@tern-secure/types 1.1.0-canary.v20251003171521 → 1.1.0-canary.v20251008165428

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/esm/index.js +0 -6
  2. package/dist/esm/index.js.map +1 -1
  3. package/dist/index.d.mts +218 -282
  4. package/dist/index.d.ts +218 -282
  5. package/dist/index.js +0 -7
  6. package/dist/index.js.map +1 -1
  7. package/package.json +1 -1
package/dist/esm/index.js CHANGED
@@ -34,11 +34,6 @@ var ERRORS = {
34
34
  REDIRECT_LOOP: "Redirect loop detected."
35
35
  };
36
36
 
37
- // src/ternsecure.ts
38
- function isSignInResponse(value) {
39
- return typeof value === "object" && "success" in value && typeof value.success === "boolean";
40
- }
41
-
42
37
  // src/auth.ts
43
38
  var DEFAULT_TERN_SECURE_STATE = {
44
39
  userId: null,
@@ -60,7 +55,6 @@ function isSignInResponseTree(value) {
60
55
  export {
61
56
  DEFAULT_TERN_SECURE_STATE,
62
57
  ERRORS,
63
- isSignInResponse,
64
58
  isSignInResponseTree
65
59
  };
66
60
  //# sourceMappingURL=index.js.map
package/dist/esm/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/errors.ts","../../src/ternsecure.ts","../../src/auth.ts","../../src/signIn.ts"],"sourcesContent":["\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { \n TernSecureUser \n} from './all';\nimport type { Appearance } from './theme';\n\nexport interface TernSecureSession {\n token: string | null;\n expiresAt?: number;\n}\n\ntype SignInFormValues = {\n email: string;\n password: string;\n phoneNumber?: string;\n}\n\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\ntype SignUpFormValues = {\n email: string;\n password: string;\n confirmPassword?: string;\n displayName?: string;\n};\n\n\nexport type SignUpInitialValue = Partial<SignUpFormValues>;\n\nexport interface SignInResponse {\n success: boolean;\n message?: string;\n error?: any | undefined;\n user?: any;\n}\n\nexport interface AuthError extends Error {\n code?: any | string \n message: string\n response?: SignInResponse\n}\n\nexport function isSignInResponse(value: any): value is SignInResponse {\n return typeof value === \"object\" && \"success\" in value && typeof value.success === \"boolean\"\n}\n\nexport interface AuthActions {\n signInWithEmail: (email: string, password: string) => Promise<SignInResponse>;\n signInWithGoogle: () => Promise<void>;\n signInWithMicrosoft: () => Promise<void>;\n signOut: () => Promise<void>;\n getRedirectResult: () => Promise<any>;\n getIdToken: () => Promise<string | null>;\n createUserWithEmailAndPassword?: (email: string, password: string) => Promise<SignInResponse>;\n sendEmailVerification?: (user: TernSecureUser) => Promise<void>;\n}\n\nexport interface RedirectConfig {\n // URL to redirect to after successful authentication\n redirectUrl?: string\n // Whether this is a return visit (e.g. after sign out)\n isReturn?: boolean\n // Priority of the redirect (higher number = higher priority)\n priority?: number\n}\n\n\nexport interface SignInProps extends RedirectConfig {\n initialValue?: SignInInitialValue;\n logo?: string\n appName?: string\n appearance?: Appearance;\n onError?: (error: AuthError) => void;\n onSuccess?: (user: TernSecureUser | null) => void;\n}\n\n\n/**\n * SignUpProps interface defines the properties for the sign-up component.\n * It extends RedirectConfig to include redirect-related properties.\n */\nexport interface SignUpProps extends RedirectConfig {\n initialValue?: SignUpInitialValue;\n logo?: string\n appName?: string\n appearance?: Appearance;\n onError?: (error: AuthError) => void;\n onSuccess?: (user: TernSecureUser | null) => void;\n}\n\n/**\n * Defines the contract for a TernSecure instance.\n * This instance provides authentication state, user information, and methods\n * for managing the authentication lifecycle. It is designed to be used by\n * UI packages like tern-ui, which act as \"dumb\" renderers.\n */\nexport interface TernSecureInstanceOld {\n /** Indicates if the user is currently signed in. */\n isSignedIn: () => boolean;\n\n /** The current authenticated user object, or null if not signed in. */\n user: TernSecureUser | null;\n\n /** The current user session information, or null if not signed in. */\n session: TernSecureSession | null;\n\n /** Initiates the sign-out process for the current user. */\n signOut: () => Promise<void>;\n\n /**\n * Prepares or signals to mount the sign-in interface.\n * @param options Optional configuration or initial state for the sign-in UI, conforming to SignInProps.\n */\n mountSignIn: (options?: SignInProps) => void;\n\n /** Cleans up or signals to unmount the sign-in interface. */\n unmountSignIn: () => void;\n\n /**\n * Prepares or signals to mount the sign-up interface.\n * @param options Optional configuration or initial state for the sign-up UI, conforming to SignUpProps.\n */\n mountSignUp: (options?: SignUpProps) => void;\n\n /** Cleans up or signals to unmount the sign-up interface. */\n unmountSignUp: () => void;\n\n /**\n * Determines if a redirect is necessary based on the current authentication\n * state and the given path.\n * @param currentPath The current URL path.\n * @returns True if a redirect is needed, false otherwise, or a string path to redirect to.\n */\n shouldRedirect: (currentPath: string) => boolean | string;\n\n /**\n * Constructs a URL, appending necessary redirect parameters.\n * Useful for redirecting back to the original page after authentication.\n * @param baseUrl The base URL to which redirect parameters should be added.\n * @returns The new URL string with redirect parameters.\n */\n constructUrlWithRedirect: (baseUrl: string) => string;\n\n /**\n * Redirects the user to the configured login page.\n * @param redirectUrl Optional URL to redirect to after successful login.\n */\n redirectToLogin: (redirectUrl?: string) => void;\n\n /** Indicates if an authentication operation is currently in progress. */\n isLoading: boolean;\n\n /** Holds any error that occurred during an authentication operation, or null otherwise. */\n error: Error | null;\n \n /** Indicates if the user has verified their email address. */\n sendVerificationEmail: () => Promise<void>;\n}","import type { SignedInSession } from \"session\";\nimport type { SignUpResource } from \"signUp\";\n\nimport type { InstanceType,TernSecureConfig, TernSecureUser } from \"./all\";\nimport type { DecodedIdToken } from \"./jwt\";\nimport type {\n AfterSignOutUrl,\n SignInRedirectUrl,\n SignUpRedirectUrl,\n} from \"./redirect\";\nimport type { AuthErrorResponse,SignInResource } from \"./signIn\";\n\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: \"loading\" | \"authenticated\" | \"unauthenticated\" | \"unverified\";\n user?: TernSecureUser | null;\n}\n\nexport type AuthProviderStatus = \"idle\" | \"pending\" | \"error\" | \"success\";\n\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: \"loading\",\n user: null,\n};\n\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = \"local\" | \"session\" | \"browserCookie\" | \"none\";\n\ntype Mode = \"browser\" | \"server\";\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type TernSecureAuthOptions = {\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n mode?: Mode;\n requiresVerification?: boolean;\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n} & SignInRedirectUrl &\n SignUpRedirectUrl &\n AfterSignOutUrl;\n\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (\n payload: TernAuthEventPayload[Events]\n) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = \"error\" | \"loading\" | \"ready\";\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>, opt?: { notify?: boolean }\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>\n) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n domain: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize(options?: TernSecureAuthOptions): Promise<void>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n}\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n","import type { ErrorCode} from \"./errors\";\n\nexport type SignInStatus =\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\nexport type SignInFormValuesTree = {\n email: string;\n password: string;\n phoneNumber?: string;\n};\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\n\nexport interface SignInResponseTree {\n success: boolean;\n message?: string;\n error?: any | undefined;\n user?: any;\n}\n\n\nexport type SignInInitialValueTree = Partial<SignInFormValuesTree>;\n\n\nexport interface ResendEmailVerification extends SignInResponseTree {\n isVerified?: boolean;\n}\n\nexport function isSignInResponseTree(value: any): value is SignInResponseTree {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n\nexport interface SignInResource {\n /**\n * The current status of the sign-in process.\n */\n status?: SignInStatus;\n /**\n * Signs in a user with their email and password.\n * @param params - The sign-in form values.\n * @returns A promise that resolves with the sign-in response.\n */\n withEmailAndPassword: (params: SignInFormValuesTree) => Promise<SignInResponseTree>;\n /**\n * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').\n * @param options - Optional configuration for the social sign-in flow.\n * @returns A promise that resolves with the sign-in response or void if redirecting.\n */\n withSocialProvider: (provider: string, options?: { mode?: 'popup' | 'redirect' }) => Promise<SignInResponseTree | void>;\n /**\n * Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.\n * @param mfaToken - The MFA token or code submitted by the user.\n * @param mfaContext - Optional context or session data from the MFA initiation step.\n * @returns A promise that resolves with the sign-in response upon successful MFA verification.\n */\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponseTree>;\n /**\n * Sends a password reset email to the given email address.\n * @param email - The user's email address.\n * @returns A promise that resolves when the email is sent.\n */\n sendPasswordResetEmail: (email: string) => Promise<void>;\n /**\n * Resends the email verification link to the user's email address.\n * @returns A promise that resolves with the sign-in response.\n */\n resendEmailVerification: () => Promise<ResendEmailVerification>;\n /**\n * Checks the result of a redirect-based sign-in flow, typically used in OAuth or SSO scenarios.\n * @returns A promise that resolves with the sign-in response or null if no result is available.\n */\n checkRedirectResult: () => Promise<SignInResponseTree | null>;\n}"],"mappings":";AAMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACGO,SAAS,iBAAiB,OAAqC;AACpE,SAAO,OAAO,UAAU,YAAY,aAAa,SAAS,OAAO,MAAM,YAAY;AACrF;;;ACVO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACCO,SAAS,qBAAqB,OAAyC;AAC5E,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
1
+ {"version":3,"sources":["../../src/errors.ts","../../src/auth.ts","../../src/signIn.ts"],"sourcesContent":["\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInRedirectUrl,\n SignUpRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInInitialValue, SignInResource } from './signIn';\n\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type TernSecureAuthOptions = {\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n mode?: Mode;\n requiresVerification?: boolean;\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n} & SignInRedirectUrl &\n SignUpRedirectUrl &\n AfterSignOutUrl;\n\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n domain: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize(options?: TernSecureAuthOptions): Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport type SignUpFormValues = {\n email: string;\n password: string;\n confirmPassword?: string;\n displayName?: string;\n};\n\nexport type SignUpInitialValue = Partial<SignUpFormValues>;\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = {\n /** Routing Path */\n path?: string;\n /** URL to navigate to after successfully sign-in */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignInInitialValue;\n /** Callbacks */\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignUpRedirectUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = {\n /** URL to navigate to after successfully sign-up */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignUpInitialValue;\n /** Callbacks */\n onSubmit?: (values: SignUpFormValues) => Promise<void>;\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignInRedirectUrl;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n","import type { ErrorCode} from \"./errors\";\n\nexport type SignInStatus =\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\nexport type SignInFormValues = {\n email: string;\n password: string;\n phoneNumber?: string;\n};\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\n\nexport interface SignInResponse {\n success: boolean;\n message?: string;\n error?: any | undefined;\n user?: any;\n}\n\n\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport interface ResendEmailVerification extends SignInResponse {\n isVerified?: boolean;\n}\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n\nexport interface SignInResource {\n /**\n * The current status of the sign-in process.\n */\n status?: SignInStatus;\n /**\n * Signs in a user with their email and password.\n * @param params - The sign-in form values.\n * @returns A promise that resolves with the sign-in response.\n */\n withEmailAndPassword: (params: SignInFormValues) => Promise<SignInResponse>;\n /**\n * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').\n * @param options - Optional configuration for the social sign-in flow.\n * @returns A promise that resolves with the sign-in response or void if redirecting.\n */\n withSocialProvider: (provider: string, options?: { mode?: 'popup' | 'redirect' }) => Promise<SignInResponse | void>;\n /**\n * Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.\n * @param mfaToken - The MFA token or code submitted by the user.\n * @param mfaContext - Optional context or session data from the MFA initiation step.\n * @returns A promise that resolves with the sign-in response upon successful MFA verification.\n */\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n /**\n * Sends a password reset email to the given email address.\n * @param email - The user's email address.\n * @returns A promise that resolves when the email is sent.\n */\n sendPasswordResetEmail: (email: string) => Promise<void>;\n /**\n * Resends the email verification link to the user's email address.\n * @returns A promise that resolves with the sign-in response.\n */\n resendEmailVerification: () => Promise<ResendEmailVerification>;\n /**\n * Checks the result of a redirect-based sign-in flow, typically used in OAuth or SSO scenarios.\n * @returns A promise that resolves with the sign-in response or null if no result is available.\n */\n checkRedirectResult: () => Promise<SignInResponse| null>;\n}"],"mappings":";AAMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACJO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACAO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}