY;AAChC,cAAM,iBAAiB,MAAM,KAAK,mBAAmB;AAErD,YAAI,gBAAgB;AAClB,cAAI,eAAe,SAAS;AAC1B,oBAAQ,IAAI,wBAAwB;AAAA,UACtC;AACA,iBAAO;AAAA,QACT;AAEA,cAAM,KAAK,oBAAoB,QAAQ;AACvC;AAAA,MACF,OAAO;AACL,cAAM,KAAK,iBAAiB,QAAQ;AACpC,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS;AAAA,QACX;AAAA,MACF;AAAA,IACF,SAAS,OAAY;AACnB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,MAAM,WAAW,gBAAgB,QAAQ;AAAA,QAClD;AAAA,QACA,MAAM;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA,EAEA,oBAAoB,OAClB,WACA,gBACgC;AAChC,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C;AAAA,EAEA,yBAAyB,OAAO,UAAiC;AAC/D,YAAQ,IAAI,mCAAmC,KAAK,EAAE;AAAA,EACxD;AAAA,EAEA,0BAA0B,YAA8C;AACtE,UAAM,OAAO,KAAK;AAClB,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,MAAM,gCAAgC;AAAA,IAClD;AAEA,UAAM,KAAK,OAAO;AAElB,QAAI,KAAK,eAAe;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS;AAAA,QACT,YAAY;AAAA,MACd;AAAA,IACF;AAEA,UAAM,qBAAqB;AAAA,MACzB,KAAK;AAAA;AAAA,MACL,iBAAiB;AAAA,IACnB;AAEA,cAAM,mCAAsB,MAAM,kBAAkB;AACpD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS;AAAA,MACT,YAAY;AAAA,IACd;AAAA,EACF;AAAA,EAEQ,kBAAkB,cAAsC;AAC9D,YAAQ,aAAa,YAAY,GAAG;AAAA,MAClC,KAAK,UAAU;AACb,cAAM,iBAAiB,IAAI,+BAAmB;AAC9C,eAAO;AAAA,UACL,UAAU;AAAA,UACV,kBAAkB;AAAA,YAChB,YAAY;AAAA,YACZ,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,MACF;AAAA,MACA,KAAK,aAAa;AAChB,cAAM,oBAAoB,IAAI,0BAAc,eAAe;AAC3D,eAAO;AAAA,UACL,UAAU;AAAA,UACV,kBAAkB;AAAA,YAChB,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,MACF;AAAA,MACA;AACE,cAAM,IAAI,MAAM,yBAAyB,YAAY,EAAE;AAAA,IAC3D;AAAA,EACF;AAAA,EAEA,MAAc,qBAAyD;AACrE,QAAI;AACF,YAAM,SAAS,UAAM,+BAAkB,KAAK,IAAI;AAEhD,UAAI,QAAQ;AACV,cAAM,OAAO,OAAO;AACpB,eAAO;AAAA,UACL,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AACA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,YAAM,gBAAY,uCAAwB,KAAK;AAC/C,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,UAAU;AAAA,QACnB,OAAO,UAAU;AAAA,QACjB,MAAM;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,kBACZ,YACA,cAC6B;AAC7B,UAAM,SAAS,KAAK,kBAAkB,YAAY;AAClD,WAAO,SAAS,oBAAoB,OAAO,gBAAgB;AAC3D,QAAI;AACF,YAAM,WAAW,KAAK,MAAM,OAAO,QAAQ;AAC3C,aAAO,EAAE,SAAS,MAAM,SAAS,2BAA2B;AAAA,IAC9D,SAAS,OAAO;AACd,YAAM,gBAAY,uCAAwB,KAAK;AAC/C,aAAO;AAAA,QACL,SAAS;AAAA,QACT,SAAS,UAAU;AAAA,QACnB,OAAO,UAAU;AAAA,QACjB,MAAM;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,oBACZ,cAC6B;AAC7B,WAAO,KAAK,kBAAkB,gCAAoB,YAAY;AAAA,EAChE;AAAA,EAEA,MAAc,iBACZ,cAC6B;AAC7B,WAAO,KAAK,kBAAkB,6BAAiB,YAAY;AAAA,EAC7D;AAAA,EAEA,MAAa,sBAA0D;AACrE,WAAO,KAAK,mBAAmB;AAAA,EACjC;AACF;","names":[]}

package/dist/cjs/resources/SignUp.js

@@ -0,0 +1,43 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var SignUp_exports = {};
+__export(SignUp_exports, {
+  SignUp: () => SignUp
+});
+module.exports = __toCommonJS(SignUp_exports);
+class SignUp {
+  status = null;
+  username = null;
+  firstName = null;
+  lastName = null;
+  email = null;
+  auth;
+  ternSecureConfig;
+  constructor(auth) {
+    this.auth = auth;
+  }
+  withSocialProvider() {
+    throw new Error("Method not implemented.");
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  SignUp
+});
+//# sourceMappingURL=SignUp.js.map

package/dist/cjs/resources/SignUp.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/resources/SignUp.ts"],"sourcesContent":["import type {\n    SignUpResource,\n    SignUpStatus,\n    TernSecureConfig\n} from '@tern-secure/types';\nimport type { Auth } from 'firebase/auth';\n\nexport class SignUp implements SignUpResource {\n    status?: SignUpStatus | null = null;\n    username?: string | null = null;\n    firstName?: string | null = null;\n    lastName?: string | null = null\n    email: string | null = null;\n    private auth: Auth;\n    private ternSecureConfig?: TernSecureConfig;\n\n    constructor(auth: Auth) {\n        this.auth = auth;\n    }\n\n  withSocialProvider(): Promise<void> {\n    throw new Error('Method not implemented.');\n  }\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAOO,MAAM,OAAiC;AAAA,EAC1C,SAA+B;AAAA,EAC/B,WAA2B;AAAA,EAC3B,YAA4B;AAAA,EAC5B,WAA2B;AAAA,EAC3B,QAAuB;AAAA,EACf;AAAA,EACA;AAAA,EAER,YAAY,MAAY;AACpB,SAAK,OAAO;AAAA,EAChB;AAAA,EAEF,qBAAoC;AAClC,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C;AACF;","names":[]}

package/dist/cjs/resources/index.js

@@ -0,0 +1,23 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default"));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var resources_exports = {};
+module.exports = __toCommonJS(resources_exports);
+__reExport(resources_exports, require("./SignIn"), module.exports);
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ...require("./SignIn")
+});
+//# sourceMappingURL=index.js.map

package/dist/cjs/resources/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/resources/index.ts"],"sourcesContent":["export * from './SignIn';"],"mappings":";;;;;;;;;;;;;;;AAAA;AAAA;AAAA,8BAAc,qBAAd;","names":[]}

package/dist/cjs/resources/internal.js

@@ -0,0 +1,33 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default"));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var internal_exports = {};
+module.exports = __toCommonJS(internal_exports);
+__reExport(internal_exports, require("./SignUp"), module.exports);
+__reExport(internal_exports, require("./SignIn"), module.exports);
+__reExport(internal_exports, require("./Base"), module.exports);
+__reExport(internal_exports, require("./AuthCookieManager"), module.exports);
+__reExport(internal_exports, require("../utils"), module.exports);
+__reExport(internal_exports, require("./Error"), module.exports);
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ...require("./SignUp"),
+  ...require("./SignIn"),
+  ...require("./Base"),
+  ...require("./AuthCookieManager"),
+  ...require("../utils"),
+  ...require("./Error")
+});
+//# sourceMappingURL=internal.js.map

package/dist/cjs/resources/internal.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/resources/internal.ts"],"sourcesContent":["export type { TernSecureAuth } from '../instance/TernAuth';\nexport * from './SignUp';\nexport * from './SignIn';\nexport * from './Base';\nexport * from './AuthCookieManager';\nexport * from '../utils';\nexport * from './Error';"],"mappings":";;;;;;;;;;;;;;;AAAA;AAAA;AACA,6BAAc,qBADd;AAEA,6BAAc,qBAFd;AAGA,6BAAc,mBAHd;AAIA,6BAAc,gCAJd;AAKA,6BAAc,qBALd;AAMA,6BAAc,oBANd;","names":[]}

package/dist/cjs/utils/construct.js

@@ -0,0 +1,174 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var construct_exports = {};
+__export(construct_exports, {
+  buildURL: () => buildURL,
+  constructFullUrl: () => constructFullUrl,
+  getPreviousPath: () => getPreviousPath,
+  getValidRedirectUrl: () => getValidRedirectUrl,
+  hasRedirectLoop: () => hasRedirectLoop,
+  storePreviousPath: () => storePreviousPath,
+  toURL: () => toURL,
+  urlWithRedirect: () => urlWithRedirect
+});
+module.exports = __toCommonJS(construct_exports);
+function buildURL(params, options = {}) {
+  const { base, hashPath, hashSearch, searchParams, hashSearchParams, ...rest } = params;
+  const { stringify = true, skipOrigin = false } = options;
+  const baseFallback = typeof window !== "undefined" && window.location ? window.location.href : "http://react-native-fake-base-url";
+  const appendToUrlSearchParams = (target, source) => {
+    if (!source) {
+      return;
+    }
+    if (source instanceof URLSearchParams) {
+      source.forEach((value, key) => {
+        target.set(key, value);
+      });
+    } else if (typeof source === "object") {
+      Object.entries(source).forEach(([key, value]) => {
+        target.set(key, String(value));
+      });
+    }
+  };
+  try {
+    const url = new URL(base || "", baseFallback);
+    if (searchParams) {
+      searchParams.forEach((value, key) => {
+        url.searchParams.set(key, value);
+      });
+    }
+    if (hashPath || hashSearch || hashSearchParams) {
+      const finalHashPath = hashPath || "";
+      const queryForHash = new URLSearchParams(hashSearch || "");
+      if (hashSearchParams) {
+        if (Array.isArray(hashSearchParams)) {
+          hashSearchParams.forEach((item) => appendToUrlSearchParams(queryForHash, item));
+        } else {
+          appendToUrlSearchParams(queryForHash, hashSearchParams);
+        }
+      }
+      const hashQueryString = queryForHash.toString();
+      let combinedHashString = "";
+      if (finalHashPath) {
+        combinedHashString = finalHashPath;
+        if (hashQueryString) {
+          if (combinedHashString.includes("?")) {
+            combinedHashString += "&" + hashQueryString;
+          } else {
+            combinedHashString += "?" + hashQueryString;
+          }
+        }
+      } else {
+        if (hashQueryString) {
+          combinedHashString = hashQueryString;
+        }
+      }
+      if (combinedHashString) {
+        url.hash = combinedHashString;
+      }
+    }
+    if (stringify) {
+      return skipOrigin ? url.href.replace(url.origin, "") : url.href;
+    }
+    return url;
+  } catch (error) {
+    console.error("[TernSecure] Error building URL:", error);
+    const fallbackUrlString = base || "/";
+    if (stringify) {
+      return fallbackUrlString;
+    } else {
+      return new URL(fallbackUrlString, baseFallback);
+    }
+  }
+}
+const constructFullUrl = (path) => {
+  if (typeof window === "undefined") return path;
+  const baseUrl = window.location.origin;
+  if (path.startsWith("http")) {
+    return path;
+  }
+  return `${baseUrl}${path.startsWith("/") ? path : `/${path}`}`;
+};
+const hasRedirectLoop = (currentPath, redirectPath) => {
+  if (!currentPath || !redirectPath) return false;
+  const cleanCurrentPath = currentPath.split("?")[0];
+  const cleanRedirectPath = redirectPath.split("?")[0];
+  return cleanCurrentPath === cleanRedirectPath;
+};
+const urlWithRedirect = (options) => {
+  const { signInUrl, signInPathParam = "/sign-in", currentPath, signUpUrl, signUpPathParam = "/sign-up" } = options;
+  const baseUrl = window.location.origin;
+  if (typeof window === "undefined") {
+    return signInUrl;
+  }
+  const url = new URL(signInUrl, baseUrl);
+  if (!currentPath.includes(signInPathParam) && !currentPath.includes(signUpPathParam)) {
+    url.searchParams.set("redirect", currentPath);
+  }
+  return url.toString();
+};
+const storePreviousPath = (path) => {
+  if (typeof window !== "undefined") {
+    sessionStorage.setItem("previousPath", path);
+  }
+};
+const getPreviousPath = () => {
+  if (typeof window !== "undefined") {
+    return sessionStorage.getItem("previousPath");
+  }
+  return null;
+};
+const getValidRedirectUrl = (searchParams, configuredRedirect) => {
+  const urlRedirect = searchParams.get("redirect");
+  if (urlRedirect) {
+    return validateUrl(urlRedirect);
+  }
+  if (configuredRedirect) {
+    return validateUrl(configuredRedirect);
+  }
+  return "/";
+};
+const validateUrl = (url) => {
+  try {
+    if (url.startsWith("http")) {
+      const urlObj = new URL(url);
+      if (typeof window !== "undefined" && urlObj.origin !== window.location.origin) {
+        return "/";
+      }
+    }
+    return "/";
+  } catch {
+    return "/";
+  }
+};
+function toURL(url) {
+  return new URL(url.toString(), window.location.origin);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  buildURL,
+  constructFullUrl,
+  getPreviousPath,
+  getValidRedirectUrl,
+  hasRedirectLoop,
+  storePreviousPath,
+  toURL,
+  urlWithRedirect
+});
+//# sourceMappingURL=construct.js.map

package/dist/cjs/utils/construct.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/utils/construct.ts"],"sourcesContent":["//v2: redict with taking priority from the sign-in page\n\nexport type constructUrlWithRedirectProps = {\n  signInUrl: string;\n  signInPathParam?: string;\n  currentPath: string;\n  signUpUrl?: string;\n  signUpPathParam?: string;\n};\n\ninterface BuildURLParams extends Partial<URL> {\n  base?: string;\n  hashPath?: string;\n  hashSearch?: string;\n  hashSearchParams?: URLSearchParams | Record<string, string> | Array<URLSearchParams | Record<string, string>>;\n}\n\ninterface BuildURLOptions<T> {\n  skipOrigin?: boolean;\n  stringify?: T;\n}\n\n/**\n *\n * buildURL(params: URLParams, options: BuildURLOptions): string\n *\n * Builds a URL safely by using the native URL() constructor. It can\n * also build a secondary path and search URL that lives inside the hash\n * of the main URL. For example:\n *\n * https://foo.com/bar?qux=42#/hash-bar?hash-qux=42\n *\n * References:\n * https://developer.mozilla.org/en-US/docs/Web/API/URL\n *\n * @param {BuildURLParams} params\n * @param {BuildURLOptions} options\n * @returns {URL | string} Returns the URL href\n */\nexport function buildURL<B extends boolean>(\n  params: BuildURLParams,\n  options?: BuildURLOptions<B>,\n): B extends true ? string : URL;\n\n/**\n * Builds a URL from given parameters, handling search and hash parameters\n * @param params - The parameters to construct the URL\n * @param options - Options for building the URL\n * @returns The constructed URL as a string or URL object\n */\nexport function buildURL(params: BuildURLParams, options: BuildURLOptions<boolean> = {}): URL | string {\n  const { base, hashPath, hashSearch, searchParams, hashSearchParams, ...rest} = params;\n  const { stringify = true, skipOrigin = false } = options;\n\n  const baseFallback =\n    typeof window !== 'undefined' && window.location ? window.location.href : 'http://react-native-fake-base-url';\n\n  // Helper function to append parameters to a URLSearchParams object\n  const appendToUrlSearchParams = (\n    target: URLSearchParams,\n    source: URLSearchParams | Record<string, string> | undefined | null,\n  ) => {\n    if (!source) {\n      return;\n    }\n    if (source instanceof URLSearchParams) {\n      source.forEach((value, key) => {\n        target.set(key, value);\n      });\n    } else if (typeof source === 'object') {\n      Object.entries(source).forEach(([key, value]) => {\n        target.set(key, String(value));\n      });\n    }\n  };\n\n  try {\n    const url = new URL(base || '', baseFallback);\n\n    // Handle search parameters\n    // params.searchParams comes from Partial<URL>, so it's URLSearchParams | undefined\n    if (searchParams) {\n      searchParams.forEach((value, key) => {\n        url.searchParams.set(key, value);\n      });\n    }\n\n    // Handle hash-related parameters\n    if (hashPath || hashSearch || hashSearchParams) {\n      const finalHashPath = hashPath || '';\n      const queryForHash = new URLSearchParams(hashSearch || '');\n\n      if (hashSearchParams) {\n        if (Array.isArray(hashSearchParams)) {\n          hashSearchParams.forEach(item => appendToUrlSearchParams(queryForHash, item));\n        } else {\n          appendToUrlSearchParams(queryForHash, hashSearchParams);\n        }\n      }\n\n      const hashQueryString = queryForHash.toString();\n      let combinedHashString = '';\n\n      if (finalHashPath) {\n        combinedHashString = finalHashPath;\n        if (hashQueryString) {\n          if (combinedHashString.includes('?')) {\n            combinedHashString += '&' + hashQueryString;\n          } else {\n            combinedHashString += '?' + hashQueryString;\n          }\n        }\n      } else {\n        // No hashPath\n        if (hashQueryString) {\n          // If only query, it forms the hash content directly.\n          // e.g. \"param=value\" or \"?param=value\" are both valid after '#'\n          combinedHashString = hashQueryString;\n        }\n      }\n\n      if (combinedHashString) {\n        url.hash = combinedHashString;\n      }\n    }\n\n    if (stringify) {\n      return skipOrigin ? url.href.replace(url.origin, '') : url.href;\n    }\n    return url;\n  } catch (error) {\n    console.error('[TernSecure] Error building URL:', error);\n    const fallbackUrlString = base || '/';\n    if (stringify) {\n      return fallbackUrlString;\n    } else {\n      // Attempt to create a URL object for the fallback\n      return new URL(fallbackUrlString, baseFallback);\n    }\n  }\n}\n\n/**\n * Constructs a full URL with the current origin\n * @param path - The path to construct the URL for\n * @returns The full URL with origin\n */\nexport const constructFullUrl = (path: string) => {\n  if (typeof window === 'undefined') return path;\n  const baseUrl = window.location.origin;\n  if (path.startsWith('http')) {\n    return path;\n  }\n  return `${baseUrl}${path.startsWith('/') ? path : `/${path}`}`;\n};\n\n/**\n * Checks if the current URL has a redirect loop\n * @param currentPath - The current pathname\n * @param redirectPath - The path we're trying to redirect to\n * @returns boolean indicating if there's a redirect loop\n */\nexport const hasRedirectLoop = (currentPath: string, redirectPath: string): boolean => {\n  if (!currentPath || !redirectPath) return false;\n\n  // Remove any query parameters for comparison\n  const cleanCurrentPath = currentPath.split('?')[0];\n  const cleanRedirectPath = redirectPath.split('?')[0];\n\n  return cleanCurrentPath === cleanRedirectPath;\n};\n\nexport const urlWithRedirect = (options: constructUrlWithRedirectProps): string => {\n  const { signInUrl, signInPathParam = '/sign-in', currentPath, signUpUrl, signUpPathParam = '/sign-up' } = options;\n\n  const baseUrl = window.location.origin;\n\n  if (typeof window === 'undefined') {\n    return signInUrl;\n  }\n\n  const url = new URL(signInUrl, baseUrl);\n\n  if (!currentPath.includes(signInPathParam) && !currentPath.includes(signUpPathParam)) {\n    url.searchParams.set('redirect', currentPath);\n  }\n\n  return url.toString();\n};\n\n/**\n * Stores the current path before signing out\n */\nexport const storePreviousPath = (path: string): void => {\n  if (typeof window !== 'undefined') {\n    sessionStorage.setItem('previousPath', path);\n  }\n};\n\n/**\n * Gets the stored previous path\n */\nexport const getPreviousPath = (): string | null => {\n  if (typeof window !== 'undefined') {\n    return sessionStorage.getItem('previousPath');\n  }\n  return null;\n};\n\n/**\n * Gets a validated redirect URL ensuring it's from the same origin\n * @param redirectUrl - The URL to validate\n * @param searchParams - The search parameters to check for redirect\n * @returns A validated redirect URL\n */\nexport const getValidRedirectUrl = (searchParams: URLSearchParams, configuredRedirect?: string): string => {\n  // Check URL search param first (highest priority)\n  const urlRedirect = searchParams.get('redirect');\n  if (urlRedirect) {\n    return validateUrl(urlRedirect);\n  }\n\n  // Then check configured redirect (for first visits)\n  if (configuredRedirect) {\n    return validateUrl(configuredRedirect);\n  }\n\n  // Default fallback\n  return '/';\n};\n\n/**\n * Validates and sanitizes URLs\n */\nconst validateUrl = (url: string): string => {\n  try {\n    // For absolute URLs\n    if (url.startsWith('http')) {\n      const urlObj = new URL(url);\n      if (typeof window !== 'undefined' && urlObj.origin !== window.location.origin) {\n        return '/';\n      }\n    }\n\n    // For relative URLs\n    return '/';\n  } catch {\n    return '/';\n  }\n};\n\nexport function toURL(url: string | URL): URL {\n  return new URL(url.toString(), window.location.origin);\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAkDO,SAAS,SAAS,QAAwB,UAAoC,CAAC,GAAiB;AACrG,QAAM,EAAE,MAAM,UAAU,YAAY,cAAc,kBAAkB,GAAG,KAAI,IAAI;AAC/E,QAAM,EAAE,YAAY,MAAM,aAAa,MAAM,IAAI;AAEjD,QAAM,eACJ,OAAO,WAAW,eAAe,OAAO,WAAW,OAAO,SAAS,OAAO;AAG5E,QAAM,0BAA0B,CAC9B,QACA,WACG;AACH,QAAI,CAAC,QAAQ;AACX;AAAA,IACF;AACA,QAAI,kBAAkB,iBAAiB;AACrC,aAAO,QAAQ,CAAC,OAAO,QAAQ;AAC7B,eAAO,IAAI,KAAK,KAAK;AAAA,MACvB,CAAC;AAAA,IACH,WAAW,OAAO,WAAW,UAAU;AACrC,aAAO,QAAQ,MAAM,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AAC/C,eAAO,IAAI,KAAK,OAAO,KAAK,CAAC;AAAA,MAC/B,CAAC;AAAA,IACH;AAAA,EACF;AAEA,MAAI;AACF,UAAM,MAAM,IAAI,IAAI,QAAQ,IAAI,YAAY;AAI5C,QAAI,cAAc;AAChB,mBAAa,QAAQ,CAAC,OAAO,QAAQ;AACnC,YAAI,aAAa,IAAI,KAAK,KAAK;AAAA,MACjC,CAAC;AAAA,IACH;AAGA,QAAI,YAAY,cAAc,kBAAkB;AAC9C,YAAM,gBAAgB,YAAY;AAClC,YAAM,eAAe,IAAI,gBAAgB,cAAc,EAAE;AAEzD,UAAI,kBAAkB;AACpB,YAAI,MAAM,QAAQ,gBAAgB,GAAG;AACnC,2BAAiB,QAAQ,UAAQ,wBAAwB,cAAc,IAAI,CAAC;AAAA,QAC9E,OAAO;AACL,kCAAwB,cAAc,gBAAgB;AAAA,QACxD;AAAA,MACF;AAEA,YAAM,kBAAkB,aAAa,SAAS;AAC9C,UAAI,qBAAqB;AAEzB,UAAI,eAAe;AACjB,6BAAqB;AACrB,YAAI,iBAAiB;AACnB,cAAI,mBAAmB,SAAS,GAAG,GAAG;AACpC,kCAAsB,MAAM;AAAA,UAC9B,OAAO;AACL,kCAAsB,MAAM;AAAA,UAC9B;AAAA,QACF;AAAA,MACF,OAAO;AAEL,YAAI,iBAAiB;AAGnB,+BAAqB;AAAA,QACvB;AAAA,MACF;AAEA,UAAI,oBAAoB;AACtB,YAAI,OAAO;AAAA,MACb;AAAA,IACF;AAEA,QAAI,WAAW;AACb,aAAO,aAAa,IAAI,KAAK,QAAQ,IAAI,QAAQ,EAAE,IAAI,IAAI;AAAA,IAC7D;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,YAAQ,MAAM,oCAAoC,KAAK;AACvD,UAAM,oBAAoB,QAAQ;AAClC,QAAI,WAAW;AACb,aAAO;AAAA,IACT,OAAO;AAEL,aAAO,IAAI,IAAI,mBAAmB,YAAY;AAAA,IAChD;AAAA,EACF;AACF;AAOO,MAAM,mBAAmB,CAAC,SAAiB;AAChD,MAAI,OAAO,WAAW,YAAa,QAAO;AAC1C,QAAM,UAAU,OAAO,SAAS;AAChC,MAAI,KAAK,WAAW,MAAM,GAAG;AAC3B,WAAO;AAAA,EACT;AACA,SAAO,GAAG,OAAO,GAAG,KAAK,WAAW,GAAG,IAAI,OAAO,IAAI,IAAI,EAAE;AAC9D;AAQO,MAAM,kBAAkB,CAAC,aAAqB,iBAAkC;AACrF,MAAI,CAAC,eAAe,CAAC,aAAc,QAAO;AAG1C,QAAM,mBAAmB,YAAY,MAAM,GAAG,EAAE,CAAC;AACjD,QAAM,oBAAoB,aAAa,MAAM,GAAG,EAAE,CAAC;AAEnD,SAAO,qBAAqB;AAC9B;AAEO,MAAM,kBAAkB,CAAC,YAAmD;AACjF,QAAM,EAAE,WAAW,kBAAkB,YAAY,aAAa,WAAW,kBAAkB,WAAW,IAAI;AAE1G,QAAM,UAAU,OAAO,SAAS;AAEhC,MAAI,OAAO,WAAW,aAAa;AACjC,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,IAAI,IAAI,WAAW,OAAO;AAEtC,MAAI,CAAC,YAAY,SAAS,eAAe,KAAK,CAAC,YAAY,SAAS,eAAe,GAAG;AACpF,QAAI,aAAa,IAAI,YAAY,WAAW;AAAA,EAC9C;AAEA,SAAO,IAAI,SAAS;AACtB;AAKO,MAAM,oBAAoB,CAAC,SAAuB;AACvD,MAAI,OAAO,WAAW,aAAa;AACjC,mBAAe,QAAQ,gBAAgB,IAAI;AAAA,EAC7C;AACF;AAKO,MAAM,kBAAkB,MAAqB;AAClD,MAAI,OAAO,WAAW,aAAa;AACjC,WAAO,eAAe,QAAQ,cAAc;AAAA,EAC9C;AACA,SAAO;AACT;AAQO,MAAM,sBAAsB,CAAC,cAA+B,uBAAwC;AAEzG,QAAM,cAAc,aAAa,IAAI,UAAU;AAC/C,MAAI,aAAa;AACf,WAAO,YAAY,WAAW;AAAA,EAChC;AAGA,MAAI,oBAAoB;AACtB,WAAO,YAAY,kBAAkB;AAAA,EACvC;AAGA,SAAO;AACT;AAKA,MAAM,cAAc,CAAC,QAAwB;AAC3C,MAAI;AAEF,QAAI,IAAI,WAAW,MAAM,GAAG;AAC1B,YAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,UAAI,OAAO,WAAW,eAAe,OAAO,WAAW,OAAO,SAAS,QAAQ;AAC7E,eAAO;AAAA,MACT;AAAA,IACF;AAGA,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,MAAM,KAAwB;AAC5C,SAAO,IAAI,IAAI,IAAI,SAAS,GAAG,OAAO,SAAS,MAAM;AACvD;","names":[]}

package/dist/cjs/utils/index.js

@@ -0,0 +1,25 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default"));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var utils_exports = {};
+module.exports = __toCommonJS(utils_exports);
+__reExport(utils_exports, require("./construct"), module.exports);
+__reExport(utils_exports, require("./querystring"), module.exports);
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ...require("./construct"),
+  ...require("./querystring")
+});
+//# sourceMappingURL=index.js.map

package/dist/cjs/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/utils/index.ts"],"sourcesContent":["export * from './construct';\nexport * from './querystring';\n"],"mappings":";;;;;;;;;;;;;;;AAAA;AAAA;AAAA,0BAAc,wBAAd;AACA,0BAAc,0BADd;","names":[]}