npm - @thunderid/nextjs - Versions diffs - 0.2.1 → 0.2.2 - Mend

@thunderid/nextjs 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (349) hide show

package/dist/cjs/utils/SessionManager.cjs ADDED Viewed

@@ -0,0 +1,150 @@
+const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
+const require_sessionConstants = require('../constants/sessionConstants.cjs');
+let __thunderid_node = require("@thunderid/node");
+__thunderid_node = require_rolldown_runtime.__toESM(__thunderid_node);
+let jose = require("jose");
+jose = require_rolldown_runtime.__toESM(jose);
+//#region src/utils/SessionManager.ts
+/**
+* Session management utility class for JWT-based session cookies
+*/
+var SessionManager = class {
+	/**
+	* Get the signing secret from environment variable
+	* Throws error in production if not set
+	*/
+	static getSecret() {
+		const secret = process.env["THUNDERID_SECRET"];
+		if (!secret) {
+			if (process.env["NODE_ENV"] === "production") throw new __thunderid_node.ThunderIDRuntimeError("THUNDERID_SECRET environment variable is required in production", "session-secret-required", "nextjs", "Set the THUNDERID_SECRET environment variable with a secure random string");
+			console.warn("Using default secret for development. Set THUNDERID_SECRET for production!");
+			return new TextEncoder().encode("development-secret-not-for-production");
+		}
+		return new TextEncoder().encode(secret);
+	}
+	/**
+	* Create a temporary session cookie for login initiation
+	*/
+	static async createTempSession(sessionId) {
+		const secret = this.getSecret();
+		return await new jose.SignJWT({
+			sessionId,
+			type: "temp"
+		}).setProtectedHeader({ alg: "HS256" }).setIssuedAt().setExpirationTime("15m").sign(secret);
+	}
+	/**
+	* Resolve the session cookie expiry time in seconds.
+	*
+	* Resolution order (first defined value wins):
+	*   1. `configuredExpiry` — value from `ThunderIDNodeConfig.sessionCookie?.expiryTime`
+	*   2. `THUNDERID_SESSION_COOKIE_EXPIRY_TIME` environment variable
+	*   3. `DEFAULT_SESSION_COOKIE_EXPIRY_TIME` (24 hours)
+	*/
+	static resolveSessionCookieExpiry(configuredExpiry) {
+		if (configuredExpiry != null && configuredExpiry > 0) return configuredExpiry;
+		const envValue = process.env["THUNDERID_SESSION_COOKIE_EXPIRY_TIME"];
+		if (envValue) {
+			const parsed = parseInt(envValue, 10);
+			if (!Number.isNaN(parsed) && parsed > 0) return parsed;
+		}
+		return require_sessionConstants.DEFAULT_SESSION_COOKIE_EXPIRY_TIME;
+	}
+	static async createSessionToken(accessToken, userId, sessionId, scopes, accessTokenTtlSeconds, refreshToken, organizationId) {
+		const secret = this.getSecret();
+		return await new jose.SignJWT({
+			accessToken,
+			organizationId,
+			refreshToken,
+			scopes,
+			sessionId,
+			type: "session"
+		}).setProtectedHeader({ alg: "HS256" }).setSubject(userId).setIssuedAt().setExpirationTime(Math.floor(Date.now() / 1e3) + accessTokenTtlSeconds).sign(secret);
+	}
+	/**
+	* Verify and decode a session token
+	*/
+	static async verifySessionToken(token) {
+		try {
+			const { payload } = await (0, jose.jwtVerify)(token, this.getSecret());
+			if (payload["type"] !== "session") throw new Error("Invalid token type");
+			return payload;
+		} catch (error) {
+			throw new __thunderid_node.ThunderIDRuntimeError(`Invalid session token: ${error instanceof Error ? error.message : "Unknown error"}`, "invalid-session-token", "nextjs", "Session token verification failed");
+		}
+	}
+	/**
+	* Verify a session token for refresh. Validates the HMAC signature and the
+	* `type === 'session'` discriminant but intentionally skips the `exp` check
+	* so an expired access token can still be exchanged for a new one.
+	*
+	* Session lifetime is still bounded — the cookie's `maxAge` is set from
+	* `sessionCookieExpiryTime`, so the browser drops an over-age session regardless
+	* of the access-token exp embedded in the JWT.
+	*
+	* Never use the returned payload for authorization.
+	*/
+	static async verifySessionTokenForRefresh(token) {
+		try {
+			const { payload: rawPayload } = await (0, jose.compactVerify)(token, this.getSecret());
+			const payload = JSON.parse(new TextDecoder().decode(rawPayload));
+			if (payload.type !== "session") throw new Error("Invalid token type");
+			return payload;
+		} catch (error) {
+			throw new __thunderid_node.ThunderIDRuntimeError(`Invalid session token: ${error instanceof Error ? error.message : "Unknown error"}`, "invalid-session-token-for-refresh", "nextjs", "Session token signature or type check failed during refresh");
+		}
+	}
+	/**
+	* Verify and decode a temporary session token
+	*/
+	static async verifyTempSession(token) {
+		try {
+			const { payload } = await (0, jose.jwtVerify)(token, this.getSecret());
+			if (payload["type"] !== "temp") throw new Error("Invalid token type");
+			return { sessionId: payload["sessionId"] };
+		} catch (error) {
+			throw new __thunderid_node.ThunderIDRuntimeError(`Invalid temporary session token: ${error instanceof Error ? error.message : "Unknown error"}`, "invalid-temp-session-token", "nextjs", "Temporary session token verification failed");
+		}
+	}
+	/**
+	* Get session cookie options
+	*/
+	static getSessionCookieOptions(maxAge) {
+		return {
+			httpOnly: true,
+			maxAge,
+			path: "/",
+			sameSite: "lax",
+			secure: process.env["NODE_ENV"] === "production"
+		};
+	}
+	/**
+	* Get temporary session cookie options
+	*/
+	static getTempSessionCookieOptions() {
+		return {
+			httpOnly: true,
+			maxAge: 900,
+			path: "/",
+			sameSite: "lax",
+			secure: process.env["NODE_ENV"] === "production"
+		};
+	}
+	/**
+	* Get session cookie name
+	*/
+	static getSessionCookieName() {
+		return __thunderid_node.CookieConfig.SESSION_COOKIE_NAME;
+	}
+	/**
+	* Get temporary session cookie name
+	*/
+	static getTempSessionCookieName() {
+		return __thunderid_node.CookieConfig.TEMP_SESSION_COOKIE_NAME;
+	}
+};
+var SessionManager_default = SessionManager;
+//#endregion
+exports.default = SessionManager_default;
+//# sourceMappingURL=SessionManager.cjs.map

package/dist/cjs/utils/SessionManager.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SessionManager.cjs","names":["secret: string | undefined","ThunderIDRuntimeError","secret: Uint8Array","SignJWT","envValue: string | undefined","parsed: number","DEFAULT_SESSION_COOKIE_EXPIRY_TIME","payload: SessionTokenPayload","CookieConfig"],"sources":["../../../src/utils/SessionManager.ts"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\nimport {ThunderIDRuntimeError, CookieConfig} from '@thunderid/node';\nimport {SignJWT, jwtVerify, compactVerify, JWTPayload} from 'jose';\nimport {DEFAULT_SESSION_COOKIE_EXPIRY_TIME} from '../constants/sessionConstants';\n\n/**\n * Session token payload interface\n */\nexport interface SessionTokenPayload extends JWTPayload {\n /** Expiration timestamp — doubles as the access token expiry (JWT exp == access token exp) */\n exp: number;\n /** Issued at timestamp */\n iat: number;\n /** Organization ID if applicable */\n organizationId?: string;\n /** The refresh token; empty string if not provided by the auth server */\n refreshToken: string;\n /** OAuth scopes */\n scopes: string[];\n /** Session ID */\n sessionId: string;\n /** User ID */\n sub: string;\n /** Token type discriminant — must be 'session' for access-session JWTs */\n type: 'session';\n}\n\n/**\n * Session management utility class for JWT-based session cookies\n */\nclass SessionManager {\n /**\n * Get the signing secret from environment variable\n * Throws error in production if not set\n */\n private static getSecret(): Uint8Array {\n const secret: string | undefined = process.env['THUNDERID_SECRET'];\n\n if (!secret) {\n if (process.env['NODE_ENV'] === 'production') {\n throw new ThunderIDRuntimeError(\n 'THUNDERID_SECRET environment variable is required in production',\n 'session-secret-required',\n 'nextjs',\n 'Set the THUNDERID_SECRET environment variable with a secure random string',\n );\n }\n // Use a default secret for development (not secure)\n // eslint-disable-next-line no-console\n console.warn('Using default secret for development. Set THUNDERID_SECRET for production!');\n return new TextEncoder().encode('development-secret-not-for-production');\n }\n\n return new TextEncoder().encode(secret);\n }\n\n /**\n * Create a temporary session cookie for login initiation\n */\n static async createTempSession(sessionId: string): Promise<string> {\n const secret: Uint8Array = this.getSecret();\n\n const jwt: string = await new SignJWT({\n sessionId,\n type: 'temp',\n })\n .setProtectedHeader({alg: 'HS256'})\n .setIssuedAt()\n .setExpirationTime('15m')\n .sign(secret);\n\n return jwt;\n }\n\n /**\n * Resolve the session cookie expiry time in seconds.\n *\n * Resolution order (first defined value wins):\n * 1. `configuredExpiry` — value from `ThunderIDNodeConfig.sessionCookie?.expiryTime`\n * 2. `THUNDERID_SESSION_COOKIE_EXPIRY_TIME` environment variable\n * 3. `DEFAULT_SESSION_COOKIE_EXPIRY_TIME` (24 hours)\n */\n static resolveSessionCookieExpiry(configuredExpiry?: number): number {\n if (configuredExpiry != null && configuredExpiry > 0) {\n return configuredExpiry;\n }\n\n const envValue: string | undefined = process.env['THUNDERID_SESSION_COOKIE_EXPIRY_TIME'];\n\n if (envValue) {\n const parsed: number = parseInt(envValue, 10);\n\n if (!Number.isNaN(parsed) && parsed > 0) {\n return parsed;\n }\n }\n\n return DEFAULT_SESSION_COOKIE_EXPIRY_TIME;\n }\n\n static async createSessionToken(\n accessToken: string,\n userId: string,\n sessionId: string,\n scopes: string,\n accessTokenTtlSeconds: number,\n refreshToken: string,\n organizationId?: string,\n ): Promise<string> {\n const secret: Uint8Array = this.getSecret();\n\n const jwt: string = await new SignJWT({\n accessToken,\n organizationId,\n refreshToken,\n scopes,\n sessionId,\n type: 'session',\n } as Omit<SessionTokenPayload, 'sub' | 'iat' | 'exp'>)\n .setProtectedHeader({alg: 'HS256'})\n .setSubject(userId)\n .setIssuedAt()\n .setExpirationTime(Math.floor(Date.now() / 1000) + accessTokenTtlSeconds)\n .sign(secret);\n\n return jwt;\n }\n\n /**\n * Verify and decode a session token\n */\n static async verifySessionToken(token: string): Promise<SessionTokenPayload> {\n try {\n const secret: Uint8Array = this.getSecret();\n const {payload} = await jwtVerify(token, secret);\n\n if (payload['type'] !== 'session') {\n throw new Error('Invalid token type');\n }\n\n return payload as SessionTokenPayload;\n } catch (error) {\n throw new ThunderIDRuntimeError(\n `Invalid session token: ${error instanceof Error ? error.message : 'Unknown error'}`,\n 'invalid-session-token',\n 'nextjs',\n 'Session token verification failed',\n );\n }\n }\n\n /**\n * Verify a session token for refresh. Validates the HMAC signature and the\n * `type === 'session'` discriminant but intentionally skips the `exp` check\n * so an expired access token can still be exchanged for a new one.\n *\n * Session lifetime is still bounded — the cookie's `maxAge` is set from\n * `sessionCookieExpiryTime`, so the browser drops an over-age session regardless\n * of the access-token exp embedded in the JWT.\n *\n * Never use the returned payload for authorization.\n */\n static async verifySessionTokenForRefresh(token: string): Promise<SessionTokenPayload> {\n try {\n const secret: Uint8Array = this.getSecret();\n const {payload: rawPayload} = await compactVerify(token, secret);\n const payload: SessionTokenPayload = JSON.parse(new TextDecoder().decode(rawPayload)) as SessionTokenPayload;\n\n if (payload.type !== 'session') {\n throw new Error('Invalid token type');\n }\n\n return payload;\n } catch (error) {\n throw new ThunderIDRuntimeError(\n `Invalid session token: ${error instanceof Error ? error.message : 'Unknown error'}`,\n 'invalid-session-token-for-refresh',\n 'nextjs',\n 'Session token signature or type check failed during refresh',\n );\n }\n }\n\n /**\n * Verify and decode a temporary session token\n */\n static async verifyTempSession(token: string): Promise<{sessionId: string}> {\n try {\n const secret: Uint8Array = this.getSecret();\n const {payload} = await jwtVerify(token, secret);\n\n if (payload['type'] !== 'temp') {\n throw new Error('Invalid token type');\n }\n\n return {sessionId: payload['sessionId'] as string};\n } catch (error) {\n throw new ThunderIDRuntimeError(\n `Invalid temporary session token: ${error instanceof Error ? error.message : 'Unknown error'}`,\n 'invalid-temp-session-token',\n 'nextjs',\n 'Temporary session token verification failed',\n );\n }\n }\n\n /**\n * Get session cookie options\n */\n static getSessionCookieOptions(maxAge: number): {\n httpOnly: boolean;\n maxAge: number;\n path: string;\n sameSite: 'lax';\n secure: boolean;\n } {\n return {\n httpOnly: true,\n maxAge,\n path: '/',\n sameSite: 'lax' as const,\n secure: process.env['NODE_ENV'] === 'production',\n };\n }\n\n /**\n * Get temporary session cookie options\n */\n static getTempSessionCookieOptions(): {\n httpOnly: boolean;\n maxAge: number;\n path: string;\n sameSite: 'lax';\n secure: boolean;\n } {\n return {\n httpOnly: true,\n maxAge: 15 * 60,\n path: '/',\n sameSite: 'lax' as const,\n secure: process.env['NODE_ENV'] === 'production',\n };\n }\n\n /**\n * Get session cookie name\n */\n static getSessionCookieName(): string {\n return CookieConfig.SESSION_COOKIE_NAME;\n }\n\n /**\n * Get temporary session cookie name\n */\n static getTempSessionCookieName(): string {\n return CookieConfig.TEMP_SESSION_COOKIE_NAME;\n }\n}\n\nexport default SessionManager;\n"],"mappings":";;;;;;;;;;;AA+CA,IAAM,iBAAN,MAAqB;;;;;CAKnB,OAAe,YAAwB;EACrC,MAAMA,SAA6B,QAAQ,IAAI;AAE/C,MAAI,CAAC,QAAQ;AACX,OAAI,QAAQ,IAAI,gBAAgB,aAC9B,OAAM,IAAIC,uCACR,mEACA,2BACA,UACA,4EACD;AAIH,WAAQ,KAAK,6EAA6E;AAC1F,UAAO,IAAI,aAAa,CAAC,OAAO,wCAAwC;;AAG1E,SAAO,IAAI,aAAa,CAAC,OAAO,OAAO;;;;;CAMzC,aAAa,kBAAkB,WAAoC;EACjE,MAAMC,SAAqB,KAAK,WAAW;AAW3C,SAToB,MAAM,IAAIC,aAAQ;GACpC;GACA,MAAM;GACP,CAAC,CACC,mBAAmB,EAAC,KAAK,SAAQ,CAAC,CAClC,aAAa,CACb,kBAAkB,MAAM,CACxB,KAAK,OAAO;;;;;;;;;;CAajB,OAAO,2BAA2B,kBAAmC;AACnE,MAAI,oBAAoB,QAAQ,mBAAmB,EACjD,QAAO;EAGT,MAAMC,WAA+B,QAAQ,IAAI;AAEjD,MAAI,UAAU;GACZ,MAAMC,SAAiB,SAAS,UAAU,GAAG;AAE7C,OAAI,CAAC,OAAO,MAAM,OAAO,IAAI,SAAS,EACpC,QAAO;;AAIX,SAAOC;;CAGT,aAAa,mBACX,aACA,QACA,WACA,QACA,uBACA,cACA,gBACiB;EACjB,MAAMJ,SAAqB,KAAK,WAAW;AAgB3C,SAdoB,MAAM,IAAIC,aAAQ;GACpC;GACA;GACA;GACA;GACA;GACA,MAAM;GACP,CAAqD,CACnD,mBAAmB,EAAC,KAAK,SAAQ,CAAC,CAClC,WAAW,OAAO,CAClB,aAAa,CACb,kBAAkB,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK,GAAG,sBAAsB,CACxE,KAAK,OAAO;;;;;CAQjB,aAAa,mBAAmB,OAA6C;AAC3E,MAAI;GAEF,MAAM,EAAC,YAAW,0BAAgB,OADP,KAAK,WAAW,CACK;AAEhD,OAAI,QAAQ,YAAY,UACtB,OAAM,IAAI,MAAM,qBAAqB;AAGvC,UAAO;WACA,OAAO;AACd,SAAM,IAAIF,uCACR,0BAA0B,iBAAiB,QAAQ,MAAM,UAAU,mBACnE,yBACA,UACA,oCACD;;;;;;;;;;;;;;CAeL,aAAa,6BAA6B,OAA6C;AACrF,MAAI;GAEF,MAAM,EAAC,SAAS,eAAc,8BAAoB,OADvB,KAAK,WAAW,CACqB;GAChE,MAAMM,UAA+B,KAAK,MAAM,IAAI,aAAa,CAAC,OAAO,WAAW,CAAC;AAErF,OAAI,QAAQ,SAAS,UACnB,OAAM,IAAI,MAAM,qBAAqB;AAGvC,UAAO;WACA,OAAO;AACd,SAAM,IAAIN,uCACR,0BAA0B,iBAAiB,QAAQ,MAAM,UAAU,mBACnE,qCACA,UACA,8DACD;;;;;;CAOL,aAAa,kBAAkB,OAA6C;AAC1E,MAAI;GAEF,MAAM,EAAC,YAAW,0BAAgB,OADP,KAAK,WAAW,CACK;AAEhD,OAAI,QAAQ,YAAY,OACtB,OAAM,IAAI,MAAM,qBAAqB;AAGvC,UAAO,EAAC,WAAW,QAAQ,cAAuB;WAC3C,OAAO;AACd,SAAM,IAAIA,uCACR,oCAAoC,iBAAiB,QAAQ,MAAM,UAAU,mBAC7E,8BACA,UACA,8CACD;;;;;;CAOL,OAAO,wBAAwB,QAM7B;AACA,SAAO;GACL,UAAU;GACV;GACA,MAAM;GACN,UAAU;GACV,QAAQ,QAAQ,IAAI,gBAAgB;GACrC;;;;;CAMH,OAAO,8BAML;AACA,SAAO;GACL,UAAU;GACV,QAAQ;GACR,MAAM;GACN,UAAU;GACV,QAAQ,QAAQ,IAAI,gBAAgB;GACrC;;;;;CAMH,OAAO,uBAA+B;AACpC,SAAOO,8BAAa;;;;;CAMtB,OAAO,2BAAmC;AACxC,SAAOA,8BAAa;;;AAIxB,6BAAe"}

package/dist/cjs/utils/decorateConfigWithNextEnv.cjs ADDED Viewed

@@ -0,0 +1,28 @@
+//#region src/utils/decorateConfigWithNextEnv.ts
+const decorateConfigWithNextEnv = (config) => {
+	const { organizationHandle, scopes, applicationId, baseUrl, clientId, clientSecret, signInUrl, signUpUrl, afterSignInUrl, afterSignOutUrl,...rest } = config;
+	const envExpiryTime = process.env["THUNDERID_SESSION_COOKIE_EXPIRY_TIME"] ? parseInt(process.env["THUNDERID_SESSION_COOKIE_EXPIRY_TIME"], 10) : void 0;
+	return {
+		...rest,
+		afterSignInUrl: afterSignInUrl || process.env["NEXT_PUBLIC_THUNDERID_AFTER_SIGN_IN_URL"],
+		afterSignOutUrl: afterSignOutUrl || process.env["NEXT_PUBLIC_THUNDERID_AFTER_SIGN_OUT_URL"],
+		applicationId: applicationId || process.env["NEXT_PUBLIC_THUNDERID_APPLICATION_ID"],
+		baseUrl: baseUrl || process.env["NEXT_PUBLIC_THUNDERID_BASE_URL"],
+		clientId: clientId || process.env["NEXT_PUBLIC_THUNDERID_CLIENT_ID"],
+		clientSecret: clientSecret || process.env["THUNDERID_CLIENT_SECRET"],
+		organizationHandle: organizationHandle || process.env["NEXT_PUBLIC_THUNDERID_ORGANIZATION_HANDLE"],
+		scopes: scopes || process.env["NEXT_PUBLIC_THUNDERID_SCOPES"],
+		sessionCookie: {
+			...rest.sessionCookie,
+			expiryTime: rest.sessionCookie?.expiryTime || envExpiryTime
+		},
+		signInUrl: signInUrl || process.env["NEXT_PUBLIC_THUNDERID_SIGN_IN_URL"],
+		signUpUrl: signUpUrl || process.env["NEXT_PUBLIC_THUNDERID_SIGN_UP_URL"]
+	};
+};
+var decorateConfigWithNextEnv_default = decorateConfigWithNextEnv;
+//#endregion
+exports.default = decorateConfigWithNextEnv_default;
+//# sourceMappingURL=decorateConfigWithNextEnv.cjs.map

package/dist/cjs/utils/decorateConfigWithNextEnv.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"decorateConfigWithNextEnv.cjs","names":[],"sources":["../../../src/utils/decorateConfigWithNextEnv.ts"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\nimport {ThunderIDNextConfig} from '../models/config';\n\nconst decorateConfigWithNextEnv = (config: ThunderIDNextConfig): ThunderIDNextConfig => {\n const {\n organizationHandle,\n scopes,\n applicationId,\n baseUrl,\n clientId,\n clientSecret,\n signInUrl,\n signUpUrl,\n afterSignInUrl,\n afterSignOutUrl,\n ...rest\n } = config;\n\n const envExpiryTime = process.env['THUNDERID_SESSION_COOKIE_EXPIRY_TIME']\n ? parseInt(process.env['THUNDERID_SESSION_COOKIE_EXPIRY_TIME'], 10)\n : undefined;\n\n return {\n ...rest,\n afterSignInUrl: afterSignInUrl || process.env['NEXT_PUBLIC_THUNDERID_AFTER_SIGN_IN_URL']!,\n afterSignOutUrl: afterSignOutUrl || process.env['NEXT_PUBLIC_THUNDERID_AFTER_SIGN_OUT_URL']!,\n applicationId: applicationId || process.env['NEXT_PUBLIC_THUNDERID_APPLICATION_ID']!,\n baseUrl: baseUrl || process.env['NEXT_PUBLIC_THUNDERID_BASE_URL']!,\n clientId: clientId || process.env['NEXT_PUBLIC_THUNDERID_CLIENT_ID']!,\n clientSecret: clientSecret || process.env['THUNDERID_CLIENT_SECRET']!,\n organizationHandle: organizationHandle || process.env['NEXT_PUBLIC_THUNDERID_ORGANIZATION_HANDLE']!,\n scopes: scopes || process.env['NEXT_PUBLIC_THUNDERID_SCOPES']!,\n sessionCookie: {\n ...rest.sessionCookie,\n expiryTime: rest.sessionCookie?.expiryTime || envExpiryTime,\n },\n signInUrl: signInUrl || process.env['NEXT_PUBLIC_THUNDERID_SIGN_IN_URL']!,\n signUpUrl: signUpUrl || process.env['NEXT_PUBLIC_THUNDERID_SIGN_UP_URL']!,\n };\n};\n\nexport default decorateConfigWithNextEnv;\n"],"mappings":";;AAoBA,MAAM,6BAA6B,WAAqD;CACtF,MAAM,EACJ,oBACA,QACA,eACA,SACA,UACA,cACA,WACA,WACA,gBACA,gBACA,GAAG,SACD;CAEJ,MAAM,gBAAgB,QAAQ,IAAI,0CAC9B,SAAS,QAAQ,IAAI,yCAAyC,GAAG,GACjE;AAEJ,QAAO;EACL,GAAG;EACH,gBAAgB,kBAAkB,QAAQ,IAAI;EAC9C,iBAAiB,mBAAmB,QAAQ,IAAI;EAChD,eAAe,iBAAiB,QAAQ,IAAI;EAC5C,SAAS,WAAW,QAAQ,IAAI;EAChC,UAAU,YAAY,QAAQ,IAAI;EAClC,cAAc,gBAAgB,QAAQ,IAAI;EAC1C,oBAAoB,sBAAsB,QAAQ,IAAI;EACtD,QAAQ,UAAU,QAAQ,IAAI;EAC9B,eAAe;GACb,GAAG,KAAK;GACR,YAAY,KAAK,eAAe,cAAc;GAC/C;EACD,WAAW,aAAa,QAAQ,IAAI;EACpC,WAAW,aAAa,QAAQ,IAAI;EACrC;;AAGH,wCAAe"}

package/dist/cjs/utils/handleRefreshToken.cjs ADDED Viewed

@@ -0,0 +1,62 @@
+const require_SessionManager = require('./SessionManager.cjs');
+//#region src/utils/handleRefreshToken.ts
+/**
+* Handles the OAuth refresh_token grant and builds a new session JWT string.
+*
+* Intentionally decoupled from cookie APIs so it can be called from both the Edge
+* Runtime (Next.js middleware) and the Node.js Runtime (server actions).
+* Cookie persistence is the caller's responsibility.
+*/
+const handleRefreshToken = async (sessionPayload, config) => {
+	const { baseUrl, clientId, clientSecret, sessionCookie } = config;
+	const { refreshToken: storedRefreshToken, sessionId, sub, scopes, organizationId } = sessionPayload;
+	if (!storedRefreshToken) throw new Error("No refresh token found in session payload.");
+	const tokenEndpoint = `${baseUrl}/oauth2/token`;
+	const body = new URLSearchParams({
+		client_id: clientId ?? "",
+		client_secret: clientSecret ?? "",
+		grant_type: "refresh_token",
+		refresh_token: storedRefreshToken
+	});
+	let response;
+	try {
+		response = await fetch(tokenEndpoint, {
+			body: body.toString(),
+			headers: { "Content-Type": "application/x-www-form-urlencoded" },
+			method: "POST"
+		});
+	} catch (fetchError) {
+		throw new Error(`Token refresh network error: ${fetchError instanceof Error ? fetchError.message : String(fetchError)}`);
+	}
+	if (!response.ok) throw new Error(`Token endpoint rejected refresh (HTTP ${response.status}).`);
+	let tokenData;
+	try {
+		tokenData = await response.json();
+	} catch {
+		throw new Error("Failed to parse token endpoint response as JSON.");
+	}
+	const newAccessToken = tokenData["access_token"];
+	const expiresIn = tokenData["expires_in"];
+	const newRefreshToken = tokenData["refresh_token"] ?? storedRefreshToken;
+	const newScopes = tokenData["scope"] ?? (Array.isArray(scopes) ? scopes.join(" ") : scopes ?? "");
+	const resolvedSessionCookieExpiry = require_SessionManager.default.resolveSessionCookieExpiry(sessionCookie?.expiryTime);
+	return {
+		newSessionToken: await require_SessionManager.default.createSessionToken(newAccessToken, sub, sessionId, newScopes, expiresIn, newRefreshToken, organizationId),
+		sessionCookieExpiryTime: resolvedSessionCookieExpiry,
+		tokenResponse: {
+			accessToken: newAccessToken,
+			createdAt: Math.floor(Date.now() / 1e3),
+			expiresIn: String(expiresIn),
+			idToken: tokenData["id_token"] ?? "",
+			refreshToken: newRefreshToken,
+			scope: newScopes,
+			tokenType: tokenData["token_type"] ?? "Bearer"
+		}
+	};
+};
+var handleRefreshToken_default = handleRefreshToken;
+//#endregion
+exports.default = handleRefreshToken_default;
+//# sourceMappingURL=handleRefreshToken.cjs.map

package/dist/cjs/utils/handleRefreshToken.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"handleRefreshToken.cjs","names":["body: URLSearchParams","response: Response","tokenData: Record<string, unknown>","newAccessToken: string","expiresIn: number","newRefreshToken: string","newScopes: string","resolvedSessionCookieExpiry: number","SessionManager"],"sources":["../../../src/utils/handleRefreshToken.ts"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\nimport type {TokenResponse, SessionCookieConfig} from '@thunderid/node';\nimport SessionManager, {SessionTokenPayload} from './SessionManager';\n\n/**\n * Config required to call the token endpoint.\n */\nexport interface HandleRefreshTokenConfig {\n baseUrl: string;\n clientId: string;\n clientSecret: string;\n sessionCookie?: SessionCookieConfig;\n}\n\n/**\n * Result returned by handleRefreshToken.\n * Callers are responsible for persisting newSessionToken in the appropriate cookie context.\n */\nexport interface HandleRefreshTokenResult {\n newSessionToken: string;\n sessionCookieExpiryTime: number;\n tokenResponse: TokenResponse;\n}\n\n/**\n * Handles the OAuth refresh_token grant and builds a new session JWT string.\n *\n * Intentionally decoupled from cookie APIs so it can be called from both the Edge\n * Runtime (Next.js middleware) and the Node.js Runtime (server actions).\n * Cookie persistence is the caller's responsibility.\n */\nconst handleRefreshToken = async (\n sessionPayload: SessionTokenPayload,\n config: HandleRefreshTokenConfig,\n): Promise<HandleRefreshTokenResult> => {\n const {baseUrl, clientId, clientSecret, sessionCookie} = config;\n const {refreshToken: storedRefreshToken, sessionId, sub, scopes, organizationId} = sessionPayload;\n\n if (!storedRefreshToken) {\n throw new Error('No refresh token found in session payload.');\n }\n\n const tokenEndpoint = `${baseUrl}/oauth2/token`;\n const body: URLSearchParams = new URLSearchParams({\n client_id: clientId ?? '',\n client_secret: clientSecret ?? '',\n grant_type: 'refresh_token',\n refresh_token: storedRefreshToken,\n });\n\n let response: Response;\n\n try {\n response = await fetch(tokenEndpoint, {\n body: body.toString(),\n headers: {'Content-Type': 'application/x-www-form-urlencoded'},\n method: 'POST',\n });\n } catch (fetchError) {\n throw new Error(\n `Token refresh network error: ${fetchError instanceof Error ? fetchError.message : String(fetchError)}`,\n );\n }\n\n if (!response.ok) {\n throw new Error(`Token endpoint rejected refresh (HTTP ${response.status}).`);\n }\n\n let tokenData: Record<string, unknown>;\n\n try {\n tokenData = (await response.json()) as Record<string, unknown>;\n } catch {\n throw new Error('Failed to parse token endpoint response as JSON.');\n }\n\n const newAccessToken: string = tokenData['access_token'] as string;\n const expiresIn: number = tokenData['expires_in'] as number;\n // Use the rotated refresh token if the server provided one; otherwise keep the existing one.\n const newRefreshToken: string = (tokenData['refresh_token'] as string | undefined) ?? storedRefreshToken;\n const newScopes: string =\n (tokenData['scope'] as string | undefined) ??\n (Array.isArray(scopes) ? scopes.join(' ') : ((scopes as string) ?? ''));\n\n const resolvedSessionCookieExpiry: number = SessionManager.resolveSessionCookieExpiry(sessionCookie?.expiryTime);\n\n const newSessionToken: string = await SessionManager.createSessionToken(\n newAccessToken,\n sub,\n sessionId,\n newScopes,\n expiresIn,\n newRefreshToken,\n organizationId,\n );\n\n return {\n newSessionToken,\n sessionCookieExpiryTime: resolvedSessionCookieExpiry,\n tokenResponse: {\n accessToken: newAccessToken,\n createdAt: Math.floor(Date.now() / 1000),\n expiresIn: String(expiresIn),\n idToken: (tokenData['id_token'] as string | undefined) ?? '',\n refreshToken: newRefreshToken,\n scope: newScopes,\n tokenType: (tokenData['token_type'] as string | undefined) ?? 'Bearer',\n },\n };\n};\n\nexport default handleRefreshToken;\n"],"mappings":";;;;;;;;;;AAgDA,MAAM,qBAAqB,OACzB,gBACA,WACsC;CACtC,MAAM,EAAC,SAAS,UAAU,cAAc,kBAAiB;CACzD,MAAM,EAAC,cAAc,oBAAoB,WAAW,KAAK,QAAQ,mBAAkB;AAEnF,KAAI,CAAC,mBACH,OAAM,IAAI,MAAM,6CAA6C;CAG/D,MAAM,gBAAgB,GAAG,QAAQ;CACjC,MAAMA,OAAwB,IAAI,gBAAgB;EAChD,WAAW,YAAY;EACvB,eAAe,gBAAgB;EAC/B,YAAY;EACZ,eAAe;EAChB,CAAC;CAEF,IAAIC;AAEJ,KAAI;AACF,aAAW,MAAM,MAAM,eAAe;GACpC,MAAM,KAAK,UAAU;GACrB,SAAS,EAAC,gBAAgB,qCAAoC;GAC9D,QAAQ;GACT,CAAC;UACK,YAAY;AACnB,QAAM,IAAI,MACR,gCAAgC,sBAAsB,QAAQ,WAAW,UAAU,OAAO,WAAW,GACtG;;AAGH,KAAI,CAAC,SAAS,GACZ,OAAM,IAAI,MAAM,yCAAyC,SAAS,OAAO,IAAI;CAG/E,IAAIC;AAEJ,KAAI;AACF,cAAa,MAAM,SAAS,MAAM;SAC5B;AACN,QAAM,IAAI,MAAM,mDAAmD;;CAGrE,MAAMC,iBAAyB,UAAU;CACzC,MAAMC,YAAoB,UAAU;CAEpC,MAAMC,kBAA2B,UAAU,oBAA2C;CACtF,MAAMC,YACH,UAAU,aACV,MAAM,QAAQ,OAAO,GAAG,OAAO,KAAK,IAAI,GAAK,UAAqB;CAErE,MAAMC,8BAAsCC,+BAAe,2BAA2B,eAAe,WAAW;AAYhH,QAAO;EACL,iBAX8B,MAAMA,+BAAe,mBACnD,gBACA,KACA,WACA,WACA,WACA,iBACA,eACD;EAIC,yBAAyB;EACzB,eAAe;GACb,aAAa;GACb,WAAW,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;GACxC,WAAW,OAAO,UAAU;GAC5B,SAAU,UAAU,eAAsC;GAC1D,cAAc;GACd,OAAO;GACP,WAAY,UAAU,iBAAwC;GAC/D;EACF;;AAGH,iCAAe"}

package/dist/cjs/utils/logger.cjs ADDED Viewed

@@ -0,0 +1,11 @@
+const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
+let __thunderid_node = require("@thunderid/node");
+__thunderid_node = require_rolldown_runtime.__toESM(__thunderid_node);
+//#region src/utils/logger.ts
+const logger = (0, __thunderid_node.createLogger)({ level: "error" });
+var logger_default = logger;
+//#endregion
+exports.default = logger_default;
+//# sourceMappingURL=logger.cjs.map

package/dist/cjs/utils/logger.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"logger.cjs","names":["logger: any"],"sources":["../../../src/utils/logger.ts"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\nimport {createLogger} from '@thunderid/node';\n\nconst logger: any = createLogger({\n level: 'error',\n});\n\nexport default logger;\n"],"mappings":";;;;;AAoBA,MAAMA,4CAA2B,EAC/B,OAAO,SACR,CAAC;AAEF,qBAAe"}

package/dist/cjs/utils/sessionUtils.cjs ADDED Viewed

@@ -0,0 +1,40 @@
+const require_SessionManager = require('./SessionManager.cjs');
+//#region src/utils/sessionUtils.ts
+/**
+* Gets the session payload from the request cookies.
+* This includes user ID, session ID, and scopes.
+*
+* @param request - The Next.js request object
+* @returns The session payload if valid, undefined otherwise
+*/
+const getSessionFromRequest = async (request) => {
+	try {
+		const sessionToken = request.cookies.get(require_SessionManager.default.getSessionCookieName())?.value;
+		if (!sessionToken) return;
+		return await require_SessionManager.default.verifySessionToken(sessionToken);
+	} catch {
+		return;
+	}
+};
+/**
+* Gets the session ID from the request cookies (legacy support).
+* First tries to get from JWT session, then falls back to legacy session ID cookie.
+*
+* @param request - The Next.js request object
+* @returns The session ID if it exists, undefined otherwise
+*/
+const getSessionIdFromRequest = async (request) => {
+	try {
+		const sessionPayload = await getSessionFromRequest(request);
+		if (sessionPayload) return sessionPayload.sessionId;
+		return await Promise.resolve(void 0);
+	} catch {
+		return Promise.resolve(void 0);
+	}
+};
+//#endregion
+exports.getSessionFromRequest = getSessionFromRequest;
+exports.getSessionIdFromRequest = getSessionIdFromRequest;
+//# sourceMappingURL=sessionUtils.cjs.map

package/dist/cjs/utils/sessionUtils.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sessionUtils.cjs","names":["sessionToken: string | undefined","SessionManager","sessionPayload: SessionTokenPayload | undefined"],"sources":["../../../src/utils/sessionUtils.ts"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\nimport {NextRequest} from 'next/server';\nimport SessionManager, {SessionTokenPayload} from './SessionManager';\n\n/**\n * Checks if a request has a valid session cookie (JWT).\n * This verifies the JWT signature and expiration.\n *\n * @param request - The Next.js request object\n * @returns True if a valid session exists, false otherwise\n */\nexport const hasValidSession = async (request: NextRequest): Promise<boolean> => {\n try {\n const sessionToken: string | undefined = request.cookies.get(SessionManager.getSessionCookieName())?.value;\n if (!sessionToken) {\n return false;\n }\n\n await SessionManager.verifySessionToken(sessionToken);\n return true;\n } catch {\n return false;\n }\n};\n\n/**\n * Gets the session payload from the request cookies.\n * This includes user ID, session ID, and scopes.\n *\n * @param request - The Next.js request object\n * @returns The session payload if valid, undefined otherwise\n */\nexport const getSessionFromRequest = async (request: NextRequest): Promise<SessionTokenPayload | undefined> => {\n try {\n const sessionToken: string | undefined = request.cookies.get(SessionManager.getSessionCookieName())?.value;\n if (!sessionToken) {\n return undefined;\n }\n\n return await SessionManager.verifySessionToken(sessionToken);\n } catch {\n return undefined;\n }\n};\n\n/**\n * Gets the session ID from the request cookies (legacy support).\n * First tries to get from JWT session, then falls back to legacy session ID cookie.\n *\n * @param request - The Next.js request object\n * @returns The session ID if it exists, undefined otherwise\n */\nexport const getSessionIdFromRequest = async (request: NextRequest): Promise<string | undefined> => {\n try {\n const sessionPayload: SessionTokenPayload | undefined = await getSessionFromRequest(request);\n\n if (sessionPayload) {\n return sessionPayload.sessionId;\n }\n\n return await Promise.resolve(undefined);\n } catch {\n return Promise.resolve(undefined);\n }\n};\n\n/**\n * Gets the temporary session ID from request cookies.\n *\n * @param request - The Next.js request object\n * @returns The temporary session ID if valid, undefined otherwise\n */\nexport const getTempSessionFromRequest = async (request: NextRequest): Promise<string | undefined> => {\n try {\n const tempToken: string | undefined = request.cookies.get(SessionManager.getTempSessionCookieName())?.value;\n if (!tempToken) {\n return undefined;\n }\n\n const tempSession: {sessionId: string} = await SessionManager.verifyTempSession(tempToken);\n return tempSession.sessionId;\n } catch {\n return undefined;\n }\n};\n"],"mappings":";;;;;;;;;;AAiDA,MAAa,wBAAwB,OAAO,YAAmE;AAC7G,KAAI;EACF,MAAMA,eAAmC,QAAQ,QAAQ,IAAIC,+BAAe,sBAAsB,CAAC,EAAE;AACrG,MAAI,CAAC,aACH;AAGF,SAAO,MAAMA,+BAAe,mBAAmB,aAAa;SACtD;AACN;;;;;;;;;;AAWJ,MAAa,0BAA0B,OAAO,YAAsD;AAClG,KAAI;EACF,MAAMC,iBAAkD,MAAM,sBAAsB,QAAQ;AAE5F,MAAI,eACF,QAAO,eAAe;AAGxB,SAAO,MAAM,QAAQ,QAAQ,OAAU;SACjC;AACN,SAAO,QAAQ,QAAQ,OAAU"}

package/dist/client/components/actions/SignInButton/SignInButton.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SignInButton.d.ts","sourceRoot":"","sources":["../../../../../src/client/components/actions/SignInButton/SignInButton.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAKH,OAAO,EAAmB,qBAAqB,EAAiB,MAAM,kBAAkB,CAAC;AAGzF,OAAO,EAAa,yBAAyB,EAAqB,aAAa,EAAuB,MAAM,OAAO,CAAC;AAGpH;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG,qBAAqB,GAAG;IACtD;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CACrC,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,QAAA,MAAM,YAAY,EAAE,yBAAyB,CAAC,iBAAiB,GAAG,aAAa,CAAC,iBAAiB,CAAC,CA0DjG,CAAC;AAIF,eAAe,YAAY,CAAC"}

package/dist/client/components/actions/SignInButton/SignInButton.js ADDED Viewed

@@ -0,0 +1,73 @@
+'use client';
+import useThunderID_default from "../../../contexts/ThunderID/useThunderID.js";
+import { ThunderIDRuntimeError } from "@thunderid/node";
+import { BaseSignInButton, useTranslation } from "@thunderid/react";
+import { useRouter } from "next/navigation";
+import { forwardRef, useState } from "react";
+import { jsx } from "react/jsx-runtime";
+//#region src/client/components/actions/SignInButton/SignInButton.tsx
+/**
+* SignInButton component that uses server actions for authentication in Next.js.
+*
+* @example Using render props
+* ```tsx
+* <SignInButton>
+*   {({isLoading}) => (
+*     <button type="submit" disabled={isLoading}>
+*       {isLoading ? 'Signing in...' : 'Sign In'}
+*     </button>
+*   )}
+* </SignInButton>
+* ```
+*
+* @example Using traditional props
+* ```tsx
+* <SignInButton className="custom-button">Sign In</SignInButton>
+* ```
+*
+* @remarks
+* In Next.js with server actions, the sign-in is handled via the server action.
+* When using render props, the custom button should use `type="submit"` instead of `onClick={signIn}`.
+* The `signIn` function in render props is provided for API consistency but should not be used directly.
+*/
+const SignInButton = forwardRef(({ className, style, children, preferences, onClick, signInOptions = {},...rest }, ref) => {
+	const { signIn, signInUrl } = useThunderID_default();
+	const router = useRouter();
+	const { t } = useTranslation(preferences?.i18n);
+	const [isLoading, setIsLoading] = useState(false);
+	const handleSignIn = async () => {
+		try {
+			setIsLoading(true);
+			if (signInUrl) router.push(signInUrl);
+			else if (signIn) await signIn(signInOptions);
+		} catch (error) {
+			throw new ThunderIDRuntimeError(`Sign in failed: ${error instanceof Error ? error.message : String(error)}`, "SignInButton-handleSignIn-RuntimeError-001", "nextjs", "Something went wrong while trying to sign in. Please try again later.");
+		} finally {
+			setIsLoading(false);
+		}
+	};
+	const handleOnClick = async (e) => {
+		await handleSignIn();
+		if (onClick) onClick(e);
+	};
+	return /* @__PURE__ */ jsx(BaseSignInButton, {
+		className,
+		style,
+		ref,
+		preferences,
+		isLoading,
+		signIn: handleSignIn,
+		onClick: handleOnClick,
+		...rest,
+		children: children ?? t("elements.buttons.signin.text")
+	});
+});
+SignInButton.displayName = "SignInButton";
+var SignInButton_default = SignInButton;
+//#endregion
+export { SignInButton_default as default };
+//# sourceMappingURL=SignInButton.js.map

package/dist/client/components/actions/SignInButton/SignInButton.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SignInButton.js","names":["SignInButton: ForwardRefExoticComponent<SignInButtonProps & RefAttributes<HTMLButtonElement>>","useThunderID","router: AppRouterInstance"],"sources":["../../../../../src/client/components/actions/SignInButton/SignInButton.tsx"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\n'use client';\n\nimport {ThunderIDRuntimeError} from '@thunderid/node';\nimport {BaseSignInButton, BaseSignInButtonProps, useTranslation} from '@thunderid/react';\nimport {AppRouterInstance} from 'next/dist/shared/lib/app-router-context.shared-runtime';\nimport {useRouter} from 'next/navigation';\nimport {forwardRef, ForwardRefExoticComponent, ReactElement, Ref, RefAttributes, MouseEvent, useState} from 'react';\nimport useThunderID from '../../../contexts/ThunderID/useThunderID';\n\n/**\n * Props interface of {@link SignInButton}\n */\nexport type SignInButtonProps = BaseSignInButtonProps & {\n /**\n * Additional parameters to pass to the `authorize` request.\n */\n signInOptions?: Record<string, any>;\n};\n\n/**\n * SignInButton component that uses server actions for authentication in Next.js.\n *\n * @example Using render props\n * ```tsx\n * <SignInButton>\n * {({isLoading}) => (\n * <button type=\"submit\" disabled={isLoading}>\n * {isLoading ? 'Signing in...' : 'Sign In'}\n * </button>\n * )}\n * </SignInButton>\n * ```\n *\n * @example Using traditional props\n * ```tsx\n * <SignInButton className=\"custom-button\">Sign In</SignInButton>\n * ```\n *\n * @remarks\n * In Next.js with server actions, the sign-in is handled via the server action.\n * When using render props, the custom button should use `type=\"submit\"` instead of `onClick={signIn}`.\n * The `signIn` function in render props is provided for API consistency but should not be used directly.\n */\nconst SignInButton: ForwardRefExoticComponent<SignInButtonProps & RefAttributes<HTMLButtonElement>> = forwardRef<\n HTMLButtonElement,\n SignInButtonProps\n>(\n (\n {className, style, children, preferences, onClick, signInOptions = {}, ...rest}: SignInButtonProps,\n ref: Ref<HTMLButtonElement>,\n ): ReactElement => {\n const {signIn, signInUrl} = useThunderID();\n const router: AppRouterInstance = useRouter();\n const {t} = useTranslation(preferences?.i18n);\n\n const [isLoading, setIsLoading] = useState(false);\n\n const handleSignIn = async (): Promise<void> => {\n try {\n setIsLoading(true);\n\n // If a custom `signInUrl` is provided, use it for navigation.\n if (signInUrl) {\n router.push(signInUrl);\n } else if (signIn) {\n await signIn(signInOptions);\n }\n } catch (error) {\n throw new ThunderIDRuntimeError(\n `Sign in failed: ${error instanceof Error ? error.message : String(error)}`,\n 'SignInButton-handleSignIn-RuntimeError-001',\n 'nextjs',\n 'Something went wrong while trying to sign in. Please try again later.',\n );\n } finally {\n setIsLoading(false);\n }\n };\n\n const handleOnClick = async (e: MouseEvent<HTMLButtonElement>): Promise<void> => {\n await handleSignIn();\n if (onClick) {\n onClick(e);\n }\n };\n\n return (\n <BaseSignInButton\n className={className}\n style={style}\n ref={ref}\n preferences={preferences}\n isLoading={isLoading}\n signIn={handleSignIn}\n onClick={handleOnClick}\n {...rest}\n >\n {children ?? t('elements.buttons.signin.text')}\n </BaseSignInButton>\n );\n },\n);\n\nSignInButton.displayName = 'SignInButton';\n\nexport default SignInButton;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6DA,MAAMA,eAAgG,YAKlG,EAAC,WAAW,OAAO,UAAU,aAAa,SAAS,gBAAgB,EAAE,CAAE,GAAG,QAC1E,QACiB;CACjB,MAAM,EAAC,QAAQ,cAAaC,sBAAc;CAC1C,MAAMC,SAA4B,WAAW;CAC7C,MAAM,EAAC,MAAK,eAAe,aAAa,KAAK;CAE7C,MAAM,CAAC,WAAW,gBAAgB,SAAS,MAAM;CAEjD,MAAM,eAAe,YAA2B;AAC9C,MAAI;AACF,gBAAa,KAAK;AAGlB,OAAI,UACF,QAAO,KAAK,UAAU;YACb,OACT,OAAM,OAAO,cAAc;WAEtB,OAAO;AACd,SAAM,IAAI,sBACR,mBAAmB,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,IACzE,8CACA,UACA,wEACD;YACO;AACR,gBAAa,MAAM;;;CAIvB,MAAM,gBAAgB,OAAO,MAAoD;AAC/E,QAAM,cAAc;AACpB,MAAI,QACF,SAAQ,EAAE;;AAId,QACE,oBAAC;EACY;EACJ;EACF;EACQ;EACF;EACX,QAAQ;EACR,SAAS;EACT,GAAI;YAEH,YAAY,EAAE,+BAA+B;GAC7B;EAGxB;AAED,aAAa,cAAc;AAE3B,2BAAe"}

package/dist/client/components/actions/SignOutButton/SignOutButton.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SignOutButton.d.ts","sourceRoot":"","sources":["../../../../../src/client/components/actions/SignOutButton/SignOutButton.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAIH,OAAO,EAAoB,sBAAsB,EAAiB,MAAM,kBAAkB,CAAC;AAC3F,OAAO,EAAa,yBAAyB,EAAqB,aAAa,EAAuB,MAAM,OAAO,CAAC;AAIpH;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,sBAAsB,CAAC;AAExD;;;;;;;;;;;;;;;;GAgBG;AACH,QAAA,MAAM,aAAa,EAAE,yBAAyB,CAAC,kBAAkB,GAAG,aAAa,CAAC,iBAAiB,CAAC,CAqCnG,CAAC;AAEF,eAAe,aAAa,CAAC"}

package/dist/client/components/actions/SignOutButton/SignOutButton.js ADDED Viewed

@@ -0,0 +1,57 @@
+'use client';
+import logger_default from "../../../../utils/logger.js";
+import useThunderID_default from "../../../contexts/ThunderID/useThunderID.js";
+import { BaseSignOutButton, useTranslation } from "@thunderid/react";
+import { forwardRef, useState } from "react";
+import { jsx } from "react/jsx-runtime";
+//#region src/client/components/actions/SignOutButton/SignOutButton.tsx
+/**
+* SignInButton component. This button initiates the sign-in process when clicked.
+*
+* @example
+* ```tsx
+* import { SignInButton } from '@thunderid/auth-react';
+*
+* const App = () => {
+*   const buttonRef = useRef<HTMLButtonElement>(null);
+*   return (
+*     <SignInButton ref={buttonRef} className="custom-class" style={{ backgroundColor: 'blue' }}>
+*       Sign In
+*     </SignInButton>
+*   );
+* }
+* ```
+*/
+const SignOutButton = forwardRef(({ className, style, preferences, onClick, children,...rest }, ref) => {
+	const { signOut } = useThunderID_default();
+	const { t } = useTranslation(preferences?.i18n);
+	const [isLoading, setIsLoading] = useState(false);
+	const handleOnClick = async (e) => {
+		try {
+			setIsLoading(true);
+			logger_default.debug("[SignOutButton] Initiating a sign-out from a button click");
+			await signOut();
+			if (onClick) onClick(e);
+		} catch (error) {
+			logger_default.error("[SignOutButton] Error occurred initiating sign-out from a button click:", error);
+		} finally {
+			setIsLoading(false);
+		}
+	};
+	return /* @__PURE__ */ jsx(BaseSignOutButton, {
+		ref,
+		onClick: handleOnClick,
+		isLoading,
+		preferences,
+		...rest,
+		children: children ?? t("elements.buttons.signout.text")
+	});
+});
+var SignOutButton_default = SignOutButton;
+//#endregion
+export { SignOutButton_default as default };
+//# sourceMappingURL=SignOutButton.js.map

package/dist/client/components/actions/SignOutButton/SignOutButton.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SignOutButton.js","names":["SignOutButton: ForwardRefExoticComponent<SignOutButtonProps & RefAttributes<HTMLButtonElement>>","useThunderID"],"sources":["../../../../../src/client/components/actions/SignOutButton/SignOutButton.tsx"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\n'use client';\n\nimport {BaseSignOutButton, BaseSignOutButtonProps, useTranslation} from '@thunderid/react';\nimport {forwardRef, ForwardRefExoticComponent, ReactElement, Ref, RefAttributes, useState, MouseEvent} from 'react';\nimport logger from '../../../../utils/logger';\nimport useThunderID from '../../../contexts/ThunderID/useThunderID';\n\n/**\n * Interface for SignInButton component props.\n */\nexport type SignOutButtonProps = BaseSignOutButtonProps;\n\n/**\n * SignInButton component. This button initiates the sign-in process when clicked.\n *\n * @example\n * ```tsx\n * import { SignInButton } from '@thunderid/auth-react';\n *\n * const App = () => {\n * const buttonRef = useRef<HTMLButtonElement>(null);\n * return (\n * <SignInButton ref={buttonRef} className=\"custom-class\" style={{ backgroundColor: 'blue' }}>\n * Sign In\n * </SignInButton>\n * );\n * }\n * ```\n */\nconst SignOutButton: ForwardRefExoticComponent<SignOutButtonProps & RefAttributes<HTMLButtonElement>> = forwardRef<\n HTMLButtonElement,\n SignOutButtonProps\n>(\n (\n {className, style, preferences, onClick, children, ...rest}: SignOutButtonProps,\n ref: Ref<HTMLButtonElement>,\n ): ReactElement => {\n const {signOut} = useThunderID();\n const {t} = useTranslation(preferences?.i18n);\n\n const [isLoading, setIsLoading] = useState(false);\n\n const handleOnClick = async (e: MouseEvent<HTMLButtonElement>): Promise<void> => {\n try {\n setIsLoading(true);\n\n logger.debug('[SignOutButton] Initiating a sign-out from a button click');\n\n await signOut();\n\n if (onClick) {\n onClick(e);\n }\n } catch (error) {\n logger.error('[SignOutButton] Error occurred initiating sign-out from a button click:', error);\n } finally {\n setIsLoading(false);\n }\n };\n\n return (\n <BaseSignOutButton ref={ref} onClick={handleOnClick} isLoading={isLoading} preferences={preferences} {...rest}>\n {children ?? t('elements.buttons.signout.text')}\n </BaseSignOutButton>\n );\n },\n);\n\nexport default SignOutButton;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CA,MAAMA,gBAAkG,YAKpG,EAAC,WAAW,OAAO,aAAa,SAAS,SAAU,GAAG,QACtD,QACiB;CACjB,MAAM,EAAC,YAAWC,sBAAc;CAChC,MAAM,EAAC,MAAK,eAAe,aAAa,KAAK;CAE7C,MAAM,CAAC,WAAW,gBAAgB,SAAS,MAAM;CAEjD,MAAM,gBAAgB,OAAO,MAAoD;AAC/E,MAAI;AACF,gBAAa,KAAK;AAElB,kBAAO,MAAM,4DAA4D;AAEzE,SAAM,SAAS;AAEf,OAAI,QACF,SAAQ,EAAE;WAEL,OAAO;AACd,kBAAO,MAAM,2EAA2E,MAAM;YACtF;AACR,gBAAa,MAAM;;;AAIvB,QACE,oBAAC;EAAuB;EAAK,SAAS;EAA0B;EAAwB;EAAa,GAAI;YACtG,YAAY,EAAE,gCAAgC;GAC7B;EAGzB;AAED,4BAAe"}

package/dist/client/components/actions/SignUpButton/SignUpButton.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SignUpButton.d.ts","sourceRoot":"","sources":["../../../../../src/client/components/actions/SignUpButton/SignUpButton.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAKH,OAAO,EAAmB,qBAAqB,EAAiB,MAAM,kBAAkB,CAAC;AAGzF,OAAO,EAAa,yBAAyB,EAAiC,aAAa,EAAW,MAAM,OAAO,CAAC;AAGpH;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG,qBAAqB,CAAC;AAEtD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,QAAA,MAAM,YAAY,EAAE,yBAAyB,CAAC,iBAAiB,GAAG,aAAa,CAAC,iBAAiB,CAAC,CAgDhG,CAAC;AAIH,eAAe,YAAY,CAAC"}

package/dist/client/components/actions/SignUpButton/SignUpButton.js ADDED Viewed

@@ -0,0 +1,85 @@
+'use client';
+import useThunderID_default from "../../../contexts/ThunderID/useThunderID.js";
+import { ThunderIDRuntimeError } from "@thunderid/node";
+import { BaseSignUpButton, useTranslation } from "@thunderid/react";
+import { useRouter } from "next/navigation";
+import { forwardRef, useState } from "react";
+import { jsx } from "react/jsx-runtime";
+//#region src/client/components/actions/SignUpButton/SignUpButton.tsx
+/**
+* SignUpButton component that supports both render props and traditional props patterns.
+* It redirects the user to the ThunderID sign-up page configured for the application.
+*
+* @remarks This component is only supported in browser based React applications (CSR).
+*
+* @example Using render props pattern
+* ```tsx
+* <SignUpButton>
+*   {({ signUp, isLoading }) => (
+*     <button onClick={signUp} disabled={isLoading}>
+*       {isLoading ? 'Creating Account...' : 'Create Account'}
+*     </button>
+*   )}
+* </SignUpButton>
+* ```
+*
+* @example Using traditional props pattern
+* ```tsx
+* <SignUpButton className="custom-button">Create Account</SignUpButton>
+* ```
+*
+* @example Using component-level preferences
+* ```tsx
+* <SignUpButton
+*   preferences={{
+*     i18n: {
+*       bundles: {
+*         'en-US': {
+*           translations: {
+*             'buttons.signUp': 'Custom Sign Up Text'
+*           }
+*         }
+*       }
+*     }
+*   }}
+* >
+*   Custom Sign Up
+* </SignUpButton>
+* ```
+*/
+const SignUpButton = forwardRef(({ children, onClick, preferences,...rest }, ref) => {
+	const { signUp, signUpUrl } = useThunderID_default();
+	const router = useRouter();
+	const { t } = useTranslation(preferences?.i18n);
+	const [isLoading, setIsLoading] = useState(false);
+	const handleSignUp = async (e) => {
+		try {
+			setIsLoading(true);
+			if (signUpUrl) router.push(signUpUrl);
+			else if (signUp) await signUp();
+			if (onClick) onClick(e);
+		} catch (error) {
+			throw new ThunderIDRuntimeError(`Sign up failed: ${error instanceof Error ? error.message : String(error)}`, "SignUpButton-handleSignUp-RuntimeError-001", "nextjs", "Something went wrong while trying to sign up. Please try again later.");
+		} finally {
+			setIsLoading(false);
+		}
+	};
+	return /* @__PURE__ */ jsx(BaseSignUpButton, {
+		ref,
+		onClick: handleSignUp,
+		isLoading,
+		signUp: handleSignUp,
+		preferences,
+		...rest,
+		children: children ?? t("elements.buttons.signup.text")
+	});
+});
+SignUpButton.displayName = "SignUpButton";
+var SignUpButton_default = SignUpButton;
+//#endregion
+export { SignUpButton_default as default };
+//# sourceMappingURL=SignUpButton.js.map

package/dist/client/components/actions/SignUpButton/SignUpButton.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SignUpButton.js","names":["SignUpButton: ForwardRefExoticComponent<SignUpButtonProps & RefAttributes<HTMLButtonElement>>","useThunderID","router: AppRouterInstance"],"sources":["../../../../../src/client/components/actions/SignUpButton/SignUpButton.tsx"],"sourcesContent":["/**\n * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).\n *\n * WSO2 LLC. licenses this file to you under the Apache License,\n * Version 2.0 (the \"License\"); you may not use this file except\n * in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing,\n * software distributed under the License is distributed on an\n * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n * KIND, either express or implied. See the License for the\n * specific language governing permissions and limitations\n * under the License.\n */\n\n'use client';\n\nimport {ThunderIDRuntimeError} from '@thunderid/node';\nimport {BaseSignUpButton, BaseSignUpButtonProps, useTranslation} from '@thunderid/react';\nimport {AppRouterInstance} from 'next/dist/shared/lib/app-router-context.shared-runtime';\nimport {useRouter} from 'next/navigation';\nimport {forwardRef, ForwardRefExoticComponent, MouseEvent, ReactElement, Ref, RefAttributes, useState} from 'react';\nimport useThunderID from '../../../contexts/ThunderID/useThunderID';\n\n/**\n * Props interface of {@link SignUpButton}\n */\nexport type SignUpButtonProps = BaseSignUpButtonProps;\n\n/**\n * SignUpButton component that supports both render props and traditional props patterns.\n * It redirects the user to the ThunderID sign-up page configured for the application.\n *\n * @remarks This component is only supported in browser based React applications (CSR).\n *\n * @example Using render props pattern\n * ```tsx\n * <SignUpButton>\n * {({ signUp, isLoading }) => (\n * <button onClick={signUp} disabled={isLoading}>\n * {isLoading ? 'Creating Account...' : 'Create Account'}\n * </button>\n * )}\n * </SignUpButton>\n * ```\n *\n * @example Using traditional props pattern\n * ```tsx\n * <SignUpButton className=\"custom-button\">Create Account</SignUpButton>\n * ```\n *\n * @example Using component-level preferences\n * ```tsx\n * <SignUpButton\n * preferences={{\n * i18n: {\n * bundles: {\n * 'en-US': {\n * translations: {\n * 'buttons.signUp': 'Custom Sign Up Text'\n * }\n * }\n * }\n * }\n * }}\n * >\n * Custom Sign Up\n * </SignUpButton>\n * ```\n */\nconst SignUpButton: ForwardRefExoticComponent<SignUpButtonProps & RefAttributes<HTMLButtonElement>> = forwardRef<\n HTMLButtonElement,\n SignUpButtonProps\n>(({children, onClick, preferences, ...rest}: SignUpButtonProps, ref: Ref<HTMLButtonElement>): ReactElement => {\n const {signUp, signUpUrl} = useThunderID();\n const router: AppRouterInstance = useRouter();\n const {t} = useTranslation(preferences?.i18n);\n\n const [isLoading, setIsLoading] = useState(false);\n\n const handleSignUp = async (e?: MouseEvent<HTMLButtonElement>): Promise<void> => {\n try {\n setIsLoading(true);\n\n // If a custom `signUpUrl` is provided, use it for navigation.\n if (signUpUrl) {\n router.push(signUpUrl);\n } else if (signUp) {\n await signUp();\n }\n\n if (onClick) {\n onClick(e!);\n }\n } catch (error) {\n throw new ThunderIDRuntimeError(\n `Sign up failed: ${error instanceof Error ? error.message : String(error)}`,\n 'SignUpButton-handleSignUp-RuntimeError-001',\n 'nextjs',\n 'Something went wrong while trying to sign up. Please try again later.',\n );\n } finally {\n setIsLoading(false);\n }\n };\n\n return (\n <BaseSignUpButton\n ref={ref}\n onClick={handleSignUp}\n isLoading={isLoading}\n signUp={handleSignUp}\n preferences={preferences}\n {...rest}\n >\n {children ?? t('elements.buttons.signup.text')}\n </BaseSignUpButton>\n );\n});\n\nSignUpButton.displayName = 'SignUpButton';\n\nexport default SignUpButton;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyEA,MAAMA,eAAgG,YAGnG,EAAC,UAAU,SAAS,YAAa,GAAG,QAA0B,QAA8C;CAC7G,MAAM,EAAC,QAAQ,cAAaC,sBAAc;CAC1C,MAAMC,SAA4B,WAAW;CAC7C,MAAM,EAAC,MAAK,eAAe,aAAa,KAAK;CAE7C,MAAM,CAAC,WAAW,gBAAgB,SAAS,MAAM;CAEjD,MAAM,eAAe,OAAO,MAAqD;AAC/E,MAAI;AACF,gBAAa,KAAK;AAGlB,OAAI,UACF,QAAO,KAAK,UAAU;YACb,OACT,OAAM,QAAQ;AAGhB,OAAI,QACF,SAAQ,EAAG;WAEN,OAAO;AACd,SAAM,IAAI,sBACR,mBAAmB,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,IACzE,8CACA,UACA,wEACD;YACO;AACR,gBAAa,MAAM;;;AAIvB,QACE,oBAAC;EACM;EACL,SAAS;EACE;EACX,QAAQ;EACK;EACb,GAAI;YAEH,YAAY,EAAE,+BAA+B;GAC7B;EAErB;AAEF,aAAa,cAAc;AAE3B,2BAAe"}

package/dist/client/components/control/Loading/Loading.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Loading.d.ts","sourceRoot":"","sources":["../../../../../src/client/components/control/Loading/Loading.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAIH,OAAO,EAAC,EAAE,EAAE,iBAAiB,EAAE,SAAS,EAAC,MAAM,OAAO,CAAC;AAGvD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,QAAQ,CAAC,EAAE,SAAS,CAAC;CACtB;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,QAAA,MAAM,OAAO,EAAE,EAAE,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAQhD,CAAC;AAIF,eAAe,OAAO,CAAC"}

package/dist/client/components/control/SignedIn/SignedIn.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SignedIn.d.ts","sourceRoot":"","sources":["../../../../../src/client/components/control/SignedIn/SignedIn.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAIH,OAAO,EAAC,EAAE,EAAE,iBAAiB,EAAE,SAAS,EAAC,MAAM,OAAO,CAAC;AAGvD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,QAAQ,CAAC,EAAE,SAAS,CAAC;CACtB;AAED;;;;;;;;;;;;;;;GAeG;AACH,QAAA,MAAM,QAAQ,EAAE,EAAE,CAAC,iBAAiB,CAAC,aAAa,CAAC,CAOlD,CAAC;AAEF,eAAe,QAAQ,CAAC"}