@versini/auth-provider 2.1.2 → 2.3.0

package/dist/index.d.ts

@@ -10,9 +10,6 @@ type AuthProviderProps = {
 
 type AuthState = {
 	isAuthenticated: boolean;
-	idToken?: string;
-	accessToken?: string;
-	refreshToken?: string;
 	logoutReason?: string;
 	userId?: string;
 };
@@ -20,6 +17,7 @@ type AuthState = {
 type AuthContextProps = {
 	login: (username: string, password: string) => Promise<boolean>;
 	logout: () => void;
+	getIdTokenClaims: () => Promise<any>;
 } & AuthState;
 
 declare const AuthProvider: ({ children, sessionExpiration, clientId, }: AuthProviderProps) => react_jsx_runtime.JSX.Element;

package/dist/index.js

@@ -1,141 +1,80 @@
-import { jsx as oe } from "react/jsx-runtime";
-import * as b from "react";
+import { jsx as ne } from "react/jsx-runtime";
+import * as I from "react";
 import { useRef as ae, useEffect as Y, createContext as se, useState as ie, useContext as ce } from "react";
 /*!
-  @versini/auth-provider v2.1.2
+  @versini/auth-provider v2.3.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "2.1.2",
-    buildTime: "06/24/2024 05:12 PM EDT",
+    version: "2.3.0",
+    buildTime: "06/24/2024 06:34 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
 /*!
-  @versini/auth-common v2.1.0
+  @versini/auth-common v2.3.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "2.1.0",
-    buildTime: "06/24/2024 05:12 PM EDT",
+    version: "2.3.0",
+    buildTime: "06/24/2024 06:34 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const ue = {
-  ID_TOKEN: "id_token"
-}, de = {
-  CLIENT_ID: "X-Auth-ClientId"
-}, A = {
-  ALG: "RS256",
-  USER_ID_KEY: "_id",
-  ISSUER: "gizmette.com"
-};
-function q(e, t) {
-  window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
-}
-const D = (e, t) => {
-  const n = JSON.stringify(
-    typeof t == "function" ? t() : t
-  );
-  window.localStorage.setItem(e, n), q(e, n);
-}, le = (e) => {
-  window.localStorage.removeItem(e), q(e, null);
-}, K = (e) => window.localStorage.getItem(e), fe = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
-function he({
-  key: e,
-  initialValue: t
-}) {
-  const n = () => K(e), r = b.useSyncExternalStore(
-    fe,
-    n
-  ), o = b.useCallback(
-    (i) => {
-      try {
-        const c = typeof i == "function" ? i(JSON.parse(r)) : i;
-        c == null ? le(e) : D(e, c);
-      } catch (c) {
-        console.warn(c);
-      }
-    },
-    [e, r]
-  ), s = b.useCallback(() => {
-    o(t);
-  }, [t, o]), a = b.useCallback(() => {
-    o(null);
-  }, [o]);
-  return b.useEffect(() => {
-    try {
-      K(e) === null && typeof t < "u" && D(e, t);
-    } catch (i) {
-      console.warn(i);
-    }
-  }, [e, t]), [r ? JSON.parse(r) : null, o, s, a];
-}
-const L = "Oops! It looks like your session has expired. For your security, please log in again to continue.", pe = "Your session has been successfully terminated.", me = "You forgot to wrap your component in <AuthProvider>.", W = {
-  dev: "https://auth.gizmette.local.com:3003",
-  prod: "https://mylogin.gizmette.com"
-}, ye = "@@auth@@", Se = `-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
-w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
-i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
-aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
-l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
-sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
-awIDAQAB
------END PUBLIC KEY-----`, J = crypto, z = (e) => e instanceof CryptoKey, _ = new TextEncoder(), R = new TextDecoder();
-function we(...e) {
-  const t = e.reduce((o, { length: s }) => o + s, 0), n = new Uint8Array(t);
+const U = crypto, G = (e) => e instanceof CryptoKey, _ = new TextEncoder(), T = new TextDecoder();
+function ue(...e) {
+  const t = e.reduce((n, { length: a }) => n + a, 0), o = new Uint8Array(t);
   let r = 0;
-  for (const o of e)
-    n.set(o, r), r += o.length;
-  return n;
+  for (const n of e)
+    o.set(n, r), r += n.length;
+  return o;
 }
-const Ee = (e) => {
-  const t = atob(e), n = new Uint8Array(t.length);
+const de = (e) => {
+  const t = atob(e), o = new Uint8Array(t.length);
   for (let r = 0; r < t.length; r++)
-    n[r] = t.charCodeAt(r);
-  return n;
-}, x = (e) => {
+    o[r] = t.charCodeAt(r);
+  return o;
+}, C = (e) => {
   let t = e;
-  t instanceof Uint8Array && (t = R.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  t instanceof Uint8Array && (t = T.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
   try {
-    return Ee(t);
+    return de(t);
   } catch {
     throw new TypeError("The input to be decoded is not correctly encoded.");
   }
 };
-class g extends Error {
+class b extends Error {
   static get code() {
     return "ERR_JOSE_GENERIC";
   }
   constructor(t) {
-    var n;
-    super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (n = Error.captureStackTrace) == null || n.call(Error, this, this.constructor);
+    var o;
+    super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (o = Error.captureStackTrace) == null || o.call(Error, this, this.constructor);
   }
 }
-class m extends g {
+class m extends b {
   static get code() {
     return "ERR_JWT_CLAIM_VALIDATION_FAILED";
   }
-  constructor(t, n, r = "unspecified", o = "unspecified") {
-    super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = o, this.payload = n;
+  constructor(t, o, r = "unspecified", n = "unspecified") {
+    super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = n, this.payload = o;
   }
 }
-class H extends g {
+class $ extends b {
   static get code() {
     return "ERR_JWT_EXPIRED";
   }
-  constructor(t, n, r = "unspecified", o = "unspecified") {
-    super(t), this.code = "ERR_JWT_EXPIRED", this.claim = r, this.reason = o, this.payload = n;
+  constructor(t, o, r = "unspecified", n = "unspecified") {
+    super(t), this.code = "ERR_JWT_EXPIRED", this.claim = r, this.reason = n, this.payload = o;
   }
 }
-class ge extends g {
+class le extends b {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
   }
@@ -143,7 +82,7 @@ class ge extends g {
     return "ERR_JOSE_ALG_NOT_ALLOWED";
   }
 }
-class C extends g {
+class k extends b {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
   }
@@ -151,15 +90,15 @@ class C extends g {
     return "ERR_JOSE_NOT_SUPPORTED";
   }
 }
-class l extends g {
+let l = class extends b {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_INVALID";
   }
   static get code() {
     return "ERR_JWS_INVALID";
   }
-}
-class X extends g {
+};
+class q extends b {
   constructor() {
     super(...arguments), this.code = "ERR_JWT_INVALID";
   }
@@ -167,7 +106,7 @@ class X extends g {
     return "ERR_JWT_INVALID";
   }
 }
-class Ae extends g {
+class he extends b {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
   }
@@ -178,13 +117,13 @@ class Ae extends g {
 function S(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
-function T(e, t) {
+function v(e, t) {
   return e.name === t;
 }
-function O(e) {
+function P(e) {
   return parseInt(e.name.slice(4), 10);
 }
-function be(e) {
+function pe(e) {
   switch (e) {
     case "ES256":
       return "P-256";
@@ -196,46 +135,46 @@ function be(e) {
       throw new Error("unreachable");
   }
 }
-function Ie(e, t) {
-  if (t.length && !t.some((n) => e.usages.includes(n))) {
-    let n = "CryptoKey does not support this operation, its usages must include ";
+function fe(e, t) {
+  if (t.length && !t.some((o) => e.usages.includes(o))) {
+    let o = "CryptoKey does not support this operation, its usages must include ";
     if (t.length > 2) {
       const r = t.pop();
-      n += `one of ${t.join(", ")}, or ${r}.`;
+      o += `one of ${t.join(", ")}, or ${r}.`;
     } else
-      t.length === 2 ? n += `one of ${t[0]} or ${t[1]}.` : n += `${t[0]}.`;
-    throw new TypeError(n);
+      t.length === 2 ? o += `one of ${t[0]} or ${t[1]}.` : o += `${t[0]}.`;
+    throw new TypeError(o);
   }
 }
-function _e(e, t, ...n) {
+function ye(e, t, ...o) {
   switch (t) {
     case "HS256":
     case "HS384":
     case "HS512": {
-      if (!T(e.algorithm, "HMAC"))
+      if (!v(e.algorithm, "HMAC"))
         throw S("HMAC");
       const r = parseInt(t.slice(2), 10);
-      if (O(e.algorithm.hash) !== r)
+      if (P(e.algorithm.hash) !== r)
         throw S(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "RS256":
     case "RS384":
     case "RS512": {
-      if (!T(e.algorithm, "RSASSA-PKCS1-v1_5"))
+      if (!v(e.algorithm, "RSASSA-PKCS1-v1_5"))
         throw S("RSASSA-PKCS1-v1_5");
       const r = parseInt(t.slice(2), 10);
-      if (O(e.algorithm.hash) !== r)
+      if (P(e.algorithm.hash) !== r)
         throw S(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "PS256":
     case "PS384":
     case "PS512": {
-      if (!T(e.algorithm, "RSA-PSS"))
+      if (!v(e.algorithm, "RSA-PSS"))
         throw S("RSA-PSS");
       const r = parseInt(t.slice(2), 10);
-      if (O(e.algorithm.hash) !== r)
+      if (P(e.algorithm.hash) !== r)
         throw S(`SHA-${r}`, "algorithm.hash");
       break;
     }
@@ -247,9 +186,9 @@ function _e(e, t, ...n) {
     case "ES256":
     case "ES384":
     case "ES512": {
-      if (!T(e.algorithm, "ECDSA"))
+      if (!v(e.algorithm, "ECDSA"))
         throw S("ECDSA");
-      const r = be(t);
+      const r = pe(t);
       if (e.algorithm.namedCurve !== r)
         throw S(r, "algorithm.namedCurve");
       break;
@@ -257,45 +196,45 @@ function _e(e, t, ...n) {
     default:
       throw new TypeError("CryptoKey does not support this operation");
   }
-  Ie(e, n);
+  fe(e, o);
 }
-function j(e, t, ...n) {
+function z(e, t, ...o) {
   var r;
-  if (n.length > 2) {
-    const o = n.pop();
-    e += `one of type ${n.join(", ")}, or ${o}.`;
+  if (o.length > 2) {
+    const n = o.pop();
+    e += `one of type ${o.join(", ")}, or ${n}.`;
   } else
-    n.length === 2 ? e += `one of type ${n[0]} or ${n[1]}.` : e += `of type ${n[0]}.`;
+    o.length === 2 ? e += `one of type ${o[0]} or ${o[1]}.` : e += `of type ${o[0]}.`;
   return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (r = t.constructor) != null && r.name && (e += ` Received an instance of ${t.constructor.name}`), e;
 }
-const $ = (e, ...t) => j("Key must be ", e, ...t);
-function Q(e, t, ...n) {
-  return j(`Key for the ${e} algorithm must be `, t, ...n);
+const L = (e, ...t) => z("Key must be ", e, ...t);
+function X(e, t, ...o) {
+  return z(`Key for the ${e} algorithm must be `, t, ...o);
 }
-const Z = (e) => z(e), E = ["CryptoKey"], Te = (...e) => {
+const Q = (e) => G(e), g = ["CryptoKey"], me = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
-  let n;
+  let o;
   for (const r of t) {
-    const o = Object.keys(r);
-    if (!n || n.size === 0) {
-      n = new Set(o);
+    const n = Object.keys(r);
+    if (!o || o.size === 0) {
+      o = new Set(n);
       continue;
     }
-    for (const s of o) {
-      if (n.has(s))
+    for (const a of n) {
+      if (o.has(a))
         return !1;
-      n.add(s);
+      o.add(a);
     }
   }
   return !0;
 };
-function ve(e) {
+function we(e) {
   return typeof e == "object" && e !== null;
 }
-function U(e) {
-  if (!ve(e) || Object.prototype.toString.call(e) !== "[object Object]")
+function H(e) {
+  if (!we(e) || Object.prototype.toString.call(e) !== "[object Object]")
     return !1;
   if (Object.getPrototypeOf(e) === null)
     return !0;
@@ -304,182 +243,182 @@ function U(e) {
     t = Object.getPrototypeOf(t);
   return Object.getPrototypeOf(e) === t;
 }
-const Re = (e, t) => {
+const Se = (e, t) => {
   if (e.startsWith("RS") || e.startsWith("PS")) {
-    const { modulusLength: n } = t.algorithm;
-    if (typeof n != "number" || n < 2048)
+    const { modulusLength: o } = t.algorithm;
+    if (typeof o != "number" || o < 2048)
       throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
   }
-}, w = (e, t, n = 0) => {
-  n === 0 && (t.unshift(t.length), t.unshift(6));
-  const r = e.indexOf(t[0], n);
+}, E = (e, t, o = 0) => {
+  o === 0 && (t.unshift(t.length), t.unshift(6));
+  const r = e.indexOf(t[0], o);
   if (r === -1)
     return !1;
-  const o = e.subarray(r, r + t.length);
-  return o.length !== t.length ? !1 : o.every((s, a) => s === t[a]) || w(e, t, r + 1);
-}, M = (e) => {
+  const n = e.subarray(r, r + t.length);
+  return n.length !== t.length ? !1 : n.every((a, s) => a === t[s]) || E(e, t, r + 1);
+}, K = (e) => {
   switch (!0) {
-    case w(e, [42, 134, 72, 206, 61, 3, 1, 7]):
+    case E(e, [42, 134, 72, 206, 61, 3, 1, 7]):
       return "P-256";
-    case w(e, [43, 129, 4, 0, 34]):
+    case E(e, [43, 129, 4, 0, 34]):
       return "P-384";
-    case w(e, [43, 129, 4, 0, 35]):
+    case E(e, [43, 129, 4, 0, 35]):
       return "P-521";
-    case w(e, [43, 101, 110]):
+    case E(e, [43, 101, 110]):
       return "X25519";
-    case w(e, [43, 101, 111]):
+    case E(e, [43, 101, 111]):
       return "X448";
-    case w(e, [43, 101, 112]):
+    case E(e, [43, 101, 112]):
       return "Ed25519";
-    case w(e, [43, 101, 113]):
+    case E(e, [43, 101, 113]):
       return "Ed448";
     default:
-      throw new C("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
+      throw new k("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
   }
-}, Ce = async (e, t, n, r, o) => {
-  let s, a;
-  const i = new Uint8Array(atob(n.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
+}, Ee = async (e, t, o, r, n) => {
+  let a, s;
+  const i = new Uint8Array(atob(o.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
   switch (r) {
     case "PS256":
     case "PS384":
     case "PS512":
-      s = { name: "RSA-PSS", hash: `SHA-${r.slice(-3)}` }, a = ["verify"];
+      a = { name: "RSA-PSS", hash: `SHA-${r.slice(-3)}` }, s = ["verify"];
       break;
     case "RS256":
     case "RS384":
     case "RS512":
-      s = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${r.slice(-3)}` }, a = ["verify"];
+      a = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${r.slice(-3)}` }, s = ["verify"];
       break;
     case "RSA-OAEP":
     case "RSA-OAEP-256":
     case "RSA-OAEP-384":
     case "RSA-OAEP-512":
-      s = {
+      a = {
         name: "RSA-OAEP",
         hash: `SHA-${parseInt(r.slice(-3), 10) || 1}`
-      }, a = ["encrypt", "wrapKey"];
+      }, s = ["encrypt", "wrapKey"];
       break;
     case "ES256":
-      s = { name: "ECDSA", namedCurve: "P-256" }, a = ["verify"];
+      a = { name: "ECDSA", namedCurve: "P-256" }, s = ["verify"];
       break;
     case "ES384":
-      s = { name: "ECDSA", namedCurve: "P-384" }, a = ["verify"];
+      a = { name: "ECDSA", namedCurve: "P-384" }, s = ["verify"];
       break;
     case "ES512":
-      s = { name: "ECDSA", namedCurve: "P-521" }, a = ["verify"];
+      a = { name: "ECDSA", namedCurve: "P-521" }, s = ["verify"];
       break;
     case "ECDH-ES":
     case "ECDH-ES+A128KW":
     case "ECDH-ES+A192KW":
     case "ECDH-ES+A256KW": {
-      const c = M(i);
-      s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, a = [];
+      const c = K(i);
+      a = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, s = [];
       break;
     }
     case "EdDSA":
-      s = { name: M(i) }, a = ["verify"];
+      a = { name: K(i) }, s = ["verify"];
       break;
     default:
-      throw new C('Invalid or unsupported "alg" (Algorithm) value');
+      throw new k('Invalid or unsupported "alg" (Algorithm) value');
   }
-  return J.subtle.importKey(t, i, s, !1, a);
-}, Pe = (e, t, n) => Ce(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
-async function xe(e, t, n) {
+  return U.subtle.importKey(t, i, a, !1, s);
+}, ge = (e, t, o) => Ee(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
+async function Ae(e, t, o) {
   if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
     throw new TypeError('"spki" must be SPKI formatted string');
-  return Pe(e, t);
+  return ge(e, t);
 }
-const Oe = (e, t) => {
+const be = (e, t) => {
   if (!(t instanceof Uint8Array)) {
-    if (!Z(t))
-      throw new TypeError(Q(e, t, ...E, "Uint8Array"));
+    if (!Q(t))
+      throw new TypeError(X(e, t, ...g, "Uint8Array"));
     if (t.type !== "secret")
-      throw new TypeError(`${E.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
+      throw new TypeError(`${g.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
   }
-}, Ne = (e, t, n) => {
-  if (!Z(t))
-    throw new TypeError(Q(e, t, ...E));
+}, Ie = (e, t, o) => {
+  if (!Q(t))
+    throw new TypeError(X(e, t, ...g));
   if (t.type === "secret")
-    throw new TypeError(`${E.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
-  if (t.algorithm && n === "verify" && t.type === "private")
-    throw new TypeError(`${E.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);
-  if (t.algorithm && n === "encrypt" && t.type === "private")
-    throw new TypeError(`${E.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`);
-}, Ue = (e, t, n) => {
-  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Oe(e, t) : Ne(e, t, n);
+    throw new TypeError(`${g.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
+  if (t.algorithm && o === "verify" && t.type === "private")
+    throw new TypeError(`${g.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);
+  if (t.algorithm && o === "encrypt" && t.type === "private")
+    throw new TypeError(`${g.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`);
+}, _e = (e, t, o) => {
+  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? be(e, t) : Ie(e, t, o);
 };
-function Je(e, t, n, r, o) {
-  if (o.crit !== void 0 && (r == null ? void 0 : r.crit) === void 0)
+function ve(e, t, o, r, n) {
+  if (n.crit !== void 0 && (r == null ? void 0 : r.crit) === void 0)
     throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
   if (!r || r.crit === void 0)
     return /* @__PURE__ */ new Set();
-  if (!Array.isArray(r.crit) || r.crit.length === 0 || r.crit.some((a) => typeof a != "string" || a.length === 0))
+  if (!Array.isArray(r.crit) || r.crit.length === 0 || r.crit.some((s) => typeof s != "string" || s.length === 0))
     throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
-  let s;
-  n !== void 0 ? s = new Map([...Object.entries(n), ...t.entries()]) : s = t;
-  for (const a of r.crit) {
-    if (!s.has(a))
-      throw new C(`Extension Header Parameter "${a}" is not recognized`);
-    if (o[a] === void 0)
-      throw new e(`Extension Header Parameter "${a}" is missing`);
-    if (s.get(a) && r[a] === void 0)
-      throw new e(`Extension Header Parameter "${a}" MUST be integrity protected`);
+  let a;
+  o !== void 0 ? a = new Map([...Object.entries(o), ...t.entries()]) : a = t;
+  for (const s of r.crit) {
+    if (!a.has(s))
+      throw new k(`Extension Header Parameter "${s}" is not recognized`);
+    if (n[s] === void 0)
+      throw new e(`Extension Header Parameter "${s}" is missing`);
+    if (a.get(s) && r[s] === void 0)
+      throw new e(`Extension Header Parameter "${s}" MUST be integrity protected`);
   }
   return new Set(r.crit);
 }
-const ke = (e, t) => {
-  if (t !== void 0 && (!Array.isArray(t) || t.some((n) => typeof n != "string")))
+const Re = (e, t) => {
+  if (t !== void 0 && (!Array.isArray(t) || t.some((o) => typeof o != "string")))
     throw new TypeError(`"${e}" option must be an array of strings`);
   if (t)
     return new Set(t);
 };
-function De(e, t) {
-  const n = `SHA-${e.slice(-3)}`;
+function Te(e, t) {
+  const o = `SHA-${e.slice(-3)}`;
   switch (e) {
     case "HS256":
     case "HS384":
     case "HS512":
-      return { hash: n, name: "HMAC" };
+      return { hash: o, name: "HMAC" };
     case "PS256":
     case "PS384":
     case "PS512":
-      return { hash: n, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
+      return { hash: o, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
     case "RS256":
     case "RS384":
     case "RS512":
-      return { hash: n, name: "RSASSA-PKCS1-v1_5" };
+      return { hash: o, name: "RSASSA-PKCS1-v1_5" };
     case "ES256":
     case "ES384":
     case "ES512":
-      return { hash: n, name: "ECDSA", namedCurve: t.namedCurve };
+      return { hash: o, name: "ECDSA", namedCurve: t.namedCurve };
     case "EdDSA":
       return { name: t.name };
     default:
-      throw new C(`alg ${e} is not supported either by JOSE or your javascript runtime`);
+      throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`);
   }
 }
-function Ke(e, t, n) {
-  if (z(t))
-    return _e(t, e, n), t;
+function ke(e, t, o) {
+  if (G(t))
+    return ye(t, e, o), t;
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
-      throw new TypeError($(t, ...E));
-    return J.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [n]);
+      throw new TypeError(L(t, ...g));
+    return U.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [o]);
   }
-  throw new TypeError($(t, ...E, "Uint8Array"));
+  throw new TypeError(L(t, ...g, "Uint8Array"));
 }
-const Le = async (e, t, n, r) => {
-  const o = await Ke(e, t, "verify");
-  Re(e, o);
-  const s = De(e, o.algorithm);
+const Ce = async (e, t, o, r) => {
+  const n = await ke(e, t, "verify");
+  Se(e, n);
+  const a = Te(e, n.algorithm);
   try {
-    return await J.subtle.verify(s, o, n, r);
+    return await U.subtle.verify(a, n, o, r);
   } catch {
     return !1;
   }
 };
-async function We(e, t, n) {
-  if (!U(e))
+async function Pe(e, t, o) {
+  if (!H(e))
     throw new l("Flattened JWS must be an object");
   if (e.protected === void 0 && e.header === void 0)
     throw new l('Flattened JWS must have either of the "protected" or "header" members');
@@ -489,256 +428,319 @@ async function We(e, t, n) {
     throw new l("JWS Payload missing");
   if (typeof e.signature != "string")
     throw new l("JWS Signature missing or incorrect type");
-  if (e.header !== void 0 && !U(e.header))
+  if (e.header !== void 0 && !H(e.header))
     throw new l("JWS Unprotected Header incorrect type");
   let r = {};
   if (e.protected)
     try {
-      const P = x(e.protected);
-      r = JSON.parse(R.decode(P));
+      const p = C(e.protected);
+      r = JSON.parse(T.decode(p));
     } catch {
       throw new l("JWS Protected Header is invalid");
     }
-  if (!Te(r, e.header))
+  if (!me(r, e.header))
     throw new l("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
-  const o = {
+  const n = {
     ...r,
     ...e.header
-  }, s = Je(l, /* @__PURE__ */ new Map([["b64", !0]]), n == null ? void 0 : n.crit, r, o);
-  let a = !0;
-  if (s.has("b64") && (a = r.b64, typeof a != "boolean"))
+  }, a = ve(l, /* @__PURE__ */ new Map([["b64", !0]]), o == null ? void 0 : o.crit, r, n);
+  let s = !0;
+  if (a.has("b64") && (s = r.b64, typeof s != "boolean"))
     throw new l('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
-  const { alg: i } = o;
+  const { alg: i } = n;
   if (typeof i != "string" || !i)
     throw new l('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  const c = n && ke("algorithms", n.algorithms);
+  const c = o && Re("algorithms", o.algorithms);
   if (c && !c.has(i))
-    throw new ge('"alg" (Algorithm) Header Parameter value not allowed');
-  if (a) {
+    throw new le('"alg" (Algorithm) Header Parameter value not allowed');
+  if (s) {
     if (typeof e.payload != "string")
       throw new l("JWS Payload must be a string");
   } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
     throw new l("JWS Payload must be a string or an Uint8Array instance");
-  let h = !1;
-  typeof t == "function" && (t = await t(r, e), h = !0), Ue(i, t, "verify");
-  const y = we(_.encode(e.protected ?? ""), _.encode("."), typeof e.payload == "string" ? _.encode(e.payload) : e.payload);
-  let u;
+  let f = !1;
+  typeof t == "function" && (t = await t(r, e), f = !0), _e(i, t, "verify");
+  const w = ue(_.encode(e.protected ?? ""), _.encode("."), typeof e.payload == "string" ? _.encode(e.payload) : e.payload);
+  let h;
   try {
-    u = x(e.signature);
+    h = C(e.signature);
   } catch {
     throw new l("Failed to base64url decode the signature");
   }
-  if (!await Le(i, t, u, y))
-    throw new Ae();
-  let f;
-  if (a)
+  if (!await Ce(i, t, h, w))
+    throw new he();
+  let u;
+  if (s)
     try {
-      f = x(e.payload);
+      u = C(e.payload);
     } catch {
       throw new l("Failed to base64url decode the payload");
     }
   else
-    typeof e.payload == "string" ? f = _.encode(e.payload) : f = e.payload;
-  const p = { payload: f };
-  return e.protected !== void 0 && (p.protectedHeader = r), e.header !== void 0 && (p.unprotectedHeader = e.header), h ? { ...p, key: t } : p;
+    typeof e.payload == "string" ? u = _.encode(e.payload) : u = e.payload;
+  const y = { payload: u };
+  return e.protected !== void 0 && (y.protectedHeader = r), e.header !== void 0 && (y.unprotectedHeader = e.header), f ? { ...y, key: t } : y;
 }
-async function He(e, t, n) {
-  if (e instanceof Uint8Array && (e = R.decode(e)), typeof e != "string")
+async function Oe(e, t, o) {
+  if (e instanceof Uint8Array && (e = T.decode(e)), typeof e != "string")
     throw new l("Compact JWS must be a string or Uint8Array");
-  const { 0: r, 1: o, 2: s, length: a } = e.split(".");
-  if (a !== 3)
+  const { 0: r, 1: n, 2: a, length: s } = e.split(".");
+  if (s !== 3)
     throw new l("Invalid Compact JWS");
-  const i = await We({ payload: o, protected: r, signature: s }, t, n), c = { payload: i.payload, protectedHeader: i.protectedHeader };
+  const i = await Pe({ payload: n, protected: r, signature: a }, t, o), c = { payload: i.payload, protectedHeader: i.protectedHeader };
   return typeof t == "function" ? { ...c, key: i.key } : c;
 }
-const $e = (e) => Math.floor(e.getTime() / 1e3), ee = 60, te = ee * 60, k = te * 24, Me = k * 7, Ve = k * 365.25, Be = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, V = (e) => {
-  const t = Be.exec(e);
+const De = (e) => Math.floor(e.getTime() / 1e3), Z = 60, ee = Z * 60, J = ee * 24, He = J * 7, Ne = J * 365.25, Ue = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, W = (e) => {
+  const t = Ue.exec(e);
   if (!t || t[4] && t[1])
     throw new TypeError("Invalid time period format");
-  const n = parseFloat(t[2]), r = t[3].toLowerCase();
-  let o;
+  const o = parseFloat(t[2]), r = t[3].toLowerCase();
+  let n;
   switch (r) {
     case "sec":
     case "secs":
     case "second":
     case "seconds":
     case "s":
-      o = Math.round(n);
+      n = Math.round(o);
       break;
     case "minute":
     case "minutes":
     case "min":
     case "mins":
     case "m":
-      o = Math.round(n * ee);
+      n = Math.round(o * Z);
       break;
     case "hour":
     case "hours":
     case "hr":
     case "hrs":
     case "h":
-      o = Math.round(n * te);
+      n = Math.round(o * ee);
       break;
     case "day":
     case "days":
     case "d":
-      o = Math.round(n * k);
+      n = Math.round(o * J);
       break;
     case "week":
     case "weeks":
     case "w":
-      o = Math.round(n * Me);
+      n = Math.round(o * He);
       break;
     default:
-      o = Math.round(n * Ve);
+      n = Math.round(o * Ne);
       break;
   }
-  return t[1] === "-" || t[4] === "ago" ? -o : o;
-}, B = (e) => e.toLowerCase().replace(/^application\//, ""), Fe = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Ge = (e, t, n = {}) => {
+  return t[1] === "-" || t[4] === "ago" ? -n : n;
+}, x = (e) => e.toLowerCase().replace(/^application\//, ""), Je = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, $e = (e, t, o = {}) => {
   let r;
   try {
-    r = JSON.parse(R.decode(t));
+    r = JSON.parse(T.decode(t));
   } catch {
   }
-  if (!U(r))
-    throw new X("JWT Claims Set must be a top-level JSON object");
-  const { typ: o } = n;
-  if (o && (typeof e.typ != "string" || B(e.typ) !== B(o)))
+  if (!H(r))
+    throw new q("JWT Claims Set must be a top-level JSON object");
+  const { typ: n } = o;
+  if (n && (typeof e.typ != "string" || x(e.typ) !== x(n)))
     throw new m('unexpected "typ" JWT header value', r, "typ", "check_failed");
-  const { requiredClaims: s = [], issuer: a, subject: i, audience: c, maxTokenAge: h } = n, y = [...s];
-  h !== void 0 && y.push("iat"), c !== void 0 && y.push("aud"), i !== void 0 && y.push("sub"), a !== void 0 && y.push("iss");
-  for (const p of new Set(y.reverse()))
+  const { requiredClaims: a = [], issuer: s, subject: i, audience: c, maxTokenAge: f } = o, w = [...a];
+  f !== void 0 && w.push("iat"), c !== void 0 && w.push("aud"), i !== void 0 && w.push("sub"), s !== void 0 && w.push("iss");
+  for (const p of new Set(w.reverse()))
     if (!(p in r))
       throw new m(`missing required "${p}" claim`, r, p, "missing");
-  if (a && !(Array.isArray(a) ? a : [a]).includes(r.iss))
+  if (s && !(Array.isArray(s) ? s : [s]).includes(r.iss))
     throw new m('unexpected "iss" claim value', r, "iss", "check_failed");
   if (i && r.sub !== i)
     throw new m('unexpected "sub" claim value', r, "sub", "check_failed");
-  if (c && !Fe(r.aud, typeof c == "string" ? [c] : c))
+  if (c && !Je(r.aud, typeof c == "string" ? [c] : c))
     throw new m('unexpected "aud" claim value', r, "aud", "check_failed");
-  let u;
-  switch (typeof n.clockTolerance) {
+  let h;
+  switch (typeof o.clockTolerance) {
     case "string":
-      u = V(n.clockTolerance);
+      h = W(o.clockTolerance);
       break;
     case "number":
-      u = n.clockTolerance;
+      h = o.clockTolerance;
       break;
     case "undefined":
-      u = 0;
+      h = 0;
       break;
     default:
       throw new TypeError("Invalid clockTolerance option type");
   }
-  const { currentDate: I } = n, f = $e(I || /* @__PURE__ */ new Date());
-  if ((r.iat !== void 0 || h) && typeof r.iat != "number")
+  const { currentDate: u } = o, y = De(u || /* @__PURE__ */ new Date());
+  if ((r.iat !== void 0 || f) && typeof r.iat != "number")
     throw new m('"iat" claim must be a number', r, "iat", "invalid");
   if (r.nbf !== void 0) {
     if (typeof r.nbf != "number")
       throw new m('"nbf" claim must be a number', r, "nbf", "invalid");
-    if (r.nbf > f + u)
+    if (r.nbf > y + h)
       throw new m('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
   }
   if (r.exp !== void 0) {
     if (typeof r.exp != "number")
       throw new m('"exp" claim must be a number', r, "exp", "invalid");
-    if (r.exp <= f - u)
-      throw new H('"exp" claim timestamp check failed', r, "exp", "check_failed");
-  }
-  if (h) {
-    const p = f - r.iat, P = typeof h == "number" ? h : V(h);
-    if (p - u > P)
-      throw new H('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
-    if (p < 0 - u)
+    if (r.exp <= y - h)
+      throw new $('"exp" claim timestamp check failed', r, "exp", "check_failed");
+  }
+  if (f) {
+    const p = y - r.iat, oe = typeof f == "number" ? f : W(f);
+    if (p - h > oe)
+      throw new $('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
+    if (p < 0 - h)
       throw new m('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
   }
   return r;
 };
-async function Ye(e, t, n) {
-  var a;
-  const r = await He(e, t, n);
-  if ((a = r.protectedHeader.crit) != null && a.includes("b64") && r.protectedHeader.b64 === !1)
-    throw new X("JWTs MUST NOT use unencoded payload");
-  const s = { payload: Ge(r.protectedHeader, r.payload, n), protectedHeader: r.protectedHeader };
-  return typeof t == "function" ? { ...s, key: r.key } : s;
+async function Le(e, t, o) {
+  var r;
+  const n = await Oe(e, t, o);
+  if ((r = n.protectedHeader.crit) != null && r.includes("b64") && n.protectedHeader.b64 === !1)
+    throw new q("JWTs MUST NOT use unencoded payload");
+  const a = { payload: $e(n.protectedHeader, n.payload, o), protectedHeader: n.protectedHeader };
+  return typeof t == "function" ? { ...a, key: n.key } : a;
 }
+const Ke = {
+  ID_TOKEN: "id_token"
+}, We = {
+  CLIENT_ID: "X-Auth-ClientId"
+}, A = {
+  ALG: "RS256",
+  USER_ID_KEY: "_id",
+  TOKEN_ID_KEY: "__raw",
+  ISSUER: "gizmette.com"
+}, xe = `-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
+w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
+i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
+aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
+l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
+sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
+awIDAQAB
+-----END PUBLIC KEY-----`, N = async (e, t) => {
+  try {
+    const o = A.ALG, r = await Ae(xe, o);
+    return await Le(e, r, {
+      issuer: A.ISSUER,
+      audience: t
+    });
+  } catch {
+    return;
+  }
+};
+function te(e, t) {
+  window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
+}
+const j = (e, t) => {
+  const o = JSON.stringify(
+    typeof t == "function" ? t() : t
+  );
+  window.localStorage.setItem(e, o), te(e, o);
+}, je = (e) => {
+  window.localStorage.removeItem(e), te(e, null);
+}, M = (e) => window.localStorage.getItem(e), Me = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
+function Ve({
+  key: e,
+  initialValue: t
+}) {
+  const o = () => M(e), r = I.useSyncExternalStore(
+    Me,
+    o
+  ), n = I.useCallback(
+    (i) => {
+      try {
+        const c = typeof i == "function" ? i(JSON.parse(r)) : i;
+        c == null ? je(e) : j(e, c);
+      } catch (c) {
+        console.warn(c);
+      }
+    },
+    [e, r]
+  ), a = I.useCallback(() => {
+    n(t);
+  }, [t, n]), s = I.useCallback(() => {
+    n(null);
+  }, [n]);
+  return I.useEffect(() => {
+    try {
+      M(e) === null && typeof t < "u" && j(e, t);
+    } catch (i) {
+      console.warn(i);
+    }
+  }, [e, t]), [r ? JSON.parse(r) : null, n, a, s];
+}
+const V = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Be = "Your session has been successfully terminated.", Fe = "You forgot to wrap your component in <AuthProvider>.", B = {
+  dev: "https://auth.gizmette.local.com:3003",
+  prod: "https://mylogin.gizmette.com"
+}, Ye = "@@auth@@";
 var d = [];
-for (var N = 0; N < 256; ++N)
-  d.push((N + 256).toString(16).slice(1));
-function qe(e, t = 0) {
+for (var O = 0; O < 256; ++O)
+  d.push((O + 256).toString(16).slice(1));
+function Ge(e, t = 0) {
   return (d[e[t + 0]] + d[e[t + 1]] + d[e[t + 2]] + d[e[t + 3]] + "-" + d[e[t + 4]] + d[e[t + 5]] + "-" + d[e[t + 6]] + d[e[t + 7]] + "-" + d[e[t + 8]] + d[e[t + 9]] + "-" + d[e[t + 10]] + d[e[t + 11]] + d[e[t + 12]] + d[e[t + 13]] + d[e[t + 14]] + d[e[t + 15]]).toLowerCase();
 }
-var v, ze = new Uint8Array(16);
-function Xe() {
-  if (!v && (v = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !v))
+var R, qe = new Uint8Array(16);
+function ze() {
+  if (!R && (R = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !R))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return v(ze);
+  return R(qe);
 }
-var je = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+var Xe = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
 const F = {
-  randomUUID: je
+  randomUUID: Xe
 };
-function Qe(e, t, n) {
+function Qe(e, t, o) {
   if (F.randomUUID && !t && !e)
     return F.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || Xe)();
-  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, qe(r);
+  var r = e.random || (e.rng || ze)();
+  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, Ge(r);
 }
 const Ze = process.env.NODE_ENV === "production", et = !Ze, tt = async ({ params: e = {} }) => {
   try {
-    const t = Qe(), n = await fetch(
-      et ? `${W.dev}/authenticate` : `${W.prod}/authenticate`,
+    const t = Qe(), o = await fetch(
+      et ? `${B.dev}/authenticate` : `${B.prod}/authenticate`,
       {
         credentials: "include",
         method: "POST",
         headers: {
           "Content-Type": "application/json",
-          [de.CLIENT_ID]: `${e.clientId}`
+          [We.CLIENT_ID]: `${e.clientId}`
         },
         body: JSON.stringify({ ...e, nonce: t })
       }
     );
-    if (n.status !== 200)
-      return { status: n.status, data: [] };
-    const { data: r, errors: o } = await n.json();
+    if (o.status !== 200)
+      return { status: o.status, data: [] };
+    const { data: r, errors: n } = await o.json();
     return r.nonce !== t ? { status: 500, data: [] } : {
-      status: n.status,
+      status: o.status,
       data: r,
-      errors: o
+      errors: n
     };
   } catch (t) {
     return console.error(t), { status: 500, data: [] };
   }
-}, re = async (e, t) => {
-  try {
-    const n = A.ALG, o = await xe(Se, n);
-    return await Ye(e, o, {
-      issuer: A.ISSUER,
-      audience: t
-    });
-  } catch {
-    return;
-  }
 }, rt = async ({
   username: e,
   password: t,
-  clientId: n,
+  clientId: o,
   sessionExpiration: r
 }) => {
   try {
-    const o = await tt({
+    const n = await tt({
       params: {
-        type: ue.ID_TOKEN,
+        type: Ke.ID_TOKEN,
         username: e,
         password: t,
         sessionExpiration: r,
-        clientId: n
+        clientId: o
       }
-    }), s = await re(o.data.idToken, n);
-    return s && s.payload[A.USER_ID_KEY] !== "" ? {
-      idToken: o.data.idToken,
-      userId: s.payload[A.USER_ID_KEY],
+    }), a = await N(n.data.idToken, o);
+    return a && a.payload[A.USER_ID_KEY] !== "" ? {
+      idToken: n.data.idToken,
+      userId: a.payload[A.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -749,77 +751,90 @@ const Ze = process.env.NODE_ENV === "production", et = !Ze, tt = async ({ params
     };
   }
 };
-function nt(e) {
+function ot(e) {
   const t = ae();
   return Y(() => {
     t.current = e;
   }), t.current;
 }
-const G = () => {
-  throw new Error(me);
-}, ne = se({
+const D = () => {
+  throw new Error(Fe);
+}, re = se({
   isAuthenticated: !1,
-  login: G,
-  logout: G,
-  accessToken: void 0,
-  refreshToken: void 0,
-  idToken: void 0,
+  login: D,
+  logout: D,
+  getIdTokenClaims: D,
   logoutReason: ""
-}), st = ({
+}), it = ({
   children: e,
   sessionExpiration: t,
-  clientId: n
+  clientId: o
 }) => {
-  const [r, o, , s] = he({
-    key: `${ye}::${n}::@@user@@`
-  }), [a, i] = ie({
+  const [r, n, , a] = Ve({
+    key: `${Ye}::${o}::@@user@@`
+  }), [s, i] = ie({
     isAuthenticated: !!r,
     logoutReason: "",
     userId: ""
-  }), c = nt(r) || "";
+  }), c = ot(r) || "";
   Y(() => {
     c !== r && r !== null && (async () => {
       try {
-        const u = await re(r, n);
+        const u = await N(r, o);
         u && u.payload[A.USER_ID_KEY] !== "" ? i({
           isAuthenticated: !0,
           logoutReason: "",
           userId: u.payload[A.USER_ID_KEY]
         }) : i({
           isAuthenticated: !1,
-          logoutReason: L,
+          logoutReason: V,
           userId: ""
         });
       } catch {
         i({
           isAuthenticated: !1,
-          logoutReason: L,
+          logoutReason: V,
           userId: ""
         });
       }
     })();
-  }, [r, c, n]);
-  const h = async (u, I) => {
-    const f = await rt({
+  }, [r, c, o]);
+  const f = async (u, y) => {
+    const p = await rt({
       username: u,
-      password: I,
-      clientId: n,
+      password: y,
+      clientId: o,
       sessionExpiration: t
     });
-    return f.status ? (o(f.idToken), i({
+    return p.status ? (n(p.idToken), i({
       isAuthenticated: !0,
-      userId: f.userId
+      userId: p.userId
     }), !0) : !1;
-  }, y = () => {
+  }, w = () => {
     i({
       isAuthenticated: !1,
-      logoutReason: pe,
+      logoutReason: Be,
       userId: ""
-    }), s();
+    }), a();
+  }, h = async () => {
+    if (s.isAuthenticated)
+      try {
+        const u = await N(r, o);
+        return { ...u == null ? void 0 : u.payload, [A.TOKEN_ID_KEY]: r };
+      } catch {
+        return {};
+      }
+    return {};
   };
-  return /* @__PURE__ */ oe(ne.Provider, { value: { ...a, login: h, logout: y }, children: e });
-}, it = (e = ne) => ce(e);
+  return /* @__PURE__ */ ne(
+    re.Provider,
+    {
+      value: { ...s, login: f, logout: w, getIdTokenClaims: h },
+      children: e
+    }
+  );
+}, ct = (e = re) => ce(e);
 export {
-  st as AuthProvider,
-  it as useAuth
+  it as AuthProvider,
+  ct as useAuth
 };

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@versini/auth-provider",
-	"version": "2.1.2",
+	"version": "2.3.0",
 	"license": "MIT",
 	"author": "Arno Versini",
 	"publishConfig": {
@@ -44,10 +44,10 @@
 		"react-dom": "18.3.1"
 	},
 	"dependencies": {
-		"@versini/auth-common": "2.1.0",
+		"@versini/auth-common": "2.3.0",
 		"@versini/ui-hooks": "4.0.0",
 		"jose": "5.4.1",
 		"uuid": "10.0.0"
 	},
-	"gitHead": "3a70e5d3382595c6fad816559e819eacd0431e3b"
+	"gitHead": "db5816d0e48518c40b0aa20ff564a88abf5bc426"
 }