tenneo-auth-plugin 0.1.8 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -129,8 +129,7 @@ function App() {
129
129
  - Pluggable storage adapters (session, cookie, memory)
130
130
  - Authentication event system for observability
131
131
  - Strict TypeScript definitions throughout
132
- - Runtime configuration override support
133
- - Window-based configuration injection
132
+ - Host-driven configuration (props / `setConfig()`)
134
133
  - Clean layered architecture
135
134
  - Tree-shakeable ESM and CJS builds
136
135
  - React 18+ compatibility
@@ -140,6 +139,9 @@ function App() {
140
139
  | Prop | Type | Required | Default | Description |
141
140
  |------|------|----------|---------|-------------|
142
141
  | `tenantCode` | `string` | No | - | Tenant code for configuration resolution |
142
+ | `apiBaseUrl` | `string` | Yes | - | Tenant resolution service base URL |
143
+ | `authServerUrl` | `string` | Yes | - | Authorization server base URL (OIDC authorize) |
144
+ | `callbackUrl` | `string` | Yes | - | Full callback/redirect URL |
143
145
  | `appId` | `string` | No | `''` | Application identifier for storage namespacing |
144
146
  | `autoInit` | `boolean` | No | `true` | Automatically initialize authentication on mount |
145
147
  | `storageAdapter` | `StorageAdapter` | No | `null` | Custom storage adapter instance |
@@ -276,62 +278,39 @@ const token = await engine.getAccessToken();
276
278
 
277
279
  ## Configuration
278
280
 
279
- ### Environment Variables
281
+ ### Host app configuration (required)
280
282
 
281
- Configure the plugin using environment variables. For Vite applications, use the `VITE_` prefix.
283
+ This SDK does **not** read `.env` or `window.__AUTH_CONFIG__`. Provide configuration from your host app:
282
284
 
283
- ```env
284
- # OAuth Server URL
285
- VITE_AUTH_SERVER_URL=https://auth.example.com
286
-
287
- # API Base URLs
288
- VITE_API_TENANT_RESOLUTION_BASE_URL=https://api.example.com/api/v1
289
- VITE_API_AUTH_BASE_URL=https://auth.example.com
290
-
291
- # Default Configuration
292
- VITE_CLIENT_ID=your-client-id
293
- VITE_TENANT_ID=your-tenant-id
294
- VITE_CLIENTCODE=your-tenant-code
295
- ```
296
-
297
- ### Window Runtime Configuration
298
-
299
- Inject configuration at runtime without rebuilding the application.
285
+ ```tsx
286
+ import { AuthProvider } from 'tenneo-auth-plugin';
300
287
 
301
- ```html
302
- <script>
303
- window.__AUTH_CONFIG__ = {
304
- clientId: 'runtime-client-id',
305
- tenantId: 'runtime-tenant-id',
306
- basePath: '/app',
307
- };
308
- </script>
288
+ <AuthProvider
289
+ tenantCode="your-tenant-code"
290
+ apiBaseUrl="https://tenant-service.example.com"
291
+ authServerUrl="https://auth.example.com"
292
+ callbackUrl="https://app.example.com/callback"
293
+ appId="myapp"
294
+ >
295
+ <App />
296
+ </AuthProvider>
309
297
  ```
310
298
 
311
- ### Configuration Priority
312
-
313
- Configuration is resolved in the following order (highest priority first):
314
-
315
- 1. Props passed to AuthProvider
316
- 2. Window configuration (`window.__AUTH_CONFIG__`)
317
- 3. Environment variables
318
- 4. Built-in defaults
319
-
320
299
  ### Programmatic Configuration
321
300
 
322
301
  ```tsx
323
302
  import { setConfig, Config } from 'tenneo-auth-plugin';
324
303
 
325
- // Override configuration
304
+ // Override configuration (host-driven)
326
305
  setConfig({
327
- clientId: 'custom-client-id',
328
- tenantId: 'custom-tenant-id',
329
- basePath: '/my-app',
306
+ tenantCode: 'your-tenant-code',
307
+ apiBaseUrl: 'https://tenant-service.example.com',
308
+ authServerUrl: 'https://auth.example.com',
309
+ callbackUrl: 'https://app.example.com/callback',
330
310
  });
331
311
 
332
312
  // Access resolved configuration
333
313
  const authServerUrl = Config.getAuthServerUrl();
334
- const clientId = Config.getClientId();
335
314
  const allConfig = Config.getAll();
336
315
  ```
337
316
 
@@ -420,13 +399,11 @@ import type {
420
399
  TokenResponse,
421
400
  AuthState,
422
401
  AuthContextValue,
423
- EnvConfig,
424
402
  AuthTokens,
425
403
  StorageAdapter,
426
404
  AuthEngine,
427
405
  AuthEngineState,
428
406
  SDKConfig,
429
- RuntimeConfigOverrides,
430
407
  } from 'tenneo-auth-plugin';
431
408
  ```
432
409
 
package/dist/index.d.mts CHANGED
@@ -215,6 +215,12 @@ interface AuthProviderProps {
215
215
  autoInit?: boolean;
216
216
  /** Tenant code from host app (used to resolve tenant via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}). */
217
217
  tenantCode?: string;
218
+ /** Tenant resolution base URL (host app). */
219
+ apiBaseUrl?: string;
220
+ /** Authorization server URL (host app). */
221
+ authServerUrl?: string;
222
+ /** Callback/redirect URL (host app). */
223
+ callbackUrl?: string;
218
224
  /** App id for storage namespacing (auth_${tenantId}_${appId}_*). */
219
225
  appId?: string;
220
226
  /** Optional storage adapter; default is SecureSessionStorageAdapter with namespacing. */
@@ -223,7 +229,7 @@ interface AuthProviderProps {
223
229
  /**
224
230
  * AuthProvider – UI-facing auth state only
225
231
  */
226
- declare function AuthProvider({ children, autoInit, tenantCode, appId, storageAdapter, }: AuthProviderProps): React.JSX.Element;
232
+ declare function AuthProvider({ children, autoInit, tenantCode, apiBaseUrl, authServerUrl, callbackUrl, appId, storageAdapter, }: AuthProviderProps): React.JSX.Element;
227
233
 
228
234
  interface AuthCallbackProps {
229
235
  loginPath?: string;
@@ -296,10 +302,7 @@ interface ConfigProvider {
296
302
  getApiBaseUrl(): string;
297
303
  getAuthServerUrl(): string;
298
304
  getRedirectUri(): string;
299
- getClientId(): string;
300
- getTenantId(): string;
301
305
  getClientCode(): string;
302
- getBasePath(): string;
303
306
  }
304
307
  /** Tenant resolution – replaces direct tenant API usage in core. */
305
308
  interface TenantResolver {
@@ -414,50 +417,36 @@ declare function resolveTenant(tenantKey: string): Promise<TenantConfig | null>;
414
417
 
415
418
  /**
416
419
  * Configuration types.
417
- * Internal: non-overridable (from .env). Runtime: overridable (env + window + setConfig).
418
420
  *
419
- * BASE URL SEPARATION (mandatory do not mix):
420
- * - API_TENANT_RESOLUTION_BASE_URL: Tenant resolution only.
421
- * - API_AUTH_BASE_URL: Token operations only (exchange, refresh, logout).
422
- * - AUTH_SERVER_URL: OpenID Connect authorization redirect only.
423
- */
424
- interface InternalConfig {
425
- API_TENANT_RESOLUTION_BASE_URL: string;
426
- API_AUTH_BASE_URL: string;
427
- AUTH_SERVER_URL: string;
428
- DEFAULT_DOMAIN: string;
429
- }
430
- /** Single source of truth: .env (VITE_CLIENT_ID, VITE_TENANT_ID, VITE_CLIENTCODE). */
431
- interface RuntimeConfig {
432
- CLIENT_ID: string;
433
- TENANT_ID: string;
434
- CLIENTCODE: string;
435
- }
436
- type ResolvedConfig = InternalConfig & RuntimeConfig;
437
- type SDKConfig = ResolvedConfig;
438
- interface RuntimeConfigOverrides {
439
- basePath?: string;
440
- redirectUri?: string;
441
- }
442
- type HostConfigOverride = Partial<RuntimeConfig> & Partial<RuntimeConfigOverrides>;
443
- /** Window __APP_CONFIG__ / __AUTH_CONFIG__ shape (clientId, tenantId, clientcode only). */
444
- interface HostRuntimeConfig {
421
+ * There is no "internal vs runtime" config anymore.
422
+ * Everything is provided by the host app via `AuthProvider` props / `setConfig()`.
423
+ */
424
+ interface SDKConfig {
425
+ /** Tenant resolution service base URL. */
426
+ apiBaseUrl?: string;
427
+ /** Auth API base URL (token exchange/refresh/logout). */
428
+ apiAuthBaseUrl?: string;
429
+ /** Authorization server base URL (OIDC authorize endpoint). */
430
+ authServerUrl?: string;
431
+ /** Callback/redirect URL (full URL). */
432
+ callbackUrl?: string;
433
+ /** Optional tenant code/key (used for tenant resolution). */
434
+ tenantCode?: string;
435
+ /** Optional runtime identifiers (may be returned from tenant API). */
445
436
  clientId?: string;
446
437
  tenantId?: string;
447
- clientcode?: string;
438
+ clientCode?: string;
439
+ /** Optional UI/runtime overrides. */
440
+ basePath?: string;
448
441
  }
449
- /** Full resolved config output (internal URLs + runtime + derived redirectUri, basePath). */
450
- interface ResolvedHostConfig {
451
- apiTenantResolutionBaseUrl: string;
452
- apiAuthBaseUrl: string;
442
+ type HostConfigOverride = SDKConfig;
443
+ interface ResolvedConfig {
444
+ apiBaseUrl: string;
453
445
  authServerUrl: string;
454
- defaultDomain: string;
455
- clientId: string;
456
- tenantId: string;
446
+ callbackUrl: string;
457
447
  clientCode: string;
458
- redirectUri: string;
459
- basePath: string;
460
448
  }
449
+ type ResolvedHostConfig = ResolvedConfig;
461
450
 
462
451
  /**
463
452
  * OAuth constants and storage keys. No config resolution — pure constants.
@@ -483,39 +472,22 @@ declare const STORAGE_KEYS: {
483
472
  };
484
473
 
485
474
  /**
486
- * Config: resolver + public Config facade.
487
- * Resolution order: runtime overrides > window > env > defaults.
488
- * Single source of truth: .env (see .env.example).
475
+ * Config: minimal host-driven config store + facade.
476
+ *
477
+ * No "internal" or "runtime" config separation.
478
+ * Everything comes from the host app via `setConfig()` / `AuthProvider` props.
489
479
  */
490
480
 
491
- declare global {
492
- interface Window {
493
- __APP_CONFIG__?: HostRuntimeConfig | {
494
- [key: string]: unknown;
495
- };
496
- __AUTH_CONFIG__?: HostRuntimeConfig | {
497
- [key: string]: unknown;
498
- };
499
- }
500
- }
501
- declare function resolveConfig(overrides?: HostConfigOverride): InternalConfig & RuntimeConfig;
502
- declare function getConfig(): InternalConfig & RuntimeConfig;
481
+ declare function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig;
482
+ declare function getConfig(): ResolvedConfig;
503
483
  declare function setConfig(overrides: HostConfigOverride): void;
504
484
  declare const Config: {
505
- readonly getApiTenantResolutionBaseUrl: () => string;
506
- readonly getApiAuthBaseUrl: () => string;
485
+ readonly getApiBaseUrl: () => string;
507
486
  readonly getAuthServerUrl: () => string;
508
- readonly getDefaultDomain: () => string;
509
- readonly getClientId: () => string;
510
- readonly getTenantId: () => string;
511
487
  readonly getClientCode: () => string;
512
488
  readonly getRedirectUri: () => string;
513
- readonly getBasePath: () => string;
514
- readonly hasRuntimeConfig: () => boolean;
515
489
  readonly getAll: () => ResolvedHostConfig;
516
490
  };
517
- declare function getEnvConfig(): Promise<EnvConfig | null>;
518
- declare function hasEnvFallback(): boolean;
519
491
 
520
492
  /**
521
493
  * Security and error utilities for authentication.
@@ -565,4 +537,4 @@ type AuthEventHandler = (payload?: AuthEventPayload) => void;
565
537
  declare function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void;
566
538
  declare function subscribeAuthEvent(event: AuthEventName | '*', handler: AuthEventHandler): () => void;
567
539
 
568
- export { AuthCallback, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type HostConfigOverride, type InternalConfig, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type RuntimeConfigOverrides, type SDKConfig, type RuntimeConfig as SDKRuntimeConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthRuntime, getConfig, getEnvConfig, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, hasEnvFallback, isAccessTokenExpired, isCallbackUrl, logout, refreshAccessToken, resetCookieWatcher, resolveConfig, resolveTenant, sanitizeErrorMessage, setAuthRuntime, setConfig, setStorageContext, startCookieWatcher, stopCookieWatcher, subscribeAuthEvent, useAuth, useAuthContext, useAuthInit };
540
+ export { AuthCallback, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type HostConfigOverride, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type SDKConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthRuntime, getConfig, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, isAccessTokenExpired, isCallbackUrl, logout, refreshAccessToken, resetCookieWatcher, resolveConfig, resolveTenant, sanitizeErrorMessage, setAuthRuntime, setConfig, setStorageContext, startCookieWatcher, stopCookieWatcher, subscribeAuthEvent, useAuth, useAuthContext, useAuthInit };
package/dist/index.d.ts CHANGED
@@ -215,6 +215,12 @@ interface AuthProviderProps {
215
215
  autoInit?: boolean;
216
216
  /** Tenant code from host app (used to resolve tenant via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}). */
217
217
  tenantCode?: string;
218
+ /** Tenant resolution base URL (host app). */
219
+ apiBaseUrl?: string;
220
+ /** Authorization server URL (host app). */
221
+ authServerUrl?: string;
222
+ /** Callback/redirect URL (host app). */
223
+ callbackUrl?: string;
218
224
  /** App id for storage namespacing (auth_${tenantId}_${appId}_*). */
219
225
  appId?: string;
220
226
  /** Optional storage adapter; default is SecureSessionStorageAdapter with namespacing. */
@@ -223,7 +229,7 @@ interface AuthProviderProps {
223
229
  /**
224
230
  * AuthProvider – UI-facing auth state only
225
231
  */
226
- declare function AuthProvider({ children, autoInit, tenantCode, appId, storageAdapter, }: AuthProviderProps): React.JSX.Element;
232
+ declare function AuthProvider({ children, autoInit, tenantCode, apiBaseUrl, authServerUrl, callbackUrl, appId, storageAdapter, }: AuthProviderProps): React.JSX.Element;
227
233
 
228
234
  interface AuthCallbackProps {
229
235
  loginPath?: string;
@@ -296,10 +302,7 @@ interface ConfigProvider {
296
302
  getApiBaseUrl(): string;
297
303
  getAuthServerUrl(): string;
298
304
  getRedirectUri(): string;
299
- getClientId(): string;
300
- getTenantId(): string;
301
305
  getClientCode(): string;
302
- getBasePath(): string;
303
306
  }
304
307
  /** Tenant resolution – replaces direct tenant API usage in core. */
305
308
  interface TenantResolver {
@@ -414,50 +417,36 @@ declare function resolveTenant(tenantKey: string): Promise<TenantConfig | null>;
414
417
 
415
418
  /**
416
419
  * Configuration types.
417
- * Internal: non-overridable (from .env). Runtime: overridable (env + window + setConfig).
418
420
  *
419
- * BASE URL SEPARATION (mandatory do not mix):
420
- * - API_TENANT_RESOLUTION_BASE_URL: Tenant resolution only.
421
- * - API_AUTH_BASE_URL: Token operations only (exchange, refresh, logout).
422
- * - AUTH_SERVER_URL: OpenID Connect authorization redirect only.
423
- */
424
- interface InternalConfig {
425
- API_TENANT_RESOLUTION_BASE_URL: string;
426
- API_AUTH_BASE_URL: string;
427
- AUTH_SERVER_URL: string;
428
- DEFAULT_DOMAIN: string;
429
- }
430
- /** Single source of truth: .env (VITE_CLIENT_ID, VITE_TENANT_ID, VITE_CLIENTCODE). */
431
- interface RuntimeConfig {
432
- CLIENT_ID: string;
433
- TENANT_ID: string;
434
- CLIENTCODE: string;
435
- }
436
- type ResolvedConfig = InternalConfig & RuntimeConfig;
437
- type SDKConfig = ResolvedConfig;
438
- interface RuntimeConfigOverrides {
439
- basePath?: string;
440
- redirectUri?: string;
441
- }
442
- type HostConfigOverride = Partial<RuntimeConfig> & Partial<RuntimeConfigOverrides>;
443
- /** Window __APP_CONFIG__ / __AUTH_CONFIG__ shape (clientId, tenantId, clientcode only). */
444
- interface HostRuntimeConfig {
421
+ * There is no "internal vs runtime" config anymore.
422
+ * Everything is provided by the host app via `AuthProvider` props / `setConfig()`.
423
+ */
424
+ interface SDKConfig {
425
+ /** Tenant resolution service base URL. */
426
+ apiBaseUrl?: string;
427
+ /** Auth API base URL (token exchange/refresh/logout). */
428
+ apiAuthBaseUrl?: string;
429
+ /** Authorization server base URL (OIDC authorize endpoint). */
430
+ authServerUrl?: string;
431
+ /** Callback/redirect URL (full URL). */
432
+ callbackUrl?: string;
433
+ /** Optional tenant code/key (used for tenant resolution). */
434
+ tenantCode?: string;
435
+ /** Optional runtime identifiers (may be returned from tenant API). */
445
436
  clientId?: string;
446
437
  tenantId?: string;
447
- clientcode?: string;
438
+ clientCode?: string;
439
+ /** Optional UI/runtime overrides. */
440
+ basePath?: string;
448
441
  }
449
- /** Full resolved config output (internal URLs + runtime + derived redirectUri, basePath). */
450
- interface ResolvedHostConfig {
451
- apiTenantResolutionBaseUrl: string;
452
- apiAuthBaseUrl: string;
442
+ type HostConfigOverride = SDKConfig;
443
+ interface ResolvedConfig {
444
+ apiBaseUrl: string;
453
445
  authServerUrl: string;
454
- defaultDomain: string;
455
- clientId: string;
456
- tenantId: string;
446
+ callbackUrl: string;
457
447
  clientCode: string;
458
- redirectUri: string;
459
- basePath: string;
460
448
  }
449
+ type ResolvedHostConfig = ResolvedConfig;
461
450
 
462
451
  /**
463
452
  * OAuth constants and storage keys. No config resolution — pure constants.
@@ -483,39 +472,22 @@ declare const STORAGE_KEYS: {
483
472
  };
484
473
 
485
474
  /**
486
- * Config: resolver + public Config facade.
487
- * Resolution order: runtime overrides > window > env > defaults.
488
- * Single source of truth: .env (see .env.example).
475
+ * Config: minimal host-driven config store + facade.
476
+ *
477
+ * No "internal" or "runtime" config separation.
478
+ * Everything comes from the host app via `setConfig()` / `AuthProvider` props.
489
479
  */
490
480
 
491
- declare global {
492
- interface Window {
493
- __APP_CONFIG__?: HostRuntimeConfig | {
494
- [key: string]: unknown;
495
- };
496
- __AUTH_CONFIG__?: HostRuntimeConfig | {
497
- [key: string]: unknown;
498
- };
499
- }
500
- }
501
- declare function resolveConfig(overrides?: HostConfigOverride): InternalConfig & RuntimeConfig;
502
- declare function getConfig(): InternalConfig & RuntimeConfig;
481
+ declare function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig;
482
+ declare function getConfig(): ResolvedConfig;
503
483
  declare function setConfig(overrides: HostConfigOverride): void;
504
484
  declare const Config: {
505
- readonly getApiTenantResolutionBaseUrl: () => string;
506
- readonly getApiAuthBaseUrl: () => string;
485
+ readonly getApiBaseUrl: () => string;
507
486
  readonly getAuthServerUrl: () => string;
508
- readonly getDefaultDomain: () => string;
509
- readonly getClientId: () => string;
510
- readonly getTenantId: () => string;
511
487
  readonly getClientCode: () => string;
512
488
  readonly getRedirectUri: () => string;
513
- readonly getBasePath: () => string;
514
- readonly hasRuntimeConfig: () => boolean;
515
489
  readonly getAll: () => ResolvedHostConfig;
516
490
  };
517
- declare function getEnvConfig(): Promise<EnvConfig | null>;
518
- declare function hasEnvFallback(): boolean;
519
491
 
520
492
  /**
521
493
  * Security and error utilities for authentication.
@@ -565,4 +537,4 @@ type AuthEventHandler = (payload?: AuthEventPayload) => void;
565
537
  declare function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void;
566
538
  declare function subscribeAuthEvent(event: AuthEventName | '*', handler: AuthEventHandler): () => void;
567
539
 
568
- export { AuthCallback, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type HostConfigOverride, type InternalConfig, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type RuntimeConfigOverrides, type SDKConfig, type RuntimeConfig as SDKRuntimeConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthRuntime, getConfig, getEnvConfig, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, hasEnvFallback, isAccessTokenExpired, isCallbackUrl, logout, refreshAccessToken, resetCookieWatcher, resolveConfig, resolveTenant, sanitizeErrorMessage, setAuthRuntime, setConfig, setStorageContext, startCookieWatcher, stopCookieWatcher, subscribeAuthEvent, useAuth, useAuthContext, useAuthInit };
540
+ export { AuthCallback, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type HostConfigOverride, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type SDKConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthRuntime, getConfig, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, isAccessTokenExpired, isCallbackUrl, logout, refreshAccessToken, resetCookieWatcher, resolveConfig, resolveTenant, sanitizeErrorMessage, setAuthRuntime, setConfig, setStorageContext, startCookieWatcher, stopCookieWatcher, subscribeAuthEvent, useAuth, useAuthContext, useAuthInit };