@tern-secure/types 1.0.0

package/dist/index.d.mts

@@ -0,0 +1,717 @@
+/**
+ * TernSecure User
+ */
+interface IdTokenResult {
+    authTime: string;
+    expirationTime: string;
+    issuedAtTime: string;
+    signInProvider: string | null;
+    signInSecondFactor: string | null;
+    token: string;
+    claims: Record<string, any>;
+}
+interface UserInfo {
+    displayName: string | null;
+    email: string | null;
+    phoneNumber: string | null;
+    photoURL: string | null;
+    providerId: string;
+    uid: string;
+}
+interface TernSecureUser extends UserInfo {
+    emailVerified: boolean;
+    isAnonymous: boolean;
+    metadata: {
+        creationTime?: string;
+        lastSignInTime?: string;
+    };
+    providerData: UserInfo[];
+    refreshToken: string;
+    tenantId: string | null;
+    delete(): Promise<void>;
+    getIdToken(forceRefresh?: boolean): Promise<string>;
+    getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>;
+    reload(): Promise<void>;
+    toJSON(): object;
+}
+type TernSecureUserData = {
+    uid: string;
+    email: string | null;
+    emailVerified?: boolean;
+    displayName?: string | null;
+};
+/**
+ * TernSecure Firebase configuration interface
+ * Extends Firebase's base configuration options
+ */
+interface TernSecureConfig {
+    apiKey: string;
+    authDomain: string;
+    projectId: string;
+    storageBucket: string;
+    messagingSenderId: string;
+    appId: string;
+    measurementId?: string;
+    appName?: string;
+}
+/**
+ * Configuration validation result
+ */
+interface ConfigValidationResult {
+    isValid: boolean;
+    errors: string[];
+    config: TernSecureConfig;
+}
+/**
+ * TernSecure initialization options
+ */
+interface TernSecureOptions {
+    /** Environment setting for different configurations */
+    environment?: 'development' | 'production';
+    /** Geographic region for data storage */
+    region?: string;
+    /** Custom error handler */
+    onError?: (error: Error) => void;
+    /** Debug mode flag */
+    debug?: boolean;
+}
+/**
+ * Firebase initialization state
+ */
+interface FirebaseState {
+    /** Whether Firebase has been initialized */
+    initialized: boolean;
+    /** Any initialization errors */
+    error: Error | null;
+    /** Timestamp of last initialization attempt */
+    lastInitAttempt?: number;
+}
+/**
+ * Firebase Admin configuration interface
+ */
+interface TernSecureAdminConfig {
+    projectId: string;
+    clientEmail: string;
+    privateKey: string;
+}
+/**
+ * Firebase Admin configuration validation result
+ */
+interface AdminConfigValidationResult {
+    isValid: boolean;
+    errors: string[];
+    config: TernSecureAdminConfig;
+}
+
+type ErrorCode = keyof typeof ERRORS;
+interface AuthErrorResponse {
+    success: false;
+    message: string;
+    code: ErrorCode;
+}
+interface AuthErrorTree extends Error {
+    code?: any | string;
+    message: string;
+    response?: any | string;
+}
+interface SignInResponseTree {
+    success: boolean;
+    message?: string;
+    error?: any | undefined;
+    user?: any;
+}
+declare const ERRORS: {
+    readonly SERVER_SIDE_INITIALIZATION: "TernSecure must be initialized on the client side";
+    readonly REQUIRES_VERIFICATION: "AUTH_REQUIRES_VERIFICATION";
+    readonly AUTHENTICATED: "AUTHENTICATED";
+    readonly UNAUTHENTICATED: "UNAUTHENTICATED";
+    readonly UNVERIFIED: "UNVERIFIED";
+    readonly NOT_INITIALIZED: "TernSecure services are not initialized. Call initializeTernSecure() first";
+    readonly HOOK_CONTEXT: "Hook must be used within TernSecureProvider";
+    readonly EMAIL_NOT_VERIFIED: "EMAIL_NOT_VERIFIED";
+    readonly INVALID_CREDENTIALS: "INVALID_CREDENTIALS";
+    readonly USER_DISABLED: "USER_DISABLED";
+    readonly TOO_MANY_ATTEMPTS: "TOO_MANY_ATTEMPTS";
+    readonly NETWORK_ERROR: "NETWORK_ERROR";
+    readonly INVALID_EMAIL: "INVALID_EMAIL";
+    readonly WEAK_PASSWORD: "WEAK_PASSWORD";
+    readonly EMAIL_EXISTS: "EMAIL_EXISTS";
+    readonly POPUP_BLOCKED: "POPUP_BLOCKED";
+    readonly OPERATION_NOT_ALLOWED: "OPERATION_NOT_ALLOWED";
+    readonly EXPIRED_TOKEN: "EXPIRED_TOKEN";
+    readonly INVALID_TOKEN: "INVALID_TOKEN";
+    readonly SESSION_EXPIRED: "SESSION_EXPIRED";
+    readonly INTERNAL_ERROR: "INTERNAL_ERROR";
+    readonly UNKNOWN_ERROR: "An unknown error occurred.";
+    readonly INVALID_ARGUMENT: "Invalid argument provided.";
+    readonly USER_NOT_FOUND: "auth/user-not-found";
+    readonly WRONG_PASSWORD: "auth/wrong-password";
+    readonly EMAIL_ALREADY_IN_USE: "auth/email-already-in-use";
+    readonly REQUIRES_RECENT_LOGIN: "auth/requires-recent-login";
+    readonly NO_SESSION_COOKIE: "No session cookie found.";
+    readonly INVALID_SESSION_COOKIE: "Invalid session cookie.";
+    readonly NO_ID_TOKEN: "No ID token found.";
+    readonly INVALID_ID_TOKEN: "Invalid ID token.";
+    readonly REDIRECT_LOOP: "Redirect loop detected.";
+};
+type AuthErrorCode = keyof typeof ERRORS;
+declare class TernSecureError extends Error {
+    code: ErrorCode;
+    constructor(code: ErrorCode, message?: string);
+}
+/**
+ * Handles Firebase authentication errors with multiple fallback mechanisms
+ */
+declare function handleFirebaseAuthError(error: unknown): AuthErrorResponse;
+/**
+ * Type guard to check if a response is an AuthErrorResponse
+ */
+declare function isAuthErrorResponse(response: unknown): response is AuthErrorResponse;
+declare function getErrorAlertVariant(error: any | undefined): "destructive" | "default";
+
+/**
+ * Defines the basic structure for color theming.
+ */
+interface ThemeColors {
+    primary?: string;
+    secondary?: string;
+    accent?: string;
+    background?: string;
+    text?: string;
+    error?: string;
+    success?: string;
+}
+/**
+ * Defines the basic structure for font theming.
+ */
+interface ThemeFonts {
+    primary?: string;
+    secondary?: string;
+}
+/**
+ * Defines the basic structure for spacing and layout theming.
+ */
+interface ThemeSpacing {
+    small?: string | number;
+    medium?: string | number;
+    large?: string | number;
+}
+/**
+ * Defines the basic structure for border radius theming.
+ */
+interface ThemeBorderRadius {
+    small?: string | number;
+    medium?: string | number;
+    large?: string | number;
+}
+/**
+ * Allows for overriding styles of specific UI components.
+ * Properties can be CSS-in-JS objects or class names, depending on implementation.
+ */
+interface ThemeComponentStyles {
+    button?: Record<string, any> | string;
+    input?: Record<string, any> | string;
+    card?: Record<string, any> | string;
+    label?: Record<string, any> | string;
+}
+/**
+ * Defines the overall appearance/theme configuration.
+ * This allows for broad customization of the UI components.
+ */
+interface Appearance {
+    colors?: ThemeColors;
+    fonts?: ThemeFonts;
+    spacing?: ThemeSpacing;
+    borderRadius?: ThemeBorderRadius;
+    componentStyles?: ThemeComponentStyles;
+    variables?: Record<string, string | number>;
+}
+/**
+ * Base UI configuration shared between SignIn and SignUp
+ */
+interface BaseAuthUIConfig {
+    /** Visual appearance configuration */
+    appearance?: Appearance;
+    /** Application logo URL or SVG string */
+    logo?: string;
+    /** Application name for display */
+    appName?: string;
+    /** Render mode for cross-platform support */
+    renderMode?: 'modal' | 'page' | 'embedded';
+    /** Layout direction */
+    layout?: 'vertical' | 'horizontal';
+    /** Custom loading message */
+    loadingMessage?: string;
+    /** Loading spinner variant */
+    loadingSpinnerVariant?: 'circular' | 'linear' | 'dots';
+    /** Accessibility configuration */
+    a11y?: {
+        /** ARIA labels and descriptions */
+        labels?: Record<string, string>;
+        /** Element to receive initial focus */
+        initialFocus?: string;
+        /** Whether to trap focus within the auth UI */
+        trapFocus?: boolean;
+    };
+}
+/**
+ * Sign-in specific UI configuration
+ */
+interface SignInUIConfig extends BaseAuthUIConfig {
+    /** Social sign-in buttons configuration */
+    socialButtons?: {
+        google?: boolean;
+        microsoft?: boolean;
+        github?: boolean;
+        facebook?: boolean;
+        twitter?: boolean;
+        apple?: boolean;
+        linkedin?: boolean;
+        layout?: 'vertical' | 'horizontal';
+        size?: 'small' | 'medium' | 'large';
+    };
+    /** "Remember me" checkbox configuration */
+    rememberMe?: {
+        enabled?: boolean;
+        defaultChecked?: boolean;
+    };
+    /** Sign-up link configuration */
+    signUpLink?: {
+        enabled?: boolean;
+        text?: string;
+        href?: string;
+    };
+}
+/**
+ * Sign-up specific UI configuration
+ */
+interface SignUpUIConfig extends BaseAuthUIConfig {
+    /** Password requirements display configuration */
+    passwordRequirements?: {
+        show?: boolean;
+        rules?: Array<{
+            rule: string;
+            description: string;
+        }>;
+    };
+    /** Terms and conditions configuration */
+    terms?: {
+        enabled?: boolean;
+        text?: string;
+        link?: string;
+    };
+}
+
+interface TernSecureSession {
+    token: string | null;
+    expiresAt?: number;
+}
+type SignInFormValues = {
+    email: string;
+    password: string;
+    phoneNumber?: string;
+};
+type SignInInitialValue = Partial<SignInFormValues>;
+type SignUpFormValues = {
+    email: string;
+    password: string;
+    confirmPassword?: string;
+    displayName?: string;
+};
+type SignUpInitialValue = Partial<SignUpFormValues>;
+interface SignInResponse {
+    success: boolean;
+    message?: string;
+    error?: any | undefined;
+    user?: any;
+}
+interface AuthError extends Error {
+    code?: any | string;
+    message: string;
+    response?: SignInResponse;
+}
+declare function isSignInResponse(value: any): value is SignInResponse;
+interface AuthActions {
+    signInWithEmail: (email: string, password: string) => Promise<SignInResponse>;
+    signInWithGoogle: () => Promise<void>;
+    signInWithMicrosoft: () => Promise<void>;
+    signOut: () => Promise<void>;
+    getRedirectResult: () => Promise<any>;
+    getIdToken: () => Promise<string | null>;
+    createUserWithEmailAndPassword?: (email: string, password: string) => Promise<SignInResponse>;
+    sendEmailVerification?: (user: TernSecureUser) => Promise<void>;
+}
+interface RedirectConfig {
+    redirectUrl?: string;
+    isReturn?: boolean;
+    priority?: number;
+}
+interface SignInProps extends RedirectConfig {
+    initialValue?: SignInInitialValue;
+    logo?: string;
+    appName?: string;
+    appearance?: Appearance;
+    onError?: (error: AuthError) => void;
+    onSuccess?: (user: TernSecureUser | null) => void;
+}
+/**
+ * SignUpProps interface defines the properties for the sign-up component.
+ * It extends RedirectConfig to include redirect-related properties.
+ */
+interface SignUpProps extends RedirectConfig {
+    initialValue?: SignUpInitialValue;
+    logo?: string;
+    appName?: string;
+    appearance?: Appearance;
+    onError?: (error: AuthError) => void;
+    onSuccess?: (user: TernSecureUser | null) => void;
+}
+/**
+ * Defines the contract for a TernSecure instance.
+ * This instance provides authentication state, user information, and methods
+ * for managing the authentication lifecycle. It is designed to be used by
+ * UI packages like tern-ui, which act as "dumb" renderers.
+ */
+interface TernSecureInstance {
+    /** Indicates if the user is currently signed in. */
+    isSignedIn: () => boolean;
+    /** The current authenticated user object, or null if not signed in. */
+    user: TernSecureUser | null;
+    /** The current user session information, or null if not signed in. */
+    session: TernSecureSession | null;
+    /** Initiates the sign-out process for the current user. */
+    signOut: () => Promise<void>;
+    /**
+     * Prepares or signals to mount the sign-in interface.
+     * @param options Optional configuration or initial state for the sign-in UI, conforming to SignInProps.
+     */
+    mountSignIn: (options?: SignInProps) => void;
+    /** Cleans up or signals to unmount the sign-in interface. */
+    unmountSignIn: () => void;
+    /**
+     * Prepares or signals to mount the sign-up interface.
+     * @param options Optional configuration or initial state for the sign-up UI, conforming to SignUpProps.
+     */
+    mountSignUp: (options?: SignUpProps) => void;
+    /** Cleans up or signals to unmount the sign-up interface. */
+    unmountSignUp: () => void;
+    /**
+     * Determines if a redirect is necessary based on the current authentication
+     * state and the given path.
+     * @param currentPath The current URL path.
+     * @returns True if a redirect is needed, false otherwise, or a string path to redirect to.
+     */
+    shouldRedirect: (currentPath: string) => boolean | string;
+    /**
+     * Constructs a URL, appending necessary redirect parameters.
+     * Useful for redirecting back to the original page after authentication.
+     * @param baseUrl The base URL to which redirect parameters should be added.
+     * @returns The new URL string with redirect parameters.
+     */
+    constructUrlWithRedirect: (baseUrl: string) => string;
+    /**
+     * Redirects the user to the configured login page.
+     * @param redirectUrl Optional URL to redirect to after successful login.
+     */
+    redirectToLogin: (redirectUrl?: string) => void;
+    /** Indicates if an authentication operation is currently in progress. */
+    isLoading: boolean;
+    /** Holds any error that occurred during an authentication operation, or null otherwise. */
+    error: Error | null;
+    /** Indicates if the user has verified their email address. */
+    sendVerificationEmail: () => Promise<void>;
+}
+
+type SessionStatus = 'active' | 'expired' | 'revoked' | 'pending';
+/**
+ * parsed can be replaced with
+ */
+declare interface ParsedToken {
+    /** Expiration time of the token. */
+    'exp'?: string;
+    /** UID of the user. */
+    'sub'?: string;
+    /** Time at which authentication was performed. */
+    'auth_time'?: string;
+    /** Issuance time of the token. */
+    'iat'?: string;
+    /** Firebase specific claims, containing the provider(s) used to authenticate the user. */
+    'firebase'?: {
+        'sign_in_provider'?: string;
+        'sign_in_second_factor'?: string;
+        'identities'?: Record<string, string>;
+    };
+    /** Map of any additional custom claims. */
+    [key: string]: unknown;
+}
+/**
+ * Core properties for any session that is or was authenticated.
+ * These properties are guaranteed to exist for active, expired, or revoked sessions.
+ */
+interface AuthenticatedSessionBase {
+    /** The Firebase Auth ID token JWT string. */
+    token: string;
+    /** The ID token expiration time (e.g., UTC string or Unix timestamp). */
+    expirationTime: string;
+    /** The ID token issuance time. */
+    issuedAtTime: string;
+    /** Time at which authentication was performed (from token claims). */
+    authTime: string;
+    /**
+    * The entire payload claims of the ID token including the standard reserved claims
+    * as well as custom claims.
+    */
+    claims: ParsedToken;
+    /**
+    * Time the user last signed in.
+    * This could be from Firebase User metadata or persisted by TernSecure.
+    */
+    lastSignedAt?: number;
+    /** signInProvider */
+    signInProvider: string;
+}
+/**
+ * Represents a session when the user is authenticated and the token is considered active.
+ */
+interface ActiveSession extends AuthenticatedSessionBase {
+    status: 'active';
+}
+/**
+ * Represents a session when the user was authenticated, but the token has expired.
+ */
+interface ExpiredSession extends AuthenticatedSessionBase {
+    status: 'expired';
+}
+/**
+ * Represents a session that is awaiting some action.
+ */
+interface PendingSession extends AuthenticatedSessionBase {
+    status: 'pending';
+}
+/**
+ * Defines the possible states of a user's session within TernSecure.
+ * This is a discriminated union based on the `status` property.
+ * The actual `TernSecureUser` (Firebase User object) is typically stored separately,
+ * for example, in `TernSecureInstanceTree.auth.user`.
+ */
+type TernSecureSessionTree = ActiveSession | ExpiredSession;
+type SignedInSession = ActiveSession | PendingSession | ExpiredSession;
+
+type SignInStatus = 'idle' | 'pending_email_password' | 'pending_social' | 'pending_mfa' | 'redirecting' | 'success' | 'error';
+type SignInFormValuesTree = {
+    email: string;
+    password: string;
+    phoneNumber?: string;
+};
+type SignInInitialValueTree = Partial<SignInFormValuesTree>;
+interface ResendEmailVerification extends SignInResponseTree {
+    isVerified?: boolean;
+}
+declare function isSignInResponseTree(value: any): value is SignInResponseTree;
+interface SignInResource {
+    /**
+     * The current status of the sign-in process.
+     */
+    status?: SignInStatus;
+    /**
+     * Signs in a user with their email and password.
+     * @param params - The sign-in form values.
+     * @returns A promise that resolves with the sign-in response.
+     */
+    withEmailAndPassword: (params: SignInFormValuesTree) => Promise<SignInResponseTree>;
+    /**
+     * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').
+     * @param options - Optional configuration for the social sign-in flow.
+     * @returns A promise that resolves with the sign-in response or void if redirecting.
+     */
+    withSocialProvider: (provider: string, options?: {
+        mode?: 'popup' | 'redirect';
+    }) => Promise<SignInResponseTree | void>;
+    /**
+     * Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.
+     * @param mfaToken - The MFA token or code submitted by the user.
+     * @param mfaContext - Optional context or session data from the MFA initiation step.
+     * @returns A promise that resolves with the sign-in response upon successful MFA verification.
+     */
+    completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponseTree>;
+    /**
+     * Sends a password reset email to the given email address.
+     * @param email - The user's email address.
+     * @returns A promise that resolves when the email is sent.
+     */
+    sendPasswordResetEmail: (email: string) => Promise<void>;
+    /**
+     * Resends the email verification link to the user's email address.
+     * @returns A promise that resolves with the sign-in response.
+     */
+    resendEmailVerification: () => Promise<ResendEmailVerification>;
+}
+
+interface SignUpResource {
+    status?: SignUpStatus | null;
+    username?: string | null;
+    firstName?: string | null;
+    lastName?: string | null;
+    displayName?: string | null;
+    email: string | null;
+    phoneNumber?: string | null;
+    /**
+     * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').
+     * @param options - Optional configuration for the social sign-in flow.
+     * @returns A promise that resolves with the sign-in response or void if redirecting.
+     */
+    withSocialProvider: (provider: string, options?: {
+        mode?: 'popup' | 'redirect';
+    }) => Promise<SignInResponseTree | void>;
+}
+type SignUpStatus = 'missing_requirements' | 'complete' | 'abandoned';
+
+interface TernSecureState {
+    userId: string | null;
+    isLoaded: boolean;
+    error: Error | null;
+    isValid: boolean;
+    isVerified: boolean;
+    isAuthenticated: boolean;
+    token: any | null;
+    email: string | null;
+    status: "loading" | "authenticated" | "unauthenticated" | "unverified";
+    requiresVerification?: boolean;
+    user?: TernSecureUser | null;
+}
+type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';
+declare const DEFAULT_TERN_SECURE_STATE: TernSecureState;
+interface TernSecureAuthProvider {
+    /** Current auth state */
+    internalAuthState: TernSecureState;
+    /** Current user*/
+    ternSecureUser(): TernSecureUser | null;
+    /** Current session */
+    currentSession: SignedInSession | null;
+    /** Sign in resource for authentication operations */
+    signIn: SignInResource;
+    /** SignUp resource for authentication operations */
+    signUp: SignUpResource;
+    /** The Firebase configuration used by this TernAuth instance. */
+    ternSecureConfig?: TernSecureConfig;
+    /** Sign out the current user */
+    signOut(): Promise<void>;
+}
+
+type SignInRedirectUrl = {
+    signInForceRedirectUrl?: string | null;
+};
+type SignUpRedirectUrl = {
+    signUpForceRedirectUrl?: string | null;
+};
+type RedirectOptions = SignInRedirectUrl | SignUpRedirectUrl;
+
+type Mode = 'browser' | 'server';
+type TernSecureInstanceTreeOptions = {
+    initialSession?: TernSecureSessionTree | null;
+    defaultAppearance?: Appearance;
+    signInUrl?: string;
+    signUpUrl?: string;
+    mode?: Mode;
+    onAuthStateChanged?: (user: TernSecureUser | null) => void;
+    onError?: (error: AuthErrorTree) => void;
+    environment?: string | undefined;
+    requireverification?: boolean;
+    ternSecureConfig?: TernSecureConfig;
+} & SignInRedirectUrl & SignUpRedirectUrl;
+type TernSecureInstanceTreeStatus = 'error' | 'loading' | 'ready';
+/**
+ * Instance interface for managing auth UI state
+ */
+interface TernSecureInstanceTree {
+    customDomain?: string;
+    proxyUrl?: string;
+    apiKey?: string;
+    projectId?: string;
+    environment?: string | undefined;
+    mode?: Mode;
+    isReady: boolean;
+    status: TernSecureInstanceTreeStatus;
+    isVisible: boolean;
+    currentView: 'signIn' | 'signUp' | 'verify' | null;
+    isLoading: boolean;
+    error: Error | null;
+    /** Authentication State */
+    auth: {
+        /** Current authenticated user */
+        user: TernSecureUser | null;
+        /** Current session information */
+        session: SignedInSession | null;
+    };
+    /** Core Authentication Methods */
+    ternAuth: TernSecureAuthProvider | undefined;
+    showSignIn: (targetNode: HTMLDivElement, config?: SignInPropsTree) => void;
+    hideSignIn: (targetNode: HTMLDivElement) => void;
+    showSignUp: (targetNode: HTMLDivElement, config?: SignUpPropsTree) => void;
+    hideSignUp: (targetNode: HTMLDivElement) => void;
+    showUserButton: (targetNode: HTMLDivElement) => void;
+    hideUserButton: (targetNode: HTMLDivElement) => void;
+    clearError: () => void;
+    setLoading: (isLoading: boolean) => void;
+    /** Get redirect result from OAuth flows */
+    getRedirectResult: () => Promise<any>;
+    /** Check if redirect is needed */
+    shouldRedirect: (currentPath: string) => boolean | string;
+    /** Construct URL with redirect parameters */
+    constructUrlWithRedirect: (to: string) => string;
+    /** Navigate to SignIn page */
+    redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;
+    /** Navigate to SignUp page */
+    redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;
+    redirectAfterSignIn: () => void;
+    redirectAfterSignUp: () => void;
+    /** Error and Event Handling */
+    events: {
+        /** Subscribe to auth state changes */
+        onAuthStateChanged: (callback: (authState: TernSecureState) => void) => () => void;
+        /** Subscribe to error events */
+        onError: (callback: (error: AuthErrorTree) => void) => () => void;
+        /** Status */
+        onStatusChanged: (callback: (status: TernSecureInstanceTreeStatus) => void) => () => void;
+    };
+}
+type SignUpFormValuesTree = {
+    email: string;
+    password: string;
+    confirmPassword?: string;
+    displayName?: string;
+};
+type SignUpInitialValueTree = Partial<SignUpFormValuesTree>;
+/**
+ * Props for SignIn component focusing on UI concerns
+ */
+type SignInPropsTree = {
+    /** URL to navigate to after successfully sign-in */
+    forceRedirectUrl?: string | null;
+    /** Initial form values */
+    initialValue?: SignInInitialValueTree;
+    /** UI configuration */
+    ui?: SignInUIConfig;
+    /** Callbacks */
+    onError?: (error: AuthErrorTree) => void;
+    onSuccess?: (user: TernSecureUser | null) => void;
+} & SignUpRedirectUrl;
+/**
+ * Props for SignUp component focusing on UI concerns
+ */
+type SignUpPropsTree = {
+    /** URL to navigate to after successfully sign-up */
+    forceRedirectUrl?: string | null;
+    /** Initial form values */
+    initialValue?: SignUpInitialValueTree;
+    /** UI configuration */
+    ui?: SignUpUIConfig;
+    /** Callbacks */
+    onSubmit?: (values: SignUpFormValuesTree) => Promise<void>;
+    onError?: (error: AuthErrorTree) => void;
+    onSuccess?: (user: TernSecureUser | null) => void;
+} & SignInRedirectUrl;
+type SignInRedirectOptions = RedirectOptions;
+type SignUpRedirectOptions = RedirectOptions;
+
+export { type ActiveSession, type AdminConfigValidationResult, type Appearance, type AuthActions, type AuthError, type AuthErrorCode, type AuthErrorResponse, type AuthErrorTree, type AuthProviderStatus, type BaseAuthUIConfig, type ConfigValidationResult, DEFAULT_TERN_SECURE_STATE, ERRORS, type ErrorCode, type ExpiredSession, type FirebaseState, type IdTokenResult, type ParsedToken, type PendingSession, type RedirectConfig, type RedirectOptions, type ResendEmailVerification, type SessionStatus, type SignInFormValuesTree, type SignInInitialValue, type SignInInitialValueTree, type SignInProps, type SignInPropsTree, type SignInRedirectOptions, type SignInRedirectUrl, type SignInResource, type SignInResponse, type SignInResponseTree, type SignInStatus, type SignInUIConfig, type SignUpFormValuesTree, type SignUpInitialValue, type SignUpInitialValueTree, type SignUpProps, type SignUpPropsTree, type SignUpRedirectOptions, type SignUpRedirectUrl, type SignUpResource, type SignUpStatus, type SignUpUIConfig, type SignedInSession, type TernSecureAdminConfig, type TernSecureAuthProvider, type TernSecureConfig, TernSecureError, type TernSecureInstance, type TernSecureInstanceTree, type TernSecureInstanceTreeOptions, type TernSecureInstanceTreeStatus, type TernSecureOptions, type TernSecureSession, type TernSecureSessionTree, type TernSecureState, type TernSecureUser, type TernSecureUserData, type ThemeBorderRadius, type ThemeColors, type ThemeComponentStyles, type ThemeFonts, type ThemeSpacing, type UserInfo, getErrorAlertVariant, handleFirebaseAuthError, isAuthErrorResponse, isSignInResponse, isSignInResponseTree };