@tern-secure/types 1.1.0-canary.v20251020032343 → 1.1.0-canary.v20251023005301
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/index.js +1 -0
- package/dist/esm/index.js.map +1 -1
- package/dist/index.d.mts +151 -15
- package/dist/index.d.ts +151 -15
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/esm/index.js
CHANGED
|
@@ -27,6 +27,7 @@ var ERRORS = {
|
|
|
27
27
|
WRONG_PASSWORD: "auth/wrong-password",
|
|
28
28
|
EMAIL_ALREADY_IN_USE: "auth/email-already-in-use",
|
|
29
29
|
REQUIRES_RECENT_LOGIN: "auth/requires-recent-login",
|
|
30
|
+
INCORRECT_ARGUMENT: "auth/argument-error",
|
|
30
31
|
NO_SESSION_COOKIE: "No session cookie found.",
|
|
31
32
|
INVALID_SESSION_COOKIE: "Invalid session cookie.",
|
|
32
33
|
NO_ID_TOKEN: "No ID token found.",
|
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/errors.ts","../../src/auth.ts","../../src/signIn.ts"],"sourcesContent":["\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInRedirectUrl,\n SignUpRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInInitialValue, SignInResource } from './signIn';\n\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n}\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n}\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\nexport type TernSecureAuthOptions = {\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n mode?: Mode;\n requiresVerification?: boolean;\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n} & SignInRedirectUrl &\n SignUpRedirectUrl &\n AfterSignOutUrl;\n\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n domain: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize(options?: TernSecureAuthOptions): Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport type SignUpFormValues = {\n email: string;\n password: string;\n confirmPassword?: string;\n displayName?: string;\n};\n\nexport type SignUpInitialValue = Partial<SignUpFormValues>;\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = {\n /** Routing Path */\n path?: string;\n /** URL to navigate to after successfully sign-in */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignInInitialValue;\n /** Callbacks */\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignUpRedirectUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = {\n /** URL to navigate to after successfully sign-up */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignUpInitialValue;\n /** Callbacks */\n onSubmit?: (values: SignUpFormValues) => Promise<void>;\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignInRedirectUrl;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\n","import type { UserCredential } from \"./all\";\nimport type { ErrorCode} from \"./errors\";\n\nexport type SignInStatus =\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\nexport type SignInFormValues = {\n email: string;\n password: string;\n phoneNumber?: string;\n};\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse = \n | SignInSuccessResponse \n | SignInErrorResponse \n | SignInPendingResponse;\n\n\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n\nexport interface SignInResource {\n /**\n * The current status of the sign-in process.\n */\n status?: SignInStatus;\n /**\n * Signs in a user with their email and password.\n * @param params - The sign-in form values.\n * @returns A promise that resolves with the sign-in response.\n */\n withEmailAndPassword: (params: SignInFormValues) => Promise<SignInResponse>;\n /**\n * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').\n * @param options - Optional configuration for the social sign-in flow.\n * @returns A promise that resolves with the sign-in response or void if redirecting.\n */\n withSocialProvider: (provider: string, options?: { mode?: 'popup' | 'redirect' }) => Promise<SignInResponse | void>;\n /**\n * Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.\n * @param mfaToken - The MFA token or code submitted by the user.\n * @param mfaContext - Optional context or session data from the MFA initiation step.\n * @returns A promise that resolves with the sign-in response upon successful MFA verification.\n */\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n /**\n * Sends a password reset email to the given email address.\n * @param email - The user's email address.\n * @returns A promise that resolves when the email is sent.\n */\n sendPasswordResetEmail: (email: string) => Promise<void>;\n /**\n * Resends the email verification link to the user's email address.\n * @returns A promise that resolves with the sign-in response.\n */\n resendEmailVerification: () => Promise<ResendEmailVerification>;\n /**\n * Checks the result of a redirect-based sign-in flow, typically used in OAuth or SSO scenarios.\n * @returns A promise that resolves with the sign-in response or null if no result is available.\n */\n checkRedirectResult: () => Promise<SignInResponse| null>;\n}"],"mappings":";AAMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACGO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACUO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../src/errors.ts","../../src/auth.ts","../../src/signIn.ts"],"sourcesContent":["\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n INCORRECT_ARGUMENT: \"auth/argument-error\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInFallbackRedirectUrl,\n SignInForceRedirectUrl,\n SignUpFallbackRedirectUrl,\n SignUpForceRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInInitialValue, SignInResource } from './signIn';\n\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n};\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n};\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\n/**\n * Navigation options used to replace or push history changes.\n * Both `routerPush` & `routerReplace` OR none options should be passed.\n */\ntype TernSecureOptionsNavigation =\n | {\n /**\n * A function which takes the destination path as an argument and performs a \"push\" navigation.\n */\n routerPush?: never;\n /**\n * A function which takes the destination path as an argument and performs a \"replace\" navigation.\n */\n routerReplace?: never;\n routerDebug?: boolean;\n }\n | {\n routerPush: RouterFn;\n routerReplace: RouterFn;\n routerDebug?: boolean;\n };\n\nexport type TernSecureAuthOptions = TernSecureOptionsNavigation &\n SignInForceRedirectUrl &\n SignInFallbackRedirectUrl &\n SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl & {\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n mode?: Mode;\n requiresVerification?: boolean;\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n /**\n * An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectOrigins?: Array<string | RegExp>;\n /**\n * An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectProtocols?: Array<string>;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n };\n\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\nexport interface NavigateOptions {\n replace?: boolean;\n metadata?: RouterMetadata;\n}\n\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n domain: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize: (options?: TernSecureAuthOptions) => Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /**\n * @param {string} to\n */\n constructUrlWithAuthRedirect(to: string): string;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport type SignUpFormValues = {\n email: string;\n password: string;\n confirmPassword?: string;\n displayName?: string;\n};\n\nexport type SignUpInitialValue = Partial<SignUpFormValues>;\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = {\n /** Routing Path */\n path?: string;\n /** URL to navigate to after successfully sign-in */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignInInitialValue;\n /** Callbacks */\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignUpForceRedirectUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = {\n /** URL to navigate to after successfully sign-up */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignUpInitialValue;\n /** Callbacks */\n onSubmit?: (values: SignUpFormValues) => Promise<void>;\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignInForceRedirectUrl;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\nexport type RoutingStrategy = 'path' | 'hash' | 'virtual';\n\n/**\n * Internal is a navigation type that affects the component\n *\n */\ntype NavigationType =\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes after the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to /sign-in/factor-one is an internal navigation\n */\n | 'internal'\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes before the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to / is an external navigation\n */\n | 'external'\n /**\n * Window navigations are navigations towards a different origin\n * and are not handled by the TernSecure component or the host app router.\n */\n | 'window';\n\ntype RouterMetadata = { routing?: RoutingStrategy; navigationType?: NavigationType };\n\n/**\n * @inline\n */\ntype RouterFn = (\n /**\n * The destination path\n */\n to: string,\n /**\n * Optional metadata\n */\n metadata?: {\n /**\n * @internal\n */\n __internal_metadata?: RouterMetadata;\n /**\n * Provide a function to be used for navigation.\n */\n windowNavigate: (to: URL | string) => void;\n },\n) => Promise<unknown> | unknown;\n","import type { UserCredential } from \"./all\";\nimport type { ErrorCode} from \"./errors\";\n\nexport type SignInStatus =\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\nexport type SignInFormValues = {\n email: string;\n password: string;\n phoneNumber?: string;\n};\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse = \n | SignInSuccessResponse \n | SignInErrorResponse \n | SignInPendingResponse;\n\n\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n/**\n * social provider options that allow to specify custom parameters\n */\nexport interface SocialProviderOptions {\n /** Authentication mode - popup or redirect */\n mode?: 'popup' | 'redirect';\n /** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */\n customParameters?: Record<string, string>;\n /** OAuth scopes to request from the provider */\n scopes?: string[];\n}\n\n\nexport interface SignInResource {\n /**\n * The current status of the sign-in process.\n */\n status?: SignInStatus;\n /**\n * Signs in a user with their email and password.\n * @param params - The sign-in form values.\n * @returns A promise that resolves with the sign-in response.\n */\n withEmailAndPassword: (params: SignInFormValues) => Promise<SignInResponse>;\n /**\n * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').\n * @param options - Optional configuration for the social sign-in flow.\n * @returns A promise that resolves with the sign-in response or void if redirecting.\n */\n withSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse | void>;\n /**\n * Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.\n * @param mfaToken - The MFA token or code submitted by the user.\n * @param mfaContext - Optional context or session data from the MFA initiation step.\n * @returns A promise that resolves with the sign-in response upon successful MFA verification.\n */\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n /**\n * Sends a password reset email to the given email address.\n * @param email - The user's email address.\n * @returns A promise that resolves when the email is sent.\n */\n sendPasswordResetEmail: (email: string) => Promise<void>;\n /**\n * Resends the email verification link to the user's email address.\n * @returns A promise that resolves with the sign-in response.\n */\n resendEmailVerification: () => Promise<ResendEmailVerification>;\n /**\n * Checks the result of a redirect-based sign-in flow, typically used in OAuth or SSO scenarios.\n * @returns A promise that resolves with the sign-in response or null if no result is available.\n */\n checkRedirectResult: () => Promise<SignInResponse| null>;\n}"],"mappings":";AAMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,oBAAoB;AAAA,EACpB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACIO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACQO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|
package/dist/index.d.mts
CHANGED
|
@@ -252,6 +252,7 @@ declare const ERRORS: {
|
|
|
252
252
|
readonly WRONG_PASSWORD: "auth/wrong-password";
|
|
253
253
|
readonly EMAIL_ALREADY_IN_USE: "auth/email-already-in-use";
|
|
254
254
|
readonly REQUIRES_RECENT_LOGIN: "auth/requires-recent-login";
|
|
255
|
+
readonly INCORRECT_ARGUMENT: "auth/argument-error";
|
|
255
256
|
readonly NO_SESSION_COOKIE: "No session cookie found.";
|
|
256
257
|
readonly INVALID_SESSION_COOKIE: "Invalid session cookie.";
|
|
257
258
|
readonly NO_ID_TOKEN: "No ID token found.";
|
|
@@ -336,6 +337,7 @@ interface TernSecureHandlerOptions {
|
|
|
336
337
|
sessions?: SessionEndpointConfig;
|
|
337
338
|
};
|
|
338
339
|
tenantId?: string | null;
|
|
340
|
+
revokeRefreshTokensOnSignOut?: boolean;
|
|
339
341
|
enableCustomToken?: boolean;
|
|
340
342
|
debug?: boolean;
|
|
341
343
|
environment?: 'development' | 'production' | 'test';
|
|
@@ -426,6 +428,17 @@ interface ResendEmailVerification {
|
|
|
426
428
|
isVerified?: boolean;
|
|
427
429
|
}
|
|
428
430
|
declare function isSignInResponseTree(value: any): value is SignInResponse;
|
|
431
|
+
/**
|
|
432
|
+
* social provider options that allow to specify custom parameters
|
|
433
|
+
*/
|
|
434
|
+
interface SocialProviderOptions {
|
|
435
|
+
/** Authentication mode - popup or redirect */
|
|
436
|
+
mode?: 'popup' | 'redirect';
|
|
437
|
+
/** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */
|
|
438
|
+
customParameters?: Record<string, string>;
|
|
439
|
+
/** OAuth scopes to request from the provider */
|
|
440
|
+
scopes?: string[];
|
|
441
|
+
}
|
|
429
442
|
interface SignInResource {
|
|
430
443
|
/**
|
|
431
444
|
* The current status of the sign-in process.
|
|
@@ -442,9 +455,7 @@ interface SignInResource {
|
|
|
442
455
|
* @param options - Optional configuration for the social sign-in flow.
|
|
443
456
|
* @returns A promise that resolves with the sign-in response or void if redirecting.
|
|
444
457
|
*/
|
|
445
|
-
withSocialProvider: (provider: string, options
|
|
446
|
-
mode?: 'popup' | 'redirect';
|
|
447
|
-
}) => Promise<SignInResponse | void>;
|
|
458
|
+
withSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse | void>;
|
|
448
459
|
/**
|
|
449
460
|
* Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.
|
|
450
461
|
* @param mfaToken - The MFA token or code submitted by the user.
|
|
@@ -554,16 +565,56 @@ type Jwt = {
|
|
|
554
565
|
};
|
|
555
566
|
};
|
|
556
567
|
|
|
557
|
-
|
|
568
|
+
/**
|
|
569
|
+
* @deprecated This will be removed in a future release.
|
|
570
|
+
*/
|
|
571
|
+
type LegacyRedirectProps = {
|
|
572
|
+
/**
|
|
573
|
+
* @deprecated Use `fallbackRedirectUrl` or `forceRedirectUrl` instead.
|
|
574
|
+
*/
|
|
575
|
+
afterSignInUrl?: string | null;
|
|
576
|
+
/**
|
|
577
|
+
* @deprecated Use `fallbackRedirectUrl` or `forceRedirectUrl` instead.
|
|
578
|
+
*/
|
|
579
|
+
afterSignUpUrl?: string | null;
|
|
580
|
+
/**
|
|
581
|
+
* @deprecated Use `fallbackRedirectUrl` or `forceRedirectUrl` instead.
|
|
582
|
+
*/
|
|
583
|
+
redirectUrl?: string | null;
|
|
584
|
+
};
|
|
585
|
+
type RedirectOptions = SignInForceRedirectUrl & SignInFallbackRedirectUrl & SignUpForceRedirectUrl & SignUpFallbackRedirectUrl & LegacyRedirectProps;
|
|
586
|
+
type RedirectUrlProp = {
|
|
587
|
+
/**
|
|
588
|
+
* Full URL or path to navigate to after a successful action.
|
|
589
|
+
*/
|
|
590
|
+
redirectUrl?: string | null;
|
|
591
|
+
};
|
|
592
|
+
type SignInForceRedirectUrl = {
|
|
558
593
|
signInForceRedirectUrl?: string | null;
|
|
559
594
|
};
|
|
560
|
-
type
|
|
595
|
+
type SignInFallbackRedirectUrl = {
|
|
596
|
+
/**
|
|
597
|
+
* The fallback URL to redirect to after the user signs in, if there's no `redirect_url` in the path already.
|
|
598
|
+
* @default '/'
|
|
599
|
+
*/
|
|
600
|
+
signInFallbackRedirectUrl?: string | null;
|
|
601
|
+
};
|
|
602
|
+
type SignUpForceRedirectUrl = {
|
|
561
603
|
signUpForceRedirectUrl?: string | null;
|
|
562
604
|
};
|
|
605
|
+
type SignUpFallbackRedirectUrl = {
|
|
606
|
+
/**
|
|
607
|
+
* The fallback URL to redirect to after the user signs up, if there's no `redirect_url` in the path already.
|
|
608
|
+
* @default '/'
|
|
609
|
+
*/
|
|
610
|
+
signUpFallbackRedirectUrl?: string | null;
|
|
611
|
+
};
|
|
563
612
|
type AfterSignOutUrl = {
|
|
613
|
+
/**
|
|
614
|
+
* Full URL or path to navigate to after successful sign out.
|
|
615
|
+
*/
|
|
564
616
|
afterSignOutUrl?: string | null;
|
|
565
617
|
};
|
|
566
|
-
type RedirectOptions = SignInRedirectUrl | SignUpRedirectUrl;
|
|
567
618
|
|
|
568
619
|
interface InitialState {
|
|
569
620
|
userId: string | null;
|
|
@@ -637,7 +688,26 @@ type CreateActiveSessionParams = {
|
|
|
637
688
|
redirectUrl?: string;
|
|
638
689
|
};
|
|
639
690
|
type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;
|
|
640
|
-
|
|
691
|
+
/**
|
|
692
|
+
* Navigation options used to replace or push history changes.
|
|
693
|
+
* Both `routerPush` & `routerReplace` OR none options should be passed.
|
|
694
|
+
*/
|
|
695
|
+
type TernSecureOptionsNavigation = {
|
|
696
|
+
/**
|
|
697
|
+
* A function which takes the destination path as an argument and performs a "push" navigation.
|
|
698
|
+
*/
|
|
699
|
+
routerPush?: never;
|
|
700
|
+
/**
|
|
701
|
+
* A function which takes the destination path as an argument and performs a "replace" navigation.
|
|
702
|
+
*/
|
|
703
|
+
routerReplace?: never;
|
|
704
|
+
routerDebug?: boolean;
|
|
705
|
+
} | {
|
|
706
|
+
routerPush: RouterFn;
|
|
707
|
+
routerReplace: RouterFn;
|
|
708
|
+
routerDebug?: boolean;
|
|
709
|
+
};
|
|
710
|
+
type TernSecureAuthOptions = TernSecureOptionsNavigation & SignInForceRedirectUrl & SignInFallbackRedirectUrl & SignUpForceRedirectUrl & SignUpFallbackRedirectUrl & AfterSignOutUrl & {
|
|
641
711
|
apiUrl?: string;
|
|
642
712
|
sdkMetadata?: TernAuthSDK;
|
|
643
713
|
signInUrl?: string;
|
|
@@ -648,17 +718,29 @@ type TernSecureAuthOptions = {
|
|
|
648
718
|
ternSecureConfig?: TernSecureConfig;
|
|
649
719
|
persistence?: Persistence;
|
|
650
720
|
enableServiceWorker?: boolean;
|
|
721
|
+
/**
|
|
722
|
+
* An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.
|
|
723
|
+
*/
|
|
724
|
+
allowedRedirectOrigins?: Array<string | RegExp>;
|
|
725
|
+
/**
|
|
726
|
+
* An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.
|
|
727
|
+
*/
|
|
728
|
+
allowedRedirectProtocols?: Array<string>;
|
|
651
729
|
experimental?: {
|
|
652
730
|
/** rethrow network errors that occur while the offline */
|
|
653
731
|
rethrowOfflineNetworkErrors?: boolean;
|
|
654
732
|
};
|
|
655
|
-
}
|
|
733
|
+
};
|
|
656
734
|
type TernAuthListenerEventPayload = {
|
|
657
735
|
authStateChanged: TernSecureState;
|
|
658
736
|
userChanged: TernSecureUser;
|
|
659
737
|
sessionChanged: SignedInSession | null;
|
|
660
738
|
tokenRefreshed: string | null;
|
|
661
739
|
};
|
|
740
|
+
interface NavigateOptions {
|
|
741
|
+
replace?: boolean;
|
|
742
|
+
metadata?: RouterMetadata;
|
|
743
|
+
}
|
|
662
744
|
type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;
|
|
663
745
|
type ListenerCallback = (emission: TernSecureResources) => void;
|
|
664
746
|
type UnsubscribeCallback = () => void;
|
|
@@ -705,7 +787,7 @@ interface TernSecureAuth {
|
|
|
705
787
|
/** Requires Verification */
|
|
706
788
|
requiresVerification: boolean;
|
|
707
789
|
/** Initialize TernSecureAuth */
|
|
708
|
-
initialize(options?: TernSecureAuthOptions)
|
|
790
|
+
initialize: (options?: TernSecureAuthOptions) => Promise<void>;
|
|
709
791
|
/**
|
|
710
792
|
* @internal
|
|
711
793
|
*/
|
|
@@ -738,6 +820,10 @@ interface TernSecureAuth {
|
|
|
738
820
|
getRedirectResult: () => Promise<any>;
|
|
739
821
|
/** Create an active session */
|
|
740
822
|
createActiveSession: CreateActiveSession;
|
|
823
|
+
/**
|
|
824
|
+
* @param {string} to
|
|
825
|
+
*/
|
|
826
|
+
constructUrlWithAuthRedirect(to: string): string;
|
|
741
827
|
/** Navigate to SignIn page */
|
|
742
828
|
redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;
|
|
743
829
|
/** Navigate to SignUp page */
|
|
@@ -785,7 +871,7 @@ type SignInProps = {
|
|
|
785
871
|
initialValue?: SignInInitialValue;
|
|
786
872
|
/** Callbacks */
|
|
787
873
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
788
|
-
} &
|
|
874
|
+
} & SignUpForceRedirectUrl;
|
|
789
875
|
/**
|
|
790
876
|
* Props for SignUp component focusing on UI concerns
|
|
791
877
|
*/
|
|
@@ -797,9 +883,59 @@ type SignUpProps = {
|
|
|
797
883
|
/** Callbacks */
|
|
798
884
|
onSubmit?: (values: SignUpFormValues) => Promise<void>;
|
|
799
885
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
800
|
-
} &
|
|
886
|
+
} & SignInForceRedirectUrl;
|
|
801
887
|
type SignInRedirectOptions = RedirectOptions;
|
|
802
888
|
type SignUpRedirectOptions = RedirectOptions;
|
|
889
|
+
type RoutingStrategy = 'path' | 'hash' | 'virtual';
|
|
890
|
+
/**
|
|
891
|
+
* Internal is a navigation type that affects the component
|
|
892
|
+
*
|
|
893
|
+
*/
|
|
894
|
+
type NavigationType =
|
|
895
|
+
/**
|
|
896
|
+
* Internal navigations affect the components and alter the
|
|
897
|
+
* part of the URL that comes after the `path` passed to the component.
|
|
898
|
+
* eg <SignIn path='sign-in'>
|
|
899
|
+
* going from /sign-in to /sign-in/factor-one is an internal navigation
|
|
900
|
+
*/
|
|
901
|
+
'internal'
|
|
902
|
+
/**
|
|
903
|
+
* Internal navigations affect the components and alter the
|
|
904
|
+
* part of the URL that comes before the `path` passed to the component.
|
|
905
|
+
* eg <SignIn path='sign-in'>
|
|
906
|
+
* going from /sign-in to / is an external navigation
|
|
907
|
+
*/
|
|
908
|
+
| 'external'
|
|
909
|
+
/**
|
|
910
|
+
* Window navigations are navigations towards a different origin
|
|
911
|
+
* and are not handled by the TernSecure component or the host app router.
|
|
912
|
+
*/
|
|
913
|
+
| 'window';
|
|
914
|
+
type RouterMetadata = {
|
|
915
|
+
routing?: RoutingStrategy;
|
|
916
|
+
navigationType?: NavigationType;
|
|
917
|
+
};
|
|
918
|
+
/**
|
|
919
|
+
* @inline
|
|
920
|
+
*/
|
|
921
|
+
type RouterFn = (
|
|
922
|
+
/**
|
|
923
|
+
* The destination path
|
|
924
|
+
*/
|
|
925
|
+
to: string,
|
|
926
|
+
/**
|
|
927
|
+
* Optional metadata
|
|
928
|
+
*/
|
|
929
|
+
metadata?: {
|
|
930
|
+
/**
|
|
931
|
+
* @internal
|
|
932
|
+
*/
|
|
933
|
+
__internal_metadata?: RouterMetadata;
|
|
934
|
+
/**
|
|
935
|
+
* Provide a function to be used for navigation.
|
|
936
|
+
*/
|
|
937
|
+
windowNavigate: (to: URL | string) => void;
|
|
938
|
+
}) => Promise<unknown> | unknown;
|
|
803
939
|
|
|
804
940
|
/**
|
|
805
941
|
* Defines the basic structure for color theming.
|
|
@@ -973,7 +1109,7 @@ type TernSecureInstanceTreeOptions = {
|
|
|
973
1109
|
isTernSecureDev?: boolean;
|
|
974
1110
|
ternSecureConfig?: TernSecureConfig;
|
|
975
1111
|
enableServiceWorker?: boolean;
|
|
976
|
-
} &
|
|
1112
|
+
} & SignInForceRedirectUrl & SignUpForceRedirectUrl & AfterSignOutUrl;
|
|
977
1113
|
type TernSecureInstanceTreeStatus = 'error' | 'loading' | 'ready';
|
|
978
1114
|
/**
|
|
979
1115
|
* Instance interface for managing auth UI state
|
|
@@ -1074,7 +1210,7 @@ type SignInPropsTree = {
|
|
|
1074
1210
|
/** Callbacks */
|
|
1075
1211
|
onError?: (error: AuthErrorTree) => void;
|
|
1076
1212
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
1077
|
-
} &
|
|
1213
|
+
} & SignUpForceRedirectUrl;
|
|
1078
1214
|
/**
|
|
1079
1215
|
* Props for SignUp component focusing on UI concerns
|
|
1080
1216
|
*/
|
|
@@ -1089,7 +1225,7 @@ type SignUpPropsTree = {
|
|
|
1089
1225
|
onSubmit?: (values: SignUpFormValuesTree) => Promise<void>;
|
|
1090
1226
|
onError?: (error: AuthErrorTree) => void;
|
|
1091
1227
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
1092
|
-
} &
|
|
1228
|
+
} & SignInForceRedirectUrl;
|
|
1093
1229
|
type SignInRedirectOptionss = RedirectOptions;
|
|
1094
1230
|
type SignUpRedirectOptionss = RedirectOptions;
|
|
1095
1231
|
|
|
@@ -1140,4 +1276,4 @@ type DomainOrProxyUrl = {
|
|
|
1140
1276
|
*/
|
|
1141
1277
|
type Autocomplete<U extends T, T = string> = U | (T & Record<never, never>);
|
|
1142
1278
|
|
|
1143
|
-
export { type ActiveSession, type AdminConfigValidationResult, type AfterSignOutUrl, type Appearance, type AuthEndpoint, type AuthErrorCode, type AuthErrorResponse, type AuthErrorTree, type AuthProviderStatus, type Autocomplete, type BaseAuthUIConfig, type CheckAuthorizationFromSessionClaims, type CheckCustomClaims, type ConfigValidationResult, type CookieEndpointConfig, type CookieOptions, type CookieOpts, type CookieResource, type CookieStore, type CookieSubEndpoint, type CorsOptions, type CreateActiveSession, type CreateActiveSessionParams, DEFAULT_TERN_SECURE_STATE, type DecodedIdToken, type DomainOrProxyUrl, ERRORS, type EndpointConfig, type ErrorCode, type ExpiredSession, type FirebaseClaims, type FirebaseState, type IdTokenResult, type IdTokenResult_DEPRECATED, type InitialState, type InstanceType, type JWTPayload, type JWTProtectedHeader, type Jwt, type ListenerCallback, type ParsedToken, type PendingSession, type Persistence, type ProviderUserInfo, type RateLimitOptions, type RedirectOptions, type ResendEmailVerification, type SecurityOptions, type ServerConfigValidationResult, type SessionCookieConfig, type SessionEndpointConfig, type SessionJson, type SessionParams, type SessionResource, type SessionResult, type SessionStatus, type SessionSubEndpoint, type SharedSignInAuthObjectProperties, type SignInErrorResponse, type SignInFormValues, type SignInInitialValue, type SignInPendingResponse, type SignInProps, type SignInPropsTree, type SignInRedirectOptions, type SignInRedirectOptionss, type
|
|
1279
|
+
export { type ActiveSession, type AdminConfigValidationResult, type AfterSignOutUrl, type Appearance, type AuthEndpoint, type AuthErrorCode, type AuthErrorResponse, type AuthErrorTree, type AuthProviderStatus, type Autocomplete, type BaseAuthUIConfig, type CheckAuthorizationFromSessionClaims, type CheckCustomClaims, type ConfigValidationResult, type CookieEndpointConfig, type CookieOptions, type CookieOpts, type CookieResource, type CookieStore, type CookieSubEndpoint, type CorsOptions, type CreateActiveSession, type CreateActiveSessionParams, DEFAULT_TERN_SECURE_STATE, type DecodedIdToken, type DomainOrProxyUrl, ERRORS, type EndpointConfig, type ErrorCode, type ExpiredSession, type FirebaseClaims, type FirebaseState, type IdTokenResult, type IdTokenResult_DEPRECATED, type InitialState, type InstanceType, type JWTPayload, type JWTProtectedHeader, type Jwt, type LegacyRedirectProps, type ListenerCallback, type NavigateOptions, type ParsedToken, type PendingSession, type Persistence, type ProviderUserInfo, type RateLimitOptions, type RedirectOptions, type RedirectUrlProp, type ResendEmailVerification, type RoutingStrategy, type SecurityOptions, type ServerConfigValidationResult, type SessionCookieConfig, type SessionEndpointConfig, type SessionJson, type SessionParams, type SessionResource, type SessionResult, type SessionStatus, type SessionSubEndpoint, type SharedSignInAuthObjectProperties, type SignInErrorResponse, type SignInFallbackRedirectUrl, type SignInForceRedirectUrl, type SignInFormValues, type SignInInitialValue, type SignInPendingResponse, type SignInProps, type SignInPropsTree, type SignInRedirectOptions, type SignInRedirectOptionss, type SignInResource, type SignInResponse, type SignInStatus, type SignInSuccessResponse, type SignInUIConfig, type SignOut, type SignOutOptions, type SignOutOptionsTree, type SignUpFallbackRedirectUrl, type SignUpForceRedirectUrl, type SignUpFormValues, type SignUpFormValuesTree, type SignUpInitialValue, type SignUpInitialValueTree, type SignUpProps, type SignUpPropsTree, type SignUpRedirectOptions, type SignUpRedirectOptionss, type SignUpResource, type SignUpStatus, type SignUpUIConfig, type SignedInSession, type SocialProviderOptions, type TernAuthEventPayload, type TernAuthListenerEvent, type TernAuthListenerEventPayload, type TernAuthSDK, type TernSecureAPIError, type TernSecureAdminConfig, type TernSecureApiErrorJSON, type TernSecureAuth, type TernSecureAuthFactory, type TernSecureAuthOptions, type TernSecureAuthProvider, type TernSecureAuthStatus, type TernSecureConfig, type TernSecureFireRestError, type TernSecureFireRestErrorJSON, type TernSecureHandlerOptions, type TernSecureInstance, type TernSecureInstanceTree, type TernSecureInstanceTreeOptions, type TernSecureInstanceTreeStatus, type TernSecureOptions, type TernSecureResources, type TernSecureSDK, type TernSecureServerConfig, type TernSecureSessionTree, type TernSecureState, type TernSecureStateExtended, type TernSecureUser, type TernSecureUserData, type TernVerificationResult, type ThemeBorderRadius, type ThemeColors, type ThemeComponentStyles, type ThemeFonts, type ThemeSpacing, type TokenCookieConfig, type UnsubscribeCallback, type UseAuthReturn, type UseSignInReturn, type UserCredential, type UserInfo, type VerifiedTokens, isSignInResponseTree };
|
package/dist/index.d.ts
CHANGED
|
@@ -252,6 +252,7 @@ declare const ERRORS: {
|
|
|
252
252
|
readonly WRONG_PASSWORD: "auth/wrong-password";
|
|
253
253
|
readonly EMAIL_ALREADY_IN_USE: "auth/email-already-in-use";
|
|
254
254
|
readonly REQUIRES_RECENT_LOGIN: "auth/requires-recent-login";
|
|
255
|
+
readonly INCORRECT_ARGUMENT: "auth/argument-error";
|
|
255
256
|
readonly NO_SESSION_COOKIE: "No session cookie found.";
|
|
256
257
|
readonly INVALID_SESSION_COOKIE: "Invalid session cookie.";
|
|
257
258
|
readonly NO_ID_TOKEN: "No ID token found.";
|
|
@@ -336,6 +337,7 @@ interface TernSecureHandlerOptions {
|
|
|
336
337
|
sessions?: SessionEndpointConfig;
|
|
337
338
|
};
|
|
338
339
|
tenantId?: string | null;
|
|
340
|
+
revokeRefreshTokensOnSignOut?: boolean;
|
|
339
341
|
enableCustomToken?: boolean;
|
|
340
342
|
debug?: boolean;
|
|
341
343
|
environment?: 'development' | 'production' | 'test';
|
|
@@ -426,6 +428,17 @@ interface ResendEmailVerification {
|
|
|
426
428
|
isVerified?: boolean;
|
|
427
429
|
}
|
|
428
430
|
declare function isSignInResponseTree(value: any): value is SignInResponse;
|
|
431
|
+
/**
|
|
432
|
+
* social provider options that allow to specify custom parameters
|
|
433
|
+
*/
|
|
434
|
+
interface SocialProviderOptions {
|
|
435
|
+
/** Authentication mode - popup or redirect */
|
|
436
|
+
mode?: 'popup' | 'redirect';
|
|
437
|
+
/** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */
|
|
438
|
+
customParameters?: Record<string, string>;
|
|
439
|
+
/** OAuth scopes to request from the provider */
|
|
440
|
+
scopes?: string[];
|
|
441
|
+
}
|
|
429
442
|
interface SignInResource {
|
|
430
443
|
/**
|
|
431
444
|
* The current status of the sign-in process.
|
|
@@ -442,9 +455,7 @@ interface SignInResource {
|
|
|
442
455
|
* @param options - Optional configuration for the social sign-in flow.
|
|
443
456
|
* @returns A promise that resolves with the sign-in response or void if redirecting.
|
|
444
457
|
*/
|
|
445
|
-
withSocialProvider: (provider: string, options
|
|
446
|
-
mode?: 'popup' | 'redirect';
|
|
447
|
-
}) => Promise<SignInResponse | void>;
|
|
458
|
+
withSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse | void>;
|
|
448
459
|
/**
|
|
449
460
|
* Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.
|
|
450
461
|
* @param mfaToken - The MFA token or code submitted by the user.
|
|
@@ -554,16 +565,56 @@ type Jwt = {
|
|
|
554
565
|
};
|
|
555
566
|
};
|
|
556
567
|
|
|
557
|
-
|
|
568
|
+
/**
|
|
569
|
+
* @deprecated This will be removed in a future release.
|
|
570
|
+
*/
|
|
571
|
+
type LegacyRedirectProps = {
|
|
572
|
+
/**
|
|
573
|
+
* @deprecated Use `fallbackRedirectUrl` or `forceRedirectUrl` instead.
|
|
574
|
+
*/
|
|
575
|
+
afterSignInUrl?: string | null;
|
|
576
|
+
/**
|
|
577
|
+
* @deprecated Use `fallbackRedirectUrl` or `forceRedirectUrl` instead.
|
|
578
|
+
*/
|
|
579
|
+
afterSignUpUrl?: string | null;
|
|
580
|
+
/**
|
|
581
|
+
* @deprecated Use `fallbackRedirectUrl` or `forceRedirectUrl` instead.
|
|
582
|
+
*/
|
|
583
|
+
redirectUrl?: string | null;
|
|
584
|
+
};
|
|
585
|
+
type RedirectOptions = SignInForceRedirectUrl & SignInFallbackRedirectUrl & SignUpForceRedirectUrl & SignUpFallbackRedirectUrl & LegacyRedirectProps;
|
|
586
|
+
type RedirectUrlProp = {
|
|
587
|
+
/**
|
|
588
|
+
* Full URL or path to navigate to after a successful action.
|
|
589
|
+
*/
|
|
590
|
+
redirectUrl?: string | null;
|
|
591
|
+
};
|
|
592
|
+
type SignInForceRedirectUrl = {
|
|
558
593
|
signInForceRedirectUrl?: string | null;
|
|
559
594
|
};
|
|
560
|
-
type
|
|
595
|
+
type SignInFallbackRedirectUrl = {
|
|
596
|
+
/**
|
|
597
|
+
* The fallback URL to redirect to after the user signs in, if there's no `redirect_url` in the path already.
|
|
598
|
+
* @default '/'
|
|
599
|
+
*/
|
|
600
|
+
signInFallbackRedirectUrl?: string | null;
|
|
601
|
+
};
|
|
602
|
+
type SignUpForceRedirectUrl = {
|
|
561
603
|
signUpForceRedirectUrl?: string | null;
|
|
562
604
|
};
|
|
605
|
+
type SignUpFallbackRedirectUrl = {
|
|
606
|
+
/**
|
|
607
|
+
* The fallback URL to redirect to after the user signs up, if there's no `redirect_url` in the path already.
|
|
608
|
+
* @default '/'
|
|
609
|
+
*/
|
|
610
|
+
signUpFallbackRedirectUrl?: string | null;
|
|
611
|
+
};
|
|
563
612
|
type AfterSignOutUrl = {
|
|
613
|
+
/**
|
|
614
|
+
* Full URL or path to navigate to after successful sign out.
|
|
615
|
+
*/
|
|
564
616
|
afterSignOutUrl?: string | null;
|
|
565
617
|
};
|
|
566
|
-
type RedirectOptions = SignInRedirectUrl | SignUpRedirectUrl;
|
|
567
618
|
|
|
568
619
|
interface InitialState {
|
|
569
620
|
userId: string | null;
|
|
@@ -637,7 +688,26 @@ type CreateActiveSessionParams = {
|
|
|
637
688
|
redirectUrl?: string;
|
|
638
689
|
};
|
|
639
690
|
type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;
|
|
640
|
-
|
|
691
|
+
/**
|
|
692
|
+
* Navigation options used to replace or push history changes.
|
|
693
|
+
* Both `routerPush` & `routerReplace` OR none options should be passed.
|
|
694
|
+
*/
|
|
695
|
+
type TernSecureOptionsNavigation = {
|
|
696
|
+
/**
|
|
697
|
+
* A function which takes the destination path as an argument and performs a "push" navigation.
|
|
698
|
+
*/
|
|
699
|
+
routerPush?: never;
|
|
700
|
+
/**
|
|
701
|
+
* A function which takes the destination path as an argument and performs a "replace" navigation.
|
|
702
|
+
*/
|
|
703
|
+
routerReplace?: never;
|
|
704
|
+
routerDebug?: boolean;
|
|
705
|
+
} | {
|
|
706
|
+
routerPush: RouterFn;
|
|
707
|
+
routerReplace: RouterFn;
|
|
708
|
+
routerDebug?: boolean;
|
|
709
|
+
};
|
|
710
|
+
type TernSecureAuthOptions = TernSecureOptionsNavigation & SignInForceRedirectUrl & SignInFallbackRedirectUrl & SignUpForceRedirectUrl & SignUpFallbackRedirectUrl & AfterSignOutUrl & {
|
|
641
711
|
apiUrl?: string;
|
|
642
712
|
sdkMetadata?: TernAuthSDK;
|
|
643
713
|
signInUrl?: string;
|
|
@@ -648,17 +718,29 @@ type TernSecureAuthOptions = {
|
|
|
648
718
|
ternSecureConfig?: TernSecureConfig;
|
|
649
719
|
persistence?: Persistence;
|
|
650
720
|
enableServiceWorker?: boolean;
|
|
721
|
+
/**
|
|
722
|
+
* An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.
|
|
723
|
+
*/
|
|
724
|
+
allowedRedirectOrigins?: Array<string | RegExp>;
|
|
725
|
+
/**
|
|
726
|
+
* An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.
|
|
727
|
+
*/
|
|
728
|
+
allowedRedirectProtocols?: Array<string>;
|
|
651
729
|
experimental?: {
|
|
652
730
|
/** rethrow network errors that occur while the offline */
|
|
653
731
|
rethrowOfflineNetworkErrors?: boolean;
|
|
654
732
|
};
|
|
655
|
-
}
|
|
733
|
+
};
|
|
656
734
|
type TernAuthListenerEventPayload = {
|
|
657
735
|
authStateChanged: TernSecureState;
|
|
658
736
|
userChanged: TernSecureUser;
|
|
659
737
|
sessionChanged: SignedInSession | null;
|
|
660
738
|
tokenRefreshed: string | null;
|
|
661
739
|
};
|
|
740
|
+
interface NavigateOptions {
|
|
741
|
+
replace?: boolean;
|
|
742
|
+
metadata?: RouterMetadata;
|
|
743
|
+
}
|
|
662
744
|
type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;
|
|
663
745
|
type ListenerCallback = (emission: TernSecureResources) => void;
|
|
664
746
|
type UnsubscribeCallback = () => void;
|
|
@@ -705,7 +787,7 @@ interface TernSecureAuth {
|
|
|
705
787
|
/** Requires Verification */
|
|
706
788
|
requiresVerification: boolean;
|
|
707
789
|
/** Initialize TernSecureAuth */
|
|
708
|
-
initialize(options?: TernSecureAuthOptions)
|
|
790
|
+
initialize: (options?: TernSecureAuthOptions) => Promise<void>;
|
|
709
791
|
/**
|
|
710
792
|
* @internal
|
|
711
793
|
*/
|
|
@@ -738,6 +820,10 @@ interface TernSecureAuth {
|
|
|
738
820
|
getRedirectResult: () => Promise<any>;
|
|
739
821
|
/** Create an active session */
|
|
740
822
|
createActiveSession: CreateActiveSession;
|
|
823
|
+
/**
|
|
824
|
+
* @param {string} to
|
|
825
|
+
*/
|
|
826
|
+
constructUrlWithAuthRedirect(to: string): string;
|
|
741
827
|
/** Navigate to SignIn page */
|
|
742
828
|
redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;
|
|
743
829
|
/** Navigate to SignUp page */
|
|
@@ -785,7 +871,7 @@ type SignInProps = {
|
|
|
785
871
|
initialValue?: SignInInitialValue;
|
|
786
872
|
/** Callbacks */
|
|
787
873
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
788
|
-
} &
|
|
874
|
+
} & SignUpForceRedirectUrl;
|
|
789
875
|
/**
|
|
790
876
|
* Props for SignUp component focusing on UI concerns
|
|
791
877
|
*/
|
|
@@ -797,9 +883,59 @@ type SignUpProps = {
|
|
|
797
883
|
/** Callbacks */
|
|
798
884
|
onSubmit?: (values: SignUpFormValues) => Promise<void>;
|
|
799
885
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
800
|
-
} &
|
|
886
|
+
} & SignInForceRedirectUrl;
|
|
801
887
|
type SignInRedirectOptions = RedirectOptions;
|
|
802
888
|
type SignUpRedirectOptions = RedirectOptions;
|
|
889
|
+
type RoutingStrategy = 'path' | 'hash' | 'virtual';
|
|
890
|
+
/**
|
|
891
|
+
* Internal is a navigation type that affects the component
|
|
892
|
+
*
|
|
893
|
+
*/
|
|
894
|
+
type NavigationType =
|
|
895
|
+
/**
|
|
896
|
+
* Internal navigations affect the components and alter the
|
|
897
|
+
* part of the URL that comes after the `path` passed to the component.
|
|
898
|
+
* eg <SignIn path='sign-in'>
|
|
899
|
+
* going from /sign-in to /sign-in/factor-one is an internal navigation
|
|
900
|
+
*/
|
|
901
|
+
'internal'
|
|
902
|
+
/**
|
|
903
|
+
* Internal navigations affect the components and alter the
|
|
904
|
+
* part of the URL that comes before the `path` passed to the component.
|
|
905
|
+
* eg <SignIn path='sign-in'>
|
|
906
|
+
* going from /sign-in to / is an external navigation
|
|
907
|
+
*/
|
|
908
|
+
| 'external'
|
|
909
|
+
/**
|
|
910
|
+
* Window navigations are navigations towards a different origin
|
|
911
|
+
* and are not handled by the TernSecure component or the host app router.
|
|
912
|
+
*/
|
|
913
|
+
| 'window';
|
|
914
|
+
type RouterMetadata = {
|
|
915
|
+
routing?: RoutingStrategy;
|
|
916
|
+
navigationType?: NavigationType;
|
|
917
|
+
};
|
|
918
|
+
/**
|
|
919
|
+
* @inline
|
|
920
|
+
*/
|
|
921
|
+
type RouterFn = (
|
|
922
|
+
/**
|
|
923
|
+
* The destination path
|
|
924
|
+
*/
|
|
925
|
+
to: string,
|
|
926
|
+
/**
|
|
927
|
+
* Optional metadata
|
|
928
|
+
*/
|
|
929
|
+
metadata?: {
|
|
930
|
+
/**
|
|
931
|
+
* @internal
|
|
932
|
+
*/
|
|
933
|
+
__internal_metadata?: RouterMetadata;
|
|
934
|
+
/**
|
|
935
|
+
* Provide a function to be used for navigation.
|
|
936
|
+
*/
|
|
937
|
+
windowNavigate: (to: URL | string) => void;
|
|
938
|
+
}) => Promise<unknown> | unknown;
|
|
803
939
|
|
|
804
940
|
/**
|
|
805
941
|
* Defines the basic structure for color theming.
|
|
@@ -973,7 +1109,7 @@ type TernSecureInstanceTreeOptions = {
|
|
|
973
1109
|
isTernSecureDev?: boolean;
|
|
974
1110
|
ternSecureConfig?: TernSecureConfig;
|
|
975
1111
|
enableServiceWorker?: boolean;
|
|
976
|
-
} &
|
|
1112
|
+
} & SignInForceRedirectUrl & SignUpForceRedirectUrl & AfterSignOutUrl;
|
|
977
1113
|
type TernSecureInstanceTreeStatus = 'error' | 'loading' | 'ready';
|
|
978
1114
|
/**
|
|
979
1115
|
* Instance interface for managing auth UI state
|
|
@@ -1074,7 +1210,7 @@ type SignInPropsTree = {
|
|
|
1074
1210
|
/** Callbacks */
|
|
1075
1211
|
onError?: (error: AuthErrorTree) => void;
|
|
1076
1212
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
1077
|
-
} &
|
|
1213
|
+
} & SignUpForceRedirectUrl;
|
|
1078
1214
|
/**
|
|
1079
1215
|
* Props for SignUp component focusing on UI concerns
|
|
1080
1216
|
*/
|
|
@@ -1089,7 +1225,7 @@ type SignUpPropsTree = {
|
|
|
1089
1225
|
onSubmit?: (values: SignUpFormValuesTree) => Promise<void>;
|
|
1090
1226
|
onError?: (error: AuthErrorTree) => void;
|
|
1091
1227
|
onSuccess?: (user: TernSecureUser | null) => void;
|
|
1092
|
-
} &
|
|
1228
|
+
} & SignInForceRedirectUrl;
|
|
1093
1229
|
type SignInRedirectOptionss = RedirectOptions;
|
|
1094
1230
|
type SignUpRedirectOptionss = RedirectOptions;
|
|
1095
1231
|
|
|
@@ -1140,4 +1276,4 @@ type DomainOrProxyUrl = {
|
|
|
1140
1276
|
*/
|
|
1141
1277
|
type Autocomplete<U extends T, T = string> = U | (T & Record<never, never>);
|
|
1142
1278
|
|
|
1143
|
-
export { type ActiveSession, type AdminConfigValidationResult, type AfterSignOutUrl, type Appearance, type AuthEndpoint, type AuthErrorCode, type AuthErrorResponse, type AuthErrorTree, type AuthProviderStatus, type Autocomplete, type BaseAuthUIConfig, type CheckAuthorizationFromSessionClaims, type CheckCustomClaims, type ConfigValidationResult, type CookieEndpointConfig, type CookieOptions, type CookieOpts, type CookieResource, type CookieStore, type CookieSubEndpoint, type CorsOptions, type CreateActiveSession, type CreateActiveSessionParams, DEFAULT_TERN_SECURE_STATE, type DecodedIdToken, type DomainOrProxyUrl, ERRORS, type EndpointConfig, type ErrorCode, type ExpiredSession, type FirebaseClaims, type FirebaseState, type IdTokenResult, type IdTokenResult_DEPRECATED, type InitialState, type InstanceType, type JWTPayload, type JWTProtectedHeader, type Jwt, type ListenerCallback, type ParsedToken, type PendingSession, type Persistence, type ProviderUserInfo, type RateLimitOptions, type RedirectOptions, type ResendEmailVerification, type SecurityOptions, type ServerConfigValidationResult, type SessionCookieConfig, type SessionEndpointConfig, type SessionJson, type SessionParams, type SessionResource, type SessionResult, type SessionStatus, type SessionSubEndpoint, type SharedSignInAuthObjectProperties, type SignInErrorResponse, type SignInFormValues, type SignInInitialValue, type SignInPendingResponse, type SignInProps, type SignInPropsTree, type SignInRedirectOptions, type SignInRedirectOptionss, type
|
|
1279
|
+
export { type ActiveSession, type AdminConfigValidationResult, type AfterSignOutUrl, type Appearance, type AuthEndpoint, type AuthErrorCode, type AuthErrorResponse, type AuthErrorTree, type AuthProviderStatus, type Autocomplete, type BaseAuthUIConfig, type CheckAuthorizationFromSessionClaims, type CheckCustomClaims, type ConfigValidationResult, type CookieEndpointConfig, type CookieOptions, type CookieOpts, type CookieResource, type CookieStore, type CookieSubEndpoint, type CorsOptions, type CreateActiveSession, type CreateActiveSessionParams, DEFAULT_TERN_SECURE_STATE, type DecodedIdToken, type DomainOrProxyUrl, ERRORS, type EndpointConfig, type ErrorCode, type ExpiredSession, type FirebaseClaims, type FirebaseState, type IdTokenResult, type IdTokenResult_DEPRECATED, type InitialState, type InstanceType, type JWTPayload, type JWTProtectedHeader, type Jwt, type LegacyRedirectProps, type ListenerCallback, type NavigateOptions, type ParsedToken, type PendingSession, type Persistence, type ProviderUserInfo, type RateLimitOptions, type RedirectOptions, type RedirectUrlProp, type ResendEmailVerification, type RoutingStrategy, type SecurityOptions, type ServerConfigValidationResult, type SessionCookieConfig, type SessionEndpointConfig, type SessionJson, type SessionParams, type SessionResource, type SessionResult, type SessionStatus, type SessionSubEndpoint, type SharedSignInAuthObjectProperties, type SignInErrorResponse, type SignInFallbackRedirectUrl, type SignInForceRedirectUrl, type SignInFormValues, type SignInInitialValue, type SignInPendingResponse, type SignInProps, type SignInPropsTree, type SignInRedirectOptions, type SignInRedirectOptionss, type SignInResource, type SignInResponse, type SignInStatus, type SignInSuccessResponse, type SignInUIConfig, type SignOut, type SignOutOptions, type SignOutOptionsTree, type SignUpFallbackRedirectUrl, type SignUpForceRedirectUrl, type SignUpFormValues, type SignUpFormValuesTree, type SignUpInitialValue, type SignUpInitialValueTree, type SignUpProps, type SignUpPropsTree, type SignUpRedirectOptions, type SignUpRedirectOptionss, type SignUpResource, type SignUpStatus, type SignUpUIConfig, type SignedInSession, type SocialProviderOptions, type TernAuthEventPayload, type TernAuthListenerEvent, type TernAuthListenerEventPayload, type TernAuthSDK, type TernSecureAPIError, type TernSecureAdminConfig, type TernSecureApiErrorJSON, type TernSecureAuth, type TernSecureAuthFactory, type TernSecureAuthOptions, type TernSecureAuthProvider, type TernSecureAuthStatus, type TernSecureConfig, type TernSecureFireRestError, type TernSecureFireRestErrorJSON, type TernSecureHandlerOptions, type TernSecureInstance, type TernSecureInstanceTree, type TernSecureInstanceTreeOptions, type TernSecureInstanceTreeStatus, type TernSecureOptions, type TernSecureResources, type TernSecureSDK, type TernSecureServerConfig, type TernSecureSessionTree, type TernSecureState, type TernSecureStateExtended, type TernSecureUser, type TernSecureUserData, type TernVerificationResult, type ThemeBorderRadius, type ThemeColors, type ThemeComponentStyles, type ThemeFonts, type ThemeSpacing, type TokenCookieConfig, type UnsubscribeCallback, type UseAuthReturn, type UseSignInReturn, type UserCredential, type UserInfo, type VerifiedTokens, isSignInResponseTree };
|
package/dist/index.js
CHANGED
|
@@ -55,6 +55,7 @@ var ERRORS = {
|
|
|
55
55
|
WRONG_PASSWORD: "auth/wrong-password",
|
|
56
56
|
EMAIL_ALREADY_IN_USE: "auth/email-already-in-use",
|
|
57
57
|
REQUIRES_RECENT_LOGIN: "auth/requires-recent-login",
|
|
58
|
+
INCORRECT_ARGUMENT: "auth/argument-error",
|
|
58
59
|
NO_SESSION_COOKIE: "No session cookie found.",
|
|
59
60
|
INVALID_SESSION_COOKIE: "Invalid session cookie.",
|
|
60
61
|
NO_ID_TOKEN: "No ID token found.",
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/auth.ts","../src/signIn.ts"],"sourcesContent":["export * from './all'\nexport * from './api'\nexport * from './cookie'\nexport * from './errors'\nexport * from './handler'\nexport * from './instanceTree'\nexport * from './theme'\nexport * from './json'\nexport * from './jwt'\nexport * from './auth'\nexport * from './signIn'\nexport * from './signUp'\nexport * from './session'\nexport * from './redirect'\nexport * from './hooks'\nexport * from './multiDomain'\nexport * from './utils'","\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInRedirectUrl,\n SignUpRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInInitialValue, SignInResource } from './signIn';\n\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n}\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n}\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\nexport type TernSecureAuthOptions = {\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n mode?: Mode;\n requiresVerification?: boolean;\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n} & SignInRedirectUrl &\n SignUpRedirectUrl &\n AfterSignOutUrl;\n\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n domain: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize(options?: TernSecureAuthOptions): Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport type SignUpFormValues = {\n email: string;\n password: string;\n confirmPassword?: string;\n displayName?: string;\n};\n\nexport type SignUpInitialValue = Partial<SignUpFormValues>;\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = {\n /** Routing Path */\n path?: string;\n /** URL to navigate to after successfully sign-in */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignInInitialValue;\n /** Callbacks */\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignUpRedirectUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = {\n /** URL to navigate to after successfully sign-up */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignUpInitialValue;\n /** Callbacks */\n onSubmit?: (values: SignUpFormValues) => Promise<void>;\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignInRedirectUrl;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\n","import type { UserCredential } from \"./all\";\nimport type { ErrorCode} from \"./errors\";\n\nexport type SignInStatus =\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\nexport type SignInFormValues = {\n email: string;\n password: string;\n phoneNumber?: string;\n};\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse = \n | SignInSuccessResponse \n | SignInErrorResponse \n | SignInPendingResponse;\n\n\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n\nexport interface SignInResource {\n /**\n * The current status of the sign-in process.\n */\n status?: SignInStatus;\n /**\n * Signs in a user with their email and password.\n * @param params - The sign-in form values.\n * @returns A promise that resolves with the sign-in response.\n */\n withEmailAndPassword: (params: SignInFormValues) => Promise<SignInResponse>;\n /**\n * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').\n * @param options - Optional configuration for the social sign-in flow.\n * @returns A promise that resolves with the sign-in response or void if redirecting.\n */\n withSocialProvider: (provider: string, options?: { mode?: 'popup' | 'redirect' }) => Promise<SignInResponse | void>;\n /**\n * Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.\n * @param mfaToken - The MFA token or code submitted by the user.\n * @param mfaContext - Optional context or session data from the MFA initiation step.\n * @returns A promise that resolves with the sign-in response upon successful MFA verification.\n */\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n /**\n * Sends a password reset email to the given email address.\n * @param email - The user's email address.\n * @returns A promise that resolves when the email is sent.\n */\n sendPasswordResetEmail: (email: string) => Promise<void>;\n /**\n * Resends the email verification link to the user's email address.\n * @returns A promise that resolves with the sign-in response.\n */\n resendEmailVerification: () => Promise<ResendEmailVerification>;\n /**\n * Checks the result of a redirect-based sign-in flow, typically used in OAuth or SSO scenarios.\n * @returns A promise that resolves with the sign-in response or null if no result is available.\n */\n checkRedirectResult: () => Promise<SignInResponse| null>;\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACGO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACUO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/auth.ts","../src/signIn.ts"],"sourcesContent":["export * from './all'\nexport * from './api'\nexport * from './cookie'\nexport * from './errors'\nexport * from './handler'\nexport * from './instanceTree'\nexport * from './theme'\nexport * from './json'\nexport * from './jwt'\nexport * from './auth'\nexport * from './signIn'\nexport * from './signUp'\nexport * from './session'\nexport * from './redirect'\nexport * from './hooks'\nexport * from './multiDomain'\nexport * from './utils'","\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n INCORRECT_ARGUMENT: \"auth/argument-error\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInFallbackRedirectUrl,\n SignInForceRedirectUrl,\n SignUpFallbackRedirectUrl,\n SignUpForceRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInInitialValue, SignInResource } from './signIn';\n\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n};\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n};\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\n/**\n * Navigation options used to replace or push history changes.\n * Both `routerPush` & `routerReplace` OR none options should be passed.\n */\ntype TernSecureOptionsNavigation =\n | {\n /**\n * A function which takes the destination path as an argument and performs a \"push\" navigation.\n */\n routerPush?: never;\n /**\n * A function which takes the destination path as an argument and performs a \"replace\" navigation.\n */\n routerReplace?: never;\n routerDebug?: boolean;\n }\n | {\n routerPush: RouterFn;\n routerReplace: RouterFn;\n routerDebug?: boolean;\n };\n\nexport type TernSecureAuthOptions = TernSecureOptionsNavigation &\n SignInForceRedirectUrl &\n SignInFallbackRedirectUrl &\n SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl & {\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n mode?: Mode;\n requiresVerification?: boolean;\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n /**\n * An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectOrigins?: Array<string | RegExp>;\n /**\n * An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectProtocols?: Array<string>;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n };\n\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\nexport interface NavigateOptions {\n replace?: boolean;\n metadata?: RouterMetadata;\n}\n\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n domain: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize: (options?: TernSecureAuthOptions) => Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /**\n * @param {string} to\n */\n constructUrlWithAuthRedirect(to: string): string;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport type SignUpFormValues = {\n email: string;\n password: string;\n confirmPassword?: string;\n displayName?: string;\n};\n\nexport type SignUpInitialValue = Partial<SignUpFormValues>;\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = {\n /** Routing Path */\n path?: string;\n /** URL to navigate to after successfully sign-in */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignInInitialValue;\n /** Callbacks */\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignUpForceRedirectUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = {\n /** URL to navigate to after successfully sign-up */\n forceRedirectUrl?: string | null;\n /** Initial form values */\n initialValue?: SignUpInitialValue;\n /** Callbacks */\n onSubmit?: (values: SignUpFormValues) => Promise<void>;\n onSuccess?: (user: TernSecureUser | null) => void;\n} & SignInForceRedirectUrl;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\nexport type RoutingStrategy = 'path' | 'hash' | 'virtual';\n\n/**\n * Internal is a navigation type that affects the component\n *\n */\ntype NavigationType =\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes after the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to /sign-in/factor-one is an internal navigation\n */\n | 'internal'\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes before the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to / is an external navigation\n */\n | 'external'\n /**\n * Window navigations are navigations towards a different origin\n * and are not handled by the TernSecure component or the host app router.\n */\n | 'window';\n\ntype RouterMetadata = { routing?: RoutingStrategy; navigationType?: NavigationType };\n\n/**\n * @inline\n */\ntype RouterFn = (\n /**\n * The destination path\n */\n to: string,\n /**\n * Optional metadata\n */\n metadata?: {\n /**\n * @internal\n */\n __internal_metadata?: RouterMetadata;\n /**\n * Provide a function to be used for navigation.\n */\n windowNavigate: (to: URL | string) => void;\n },\n) => Promise<unknown> | unknown;\n","import type { UserCredential } from \"./all\";\nimport type { ErrorCode} from \"./errors\";\n\nexport type SignInStatus =\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\nexport type SignInFormValues = {\n email: string;\n password: string;\n phoneNumber?: string;\n};\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse = \n | SignInSuccessResponse \n | SignInErrorResponse \n | SignInPendingResponse;\n\n\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n/**\n * social provider options that allow to specify custom parameters\n */\nexport interface SocialProviderOptions {\n /** Authentication mode - popup or redirect */\n mode?: 'popup' | 'redirect';\n /** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */\n customParameters?: Record<string, string>;\n /** OAuth scopes to request from the provider */\n scopes?: string[];\n}\n\n\nexport interface SignInResource {\n /**\n * The current status of the sign-in process.\n */\n status?: SignInStatus;\n /**\n * Signs in a user with their email and password.\n * @param params - The sign-in form values.\n * @returns A promise that resolves with the sign-in response.\n */\n withEmailAndPassword: (params: SignInFormValues) => Promise<SignInResponse>;\n /**\n * @param provider - The identifier of the social provider (e.g., 'google', 'microsoft', 'github').\n * @param options - Optional configuration for the social sign-in flow.\n * @returns A promise that resolves with the sign-in response or void if redirecting.\n */\n withSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse | void>;\n /**\n * Completes an MFA (Multi-Factor Authentication) step after a primary authentication attempt.\n * @param mfaToken - The MFA token or code submitted by the user.\n * @param mfaContext - Optional context or session data from the MFA initiation step.\n * @returns A promise that resolves with the sign-in response upon successful MFA verification.\n */\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n /**\n * Sends a password reset email to the given email address.\n * @param email - The user's email address.\n * @returns A promise that resolves when the email is sent.\n */\n sendPasswordResetEmail: (email: string) => Promise<void>;\n /**\n * Resends the email verification link to the user's email address.\n * @returns A promise that resolves with the sign-in response.\n */\n resendEmailVerification: () => Promise<ResendEmailVerification>;\n /**\n * Checks the result of a redirect-based sign-in flow, typically used in OAuth or SSO scenarios.\n * @returns A promise that resolves with the sign-in response or null if no result is available.\n */\n checkRedirectResult: () => Promise<SignInResponse| null>;\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,oBAAoB;AAAA,EACpB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACIO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACQO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|