npm - @versini/auth-provider - Versions diffs - 6.2.1 → 6.3.0 - Mend

@versini/auth-provider 6.2.1 → 6.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import * as react_jsx_runtime from 'react/jsx-runtime';
 import { AUTH_TYPES } from '@versini/auth-common';
-export { AUTH_TYPES } from '@versini/auth-common';
+export { AUTH_TYPES, isGranted } from '@versini/auth-common';
 import * as react from 'react';
 type AuthenticationTypes =

package/dist/index.js CHANGED Viewed

@@ -1,22 +1,22 @@
 var _t = Object.defineProperty;
 var vt = (e, t, n) => t in e ? _t(e, t, { enumerable: !0, configurable: !0, writable: !0, value: n }) : e[t] = n;
 var z = (e, t, n) => vt(e, typeof t != "symbol" ? t + "" : t, n);
-import { jsx as ke } from "react/jsx-runtime";
-import kt, { useSyncExternalStore as Pt, useCallback as x, useEffect as Te, createContext as Ct, useReducer as Ot, useRef as Pe, useContext as Nt } from "react";
+import { jsx as Pe } from "react/jsx-runtime";
+import Pt, { useSyncExternalStore as Ct, useCallback as x, useEffect as Te, createContext as kt, useReducer as Ot, useRef as Ce, useContext as Nt } from "react";
 /*!
-  @versini/auth-provider v6.2.1
+  @versini/auth-provider v6.3.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "6.2.1",
-    buildTime: "07/18/2024 12:26 PM EDT",
+    version: "6.3.0",
+    buildTime: "07/21/2024 06:09 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-function k(e) {
+function P(e) {
   const t = new Uint8Array(e);
   let n = "";
   for (const a of t)
@@ -32,7 +32,7 @@ function ie(e) {
 function Re() {
   return (window == null ? void 0 : window.PublicKeyCredential) !== void 0 && typeof window.PublicKeyCredential == "function";
 }
-function Ve(e) {
+function Ye(e) {
   const { id: t } = e;
   return {
     ...e,
@@ -40,10 +40,10 @@ function Ve(e) {
     transports: e.transports
   };
 }
-function Ye(e) {
+function Ve(e) {
   return e === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e);
 }
-class b extends Error {
+class I extends Error {
   constructor({ message: t, code: n, cause: r, name: a }) {
     super(t, { cause: r }), this.name = a ?? r.name, this.code = n;
   }
@@ -55,70 +55,70 @@ function Dt({ error: e, options: t }) {
     throw Error("options was missing required publicKey property");
   if (e.name === "AbortError") {
     if (t.signal instanceof AbortSignal)
-      return new b({
+      return new I({
         message: "Registration ceremony was sent an abort signal",
         code: "ERROR_CEREMONY_ABORTED",
         cause: e
       });
   } else if (e.name === "ConstraintError") {
     if (((r = n.authenticatorSelection) == null ? void 0 : r.requireResidentKey) === !0)
-      return new b({
+      return new I({
         message: "Discoverable credentials were required but no available authenticator supported it",
         code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",
         cause: e
       });
     if (((a = n.authenticatorSelection) == null ? void 0 : a.userVerification) === "required")
-      return new b({
+      return new I({
         message: "User verification was required but no available authenticator supported it",
         code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",
         cause: e
       });
   } else {
     if (e.name === "InvalidStateError")
-      return new b({
+      return new I({
         message: "The authenticator was previously registered",
         code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",
         cause: e
       });
     if (e.name === "NotAllowedError")
-      return new b({
+      return new I({
         message: e.message,
         code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
         cause: e
       });
     if (e.name === "NotSupportedError")
-      return n.pubKeyCredParams.filter((o) => o.type === "public-key").length === 0 ? new b({
+      return n.pubKeyCredParams.filter((o) => o.type === "public-key").length === 0 ? new I({
         message: 'No entry in pubKeyCredParams was of type "public-key"',
         code: "ERROR_MALFORMED_PUBKEYCREDPARAMS",
         cause: e
-      }) : new b({
+      }) : new I({
         message: "No available authenticator supported any of the specified pubKeyCredParams algorithms",
         code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",
         cause: e
       });
     if (e.name === "SecurityError") {
       const s = window.location.hostname;
-      if (Ye(s)) {
+      if (Ve(s)) {
         if (n.rp.id !== s)
-          return new b({
+          return new I({
             message: `The RP ID "${n.rp.id}" is invalid for this domain`,
             code: "ERROR_INVALID_RP_ID",
             cause: e
           });
-      } else return new b({
+      } else return new I({
         message: `${window.location.hostname} is an invalid domain`,
         code: "ERROR_INVALID_DOMAIN",
         cause: e
       });
     } else if (e.name === "TypeError") {
       if (n.user.id.byteLength < 1 || n.user.id.byteLength > 64)
-        return new b({
+        return new I({
           message: "User ID was not between 1 and 64 characters",
           code: "ERROR_INVALID_USER_ID_LENGTH",
           cause: e
         });
     } else if (e.name === "UnknownError")
-      return new b({
+      return new I({
         message: "The authenticator was unable to process the specified options, or could not create a new credential",
         code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
         cause: e
@@ -158,7 +158,7 @@ async function Kt(e) {
       ...e.user,
       id: ie(e.user.id)
     },
-    excludeCredentials: (p = e.excludeCredentials) == null ? void 0 : p.map(Ve)
+    excludeCredentials: (p = e.excludeCredentials) == null ? void 0 : p.map(Ye)
   } };
   n.signal = je.createNewAbortSignal();
   let r;
@@ -183,23 +183,23 @@ async function Kt(e) {
   if (typeof o.getPublicKey == "function")
     try {
       const l = o.getPublicKey();
-      l !== null && (y = k(l));
+      l !== null && (y = P(l));
     } catch (l) {
       fe("getPublicKey()", l);
     }
   let h;
   if (typeof o.getAuthenticatorData == "function")
     try {
-      h = k(o.getAuthenticatorData());
+      h = P(o.getAuthenticatorData());
     } catch (l) {
       fe("getAuthenticatorData()", l);
     }
   return {
     id: a,
-    rawId: k(s),
+    rawId: P(s),
     response: {
-      attestationObject: k(o.attestationObject),
-      clientDataJSON: k(o.clientDataJSON),
+      attestationObject: P(o.attestationObject),
+      clientDataJSON: P(o.clientDataJSON),
       transports: u,
       publicKeyAlgorithm: f,
       publicKey: y,
@@ -226,34 +226,34 @@ function Lt({ error: e, options: t }) {
     throw Error("options was missing required publicKey property");
   if (e.name === "AbortError") {
     if (t.signal instanceof AbortSignal)
-      return new b({
+      return new I({
         message: "Authentication ceremony was sent an abort signal",
         code: "ERROR_CEREMONY_ABORTED",
         cause: e
       });
   } else {
     if (e.name === "NotAllowedError")
-      return new b({
+      return new I({
         message: e.message,
         code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
         cause: e
       });
     if (e.name === "SecurityError") {
       const r = window.location.hostname;
-      if (Ye(r)) {
+      if (Ve(r)) {
         if (n.rpId !== r)
-          return new b({
+          return new I({
             message: `The RP ID "${n.rpId}" is invalid for this domain`,
             code: "ERROR_INVALID_RP_ID",
             cause: e
           });
-      } else return new b({
+      } else return new I({
         message: `${window.location.hostname} is an invalid domain`,
         code: "ERROR_INVALID_DOMAIN",
         cause: e
       });
     } else if (e.name === "UnknownError")
-      return new b({
+      return new I({
         message: "The authenticator was unable to process the specified options, or could not create a new assertion signature",
         code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
         cause: e
@@ -266,7 +266,7 @@ async function Wt(e, t = !1) {
   if (!Re())
     throw new Error("WebAuthn is not supported in this browser");
   let n;
-  ((h = e.allowCredentials) == null ? void 0 : h.length) !== 0 && (n = (p = e.allowCredentials) == null ? void 0 : p.map(Ve));
+  ((h = e.allowCredentials) == null ? void 0 : h.length) !== 0 && (n = (p = e.allowCredentials) == null ? void 0 : p.map(Ye));
   const r = {
     ...e,
     challenge: ie(e.challenge),
@@ -290,13 +290,13 @@ async function Wt(e, t = !1) {
     throw new Error("Authentication was not completed");
   const { id: o, rawId: i, response: u, type: f } = s;
   let y;
-  return u.userHandle && (y = k(u.userHandle)), {
+  return u.userHandle && (y = P(u.userHandle)), {
     id: o,
-    rawId: k(i),
+    rawId: P(i),
     response: {
-      authenticatorData: k(u.authenticatorData),
-      clientDataJSON: k(u.clientDataJSON),
-      signature: k(u.signature),
+      authenticatorData: P(u.authenticatorData),
+      clientDataJSON: P(u.clientDataJSON),
+      signature: P(u.signature),
       userHandle: y
     },
     type: f,
@@ -305,19 +305,19 @@ async function Wt(e, t = !1) {
   };
 }
 /*!
-  @versini/auth-common v2.12.1
+  @versini/auth-common v3.2.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "2.12.1",
-    buildTime: "07/18/2024 12:26 PM EDT",
+    version: "3.2.0",
+    buildTime: "07/21/2024 06:09 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const j = {
+const F = {
   ID_TOKEN: "id_token",
   ACCESS_TOKEN: "token",
   ID_AND_ACCESS_TOKEN: "id_token token",
@@ -326,13 +326,16 @@ const j = {
   PASSKEY: "passkey"
 }, Be = {
   CLIENT_ID: "X-Auth-ClientId"
-}, I = {
+}, b = {
   ALG: "RS256",
   USER_ID_KEY: "sub",
   TOKEN_ID_KEY: "__raw",
   NONCE_KEY: "_nonce",
   USERNAME_KEY: "username",
   AUTH_TYPE_KEY: "auth_type",
+  EXPIRES_AT_KEY: "exp",
+  CREATED_AT_KEY: "iat",
+  SCOPES_KEY: "scopes",
   ISSUER: "gizmette.com"
 }, xt = `-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
@@ -359,7 +362,7 @@ const Gt = (e) => {
   for (let r = 0; r < t.length; r++)
     n[r] = t.charCodeAt(r);
   return n;
-}, Y = (e) => {
+}, j = (e) => {
   let t = e;
   t instanceof Uint8Array && (t = B.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
   try {
@@ -383,7 +386,7 @@ let U = class extends Error {
   constructor(t, n, r = "unspecified", a = "unspecified") {
     super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = a, this.payload = n;
   }
-}, Ce = class extends U {
+}, ke = class extends U {
   static get code() {
     return "ERR_JWT_EXPIRED";
   }
@@ -415,7 +418,7 @@ class R extends U {
     return "ERR_JWS_INVALID";
   }
 }
-let C = class extends U {
+let k = class extends U {
   constructor() {
     super(...arguments), this.code = "ERR_JWT_INVALID";
   }
@@ -423,7 +426,7 @@ let C = class extends U {
     return "ERR_JWT_INVALID";
   }
 };
-class Vt extends U {
+class Yt extends U {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
   }
@@ -431,7 +434,7 @@ class Vt extends U {
     return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
   }
 }
-function P(e, t = "algorithm.name") {
+function C(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
 function X(e, t) {
@@ -440,7 +443,7 @@ function X(e, t) {
 function ye(e) {
   return parseInt(e.name.slice(4), 10);
 }
-function Yt(e) {
+function Vt(e) {
   switch (e) {
     case "ES256":
       return "P-256";
@@ -468,45 +471,45 @@ function Ft(e, t, ...n) {
     case "HS384":
     case "HS512": {
       if (!X(e.algorithm, "HMAC"))
-        throw P("HMAC");
+        throw C("HMAC");
       const r = parseInt(t.slice(2), 10);
       if (ye(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+        throw C(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "RS256":
     case "RS384":
     case "RS512": {
       if (!X(e.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw P("RSASSA-PKCS1-v1_5");
+        throw C("RSASSA-PKCS1-v1_5");
       const r = parseInt(t.slice(2), 10);
       if (ye(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+        throw C(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "PS256":
     case "PS384":
     case "PS512": {
       if (!X(e.algorithm, "RSA-PSS"))
-        throw P("RSA-PSS");
+        throw C("RSA-PSS");
       const r = parseInt(t.slice(2), 10);
       if (ye(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+        throw C(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "EdDSA": {
       if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
-        throw P("Ed25519 or Ed448");
+        throw C("Ed25519 or Ed448");
       break;
     }
     case "ES256":
     case "ES384":
     case "ES512": {
       if (!X(e.algorithm, "ECDSA"))
-        throw P("ECDSA");
-      const r = Yt(t);
+        throw C("ECDSA");
+      const r = Vt(t);
       if (e.algorithm.namedCurve !== r)
-        throw P(r, "algorithm.namedCurve");
+        throw C(r, "algorithm.namedCurve");
       break;
     }
     default:
@@ -646,7 +649,7 @@ const Xt = async (e) => {
     e.key_ops ?? n
   ], a = { ...e };
   return delete a.alg, delete a.use, he.subtle.importKey("jwk", a, ...r);
-}, Ze = (e) => Y(e);
+}, Ze = (e) => j(e);
 let ge, me;
 const et = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", tt = async (e, t, n, r) => {
   let a = e.get(t);
@@ -850,7 +853,7 @@ async function fn(e, t, n) {
   let r = {};
   if (e.protected)
     try {
-      const d = Y(e.protected);
+      const d = j(e.protected);
       r = JSON.parse(B.decode(d));
     } catch {
       throw new R("JWS Protected Header is invalid");
@@ -880,16 +883,16 @@ async function fn(e, t, n) {
   const y = Mt(Q.encode(e.protected ?? ""), Q.encode("."), typeof e.payload == "string" ? Q.encode(e.payload) : e.payload);
   let h;
   try {
-    h = Y(e.signature);
+    h = j(e.signature);
   } catch {
     throw new R("Failed to base64url decode the signature");
   }
   if (!await pn(i, t, h, y))
-    throw new Vt();
+    throw new Yt();
   let p;
   if (o)
     try {
-      p = Y(e.payload);
+      p = j(e.payload);
     } catch {
       throw new R("Failed to base64url decode the payload");
     }
@@ -956,7 +959,7 @@ const gn = (e) => Math.floor(e.getTime() / 1e3), nt = 60, rt = nt * 60, be = rt
   } catch {
   }
   if (!ue(r))
-    throw new C("JWT Claims Set must be a top-level JSON object");
+    throw new k("JWT Claims Set must be a top-level JSON object");
   const { typ: a } = n;
   if (a && (typeof e.typ != "string" || Ue(e.typ) !== Ue(a)))
     throw new v('unexpected "typ" JWT header value', r, "typ", "check_failed");
@@ -998,12 +1001,12 @@ const gn = (e) => Math.floor(e.getTime() / 1e3), nt = 60, rt = nt * 60, be = rt
     if (typeof r.exp != "number")
       throw new v('"exp" claim must be a number', r, "exp", "invalid");
     if (r.exp <= l - h)
-      throw new Ce('"exp" claim timestamp check failed', r, "exp", "check_failed");
+      throw new ke('"exp" claim timestamp check failed', r, "exp", "check_failed");
   }
   if (f) {
     const d = l - r.iat, m = typeof f == "number" ? f : De(f);
     if (d - h > m)
-      throw new Ce('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
+      throw new ke('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
     if (d < 0 - h)
       throw new v('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
   }
@@ -1013,42 +1016,42 @@ async function Tn(e, t, n) {
   var r;
   const a = await yn(e, t, n);
   if ((r = a.protectedHeader.crit) != null && r.includes("b64") && a.protectedHeader.b64 === !1)
-    throw new C("JWTs MUST NOT use unencoded payload");
+    throw new k("JWTs MUST NOT use unencoded payload");
   const s = { payload: An(a.protectedHeader, a.payload, n), protectedHeader: a.protectedHeader };
   return typeof t == "function" ? { ...s, key: a.key } : s;
 }
-const Rn = Y;
+const Rn = j;
 function bn(e) {
   if (typeof e != "string")
-    throw new C("JWTs must use Compact JWS serialization, JWT must be a string");
+    throw new k("JWTs must use Compact JWS serialization, JWT must be a string");
   const { 1: t, length: n } = e.split(".");
   if (n === 5)
-    throw new C("Only JWTs using Compact JWS serialization can be decoded");
+    throw new k("Only JWTs using Compact JWS serialization can be decoded");
   if (n !== 3)
-    throw new C("Invalid JWT");
+    throw new k("Invalid JWT");
   if (!t)
-    throw new C("JWTs must contain a payload");
+    throw new k("JWTs must contain a payload");
   let r;
   try {
     r = Rn(t);
   } catch {
-    throw new C("Failed to base64url decode the payload");
+    throw new k("Failed to base64url decode the payload");
   }
   let a;
   try {
     a = JSON.parse(B.decode(r));
   } catch {
-    throw new C("Failed to parse the decoded payload as JSON");
+    throw new k("Failed to parse the decoded payload as JSON");
   }
   if (!ue(a))
-    throw new C("Invalid JWT Claims Set");
+    throw new k("Invalid JWT Claims Set");
   return a;
 }
-const F = async (e) => {
+const M = async (e) => {
   try {
-    const t = I.ALG, n = await an(xt, t);
+    const t = b.ALG, n = await an(xt, t);
     return await Tn(e, n, {
-      issuer: I.ISSUER
+      issuer: b.ISSUER
     });
   } catch {
     return;
@@ -1067,23 +1070,23 @@ function _n(e, t = 0) {
   return (A[e[t + 0]] + A[e[t + 1]] + A[e[t + 2]] + A[e[t + 3]] + "-" + A[e[t + 4]] + A[e[t + 5]] + "-" + A[e[t + 6]] + A[e[t + 7]] + "-" + A[e[t + 8]] + A[e[t + 9]] + "-" + A[e[t + 10]] + A[e[t + 11]] + A[e[t + 12]] + A[e[t + 13]] + A[e[t + 14]] + A[e[t + 15]]).toLowerCase();
 }
 var Z, vn = new Uint8Array(16);
-function kn() {
+function Pn() {
   if (!Z && (Z = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !Z))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
   return Z(vn);
 }
-var Pn = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+var Cn = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
 const $e = {
-  randomUUID: Pn
+  randomUUID: Cn
 };
 function Ke(e, t, n) {
   if ($e.randomUUID && !t && !e)
     return $e.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || kn)();
+  var r = e.random || (e.rng || Pn)();
   return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, _n(r);
 }
-const He = globalThis.crypto, Cn = (e) => `${Ke()}${Ke()}`.slice(0, e), On = (e) => btoa(
+const He = globalThis.crypto, kn = (e) => `${Ke()}${Ke()}`.slice(0, e), On = (e) => btoa(
   [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
 );
 async function Nn(e) {
@@ -1095,12 +1098,21 @@ async function Nn(e) {
   return On(n).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
 async function Dn(e) {
-  const n = Cn(43), r = await Nn(n);
+  const n = kn(43), r = await Nn(n);
   return {
     code_verifier: n,
     code_challenge: r
   };
 }
+const Cr = async (e, t) => {
+  var n, r;
+  const a = await M(e);
+  if ((r = a && ((n = a == null ? void 0 : a.payload) == null ? void 0 : n[b.SCOPES_KEY])) != null && r.length) {
+    const s = a.payload[b.SCOPES_KEY];
+    return t.every((o) => s.includes(o));
+  }
+  return !1;
+};
 function at(e, t) {
   window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
 }
@@ -1116,7 +1128,7 @@ function ee({
   key: e,
   initialValue: t
 }) {
-  const n = Pt($n, () => We(e)), r = x(
+  const n = Ct($n, () => We(e)), r = x(
     (o) => {
       try {
         const i = typeof o == "function" ? o(JSON.parse(n)) : o;
@@ -1246,11 +1258,11 @@ const Gn = {
       }
     });
   }
-}), st = { browser: "" }, Vn = async (e) => typeof navigator > "u" ? st : { browser: navigator.userAgent }, it = {
+}), st = { browser: "" }, Yn = async (e) => typeof navigator > "u" ? st : { browser: navigator.userAgent }, it = {
   canvas: {
     data: ""
   }
-}, Yn = async (e) => {
+}, Vn = async (e) => {
   try {
     const t = Array.from(
       { length: 3 },
@@ -1491,8 +1503,8 @@ const cr = async (e) => {
   try {
     return Promise.all([
       Jn(),
-      Vn(),
       Yn(),
+      Vn(),
       Xn(),
       rr(),
       or(),
@@ -1521,10 +1533,10 @@ const cr = async (e) => {
 }, ne = "Oops! It looks like your session has expired. For your security, please log in again to continue.", dr = "Your session has been successfully terminated.", re = "Login failed. Please try again.", Ae = "Error getting access token, please re-authenticate.", hr = "You forgot to wrap your component in <AuthProvider>.", le = {
   dev: "https://auth.gizmette.local.com:3003",
   prod: "https://mylogin.gizmette.com/auth"
-}, ae = "@@auth@@", J = "LOADING", V = "LOGIN", ht = "LOGOUT", pr = process.env.NODE_ENV === "production", pt = !pr, fr = (e) => {
+}, ae = "@@auth@@", Y = "LOADING", V = "LOGIN", ht = "LOGOUT", pr = process.env.NODE_ENV === "production", pt = !pr, fr = (e) => {
   try {
     const t = In(e);
-    return t ? t[I.USER_ID_KEY] : "";
+    return t ? t[b.USER_ID_KEY] : "";
   } catch {
     return "";
   }
@@ -1601,7 +1613,7 @@ const cr = async (e) => {
       type: de.AUTHENTICATE,
       clientId: n,
       params: {
-        type: a || j.ID_AND_ACCESS_TOKEN,
+        type: a || F.ID_AND_ACCESS_TOKEN,
         username: e,
         password: t,
         sessionExpiration: s,
@@ -1611,12 +1623,12 @@ const cr = async (e) => {
         domain: u,
         fingerprint: f
       }
-    }), h = await F(y.data.idToken);
-    return h && h.payload[I.USER_ID_KEY] !== "" && h.payload[I.NONCE_KEY] === r ? {
+    }), h = await M(y.data.idToken);
+    return h && h.payload[b.USER_ID_KEY] !== "" && h.payload[b.NONCE_KEY] === r ? {
       idToken: y.data.idToken,
       accessToken: y.data.accessToken,
       refreshToken: y.data.refreshToken,
-      userId: h.payload[I.USER_ID_KEY],
+      userId: h.payload[b.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -1636,7 +1648,7 @@ const cr = async (e) => {
       type: de.CODE,
       clientId: t,
       params: {
-        type: j.CODE,
+        type: F.CODE,
         nonce: e,
         code_challenge: n
       }
@@ -1665,7 +1677,7 @@ const cr = async (e) => {
       type: de.AUTHENTICATE,
       clientId: e,
       params: {
-        type: j.REFRESH_TOKEN,
+        type: F.REFRESH_TOKEN,
         userId: t,
         nonce: n,
         refreshToken: r,
@@ -1673,11 +1685,11 @@ const cr = async (e) => {
         domain: s,
         fingerprint: await ft()
       }
-    }), i = await F(o.data.accessToken);
-    return i && i.payload[I.USER_ID_KEY] !== "" && i.payload[I.NONCE_KEY] === n ? {
+    }), i = await M(o.data.accessToken);
+    return i && i.payload[b.USER_ID_KEY] !== "" && i.payload[b.NONCE_KEY] === n ? {
       accessToken: o.data.accessToken,
       refreshToken: o.data.refreshToken,
-      userId: i.payload[I.USER_ID_KEY],
+      userId: i.payload[b.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -1852,8 +1864,8 @@ class wr {
     nonce: r,
     domain: a
   }) {
-    const s = await F(this.refreshToken);
-    if (s && s.payload[I.USER_ID_KEY] !== "") {
+    const s = await M(this.refreshToken);
+    if (s && s.payload[b.USER_ID_KEY] !== "") {
       const o = await mr({
         clientId: t,
         userId: n,
@@ -1877,7 +1889,7 @@ class wr {
 }
 const W = () => {
   throw new Error(hr);
-}, yt = Ct({
+}, yt = kt({
   isAuthenticated: !1,
   isLoading: !1,
   authenticationType: null,
@@ -1888,7 +1900,7 @@ const W = () => {
   registeringForPasskey: W,
   loginWithPasskey: W,
   logoutReason: ""
-}), Er = kt.createContext({
+}), Er = Pt.createContext({
   state: {
     isLoading: !0,
     isAuthenticated: !1,
@@ -1899,7 +1911,7 @@ const W = () => {
   },
   dispatch: () => {
   }
-}), Sr = (e, t) => (t == null ? void 0 : t.type) === J ? {
+}), Sr = (e, t) => (t == null ? void 0 : t.type) === Y ? {
   ...e,
   isLoading: t.payload.isLoading
 } : (t == null ? void 0 : t.type) === V ? {
@@ -1916,7 +1928,7 @@ const W = () => {
   user: void 0,
   authenticationType: null,
   logoutReason: t.payload.logoutReason
-} : e, Pr = ({
+} : e, kr = ({
   children: e,
   sessionExpiration: t,
   clientId: n,
@@ -1930,7 +1942,7 @@ const W = () => {
     user: void 0,
     logoutReason: "",
     debug: a
-  }), i = Pe(!1), u = Pe(""), [f, y, , h] = ee({
+  }), i = Ce(!1), u = Ce(""), [f, y, , h] = ee({
     key: `${ae}::${n}::@@user@@`
   }), [p, l, , d] = ee({
     key: `${ae}::${n}::@@access@@`
@@ -1955,7 +1967,7 @@ const W = () => {
         payload: {
           logoutReason: c || ne
         }
-      }), h(), d(), q(), _e(), o({ type: J, payload: { isLoading: !1 } });
+      }), h(), d(), q(), _e(), o({ type: Y, payload: { isLoading: !1 } });
     },
     [d, h, _e, q, w]
   ), D = x(
@@ -1990,14 +2002,14 @@ const W = () => {
     if (!i.current)
       return s.isLoading && f !== null ? (async () => {
         try {
-          const c = await F(f);
-          c && c.payload[I.USER_ID_KEY] !== "" ? (w("useEffect: setting the authentication state"), o({
+          const c = await M(f);
+          c && c.payload[b.USER_ID_KEY] !== "" ? (w("useEffect: setting the authentication state"), o({
             type: V,
             payload: {
-              authenticationType: c.payload[I.AUTH_TYPE_KEY],
+              authenticationType: c.payload[b.AUTH_TYPE_KEY],
               user: {
-                userId: c.payload[I.USER_ID_KEY],
-                username: c.payload[I.USERNAME_KEY]
+                userId: c.payload[b.USER_ID_KEY],
+                username: c.payload[b.USERNAME_KEY]
               }
             }
           })) : (w("useEffect: invalid JWT, invalidating and logging out"), await D(ne));
@@ -2006,20 +2018,20 @@ const W = () => {
             "useEffect: exception validating JWT, invalidating and logging out"
           ), await D(ne);
         }
-      })() : (w("useEffect: setting the loading state to false"), o({ type: J, payload: { isLoading: !1 } })), () => {
+      })() : (w("useEffect: setting the loading state to false"), o({ type: Y, payload: { isLoading: !1 } })), () => {
         i.current = !0;
       };
   }, [s.isLoading, f, D, w]);
   const wt = async (c, E, g) => {
     const _ = Se();
-    if (Ie(_), o({ type: J, payload: { isLoading: !0 } }), h(), d(), q(), w("login: Logging in with type: ", g), g === j.CODE) {
+    if (Ie(_), o({ type: Y, payload: { isLoading: !0 } }), h(), d(), q(), w("login: Logging in with type: ", g), g === F.CODE) {
       const { code_verifier: bt, code_challenge: It } = await Dn(), ve = await gr({
         nonce: _,
         clientId: n,
         code_challenge: It
       });
       if (ve.status) {
-        const G = await Je({
+        const J = await Je({
           username: c,
           password: E,
           clientId: n,
@@ -2031,12 +2043,12 @@ const W = () => {
           domain: r,
           fingerprint: u.current
         });
-        return G.status ? (y(G.idToken), l(G.accessToken), S(G.refreshToken), o({
+        return J.status ? (y(J.idToken), l(J.accessToken), S(J.refreshToken), o({
           type: V,
           payload: {
             authenticationType: g,
             user: {
-              userId: G.userId,
+              userId: J.userId,
               username: c
             }
           }
@@ -2044,7 +2056,7 @@ const W = () => {
       }
       return !1;
     }
-    const M = await Je({
+    const G = await Je({
       username: c,
       password: E,
       clientId: n,
@@ -2054,12 +2066,12 @@ const W = () => {
       domain: r,
       fingerprint: u.current
     });
-    return M.status ? (y(M.idToken), l(M.accessToken), S(M.refreshToken), o({
+    return G.status ? (y(G.idToken), l(G.accessToken), S(G.refreshToken), o({
       type: V,
       payload: {
         authenticationType: g,
         user: {
-          userId: M.userId,
+          userId: G.userId,
           username: c
         }
       }
@@ -2072,8 +2084,8 @@ const W = () => {
       if (c && E && E.userId) {
         if (p) {
           w("getAccessToken");
-          const _ = await F(p);
-          if (_ && _.payload[I.USER_ID_KEY] !== "")
+          const _ = await M(p);
+          if (_ && _.payload[b.USER_ID_KEY] !== "")
             return p;
         }
         w("getAccessToken: invalid access token, refreshing it");
@@ -2137,7 +2149,7 @@ const W = () => {
       }
   }, Rt = async () => {
     const c = Se();
-    Ie(c), o({ type: J, payload: { isLoading: !0 } }), h(), d(), q(), w("loginWithPasskey");
+    Ie(c), o({ type: Y, payload: { isLoading: !0 } }), h(), d(), q(), w("loginWithPasskey");
     const E = Se();
     let g = await L({
       accessToken: p,
@@ -2166,7 +2178,7 @@ const W = () => {
         }), g.data.status === "success" ? (y(g.data.idToken), l(g.data.accessToken), S(g.data.refreshToken), o({
           type: V,
           payload: {
-            authenticationType: j.PASSKEY,
+            authenticationType: F.PASSKEY,
             user: {
               userId: g.data.userId,
               username: g.data.username
@@ -2188,7 +2200,7 @@ const W = () => {
         }), $(re), !1;
       }
   };
-  return /* @__PURE__ */ ke(Er.Provider, { value: { state: s, dispatch: o }, children: /* @__PURE__ */ ke(
+  return /* @__PURE__ */ Pe(Er.Provider, { value: { state: s, dispatch: o }, children: /* @__PURE__ */ Pe(
     yt.Provider,
     {
       value: {
@@ -2203,9 +2215,10 @@ const W = () => {
       children: e
     }
   ) });
-}, Cr = (e = yt) => Nt(e);
+}, Or = (e = yt) => Nt(e);
 export {
-  j as AUTH_TYPES,
-  Pr as AuthProvider,
-  Cr as useAuth
+  F as AUTH_TYPES,
+  kr as AuthProvider,
+  Cr as isGranted,
+  Or as useAuth
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@versini/auth-provider",
-	"version": "6.2.1",
+	"version": "6.3.0",
 	"license": "MIT",
 	"author": "Arno Versini",
 	"publishConfig": {
@@ -45,11 +45,11 @@
 	},
 	"dependencies": {
 		"@simplewebauthn/browser": "10.0.0",
-		"@versini/auth-common": "2.12.1",
+		"@versini/auth-common": "3.2.0",
 		"@versini/ui-fingerprint": "1.0.1",
 		"@versini/ui-hooks": "4.0.1",
 		"jose": "5.6.3",
 		"uuid": "10.0.0"
 	},
-	"gitHead": "8602491302f1b74ebeca8b4e34d7998a426a99c6"
+	"gitHead": "4e1b9bc9a8abff76274d07957bdbb45cf8ee1c00"
 }