@tern-secure/types 1.1.0-canary.v20251125170702 → 1.1.0-canary.v20251127221555
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/index.js.map +1 -1
- package/dist/index.d.mts +8 -0
- package/dist/index.d.ts +8 -0
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/errors.ts","../../src/auth.ts","../../src/signIn.ts"],"sourcesContent":["\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n INCORRECT_ARGUMENT: \"auth/argument-error\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { AppCheckConfig, InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInFallbackRedirectUrl,\n SignInForceRedirectUrl,\n SignUpFallbackRedirectUrl,\n SignUpForceRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInResource } from './signIn';\nimport type { SignInTheme, SignUpTheme } from './theme';\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureInitialState = {\n user?: TernSecureUser | null;\n sessionClaims?: DecodedIdToken | null;\n userId?: string | null;\n token?: string | null;\n};\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n};\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n};\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\nexport type CustomNavigation = (to: string, options?: NavigateOptions) => Promise<unknown> | void;\n\n/**\n * Navigation options used to replace or push history changes.\n * Both `routerPush` & `routerReplace` OR none options should be passed.\n */\ntype TernSecureOptionsNavigation =\n | {\n /**\n * A function which takes the destination path as an argument and performs a \"push\" navigation.\n */\n routerPush?: never;\n /**\n * A function which takes the destination path as an argument and performs a \"replace\" navigation.\n */\n routerReplace?: never;\n routerDebug?: boolean;\n }\n | {\n routerPush: RouterFn;\n routerReplace: RouterFn;\n routerDebug?: boolean;\n };\n\nexport type TernSecureAuthOptions = TernSecureOptionsNavigation &\n SignInForceRedirectUrl &\n SignInFallbackRedirectUrl &\n SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl & {\n tenantId?: string;\n appName?: string;\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n signUpMode?: 'public' | 'restricted' | 'waitlist';\n passwordAuthentication?: boolean;\n mode?: Mode;\n requiresVerification?: boolean;\n /**\n * @deprecated will be removed in future releases. please use ternUIUrl\n */\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n /**\n * An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectOrigins?: Array<string | RegExp>;\n /**\n * An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectProtocols?: Array<string>;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n /**\n * ReCaptcha V3 Site Key for Firebase App Check\n */\n appCheck?: AppCheckConfig;\n };\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport interface NavigateOptions {\n replace?: boolean;\n metadata?: RouterMetadata;\n}\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n authDomain: string;\n\n /** TernSecure Frontend domain for TernSecure UI */\n frontEndDomain?: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize: (options?: TernSecureAuthOptions) => Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Mounts a sign-in component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signInProps Configuration options for the sign-in component\n */\n showSignIn: (targetNode: HTMLDivElement, config?: SignInProps) => void;\n\n /** Unmount sign-in component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignIn: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a sign-up component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signUpProps Configuration options for the sign-up component\n */\n showSignUp: (targetNode: HTMLDivElement, config?: SignUpProps) => void;\n\n /** Unmount sign-up component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignUp: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a user button component\n * @param targetNode HTMLDivElement where the component will be mounted\n */\n showUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Unmount user button component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /** Function used to navigate to certain steps and URLs */\n navigate: CustomNavigation;\n\n /**\n * @param {string} to\n */\n constructUrlWithAuthRedirect(to: string): string;\n\n constructAfterSignOutUrl(): string;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\nexport type RoutingOptions =\n | { path: string | undefined; routing?: Extract<RoutingStrategy, 'path'> }\n | { path?: never; routing?: Extract<RoutingStrategy, 'hash' | 'virtual'> };\n\nexport type WithoutRouting<T> = Omit<T, 'path' | 'routing'>;\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-in\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign in.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Full URL or path to for the sign up process.\n * Used to fill the \"Sign up\" link in the SignUp component.\n */\n signUpUrl?: string;\n\n /**\n * Preferred strategy for sign-in when using email identifier.\n * Options: 'password' | 'email_code'\n * @default 'password'\n */\n preferredEmailStrategy?: 'password' | 'email_code';\n\n /**\n * Customize UI\n */\n appearance?: SignInTheme;\n\n /** Initial form values */\n initialValues?: SignInInitialValues & SignUpInitialValues;\n\n /**\n * Whether to show the combined email and password form.\n * If true, the email and password fields will be shown together.\n * If false, the email field will be shown first, followed by the password field.\n * @default true\n */\n showCombinedForm?: boolean;\n} & SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-up\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign up.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Customize UI\n */\n appearance?: SignUpTheme;\n /**\n * Whether to show the sign up form.\n * @default true\n */\n shouldShowForm?: boolean;\n /** Initial form values */\n initialValues?: SignUpInitialValues ;\n} & SignInFallbackRedirectUrl &\n SignInForceRedirectUrl &\n AfterSignOutUrl;\n\n\n\nexport type UserButtonProps = {\n /**\n * Controls if the username is displayed next to the trigger button\n */\n showName?: boolean;\n /**\n * Controls the default state of the UserButton\n */\n defaultOpen?: boolean;\n\n /**\n * Full URL or path to navigate to on \"Add another account\" action.\n * Multi-session mode only.\n */\n signInUrl?: string;\n};\n\nexport type SignInModalProps = WithoutRouting<SignInProps>;\nexport type SignUpModalProps = WithoutRouting<SignUpProps>;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\nexport type RoutingStrategy = 'path' | 'hash' | 'virtual';\n\n\nexport type __internal_ComponentNavigationContext = {\n /**\n * The `navigate` reference within the component router context\n */\n navigate: (\n to: string,\n options?: {\n searchParams?: URLSearchParams;\n },\n ) => Promise<unknown>;\n /**\n * This path represents the root route for a specific component type and is used\n * for internal routing and navigation.\n *\n * @example\n * indexPath: '/sign-in' // When <SignIn path='/sign-in' />\n * indexPath: '/sign-up' // When <SignUp path='/sign-up' />\n */\n indexPath: string;\n};\n\n/**\n * Internal is a navigation type that affects the component\n *\n */\ntype NavigationType =\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes after the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to /sign-in/factor-one is an internal navigation\n */\n | 'internal'\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes before the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to / is an external navigation\n */\n | 'external'\n /**\n * Window navigations are navigations towards a different origin\n * and are not handled by the TernSecure component or the host app router.\n */\n | 'window';\n\ntype RouterMetadata = { routing?: RoutingStrategy; navigationType?: NavigationType };\n\n/**\n * @inline\n */\ntype RouterFn = (\n /**\n * The destination path\n */\n to: string,\n /**\n * Optional metadata\n */\n metadata?: {\n /**\n * @internal\n */\n __internal_metadata?: RouterMetadata;\n /**\n * Provide a function to be used for navigation.\n */\n windowNavigate: (to: URL | string) => void;\n },\n) => Promise<unknown> | unknown;\n\n\n\nexport type SignInInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n username?: string;\n};\n\nexport type SignUpInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n firstName?: string;\n lastName?: string;\n displayName?: string;\n username?: string;\n};","import type { TernSecureUser, UserCredential } from \"./all\";\nimport type { ErrorCode } from \"./errors\";\nimport type {\n BackupCodeFactor,\n EmailCodeAttempt,\n EmailCodeFactor,\n PasswordAttempt,\n PasswordFactor,\n PhoneCodeAttempt,\n PhoneCodeFactor,\n ResetPasswordEmailCodeAttempt,\n ResetPasswordPhoneCodeAttempt,\n TOTPFactor,\n} from './factors'\nimport type { TernSecureResourceJSON } from './json'\nimport type {\n EmailCodeStrategy,\n PasswordStrategy,\n PhoneCodeStrategy,\n ResetPasswordEmailCodeStrategy,\n ResetPasswordPhoneCodeStrategy\n} from \"./strategies\";\n\nexport type SignInStatus =\n | 'needs_identifier'\n | 'needs_first_factor'\n | 'needs_second_factor'\n | 'needs_new_password'\n | 'needs_email_verification'\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\n/**\n * @deprecated Use `SignInFormValues` instead.\n * Initial values for the sign-in form.\n */\ntype SignInInitialValues = Partial<SignInFormValues>;\ntype SignInFormValues = {\n email?: string;\n password?: string;\n phoneNumber?: string;\n};\n\n/**\n * @deprecated\n */\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport type SignInPasswordParams = {\n email: string;\n password: string;\n}\n\nexport type SignInPhoneParams = {\n phoneNumber: string;\n appVerifier?: any;\n}\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse =\n | SignInSuccessResponse\n | SignInErrorResponse\n | SignInPendingResponse;\n\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n/**\n * social provider options that allow to specify custom parameters\n */\nexport interface SocialProviderOptions {\n /** Authentication mode - popup or redirect */\n mode?: 'popup' | 'redirect';\n /** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */\n customParameters?: Record<string, string>;\n /** OAuth scopes to request from the provider */\n scopes?: string[];\n}\n\nexport interface SignInVerificationResponse {\n status: SignInStatus;\n message?: string;\n error?: any;\n}\n\nexport interface SignInResource {\n\n status: SignInStatus | null;\n supportedFirstFactors: SignInFirstFactor[] | null;\n identifier: string | null;\n user?: TernSecureUser | null;\n /**\n * Create combine email and phone sign in method\n */\n create: (params: SignInCreateParams) => Promise<SignInResource>;\n\n authenticateWithPassword: (params: SignInPasswordParams) => Promise<SignInResponse>;\n\n createRecaptchaVerifier: (containerOrId: string | HTMLElement, parameters?: any) => any;\n\n authenticateWithPhoneNumber: (params: SignInPhoneParams) => Promise<SignInResponse>;\n\n authenticateWithSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse>;\n\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n\n sendPasswordResetEmail: (email: string) => Promise<{ response: { email: string } } | null>;\n\n attemptEmailVerification: (options?: {\n url?: string;\n handleCodeInApp?: boolean;\n }) => Promise<SignInVerificationResponse>;\n\n attemptFirstFactor: (params: AttemptFirstFactorParams) => Promise<SignInResource>;\n\n checkRedirectResult: () => Promise<SignInResponse | null>;\n}\n\n\nexport type SignInFirstFactor =\n | EmailCodeFactor\n | PasswordFactor;\n\nexport type SignInSecondFactor = PhoneCodeFactor | TOTPFactor | BackupCodeFactor;\n\nexport type SignInFactor = SignInFirstFactor | SignInSecondFactor;\n\n\nexport type SignInCreateParams = (\n | {\n strategy: PasswordStrategy;\n password?: string;\n identifier: string;\n } | {\n strategy:\n | PhoneCodeStrategy\n | EmailCodeStrategy\n | ResetPasswordEmailCodeStrategy\n | ResetPasswordPhoneCodeStrategy;\n identifier: string;\n }\n)\n\n\nexport type AttemptFirstFactorParams =\n | EmailCodeAttempt\n | PhoneCodeAttempt\n | PasswordAttempt\n | ResetPasswordPhoneCodeAttempt\n | ResetPasswordEmailCodeAttempt;\n\n\nexport interface SignInJson extends TernSecureResourceJSON {\n object: 'sign_in';\n id: string;\n status: SignInStatus;\n supportedFirstFactors: SignInFirstFactor[];\n firstFactorVerification?: SignInFirstFactor;\n secondFactorVerification?: SignInSecondFactor;\n identifier: string | null;\n}"],"mappings":";AAMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,oBAAoB;AAAA,EACpB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACsBO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACmCO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../src/errors.ts","../../src/auth.ts","../../src/signIn.ts"],"sourcesContent":["\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n INCORRECT_ARGUMENT: \"auth/argument-error\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { AppCheckConfig, InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInFallbackRedirectUrl,\n SignInForceRedirectUrl,\n SignUpFallbackRedirectUrl,\n SignUpForceRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInResource } from './signIn';\nimport type { SignInTheme, SignUpTheme } from './theme';\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureInitialState = {\n user?: TernSecureUser | null;\n sessionClaims?: DecodedIdToken | null;\n userId?: string | null;\n token?: string | null;\n};\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n};\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n};\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\nexport type CustomNavigation = (to: string, options?: NavigateOptions) => Promise<unknown> | void;\n\n/**\n * Navigation options used to replace or push history changes.\n * Both `routerPush` & `routerReplace` OR none options should be passed.\n */\ntype TernSecureOptionsNavigation =\n | {\n /**\n * A function which takes the destination path as an argument and performs a \"push\" navigation.\n */\n routerPush?: never;\n /**\n * A function which takes the destination path as an argument and performs a \"replace\" navigation.\n */\n routerReplace?: never;\n routerDebug?: boolean;\n }\n | {\n routerPush: RouterFn;\n routerReplace: RouterFn;\n routerDebug?: boolean;\n };\n\nexport type TernSecureAuthOptions = TernSecureOptionsNavigation &\n SignInForceRedirectUrl &\n SignInFallbackRedirectUrl &\n SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl & {\n tenantId?: string;\n appName?: string;\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n signUpMode?: 'public' | 'restricted' | 'waitlist';\n passwordAuthentication?: boolean;\n mode?: Mode;\n requiresVerification?: boolean;\n /**\n * @deprecated will be removed in future releases. please use ternUIUrl\n */\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n /**\n * An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectOrigins?: Array<string | RegExp>;\n /**\n * An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectProtocols?: Array<string>;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n /**\n * ReCaptcha V3 Site Key for Firebase App Check\n */\n appCheck?: AppCheckConfig;\n };\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport interface NavigateOptions {\n replace?: boolean;\n metadata?: RouterMetadata;\n}\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** The Firebase App instance */\n firebaseApp?: any;\n\n /** The Firebase App Check instance */\n appCheck?: any;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n authDomain: string;\n\n /** TernSecure Frontend domain for TernSecure UI */\n frontEndDomain?: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize: (options?: TernSecureAuthOptions) => Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Mounts a sign-in component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signInProps Configuration options for the sign-in component\n */\n showSignIn: (targetNode: HTMLDivElement, config?: SignInProps) => void;\n\n /** Unmount sign-in component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignIn: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a sign-up component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signUpProps Configuration options for the sign-up component\n */\n showSignUp: (targetNode: HTMLDivElement, config?: SignUpProps) => void;\n\n /** Unmount sign-up component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignUp: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a user button component\n * @param targetNode HTMLDivElement where the component will be mounted\n */\n showUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Unmount user button component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /** Function used to navigate to certain steps and URLs */\n navigate: CustomNavigation;\n\n /**\n * @param {string} to\n */\n constructUrlWithAuthRedirect(to: string): string;\n\n constructAfterSignOutUrl(): string;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\nexport type RoutingOptions =\n | { path: string | undefined; routing?: Extract<RoutingStrategy, 'path'> }\n | { path?: never; routing?: Extract<RoutingStrategy, 'hash' | 'virtual'> };\n\nexport type WithoutRouting<T> = Omit<T, 'path' | 'routing'>;\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-in\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign in.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Full URL or path to for the sign up process.\n * Used to fill the \"Sign up\" link in the SignUp component.\n */\n signUpUrl?: string;\n\n /**\n * Preferred strategy for sign-in when using email identifier.\n * Options: 'password' | 'email_code'\n * @default 'password'\n */\n preferredEmailStrategy?: 'password' | 'email_code';\n\n /**\n * Customize UI\n */\n appearance?: SignInTheme;\n\n /** Initial form values */\n initialValues?: SignInInitialValues & SignUpInitialValues;\n\n /**\n * Whether to show the combined email and password form.\n * If true, the email and password fields will be shown together.\n * If false, the email field will be shown first, followed by the password field.\n * @default true\n */\n showCombinedForm?: boolean;\n} & SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-up\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign up.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Customize UI\n */\n appearance?: SignUpTheme;\n /**\n * Whether to show the sign up form.\n * @default true\n */\n shouldShowForm?: boolean;\n /** Initial form values */\n initialValues?: SignUpInitialValues ;\n} & SignInFallbackRedirectUrl &\n SignInForceRedirectUrl &\n AfterSignOutUrl;\n\n\n\nexport type UserButtonProps = {\n /**\n * Controls if the username is displayed next to the trigger button\n */\n showName?: boolean;\n /**\n * Controls the default state of the UserButton\n */\n defaultOpen?: boolean;\n\n /**\n * Full URL or path to navigate to on \"Add another account\" action.\n * Multi-session mode only.\n */\n signInUrl?: string;\n};\n\nexport type SignInModalProps = WithoutRouting<SignInProps>;\nexport type SignUpModalProps = WithoutRouting<SignUpProps>;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\nexport type RoutingStrategy = 'path' | 'hash' | 'virtual';\n\n\nexport type __internal_ComponentNavigationContext = {\n /**\n * The `navigate` reference within the component router context\n */\n navigate: (\n to: string,\n options?: {\n searchParams?: URLSearchParams;\n },\n ) => Promise<unknown>;\n /**\n * This path represents the root route for a specific component type and is used\n * for internal routing and navigation.\n *\n * @example\n * indexPath: '/sign-in' // When <SignIn path='/sign-in' />\n * indexPath: '/sign-up' // When <SignUp path='/sign-up' />\n */\n indexPath: string;\n};\n\n/**\n * Internal is a navigation type that affects the component\n *\n */\ntype NavigationType =\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes after the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to /sign-in/factor-one is an internal navigation\n */\n | 'internal'\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes before the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to / is an external navigation\n */\n | 'external'\n /**\n * Window navigations are navigations towards a different origin\n * and are not handled by the TernSecure component or the host app router.\n */\n | 'window';\n\ntype RouterMetadata = { routing?: RoutingStrategy; navigationType?: NavigationType };\n\n/**\n * @inline\n */\ntype RouterFn = (\n /**\n * The destination path\n */\n to: string,\n /**\n * Optional metadata\n */\n metadata?: {\n /**\n * @internal\n */\n __internal_metadata?: RouterMetadata;\n /**\n * Provide a function to be used for navigation.\n */\n windowNavigate: (to: URL | string) => void;\n },\n) => Promise<unknown> | unknown;\n\n\n\nexport type SignInInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n username?: string;\n};\n\nexport type SignUpInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n firstName?: string;\n lastName?: string;\n displayName?: string;\n username?: string;\n};","import type { TernSecureUser, UserCredential } from \"./all\";\nimport type { ErrorCode } from \"./errors\";\nimport type {\n BackupCodeFactor,\n EmailCodeAttempt,\n EmailCodeFactor,\n PasswordAttempt,\n PasswordFactor,\n PhoneCodeAttempt,\n PhoneCodeFactor,\n ResetPasswordEmailCodeAttempt,\n ResetPasswordPhoneCodeAttempt,\n TOTPFactor,\n} from './factors'\nimport type { TernSecureResourceJSON } from './json'\nimport type {\n EmailCodeStrategy,\n PasswordStrategy,\n PhoneCodeStrategy,\n ResetPasswordEmailCodeStrategy,\n ResetPasswordPhoneCodeStrategy\n} from \"./strategies\";\n\nexport type SignInStatus =\n | 'needs_identifier'\n | 'needs_first_factor'\n | 'needs_second_factor'\n | 'needs_new_password'\n | 'needs_email_verification'\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\n/**\n * @deprecated Use `SignInFormValues` instead.\n * Initial values for the sign-in form.\n */\ntype SignInInitialValues = Partial<SignInFormValues>;\ntype SignInFormValues = {\n email?: string;\n password?: string;\n phoneNumber?: string;\n};\n\n/**\n * @deprecated\n */\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport type SignInPasswordParams = {\n email: string;\n password: string;\n}\n\nexport type SignInPhoneParams = {\n phoneNumber: string;\n appVerifier?: any;\n}\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse =\n | SignInSuccessResponse\n | SignInErrorResponse\n | SignInPendingResponse;\n\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n/**\n * social provider options that allow to specify custom parameters\n */\nexport interface SocialProviderOptions {\n /** Authentication mode - popup or redirect */\n mode?: 'popup' | 'redirect';\n /** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */\n customParameters?: Record<string, string>;\n /** OAuth scopes to request from the provider */\n scopes?: string[];\n}\n\nexport interface SignInVerificationResponse {\n status: SignInStatus;\n message?: string;\n error?: any;\n}\n\nexport interface SignInResource {\n\n status: SignInStatus | null;\n supportedFirstFactors: SignInFirstFactor[] | null;\n identifier: string | null;\n user?: TernSecureUser | null;\n /**\n * Create combine email and phone sign in method\n */\n create: (params: SignInCreateParams) => Promise<SignInResource>;\n\n authenticateWithPassword: (params: SignInPasswordParams) => Promise<SignInResponse>;\n\n createRecaptchaVerifier: (containerOrId: string | HTMLElement, parameters?: any) => any;\n\n authenticateWithPhoneNumber: (params: SignInPhoneParams) => Promise<SignInResponse>;\n\n authenticateWithSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse>;\n\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n\n sendPasswordResetEmail: (email: string) => Promise<{ response: { email: string } } | null>;\n\n attemptEmailVerification: (options?: {\n url?: string;\n handleCodeInApp?: boolean;\n }) => Promise<SignInVerificationResponse>;\n\n attemptFirstFactor: (params: AttemptFirstFactorParams) => Promise<SignInResource>;\n \n attemptPhoneNumberVerification: (params: { code: string }) => Promise<SignInResponse>;\n\n checkRedirectResult: () => Promise<SignInResponse | null>;\n}\n\n\nexport type SignInFirstFactor =\n | EmailCodeFactor\n | PasswordFactor;\n\nexport type SignInSecondFactor = PhoneCodeFactor | TOTPFactor | BackupCodeFactor;\n\nexport type SignInFactor = SignInFirstFactor | SignInSecondFactor;\n\n\nexport type SignInCreateParams = (\n | {\n strategy: PasswordStrategy;\n password?: string;\n identifier: string;\n } | {\n strategy:\n | PhoneCodeStrategy\n | EmailCodeStrategy\n | ResetPasswordEmailCodeStrategy\n | ResetPasswordPhoneCodeStrategy;\n identifier: string;\n }\n)\n\n\nexport type AttemptFirstFactorParams =\n | EmailCodeAttempt\n | PhoneCodeAttempt\n | PasswordAttempt\n | ResetPasswordPhoneCodeAttempt\n | ResetPasswordEmailCodeAttempt;\n\n\nexport interface SignInJson extends TernSecureResourceJSON {\n object: 'sign_in';\n id: string;\n status: SignInStatus;\n supportedFirstFactors: SignInFirstFactor[];\n firstFactorVerification?: SignInFirstFactor;\n secondFactorVerification?: SignInSecondFactor;\n identifier: string | null;\n}"],"mappings":";AAMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,oBAAoB;AAAA,EACpB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACsBO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACmCO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|
package/dist/index.d.mts
CHANGED
|
@@ -179,6 +179,7 @@ interface AppCheckConfig {
|
|
|
179
179
|
provider: 'reCaptchaV3' | 'reCaptchaEnterprise';
|
|
180
180
|
siteKey: string;
|
|
181
181
|
isTokenAutoRefreshEnabled?: boolean;
|
|
182
|
+
debugToken?: string | boolean;
|
|
182
183
|
}
|
|
183
184
|
|
|
184
185
|
interface TernSecureAPIError {
|
|
@@ -774,6 +775,9 @@ interface SignInResource {
|
|
|
774
775
|
handleCodeInApp?: boolean;
|
|
775
776
|
}) => Promise<SignInVerificationResponse>;
|
|
776
777
|
attemptFirstFactor: (params: AttemptFirstFactorParams) => Promise<SignInResource>;
|
|
778
|
+
attemptPhoneNumberVerification: (params: {
|
|
779
|
+
code: string;
|
|
780
|
+
}) => Promise<SignInResponse>;
|
|
777
781
|
checkRedirectResult: () => Promise<SignInResponse | null>;
|
|
778
782
|
}
|
|
779
783
|
type SignInFirstFactor = EmailCodeFactor | PasswordFactor;
|
|
@@ -1162,6 +1166,10 @@ interface TernSecureAuth {
|
|
|
1162
1166
|
isLoading: boolean;
|
|
1163
1167
|
/** The current status of the TernSecureAuth instance */
|
|
1164
1168
|
status: TernSecureAuthStatus;
|
|
1169
|
+
/** The Firebase App instance */
|
|
1170
|
+
firebaseApp?: any;
|
|
1171
|
+
/** The Firebase App Check instance */
|
|
1172
|
+
appCheck?: any;
|
|
1165
1173
|
/** TernSecure API URL */
|
|
1166
1174
|
apiUrl: string;
|
|
1167
1175
|
/** TernSecure domain for API string */
|
package/dist/index.d.ts
CHANGED
|
@@ -179,6 +179,7 @@ interface AppCheckConfig {
|
|
|
179
179
|
provider: 'reCaptchaV3' | 'reCaptchaEnterprise';
|
|
180
180
|
siteKey: string;
|
|
181
181
|
isTokenAutoRefreshEnabled?: boolean;
|
|
182
|
+
debugToken?: string | boolean;
|
|
182
183
|
}
|
|
183
184
|
|
|
184
185
|
interface TernSecureAPIError {
|
|
@@ -774,6 +775,9 @@ interface SignInResource {
|
|
|
774
775
|
handleCodeInApp?: boolean;
|
|
775
776
|
}) => Promise<SignInVerificationResponse>;
|
|
776
777
|
attemptFirstFactor: (params: AttemptFirstFactorParams) => Promise<SignInResource>;
|
|
778
|
+
attemptPhoneNumberVerification: (params: {
|
|
779
|
+
code: string;
|
|
780
|
+
}) => Promise<SignInResponse>;
|
|
777
781
|
checkRedirectResult: () => Promise<SignInResponse | null>;
|
|
778
782
|
}
|
|
779
783
|
type SignInFirstFactor = EmailCodeFactor | PasswordFactor;
|
|
@@ -1162,6 +1166,10 @@ interface TernSecureAuth {
|
|
|
1162
1166
|
isLoading: boolean;
|
|
1163
1167
|
/** The current status of the TernSecureAuth instance */
|
|
1164
1168
|
status: TernSecureAuthStatus;
|
|
1169
|
+
/** The Firebase App instance */
|
|
1170
|
+
firebaseApp?: any;
|
|
1171
|
+
/** The Firebase App Check instance */
|
|
1172
|
+
appCheck?: any;
|
|
1165
1173
|
/** TernSecure API URL */
|
|
1166
1174
|
apiUrl: string;
|
|
1167
1175
|
/** TernSecure domain for API string */
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/auth.ts","../src/signIn.ts"],"sourcesContent":["export * from './all'\nexport * from './api'\nexport * from './cookie'\nexport * from './errors'\nexport * from './handler'\nexport * from './instanceTree'\nexport * from './theme'\nexport * from './json'\nexport * from './jwt'\nexport * from './auth'\nexport * from './signIn'\nexport * from './signUp'\nexport * from './session'\nexport * from './redirect'\nexport * from './hooks'\nexport * from './multiDomain'\nexport * from './utils'\nexport * from './userSettings'\nexport * from './factors'","\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n INCORRECT_ARGUMENT: \"auth/argument-error\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { AppCheckConfig, InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInFallbackRedirectUrl,\n SignInForceRedirectUrl,\n SignUpFallbackRedirectUrl,\n SignUpForceRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInResource } from './signIn';\nimport type { SignInTheme, SignUpTheme } from './theme';\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureInitialState = {\n user?: TernSecureUser | null;\n sessionClaims?: DecodedIdToken | null;\n userId?: string | null;\n token?: string | null;\n};\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n};\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n};\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\nexport type CustomNavigation = (to: string, options?: NavigateOptions) => Promise<unknown> | void;\n\n/**\n * Navigation options used to replace or push history changes.\n * Both `routerPush` & `routerReplace` OR none options should be passed.\n */\ntype TernSecureOptionsNavigation =\n | {\n /**\n * A function which takes the destination path as an argument and performs a \"push\" navigation.\n */\n routerPush?: never;\n /**\n * A function which takes the destination path as an argument and performs a \"replace\" navigation.\n */\n routerReplace?: never;\n routerDebug?: boolean;\n }\n | {\n routerPush: RouterFn;\n routerReplace: RouterFn;\n routerDebug?: boolean;\n };\n\nexport type TernSecureAuthOptions = TernSecureOptionsNavigation &\n SignInForceRedirectUrl &\n SignInFallbackRedirectUrl &\n SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl & {\n tenantId?: string;\n appName?: string;\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n signUpMode?: 'public' | 'restricted' | 'waitlist';\n passwordAuthentication?: boolean;\n mode?: Mode;\n requiresVerification?: boolean;\n /**\n * @deprecated will be removed in future releases. please use ternUIUrl\n */\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n /**\n * An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectOrigins?: Array<string | RegExp>;\n /**\n * An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectProtocols?: Array<string>;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n /**\n * ReCaptcha V3 Site Key for Firebase App Check\n */\n appCheck?: AppCheckConfig;\n };\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport interface NavigateOptions {\n replace?: boolean;\n metadata?: RouterMetadata;\n}\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n authDomain: string;\n\n /** TernSecure Frontend domain for TernSecure UI */\n frontEndDomain?: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize: (options?: TernSecureAuthOptions) => Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Mounts a sign-in component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signInProps Configuration options for the sign-in component\n */\n showSignIn: (targetNode: HTMLDivElement, config?: SignInProps) => void;\n\n /** Unmount sign-in component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignIn: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a sign-up component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signUpProps Configuration options for the sign-up component\n */\n showSignUp: (targetNode: HTMLDivElement, config?: SignUpProps) => void;\n\n /** Unmount sign-up component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignUp: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a user button component\n * @param targetNode HTMLDivElement where the component will be mounted\n */\n showUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Unmount user button component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /** Function used to navigate to certain steps and URLs */\n navigate: CustomNavigation;\n\n /**\n * @param {string} to\n */\n constructUrlWithAuthRedirect(to: string): string;\n\n constructAfterSignOutUrl(): string;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\nexport type RoutingOptions =\n | { path: string | undefined; routing?: Extract<RoutingStrategy, 'path'> }\n | { path?: never; routing?: Extract<RoutingStrategy, 'hash' | 'virtual'> };\n\nexport type WithoutRouting<T> = Omit<T, 'path' | 'routing'>;\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-in\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign in.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Full URL or path to for the sign up process.\n * Used to fill the \"Sign up\" link in the SignUp component.\n */\n signUpUrl?: string;\n\n /**\n * Preferred strategy for sign-in when using email identifier.\n * Options: 'password' | 'email_code'\n * @default 'password'\n */\n preferredEmailStrategy?: 'password' | 'email_code';\n\n /**\n * Customize UI\n */\n appearance?: SignInTheme;\n\n /** Initial form values */\n initialValues?: SignInInitialValues & SignUpInitialValues;\n\n /**\n * Whether to show the combined email and password form.\n * If true, the email and password fields will be shown together.\n * If false, the email field will be shown first, followed by the password field.\n * @default true\n */\n showCombinedForm?: boolean;\n} & SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-up\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign up.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Customize UI\n */\n appearance?: SignUpTheme;\n /**\n * Whether to show the sign up form.\n * @default true\n */\n shouldShowForm?: boolean;\n /** Initial form values */\n initialValues?: SignUpInitialValues ;\n} & SignInFallbackRedirectUrl &\n SignInForceRedirectUrl &\n AfterSignOutUrl;\n\n\n\nexport type UserButtonProps = {\n /**\n * Controls if the username is displayed next to the trigger button\n */\n showName?: boolean;\n /**\n * Controls the default state of the UserButton\n */\n defaultOpen?: boolean;\n\n /**\n * Full URL or path to navigate to on \"Add another account\" action.\n * Multi-session mode only.\n */\n signInUrl?: string;\n};\n\nexport type SignInModalProps = WithoutRouting<SignInProps>;\nexport type SignUpModalProps = WithoutRouting<SignUpProps>;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\nexport type RoutingStrategy = 'path' | 'hash' | 'virtual';\n\n\nexport type __internal_ComponentNavigationContext = {\n /**\n * The `navigate` reference within the component router context\n */\n navigate: (\n to: string,\n options?: {\n searchParams?: URLSearchParams;\n },\n ) => Promise<unknown>;\n /**\n * This path represents the root route for a specific component type and is used\n * for internal routing and navigation.\n *\n * @example\n * indexPath: '/sign-in' // When <SignIn path='/sign-in' />\n * indexPath: '/sign-up' // When <SignUp path='/sign-up' />\n */\n indexPath: string;\n};\n\n/**\n * Internal is a navigation type that affects the component\n *\n */\ntype NavigationType =\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes after the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to /sign-in/factor-one is an internal navigation\n */\n | 'internal'\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes before the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to / is an external navigation\n */\n | 'external'\n /**\n * Window navigations are navigations towards a different origin\n * and are not handled by the TernSecure component or the host app router.\n */\n | 'window';\n\ntype RouterMetadata = { routing?: RoutingStrategy; navigationType?: NavigationType };\n\n/**\n * @inline\n */\ntype RouterFn = (\n /**\n * The destination path\n */\n to: string,\n /**\n * Optional metadata\n */\n metadata?: {\n /**\n * @internal\n */\n __internal_metadata?: RouterMetadata;\n /**\n * Provide a function to be used for navigation.\n */\n windowNavigate: (to: URL | string) => void;\n },\n) => Promise<unknown> | unknown;\n\n\n\nexport type SignInInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n username?: string;\n};\n\nexport type SignUpInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n firstName?: string;\n lastName?: string;\n displayName?: string;\n username?: string;\n};","import type { TernSecureUser, UserCredential } from \"./all\";\nimport type { ErrorCode } from \"./errors\";\nimport type {\n BackupCodeFactor,\n EmailCodeAttempt,\n EmailCodeFactor,\n PasswordAttempt,\n PasswordFactor,\n PhoneCodeAttempt,\n PhoneCodeFactor,\n ResetPasswordEmailCodeAttempt,\n ResetPasswordPhoneCodeAttempt,\n TOTPFactor,\n} from './factors'\nimport type { TernSecureResourceJSON } from './json'\nimport type {\n EmailCodeStrategy,\n PasswordStrategy,\n PhoneCodeStrategy,\n ResetPasswordEmailCodeStrategy,\n ResetPasswordPhoneCodeStrategy\n} from \"./strategies\";\n\nexport type SignInStatus =\n | 'needs_identifier'\n | 'needs_first_factor'\n | 'needs_second_factor'\n | 'needs_new_password'\n | 'needs_email_verification'\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\n/**\n * @deprecated Use `SignInFormValues` instead.\n * Initial values for the sign-in form.\n */\ntype SignInInitialValues = Partial<SignInFormValues>;\ntype SignInFormValues = {\n email?: string;\n password?: string;\n phoneNumber?: string;\n};\n\n/**\n * @deprecated\n */\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport type SignInPasswordParams = {\n email: string;\n password: string;\n}\n\nexport type SignInPhoneParams = {\n phoneNumber: string;\n appVerifier?: any;\n}\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse =\n | SignInSuccessResponse\n | SignInErrorResponse\n | SignInPendingResponse;\n\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n/**\n * social provider options that allow to specify custom parameters\n */\nexport interface SocialProviderOptions {\n /** Authentication mode - popup or redirect */\n mode?: 'popup' | 'redirect';\n /** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */\n customParameters?: Record<string, string>;\n /** OAuth scopes to request from the provider */\n scopes?: string[];\n}\n\nexport interface SignInVerificationResponse {\n status: SignInStatus;\n message?: string;\n error?: any;\n}\n\nexport interface SignInResource {\n\n status: SignInStatus | null;\n supportedFirstFactors: SignInFirstFactor[] | null;\n identifier: string | null;\n user?: TernSecureUser | null;\n /**\n * Create combine email and phone sign in method\n */\n create: (params: SignInCreateParams) => Promise<SignInResource>;\n\n authenticateWithPassword: (params: SignInPasswordParams) => Promise<SignInResponse>;\n\n createRecaptchaVerifier: (containerOrId: string | HTMLElement, parameters?: any) => any;\n\n authenticateWithPhoneNumber: (params: SignInPhoneParams) => Promise<SignInResponse>;\n\n authenticateWithSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse>;\n\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n\n sendPasswordResetEmail: (email: string) => Promise<{ response: { email: string } } | null>;\n\n attemptEmailVerification: (options?: {\n url?: string;\n handleCodeInApp?: boolean;\n }) => Promise<SignInVerificationResponse>;\n\n attemptFirstFactor: (params: AttemptFirstFactorParams) => Promise<SignInResource>;\n\n checkRedirectResult: () => Promise<SignInResponse | null>;\n}\n\n\nexport type SignInFirstFactor =\n | EmailCodeFactor\n | PasswordFactor;\n\nexport type SignInSecondFactor = PhoneCodeFactor | TOTPFactor | BackupCodeFactor;\n\nexport type SignInFactor = SignInFirstFactor | SignInSecondFactor;\n\n\nexport type SignInCreateParams = (\n | {\n strategy: PasswordStrategy;\n password?: string;\n identifier: string;\n } | {\n strategy:\n | PhoneCodeStrategy\n | EmailCodeStrategy\n | ResetPasswordEmailCodeStrategy\n | ResetPasswordPhoneCodeStrategy;\n identifier: string;\n }\n)\n\n\nexport type AttemptFirstFactorParams =\n | EmailCodeAttempt\n | PhoneCodeAttempt\n | PasswordAttempt\n | ResetPasswordPhoneCodeAttempt\n | ResetPasswordEmailCodeAttempt;\n\n\nexport interface SignInJson extends TernSecureResourceJSON {\n object: 'sign_in';\n id: string;\n status: SignInStatus;\n supportedFirstFactors: SignInFirstFactor[];\n firstFactorVerification?: SignInFirstFactor;\n secondFactorVerification?: SignInSecondFactor;\n identifier: string | null;\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,oBAAoB;AAAA,EACpB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACsBO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACmCO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/auth.ts","../src/signIn.ts"],"sourcesContent":["export * from './all'\nexport * from './api'\nexport * from './cookie'\nexport * from './errors'\nexport * from './handler'\nexport * from './instanceTree'\nexport * from './theme'\nexport * from './json'\nexport * from './jwt'\nexport * from './auth'\nexport * from './signIn'\nexport * from './signUp'\nexport * from './session'\nexport * from './redirect'\nexport * from './hooks'\nexport * from './multiDomain'\nexport * from './utils'\nexport * from './userSettings'\nexport * from './factors'","\r\nexport type AuthErrorCode = keyof typeof ERRORS\r\n\r\nexport type ErrorCode = keyof typeof ERRORS\r\n\r\n\r\nexport const ERRORS = {\r\n SERVER_SIDE_INITIALIZATION: \"TernSecure must be initialized on the client side\",\r\n REQUIRES_VERIFICATION: \"AUTH_REQUIRES_VERIFICATION\",\r\n AUTHENTICATED: \"AUTHENTICATED\",\r\n UNAUTHENTICATED: \"UNAUTHENTICATED\",\r\n UNVERIFIED: \"UNVERIFIED\",\r\n NOT_INITIALIZED: \"TernSecure services are not initialized. Call initializeTernSecure() first\",\r\n HOOK_CONTEXT: \"Hook must be used within TernSecureProvider\",\r\n EMAIL_NOT_VERIFIED: \"EMAIL_NOT_VERIFIED\",\r\n INVALID_CREDENTIALS: \"INVALID_CREDENTIALS\",\r\n USER_DISABLED: \"USER_DISABLED\",\r\n TOO_MANY_ATTEMPTS: \"TOO_MANY_ATTEMPTS\",\r\n NETWORK_ERROR: \"NETWORK_ERROR\",\r\n INVALID_EMAIL: \"INVALID_EMAIL\",\r\n WEAK_PASSWORD: \"WEAK_PASSWORD\",\r\n EMAIL_EXISTS: \"EMAIL_EXISTS\",\r\n POPUP_BLOCKED: \"POPUP_BLOCKED\",\r\n OPERATION_NOT_ALLOWED: \"OPERATION_NOT_ALLOWED\",\r\n EXPIRED_TOKEN: \"EXPIRED_TOKEN\",\r\n INVALID_TOKEN: \"INVALID_TOKEN\",\r\n SESSION_EXPIRED: \"SESSION_EXPIRED\",\r\n INTERNAL_ERROR: \"INTERNAL_ERROR\",\r\n UNKNOWN_ERROR: \"An unknown error occurred.\",\r\n INVALID_ARGUMENT: \"Invalid argument provided.\",\r\n USER_NOT_FOUND: \"auth/user-not-found\",\r\n WRONG_PASSWORD: \"auth/wrong-password\",\r\n EMAIL_ALREADY_IN_USE: \"auth/email-already-in-use\",\r\n REQUIRES_RECENT_LOGIN: \"auth/requires-recent-login\",\r\n INCORRECT_ARGUMENT: \"auth/argument-error\",\r\n NO_SESSION_COOKIE: \"No session cookie found.\",\r\n INVALID_SESSION_COOKIE: \"Invalid session cookie.\",\r\n NO_ID_TOKEN: \"No ID token found.\",\r\n INVALID_ID_TOKEN: \"Invalid ID token.\",\r\n REDIRECT_LOOP: \"Redirect loop detected.\",\r\n} as const\r\n\r\n","import type { SignedInSession } from 'session';\nimport type { SignUpResource } from 'signUp';\n\nimport type { AppCheckConfig, InstanceType, TernSecureConfig, TernSecureUser } from './all';\nimport type { DecodedIdToken } from './jwt';\nimport type {\n AfterSignOutUrl,\n RedirectOptions,\n SignInFallbackRedirectUrl,\n SignInForceRedirectUrl,\n SignUpFallbackRedirectUrl,\n SignUpForceRedirectUrl,\n} from './redirect';\nimport type { AuthErrorResponse, SignInResource } from './signIn';\nimport type { SignInTheme, SignUpTheme } from './theme';\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface InitialState {\n userId: string | null;\n token: any | null;\n email: string | null;\n user?: TernSecureUser | null;\n}\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureState {\n userId: string | null;\n isLoaded: boolean;\n error: Error | null;\n isValid: boolean;\n isVerified: boolean;\n isAuthenticated: boolean;\n token: any | null;\n email: string | null;\n status: 'loading' | 'authenticated' | 'unauthenticated' | 'unverified';\n user?: TernSecureUser | null;\n}\n\nexport type TernSecureInitialState = {\n user?: TernSecureUser | null;\n sessionClaims?: DecodedIdToken | null;\n userId?: string | null;\n token?: string | null;\n};\n\nexport type TernSecureStateExtended = {\n sessionClaims: DecodedIdToken | null;\n userId: string | null;\n token: string | null;\n user?: TernSecureUser | null;\n};\n\nexport type AuthProviderStatus = 'idle' | 'pending' | 'error' | 'success';\n\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport const DEFAULT_TERN_SECURE_STATE: TernSecureState = {\n userId: null,\n isLoaded: false,\n error: null,\n isValid: false,\n isVerified: false,\n isAuthenticated: false,\n token: null,\n email: null,\n status: 'loading',\n user: null,\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport interface TernSecureAuthProvider {\n /** Current auth state */\n internalAuthState: TernSecureState;\n\n /** Current user*/\n ternSecureUser(): TernSecureUser | null;\n\n /** AuthCookie Manager */\n authCookieManager(): void;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Sign out the current user */\n signOut(): Promise<void>;\n}\n\nexport type Persistence = 'local' | 'session' | 'browserCookie' | 'none';\n\ntype Mode = 'browser' | 'server';\n\nexport type TernAuthSDK = {\n /** SDK package name (e.g., @tern-secure/auth) */\n name: string;\n /** SDK version (e.g., 1.2.3) */\n version: string;\n /** Build environment (development, production, test) */\n environment?: string;\n /** Build date as ISO string */\n buildDate?: string;\n /** Additional build metadata */\n buildInfo?: {\n name: string;\n version: string;\n buildDate: string;\n buildEnv: string;\n };\n};\n\nexport interface TernSecureResources {\n user?: TernSecureUser | null;\n session?: SignedInSession | null;\n}\n\nexport type CreateActiveSessionParams = {\n session?: TernSecureUser | null;\n redirectUrl?: string;\n};\n\nexport type CreateActiveSession = (params: CreateActiveSessionParams) => Promise<void>;\n\nexport type CustomNavigation = (to: string, options?: NavigateOptions) => Promise<unknown> | void;\n\n/**\n * Navigation options used to replace or push history changes.\n * Both `routerPush` & `routerReplace` OR none options should be passed.\n */\ntype TernSecureOptionsNavigation =\n | {\n /**\n * A function which takes the destination path as an argument and performs a \"push\" navigation.\n */\n routerPush?: never;\n /**\n * A function which takes the destination path as an argument and performs a \"replace\" navigation.\n */\n routerReplace?: never;\n routerDebug?: boolean;\n }\n | {\n routerPush: RouterFn;\n routerReplace: RouterFn;\n routerDebug?: boolean;\n };\n\nexport type TernSecureAuthOptions = TernSecureOptionsNavigation &\n SignInForceRedirectUrl &\n SignInFallbackRedirectUrl &\n SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl & {\n tenantId?: string;\n appName?: string;\n apiUrl?: string;\n sdkMetadata?: TernAuthSDK;\n signInUrl?: string;\n signUpUrl?: string;\n signUpMode?: 'public' | 'restricted' | 'waitlist';\n passwordAuthentication?: boolean;\n mode?: Mode;\n requiresVerification?: boolean;\n /**\n * @deprecated will be removed in future releases. please use ternUIUrl\n */\n isTernSecureDev?: boolean;\n ternSecureConfig?: TernSecureConfig;\n persistence?: Persistence;\n enableServiceWorker?: boolean;\n /**\n * An optional array of domains to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectOrigins?: Array<string | RegExp>;\n /**\n * An optional array of protocols to validate user-provided redirect URLs against. If no match is made, the redirect is considered unsafe and the default redirect will be used with a warning logged in the console.\n */\n allowedRedirectProtocols?: Array<string>;\n experimental?: {\n /** rethrow network errors that occur while the offline */\n rethrowOfflineNetworkErrors?: boolean;\n };\n /**\n * ReCaptcha V3 Site Key for Firebase App Check\n */\n appCheck?: AppCheckConfig;\n };\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEventPayload = {\n authStateChanged: TernSecureState;\n userChanged: TernSecureUser;\n sessionChanged: SignedInSession | null;\n tokenRefreshed: string | null;\n};\n\n/**\n * @deprecated will be removed in future releases.\n*/\nexport type TernAuthListenerEvent = keyof TernAuthListenerEventPayload;\n\nexport interface NavigateOptions {\n replace?: boolean;\n metadata?: RouterMetadata;\n}\n\nexport type ListenerCallback = (emission: TernSecureResources) => void;\nexport type UnsubscribeCallback = () => void;\ntype TernSecureEvent = keyof TernAuthEventPayload;\ntype EventHandler<Events extends TernSecureEvent> = (payload: TernAuthEventPayload[Events]) => void;\nexport type TernAuthEventPayload = {\n status: TernSecureAuthStatus;\n};\n\nexport type TernSecureAuthStatus = 'error' | 'loading' | 'ready';\n\ntype onEventListener = <E extends TernSecureEvent>(\n event: E,\n handler: EventHandler<E>,\n opt?: { notify?: boolean },\n) => void;\ntype OffEventListener = <E extends TernSecureEvent>(event: E, handler: EventHandler<E>) => void;\n\nexport type SignOutOptions = {\n /** URL to redirect to after sign out */\n redirectUrl?: string;\n /** Callback to perform consumer-specific cleanup (e.g., delete session cookies) */\n onBeforeSignOut?: () => Promise<void> | void;\n /** Callback executed after successful sign out */\n onAfterSignOut?: () => Promise<void> | void;\n};\n\nexport interface SignOut {\n (options?: SignOutOptions): Promise<void>;\n}\n\nexport interface TernSecureAuth {\n /** TernSecureAuth SDK version number */\n version: string | undefined;\n\n /** Metadata about the SDK instance */\n sdkMetadata: TernAuthSDK | undefined;\n\n /** Indicates if the TernSecureAuth instance is currently loading */\n isLoading: boolean;\n\n /** The current status of the TernSecureAuth instance */\n status: TernSecureAuthStatus;\n\n /** The Firebase App instance */\n firebaseApp?: any;\n\n /** The Firebase App Check instance */\n appCheck?: any;\n\n /** TernSecure API URL */\n apiUrl: string;\n\n /** TernSecure domain for API string */\n authDomain: string;\n\n /** TernSecure Frontend domain for TernSecure UI */\n frontEndDomain?: string;\n\n /** TernSecure Proxy url */\n proxyUrl?: string;\n\n /** TernSecure Instance type */\n instanceType: InstanceType | undefined;\n\n /** Indicates if the TernSecureAuth instance is ready for use */\n isReady: boolean;\n\n /** Requires Verification */\n requiresVerification: boolean;\n\n /** Initialize TernSecureAuth */\n initialize: (options?: TernSecureAuthOptions) => Promise<void>;\n\n /**\n * @internal\n */\n _internal_getOption<K extends keyof TernSecureAuthOptions>(key: K): TernSecureAuthOptions[K];\n\n /**\n * @internal\n */\n _internal_getAllOptions(): Readonly<TernSecureAuthOptions>;\n\n /** Current user*/\n user: TernSecureUser | null | undefined;\n\n /** Current session */\n currentSession: SignedInSession | null;\n\n /** Sign in resource for authentication operations */\n signIn: SignInResource | undefined | null;\n\n /** SignUp resource for authentication operations */\n signUp: SignUpResource | undefined | null;\n\n /** The Firebase configuration used by this TernAuth instance. */\n ternSecureConfig?: TernSecureConfig;\n\n /** Subscribe to auth state changes */\n onAuthStateChanged(callback: (cb: any) => void): () => void;\n\n /** Sign out the current user */\n signOut: SignOut;\n\n /** Mounts a sign-in component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signInProps Configuration options for the sign-in component\n */\n showSignIn: (targetNode: HTMLDivElement, config?: SignInProps) => void;\n\n /** Unmount sign-in component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignIn: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a sign-up component\n * @param targetNode HTMLDivElement where the component will be mounted\n * @param signUpProps Configuration options for the sign-up component\n */\n showSignUp: (targetNode: HTMLDivElement, config?: SignUpProps) => void;\n\n /** Unmount sign-up component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideSignUp: (targetNode: HTMLDivElement) => void;\n\n /** Mounts a user button component\n * @param targetNode HTMLDivElement where the component will be mounted\n */\n showUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Unmount user button component\n * @param targetNode HTMLDivElement where the component is mounted\n */\n hideUserButton: (targetNode: HTMLDivElement) => void;\n\n /** Subscribe to a single event */\n on: onEventListener;\n\n /** Remove event listener */\n off: OffEventListener;\n\n /** Subscribe to all auth state changes */\n addListener: (callback: ListenerCallback) => UnsubscribeCallback;\n\n /** Get redirect result from OAuth flows */\n getRedirectResult: () => Promise<any>;\n\n /** Create an active session */\n createActiveSession: CreateActiveSession;\n\n /** Function used to navigate to certain steps and URLs */\n navigate: CustomNavigation;\n\n /**\n * @param {string} to\n */\n constructUrlWithAuthRedirect(to: string): string;\n\n constructAfterSignOutUrl(): string;\n\n /** Navigate to SignIn page */\n redirectToSignIn(options?: SignInRedirectOptions): Promise<unknown>;\n /** Navigate to SignUp page */\n redirectToSignUp(options?: SignUpRedirectOptions): Promise<unknown>;\n\n redirectAfterSignIn: () => void;\n\n redirectAfterSignUp: () => void;\n}\n\nexport interface TernSecureAuthFactory {\n create(options?: TernSecureAuthOptions): TernSecureAuth;\n}\n\nexport type SharedSignInAuthObjectProperties = {\n session: DecodedIdToken;\n userId: string;\n};\n\nexport type CheckCustomClaims = {\n role?: string | string[];\n permissions?: string | string[];\n [key: string]: any;\n};\n\nexport type CheckAuthorizationFromSessionClaims = (\n isAuthorizedParams: CheckCustomClaims,\n) => boolean;\n\nexport type TernVerificationResult =\n | (DecodedIdToken & {\n valid: true;\n token?: string;\n error?: never;\n })\n | {\n valid: false;\n error: AuthErrorResponse;\n };\n\nexport type RoutingOptions =\n | { path: string | undefined; routing?: Extract<RoutingStrategy, 'path'> }\n | { path?: never; routing?: Extract<RoutingStrategy, 'hash' | 'virtual'> };\n\nexport type WithoutRouting<T> = Omit<T, 'path' | 'routing'>;\n\n/**\n * Props for SignIn component focusing on UI concerns\n */\nexport type SignInProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-in\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign in.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Full URL or path to for the sign up process.\n * Used to fill the \"Sign up\" link in the SignUp component.\n */\n signUpUrl?: string;\n\n /**\n * Preferred strategy for sign-in when using email identifier.\n * Options: 'password' | 'email_code'\n * @default 'password'\n */\n preferredEmailStrategy?: 'password' | 'email_code';\n\n /**\n * Customize UI\n */\n appearance?: SignInTheme;\n\n /** Initial form values */\n initialValues?: SignInInitialValues & SignUpInitialValues;\n\n /**\n * Whether to show the combined email and password form.\n * If true, the email and password fields will be shown together.\n * If false, the email field will be shown first, followed by the password field.\n * @default true\n */\n showCombinedForm?: boolean;\n} & SignUpForceRedirectUrl &\n SignUpFallbackRedirectUrl &\n AfterSignOutUrl;\n\n/**\n * Props for SignUp component focusing on UI concerns\n */\nexport type SignUpProps = RoutingOptions & {\n /** URL to navigate to after successfully sign-up\n * Use this prop to override the redirect URL when needed.\n * @default undefined\n */\n forceRedirectUrl?: string | null;\n /**\n * Full URL or path to navigate to after successful sign up.\n * This value is used when no other redirect props, environment variables or search params are present.\n * @default undefined\n */\n fallbackRedirectUrl?: string | null;\n /**\n * Full URL or path to for the sign in process.\n * Used to fill the \"Sign in\" link in the SignUp component.\n */\n signInUrl?: string;\n /**\n * Customize UI\n */\n appearance?: SignUpTheme;\n /**\n * Whether to show the sign up form.\n * @default true\n */\n shouldShowForm?: boolean;\n /** Initial form values */\n initialValues?: SignUpInitialValues ;\n} & SignInFallbackRedirectUrl &\n SignInForceRedirectUrl &\n AfterSignOutUrl;\n\n\n\nexport type UserButtonProps = {\n /**\n * Controls if the username is displayed next to the trigger button\n */\n showName?: boolean;\n /**\n * Controls the default state of the UserButton\n */\n defaultOpen?: boolean;\n\n /**\n * Full URL or path to navigate to on \"Add another account\" action.\n * Multi-session mode only.\n */\n signInUrl?: string;\n};\n\nexport type SignInModalProps = WithoutRouting<SignInProps>;\nexport type SignUpModalProps = WithoutRouting<SignUpProps>;\n\nexport type SignInRedirectOptions = RedirectOptions;\nexport type SignUpRedirectOptions = RedirectOptions;\n\nexport type RoutingStrategy = 'path' | 'hash' | 'virtual';\n\n\nexport type __internal_ComponentNavigationContext = {\n /**\n * The `navigate` reference within the component router context\n */\n navigate: (\n to: string,\n options?: {\n searchParams?: URLSearchParams;\n },\n ) => Promise<unknown>;\n /**\n * This path represents the root route for a specific component type and is used\n * for internal routing and navigation.\n *\n * @example\n * indexPath: '/sign-in' // When <SignIn path='/sign-in' />\n * indexPath: '/sign-up' // When <SignUp path='/sign-up' />\n */\n indexPath: string;\n};\n\n/**\n * Internal is a navigation type that affects the component\n *\n */\ntype NavigationType =\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes after the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to /sign-in/factor-one is an internal navigation\n */\n | 'internal'\n /**\n * Internal navigations affect the components and alter the\n * part of the URL that comes before the `path` passed to the component.\n * eg <SignIn path='sign-in'>\n * going from /sign-in to / is an external navigation\n */\n | 'external'\n /**\n * Window navigations are navigations towards a different origin\n * and are not handled by the TernSecure component or the host app router.\n */\n | 'window';\n\ntype RouterMetadata = { routing?: RoutingStrategy; navigationType?: NavigationType };\n\n/**\n * @inline\n */\ntype RouterFn = (\n /**\n * The destination path\n */\n to: string,\n /**\n * Optional metadata\n */\n metadata?: {\n /**\n * @internal\n */\n __internal_metadata?: RouterMetadata;\n /**\n * Provide a function to be used for navigation.\n */\n windowNavigate: (to: URL | string) => void;\n },\n) => Promise<unknown> | unknown;\n\n\n\nexport type SignInInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n username?: string;\n};\n\nexport type SignUpInitialValues = {\n emailAddress?: string;\n phoneNumber?: string;\n firstName?: string;\n lastName?: string;\n displayName?: string;\n username?: string;\n};","import type { TernSecureUser, UserCredential } from \"./all\";\nimport type { ErrorCode } from \"./errors\";\nimport type {\n BackupCodeFactor,\n EmailCodeAttempt,\n EmailCodeFactor,\n PasswordAttempt,\n PasswordFactor,\n PhoneCodeAttempt,\n PhoneCodeFactor,\n ResetPasswordEmailCodeAttempt,\n ResetPasswordPhoneCodeAttempt,\n TOTPFactor,\n} from './factors'\nimport type { TernSecureResourceJSON } from './json'\nimport type {\n EmailCodeStrategy,\n PasswordStrategy,\n PhoneCodeStrategy,\n ResetPasswordEmailCodeStrategy,\n ResetPasswordPhoneCodeStrategy\n} from \"./strategies\";\n\nexport type SignInStatus =\n | 'needs_identifier'\n | 'needs_first_factor'\n | 'needs_second_factor'\n | 'needs_new_password'\n | 'needs_email_verification'\n | 'idle'\n | 'pending_email_password'\n | 'pending_social'\n | 'pending_mfa'\n | 'redirecting'\n | 'success'\n | 'error';\n\n\n/**\n * @deprecated Use `SignInFormValues` instead.\n * Initial values for the sign-in form.\n */\ntype SignInInitialValues = Partial<SignInFormValues>;\ntype SignInFormValues = {\n email?: string;\n password?: string;\n phoneNumber?: string;\n};\n\n/**\n * @deprecated\n */\nexport type SignInInitialValue = Partial<SignInFormValues>;\n\n\nexport type SignInPasswordParams = {\n email: string;\n password: string;\n}\n\nexport type SignInPhoneParams = {\n phoneNumber: string;\n appVerifier?: any;\n}\n\nexport interface AuthErrorResponse {\n success: false\n message: string\n code: ErrorCode\n}\n\nexport interface AuthErrorTree extends Error {\n code?: any | string;\n message: string;\n response?: any | string;\n}\n\ninterface BaseSignInResponse {\n status?: SignInStatus;\n message?: string;\n error?: any | undefined;\n}\n\n\nexport interface SignInSuccessResponse extends BaseSignInResponse, UserCredential {\n status: 'success';\n}\n\nexport interface SignInErrorResponse extends BaseSignInResponse {\n status: 'error';\n}\n\nexport interface SignInPendingResponse extends BaseSignInResponse {\n status: 'redirecting' | 'pending_social' | 'pending_email_password';\n}\n\nexport type SignInResponse =\n | SignInSuccessResponse\n | SignInErrorResponse\n | SignInPendingResponse;\n\n\n\nexport interface ResendEmailVerification {\n isVerified?: boolean;\n}\n\n\nexport function isSignInResponseTree(value: any): value is SignInResponse {\n return (\n typeof value === 'object' &&\n 'success' in value &&\n typeof value.success === 'boolean'\n );\n}\n\n/**\n * social provider options that allow to specify custom parameters\n */\nexport interface SocialProviderOptions {\n /** Authentication mode - popup or redirect */\n mode?: 'popup' | 'redirect';\n /** Custom parameters specific to the provider (e.g., prompt, access_type, locale) */\n customParameters?: Record<string, string>;\n /** OAuth scopes to request from the provider */\n scopes?: string[];\n}\n\nexport interface SignInVerificationResponse {\n status: SignInStatus;\n message?: string;\n error?: any;\n}\n\nexport interface SignInResource {\n\n status: SignInStatus | null;\n supportedFirstFactors: SignInFirstFactor[] | null;\n identifier: string | null;\n user?: TernSecureUser | null;\n /**\n * Create combine email and phone sign in method\n */\n create: (params: SignInCreateParams) => Promise<SignInResource>;\n\n authenticateWithPassword: (params: SignInPasswordParams) => Promise<SignInResponse>;\n\n createRecaptchaVerifier: (containerOrId: string | HTMLElement, parameters?: any) => any;\n\n authenticateWithPhoneNumber: (params: SignInPhoneParams) => Promise<SignInResponse>;\n\n authenticateWithSocialProvider: (provider: string, options: SocialProviderOptions) => Promise<SignInResponse>;\n\n completeMfaSignIn: (mfaToken: string, mfaContext?: any) => Promise<SignInResponse>;\n\n sendPasswordResetEmail: (email: string) => Promise<{ response: { email: string } } | null>;\n\n attemptEmailVerification: (options?: {\n url?: string;\n handleCodeInApp?: boolean;\n }) => Promise<SignInVerificationResponse>;\n\n attemptFirstFactor: (params: AttemptFirstFactorParams) => Promise<SignInResource>;\n \n attemptPhoneNumberVerification: (params: { code: string }) => Promise<SignInResponse>;\n\n checkRedirectResult: () => Promise<SignInResponse | null>;\n}\n\n\nexport type SignInFirstFactor =\n | EmailCodeFactor\n | PasswordFactor;\n\nexport type SignInSecondFactor = PhoneCodeFactor | TOTPFactor | BackupCodeFactor;\n\nexport type SignInFactor = SignInFirstFactor | SignInSecondFactor;\n\n\nexport type SignInCreateParams = (\n | {\n strategy: PasswordStrategy;\n password?: string;\n identifier: string;\n } | {\n strategy:\n | PhoneCodeStrategy\n | EmailCodeStrategy\n | ResetPasswordEmailCodeStrategy\n | ResetPasswordPhoneCodeStrategy;\n identifier: string;\n }\n)\n\n\nexport type AttemptFirstFactorParams =\n | EmailCodeAttempt\n | PhoneCodeAttempt\n | PasswordAttempt\n | ResetPasswordPhoneCodeAttempt\n | ResetPasswordEmailCodeAttempt;\n\n\nexport interface SignInJson extends TernSecureResourceJSON {\n object: 'sign_in';\n id: string;\n status: SignInStatus;\n supportedFirstFactors: SignInFirstFactor[];\n firstFactorVerification?: SignInFirstFactor;\n secondFactorVerification?: SignInSecondFactor;\n identifier: string | null;\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACMO,IAAM,SAAS;AAAA,EACpB,4BAA4B;AAAA,EAC5B,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,cAAc;AAAA,EACd,oBAAoB;AAAA,EACpB,qBAAqB;AAAA,EACrB,eAAe;AAAA,EACf,mBAAmB;AAAA,EACnB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,cAAc;AAAA,EACd,eAAe;AAAA,EACf,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,eAAe;AAAA,EACf,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,oBAAoB;AAAA,EACpB,mBAAmB;AAAA,EACnB,wBAAwB;AAAA,EACxB,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AACjB;;;ACsBO,IAAM,4BAA6C;AAAA,EACxD,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,OAAO;AAAA,EACP,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,iBAAiB;AAAA,EACjB,OAAO;AAAA,EACP,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AACR;;;ACmCO,SAAS,qBAAqB,OAAqC;AACxE,SACE,OAAO,UAAU,YACjB,aAAa,SACb,OAAO,MAAM,YAAY;AAE7B;","names":[]}
|