varminer-app-header 2.2.1 → 2.2.3

package/dist/index.d.ts

@@ -79,21 +79,38 @@ interface UserDetailsItem {
  * Does not write or overwrite this key; IAM app is the source of truth.
  */
 declare function getStoredUserDetails(): UserDetailsItem | null;
+/** Unique localStorage key for this header package. Used only for access token; user details come from IAM (linn-i-am-userDetails). */
+declare const PERSIST_HEADER_KEY = "persist:varminer-app-header";
+/** Auth shape stored under PERSIST_HEADER_KEY. Host app should call setHeaderAuth after login so the header can make authenticated calls. */
+interface HeaderAuthState {
+    accessToken?: string;
+    refreshToken?: string;
+    user_id?: number | string;
+    [key: string]: unknown;
+}
+/**
+ * Store auth (e.g. accessToken) in the header's own persist key. Call this after login so the header can use the token for profile picture etc.
+ * User details are not stored here; they come from IAM (linn-i-am-userDetails).
+ */
+declare function setHeaderAuth(auth: HeaderAuthState | null): void;
+/**
+ * User display data: from IAM only (linn-i-am-userDetails). No dependency on persist:userdb.
+ */
 declare const getUserDataFromStorage: () => {
-    name: any;
-    email: any;
-    role: any;
-    avatar: any;
-    initials: any;
+    name: string;
+    email: string;
+    role: string;
+    avatar?: string;
+    initials?: string;
 } | null;
 declare const getNotificationCountFromStorage: () => number;
 declare const getMessageCountFromStorage: () => number | undefined;
 declare const getI18nLocaleFromStorage: () => string | null;
 declare const setI18nLocaleToStorage: (locale: string) => void;
 /**
- * Get all data from localStorage (persist:userdb) including decoded accessToken
- * This function reads all available data without hardcoding and doesn't require any parameters
- * @returns Comprehensive object containing all available data from localStorage and decoded JWT payload
+ * Get auth (and decoded token) for header use. Reads from header's own persist key first; falls back to persist:userdb only for access token.
+ * User details are not read from userdb—use getStoredUserDetails / getUserDataFromStorage (IAM) for that.
+ * @returns Object with auth, decodedToken, and other keys (user/userDetails/profile null when using header key)
  */
 declare const getAllDataFromStorage: () => any;
 /**
@@ -102,33 +119,7 @@ declare const getAllDataFromStorage: () => any;
  * @returns Profile picture URL or null if user_id is not available
  */
 declare const getProfilePictureUrl: (baseUrl?: string) => string | null;
-/**
- * Get profile picture upload URL for the object store API.
- * URL format: {baseUrl}/v1/objectStore/profilePictureUpload?tenantId=&userId=&roleId=
- * @param baseUrl - Base URL for the object store API (default: http://objectstore.impact0mics.local:9012)
- * @returns Full upload URL with query params, or null if tenantId, userId, or roleId is missing
- */
-declare const getProfilePictureUploadUrl: (baseUrl?: string) => string | null;
-/**
- * Fetch profile picture from API with headers, get S3 URL, generate presigned URL, and return as blob URL
- * This function:
- * 1. Fetches the profile picture path from the API
- * 2. Extracts the S3 filePath from the JSON response
- * 3. Generates a presigned URL for the S3 object
- * 4. Fetches the image using the presigned URL
- * 5. Converts it to a blob URL that can be used in img src
- * @param baseUrl - Base URL for the object store API (default: http://objectstore.impact0mics.local:9012)
- * @param messageId - Optional message ID for X-Message-Id header (default: generated UUID)
- * @param correlationId - Optional correlation ID for X-Correlation-Id header (default: generated UUID)
- * @param awsConfig - AWS configuration (accessKeyId, secretAccessKey, region, bucket)
- * @returns Promise that resolves to blob URL string or null if fetch fails
- */
-declare const fetchProfilePictureAsBlobUrl: (baseUrl?: string, messageId?: string, correlationId?: string, awsConfig?: {
-    accessKeyId: string;
-    secretAccessKey: string;
-    region?: string;
-    bucket?: string;
-}) => Promise<string | null>;
+declare const fetchProfilePictureAsBlobUrl: (baseUrl?: string) => Promise<string | null>;
 
-export { AppHeader, DrawerProvider, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUploadUrl, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setI18nLocaleToStorage, translations, useDrawer };
-export type { AppHeaderProps, SupportedLanguage, Translations, UserDetailsItem, UserDetailsStoredResponse, UserProfile };
+export { AppHeader, DrawerProvider, PERSIST_HEADER_KEY, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setHeaderAuth, setI18nLocaleToStorage, translations, useDrawer };
+export type { AppHeaderProps, HeaderAuthState, SupportedLanguage, Translations, UserDetailsItem, UserDetailsStoredResponse, UserProfile };

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,SAAS,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5D,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACrE,YAAY,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EACL,wBAAwB,EACxB,oBAAoB,EACpB,sBAAsB,EACtB,+BAA+B,EAC/B,0BAA0B,EAC1B,wBAAwB,EACxB,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,0BAA0B,EAC1B,4BAA4B,GAC7B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,eAAe,EAAE,yBAAyB,EAAE,MAAM,sBAAsB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,SAAS,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5D,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACrE,YAAY,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,oBAAoB,EACpB,aAAa,EACb,sBAAsB,EACtB,+BAA+B,EAC/B,0BAA0B,EAC1B,wBAAwB,EACxB,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,4BAA4B,GAC7B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,eAAe,EAAE,yBAAyB,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/index.esm.js

@@ -57,77 +57,38 @@ function getStoredUserDetails() {
         return null;
     }
 }
-const getUserDataFromStorage = () => {
-    // Prefer IAM user details when available (same origin, after verify-OTP)
-    const iamUser = getStoredUserDetails();
-    if (iamUser) {
-        const name = [iamUser.firstName, iamUser.lastName].filter(Boolean).join(" ").trim();
-        const role = iamUser.roles?.length ? iamUser.roles[0] : iamUser.workInfo?.jobTitle ?? "";
-        return {
-            name: name || "",
-            email: iamUser.email || "",
-            role: role || "",
-            avatar: undefined,
-            initials: name ? name.split(/\s+/).map((s) => s[0]).join("").slice(0, 2).toUpperCase() : undefined,
-        };
+// --- Header-owned persist store (unique key, no conflict with other apps) ---
+/** Unique localStorage key for this header package. Used only for access token; user details come from IAM (linn-i-am-userDetails). */
+const PERSIST_HEADER_KEY = "persist:varminer-app-header";
+/**
+ * Store auth (e.g. accessToken) in the header's own persist key. Call this after login so the header can use the token for profile picture etc.
+ * User details are not stored here; they come from IAM (linn-i-am-userDetails).
+ */
+function setHeaderAuth(auth) {
+    try {
+        const payload = auth ? { auth } : {};
+        localStorage.setItem(PERSIST_HEADER_KEY, JSON.stringify(payload));
     }
-    const userDbString = localStorage.getItem("persist:userdb");
-    if (userDbString) {
-        try {
-            const parsedOuter = JSON.parse(userDbString);
-            const parseNested = (value) => {
-                if (typeof value === 'string') {
-                    try {
-                        return JSON.parse(value);
-                    }
-                    catch {
-                        return value;
-                    }
-                }
-                return value;
-            };
-            let userData = null;
-            if (parsedOuter.userDetails) {
-                const parsedUserDetails = parseNested(parsedOuter.userDetails);
-                userData = parsedUserDetails.user || parsedUserDetails.data || parsedUserDetails;
-            }
-            if (!userData && parsedOuter.user) {
-                const parsedUser = parseNested(parsedOuter.user);
-                userData = parsedUser.user || parsedUser.data || parsedUser.currentUser || parsedUser;
-            }
-            if (!userData && parsedOuter.authDetails) {
-                const parsedAuthDetails = parseNested(parsedOuter.authDetails);
-                if (parsedAuthDetails.auth) {
-                    userData = parsedAuthDetails.auth.user || parsedAuthDetails.auth.userData;
-                }
-                if (!userData) {
-                    userData = parsedAuthDetails.user || parsedAuthDetails.userData || parsedAuthDetails.currentUser;
-                }
-            }
-            if (!userData && parsedOuter.profile) {
-                const parsedProfile = parseNested(parsedOuter.profile);
-                userData = parsedProfile.user || parsedProfile.data || parsedProfile;
-            }
-            if (userData) {
-                let name = userData.name || userData.fullName || userData.userName || "";
-                if (!name && (userData.firstName || userData.lastName)) {
-                    name = [userData.firstName, userData.lastName].filter(Boolean).join(' ');
-                }
-                return {
-                    name: name || "",
-                    email: userData.email || userData.emailAddress || "",
-                    role: userData.role || userData.userRole || userData.designation || userData.title || "",
-                    avatar: userData.avatar || userData.profilePicture || userData.imageUrl || userData.profileImage,
-                    initials: userData.initials,
-                };
-            }
-        }
-        catch (err) {
-            console.error("Error parsing user data from localStorage:", err);
-            return null;
-        }
+    catch (err) {
+        console.error("Error setting header auth:", err);
     }
-    return null;
+}
+/**
+ * User display data: from IAM only (linn-i-am-userDetails). No dependency on persist:userdb.
+ */
+const getUserDataFromStorage = () => {
+    const iamUser = getStoredUserDetails();
+    if (!iamUser)
+        return null;
+    const name = [iamUser.firstName, iamUser.lastName].filter(Boolean).join(" ").trim();
+    const role = iamUser.roles?.length ? iamUser.roles[0] : iamUser.workInfo?.jobTitle ?? "";
+    return {
+        name: name || "",
+        email: iamUser.email || "",
+        role: role || "",
+        avatar: undefined,
+        initials: name ? name.split(/\s+/).map((s) => s[0]).join("").slice(0, 2).toUpperCase() : undefined,
+    };
 };
 const getNotificationCountFromStorage = () => {
     const userDbString = localStorage.getItem("persist:userdb");
@@ -243,26 +204,91 @@ const decodeJWT = (token) => {
         return null;
     }
 };
+const emptyStorageResult = () => ({
+    auth: null,
+    user: null,
+    authDetails: null,
+    userDetails: null,
+    profile: null,
+    notifications: null,
+    messages: null,
+    app: null,
+    decodedToken: null,
+    rawData: null,
+});
 /**
- * Get all data from localStorage (persist:userdb) including decoded accessToken
- * This function reads all available data without hardcoding and doesn't require any parameters
- * @returns Comprehensive object containing all available data from localStorage and decoded JWT payload
+ * Get auth (and decoded token) for header use. Reads from header's own persist key first; falls back to persist:userdb only for access token.
+ * User details are not read from userdb—use getStoredUserDetails / getUserDataFromStorage (IAM) for that.
+ * @returns Object with auth, decodedToken, and other keys (user/userDetails/profile null when using header key)
  */
 const getAllDataFromStorage = () => {
+    // Prefer header-owned persist key (unique, no conflict with other apps)
+    const headerStr = localStorage.getItem(PERSIST_HEADER_KEY);
+    if (headerStr) {
+        try {
+            const parsed = JSON.parse(headerStr);
+            const auth = parsed?.auth;
+            const accessToken = auth?.accessToken ?? auth?.access_token ?? auth?.token;
+            if (accessToken && typeof accessToken === "string") {
+                const decodedToken = decodeJWT(accessToken);
+                return {
+                    ...emptyStorageResult(),
+                    auth: auth,
+                    decodedToken: decodedToken ? Object.fromEntries(Object.entries(decodedToken).map(([k, v]) => [k, v ?? null])) : null,
+                    rawData: parsed,
+                };
+            }
+        }
+        catch (err) {
+            console.error("Error parsing header persist:", err);
+        }
+    }
+    // Fallback: try IAM persist key (persist:linn-i-am) then persist:userdb
+    const tryParsePersistForAuth = (raw) => {
+        if (!raw)
+            return null;
+        try {
+            const outer = JSON.parse(raw);
+            const parseNested = (v) => typeof v === "string" ? (() => { try {
+                return JSON.parse(v);
+            }
+            catch {
+                return v;
+            } })() : v;
+            for (const key of Object.keys(outer)) {
+                const parsed = parseNested(outer[key]);
+                if (parsed?.accessToken || parsed?.access_token || parsed?.token || parsed?.refreshToken)
+                    return parsed;
+                if (parsed?.auth && typeof parsed.auth === "object") {
+                    const a = parsed.auth;
+                    if (a.accessToken || a.access_token || a.token)
+                        return a;
+                }
+            }
+        }
+        catch {
+            /* ignore */
+        }
+        return null;
+    };
+    const iamPersist = localStorage.getItem("persist:linn-i-am");
+    const iamAuth = tryParsePersistForAuth(iamPersist);
+    if (iamAuth) {
+        const token = (iamAuth.accessToken ?? iamAuth.access_token ?? iamAuth.token);
+        if (token) {
+            const decodedToken = decodeJWT(token);
+            return {
+                ...emptyStorageResult(),
+                auth: iamAuth,
+                decodedToken: decodedToken ? Object.fromEntries(Object.entries(decodedToken).map(([k, v]) => [k, v ?? null])) : null,
+                rawData: iamAuth,
+            };
+        }
+    }
+    // Fallback: read access token from persist:userdb (e.g. legacy or shared auth)
     const userDbString = localStorage.getItem("persist:userdb");
     if (!userDbString) {
-        return {
-            auth: null,
-            user: null,
-            authDetails: null,
-            userDetails: null,
-            profile: null,
-            notifications: null,
-            messages: null,
-            app: null,
-            decodedToken: null,
-            rawData: null,
-        };
+        return emptyStorageResult();
     }
     try {
         const parsedOuter = JSON.parse(userDbString);
@@ -281,17 +307,14 @@ const getAllDataFromStorage = () => {
         // Parse all top-level keys dynamically (no hardcoding)
         const parsedData = {};
         let authData = null;
-        // Helper to recursively find auth data (contains accessToken or refreshToken)
+        // Helper to recursively find auth data (contains accessToken, access_token, token, or refreshToken)
         const findAuthData = (obj) => {
             if (!obj || typeof obj !== 'object')
                 return null;
-            // Check if this object itself is auth data
-            if (obj.accessToken || obj.refreshToken) {
+            if (obj.accessToken || obj.access_token || obj.token || obj.refreshToken)
                 return obj;
-            }
-            // Recursively search in nested objects
             for (const key in obj) {
-                if (obj.hasOwnProperty(key)) {
+                if (Object.prototype.hasOwnProperty.call(obj, key)) {
                     const nested = findAuthData(obj[key]);
                     if (nested)
                         return nested;
@@ -309,9 +332,11 @@ const getAllDataFromStorage = () => {
                 parsedData.auth = authData;
             }
         });
-        // Get accessToken and decode it
+        // Get accessToken (support accessToken, access_token, token) and decode it
         let decodedToken = null;
-        const accessToken = authData?.accessToken || parsedData.auth?.accessToken || parsedData.authDetails?.accessToken;
+        const accessToken = authData?.accessToken ?? authData?.access_token ?? authData?.token ??
+            parsedData.auth?.accessToken ?? parsedData.auth?.access_token ?? parsedData.auth?.token ??
+            parsedData.authDetails?.accessToken ?? parsedData.authDetails?.access_token ?? parsedData.authDetails?.token;
         if (accessToken) {
             decodedToken = decodeJWT(accessToken);
         }
@@ -340,19 +365,7 @@ const getAllDataFromStorage = () => {
     }
     catch (err) {
         console.error("Error parsing all data from localStorage:", err);
-        return {
-            auth: null,
-            user: null,
-            authDetails: null,
-            userDetails: null,
-            profile: null,
-            notifications: null,
-            messages: null,
-            app: null,
-            decodedToken: null,
-            rawData: null,
-            error: err instanceof Error ? err.message : 'Unknown error',
-        };
+        return { ...emptyStorageResult(), error: err instanceof Error ? err.message : "Unknown error" };
     }
 };
 /**
@@ -374,206 +387,43 @@ const getProfilePictureUrl = (baseUrl = "http://objectstore.impact0mics.local:90
     }
 };
 /**
- * Get profile picture upload URL for the object store API.
- * URL format: {baseUrl}/v1/objectStore/profilePictureUpload?tenantId=&userId=&roleId=
- * @param baseUrl - Base URL for the object store API (default: http://objectstore.impact0mics.local:9012)
- * @returns Full upload URL with query params, or null if tenantId, userId, or roleId is missing
- */
-const getProfilePictureUploadUrl = (baseUrl = "http://objectstore.impact0mics.local:9012") => {
-    try {
-        const allData = getAllDataFromStorage();
-        const iamUser = getStoredUserDetails();
-        const tenantId = allData.decodedToken?.tenant_id ??
-            allData.decodedToken?.tenant ??
-            allData.auth?.tenant_id ??
-            allData.auth?.tenant ??
-            null;
-        const userId = allData.decodedToken?.user_id ??
-            allData.auth?.user_id ??
-            iamUser?.userId ??
-            null;
-        const roleId = allData.decodedToken?.role_id ??
-            allData.auth?.role_id ??
-            null;
-        if (tenantId == null || userId == null || roleId == null)
-            return null;
-        const cleanBaseUrl = baseUrl.replace(/\/$/, "");
-        const params = new URLSearchParams({
-            tenantId: String(tenantId),
-            userId: String(userId),
-            roleId: String(roleId),
-        });
-        return `${cleanBaseUrl}/v1/objectStore/profilePictureUpload?${params.toString()}`;
-    }
-    catch (err) {
-        console.error("Error getting profile picture upload URL:", err);
-        return null;
-    }
-};
-/**
- * Generate AWS S3 presigned URL for accessing S3 object
- * @param s3Url - Full S3 URL (e.g., https://bucket.s3.region.amazonaws.com/key)
- * @param accessKeyId - AWS Access Key ID
- * @param secretAccessKey - AWS Secret Access Key
- * @param region - AWS Region (default: ap-south-2)
- * @param expiresIn - Expiration time in seconds (default: 3600 = 1 hour)
- * @returns Presigned URL string
- */
-const generateS3PresignedUrl = async (s3Url, accessKeyId, secretAccessKey, region = "ap-south-2", expiresIn = 3600) => {
-    try {
-        // Parse S3 URL to extract bucket, region, and key
-        // Format: https://bucket.s3.region.amazonaws.com/key or https://bucket.s3-region.amazonaws.com/key
-        const url = new URL(s3Url);
-        const hostnameParts = url.hostname.split('.');
-        let bucket = hostnameParts[0];
-        let extractedRegion = region;
-        // Try to extract region from hostname (format: bucket.s3.region.amazonaws.com)
-        if (hostnameParts.length >= 3 && hostnameParts[1] === 's3') {
-            extractedRegion = hostnameParts[2] || region;
-        }
-        else if (hostnameParts.length >= 2 && hostnameParts[1].startsWith('s3-')) {
-            // Format: bucket.s3-region.amazonaws.com
-            extractedRegion = hostnameParts[1].substring(3) || region;
-        }
-        const key = url.pathname.substring(1); // Remove leading slash
-        // AWS credentials
-        const awsAccessKeyId = accessKeyId;
-        const awsSecretAccessKey = secretAccessKey;
-        const awsRegion = extractedRegion;
-        // Current timestamp
-        const now = new Date();
-        const dateStamp = now.toISOString().slice(0, 10).replace(/-/g, '');
-        const amzDate = dateStamp + 'T' + now.toISOString().slice(11, 19).replace(/[:-]/g, '') + 'Z';
-        // Step 1: Create canonical request
-        const canonicalUri = '/' + encodeURIComponent(key).replace(/%2F/g, '/');
-        const canonicalQuerystring = `X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=${encodeURIComponent(awsAccessKeyId + '/' + dateStamp + '/' + awsRegion + '/s3/aws4_request')}&X-Amz-Date=${amzDate}&X-Amz-Expires=${expiresIn}&X-Amz-SignedHeaders=host`;
-        const canonicalHeaders = `host:${bucket}.s3.${awsRegion}.amazonaws.com\n`;
-        const signedHeaders = 'host';
-        const payloadHash = 'UNSIGNED-PAYLOAD';
-        const canonicalRequest = `GET\n${canonicalUri}\n${canonicalQuerystring}\n${canonicalHeaders}\n${signedHeaders}\n${payloadHash}`;
-        // Step 2: Create string to sign
-        const algorithm = 'AWS4-HMAC-SHA256';
-        const credentialScope = `${dateStamp}/${awsRegion}/s3/aws4_request`;
-        const stringToSign = `${algorithm}\n${amzDate}\n${credentialScope}\n${await sha256(canonicalRequest)}`;
-        // Step 3: Calculate signature
-        const kDate = await hmacSha256('AWS4' + awsSecretAccessKey, dateStamp);
-        const kRegion = await hmacSha256(kDate, awsRegion);
-        const kService = await hmacSha256(kRegion, 's3');
-        const kSigning = await hmacSha256(kService, 'aws4_request');
-        const signature = await hmacSha256(kSigning, stringToSign);
-        // Convert signature to hex
-        const signatureHex = arrayBufferToHex(signature);
-        // Step 4: Construct presigned URL
-        const presignedUrl = `https://${bucket}.s3.${awsRegion}.amazonaws.com${canonicalUri}?${canonicalQuerystring}&X-Amz-Signature=${signatureHex}`;
-        return presignedUrl;
-    }
-    catch (err) {
-        console.error("Error generating S3 presigned URL:", err);
-        throw err;
-    }
-};
-// Helper function for SHA-256 hashing
-const sha256 = async (message) => {
-    const msgBuffer = new TextEncoder().encode(message);
-    const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
-    return Array.from(new Uint8Array(hashBuffer))
-        .map(b => b.toString(16).padStart(2, '0'))
-        .join('');
-};
-// Helper function for HMAC-SHA256
-const hmacSha256 = async (key, message) => {
-    const encoder = new TextEncoder();
-    let keyBuffer;
-    if (typeof key === 'string') {
-        keyBuffer = encoder.encode(key);
-    }
-    else {
-        keyBuffer = new Uint8Array(key);
-    }
-    const messageBuffer = encoder.encode(message);
-    const cryptoKey = await crypto.subtle.importKey('raw', keyBuffer, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
-    return await crypto.subtle.sign('HMAC', cryptoKey, messageBuffer);
-};
-// Helper function to convert ArrayBuffer to hex string
-const arrayBufferToHex = (buffer) => {
-    return Array.from(new Uint8Array(buffer))
-        .map(b => b.toString(16).padStart(2, '0'))
-        .join('');
-};
-/**
- * Fetch profile picture from API with headers, get S3 URL, generate presigned URL, and return as blob URL
- * This function:
- * 1. Fetches the profile picture path from the API
- * 2. Extracts the S3 filePath from the JSON response
- * 3. Generates a presigned URL for the S3 object
- * 4. Fetches the image using the presigned URL
- * 5. Converts it to a blob URL that can be used in img src
+ * Fetch profile picture from object store API (plain GET with Authorization header).
+ * API returns the image directly; response is converted to a blob URL for use in img src.
  * @param baseUrl - Base URL for the object store API (default: http://objectstore.impact0mics.local:9012)
- * @param messageId - Optional message ID for X-Message-Id header (default: generated UUID)
- * @param correlationId - Optional correlation ID for X-Correlation-Id header (default: generated UUID)
- * @param awsConfig - AWS configuration (accessKeyId, secretAccessKey, region, bucket)
  * @returns Promise that resolves to blob URL string or null if fetch fails
  */
-const fetchProfilePictureAsBlobUrl = async (baseUrl = "http://objectstore.impact0mics.local:9012", messageId, correlationId, awsConfig) => {
+/** Resolve access token from auth object (supports accessToken, access_token, token). */
+function getAccessTokenFromAuth(auth) {
+    if (!auth || typeof auth !== "object")
+        return undefined;
+    const token = auth.accessToken ??
+        auth.access_token ??
+        auth.token;
+    return typeof token === "string" && token.length > 0 ? token : undefined;
+}
+const fetchProfilePictureAsBlobUrl = async (baseUrl = "http://objectstore.impact0mics.local:9012") => {
     try {
         const profilePictureUrl = getProfilePictureUrl(baseUrl);
-        if (!profilePictureUrl) {
-            return null;
-        }
-        // AWS credentials (default values provided by user)
-        const defaultAwsConfig = {
-            accessKeyId: "AKIAVRUVTJGLBCYZEI5L",
-            secretAccessKey: "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",
-            region: "ap-south-2",
-            bucket: "development-varminer-test"
-        };
-        const finalAwsConfig = awsConfig || defaultAwsConfig;
-        // Generate message ID and correlation ID if not provided
-        const msgId = messageId || `msg-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
-        const corrId = correlationId || `corr-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
-        // Step 1: Fetch the profile picture path from API (returns JSON with filePath)
-        const apiResponse = await fetch(profilePictureUrl, {
-            method: 'GET',
-            headers: {
-                'X-Message-Id': msgId,
-                'X-Correlation-Id': corrId,
-            },
-        });
-        // Check if the API response is successful
-        if (!apiResponse.ok) {
-            console.warn(`Failed to fetch profile picture path: ${apiResponse.status} ${apiResponse.statusText}`);
-            return null;
-        }
-        // Parse JSON response
-        const apiData = await apiResponse.json();
-        // Extract filePath from response
-        const s3Url = apiData?.filePath;
-        if (!s3Url || typeof s3Url !== 'string') {
-            console.warn('Profile picture API response does not contain valid filePath');
+        if (!profilePictureUrl)
             return null;
+        const allData = getAllDataFromStorage();
+        const accessToken = getAccessTokenFromAuth(allData.auth);
+        const headers = {};
+        if (accessToken) {
+            headers["Authorization"] = `Bearer ${accessToken}`;
         }
-        // Step 2: Generate presigned URL for S3 object
-        const presignedUrl = await generateS3PresignedUrl(s3Url, finalAwsConfig.accessKeyId, finalAwsConfig.secretAccessKey, finalAwsConfig.region);
-        // Step 3: Fetch the image using presigned URL
-        const imageResponse = await fetch(presignedUrl, {
-            method: 'GET',
-        });
-        // Check if the image response is successful
-        if (!imageResponse.ok) {
-            console.warn(`Failed to fetch profile picture image: ${imageResponse.status} ${imageResponse.statusText}`);
+        const response = await fetch(profilePictureUrl, { method: "GET", headers });
+        if (!response.ok) {
+            console.warn(`Failed to fetch profile picture: ${response.status} ${response.statusText}`);
             return null;
         }
-        // Check if the response is an image
-        const contentType = imageResponse.headers.get('content-type');
-        if (!contentType || !contentType.startsWith('image/')) {
+        const contentType = response.headers.get("content-type");
+        if (!contentType || !contentType.startsWith("image/")) {
             console.warn(`Profile picture response is not an image: ${contentType}`);
             return null;
         }
-        // Step 4: Convert response to blob
-        const blob = await imageResponse.blob();
-        // Step 5: Create blob URL
-        const blobUrl = URL.createObjectURL(blob);
-        return blobUrl;
+        const blob = await response.blob();
+        return URL.createObjectURL(blob);
     }
     catch (err) {
         console.error("Error fetching profile picture:", err);
@@ -1164,5 +1014,5 @@ const AppHeader = ({ language: languageProp }) => {
                                 }, children: jsx(MoreIcon, {}) }) })] }) }), renderMobileMenu, renderMenu] }));
 };
 
-export { AppHeader, DrawerProvider, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUploadUrl, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setI18nLocaleToStorage, translations, useDrawer };
+export { AppHeader, DrawerProvider, PERSIST_HEADER_KEY, USER_DETAILS_STORAGE_KEY, fetchProfilePictureAsBlobUrl, getAllDataFromStorage, getI18nLocaleFromStorage, getMessageCountFromStorage, getNotificationCountFromStorage, getProfilePictureUrl, getStoredUserDetails, getTranslations, getUserDataFromStorage, setHeaderAuth, setI18nLocaleToStorage, translations, useDrawer };
 //# sourceMappingURL=index.esm.js.map