tenneo-auth-plugin 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +104 -27
- package/dist/index.d.ts +104 -27
- package/dist/index.js +831 -556
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +815 -556
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/dist/index.d.mts
CHANGED
|
@@ -6,29 +6,27 @@ import React from 'react';
|
|
|
6
6
|
declare function bootstrap(): Promise<void>;
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
|
-
* Logout
|
|
10
|
-
* Clears session auth data and performs server logout when possible.
|
|
9
|
+
* Logout: idempotent, host-driven config, no fragile host_config snapshot/restore.
|
|
11
10
|
*
|
|
12
|
-
*
|
|
13
|
-
* -
|
|
14
|
-
* -
|
|
15
|
-
* -
|
|
16
|
-
* - Watcher lifecycle correctness
|
|
17
|
-
* - CSRF protection (when host app provides a token)
|
|
11
|
+
* - Watchers suspended during teardown to avoid bootstrap races
|
|
12
|
+
* - Server logout: POST only (no unsafe GET fallback)
|
|
13
|
+
* - Local state always cleared even if server fails
|
|
14
|
+
* - Storage cache refreshed from current runtime config (memory/host), never a stale snapshot
|
|
18
15
|
*/
|
|
19
16
|
interface LogoutResponse {
|
|
20
17
|
success?: boolean;
|
|
21
18
|
message?: string;
|
|
22
19
|
logout?: boolean;
|
|
23
20
|
}
|
|
24
|
-
|
|
25
|
-
* Public logout API – keeps signature/backward-compatibility.
|
|
26
|
-
*/
|
|
27
|
-
declare function logout(tenantKey?: string): Promise<{
|
|
21
|
+
type LogoutResult = {
|
|
28
22
|
success: boolean;
|
|
29
23
|
message: string;
|
|
30
24
|
serverResponse?: LogoutResponse;
|
|
31
|
-
}
|
|
25
|
+
};
|
|
26
|
+
/**
|
|
27
|
+
* Idempotent logout: coalesces concurrent calls in the same JS realm; cross-tab deduped via short lock.
|
|
28
|
+
*/
|
|
29
|
+
declare function logout(tenantKey?: string): Promise<LogoutResult>;
|
|
32
30
|
|
|
33
31
|
/**
|
|
34
32
|
* Domain types for the authentication gateway plugin.
|
|
@@ -221,6 +219,8 @@ interface SDKConfig {
|
|
|
221
219
|
authServerUrl?: string;
|
|
222
220
|
/** Callback/redirect URL (full URL). */
|
|
223
221
|
callbackUrl?: string;
|
|
222
|
+
/** Alias some hosts use for OAuth redirect URI (same as callbackUrl). */
|
|
223
|
+
redirectUri?: string;
|
|
224
224
|
/** Optional tenant code/key (used for tenant resolution). */
|
|
225
225
|
tenantCode?: string;
|
|
226
226
|
tenantKey?: string;
|
|
@@ -241,8 +241,71 @@ interface ResolvedConfig {
|
|
|
241
241
|
clientCode: string;
|
|
242
242
|
tenantCode: string;
|
|
243
243
|
appId: string;
|
|
244
|
+
/** OAuth client id (may match clientCode / public client). */
|
|
245
|
+
clientId: string;
|
|
246
|
+
/** Tenant id from tenant resolution API when available. */
|
|
247
|
+
tenantId: string;
|
|
248
|
+
}
|
|
249
|
+
|
|
250
|
+
/**
|
|
251
|
+
* Host-aware config resolution: memory → host bridge (window / provider) → storage cache (fallback).
|
|
252
|
+
* Does not import application/storage barrel to avoid circular deps — uses storage/kv only.
|
|
253
|
+
*/
|
|
254
|
+
|
|
255
|
+
type ConfigLayerSource = 'override' | 'memory' | 'host_bridge' | 'storage_cache';
|
|
256
|
+
declare global {
|
|
257
|
+
interface Window {
|
|
258
|
+
/** Optional host-injected auth config (runtime). Lowest priority vs setConfig memory, above storage cache. */
|
|
259
|
+
__TENNEO_AUTH_HOST__?: Partial<SDKConfig>;
|
|
260
|
+
}
|
|
261
|
+
}
|
|
262
|
+
declare function setConfig(overrides: HostConfigOverride): void;
|
|
263
|
+
declare function setHostConfigProvider(fn: (() => Partial<SDKConfig> | null | undefined) | null): void;
|
|
264
|
+
interface FieldSourceMap {
|
|
265
|
+
tenantCode?: ConfigLayerSource;
|
|
266
|
+
tenantKey?: ConfigLayerSource;
|
|
267
|
+
apiBaseUrl?: ConfigLayerSource;
|
|
268
|
+
authServerUrl?: ConfigLayerSource;
|
|
269
|
+
callbackUrl?: ConfigLayerSource;
|
|
270
|
+
clientCode?: ConfigLayerSource;
|
|
271
|
+
clientId?: ConfigLayerSource;
|
|
272
|
+
tenantId?: ConfigLayerSource;
|
|
273
|
+
appId?: ConfigLayerSource;
|
|
274
|
+
}
|
|
275
|
+
/**
|
|
276
|
+
* Per-field source for debugging (first layer that supplied a non-empty value).
|
|
277
|
+
*/
|
|
278
|
+
declare function getConfigFieldSources(overrides?: HostConfigOverride): FieldSourceMap;
|
|
279
|
+
declare function getEffectiveTenantCode(overrides?: HostConfigOverride): string;
|
|
280
|
+
/** @alias getEffectiveTenantCode — tenant_key / tenant_code / clientCode from resolved config */
|
|
281
|
+
declare const getEffectiveTenantKey: typeof getEffectiveTenantCode;
|
|
282
|
+
interface GetAuthConfigOptions {
|
|
283
|
+
/** When true, throws if required OAuth / tenant fields are missing. */
|
|
284
|
+
strict?: boolean;
|
|
285
|
+
overrides?: HostConfigOverride;
|
|
286
|
+
}
|
|
287
|
+
declare class AuthConfigError extends Error {
|
|
288
|
+
readonly code = "AUTH_CONFIG_MISSING";
|
|
289
|
+
readonly missing: string[];
|
|
290
|
+
constructor(missing: string[], message?: string);
|
|
244
291
|
}
|
|
245
|
-
|
|
292
|
+
declare function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig;
|
|
293
|
+
/**
|
|
294
|
+
* Persist a non-authoritative copy for early readers (bootstrap before React).
|
|
295
|
+
* Never use as sole source of truth — memory/host win at resolve time.
|
|
296
|
+
*/
|
|
297
|
+
/**
|
|
298
|
+
* After logout or host-driven updates: persist a cache snapshot from current resolved SDK config (non-empty fields only).
|
|
299
|
+
*/
|
|
300
|
+
declare function syncHostConfigCacheFromMemory(): void;
|
|
301
|
+
declare function writeHostConfigCache(partial: HostConfigOverride): void;
|
|
302
|
+
/**
|
|
303
|
+
* Host entrypoint: merge into memory and optionally refresh storage cache.
|
|
304
|
+
*/
|
|
305
|
+
declare function initPlugin(config: HostConfigOverride, opts?: {
|
|
306
|
+
syncStorageCache?: boolean;
|
|
307
|
+
}): void;
|
|
308
|
+
declare function logConfigResolutionDebug(context: string, overrides?: HostConfigOverride): void;
|
|
246
309
|
|
|
247
310
|
/**
|
|
248
311
|
* OAuth constants and storage keys. No config resolution — pure constants.
|
|
@@ -267,25 +330,24 @@ declare const STORAGE_KEYS: {
|
|
|
267
330
|
readonly expiresAt: "tenneo_auth_expires_at";
|
|
268
331
|
};
|
|
269
332
|
|
|
270
|
-
/**
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
* Everything comes from the host app via `setConfig()` / `AuthProvider` props.
|
|
275
|
-
*/
|
|
276
|
-
|
|
277
|
-
declare function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig;
|
|
333
|
+
/** Resolved config; pass `{ strict: true }` to fail fast if OAuth fields are missing. */
|
|
334
|
+
declare function getAuthConfig(options?: GetAuthConfigOptions): ResolvedConfig;
|
|
335
|
+
/** Fail fast when authServerUrl, callbackUrl, or tenant are missing. */
|
|
336
|
+
declare function requireAuthConfig(overrides?: HostConfigOverride): ResolvedConfig;
|
|
278
337
|
declare function getConfig(): ResolvedConfig;
|
|
279
|
-
/** Public helper: host + internal code can use this as the single source of truth for auth config. */
|
|
280
|
-
declare function getAuthConfig(): ResolvedConfig;
|
|
281
|
-
declare function setConfig(overrides: HostConfigOverride): void;
|
|
282
338
|
declare const Config: {
|
|
283
339
|
readonly getApiBaseUrl: () => string;
|
|
284
340
|
readonly getAuthServerUrl: () => string;
|
|
285
341
|
readonly getClientCode: () => string;
|
|
286
342
|
readonly getRedirectUri: () => string;
|
|
287
|
-
readonly getAll: () =>
|
|
343
|
+
readonly getAll: () => ResolvedConfig;
|
|
288
344
|
};
|
|
345
|
+
/**
|
|
346
|
+
* Apply tenant switch in runtime config (memory + optional cache). Does not read stale snapshots.
|
|
347
|
+
*/
|
|
348
|
+
declare function applyRuntimeTenantSwitch(tenantKey: string, opts?: {
|
|
349
|
+
syncStorageCache?: boolean;
|
|
350
|
+
}): void;
|
|
289
351
|
|
|
290
352
|
/**
|
|
291
353
|
* React Context Provider for authentication state (FINAL)
|
|
@@ -518,6 +580,21 @@ declare function startCookieWatcher(): void;
|
|
|
518
580
|
declare function stopCookieWatcher(): void;
|
|
519
581
|
declare function resetCookieWatcher(): void;
|
|
520
582
|
|
|
583
|
+
/**
|
|
584
|
+
* Storage watcher to detect manual storage clears and restart auth flow.
|
|
585
|
+
* Infrastructure layer: uses storage and callback; application sets callback to bootstrap.
|
|
586
|
+
*/
|
|
587
|
+
declare function startStorageWatcher(): void;
|
|
588
|
+
declare function stopStorageWatcher(): void;
|
|
589
|
+
|
|
590
|
+
/**
|
|
591
|
+
* Suppress watcher side effects during intentional auth teardown (e.g. logout).
|
|
592
|
+
* Deterministic: set before storage/cookie mutation, clear after cleanup completes.
|
|
593
|
+
*/
|
|
594
|
+
declare function suspendWatchers(): number;
|
|
595
|
+
declare function resumeWatchers(expectedGen?: number): void;
|
|
596
|
+
declare function areWatchersSuspended(): boolean;
|
|
597
|
+
|
|
521
598
|
/**
|
|
522
599
|
* Structured auth event emitter for observability and audit.
|
|
523
600
|
*/
|
|
@@ -546,4 +623,4 @@ type AuthEventHandler = (payload?: AuthEventPayload) => void;
|
|
|
546
623
|
declare function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void;
|
|
547
624
|
declare function subscribeAuthEvent(event: AuthEventName | '*', handler: AuthEventHandler): () => void;
|
|
548
625
|
|
|
549
|
-
export { AuthCallback, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type HostConfigOverride, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type SDKConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthConfig, getAuthRuntime, getConfig, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, isAccessTokenExpired, isCallbackUrl, logout, refreshAccessToken, resetCookieWatcher, resolveConfig, resolveTenant, sanitizeErrorMessage, setAuthRuntime, setConfig, setStorageContext, startCookieWatcher, stopCookieWatcher, subscribeAuthEvent, useAuth, useAuthContext, useAuthInit };
|
|
626
|
+
export { AuthCallback, AuthConfigError, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigLayerSource, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type FieldSourceMap, type GetAuthConfigOptions, type HostConfigOverride, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type SDKConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, applyRuntimeTenantSwitch, areWatchersSuspended, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthConfig, getAuthRuntime, getConfig, getConfigFieldSources, getEffectiveTenantCode, getEffectiveTenantKey, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, initPlugin, isAccessTokenExpired, isCallbackUrl, logConfigResolutionDebug, logout, refreshAccessToken, requireAuthConfig, resetCookieWatcher, resolveConfig, resolveTenant, resumeWatchers, sanitizeErrorMessage, setAuthRuntime, setConfig, setHostConfigProvider, setStorageContext, startCookieWatcher, startStorageWatcher, stopCookieWatcher, stopStorageWatcher, subscribeAuthEvent, suspendWatchers, syncHostConfigCacheFromMemory, useAuth, useAuthContext, useAuthInit, writeHostConfigCache };
|
package/dist/index.d.ts
CHANGED
|
@@ -6,29 +6,27 @@ import React from 'react';
|
|
|
6
6
|
declare function bootstrap(): Promise<void>;
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
|
-
* Logout
|
|
10
|
-
* Clears session auth data and performs server logout when possible.
|
|
9
|
+
* Logout: idempotent, host-driven config, no fragile host_config snapshot/restore.
|
|
11
10
|
*
|
|
12
|
-
*
|
|
13
|
-
* -
|
|
14
|
-
* -
|
|
15
|
-
* -
|
|
16
|
-
* - Watcher lifecycle correctness
|
|
17
|
-
* - CSRF protection (when host app provides a token)
|
|
11
|
+
* - Watchers suspended during teardown to avoid bootstrap races
|
|
12
|
+
* - Server logout: POST only (no unsafe GET fallback)
|
|
13
|
+
* - Local state always cleared even if server fails
|
|
14
|
+
* - Storage cache refreshed from current runtime config (memory/host), never a stale snapshot
|
|
18
15
|
*/
|
|
19
16
|
interface LogoutResponse {
|
|
20
17
|
success?: boolean;
|
|
21
18
|
message?: string;
|
|
22
19
|
logout?: boolean;
|
|
23
20
|
}
|
|
24
|
-
|
|
25
|
-
* Public logout API – keeps signature/backward-compatibility.
|
|
26
|
-
*/
|
|
27
|
-
declare function logout(tenantKey?: string): Promise<{
|
|
21
|
+
type LogoutResult = {
|
|
28
22
|
success: boolean;
|
|
29
23
|
message: string;
|
|
30
24
|
serverResponse?: LogoutResponse;
|
|
31
|
-
}
|
|
25
|
+
};
|
|
26
|
+
/**
|
|
27
|
+
* Idempotent logout: coalesces concurrent calls in the same JS realm; cross-tab deduped via short lock.
|
|
28
|
+
*/
|
|
29
|
+
declare function logout(tenantKey?: string): Promise<LogoutResult>;
|
|
32
30
|
|
|
33
31
|
/**
|
|
34
32
|
* Domain types for the authentication gateway plugin.
|
|
@@ -221,6 +219,8 @@ interface SDKConfig {
|
|
|
221
219
|
authServerUrl?: string;
|
|
222
220
|
/** Callback/redirect URL (full URL). */
|
|
223
221
|
callbackUrl?: string;
|
|
222
|
+
/** Alias some hosts use for OAuth redirect URI (same as callbackUrl). */
|
|
223
|
+
redirectUri?: string;
|
|
224
224
|
/** Optional tenant code/key (used for tenant resolution). */
|
|
225
225
|
tenantCode?: string;
|
|
226
226
|
tenantKey?: string;
|
|
@@ -241,8 +241,71 @@ interface ResolvedConfig {
|
|
|
241
241
|
clientCode: string;
|
|
242
242
|
tenantCode: string;
|
|
243
243
|
appId: string;
|
|
244
|
+
/** OAuth client id (may match clientCode / public client). */
|
|
245
|
+
clientId: string;
|
|
246
|
+
/** Tenant id from tenant resolution API when available. */
|
|
247
|
+
tenantId: string;
|
|
248
|
+
}
|
|
249
|
+
|
|
250
|
+
/**
|
|
251
|
+
* Host-aware config resolution: memory → host bridge (window / provider) → storage cache (fallback).
|
|
252
|
+
* Does not import application/storage barrel to avoid circular deps — uses storage/kv only.
|
|
253
|
+
*/
|
|
254
|
+
|
|
255
|
+
type ConfigLayerSource = 'override' | 'memory' | 'host_bridge' | 'storage_cache';
|
|
256
|
+
declare global {
|
|
257
|
+
interface Window {
|
|
258
|
+
/** Optional host-injected auth config (runtime). Lowest priority vs setConfig memory, above storage cache. */
|
|
259
|
+
__TENNEO_AUTH_HOST__?: Partial<SDKConfig>;
|
|
260
|
+
}
|
|
261
|
+
}
|
|
262
|
+
declare function setConfig(overrides: HostConfigOverride): void;
|
|
263
|
+
declare function setHostConfigProvider(fn: (() => Partial<SDKConfig> | null | undefined) | null): void;
|
|
264
|
+
interface FieldSourceMap {
|
|
265
|
+
tenantCode?: ConfigLayerSource;
|
|
266
|
+
tenantKey?: ConfigLayerSource;
|
|
267
|
+
apiBaseUrl?: ConfigLayerSource;
|
|
268
|
+
authServerUrl?: ConfigLayerSource;
|
|
269
|
+
callbackUrl?: ConfigLayerSource;
|
|
270
|
+
clientCode?: ConfigLayerSource;
|
|
271
|
+
clientId?: ConfigLayerSource;
|
|
272
|
+
tenantId?: ConfigLayerSource;
|
|
273
|
+
appId?: ConfigLayerSource;
|
|
274
|
+
}
|
|
275
|
+
/**
|
|
276
|
+
* Per-field source for debugging (first layer that supplied a non-empty value).
|
|
277
|
+
*/
|
|
278
|
+
declare function getConfigFieldSources(overrides?: HostConfigOverride): FieldSourceMap;
|
|
279
|
+
declare function getEffectiveTenantCode(overrides?: HostConfigOverride): string;
|
|
280
|
+
/** @alias getEffectiveTenantCode — tenant_key / tenant_code / clientCode from resolved config */
|
|
281
|
+
declare const getEffectiveTenantKey: typeof getEffectiveTenantCode;
|
|
282
|
+
interface GetAuthConfigOptions {
|
|
283
|
+
/** When true, throws if required OAuth / tenant fields are missing. */
|
|
284
|
+
strict?: boolean;
|
|
285
|
+
overrides?: HostConfigOverride;
|
|
286
|
+
}
|
|
287
|
+
declare class AuthConfigError extends Error {
|
|
288
|
+
readonly code = "AUTH_CONFIG_MISSING";
|
|
289
|
+
readonly missing: string[];
|
|
290
|
+
constructor(missing: string[], message?: string);
|
|
244
291
|
}
|
|
245
|
-
|
|
292
|
+
declare function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig;
|
|
293
|
+
/**
|
|
294
|
+
* Persist a non-authoritative copy for early readers (bootstrap before React).
|
|
295
|
+
* Never use as sole source of truth — memory/host win at resolve time.
|
|
296
|
+
*/
|
|
297
|
+
/**
|
|
298
|
+
* After logout or host-driven updates: persist a cache snapshot from current resolved SDK config (non-empty fields only).
|
|
299
|
+
*/
|
|
300
|
+
declare function syncHostConfigCacheFromMemory(): void;
|
|
301
|
+
declare function writeHostConfigCache(partial: HostConfigOverride): void;
|
|
302
|
+
/**
|
|
303
|
+
* Host entrypoint: merge into memory and optionally refresh storage cache.
|
|
304
|
+
*/
|
|
305
|
+
declare function initPlugin(config: HostConfigOverride, opts?: {
|
|
306
|
+
syncStorageCache?: boolean;
|
|
307
|
+
}): void;
|
|
308
|
+
declare function logConfigResolutionDebug(context: string, overrides?: HostConfigOverride): void;
|
|
246
309
|
|
|
247
310
|
/**
|
|
248
311
|
* OAuth constants and storage keys. No config resolution — pure constants.
|
|
@@ -267,25 +330,24 @@ declare const STORAGE_KEYS: {
|
|
|
267
330
|
readonly expiresAt: "tenneo_auth_expires_at";
|
|
268
331
|
};
|
|
269
332
|
|
|
270
|
-
/**
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
* Everything comes from the host app via `setConfig()` / `AuthProvider` props.
|
|
275
|
-
*/
|
|
276
|
-
|
|
277
|
-
declare function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig;
|
|
333
|
+
/** Resolved config; pass `{ strict: true }` to fail fast if OAuth fields are missing. */
|
|
334
|
+
declare function getAuthConfig(options?: GetAuthConfigOptions): ResolvedConfig;
|
|
335
|
+
/** Fail fast when authServerUrl, callbackUrl, or tenant are missing. */
|
|
336
|
+
declare function requireAuthConfig(overrides?: HostConfigOverride): ResolvedConfig;
|
|
278
337
|
declare function getConfig(): ResolvedConfig;
|
|
279
|
-
/** Public helper: host + internal code can use this as the single source of truth for auth config. */
|
|
280
|
-
declare function getAuthConfig(): ResolvedConfig;
|
|
281
|
-
declare function setConfig(overrides: HostConfigOverride): void;
|
|
282
338
|
declare const Config: {
|
|
283
339
|
readonly getApiBaseUrl: () => string;
|
|
284
340
|
readonly getAuthServerUrl: () => string;
|
|
285
341
|
readonly getClientCode: () => string;
|
|
286
342
|
readonly getRedirectUri: () => string;
|
|
287
|
-
readonly getAll: () =>
|
|
343
|
+
readonly getAll: () => ResolvedConfig;
|
|
288
344
|
};
|
|
345
|
+
/**
|
|
346
|
+
* Apply tenant switch in runtime config (memory + optional cache). Does not read stale snapshots.
|
|
347
|
+
*/
|
|
348
|
+
declare function applyRuntimeTenantSwitch(tenantKey: string, opts?: {
|
|
349
|
+
syncStorageCache?: boolean;
|
|
350
|
+
}): void;
|
|
289
351
|
|
|
290
352
|
/**
|
|
291
353
|
* React Context Provider for authentication state (FINAL)
|
|
@@ -518,6 +580,21 @@ declare function startCookieWatcher(): void;
|
|
|
518
580
|
declare function stopCookieWatcher(): void;
|
|
519
581
|
declare function resetCookieWatcher(): void;
|
|
520
582
|
|
|
583
|
+
/**
|
|
584
|
+
* Storage watcher to detect manual storage clears and restart auth flow.
|
|
585
|
+
* Infrastructure layer: uses storage and callback; application sets callback to bootstrap.
|
|
586
|
+
*/
|
|
587
|
+
declare function startStorageWatcher(): void;
|
|
588
|
+
declare function stopStorageWatcher(): void;
|
|
589
|
+
|
|
590
|
+
/**
|
|
591
|
+
* Suppress watcher side effects during intentional auth teardown (e.g. logout).
|
|
592
|
+
* Deterministic: set before storage/cookie mutation, clear after cleanup completes.
|
|
593
|
+
*/
|
|
594
|
+
declare function suspendWatchers(): number;
|
|
595
|
+
declare function resumeWatchers(expectedGen?: number): void;
|
|
596
|
+
declare function areWatchersSuspended(): boolean;
|
|
597
|
+
|
|
521
598
|
/**
|
|
522
599
|
* Structured auth event emitter for observability and audit.
|
|
523
600
|
*/
|
|
@@ -546,4 +623,4 @@ type AuthEventHandler = (payload?: AuthEventPayload) => void;
|
|
|
546
623
|
declare function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void;
|
|
547
624
|
declare function subscribeAuthEvent(event: AuthEventName | '*', handler: AuthEventHandler): () => void;
|
|
548
625
|
|
|
549
|
-
export { AuthCallback, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type HostConfigOverride, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type SDKConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthConfig, getAuthRuntime, getConfig, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, isAccessTokenExpired, isCallbackUrl, logout, refreshAccessToken, resetCookieWatcher, resolveConfig, resolveTenant, sanitizeErrorMessage, setAuthRuntime, setConfig, setStorageContext, startCookieWatcher, stopCookieWatcher, subscribeAuthEvent, useAuth, useAuthContext, useAuthInit };
|
|
626
|
+
export { AuthCallback, AuthConfigError, type AuthContextValue, type AuthEngine, type AuthEngineConfig, type AuthEngineState, type AuthEventHandler, type AuthEventName, AuthEventNames, type AuthEventPayload, AuthProvider, type AuthRuntime, type AuthState, type AuthStateListener, type AuthStrategy, type AuthTokens, Config, type ConfigLayerSource, type ConfigProvider, type CookieClearer, type CurrentUrl, type EnvConfig, type FieldSourceMap, type GetAuthConfigOptions, type HostConfigOverride, type Logger, OAUTH_CONSTANTS, ProtectedRoute, type ResolvedConfig, type SDKConfig, STORAGE_KEYS, STORAGE_KEY_PREFIX, SanitizedError, type StorageAdapter, type StorageNamespace, type TenantConfig, type TenantResolver, type TokenResponse, type TokenStorageAdapter, type Unsubscribe, type UrlProvider, applyRuntimeTenantSwitch, areWatchersSuspended, bootstrap, buildStorageKey, createAuthEngine, createCookieStorageAdapter, createMemoryStorageAdapter, createOAuth2PkceStrategy, createSecureSessionStorageAdapter, emitAuthEvent, enforceHttps, ensureValidAccessToken, extractTenantKey, getAccessToken$1 as getAccessToken, getAuthConfig, getAuthRuntime, getConfig, getConfigFieldSources, getEffectiveTenantCode, getEffectiveTenantKey, getStorageAdapter, getStorageNamespace, getAccessToken as getStoredAccessToken, initPlugin, isAccessTokenExpired, isCallbackUrl, logConfigResolutionDebug, logout, refreshAccessToken, requireAuthConfig, resetCookieWatcher, resolveConfig, resolveTenant, resumeWatchers, sanitizeErrorMessage, setAuthRuntime, setConfig, setHostConfigProvider, setStorageContext, startCookieWatcher, startStorageWatcher, stopCookieWatcher, stopStorageWatcher, subscribeAuthEvent, suspendWatchers, syncHostConfigCacheFromMemory, useAuth, useAuthContext, useAuthInit, writeHostConfigCache };
|