@zoneout/sdk 0.1.0

package/dist/cjs/react/use-zoneout.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"use-zoneout.d.ts","sourceRoot":"","sources":["../../../src/react/use-zoneout.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAGjD,UAAU,gBAAgB;IACxB,qDAAqD;IACrD,aAAa,EAAE,MAAM,OAAO,CAAC;QAC3B,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;QAClB,eAAe,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QACrC,KAAK,EAAE,eAAe,CAAC;KACxB,CAAC,CAAC;IACH,wCAAwC;IACxC,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,oBAAoB;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,uDAAuD;IACvD,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,8BAA8B;IAC9B,KAAK,EAAE;QAAE,IAAI,EAAE,gBAAgB,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;CAC3D;AAED,wBAAgB,UAAU,IAAI,gBAAgB,CAsD7C"}

package/dist/cjs/react/use-zoneout.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.useZoneOut = useZoneOut;
+const react_1 = require("react");
+const provider_1 = require("./provider");
+function useZoneOut() {
+    const client = (0, provider_1.useZoneOutClient)();
+    const [isLoading, setIsLoading] = (0, react_1.useState)(false);
+    const [qrCodeUrl, setQrCodeUrl] = (0, react_1.useState)(null);
+    const [error, setError] = (0, react_1.useState)(null);
+    const initiateLogin = (0, react_1.useCallback)(async () => {
+        setIsLoading(true);
+        setError(null);
+        setQrCodeUrl(null);
+        try {
+            const result = await client.initiateLogin();
+            setQrCodeUrl(result.qrCodeUrl);
+            return {
+                ...result,
+                waitForApproval: async () => {
+                    try {
+                        const status = await result.waitForApproval();
+                        if (status.authorization_code) {
+                            window.location.href = client.buildCallbackUrl(status.authorization_code);
+                        }
+                    }
+                    catch (err) {
+                        const e = err;
+                        setError({ code: e.code ?? 'UNKNOWN_ERROR', message: e.message });
+                        throw err;
+                    }
+                    finally {
+                        setIsLoading(false);
+                    }
+                },
+            };
+        }
+        catch (err) {
+            const e = err;
+            setError({ code: e.code ?? 'UNKNOWN_ERROR', message: e.message });
+            setIsLoading(false);
+            throw err;
+        }
+    }, [client]);
+    const login = (0, react_1.useCallback)(async () => {
+        setIsLoading(true);
+        setError(null);
+        try {
+            await client.login();
+        }
+        catch (err) {
+            const e = err;
+            setError({ code: e.code ?? 'UNKNOWN_ERROR', message: e.message });
+            setIsLoading(false);
+            throw err;
+        }
+    }, [client]);
+    return { initiateLogin, login, isLoading, qrCodeUrl, error };
+}
+//# sourceMappingURL=use-zoneout.js.map

package/dist/cjs/react/use-zoneout.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"use-zoneout.js","sourceRoot":"","sources":["../../../src/react/use-zoneout.ts"],"names":[],"mappings":";;AAwBA,gCAsDC;AA9ED,iCAA8C;AAC9C,yCAA8C;AAuB9C,SAAgB,UAAU;IACxB,MAAM,MAAM,GAAG,IAAA,2BAAgB,GAAE,CAAC;IAClC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IAClD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAAgB,IAAI,CAAC,CAAC;IAChE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,IAAA,gBAAQ,EAAqD,IAAI,CAAC,CAAC;IAE7F,MAAM,aAAa,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QAC3C,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,YAAY,CAAC,IAAI,CAAC,CAAC;QAEnB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,aAAa,EAAE,CAAC;YAC5C,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAE/B,OAAO;gBACL,GAAG,MAAM;gBACT,eAAe,EAAE,KAAK,IAAI,EAAE;oBAC1B,IAAI,CAAC;wBACH,MAAM,MAAM,GAAkB,MAAM,MAAM,CAAC,eAAe,EAAE,CAAC;wBAC7D,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;4BAC9B,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;wBAC5E,CAAC;oBACH,CAAC;oBAAC,OAAO,GAAY,EAAE,CAAC;wBACtB,MAAM,CAAC,GAAG,GAAmD,CAAC;wBAC9D,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,eAAe,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;wBAClE,MAAM,GAAG,CAAC;oBACZ,CAAC;4BAAS,CAAC;wBACT,YAAY,CAAC,KAAK,CAAC,CAAC;oBACtB,CAAC;gBACH,CAAC;aACF,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAmD,CAAC;YAC9D,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,eAAe,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAClE,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,MAAM,KAAK,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACnC,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;QACvB,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAmD,CAAC;YAC9D,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,eAAe,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAClE,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AAC/D,CAAC"}

package/dist/cjs/server.d.ts

@@ -0,0 +1,12 @@
+import type { TokenExchangeParams, TokenRefreshParams, TokenResponse } from './types';
+/**
+ * Scambia l'authorization_code per access_token + refresh_token + user data.
+ * Da chiamare SOLO server-side (usa client_secret).
+ */
+export declare function exchangeCodeForTokens(params: TokenExchangeParams): Promise<TokenResponse>;
+/**
+ * Refresh dell'access_token usando il refresh_token.
+ * Da chiamare SOLO server-side (usa client_secret).
+ */
+export declare function refreshAccessToken(params: TokenRefreshParams): Promise<TokenResponse>;
+//# sourceMappingURL=server.d.ts.map

package/dist/cjs/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAGtF;;;GAGG;AACH,wBAAsB,qBAAqB,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,aAAa,CAAC,CA6B/F;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC,CA2B3F"}

package/dist/cjs/server.js

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.exchangeCodeForTokens = exchangeCodeForTokens;
+exports.refreshAccessToken = refreshAccessToken;
+const errors_1 = require("./errors");
+/**
+ * Scambia l'authorization_code per access_token + refresh_token + user data.
+ * Da chiamare SOLO server-side (usa client_secret).
+ */
+async function exchangeCodeForTokens(params) {
+    const { code, clientId, clientSecret, codeVerifier, redirectUri, authServerUrl, apiKey } = params;
+    const res = await fetch(`${authServerUrl}/auth-token`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            ...(apiKey ? { apikey: apiKey, Authorization: `Bearer ${apiKey}` } : {}),
+        },
+        body: JSON.stringify({
+            grant_type: 'authorization_code',
+            code,
+            client_id: clientId,
+            client_secret: clientSecret,
+            code_verifier: codeVerifier,
+            redirect_uri: redirectUri,
+        }),
+    });
+    if (!res.ok) {
+        const body = await res.json().catch(() => ({}));
+        throw new errors_1.ZoneOutError('TOKEN_EXCHANGE_FAILED', body.error || `Token exchange failed: HTTP ${res.status}`, body);
+    }
+    return res.json();
+}
+/**
+ * Refresh dell'access_token usando il refresh_token.
+ * Da chiamare SOLO server-side (usa client_secret).
+ */
+async function refreshAccessToken(params) {
+    const { refreshToken, clientId, clientSecret, authServerUrl, apiKey } = params;
+    const res = await fetch(`${authServerUrl}/auth-token`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            ...(apiKey ? { apikey: apiKey, Authorization: `Bearer ${apiKey}` } : {}),
+        },
+        body: JSON.stringify({
+            grant_type: 'refresh_token',
+            refresh_token: refreshToken,
+            client_id: clientId,
+            client_secret: clientSecret,
+        }),
+    });
+    if (!res.ok) {
+        const body = await res.json().catch(() => ({}));
+        throw new errors_1.ZoneOutError('TOKEN_EXCHANGE_FAILED', body.error || `Token refresh failed: HTTP ${res.status}`, body);
+    }
+    return res.json();
+}
+//# sourceMappingURL=server.js.map

package/dist/cjs/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/server.ts"],"names":[],"mappings":";;AAOA,sDA6BC;AAMD,gDA2BC;AApED,qCAAwC;AAExC;;;GAGG;AACI,KAAK,UAAU,qBAAqB,CAAC,MAA2B;IACrE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;IAElG,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,aAAa,EAAE;QACrD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,UAAU,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzE;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,UAAU,EAAE,oBAAoB;YAChC,IAAI;YACJ,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,YAAY;YAC3B,aAAa,EAAE,YAAY;YAC3B,YAAY,EAAE,WAAW;SAC1B,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,IAAI,qBAAY,CACpB,uBAAuB,EACvB,IAAI,CAAC,KAAK,IAAI,+BAA+B,GAAG,CAAC,MAAM,EAAE,EACzD,IAAI,CACL,CAAC;IACJ,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACpB,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,kBAAkB,CAAC,MAA0B;IACjE,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;IAE/E,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,aAAa,EAAE;QACrD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,UAAU,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzE;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,YAAY;YAC3B,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,YAAY;SAC5B,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,IAAI,qBAAY,CACpB,uBAAuB,EACvB,IAAI,CAAC,KAAK,IAAI,8BAA8B,GAAG,CAAC,MAAM,EAAE,EACxD,IAAI,CACL,CAAC;IACJ,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACpB,CAAC"}

package/dist/cjs/types.d.ts

@@ -0,0 +1,85 @@
+export interface ZoneOutConfig {
+    /** client_id ottenuto dalla registrazione su dashboard.zoneout.io */
+    clientId: string;
+    /** URL base delle Edge Functions Supabase (es: https://xxx.supabase.co/functions/v1) */
+    authServerUrl: string;
+    /** URI di redirect autorizzato per questo client */
+    redirectUri: string;
+    /** Supabase anon key — required for Supabase Edge Functions gateway */
+    apiKey?: string;
+    /** Scope richiesti (default: ["identity"]) */
+    scope?: string[];
+    /** Timeout polling in ms (default: 300000 = 5 min) */
+    pollingTimeout?: number;
+    /** Intervallo polling in ms (default: 2000) */
+    pollingInterval?: number;
+}
+export interface ZoneOutUser {
+    zo_sub: string;
+    username: string;
+    wallet_address: string | null;
+    providers: Record<string, {
+        username: string;
+        user_id: string;
+    }>;
+    trust: Record<string, 'unrated' | 'red' | 'yellow' | 'green' | 'blue'>;
+}
+export interface ZoneOutTokens {
+    access_token: string;
+    refresh_token: string;
+    expires_at: number;
+}
+export interface ZoneOutLoginResult {
+    user: ZoneOutUser;
+    tokens: ZoneOutTokens;
+}
+export type LoginSessionStatus = 'pending_approval' | 'approved' | 'rejected' | 'expired';
+export interface LoginSession {
+    login_session_id: string;
+    expires_at: string;
+    status: LoginSessionStatus;
+}
+export interface LoginSessionDetail {
+    id: string;
+    client_app_name: string;
+    client_app_icon_url: string | null;
+    required_providers: string[];
+    requested_trust_categories: string[];
+    scope: string[];
+    status: LoginSessionStatus;
+    created_at: string;
+    expires_at: string;
+}
+export interface LoginSessionResponse {
+    session: LoginSessionDetail;
+    authorization_code?: string;
+}
+export interface TokenExchangeParams {
+    code: string;
+    clientId: string;
+    clientSecret: string;
+    codeVerifier: string;
+    redirectUri: string;
+    authServerUrl: string;
+    apiKey?: string;
+}
+export interface TokenRefreshParams {
+    refreshToken: string;
+    clientId: string;
+    clientSecret: string;
+    authServerUrl: string;
+    apiKey?: string;
+}
+export interface TokenResponse {
+    access_token: string;
+    token_type: string;
+    expires_in: number;
+    refresh_token: string;
+    user?: ZoneOutUser;
+}
+export type ZoneOutEvent = 'login_start' | 'login_approved' | 'login_rejected' | 'login_expired' | 'login_error' | 'logout';
+export interface ZoneOutEventCallback {
+    (event: ZoneOutEvent, data?: unknown): void;
+}
+export type ZoneOutErrorCode = 'USER_REJECTED' | 'SESSION_EXPIRED' | 'PROVIDER_MISSING' | 'PROVIDER_LOCKED' | 'DEVICE_NOT_BOUND' | 'INVALID_CLIENT' | 'INVALID_REDIRECT' | 'RATE_LIMITED' | 'NETWORK_ERROR' | 'POLLING_TIMEOUT' | 'TOKEN_EXCHANGE_FAILED' | 'UNKNOWN_ERROR';
+//# sourceMappingURL=types.d.ts.map

package/dist/cjs/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,aAAa;IAC5B,qEAAqE;IACrE,QAAQ,EAAE,MAAM,CAAC;IACjB,wFAAwF;IACxF,aAAa,EAAE,MAAM,CAAC;IACtB,oDAAoD;IACpD,WAAW,EAAE,MAAM,CAAC;IACpB,uEAAuE;IACvE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,8CAA8C;IAC9C,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,sDAAsD;IACtD,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+CAA+C;IAC/C,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAID,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACjE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,CAAC,CAAC;CACxE;AAED,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,WAAW,CAAC;IAClB,MAAM,EAAE,aAAa,CAAC;CACvB;AAID,MAAM,MAAM,kBAAkB,GAAG,kBAAkB,GAAG,UAAU,GAAG,UAAU,GAAG,SAAS,CAAC;AAE1F,MAAM,WAAW,YAAY;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,kBAAkB,CAAC;CAC5B;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,eAAe,EAAE,MAAM,CAAC;IACxB,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,0BAA0B,EAAE,MAAM,EAAE,CAAC;IACrC,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,MAAM,EAAE,kBAAkB,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,kBAAkB,CAAC;IAC5B,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAID,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,kBAAkB;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,WAAW,CAAC;CACpB;AAID,MAAM,MAAM,YAAY,GAAG,aAAa,GAAG,gBAAgB,GAAG,gBAAgB,GAAG,eAAe,GAAG,aAAa,GAAG,QAAQ,CAAC;AAE5H,MAAM,WAAW,oBAAoB;IACnC,CAAC,KAAK,EAAE,YAAY,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;CAC7C;AAID,MAAM,MAAM,gBAAgB,GACxB,eAAe,GACf,iBAAiB,GACjB,kBAAkB,GAClB,iBAAiB,GACjB,kBAAkB,GAClB,gBAAgB,GAChB,kBAAkB,GAClB,cAAc,GACd,eAAe,GACf,iBAAiB,GACjB,uBAAuB,GACvB,eAAe,CAAC"}

package/dist/cjs/types.js

@@ -0,0 +1,4 @@
+"use strict";
+// --- Configurazione ---
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/cjs/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":";AAAA,yBAAyB"}

package/dist/esm/client.d.ts

@@ -0,0 +1,53 @@
+import type { ZoneOutConfig, ZoneOutEvent, ZoneOutEventCallback } from './types';
+import { type PollingResult } from './polling';
+export interface LoginInitResult {
+    /** URL del QR code da mostrare all'utente: zoneout://approve?session={id} */
+    qrCodeUrl: string;
+    /** ID della sessione di login */
+    sessionId: string;
+    /** Scade a (ISO string) */
+    expiresAt: string;
+    /** AbortController per annullare il login */
+    abort: AbortController;
+    /**
+     * Promise che si risolve quando l'utente approva.
+     * Restituisce il risultato con authorization_code.
+     * Il consumer è responsabile del redirect.
+     */
+    waitForApproval: () => Promise<PollingResult>;
+}
+export declare class ZoneOutClient {
+    private config;
+    private listeners;
+    private _codeVerifier;
+    private _state;
+    constructor(config: ZoneOutConfig);
+    /**
+     * Avvia il flusso di login.
+     * Restituisce l'URL del QR code e una promise per attendere l'approvazione.
+     */
+    initiateLogin(): Promise<LoginInitResult>;
+    /**
+     * Restituisce il code_verifier generato nell'ultimo initiateLogin.
+     * Serve al backend per il token exchange.
+     * ATTENZIONE: NON inviare mai il code_verifier a terzi. Va solo al TUO backend.
+     */
+    getCodeVerifier(): string | null;
+    /**
+     * Restituisce lo state generato nell'ultimo initiateLogin.
+     */
+    getState(): string | null;
+    /**
+     * Genera l'URL di redirect al backend del consumer con i parametri necessari.
+     */
+    buildCallbackUrl(authorizationCode: string): string;
+    /**
+     * Flusso completo: initiate -> poll -> redirect.
+     */
+    login(): Promise<void>;
+    on(event: ZoneOutEvent, callback: ZoneOutEventCallback): void;
+    off(event: ZoneOutEvent, callback: ZoneOutEventCallback): void;
+    private emit;
+    private mapServerError;
+}
+//# sourceMappingURL=client.d.ts.map

package/dist/esm/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,aAAa,EAEb,YAAY,EACZ,oBAAoB,EAErB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAmB,KAAK,aAAa,EAAE,MAAM,WAAW,CAAC;AAEhE,MAAM,WAAW,eAAe;IAC9B,6EAA6E;IAC7E,SAAS,EAAE,MAAM,CAAC;IAClB,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,2BAA2B;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,6CAA6C;IAC7C,KAAK,EAAE,eAAe,CAAC;IACvB;;;;OAIG;IACH,eAAe,EAAE,MAAM,OAAO,CAAC,aAAa,CAAC,CAAC;CAC/C;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,SAAS,CAA2D;IAC5E,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,MAAM,CAAuB;gBAEzB,MAAM,EAAE,aAAa;IAUjC;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,eAAe,CAAC;IAgE/C;;;;OAIG;IACH,eAAe,IAAI,MAAM,GAAG,IAAI;IAIhC;;OAEG;IACH,QAAQ,IAAI,MAAM,GAAG,IAAI;IAIzB;;OAEG;IACH,gBAAgB,CAAC,iBAAiB,EAAE,MAAM,GAAG,MAAM;IAOnD;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAW5B,EAAE,CAAC,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,oBAAoB,GAAG,IAAI;IAO7D,GAAG,CAAC,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,oBAAoB,GAAG,IAAI;IAI9D,OAAO,CAAC,IAAI;IAIZ,OAAO,CAAC,cAAc;CAQvB"}

package/dist/esm/client.js

@@ -0,0 +1,137 @@
+import { ZoneOutError } from './errors';
+import { generateCodeVerifier, generateCodeChallenge, generateState } from './pkce';
+import { pollForApproval } from './polling';
+export class ZoneOutClient {
+    constructor(config) {
+        this.listeners = new Map();
+        this._codeVerifier = null;
+        this._state = null;
+        this.config = {
+            ...config,
+            apiKey: config.apiKey ?? '',
+            scope: config.scope ?? ['identity'],
+            pollingTimeout: config.pollingTimeout ?? 300000,
+            pollingInterval: config.pollingInterval ?? 2000,
+        };
+    }
+    /**
+     * Avvia il flusso di login.
+     * Restituisce l'URL del QR code e una promise per attendere l'approvazione.
+     */
+    async initiateLogin() {
+        const codeVerifier = generateCodeVerifier();
+        const codeChallenge = await generateCodeChallenge(codeVerifier);
+        const state = generateState();
+        this._codeVerifier = codeVerifier;
+        this._state = state;
+        this.emit('login_start');
+        const res = await fetch(`${this.config.authServerUrl}/auth-login-initiate`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                ...(this.config.apiKey ? { apikey: this.config.apiKey, Authorization: `Bearer ${this.config.apiKey}` } : {}),
+            },
+            body: JSON.stringify({
+                client_id: this.config.clientId,
+                code_challenge: codeChallenge,
+                code_challenge_method: 'S256',
+                redirect_uri: this.config.redirectUri,
+                state,
+                scope: this.config.scope.join(' '),
+            }),
+        });
+        if (!res.ok) {
+            const body = await res.json().catch(() => ({}));
+            const code = this.mapServerError(body);
+            throw new ZoneOutError(code, body.error || `Initiate failed: HTTP ${res.status}`, body);
+        }
+        const session = await res.json();
+        const abortController = new AbortController();
+        const qrCodeUrl = `zoneout://approve/${session.login_session_id}`;
+        const waitForApproval = async () => {
+            const result = await pollForApproval({
+                sessionId: session.login_session_id,
+                authServerUrl: this.config.authServerUrl,
+                apiKey: this.config.apiKey,
+                interval: this.config.pollingInterval,
+                timeout: this.config.pollingTimeout,
+                signal: abortController.signal,
+                onStatusChange: (status) => {
+                    if (status === 'approved')
+                        this.emit('login_approved');
+                    if (status === 'rejected')
+                        this.emit('login_rejected');
+                    if (status === 'expired')
+                        this.emit('login_expired');
+                },
+            });
+            return result;
+        };
+        return {
+            qrCodeUrl,
+            sessionId: session.login_session_id,
+            expiresAt: session.expires_at,
+            abort: abortController,
+            waitForApproval,
+        };
+    }
+    /**
+     * Restituisce il code_verifier generato nell'ultimo initiateLogin.
+     * Serve al backend per il token exchange.
+     * ATTENZIONE: NON inviare mai il code_verifier a terzi. Va solo al TUO backend.
+     */
+    getCodeVerifier() {
+        return this._codeVerifier;
+    }
+    /**
+     * Restituisce lo state generato nell'ultimo initiateLogin.
+     */
+    getState() {
+        return this._state;
+    }
+    /**
+     * Genera l'URL di redirect al backend del consumer con i parametri necessari.
+     */
+    buildCallbackUrl(authorizationCode) {
+        const url = new URL(this.config.redirectUri);
+        url.searchParams.set('code', authorizationCode);
+        url.searchParams.set('state', this._state ?? '');
+        return url.toString();
+    }
+    /**
+     * Flusso completo: initiate -> poll -> redirect.
+     */
+    async login() {
+        const { waitForApproval } = await this.initiateLogin();
+        const result = await waitForApproval();
+        if (result.authorization_code) {
+            window.location.href = this.buildCallbackUrl(result.authorization_code);
+        }
+    }
+    // --- Event system ---
+    on(event, callback) {
+        if (!this.listeners.has(event)) {
+            this.listeners.set(event, new Set());
+        }
+        this.listeners.get(event).add(callback);
+    }
+    off(event, callback) {
+        this.listeners.get(event)?.delete(callback);
+    }
+    emit(event, data) {
+        this.listeners.get(event)?.forEach(cb => cb(event, data));
+    }
+    mapServerError(body) {
+        const error = String(body.error || '');
+        if (error.includes('client') || error.includes('client_id'))
+            return 'INVALID_CLIENT';
+        if (error.includes('redirect'))
+            return 'INVALID_REDIRECT';
+        if (error.includes('rate') || error.includes('limit'))
+            return 'RATE_LIMITED';
+        if (error.includes('provider'))
+            return 'PROVIDER_MISSING';
+        return 'UNKNOWN_ERROR';
+    }
+}
+//# sourceMappingURL=client.js.map

package/dist/esm/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AACpF,OAAO,EAAE,eAAe,EAAsB,MAAM,WAAW,CAAC;AAmBhE,MAAM,OAAO,aAAa;IAMxB,YAAY,MAAqB;QAJzB,cAAS,GAAiD,IAAI,GAAG,EAAE,CAAC;QACpE,kBAAa,GAAkB,IAAI,CAAC;QACpC,WAAM,GAAkB,IAAI,CAAC;QAGnC,IAAI,CAAC,MAAM,GAAG;YACZ,GAAG,MAAM;YACT,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;YAC3B,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,CAAC,UAAU,CAAC;YACnC,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,MAAO;YAChD,eAAe,EAAE,MAAM,CAAC,eAAe,IAAI,IAAK;SACjD,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa;QACjB,MAAM,YAAY,GAAG,oBAAoB,EAAE,CAAC;QAC5C,MAAM,aAAa,GAAG,MAAM,qBAAqB,CAAC,YAAY,CAAC,CAAC;QAChE,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;QAE9B,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;QAClC,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QAEpB,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAEzB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,sBAAsB,EAAE;YAC1E,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7G;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC/B,cAAc,EAAE,aAAa;gBAC7B,qBAAqB,EAAE,MAAM;gBAC7B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACrC,KAAK;gBACL,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;aACnC,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAChD,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YACvC,MAAM,IAAI,YAAY,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,IAAI,yBAAyB,GAAG,CAAC,MAAM,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,OAAO,GAAiB,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC/C,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAE9C,MAAM,SAAS,GAAG,qBAAqB,OAAO,CAAC,gBAAgB,EAAE,CAAC;QAElE,MAAM,eAAe,GAAG,KAAK,IAA4B,EAAE;YACzD,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC;gBACnC,SAAS,EAAE,OAAO,CAAC,gBAAgB;gBACnC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;gBACxC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;gBAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;gBACrC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;gBACnC,MAAM,EAAE,eAAe,CAAC,MAAM;gBAC9B,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE;oBACzB,IAAI,MAAM,KAAK,UAAU;wBAAE,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;oBACvD,IAAI,MAAM,KAAK,UAAU;wBAAE,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;oBACvD,IAAI,MAAM,KAAK,SAAS;wBAAE,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBACvD,CAAC;aACF,CAAC,CAAC;YAEH,OAAO,MAAM,CAAC;QAChB,CAAC,CAAC;QAEF,OAAO;YACL,SAAS;YACT,SAAS,EAAE,OAAO,CAAC,gBAAgB;YACnC,SAAS,EAAE,OAAO,CAAC,UAAU;YAC7B,KAAK,EAAE,eAAe;YACtB,eAAe;SAChB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,iBAAyB;QACxC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC7C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;QAChD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QACjD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QACvD,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;QAEvC,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;YAC9B,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,uBAAuB;IAEvB,EAAE,CAAC,KAAmB,EAAE,QAA8B;QACpD,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IAED,GAAG,CAAC,KAAmB,EAAE,QAA8B;QACrD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC9C,CAAC;IAEO,IAAI,CAAC,KAAmB,EAAE,IAAc;QAC9C,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;IAC5D,CAAC;IAEO,cAAc,CAAC,IAA6B;QAClD,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QACvC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC;YAAE,OAAO,gBAAgB,CAAC;QACrF,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;YAAE,OAAO,kBAAkB,CAAC;QAC1D,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,OAAO,cAAc,CAAC;QAC7E,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;YAAE,OAAO,kBAAkB,CAAC;QAC1D,OAAO,eAAe,CAAC;IACzB,CAAC;CACF"}

package/dist/esm/errors.d.ts

@@ -0,0 +1,7 @@
+import type { ZoneOutErrorCode } from './types';
+export declare class ZoneOutError extends Error {
+    readonly code: ZoneOutErrorCode;
+    readonly detail?: Record<string, unknown>;
+    constructor(code: ZoneOutErrorCode, message: string, detail?: Record<string, unknown>);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/esm/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAEhD,qBAAa,YAAa,SAAQ,KAAK;IACrC,SAAgB,IAAI,EAAE,gBAAgB,CAAC;IACvC,SAAgB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAErC,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;CAMtF"}

package/dist/esm/errors.js

@@ -0,0 +1,9 @@
+export class ZoneOutError extends Error {
+    constructor(code, message, detail) {
+        super(message);
+        this.name = 'ZoneOutError';
+        this.code = code;
+        this.detail = detail;
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/esm/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAEA,MAAM,OAAO,YAAa,SAAQ,KAAK;IAIrC,YAAY,IAAsB,EAAE,OAAe,EAAE,MAAgC;QACnF,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;QAC3B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF"}

package/dist/esm/index.d.ts

@@ -0,0 +1,7 @@
+export { ZoneOutClient } from './client';
+export type { LoginInitResult } from './client';
+export { exchangeCodeForTokens, refreshAccessToken } from './server';
+export type { ZoneOutConfig, ZoneOutUser, ZoneOutTokens, ZoneOutLoginResult, LoginSession, LoginSessionStatus, LoginSessionDetail, LoginSessionResponse, TokenExchangeParams, TokenRefreshParams, TokenResponse, ZoneOutEvent, ZoneOutEventCallback, ZoneOutErrorCode, } from './types';
+export { ZoneOutError } from './errors';
+export { generateCodeVerifier, generateCodeChallenge, generateState } from './pkce';
+//# sourceMappingURL=index.d.ts.map

package/dist/esm/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,YAAY,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAGhD,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAGrE,YAAY,EACV,aAAa,EACb,WAAW,EACX,aAAa,EACb,kBAAkB,EAClB,YAAY,EACZ,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,aAAa,EACb,YAAY,EACZ,oBAAoB,EACpB,gBAAgB,GACjB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGxC,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC"}

package/dist/esm/index.js

@@ -0,0 +1,9 @@
+// Client (frontend)
+export { ZoneOutClient } from './client';
+// Server helpers
+export { exchangeCodeForTokens, refreshAccessToken } from './server';
+// Errors
+export { ZoneOutError } from './errors';
+// PKCE utils (exported for advanced use cases)
+export { generateCodeVerifier, generateCodeChallenge, generateState } from './pkce';
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,oBAAoB;AACpB,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAGzC,iBAAiB;AACjB,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAoBrE,SAAS;AACT,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,+CAA+C;AAC/C,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC"}

package/dist/esm/pkce.d.ts

@@ -0,0 +1,4 @@
+export declare function generateCodeVerifier(): string;
+export declare function generateCodeChallenge(verifier: string): Promise<string>;
+export declare function generateState(): string;
+//# sourceMappingURL=pkce.d.ts.map

package/dist/esm/pkce.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pkce.d.ts","sourceRoot":"","sources":["../../src/pkce.ts"],"names":[],"mappings":"AASA,wBAAgB,oBAAoB,IAAI,MAAM,CAI7C;AAED,wBAAsB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAK7E;AAED,wBAAgB,aAAa,IAAI,MAAM,CAItC"}

package/dist/esm/pkce.js

@@ -0,0 +1,25 @@
+function base64UrlEncode(buffer) {
+    const bytes = new Uint8Array(buffer);
+    let binary = '';
+    for (let i = 0; i < bytes.length; i++) {
+        binary += String.fromCharCode(bytes[i]);
+    }
+    return btoa(binary).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+}
+export function generateCodeVerifier() {
+    const array = new Uint8Array(48);
+    crypto.getRandomValues(array);
+    return base64UrlEncode(array.buffer);
+}
+export async function generateCodeChallenge(verifier) {
+    const encoder = new TextEncoder();
+    const data = encoder.encode(verifier);
+    const hash = await crypto.subtle.digest('SHA-256', data);
+    return base64UrlEncode(hash);
+}
+export function generateState() {
+    const array = new Uint8Array(32);
+    crypto.getRandomValues(array);
+    return base64UrlEncode(array.buffer);
+}
+//# sourceMappingURL=pkce.js.map

package/dist/esm/pkce.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pkce.js","sourceRoot":"","sources":["../../src/pkce.ts"],"names":[],"mappings":"AAAA,SAAS,eAAe,CAAC,MAAmB;IAC1C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACjF,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,eAAe,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,QAAgB;IAC1D,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACzD,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,aAAa;IAC3B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,eAAe,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC"}

package/dist/esm/polling.d.ts

@@ -0,0 +1,15 @@
+export interface PollingOptions {
+    sessionId: string;
+    authServerUrl: string;
+    apiKey?: string;
+    interval: number;
+    timeout: number;
+    onStatusChange?: (status: string) => void;
+    signal?: AbortSignal;
+}
+export interface PollingResult {
+    status: string;
+    authorization_code?: string;
+}
+export declare function pollForApproval(options: PollingOptions): Promise<PollingResult>;
+//# sourceMappingURL=polling.d.ts.map

package/dist/esm/polling.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"polling.d.ts","sourceRoot":"","sources":["../../src/polling.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IAC1C,MAAM,CAAC,EAAE,WAAW,CAAC;CACtB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,wBAAsB,eAAe,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,aAAa,CAAC,CAwDrF"}

package/dist/esm/polling.js

@@ -0,0 +1,50 @@
+import { ZoneOutError } from './errors';
+export async function pollForApproval(options) {
+    const { sessionId, authServerUrl, apiKey, interval, timeout, onStatusChange, signal } = options;
+    const startTime = Date.now();
+    while (true) {
+        if (signal?.aborted) {
+            throw new ZoneOutError('USER_REJECTED', 'Login cancelled by user');
+        }
+        if (Date.now() - startTime > timeout) {
+            throw new ZoneOutError('POLLING_TIMEOUT', 'Login session timed out');
+        }
+        try {
+            const url = `${authServerUrl}/auth-login-session?session_id=${encodeURIComponent(sessionId)}`;
+            const res = await fetch(url, {
+                headers: {
+                    ...(apiKey ? { apikey: apiKey, Authorization: `Bearer ${apiKey}` } : {}),
+                },
+            });
+            if (res.status === 429) {
+                throw new ZoneOutError('RATE_LIMITED', 'Too many requests, slow down');
+            }
+            if (!res.ok) {
+                const body = await res.json().catch(() => ({}));
+                throw new ZoneOutError('UNKNOWN_ERROR', body.error || `HTTP ${res.status}`);
+            }
+            const data = await res.json();
+            const status = data.session.status;
+            if (status === 'approved' && data.authorization_code) {
+                onStatusChange?.('approved');
+                return { status: 'approved', authorization_code: data.authorization_code };
+            }
+            if (status === 'rejected') {
+                onStatusChange?.('rejected');
+                throw new ZoneOutError('USER_REJECTED', 'User rejected the login request');
+            }
+            if (status === 'expired') {
+                onStatusChange?.('expired');
+                throw new ZoneOutError('SESSION_EXPIRED', 'Login session has expired');
+            }
+            onStatusChange?.('pending_approval');
+        }
+        catch (err) {
+            if (err instanceof ZoneOutError)
+                throw err;
+            console.warn('[ZoneOut SDK] Polling error, retrying:', err);
+        }
+        await new Promise(resolve => setTimeout(resolve, interval));
+    }
+}
+//# sourceMappingURL=polling.js.map

package/dist/esm/polling.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"polling.js","sourceRoot":"","sources":["../../src/polling.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAiBxC,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,OAAuB;IAC3D,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAChG,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,MAAM,EAAE,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,YAAY,CAAC,eAAe,EAAE,yBAAyB,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,YAAY,CAAC,iBAAiB,EAAE,yBAAyB,CAAC,CAAC;QACvE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,GAAG,aAAa,kCAAkC,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9F,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAC3B,OAAO,EAAE;oBACP,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,UAAU,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACzE;aACF,CAAC,CAAC;YAEH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,MAAM,IAAI,YAAY,CAAC,cAAc,EAAE,8BAA8B,CAAC,CAAC;YACzE,CAAC;YAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAChD,MAAM,IAAI,YAAY,CAAC,eAAe,EAAE,IAAI,CAAC,KAAK,IAAI,QAAQ,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;YAC9E,CAAC;YAED,MAAM,IAAI,GAAyB,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;YAEnC,IAAI,MAAM,KAAK,UAAU,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACrD,cAAc,EAAE,CAAC,UAAU,CAAC,CAAC;gBAC7B,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,kBAAkB,EAAE,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC7E,CAAC;YAED,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;gBAC1B,cAAc,EAAE,CAAC,UAAU,CAAC,CAAC;gBAC7B,MAAM,IAAI,YAAY,CAAC,eAAe,EAAE,iCAAiC,CAAC,CAAC;YAC7E,CAAC;YAED,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBACzB,cAAc,EAAE,CAAC,SAAS,CAAC,CAAC;gBAC5B,MAAM,IAAI,YAAY,CAAC,iBAAiB,EAAE,2BAA2B,CAAC,CAAC;YACzE,CAAC;YAED,cAAc,EAAE,CAAC,kBAAkB,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,YAAY;gBAAE,MAAM,GAAG,CAAC;YAC3C,OAAO,CAAC,IAAI,CAAC,wCAAwC,EAAE,GAAG,CAAC,CAAC;QAC9D,CAAC;QAED,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC9D,CAAC;AACH,CAAC"}

package/dist/esm/react/index.d.ts

@@ -0,0 +1,3 @@
+export { ZoneOutProvider, useZoneOutClient } from './provider';
+export { useZoneOut } from './use-zoneout';
+//# sourceMappingURL=index.d.ts.map

package/dist/esm/react/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/react/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC/D,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC"}