npm - @weirdfingers/boards-auth-jwt - Versions diffs - 0.9.13 - Mend

@weirdfingers/boards-auth-jwt 0.9.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.mts ADDED Viewed

@@ -0,0 +1,53 @@
+import * as _weirdfingers_boards from '@weirdfingers/boards';
+import { AuthProviderConfig, BaseAuthProvider, AuthState, User } from '@weirdfingers/boards';
+export { AuthContextValue, AuthProviderConfig, AuthState, User } from '@weirdfingers/boards';
+/**
+ * JWT auth provider types.
+ */
+interface JWTConfig extends AuthProviderConfig {
+    /**
+     * API endpoint for authentication operations.
+     */
+    apiUrl: string;
+    /**
+     * Storage key for the JWT token.
+     * Defaults to 'boards_jwt_token'.
+     */
+    tokenStorageKey?: string;
+    /**
+     * Storage key for user information.
+     * Defaults to 'boards_user_info'.
+     */
+    userStorageKey?: string;
+}
+declare class JWTAuthProvider extends BaseAuthProvider {
+    protected config: JWTConfig;
+    private listeners;
+    private currentState;
+    constructor(config: JWTConfig);
+    initialize(): Promise<void>;
+    getAuthState(): Promise<AuthState>;
+    signIn(options?: _weirdfingers_boards.SignInOptions): Promise<void>;
+    signOut(): Promise<void>;
+    getToken(): Promise<string | null>;
+    refreshToken(): Promise<string | null>;
+    getUser(): Promise<User | null>;
+    onAuthStateChange(callback: (state: AuthState) => void): () => void;
+    destroy(): Promise<void>;
+    private getUserFromToken;
+    /**
+     * Parse a JWT and return its payload, with robust error handling.
+     */
+    private parseJWT;
+    /**
+     * Decodes a base64url-encoded string.
+     */
+    private base64UrlDecode;
+    private isTokenExpired;
+    private updateState;
+}
+export { JWTAuthProvider, type JWTConfig };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import * as _weirdfingers_boards from '@weirdfingers/boards';
+import { AuthProviderConfig, BaseAuthProvider, AuthState, User } from '@weirdfingers/boards';
+export { AuthContextValue, AuthProviderConfig, AuthState, User } from '@weirdfingers/boards';
+/**
+ * JWT auth provider types.
+ */
+interface JWTConfig extends AuthProviderConfig {
+    /**
+     * API endpoint for authentication operations.
+     */
+    apiUrl: string;
+    /**
+     * Storage key for the JWT token.
+     * Defaults to 'boards_jwt_token'.
+     */
+    tokenStorageKey?: string;
+    /**
+     * Storage key for user information.
+     * Defaults to 'boards_user_info'.
+     */
+    userStorageKey?: string;
+}
+declare class JWTAuthProvider extends BaseAuthProvider {
+    protected config: JWTConfig;
+    private listeners;
+    private currentState;
+    constructor(config: JWTConfig);
+    initialize(): Promise<void>;
+    getAuthState(): Promise<AuthState>;
+    signIn(options?: _weirdfingers_boards.SignInOptions): Promise<void>;
+    signOut(): Promise<void>;
+    getToken(): Promise<string | null>;
+    refreshToken(): Promise<string | null>;
+    getUser(): Promise<User | null>;
+    onAuthStateChange(callback: (state: AuthState) => void): () => void;
+    destroy(): Promise<void>;
+    private getUserFromToken;
+    /**
+     * Parse a JWT and return its payload, with robust error handling.
+     */
+    private parseJWT;
+    /**
+     * Decodes a base64url-encoded string.
+     */
+    private base64UrlDecode;
+    private isTokenExpired;
+    private updateState;
+}
+export { JWTAuthProvider, type JWTConfig };

package/dist/index.js ADDED Viewed

@@ -0,0 +1,204 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  JWTAuthProvider: () => JWTAuthProvider
+});
+module.exports = __toCommonJS(index_exports);
+// src/JWTAuthProvider.ts
+var import_boards = require("@weirdfingers/boards");
+var JWTAuthProvider = class extends import_boards.BaseAuthProvider {
+  constructor(config) {
+    super(config);
+    this.listeners = [];
+    this.config = {
+      tokenStorageKey: "boards_jwt_token",
+      userStorageKey: "boards_user_info",
+      ...config
+    };
+    this.currentState = {
+      user: null,
+      status: "loading",
+      signIn: this.signIn.bind(this),
+      signOut: this.signOut.bind(this),
+      getToken: this.getToken.bind(this),
+      refreshToken: this.refreshToken.bind(this)
+    };
+  }
+  async initialize() {
+    const token = localStorage.getItem(this.config.tokenStorageKey);
+    if (token) {
+      try {
+        const user = await this.getUserFromToken(token);
+        if (user && !this.isTokenExpired(token)) {
+          this.updateState({ user, status: "authenticated" });
+          return;
+        }
+      } catch (error) {
+        console.warn("Failed to restore user session:", error);
+      }
+    }
+    this.updateState({ user: null, status: "unauthenticated" });
+  }
+  async getAuthState() {
+    return this.currentState;
+  }
+  async signIn(options) {
+    const email = options?.email;
+    const password = options?.password;
+    this.updateState({ status: "loading" });
+    try {
+      const response = await fetch(`${this.config.apiUrl}/auth/login`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          ...this.config.tenantId && { "X-Tenant": this.config.tenantId }
+        },
+        body: JSON.stringify({ email, password })
+      });
+      if (!response.ok) {
+        throw new Error(`Authentication failed: ${response.statusText}`);
+      }
+      const data = await response.json();
+      const { token } = data;
+      if (!token) {
+        throw new Error("No token received from server");
+      }
+      localStorage.setItem(this.config.tokenStorageKey, token);
+      const user = await this.getUserFromToken(token);
+      this.updateState({ user, status: "authenticated" });
+    } catch (error) {
+      this.updateState({ user: null, status: "unauthenticated" });
+      throw error;
+    }
+  }
+  async signOut() {
+    localStorage.removeItem(this.config.tokenStorageKey);
+    localStorage.removeItem(this.config.userStorageKey);
+    this.updateState({ user: null, status: "unauthenticated" });
+  }
+  async getToken() {
+    const token = localStorage.getItem(this.config.tokenStorageKey);
+    if (!token || this.isTokenExpired(token)) {
+      return null;
+    }
+    return token;
+  }
+  async refreshToken() {
+    return this.getToken();
+  }
+  async getUser() {
+    return this.currentState.user;
+  }
+  onAuthStateChange(callback) {
+    this.listeners.push(callback);
+    return () => {
+      const index = this.listeners.indexOf(callback);
+      if (index > -1) {
+        this.listeners.splice(index, 1);
+      }
+    };
+  }
+  async destroy() {
+    this.listeners = [];
+  }
+  async getUserFromToken(token) {
+    try {
+      const payload = this.parseJWT(token);
+      return {
+        id: payload.sub,
+        email: payload.email ?? "",
+        name: payload.name,
+        avatar: payload.picture,
+        metadata: { provider: "jwt", subject: payload.sub },
+        credits: { balance: 0, reserved: 0 }
+      };
+    } catch (error) {
+      console.error("Failed to parse user from token:", error);
+      return null;
+    }
+  }
+  /**
+   * Parse a JWT and return its payload, with robust error handling.
+   */
+  parseJWT(token) {
+    const parts = token.split(".");
+    if (parts.length !== 3) {
+      throw new Error(
+        "Invalid JWT format: token must have exactly 3 parts separated by dots"
+      );
+    }
+    try {
+      const payloadJson = this.base64UrlDecode(parts[1]);
+      const payload = JSON.parse(payloadJson);
+      if (typeof payload !== "object" || payload === null) {
+        throw new Error("Invalid JWT payload: payload must be a JSON object");
+      }
+      return payload;
+    } catch (err) {
+      if (err instanceof Error && err.message.startsWith("Invalid JWT")) {
+        throw err;
+      }
+      throw new Error(
+        "Failed to decode or parse JWT payload: " + (err instanceof Error ? err.message : String(err))
+      );
+    }
+  }
+  /**
+   * Decodes a base64url-encoded string.
+   */
+  base64UrlDecode(input) {
+    input = input.replace(/-/g, "+").replace(/_/g, "/");
+    const pad = input.length % 4;
+    if (pad) {
+      if (pad === 1) {
+        throw new Error("Invalid base64url encoding: incorrect padding");
+      }
+      input += "=".repeat(4 - pad);
+    }
+    try {
+      return atob(input);
+    } catch (e) {
+      throw new Error(
+        "Invalid base64url encoding: " + (e instanceof Error ? e.message : String(e))
+      );
+    }
+  }
+  isTokenExpired(token) {
+    try {
+      const payload = this.parseJWT(token);
+      const now = Math.floor(Date.now() / 1e3);
+      return payload.exp < now;
+    } catch {
+      return true;
+    }
+  }
+  updateState(updates) {
+    this.currentState = { ...this.currentState, ...updates };
+    this.listeners.forEach((listener) => listener(this.currentState));
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  JWTAuthProvider
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts","../src/JWTAuthProvider.ts"],"sourcesContent":["/**\n * JWT authentication provider package for Boards.\n */\n\nexport { JWTAuthProvider } from './JWTAuthProvider';\nexport type { JWTConfig } from './types';\n\n// Re-export core types for convenience\nexport type {\n AuthState,\n User,\n AuthProviderConfig,\n AuthContextValue\n} from '@weirdfingers/boards';\n","/**\n * JWT authentication provider for self-issued tokens.\n */\n\nimport { BaseAuthProvider, AuthState, User } from \"@weirdfingers/boards\";\nimport type { JWTConfig, JWTPayload } from \"./types\";\n\nexport class JWTAuthProvider extends BaseAuthProvider {\n protected config: JWTConfig;\n private listeners: ((state: AuthState) => void)[] = [];\n private currentState: AuthState;\n\n constructor(config: JWTConfig) {\n super(config);\n this.config = {\n tokenStorageKey: \"boards_jwt_token\",\n userStorageKey: \"boards_user_info\",\n ...config,\n };\n\n this.currentState = {\n user: null,\n status: \"loading\",\n signIn: this.signIn.bind(this) as any,\n signOut: this.signOut.bind(this),\n getToken: this.getToken.bind(this),\n refreshToken: this.refreshToken.bind(this),\n };\n }\n\n async initialize(): Promise<void> {\n // Check for existing token\n const token = localStorage.getItem(this.config.tokenStorageKey!);\n if (token) {\n try {\n const user = await this.getUserFromToken(token);\n if (user && !this.isTokenExpired(token)) {\n this.updateState({ user, status: \"authenticated\" });\n return;\n }\n } catch (error) {\n console.warn(\"Failed to restore user session:\", error);\n }\n }\n\n this.updateState({ user: null, status: \"unauthenticated\" });\n }\n\n async getAuthState(): Promise<AuthState> {\n return this.currentState;\n }\n\n async signIn(\n options?: import(\"@weirdfingers/boards\").SignInOptions\n ): Promise<void> {\n const email = (options as any)?.email as string | undefined;\n const password = (options as any)?.password as string | undefined;\n this.updateState({ status: \"loading\" });\n\n try {\n const response = await fetch(`${this.config.apiUrl}/auth/login`, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...(this.config.tenantId && { \"X-Tenant\": this.config.tenantId }),\n },\n body: JSON.stringify({ email, password }),\n });\n\n if (!response.ok) {\n throw new Error(`Authentication failed: ${response.statusText}`);\n }\n\n const data = await response.json();\n const { token } = data;\n\n if (!token) {\n throw new Error(\"No token received from server\");\n }\n\n // Store token\n localStorage.setItem(this.config.tokenStorageKey!, token);\n\n // Get user info from token\n const user = await this.getUserFromToken(token);\n this.updateState({ user, status: \"authenticated\" });\n } catch (error) {\n this.updateState({ user: null, status: \"unauthenticated\" });\n throw error;\n }\n }\n\n async signOut(): Promise<void> {\n // Clear stored data\n localStorage.removeItem(this.config.tokenStorageKey!);\n localStorage.removeItem(this.config.userStorageKey!);\n\n this.updateState({ user: null, status: \"unauthenticated\" });\n }\n\n async getToken(): Promise<string | null> {\n const token = localStorage.getItem(this.config.tokenStorageKey!);\n if (!token || this.isTokenExpired(token)) {\n return null;\n }\n return token;\n }\n\n async refreshToken(): Promise<string | null> {\n // For JWT provider, there may be no refresh flow; return current token if valid\n return this.getToken();\n }\n\n async getUser(): Promise<User | null> {\n return this.currentState.user;\n }\n\n onAuthStateChange(callback: (state: AuthState) => void): () => void {\n this.listeners.push(callback);\n return () => {\n const index = this.listeners.indexOf(callback);\n if (index > -1) {\n this.listeners.splice(index, 1);\n }\n };\n }\n\n async destroy(): Promise<void> {\n this.listeners = [];\n }\n\n private async getUserFromToken(token: string): Promise<User | null> {\n try {\n const payload = this.parseJWT(token);\n\n return {\n id: payload.sub,\n email: payload.email ?? \"\",\n name: payload.name,\n avatar: payload.picture,\n metadata: { provider: \"jwt\", subject: payload.sub },\n credits: { balance: 0, reserved: 0 },\n };\n } catch (error) {\n console.error(\"Failed to parse user from token:\", error);\n return null;\n }\n }\n\n /**\n * Parse a JWT and return its payload, with robust error handling.\n */\n private parseJWT(token: string): JWTPayload {\n const parts = token.split(\".\");\n if (parts.length !== 3) {\n throw new Error(\n \"Invalid JWT format: token must have exactly 3 parts separated by dots\"\n );\n }\n\n try {\n const payloadJson = this.base64UrlDecode(parts[1]);\n const payload = JSON.parse(payloadJson);\n\n if (typeof payload !== \"object\" || payload === null) {\n throw new Error(\"Invalid JWT payload: payload must be a JSON object\");\n }\n\n return payload;\n } catch (err) {\n if (err instanceof Error && err.message.startsWith(\"Invalid JWT\")) {\n // Re-throw our own validation errors\n throw err;\n }\n throw new Error(\n \"Failed to decode or parse JWT payload: \" +\n (err instanceof Error ? err.message : String(err))\n );\n }\n }\n\n /**\n * Decodes a base64url-encoded string.\n */\n private base64UrlDecode(input: string): string {\n // Replace non-url compatible chars with base64 standard chars\n input = input.replace(/-/g, \"+\").replace(/_/g, \"/\");\n\n // Pad out with standard base64 required padding characters\n const pad = input.length % 4;\n if (pad) {\n if (pad === 1) {\n throw new Error(\"Invalid base64url encoding: incorrect padding\");\n }\n input += \"=\".repeat(4 - pad);\n }\n\n try {\n return atob(input);\n } catch (e) {\n throw new Error(\n \"Invalid base64url encoding: \" +\n (e instanceof Error ? e.message : String(e))\n );\n }\n }\n\n private isTokenExpired(token: string): boolean {\n try {\n const payload = this.parseJWT(token);\n const now = Math.floor(Date.now() / 1000);\n return payload.exp < now;\n } catch {\n return true;\n }\n }\n\n private updateState(updates: Partial<AuthState>): void {\n this.currentState = { ...this.currentState, ...updates };\n this.listeners.forEach((listener) => listener(this.currentState));\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACIA,oBAAkD;AAG3C,IAAM,kBAAN,cAA8B,+BAAiB;AAAA,EAKpD,YAAY,QAAmB;AAC7B,UAAM,MAAM;AAJd,SAAQ,YAA4C,CAAC;AAKnD,SAAK,SAAS;AAAA,MACZ,iBAAiB;AAAA,MACjB,gBAAgB;AAAA,MAChB,GAAG;AAAA,IACL;AAEA,SAAK,eAAe;AAAA,MAClB,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,QAAQ,KAAK,OAAO,KAAK,IAAI;AAAA,MAC7B,SAAS,KAAK,QAAQ,KAAK,IAAI;AAAA,MAC/B,UAAU,KAAK,SAAS,KAAK,IAAI;AAAA,MACjC,cAAc,KAAK,aAAa,KAAK,IAAI;AAAA,IAC3C;AAAA,EACF;AAAA,EAEA,MAAM,aAA4B;AAEhC,UAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAgB;AAC/D,QAAI,OAAO;AACT,UAAI;AACF,cAAM,OAAO,MAAM,KAAK,iBAAiB,KAAK;AAC9C,YAAI,QAAQ,CAAC,KAAK,eAAe,KAAK,GAAG;AACvC,eAAK,YAAY,EAAE,MAAM,QAAQ,gBAAgB,CAAC;AAClD;AAAA,QACF;AAAA,MACF,SAAS,OAAO;AACd,gBAAQ,KAAK,mCAAmC,KAAK;AAAA,MACvD;AAAA,IACF;AAEA,SAAK,YAAY,EAAE,MAAM,MAAM,QAAQ,kBAAkB,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,eAAmC;AACvC,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,OACJ,SACe;AACf,UAAM,QAAS,SAAiB;AAChC,UAAM,WAAY,SAAiB;AACnC,SAAK,YAAY,EAAE,QAAQ,UAAU,CAAC;AAEtC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,MAAM,eAAe;AAAA,QAC/D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAI,KAAK,OAAO,YAAY,EAAE,YAAY,KAAK,OAAO,SAAS;AAAA,QACjE;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,OAAO,SAAS,CAAC;AAAA,MAC1C,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,IAAI,MAAM,0BAA0B,SAAS,UAAU,EAAE;AAAA,MACjE;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,EAAE,MAAM,IAAI;AAElB,UAAI,CAAC,OAAO;AACV,cAAM,IAAI,MAAM,+BAA+B;AAAA,MACjD;AAGA,mBAAa,QAAQ,KAAK,OAAO,iBAAkB,KAAK;AAGxD,YAAM,OAAO,MAAM,KAAK,iBAAiB,KAAK;AAC9C,WAAK,YAAY,EAAE,MAAM,QAAQ,gBAAgB,CAAC;AAAA,IACpD,SAAS,OAAO;AACd,WAAK,YAAY,EAAE,MAAM,MAAM,QAAQ,kBAAkB,CAAC;AAC1D,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAM,UAAyB;AAE7B,iBAAa,WAAW,KAAK,OAAO,eAAgB;AACpD,iBAAa,WAAW,KAAK,OAAO,cAAe;AAEnD,SAAK,YAAY,EAAE,MAAM,MAAM,QAAQ,kBAAkB,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,WAAmC;AACvC,UAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAgB;AAC/D,QAAI,CAAC,SAAS,KAAK,eAAe,KAAK,GAAG;AACxC,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eAAuC;AAE3C,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,MAAM,UAAgC;AACpC,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,kBAAkB,UAAkD;AAClE,SAAK,UAAU,KAAK,QAAQ;AAC5B,WAAO,MAAM;AACX,YAAM,QAAQ,KAAK,UAAU,QAAQ,QAAQ;AAC7C,UAAI,QAAQ,IAAI;AACd,aAAK,UAAU,OAAO,OAAO,CAAC;AAAA,MAChC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,UAAyB;AAC7B,SAAK,YAAY,CAAC;AAAA,EACpB;AAAA,EAEA,MAAc,iBAAiB,OAAqC;AAClE,QAAI;AACF,YAAM,UAAU,KAAK,SAAS,KAAK;AAEnC,aAAO;AAAA,QACL,IAAI,QAAQ;AAAA,QACZ,OAAO,QAAQ,SAAS;AAAA,QACxB,MAAM,QAAQ;AAAA,QACd,QAAQ,QAAQ;AAAA,QAChB,UAAU,EAAE,UAAU,OAAO,SAAS,QAAQ,IAAI;AAAA,QAClD,SAAS,EAAE,SAAS,GAAG,UAAU,EAAE;AAAA,MACrC;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,SAAS,OAA2B;AAC1C,UAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,QAAI,MAAM,WAAW,GAAG;AACtB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI;AACF,YAAM,cAAc,KAAK,gBAAgB,MAAM,CAAC,CAAC;AACjD,YAAM,UAAU,KAAK,MAAM,WAAW;AAEtC,UAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,cAAM,IAAI,MAAM,oDAAoD;AAAA,MACtE;AAEA,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,UAAI,eAAe,SAAS,IAAI,QAAQ,WAAW,aAAa,GAAG;AAEjE,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,6CACG,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACpD;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,gBAAgB,OAAuB;AAE7C,YAAQ,MAAM,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AAGlD,UAAM,MAAM,MAAM,SAAS;AAC3B,QAAI,KAAK;AACP,UAAI,QAAQ,GAAG;AACb,cAAM,IAAI,MAAM,+CAA+C;AAAA,MACjE;AACA,eAAS,IAAI,OAAO,IAAI,GAAG;AAAA,IAC7B;AAEA,QAAI;AACF,aAAO,KAAK,KAAK;AAAA,IACnB,SAAS,GAAG;AACV,YAAM,IAAI;AAAA,QACR,kCACG,aAAa,QAAQ,EAAE,UAAU,OAAO,CAAC;AAAA,MAC9C;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,eAAe,OAAwB;AAC7C,QAAI;AACF,YAAM,UAAU,KAAK,SAAS,KAAK;AACnC,YAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,aAAO,QAAQ,MAAM;AAAA,IACvB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEQ,YAAY,SAAmC;AACrD,SAAK,eAAe,EAAE,GAAG,KAAK,cAAc,GAAG,QAAQ;AACvD,SAAK,UAAU,QAAQ,CAAC,aAAa,SAAS,KAAK,YAAY,CAAC;AAAA,EAClE;AACF;","names":[]}

package/dist/index.mjs ADDED Viewed

@@ -0,0 +1,177 @@
+// src/JWTAuthProvider.ts
+import { BaseAuthProvider } from "@weirdfingers/boards";
+var JWTAuthProvider = class extends BaseAuthProvider {
+  constructor(config) {
+    super(config);
+    this.listeners = [];
+    this.config = {
+      tokenStorageKey: "boards_jwt_token",
+      userStorageKey: "boards_user_info",
+      ...config
+    };
+    this.currentState = {
+      user: null,
+      status: "loading",
+      signIn: this.signIn.bind(this),
+      signOut: this.signOut.bind(this),
+      getToken: this.getToken.bind(this),
+      refreshToken: this.refreshToken.bind(this)
+    };
+  }
+  async initialize() {
+    const token = localStorage.getItem(this.config.tokenStorageKey);
+    if (token) {
+      try {
+        const user = await this.getUserFromToken(token);
+        if (user && !this.isTokenExpired(token)) {
+          this.updateState({ user, status: "authenticated" });
+          return;
+        }
+      } catch (error) {
+        console.warn("Failed to restore user session:", error);
+      }
+    }
+    this.updateState({ user: null, status: "unauthenticated" });
+  }
+  async getAuthState() {
+    return this.currentState;
+  }
+  async signIn(options) {
+    const email = options?.email;
+    const password = options?.password;
+    this.updateState({ status: "loading" });
+    try {
+      const response = await fetch(`${this.config.apiUrl}/auth/login`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          ...this.config.tenantId && { "X-Tenant": this.config.tenantId }
+        },
+        body: JSON.stringify({ email, password })
+      });
+      if (!response.ok) {
+        throw new Error(`Authentication failed: ${response.statusText}`);
+      }
+      const data = await response.json();
+      const { token } = data;
+      if (!token) {
+        throw new Error("No token received from server");
+      }
+      localStorage.setItem(this.config.tokenStorageKey, token);
+      const user = await this.getUserFromToken(token);
+      this.updateState({ user, status: "authenticated" });
+    } catch (error) {
+      this.updateState({ user: null, status: "unauthenticated" });
+      throw error;
+    }
+  }
+  async signOut() {
+    localStorage.removeItem(this.config.tokenStorageKey);
+    localStorage.removeItem(this.config.userStorageKey);
+    this.updateState({ user: null, status: "unauthenticated" });
+  }
+  async getToken() {
+    const token = localStorage.getItem(this.config.tokenStorageKey);
+    if (!token || this.isTokenExpired(token)) {
+      return null;
+    }
+    return token;
+  }
+  async refreshToken() {
+    return this.getToken();
+  }
+  async getUser() {
+    return this.currentState.user;
+  }
+  onAuthStateChange(callback) {
+    this.listeners.push(callback);
+    return () => {
+      const index = this.listeners.indexOf(callback);
+      if (index > -1) {
+        this.listeners.splice(index, 1);
+      }
+    };
+  }
+  async destroy() {
+    this.listeners = [];
+  }
+  async getUserFromToken(token) {
+    try {
+      const payload = this.parseJWT(token);
+      return {
+        id: payload.sub,
+        email: payload.email ?? "",
+        name: payload.name,
+        avatar: payload.picture,
+        metadata: { provider: "jwt", subject: payload.sub },
+        credits: { balance: 0, reserved: 0 }
+      };
+    } catch (error) {
+      console.error("Failed to parse user from token:", error);
+      return null;
+    }
+  }
+  /**
+   * Parse a JWT and return its payload, with robust error handling.
+   */
+  parseJWT(token) {
+    const parts = token.split(".");
+    if (parts.length !== 3) {
+      throw new Error(
+        "Invalid JWT format: token must have exactly 3 parts separated by dots"
+      );
+    }
+    try {
+      const payloadJson = this.base64UrlDecode(parts[1]);
+      const payload = JSON.parse(payloadJson);
+      if (typeof payload !== "object" || payload === null) {
+        throw new Error("Invalid JWT payload: payload must be a JSON object");
+      }
+      return payload;
+    } catch (err) {
+      if (err instanceof Error && err.message.startsWith("Invalid JWT")) {
+        throw err;
+      }
+      throw new Error(
+        "Failed to decode or parse JWT payload: " + (err instanceof Error ? err.message : String(err))
+      );
+    }
+  }
+  /**
+   * Decodes a base64url-encoded string.
+   */
+  base64UrlDecode(input) {
+    input = input.replace(/-/g, "+").replace(/_/g, "/");
+    const pad = input.length % 4;
+    if (pad) {
+      if (pad === 1) {
+        throw new Error("Invalid base64url encoding: incorrect padding");
+      }
+      input += "=".repeat(4 - pad);
+    }
+    try {
+      return atob(input);
+    } catch (e) {
+      throw new Error(
+        "Invalid base64url encoding: " + (e instanceof Error ? e.message : String(e))
+      );
+    }
+  }
+  isTokenExpired(token) {
+    try {
+      const payload = this.parseJWT(token);
+      const now = Math.floor(Date.now() / 1e3);
+      return payload.exp < now;
+    } catch {
+      return true;
+    }
+  }
+  updateState(updates) {
+    this.currentState = { ...this.currentState, ...updates };
+    this.listeners.forEach((listener) => listener(this.currentState));
+  }
+};
+export {
+  JWTAuthProvider
+};
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/JWTAuthProvider.ts"],"sourcesContent":["/**\n * JWT authentication provider for self-issued tokens.\n */\n\nimport { BaseAuthProvider, AuthState, User } from \"@weirdfingers/boards\";\nimport type { JWTConfig, JWTPayload } from \"./types\";\n\nexport class JWTAuthProvider extends BaseAuthProvider {\n protected config: JWTConfig;\n private listeners: ((state: AuthState) => void)[] = [];\n private currentState: AuthState;\n\n constructor(config: JWTConfig) {\n super(config);\n this.config = {\n tokenStorageKey: \"boards_jwt_token\",\n userStorageKey: \"boards_user_info\",\n ...config,\n };\n\n this.currentState = {\n user: null,\n status: \"loading\",\n signIn: this.signIn.bind(this) as any,\n signOut: this.signOut.bind(this),\n getToken: this.getToken.bind(this),\n refreshToken: this.refreshToken.bind(this),\n };\n }\n\n async initialize(): Promise<void> {\n // Check for existing token\n const token = localStorage.getItem(this.config.tokenStorageKey!);\n if (token) {\n try {\n const user = await this.getUserFromToken(token);\n if (user && !this.isTokenExpired(token)) {\n this.updateState({ user, status: \"authenticated\" });\n return;\n }\n } catch (error) {\n console.warn(\"Failed to restore user session:\", error);\n }\n }\n\n this.updateState({ user: null, status: \"unauthenticated\" });\n }\n\n async getAuthState(): Promise<AuthState> {\n return this.currentState;\n }\n\n async signIn(\n options?: import(\"@weirdfingers/boards\").SignInOptions\n ): Promise<void> {\n const email = (options as any)?.email as string | undefined;\n const password = (options as any)?.password as string | undefined;\n this.updateState({ status: \"loading\" });\n\n try {\n const response = await fetch(`${this.config.apiUrl}/auth/login`, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...(this.config.tenantId && { \"X-Tenant\": this.config.tenantId }),\n },\n body: JSON.stringify({ email, password }),\n });\n\n if (!response.ok) {\n throw new Error(`Authentication failed: ${response.statusText}`);\n }\n\n const data = await response.json();\n const { token } = data;\n\n if (!token) {\n throw new Error(\"No token received from server\");\n }\n\n // Store token\n localStorage.setItem(this.config.tokenStorageKey!, token);\n\n // Get user info from token\n const user = await this.getUserFromToken(token);\n this.updateState({ user, status: \"authenticated\" });\n } catch (error) {\n this.updateState({ user: null, status: \"unauthenticated\" });\n throw error;\n }\n }\n\n async signOut(): Promise<void> {\n // Clear stored data\n localStorage.removeItem(this.config.tokenStorageKey!);\n localStorage.removeItem(this.config.userStorageKey!);\n\n this.updateState({ user: null, status: \"unauthenticated\" });\n }\n\n async getToken(): Promise<string | null> {\n const token = localStorage.getItem(this.config.tokenStorageKey!);\n if (!token || this.isTokenExpired(token)) {\n return null;\n }\n return token;\n }\n\n async refreshToken(): Promise<string | null> {\n // For JWT provider, there may be no refresh flow; return current token if valid\n return this.getToken();\n }\n\n async getUser(): Promise<User | null> {\n return this.currentState.user;\n }\n\n onAuthStateChange(callback: (state: AuthState) => void): () => void {\n this.listeners.push(callback);\n return () => {\n const index = this.listeners.indexOf(callback);\n if (index > -1) {\n this.listeners.splice(index, 1);\n }\n };\n }\n\n async destroy(): Promise<void> {\n this.listeners = [];\n }\n\n private async getUserFromToken(token: string): Promise<User | null> {\n try {\n const payload = this.parseJWT(token);\n\n return {\n id: payload.sub,\n email: payload.email ?? \"\",\n name: payload.name,\n avatar: payload.picture,\n metadata: { provider: \"jwt\", subject: payload.sub },\n credits: { balance: 0, reserved: 0 },\n };\n } catch (error) {\n console.error(\"Failed to parse user from token:\", error);\n return null;\n }\n }\n\n /**\n * Parse a JWT and return its payload, with robust error handling.\n */\n private parseJWT(token: string): JWTPayload {\n const parts = token.split(\".\");\n if (parts.length !== 3) {\n throw new Error(\n \"Invalid JWT format: token must have exactly 3 parts separated by dots\"\n );\n }\n\n try {\n const payloadJson = this.base64UrlDecode(parts[1]);\n const payload = JSON.parse(payloadJson);\n\n if (typeof payload !== \"object\" || payload === null) {\n throw new Error(\"Invalid JWT payload: payload must be a JSON object\");\n }\n\n return payload;\n } catch (err) {\n if (err instanceof Error && err.message.startsWith(\"Invalid JWT\")) {\n // Re-throw our own validation errors\n throw err;\n }\n throw new Error(\n \"Failed to decode or parse JWT payload: \" +\n (err instanceof Error ? err.message : String(err))\n );\n }\n }\n\n /**\n * Decodes a base64url-encoded string.\n */\n private base64UrlDecode(input: string): string {\n // Replace non-url compatible chars with base64 standard chars\n input = input.replace(/-/g, \"+\").replace(/_/g, \"/\");\n\n // Pad out with standard base64 required padding characters\n const pad = input.length % 4;\n if (pad) {\n if (pad === 1) {\n throw new Error(\"Invalid base64url encoding: incorrect padding\");\n }\n input += \"=\".repeat(4 - pad);\n }\n\n try {\n return atob(input);\n } catch (e) {\n throw new Error(\n \"Invalid base64url encoding: \" +\n (e instanceof Error ? e.message : String(e))\n );\n }\n }\n\n private isTokenExpired(token: string): boolean {\n try {\n const payload = this.parseJWT(token);\n const now = Math.floor(Date.now() / 1000);\n return payload.exp < now;\n } catch {\n return true;\n }\n }\n\n private updateState(updates: Partial<AuthState>): void {\n this.currentState = { ...this.currentState, ...updates };\n this.listeners.forEach((listener) => listener(this.currentState));\n }\n}\n"],"mappings":";AAIA,SAAS,wBAAyC;AAG3C,IAAM,kBAAN,cAA8B,iBAAiB;AAAA,EAKpD,YAAY,QAAmB;AAC7B,UAAM,MAAM;AAJd,SAAQ,YAA4C,CAAC;AAKnD,SAAK,SAAS;AAAA,MACZ,iBAAiB;AAAA,MACjB,gBAAgB;AAAA,MAChB,GAAG;AAAA,IACL;AAEA,SAAK,eAAe;AAAA,MAClB,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,QAAQ,KAAK,OAAO,KAAK,IAAI;AAAA,MAC7B,SAAS,KAAK,QAAQ,KAAK,IAAI;AAAA,MAC/B,UAAU,KAAK,SAAS,KAAK,IAAI;AAAA,MACjC,cAAc,KAAK,aAAa,KAAK,IAAI;AAAA,IAC3C;AAAA,EACF;AAAA,EAEA,MAAM,aAA4B;AAEhC,UAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAgB;AAC/D,QAAI,OAAO;AACT,UAAI;AACF,cAAM,OAAO,MAAM,KAAK,iBAAiB,KAAK;AAC9C,YAAI,QAAQ,CAAC,KAAK,eAAe,KAAK,GAAG;AACvC,eAAK,YAAY,EAAE,MAAM,QAAQ,gBAAgB,CAAC;AAClD;AAAA,QACF;AAAA,MACF,SAAS,OAAO;AACd,gBAAQ,KAAK,mCAAmC,KAAK;AAAA,MACvD;AAAA,IACF;AAEA,SAAK,YAAY,EAAE,MAAM,MAAM,QAAQ,kBAAkB,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,eAAmC;AACvC,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,OACJ,SACe;AACf,UAAM,QAAS,SAAiB;AAChC,UAAM,WAAY,SAAiB;AACnC,SAAK,YAAY,EAAE,QAAQ,UAAU,CAAC;AAEtC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,MAAM,eAAe;AAAA,QAC/D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAI,KAAK,OAAO,YAAY,EAAE,YAAY,KAAK,OAAO,SAAS;AAAA,QACjE;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,OAAO,SAAS,CAAC;AAAA,MAC1C,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,IAAI,MAAM,0BAA0B,SAAS,UAAU,EAAE;AAAA,MACjE;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,EAAE,MAAM,IAAI;AAElB,UAAI,CAAC,OAAO;AACV,cAAM,IAAI,MAAM,+BAA+B;AAAA,MACjD;AAGA,mBAAa,QAAQ,KAAK,OAAO,iBAAkB,KAAK;AAGxD,YAAM,OAAO,MAAM,KAAK,iBAAiB,KAAK;AAC9C,WAAK,YAAY,EAAE,MAAM,QAAQ,gBAAgB,CAAC;AAAA,IACpD,SAAS,OAAO;AACd,WAAK,YAAY,EAAE,MAAM,MAAM,QAAQ,kBAAkB,CAAC;AAC1D,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAM,UAAyB;AAE7B,iBAAa,WAAW,KAAK,OAAO,eAAgB;AACpD,iBAAa,WAAW,KAAK,OAAO,cAAe;AAEnD,SAAK,YAAY,EAAE,MAAM,MAAM,QAAQ,kBAAkB,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,WAAmC;AACvC,UAAM,QAAQ,aAAa,QAAQ,KAAK,OAAO,eAAgB;AAC/D,QAAI,CAAC,SAAS,KAAK,eAAe,KAAK,GAAG;AACxC,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eAAuC;AAE3C,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,MAAM,UAAgC;AACpC,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,kBAAkB,UAAkD;AAClE,SAAK,UAAU,KAAK,QAAQ;AAC5B,WAAO,MAAM;AACX,YAAM,QAAQ,KAAK,UAAU,QAAQ,QAAQ;AAC7C,UAAI,QAAQ,IAAI;AACd,aAAK,UAAU,OAAO,OAAO,CAAC;AAAA,MAChC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,UAAyB;AAC7B,SAAK,YAAY,CAAC;AAAA,EACpB;AAAA,EAEA,MAAc,iBAAiB,OAAqC;AAClE,QAAI;AACF,YAAM,UAAU,KAAK,SAAS,KAAK;AAEnC,aAAO;AAAA,QACL,IAAI,QAAQ;AAAA,QACZ,OAAO,QAAQ,SAAS;AAAA,QACxB,MAAM,QAAQ;AAAA,QACd,QAAQ,QAAQ;AAAA,QAChB,UAAU,EAAE,UAAU,OAAO,SAAS,QAAQ,IAAI;AAAA,QAClD,SAAS,EAAE,SAAS,GAAG,UAAU,EAAE;AAAA,MACrC;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,oCAAoC,KAAK;AACvD,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,SAAS,OAA2B;AAC1C,UAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,QAAI,MAAM,WAAW,GAAG;AACtB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI;AACF,YAAM,cAAc,KAAK,gBAAgB,MAAM,CAAC,CAAC;AACjD,YAAM,UAAU,KAAK,MAAM,WAAW;AAEtC,UAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,cAAM,IAAI,MAAM,oDAAoD;AAAA,MACtE;AAEA,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,UAAI,eAAe,SAAS,IAAI,QAAQ,WAAW,aAAa,GAAG;AAEjE,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,6CACG,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACpD;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,gBAAgB,OAAuB;AAE7C,YAAQ,MAAM,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AAGlD,UAAM,MAAM,MAAM,SAAS;AAC3B,QAAI,KAAK;AACP,UAAI,QAAQ,GAAG;AACb,cAAM,IAAI,MAAM,+CAA+C;AAAA,MACjE;AACA,eAAS,IAAI,OAAO,IAAI,GAAG;AAAA,IAC7B;AAEA,QAAI;AACF,aAAO,KAAK,KAAK;AAAA,IACnB,SAAS,GAAG;AACV,YAAM,IAAI;AAAA,QACR,kCACG,aAAa,QAAQ,EAAE,UAAU,OAAO,CAAC;AAAA,MAC9C;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,eAAe,OAAwB;AAC7C,QAAI;AACF,YAAM,UAAU,KAAK,SAAS,KAAK;AACnC,YAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,aAAO,QAAQ,MAAM;AAAA,IACvB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEQ,YAAY,SAAmC;AACrD,SAAK,eAAe,EAAE,GAAG,KAAK,cAAc,GAAG,QAAQ;AACvD,SAAK,UAAU,QAAQ,CAAC,aAAa,SAAS,KAAK,YAAY,CAAC;AAAA,EAClE;AACF;","names":[]}

package/package.json ADDED Viewed

@@ -0,0 +1,49 @@
+{
+  "name": "@weirdfingers/boards-auth-jwt",
+  "version": "0.9.13",
+  "description": "JWT authentication provider for Boards",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit -p tsconfig.typecheck.json",
+    "lint": "eslint src --ext .ts,.tsx",
+    "test": "vitest --run"
+  },
+  "keywords": [
+    "boards",
+    "authentication",
+    "jwt",
+    "auth",
+    "react"
+  ],
+  "author": "WeirdFingers",
+  "license": "MIT",
+  "peerDependencies": {
+    "@weirdfingers/boards": "workspace:*",
+    "react": "^18.0.0"
+  },
+  "devDependencies": {
+    "@types/react": "^18.0.0",
+    "@typescript-eslint/eslint-plugin": "^8.42.0",
+    "@typescript-eslint/parser": "^8.42.0",
+    "@vitest/ui": "^3.2.4",
+    "@weirdfingers/boards": "workspace:*",
+    "eslint": "^8.0.0",
+    "jsdom": "^26.1.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.0.0",
+    "vitest": "^1.0.0"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/weirdfingers/boards.git",
+    "directory": "packages/auth-jwt"
+  }
+}