npm - @versini/auth-provider - Versions diffs - 4.0.0 → 4.2.0 - Mend

@versini/auth-provider 4.0.0 → 4.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import * as react from 'react';
+export { AUTH_TYPES } from '@versini/auth-common';
 type AuthProviderProps = {
 	children: React.ReactNode;
@@ -13,13 +14,13 @@ type AuthState = {
 	isAuthenticated: boolean;
 	logoutReason?: string;
 	userId?: string;
-	idTokenClaims?: any;
 };
 type AuthContextProps = {
 	login: (username: string, password: string) => Promise<boolean>;
 	logout: () => void;
 	getAccessToken: () => string;
+	getIdToken: () => string;
 } & AuthState;
 declare const AuthProvider: ({ children, sessionExpiration, clientId, }: AuthProviderProps) => react_jsx_runtime.JSX.Element;

package/dist/index.js CHANGED Viewed

@@ -1,55 +1,80 @@
-import { jsx as he } from "react/jsx-runtime";
-import * as I from "react";
-import { useRef as pe, useEffect as Q, createContext as fe, useState as ye, useCallback as me, useContext as we } from "react";
+import { jsx as Pe } from "react/jsx-runtime";
+import * as C from "react";
+import { createContext as De, useState as Ue, useCallback as Ne, useEffect as He, useContext as Le } from "react";
 /*!
-  @versini/auth-provider v4.0.0
+  @versini/auth-provider v4.2.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "4.0.0",
-    buildTime: "06/26/2024 09:06 AM EDT",
+    version: "4.2.0",
+    buildTime: "06/27/2024 06:57 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
 /*!
-  @versini/auth-common v2.6.0
+  @versini/auth-common v2.8.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "2.6.0",
-    buildTime: "06/26/2024 09:06 AM EDT",
+    version: "2.8.0",
+    buildTime: "06/27/2024 06:57 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const W = crypto, Z = (e) => e instanceof CryptoKey, T = new TextEncoder(), C = new TextDecoder();
-function Se(...e) {
+const F = {
+  ID_TOKEN: "id_token",
+  ACCESS_TOKEN: "token",
+  ID_AND_ACCESS_TOKEN: "id_token token",
+  CODE: "code"
+}, $e = {
+  CLIENT_ID: "X-Auth-ClientId"
+}, _ = {
+  ALG: "RS256",
+  USER_ID_KEY: "sub",
+  TOKEN_ID_KEY: "__raw",
+  NONCE_KEY: "_nonce",
+  ISSUER: "gizmette.com"
+}, Je = `-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
+w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
+i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
+aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
+l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
+sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
+awIDAQAB
+-----END PUBLIC KEY-----`, q = {
+  AUTHENTICATE: "authenticate",
+  CODE: "code",
+  LOGOUT: "logout"
+}, z = crypto, ye = (e) => e instanceof CryptoKey, P = new TextEncoder(), J = new TextDecoder();
+function Ke(...e) {
   const t = e.reduce((n, { length: s }) => n + s, 0), o = new Uint8Array(t);
   let r = 0;
   for (const n of e)
     o.set(n, r), r += n.length;
   return o;
 }
-const Ee = (e) => {
+const We = (e) => {
   const t = atob(e), o = new Uint8Array(t.length);
   for (let r = 0; r < t.length; r++)
     o[r] = t.charCodeAt(r);
   return o;
-}, N = (e) => {
+}, x = (e) => {
   let t = e;
-  t instanceof Uint8Array && (t = C.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  t instanceof Uint8Array && (t = J.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
   try {
-    return Ee(t);
+    return We(t);
   } catch {
     throw new TypeError("The input to be decoded is not correctly encoded.");
   }
 };
-let b = class extends Error {
+class T extends Error {
   static get code() {
     return "ERR_JOSE_GENERIC";
   }
@@ -57,8 +82,8 @@ let b = class extends Error {
     var o;
     super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (o = Error.captureStackTrace) == null || o.call(Error, this, this.constructor);
   }
-};
-class S extends b {
+}
+class w extends T {
   static get code() {
     return "ERR_JWT_CLAIM_VALIDATION_FAILED";
   }
@@ -66,7 +91,7 @@ class S extends b {
     super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = n, this.payload = o;
   }
 }
-class M extends b {
+class te extends T {
   static get code() {
     return "ERR_JWT_EXPIRED";
   }
@@ -74,7 +99,7 @@ class M extends b {
     super(t), this.code = "ERR_JWT_EXPIRED", this.claim = r, this.reason = n, this.payload = o;
   }
 }
-class ge extends b {
+class xe extends T {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
   }
@@ -82,7 +107,7 @@ class ge extends b {
     return "ERR_JOSE_ALG_NOT_ALLOWED";
   }
 }
-class P extends b {
+class K extends T {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
   }
@@ -90,7 +115,7 @@ class P extends b {
     return "ERR_JOSE_NOT_SUPPORTED";
   }
 }
-let d = class extends b {
+let h = class extends T {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_INVALID";
   }
@@ -98,7 +123,7 @@ let d = class extends b {
     return "ERR_JWS_INVALID";
   }
 };
-class ee extends b {
+class me extends T {
   constructor() {
     super(...arguments), this.code = "ERR_JWT_INVALID";
   }
@@ -106,7 +131,7 @@ class ee extends b {
     return "ERR_JWT_INVALID";
   }
 }
-class Ae extends b {
+class je extends T {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
   }
@@ -114,16 +139,16 @@ class Ae extends b {
     return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
   }
 }
-function E(e, t = "algorithm.name") {
+function S(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
-function R(e, t) {
+function D(e, t) {
   return e.name === t;
 }
-function D(e) {
+function j(e) {
   return parseInt(e.name.slice(4), 10);
 }
-function _e(e) {
+function Me(e) {
   switch (e) {
     case "ES256":
       return "P-256";
@@ -135,7 +160,7 @@ function _e(e) {
       throw new Error("unreachable");
   }
 }
-function be(e, t) {
+function Ve(e, t) {
   if (t.length && !t.some((o) => e.usages.includes(o))) {
     let o = "CryptoKey does not support this operation, its usages must include ";
     if (t.length > 2) {
@@ -146,59 +171,59 @@ function be(e, t) {
     throw new TypeError(o);
   }
 }
-function Ie(e, t, ...o) {
+function Ge(e, t, ...o) {
   switch (t) {
     case "HS256":
     case "HS384":
     case "HS512": {
-      if (!R(e.algorithm, "HMAC"))
-        throw E("HMAC");
+      if (!D(e.algorithm, "HMAC"))
+        throw S("HMAC");
       const r = parseInt(t.slice(2), 10);
-      if (D(e.algorithm.hash) !== r)
-        throw E(`SHA-${r}`, "algorithm.hash");
+      if (j(e.algorithm.hash) !== r)
+        throw S(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "RS256":
     case "RS384":
     case "RS512": {
-      if (!R(e.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw E("RSASSA-PKCS1-v1_5");
+      if (!D(e.algorithm, "RSASSA-PKCS1-v1_5"))
+        throw S("RSASSA-PKCS1-v1_5");
       const r = parseInt(t.slice(2), 10);
-      if (D(e.algorithm.hash) !== r)
-        throw E(`SHA-${r}`, "algorithm.hash");
+      if (j(e.algorithm.hash) !== r)
+        throw S(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "PS256":
     case "PS384":
     case "PS512": {
-      if (!R(e.algorithm, "RSA-PSS"))
-        throw E("RSA-PSS");
+      if (!D(e.algorithm, "RSA-PSS"))
+        throw S("RSA-PSS");
       const r = parseInt(t.slice(2), 10);
-      if (D(e.algorithm.hash) !== r)
-        throw E(`SHA-${r}`, "algorithm.hash");
+      if (j(e.algorithm.hash) !== r)
+        throw S(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "EdDSA": {
       if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
-        throw E("Ed25519 or Ed448");
+        throw S("Ed25519 or Ed448");
       break;
     }
     case "ES256":
     case "ES384":
     case "ES512": {
-      if (!R(e.algorithm, "ECDSA"))
-        throw E("ECDSA");
-      const r = _e(t);
+      if (!D(e.algorithm, "ECDSA"))
+        throw S("ECDSA");
+      const r = Me(t);
       if (e.algorithm.namedCurve !== r)
-        throw E(r, "algorithm.namedCurve");
+        throw S(r, "algorithm.namedCurve");
       break;
     }
     default:
       throw new TypeError("CryptoKey does not support this operation");
   }
-  be(e, o);
+  Ve(e, o);
 }
-function te(e, t, ...o) {
+function we(e, t, ...o) {
   var r;
   if (o.length > 2) {
     const n = o.pop();
@@ -207,11 +232,11 @@ function te(e, t, ...o) {
     o.length === 2 ? e += `one of type ${o[0]} or ${o[1]}.` : e += `of type ${o[0]}.`;
   return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (r = t.constructor) != null && r.name && (e += ` Received an instance of ${t.constructor.name}`), e;
 }
-const V = (e, ...t) => te("Key must be ", e, ...t);
-function re(e, t, ...o) {
-  return te(`Key for the ${e} algorithm must be `, t, ...o);
+const re = (e, ...t) => we("Key must be ", e, ...t);
+function ge(e, t, ...o) {
+  return we(`Key for the ${e} algorithm must be `, t, ...o);
 }
-const oe = (e) => Z(e), A = ["CryptoKey"], ve = (...e) => {
+const Se = (e) => ye(e), b = ["CryptoKey"], Ye = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
@@ -230,11 +255,11 @@ const oe = (e) => Z(e), A = ["CryptoKey"], ve = (...e) => {
   }
   return !0;
 };
-function Te(e) {
+function Be(e) {
   return typeof e == "object" && e !== null;
 }
-function K(e) {
-  if (!Te(e) || Object.prototype.toString.call(e) !== "[object Object]")
+function B(e) {
+  if (!Be(e) || Object.prototype.toString.call(e) !== "[object Object]")
     return !1;
   if (Object.getPrototypeOf(e) === null)
     return !0;
@@ -243,41 +268,41 @@ function K(e) {
     t = Object.getPrototypeOf(t);
   return Object.getPrototypeOf(e) === t;
 }
-const Re = (e, t) => {
+const Fe = (e, t) => {
   if (e.startsWith("RS") || e.startsWith("PS")) {
     const { modulusLength: o } = t.algorithm;
     if (typeof o != "number" || o < 2048)
       throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
   }
-}, g = (e, t, o = 0) => {
+}, A = (e, t, o = 0) => {
   o === 0 && (t.unshift(t.length), t.unshift(6));
   const r = e.indexOf(t[0], o);
   if (r === -1)
     return !1;
   const n = e.subarray(r, r + t.length);
-  return n.length !== t.length ? !1 : n.every((s, a) => s === t[a]) || g(e, t, r + 1);
-}, Y = (e) => {
+  return n.length !== t.length ? !1 : n.every((s, a) => s === t[a]) || A(e, t, r + 1);
+}, oe = (e) => {
   switch (!0) {
-    case g(e, [42, 134, 72, 206, 61, 3, 1, 7]):
+    case A(e, [42, 134, 72, 206, 61, 3, 1, 7]):
       return "P-256";
-    case g(e, [43, 129, 4, 0, 34]):
+    case A(e, [43, 129, 4, 0, 34]):
       return "P-384";
-    case g(e, [43, 129, 4, 0, 35]):
+    case A(e, [43, 129, 4, 0, 35]):
       return "P-521";
-    case g(e, [43, 101, 110]):
+    case A(e, [43, 101, 110]):
       return "X25519";
-    case g(e, [43, 101, 111]):
+    case A(e, [43, 101, 111]):
       return "X448";
-    case g(e, [43, 101, 112]):
+    case A(e, [43, 101, 112]):
       return "Ed25519";
-    case g(e, [43, 101, 113]):
+    case A(e, [43, 101, 113]):
       return "Ed448";
     default:
-      throw new P("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
+      throw new K("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
   }
-}, ke = async (e, t, o, r, n) => {
+}, qe = async (e, t, o, r, n) => {
   let s, a;
-  const i = new Uint8Array(atob(o.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
+  const c = new Uint8Array(atob(o.replace(e, "")).split("").map((i) => i.charCodeAt(0)));
   switch (r) {
     case "PS256":
     case "PS384":
@@ -311,43 +336,43 @@ const Re = (e, t) => {
     case "ECDH-ES+A128KW":
     case "ECDH-ES+A192KW":
     case "ECDH-ES+A256KW": {
-      const c = Y(i);
-      s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, a = [];
+      const i = oe(c);
+      s = i.startsWith("P-") ? { name: "ECDH", namedCurve: i } : { name: i }, a = [];
       break;
     }
     case "EdDSA":
-      s = { name: Y(i) }, a = ["verify"];
+      s = { name: oe(c) }, a = ["verify"];
       break;
     default:
-      throw new P('Invalid or unsupported "alg" (Algorithm) value');
+      throw new K('Invalid or unsupported "alg" (Algorithm) value');
   }
-  return W.subtle.importKey(t, i, s, !1, a);
-}, Ce = (e, t, o) => ke(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
-async function Pe(e, t, o) {
+  return z.subtle.importKey(t, c, s, !1, a);
+}, ze = (e, t, o) => qe(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
+async function Xe(e, t, o) {
   if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
     throw new TypeError('"spki" must be SPKI formatted string');
-  return Ce(e, t);
+  return ze(e, t);
 }
-const Oe = (e, t) => {
+const Qe = (e, t) => {
   if (!(t instanceof Uint8Array)) {
-    if (!oe(t))
-      throw new TypeError(re(e, t, ...A, "Uint8Array"));
+    if (!Se(t))
+      throw new TypeError(ge(e, t, ...b, "Uint8Array"));
     if (t.type !== "secret")
-      throw new TypeError(`${A.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
+      throw new TypeError(`${b.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
   }
-}, Ne = (e, t, o) => {
-  if (!oe(t))
-    throw new TypeError(re(e, t, ...A));
+}, Ze = (e, t, o) => {
+  if (!Se(t))
+    throw new TypeError(ge(e, t, ...b));
   if (t.type === "secret")
-    throw new TypeError(`${A.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
+    throw new TypeError(`${b.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
   if (t.algorithm && o === "verify" && t.type === "private")
-    throw new TypeError(`${A.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);
+    throw new TypeError(`${b.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);
   if (t.algorithm && o === "encrypt" && t.type === "private")
-    throw new TypeError(`${A.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`);
-}, De = (e, t, o) => {
-  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Oe(e, t) : Ne(e, t, o);
+    throw new TypeError(`${b.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`);
+}, et = (e, t, o) => {
+  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Qe(e, t) : Ze(e, t, o);
 };
-function He(e, t, o, r, n) {
+function tt(e, t, o, r, n) {
   if (n.crit !== void 0 && (r == null ? void 0 : r.crit) === void 0)
     throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
   if (!r || r.crit === void 0)
@@ -358,7 +383,7 @@ function He(e, t, o, r, n) {
   o !== void 0 ? s = new Map([...Object.entries(o), ...t.entries()]) : s = t;
   for (const a of r.crit) {
     if (!s.has(a))
-      throw new P(`Extension Header Parameter "${a}" is not recognized`);
+      throw new K(`Extension Header Parameter "${a}" is not recognized`);
     if (n[a] === void 0)
       throw new e(`Extension Header Parameter "${a}" is missing`);
     if (s.get(a) && r[a] === void 0)
@@ -366,13 +391,13 @@ function He(e, t, o, r, n) {
   }
   return new Set(r.crit);
 }
-const Ue = (e, t) => {
+const rt = (e, t) => {
   if (t !== void 0 && (!Array.isArray(t) || t.some((o) => typeof o != "string")))
     throw new TypeError(`"${e}" option must be an array of strings`);
   if (t)
     return new Set(t);
 };
-function Le(e, t) {
+function ot(e, t) {
   const o = `SHA-${e.slice(-3)}`;
   switch (e) {
     case "HS256":
@@ -394,104 +419,104 @@ function Le(e, t) {
     case "EdDSA":
       return { name: t.name };
     default:
-      throw new P(`alg ${e} is not supported either by JOSE or your javascript runtime`);
+      throw new K(`alg ${e} is not supported either by JOSE or your javascript runtime`);
   }
 }
-function $e(e, t, o) {
-  if (Z(t))
-    return Ie(t, e, o), t;
+function nt(e, t, o) {
+  if (ye(t))
+    return Ge(t, e, o), t;
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
-      throw new TypeError(V(t, ...A));
-    return W.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [o]);
+      throw new TypeError(re(t, ...b));
+    return z.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [o]);
   }
-  throw new TypeError(V(t, ...A, "Uint8Array"));
+  throw new TypeError(re(t, ...b, "Uint8Array"));
 }
-const Je = async (e, t, o, r) => {
-  const n = await $e(e, t, "verify");
-  Re(e, n);
-  const s = Le(e, n.algorithm);
+const at = async (e, t, o, r) => {
+  const n = await nt(e, t, "verify");
+  Fe(e, n);
+  const s = ot(e, n.algorithm);
   try {
-    return await W.subtle.verify(s, n, o, r);
+    return await z.subtle.verify(s, n, o, r);
   } catch {
     return !1;
   }
 };
-async function Ke(e, t, o) {
-  if (!K(e))
-    throw new d("Flattened JWS must be an object");
+async function st(e, t, o) {
+  if (!B(e))
+    throw new h("Flattened JWS must be an object");
   if (e.protected === void 0 && e.header === void 0)
-    throw new d('Flattened JWS must have either of the "protected" or "header" members');
+    throw new h('Flattened JWS must have either of the "protected" or "header" members');
   if (e.protected !== void 0 && typeof e.protected != "string")
-    throw new d("JWS Protected Header incorrect type");
+    throw new h("JWS Protected Header incorrect type");
   if (e.payload === void 0)
-    throw new d("JWS Payload missing");
+    throw new h("JWS Payload missing");
   if (typeof e.signature != "string")
-    throw new d("JWS Signature missing or incorrect type");
-  if (e.header !== void 0 && !K(e.header))
-    throw new d("JWS Unprotected Header incorrect type");
+    throw new h("JWS Signature missing or incorrect type");
+  if (e.header !== void 0 && !B(e.header))
+    throw new h("JWS Unprotected Header incorrect type");
   let r = {};
   if (e.protected)
     try {
-      const l = N(e.protected);
-      r = JSON.parse(C.decode(l));
+      const p = x(e.protected);
+      r = JSON.parse(J.decode(p));
     } catch {
-      throw new d("JWS Protected Header is invalid");
+      throw new h("JWS Protected Header is invalid");
     }
-  if (!ve(r, e.header))
-    throw new d("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+  if (!Ye(r, e.header))
+    throw new h("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
   const n = {
     ...r,
     ...e.header
-  }, s = He(d, /* @__PURE__ */ new Map([["b64", !0]]), o == null ? void 0 : o.crit, r, n);
+  }, s = tt(h, /* @__PURE__ */ new Map([["b64", !0]]), o == null ? void 0 : o.crit, r, n);
   let a = !0;
   if (s.has("b64") && (a = r.b64, typeof a != "boolean"))
-    throw new d('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
-  const { alg: i } = n;
-  if (typeof i != "string" || !i)
-    throw new d('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  const c = o && Ue("algorithms", o.algorithms);
-  if (c && !c.has(i))
-    throw new ge('"alg" (Algorithm) Header Parameter value not allowed');
+    throw new h('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+  const { alg: c } = n;
+  if (typeof c != "string" || !c)
+    throw new h('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+  const i = o && rt("algorithms", o.algorithms);
+  if (i && !i.has(c))
+    throw new xe('"alg" (Algorithm) Header Parameter value not allowed');
   if (a) {
     if (typeof e.payload != "string")
-      throw new d("JWS Payload must be a string");
+      throw new h("JWS Payload must be a string");
   } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
-    throw new d("JWS Payload must be a string or an Uint8Array instance");
-  let p = !1;
-  typeof t == "function" && (t = await t(r, e), p = !0), De(i, t, "verify");
-  const m = Se(T.encode(e.protected ?? ""), T.encode("."), typeof e.payload == "string" ? T.encode(e.payload) : e.payload);
-  let h;
+    throw new h("JWS Payload must be a string or an Uint8Array instance");
+  let u = !1;
+  typeof t == "function" && (t = await t(r, e), u = !0), et(c, t, "verify");
+  const m = Ke(P.encode(e.protected ?? ""), P.encode("."), typeof e.payload == "string" ? P.encode(e.payload) : e.payload);
+  let f;
   try {
-    h = N(e.signature);
+    f = x(e.signature);
   } catch {
-    throw new d("Failed to base64url decode the signature");
+    throw new h("Failed to base64url decode the signature");
   }
-  if (!await Je(i, t, h, m))
-    throw new Ae();
-  let w;
+  if (!await at(c, t, f, m))
+    throw new je();
+  let E;
   if (a)
     try {
-      w = N(e.payload);
+      E = x(e.payload);
     } catch {
-      throw new d("Failed to base64url decode the payload");
+      throw new h("Failed to base64url decode the payload");
     }
   else
-    typeof e.payload == "string" ? w = T.encode(e.payload) : w = e.payload;
-  const f = { payload: w };
-  return e.protected !== void 0 && (f.protectedHeader = r), e.header !== void 0 && (f.unprotectedHeader = e.header), p ? { ...f, key: t } : f;
+    typeof e.payload == "string" ? E = P.encode(e.payload) : E = e.payload;
+  const y = { payload: E };
+  return e.protected !== void 0 && (y.protectedHeader = r), e.header !== void 0 && (y.unprotectedHeader = e.header), u ? { ...y, key: t } : y;
 }
-async function We(e, t, o) {
-  if (e instanceof Uint8Array && (e = C.decode(e)), typeof e != "string")
-    throw new d("Compact JWS must be a string or Uint8Array");
+async function it(e, t, o) {
+  if (e instanceof Uint8Array && (e = J.decode(e)), typeof e != "string")
+    throw new h("Compact JWS must be a string or Uint8Array");
   const { 0: r, 1: n, 2: s, length: a } = e.split(".");
   if (a !== 3)
-    throw new d("Invalid Compact JWS");
-  const i = await Ke({ payload: n, protected: r, signature: s }, t, o), c = { payload: i.payload, protectedHeader: i.protectedHeader };
-  return typeof t == "function" ? { ...c, key: i.key } : c;
+    throw new h("Invalid Compact JWS");
+  const c = await st({ payload: n, protected: r, signature: s }, t, o), i = { payload: c.payload, protectedHeader: c.protectedHeader };
+  return typeof t == "function" ? { ...i, key: c.key } : i;
 }
-const xe = (e) => Math.floor(e.getTime() / 1e3), ne = 60, ae = ne * 60, x = ae * 24, je = x * 7, Me = x * 365.25, Ve = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, B = (e) => {
-  const t = Ve.exec(e);
+const ct = (e) => Math.floor(e.getTime() / 1e3), Ee = 60, Ae = Ee * 60, X = Ae * 24, ut = X * 7, dt = X * 365.25, lt = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, ne = (e) => {
+  const t = lt.exec(e);
   if (!t || t[4] && t[1])
     throw new TypeError("Invalid time period format");
   const o = parseFloat(t[2]), r = t[3].toLowerCase();
@@ -509,243 +534,297 @@ const xe = (e) => Math.floor(e.getTime() / 1e3), ne = 60, ae = ne * 60, x = ae *
     case "min":
     case "mins":
     case "m":
-      n = Math.round(o * ne);
+      n = Math.round(o * Ee);
       break;
     case "hour":
     case "hours":
     case "hr":
     case "hrs":
     case "h":
-      n = Math.round(o * ae);
+      n = Math.round(o * Ae);
       break;
     case "day":
     case "days":
     case "d":
-      n = Math.round(o * x);
+      n = Math.round(o * X);
       break;
     case "week":
     case "weeks":
     case "w":
-      n = Math.round(o * je);
+      n = Math.round(o * ut);
       break;
     default:
-      n = Math.round(o * Me);
+      n = Math.round(o * dt);
       break;
   }
   return t[1] === "-" || t[4] === "ago" ? -n : n;
-}, F = (e) => e.toLowerCase().replace(/^application\//, ""), Ye = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Be = (e, t, o = {}) => {
+}, ae = (e) => e.toLowerCase().replace(/^application\//, ""), ht = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, pt = (e, t, o = {}) => {
   let r;
   try {
-    r = JSON.parse(C.decode(t));
+    r = JSON.parse(J.decode(t));
   } catch {
   }
-  if (!K(r))
-    throw new ee("JWT Claims Set must be a top-level JSON object");
+  if (!B(r))
+    throw new me("JWT Claims Set must be a top-level JSON object");
   const { typ: n } = o;
-  if (n && (typeof e.typ != "string" || F(e.typ) !== F(n)))
-    throw new S('unexpected "typ" JWT header value', r, "typ", "check_failed");
-  const { requiredClaims: s = [], issuer: a, subject: i, audience: c, maxTokenAge: p } = o, m = [...s];
-  p !== void 0 && m.push("iat"), c !== void 0 && m.push("aud"), i !== void 0 && m.push("sub"), a !== void 0 && m.push("iss");
-  for (const l of new Set(m.reverse()))
-    if (!(l in r))
-      throw new S(`missing required "${l}" claim`, r, l, "missing");
+  if (n && (typeof e.typ != "string" || ae(e.typ) !== ae(n)))
+    throw new w('unexpected "typ" JWT header value', r, "typ", "check_failed");
+  const { requiredClaims: s = [], issuer: a, subject: c, audience: i, maxTokenAge: u } = o, m = [...s];
+  u !== void 0 && m.push("iat"), i !== void 0 && m.push("aud"), c !== void 0 && m.push("sub"), a !== void 0 && m.push("iss");
+  for (const p of new Set(m.reverse()))
+    if (!(p in r))
+      throw new w(`missing required "${p}" claim`, r, p, "missing");
   if (a && !(Array.isArray(a) ? a : [a]).includes(r.iss))
-    throw new S('unexpected "iss" claim value', r, "iss", "check_failed");
-  if (i && r.sub !== i)
-    throw new S('unexpected "sub" claim value', r, "sub", "check_failed");
-  if (c && !Ye(r.aud, typeof c == "string" ? [c] : c))
-    throw new S('unexpected "aud" claim value', r, "aud", "check_failed");
-  let h;
+    throw new w('unexpected "iss" claim value', r, "iss", "check_failed");
+  if (c && r.sub !== c)
+    throw new w('unexpected "sub" claim value', r, "sub", "check_failed");
+  if (i && !ht(r.aud, typeof i == "string" ? [i] : i))
+    throw new w('unexpected "aud" claim value', r, "aud", "check_failed");
+  let f;
   switch (typeof o.clockTolerance) {
     case "string":
-      h = B(o.clockTolerance);
+      f = ne(o.clockTolerance);
       break;
     case "number":
-      h = o.clockTolerance;
+      f = o.clockTolerance;
       break;
     case "undefined":
-      h = 0;
+      f = 0;
       break;
     default:
       throw new TypeError("Invalid clockTolerance option type");
   }
-  const { currentDate: w } = o, f = xe(w || /* @__PURE__ */ new Date());
-  if ((r.iat !== void 0 || p) && typeof r.iat != "number")
-    throw new S('"iat" claim must be a number', r, "iat", "invalid");
+  const { currentDate: E } = o, y = ct(E || /* @__PURE__ */ new Date());
+  if ((r.iat !== void 0 || u) && typeof r.iat != "number")
+    throw new w('"iat" claim must be a number', r, "iat", "invalid");
   if (r.nbf !== void 0) {
     if (typeof r.nbf != "number")
-      throw new S('"nbf" claim must be a number', r, "nbf", "invalid");
-    if (r.nbf > f + h)
-      throw new S('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
+      throw new w('"nbf" claim must be a number', r, "nbf", "invalid");
+    if (r.nbf > y + f)
+      throw new w('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
   }
   if (r.exp !== void 0) {
     if (typeof r.exp != "number")
-      throw new S('"exp" claim must be a number', r, "exp", "invalid");
-    if (r.exp <= f - h)
-      throw new M('"exp" claim timestamp check failed', r, "exp", "check_failed");
+      throw new w('"exp" claim must be a number', r, "exp", "invalid");
+    if (r.exp <= y - f)
+      throw new te('"exp" claim timestamp check failed', r, "exp", "check_failed");
   }
-  if (p) {
-    const l = f - r.iat, O = typeof p == "number" ? p : B(p);
-    if (l - h > O)
-      throw new M('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
-    if (l < 0 - h)
-      throw new S('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
+  if (u) {
+    const p = y - r.iat, v = typeof u == "number" ? u : ne(u);
+    if (p - f > v)
+      throw new te('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
+    if (p < 0 - f)
+      throw new w('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
   }
   return r;
 };
-async function Fe(e, t, o) {
+async function ft(e, t, o) {
   var r;
-  const n = await We(e, t, o);
+  const n = await it(e, t, o);
   if ((r = n.protectedHeader.crit) != null && r.includes("b64") && n.protectedHeader.b64 === !1)
-    throw new ee("JWTs MUST NOT use unencoded payload");
-  const s = { payload: Be(n.protectedHeader, n.payload, o), protectedHeader: n.protectedHeader };
+    throw new me("JWTs MUST NOT use unencoded payload");
+  const s = { payload: pt(n.protectedHeader, n.payload, o), protectedHeader: n.protectedHeader };
   return typeof t == "function" ? { ...s, key: n.key } : s;
 }
-const Ge = {
-  ID_TOKEN: "id_token",
-  ACCESS_TOKEN: "token",
-  ID_AND_ACCESS_TOKEN: "id_token token"
-}, qe = {
-  CLIENT_ID: "X-Auth-ClientId"
-}, _ = {
-  ALG: "RS256",
-  USER_ID_KEY: "_id",
-  TOKEN_ID_KEY: "__raw",
-  NONCE_KEY: "_nonce",
-  ISSUER: "gizmette.com"
-}, ze = `-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
-w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
-i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
-aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
-l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
-sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
-awIDAQAB
------END PUBLIC KEY-----`, se = async (e, t) => {
+const be = async (e) => {
   try {
-    const o = _.ALG, r = await Pe(ze, o);
-    return await Fe(e, r, {
-      issuer: _.ISSUER,
-      audience: t
+    const t = _.ALG, o = await Xe(Je, t);
+    return await ft(e, o, {
+      issuer: _.ISSUER
     });
   } catch {
     return;
   }
 };
-function ie(e, t) {
+var d = [];
+for (var M = 0; M < 256; ++M)
+  d.push((M + 256).toString(16).slice(1));
+function yt(e, t = 0) {
+  return (d[e[t + 0]] + d[e[t + 1]] + d[e[t + 2]] + d[e[t + 3]] + "-" + d[e[t + 4]] + d[e[t + 5]] + "-" + d[e[t + 6]] + d[e[t + 7]] + "-" + d[e[t + 8]] + d[e[t + 9]] + "-" + d[e[t + 10]] + d[e[t + 11]] + d[e[t + 12]] + d[e[t + 13]] + d[e[t + 14]] + d[e[t + 15]]).toLowerCase();
+}
+var U, mt = new Uint8Array(16);
+function wt() {
+  if (!U && (U = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !U))
+    throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
+  return U(mt);
+}
+var gt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const se = {
+  randomUUID: gt
+};
+function ie(e, t, o) {
+  if (se.randomUUID && !t && !e)
+    return se.randomUUID();
+  e = e || {};
+  var r = e.random || (e.rng || wt)();
+  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, yt(r);
+}
+const ce = globalThis.crypto, St = (e) => `${ie()}${ie()}`.slice(0, e), Et = (e) => btoa(
+  [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
+);
+async function At(e) {
+  if (!ce.subtle)
+    throw new Error(
+      "crypto.subtle is available only in secure contexts (HTTPS)."
+    );
+  const t = new TextEncoder().encode(e), o = await ce.subtle.digest("SHA-256", t);
+  return Et(o).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+async function bt(e) {
+  const o = St(43), r = await At(o);
+  return {
+    code_verifier: o,
+    code_challenge: r
+  };
+}
+function _e(e, t) {
   window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
 }
-const G = (e, t) => {
+const ue = (e, t) => {
   const o = JSON.stringify(
     typeof t == "function" ? t() : t
   );
-  window.localStorage.setItem(e, o), ie(e, o);
-}, Xe = (e) => {
-  window.localStorage.removeItem(e), ie(e, null);
-}, q = (e) => window.localStorage.getItem(e), Qe = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
-function H({
+  window.localStorage.setItem(e, o), _e(e, o);
+}, _t = (e) => {
+  window.localStorage.removeItem(e), _e(e, null);
+}, de = (e) => window.localStorage.getItem(e), Tt = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
+function N({
   key: e,
   initialValue: t
 }) {
-  const o = () => q(e), r = I.useSyncExternalStore(
-    Qe,
+  const o = () => de(e), r = C.useSyncExternalStore(
+    Tt,
     o
-  ), n = I.useCallback(
-    (i) => {
+  ), n = C.useCallback(
+    (c) => {
       try {
-        const c = typeof i == "function" ? i(JSON.parse(r)) : i;
-        c == null ? Xe(e) : G(e, c);
-      } catch (c) {
-        console.warn(c);
+        const i = typeof c == "function" ? c(JSON.parse(r)) : c;
+        i == null ? _t(e) : ue(e, i);
+      } catch (i) {
+        console.warn(i);
       }
     },
     [e, r]
-  ), s = I.useCallback(() => {
+  ), s = C.useCallback(() => {
     n(t);
-  }, [t, n]), a = I.useCallback(() => {
+  }, [t, n]), a = C.useCallback(() => {
     n(null);
   }, [n]);
-  return I.useEffect(() => {
+  return C.useEffect(() => {
     try {
-      q(e) === null && typeof t < "u" && G(e, t);
-    } catch (i) {
-      console.warn(i);
+      de(e) === null && typeof t < "u" && ue(e, t);
+    } catch (c) {
+      console.warn(c);
     }
   }, [e, t]), [r ? JSON.parse(r) : null, n, s, a];
 }
-var u = [];
-for (var U = 0; U < 256; ++U)
-  u.push((U + 256).toString(16).slice(1));
-function Ze(e, t = 0) {
-  return (u[e[t + 0]] + u[e[t + 1]] + u[e[t + 2]] + u[e[t + 3]] + "-" + u[e[t + 4]] + u[e[t + 5]] + "-" + u[e[t + 6]] + u[e[t + 7]] + "-" + u[e[t + 8]] + u[e[t + 9]] + "-" + u[e[t + 10]] + u[e[t + 11]] + u[e[t + 12]] + u[e[t + 13]] + u[e[t + 14]] + u[e[t + 15]]).toLowerCase();
+var l = [];
+for (var V = 0; V < 256; ++V)
+  l.push((V + 256).toString(16).slice(1));
+function vt(e, t = 0) {
+  return (l[e[t + 0]] + l[e[t + 1]] + l[e[t + 2]] + l[e[t + 3]] + "-" + l[e[t + 4]] + l[e[t + 5]] + "-" + l[e[t + 6]] + l[e[t + 7]] + "-" + l[e[t + 8]] + l[e[t + 9]] + "-" + l[e[t + 10]] + l[e[t + 11]] + l[e[t + 12]] + l[e[t + 13]] + l[e[t + 14]] + l[e[t + 15]]).toLowerCase();
 }
-var k, et = new Uint8Array(16);
-function tt() {
-  if (!k && (k = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !k))
+var H, It = new Uint8Array(16);
+function Rt() {
+  if (!H && (H = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !H))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return k(et);
+  return H(It);
 }
-var rt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
-const z = {
-  randomUUID: rt
+var kt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const le = {
+  randomUUID: kt
 };
-function ot(e, t, o) {
-  if (z.randomUUID && !t && !e)
-    return z.randomUUID();
+function Ct(e, t, o) {
+  if (le.randomUUID && !t && !e)
+    return le.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || tt)();
-  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, Ze(r);
+  var r = e.random || (e.rng || Rt)();
+  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, vt(r);
 }
-const L = "Oops! It looks like your session has expired. For your security, please log in again to continue.", nt = "Your session has been successfully terminated.", at = "Login failed. Please try again.", st = "You forgot to wrap your component in <AuthProvider>.", X = {
+const G = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Ot = "Your session has been successfully terminated.", he = "Login failed. Please try again.", Pt = "You forgot to wrap your component in <AuthProvider>.", pe = {
   dev: "https://auth.gizmette.local.com:3003",
   prod: "https://mylogin.gizmette.com"
-}, $ = "@@auth@@", it = process.env.NODE_ENV === "production", ct = !it, ut = async ({ params: e = {} }) => {
+}, L = "@@auth@@", Dt = process.env.NODE_ENV === "production", Ut = !Dt, Q = async ({
+  type: e,
+  clientId: t,
+  params: o = {}
+}) => {
   try {
-    const t = await fetch(
-      ct ? `${X.dev}/authenticate` : `${X.prod}/authenticate`,
+    const r = await fetch(
+      Ut ? `${pe.dev}/${e}` : `${pe.prod}/${e}`,
       {
         credentials: "include",
         method: "POST",
         headers: {
           "Content-Type": "application/json",
-          [qe.CLIENT_ID]: `${e.clientId}`
+          [$e.CLIENT_ID]: `${t}`
         },
-        body: JSON.stringify(e)
+        body: JSON.stringify(o)
       }
     );
-    if (t.status !== 200)
-      return { status: t.status, data: [] };
-    const { data: o, errors: r } = await t.json();
+    if (r.status !== 200)
+      return { status: r.status, data: [] };
+    const { data: n, errors: s } = await r.json();
+    return {
+      status: r.status,
+      data: n,
+      errors: s
+    };
+  } catch (r) {
+    return console.error(r), { status: 500, data: [] };
+  }
+}, Y = async ({
+  idToken: e,
+  accessToken: t,
+  refreshToken: o,
+  clientId: r
+}) => {
+  try {
+    return {
+      status: (await Q({
+        type: q.LOGOUT,
+        clientId: r,
+        params: {
+          idToken: e,
+          accessToken: t,
+          refreshToken: o
+        }
+      })).status === 200
+    };
+  } catch {
     return {
-      status: t.status,
-      data: o,
-      errors: r
+      status: !1
     };
-  } catch (t) {
-    return console.error(t), { status: 500, data: [] };
   }
-}, dt = async ({
+}, fe = async ({
   username: e,
   password: t,
   clientId: o,
   nonce: r,
-  sessionExpiration: n
+  type: n,
+  sessionExpiration: s,
+  code: a,
+  code_verifier: c
 }) => {
   try {
-    const s = await ut({
+    const i = await Q({
+      type: q.AUTHENTICATE,
+      clientId: o,
       params: {
-        type: Ge.ID_AND_ACCESS_TOKEN,
+        type: n || F.ID_AND_ACCESS_TOKEN,
         username: e,
         password: t,
-        sessionExpiration: n,
-        clientId: o,
-        nonce: r
+        sessionExpiration: s,
+        nonce: r,
+        code: a,
+        code_verifier: c
       }
-    }), a = await se(s.data.idToken, o);
-    return a && a.payload[_.USER_ID_KEY] !== "" && a.payload[_.NONCE_KEY] === r ? {
-      idToken: s.data.idToken,
-      accessToken: s.data.accessToken,
-      userId: a.payload[_.USER_ID_KEY],
+    }), u = await be(i.data.idToken);
+    return u && u.payload[_.USER_ID_KEY] !== "" && u.payload[_.NONCE_KEY] === r ? {
+      idToken: i.data.idToken,
+      accessToken: i.data.accessToken,
+      refreshToken: i.data.refreshToken,
+      userId: u.payload[_.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -755,98 +834,170 @@ const L = "Oops! It looks like your session has expired. For your security, plea
       status: !1
     };
   }
-};
-function lt(e) {
-  const t = pe();
-  return Q(() => {
-    t.current = e;
-  }), t.current;
-}
-const J = () => {
-  throw new Error(st);
-}, ce = fe({
+}, Nt = async ({
+  nonce: e,
+  clientId: t,
+  code_challenge: o
+}) => {
+  try {
+    const r = await Q({
+      type: q.CODE,
+      clientId: t,
+      params: {
+        type: F.CODE,
+        nonce: e,
+        code_challenge: o
+      }
+    });
+    return r.data.code ? {
+      status: !0,
+      code: r.data.code
+    } : {
+      status: !1
+    };
+  } catch {
+    return {
+      status: !1
+    };
+  }
+}, $ = () => {
+  throw new Error(Pt);
+}, Te = De({
   isAuthenticated: !1,
   isLoading: !1,
-  login: J,
-  logout: J,
-  getAccessToken: J,
-  logoutReason: "",
-  idTokenClaims: null
-}), mt = ({
+  login: $,
+  logout: $,
+  getAccessToken: $,
+  getIdToken: $,
+  logoutReason: ""
+}), Jt = ({
   children: e,
   sessionExpiration: t,
   clientId: o
 }) => {
-  const [r, n, , s] = H({
-    key: `${$}::${o}::@@user@@`
-  }), [a, i, , c] = H({
-    key: `${$}::${o}::@@access@@`
-  }), [, p, , m] = H({
-    key: `${$}::${o}::@@nonce@@`
-  }), [h, w] = ye({
+  const [r, n, , s] = N({
+    key: `${L}::${o}::@@user@@`
+  }), [a, c, , i] = N({
+    key: `${L}::${o}::@@access@@`
+  }), [u, m, , f] = N(
+    {
+      key: `${L}::${o}::@@refresh@@`
+    }
+  ), [, E, , y] = N({
+    key: `${L}::${o}::@@nonce@@`
+  }), [p, v] = Ue({
     isLoading: !0,
     isAuthenticated: !1,
-    logoutReason: "",
     userId: "",
-    idTokenClaims: null
-  }), f = lt(r) || "", l = me(
-    (y) => {
-      w({
+    logoutReason: ""
+  }), I = Ne(
+    (g) => {
+      v({
         isLoading: !1,
         isAuthenticated: !1,
-        logoutReason: y || L,
         userId: "",
-        idTokenClaims: null
-      }), s(), c(), m();
+        logoutReason: g || G
+      }), s(), i(), f(), y();
     },
-    [s, c, m]
+    [s, i, y, f]
   );
-  Q(() => {
-    f !== r && r !== null && (async () => {
+  He(() => {
+    p.isLoading && r !== null && (async () => {
       try {
-        const y = await se(r, o);
-        y && y.payload[_.USER_ID_KEY] !== "" ? w({
+        const g = await be(r);
+        g && g.payload[_.USER_ID_KEY] !== "" ? v({
           isLoading: !1,
           isAuthenticated: !0,
-          logoutReason: "",
-          userId: y.payload[_.USER_ID_KEY],
-          idTokenClaims: {
-            ...y == null ? void 0 : y.payload,
-            [_.TOKEN_ID_KEY]: r
-          }
-        }) : l(L);
+          userId: g.payload[_.USER_ID_KEY],
+          logoutReason: ""
+        }) : (I(G), await Y({
+          idToken: r,
+          accessToken: a,
+          refreshToken: u,
+          clientId: o
+        }));
       } catch {
-        l(L);
+        I(G), await Y({
+          idToken: r,
+          accessToken: a,
+          refreshToken: u,
+          clientId: o
+        });
       }
     })();
-  }, [r, f, o, l]);
-  const O = async (y, le) => {
-    const j = ot();
-    p(j);
-    const v = await dt({
-      username: y,
-      password: le,
+  }, [
+    p.isLoading,
+    a,
+    r,
+    u,
+    o,
+    I
+  ]);
+  const ve = async (g, Z, W) => {
+    const O = Ct();
+    if (E(O), W === F.CODE) {
+      const { code_verifier: Ce, code_challenge: Oe } = await bt(), ee = await Nt({
+        nonce: O,
+        clientId: o,
+        code_challenge: Oe
+      });
+      if (ee.status) {
+        const k = await fe({
+          username: g,
+          password: Z,
+          clientId: o,
+          sessionExpiration: t,
+          nonce: O,
+          type: W,
+          code: ee.code,
+          code_verifier: Ce
+        });
+        return k.status ? (n(k.idToken), c(k.accessToken), m(k.refreshToken), v({
+          isLoading: !1,
+          isAuthenticated: !0,
+          userId: k.userId,
+          logoutReason: ""
+        }), !0) : (I(he), !1);
+      }
+      return !1;
+    }
+    const R = await fe({
+      username: g,
+      password: Z,
       clientId: o,
       sessionExpiration: t,
-      nonce: j
+      nonce: O,
+      type: W
     });
-    return v.status ? (n(v.idToken), i(v.accessToken), w({
+    return R.status ? (n(R.idToken), c(R.accessToken), m(R.refreshToken), v({
       isLoading: !1,
       isAuthenticated: !0,
-      userId: v.userId
-    }), !0) : (l(at), !1);
-  }, ue = () => {
-    l(nt);
-  }, de = () => a;
-  return /* @__PURE__ */ he(
-    ce.Provider,
+      userId: R.userId
+    }), !0) : (I(he), !1);
+  }, Ie = async () => {
+    I(Ot), await Y({
+      idToken: r,
+      accessToken: a,
+      refreshToken: u,
+      clientId: o
+    });
+  }, Re = () => {
+    if (p.isAuthenticated && a)
+      return a;
+  }, ke = () => {
+    if (p.isAuthenticated && r)
+      return r;
+  };
+  return /* @__PURE__ */ Pe(
+    Te.Provider,
     {
-      value: { ...h, login: O, logout: ue, getAccessToken: de },
+      value: { ...p, login: ve, logout: Ie, getAccessToken: Re, getIdToken: ke },
       children: e
     }
   );
-}, wt = (e = ce) => we(e);
+}, Kt = (e = Te) => Le(e);
 export {
-  mt as AuthProvider,
-  wt as useAuth
+  F as AUTH_TYPES,
+  Jt as AuthProvider,
+  Kt as useAuth
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@versini/auth-provider",
-	"version": "4.0.0",
+	"version": "4.2.0",
 	"license": "MIT",
 	"author": "Arno Versini",
 	"publishConfig": {
@@ -44,10 +44,10 @@
 		"react-dom": "18.3.1"
 	},
 	"dependencies": {
-		"@versini/auth-common": "2.6.0",
+		"@versini/auth-common": "2.8.0",
 		"@versini/ui-hooks": "4.0.0",
 		"jose": "5.4.1",
 		"uuid": "10.0.0"
 	},
-	"gitHead": "8229de388733e13731f9dcfdfe6ffbc0ee9e77fb"
+	"gitHead": "2a2665c70c76f0ee6772124b4703ac1bf3446435"
 }