zudoku 0.3.1-dev.8 → 0.4.0

package/lib/zudoku.openapi-worker.js

@@ -13,7 +13,7 @@ var ir = (t, e, n, r) => ({
     return m(t, e, r);
   }
 });
-import { C as Uo, c as Vo, m as Bo, f as Go } from "./urql-DrBfkb92.js";
+import { C as Uo, c as Vo, m as Bo, f as Go } from "./urql-YhcsXYy8.js";
 import { a as Iu } from "./_commonjsHelpers-BVfed4GL.js";
 import { s as _u } from "./slugify-CiPVjteN.js";
 function Ou(t, e) {

package/lib/zudoku.plugin-api-keys.js

@@ -1,12 +1,12 @@
 import { j as e } from "./jsx-runtime-B6kdoens.js";
-import { S as p, R as f } from "./SlotletProvider-ByLSCZQa.js";
-import { u as g, a as u, I as j, S as k, b as v, c as w, d as b, e as K, f as y } from "./Input-CzXNm7xb.js";
-import { b as N, L as x, O as E } from "./index-7kcHaXD6.js";
-import { u as h, t as A, j as S } from "./ZudokuContext-BIZ8zHbZ.js";
-import { B as l, p as I } from "./Combination-DTfV-c98.js";
+import { S as p, R as f } from "./SlotletProvider-Dq80og6-.js";
+import { u as g, a as u, I as j, S as k, b as v, c as w, d as b, e as K, f as y } from "./Input-CBfi9Yjc.js";
+import { e as N, L as x, O as E } from "./index-Yjb2PyPF.js";
+import { u as h, t as A, j as S } from "./ZudokuContext-BQ45UjcB.js";
+import { B as l, p as I } from "./Combination-DruV0zX_.js";
 import { D as P } from "./DeveloperHint-BQSFXH01.js";
 import { useState as C } from "react";
-import { c as d, a as D } from "./Markdown-CEccPMI_.js";
+import { c as d, a as D } from "./Markdown-Chb9VIBv.js";
 /**
  * @license lucide-react v0.378.0 - ISC
  *

package/lib/zudoku.plugin-custom-page.js

@@ -1,5 +1,5 @@
 import { j as m } from "./jsx-runtime-B6kdoens.js";
-import { P as o } from "./Markdown-CEccPMI_.js";
+import { P as o } from "./Markdown-Chb9VIBv.js";
 const l = (s) => ({
   getRoutes: () => s.map(({ path: e, element: t }) => ({
     path: e,

package/lib/zudoku.plugin-markdown.js

@@ -6,7 +6,7 @@ const u = (t, e) => Object.entries(t).flatMap(([a, r]) => {
   return {
     path: s.at(-1) === "index" ? s.slice(0, -1).join("/") : o,
     lazy: async () => {
-      const { MdxPage: i } = await import("./MdxPage-CnqOoqvp.js"), { default: p, ...c } = await r();
+      const { MdxPage: i } = await import("./MdxPage-CIBHMwTd.js"), { default: p, ...c } = await r();
       return {
         element: /* @__PURE__ */ m.jsx(
           i,

package/lib/zudoku.plugin-openapi.js

@@ -1,14 +1,15 @@
 import "./jsx-runtime-B6kdoens.js";
-import { o as l } from "./index-B6zugCnN.js";
-import "./urql-DrBfkb92.js";
-import "./ZudokuContext-BIZ8zHbZ.js";
+import { o as s } from "./index-Br1MQPxy.js";
+import "./urql-YhcsXYy8.js";
+import "./ZudokuContext-BQ45UjcB.js";
 import "zudoku/openapi-worker";
-import "./Combination-DTfV-c98.js";
-import "./Markdown-CEccPMI_.js";
+import "./Combination-DruV0zX_.js";
+import "./ErrorPage-PUg985n_.js";
+import "./Markdown-Chb9VIBv.js";
 import "./joinPath-B7kNnUX4.js";
 import "./router-BiRCp01d.js";
-import "./index-7kcHaXD6.js";
+import "./index-Yjb2PyPF.js";
 export {
-  l as openApiPlugin
+  s as openApiPlugin
 };
 //# sourceMappingURL=zudoku.plugin-openapi.js.map

package/lib/zudoku.plugin-openapi.js.map

@@ -1 +1 @@
-{"version":3,"file":"zudoku.plugin-openapi.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;"}
+{"version":3,"file":"zudoku.plugin-openapi.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "zudoku",
-  "version": "0.3.1-dev.8",
+  "version": "0.4.0",
   "type": "module",
   "files": [
     "dist",
@@ -13,104 +13,73 @@
     "zudoku": "./cli.js"
   },
   "exports": {
-    ".": "./src/index.ts",
-    "./internal": "./src/internal.ts",
-    "./auth/clerk": "./src/lib/authentication/providers/clerk.ts",
-    "./auth/auth0": "./src/lib/authentication/providers/auth0.ts",
-    "./auth/openid": "./src/lib/authentication/providers/openid.ts",
-    "./plugins/api-keys": "./src/lib/plugins/api-keys/index.ts",
-    "./plugins/markdown": "./src/lib/plugins/markdown/index.ts",
-    "./plugins/openapi": "./src/lib/plugins/openapi/index.ts",
-    "./plugins/redirect": "./src/lib/plugins/redirect/index.ts",
-    "./plugins/custom-page": "./src/lib/plugins/custom-page/index.ts",
-    "./plugins/search-inkeep": "./src/lib/plugins/search-inkeep/index.ts",
-    "./openapi-worker": "./src/lib/plugins/openapi-worker.ts",
-    "./components": "./src/lib/components/index.ts",
-    "./vite": "./src/vite/plugin.ts",
-    "./tailwind": "./src/app/tailwind.ts",
-    "./app/*": "./src/app/*"
-  },
-  "publishConfig": {
-    "module": "./dist/index.js",
-    "types": "./dist/index.d.ts",
-    "exports": {
-      ".": {
-        "import": "./dist/index.js",
-        "types": "./dist/index.d.ts"
-      },
-      "./internal": {
-        "import": "./dist/internal.js"
-      },
-      "./auth/clerk": {
-        "import": "./lib/zudoku.auth-clerk.js",
-        "types": "./dist/lib/authentication/providers/clerk.d.ts"
-      },
-      "./auth/auth0": {
-        "import": "./lib/zudoku.auth-auth0.js",
-        "types": "./dist/lib/authentication/providers/auth0.d.ts"
-      },
-      "./auth/openid": {
-        "import": "./lib/zudoku.auth-openid.js",
-        "types": "./dist/lib/authentication/providers/openid.d.ts"
-      },
-      "./plugins/api-keys": {
-        "import": "./lib/zudoku.plugin-api-keys.js",
-        "types": "./dist/lib/plugins/api-keys/index.d.ts"
-      },
-      "./plugins/markdown": {
-        "import": "./lib/zudoku.plugin-markdown.js",
-        "types": "./dist/lib/plugins/markdown/index.d.ts"
-      },
-      "./plugins/openapi": {
-        "import": "./lib/zudoku.plugin-openapi.js",
-        "types": "./dist/lib/plugins/openapi/index.d.ts"
-      },
-      "./plugins/redirect": {
-        "import": "./lib/zudoku.plugin-redirect.js",
-        "types": "./dist/lib/plugins/redirect/index.d.ts"
-      },
-      "./plugins/custom-page": {
-        "import": "./lib/zudoku.plugin-custom-page.js",
-        "types": "./dist/lib/plugins/custom-page/index.d.ts"
-      },
-      "./plugins/search-inkeep": {
-        "import": "./lib/zudoku.plugin-search-inkeep.js",
-        "types": "./dist/lib/plugins/search-inkeep/index.d.ts"
-      },
-      "./openapi-worker": {
-        "import": "./lib/zudoku.openapi-worker.js",
-        "types": "./dist/lib/plugins/openapi-worker.d.ts"
-      },
-      "./components": {
-        "import": "./lib/zudoku.components.js",
-        "types": "./dist/lib/components/index.d.ts"
-      },
-      "./vite": {
-        "require": "./dist/vite/plugin.js",
-        "import": "./dist/vite/plugin.js"
-      },
-      "./tailwind": {
-        "require": "./dist/app/tailwind.js",
-        "import": "./dist/app/tailwind.js"
-      },
-      "./main.css": {
-        "require": "./src/app/main.css",
-        "import": "./src/app/main.css"
-      },
-      "./app/*": {
-        "import": "./src/app/*"
-      }
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    },
+    "./internal": {
+      "import": "./dist/internal.js"
+    },
+    "./auth/clerk": {
+      "import": "./lib/zudoku.auth-clerk.js",
+      "types": "./dist/lib/authentication/providers/clerk.d.ts"
+    },
+    "./auth/auth0": {
+      "import": "./lib/zudoku.auth-auth0.js",
+      "types": "./dist/lib/authentication/providers/auth0.d.ts"
+    },
+    "./auth/openid": {
+      "import": "./lib/zudoku.auth-openid.js",
+      "types": "./dist/lib/authentication/providers/openid.d.ts"
+    },
+    "./plugins/api-keys": {
+      "import": "./lib/zudoku.plugin-api-keys.js",
+      "types": "./dist/lib/plugins/api-keys/index.d.ts"
+    },
+    "./plugins/markdown": {
+      "import": "./lib/zudoku.plugin-markdown.js",
+      "types": "./dist/lib/plugins/markdown/index.d.ts"
+    },
+    "./plugins/openapi": {
+      "import": "./lib/zudoku.plugin-openapi.js",
+      "types": "./dist/lib/plugins/openapi/index.d.ts"
+    },
+    "./plugins/redirect": {
+      "import": "./lib/zudoku.plugin-redirect.js",
+      "types": "./dist/lib/plugins/redirect/index.d.ts"
+    },
+    "./plugins/custom-page": {
+      "import": "./lib/zudoku.plugin-custom-page.js",
+      "types": "./dist/lib/plugins/custom-page/index.d.ts"
+    },
+    "./plugins/search-inkeep": {
+      "import": "./lib/zudoku.plugin-search-inkeep.js",
+      "types": "./dist/lib/plugins/search-inkeep/index.d.ts"
+    },
+    "./openapi-worker": {
+      "import": "./lib/zudoku.openapi-worker.js",
+      "types": "./dist/lib/plugins/openapi-worker.d.ts"
+    },
+    "./components": {
+      "import": "./lib/zudoku.components.js",
+      "types": "./dist/lib/components/index.d.ts"
+    },
+    "./vite": {
+      "require": "./dist/vite/plugin.js",
+      "import": "./dist/vite/plugin.js"
+    },
+    "./tailwind": {
+      "require": "./dist/app/tailwind.js",
+      "import": "./dist/app/tailwind.js"
+    },
+    "./main.css": {
+      "require": "./src/app/main.css",
+      "import": "./src/app/main.css"
+    },
+    "./app/*": {
+      "import": "./src/app/*"
     }
   },
-  "scripts": {
-    "build": "tsc --project tsconfig.json",
-    "build:vite": "vite build && pnpm run hack:fix-worker-paths lib",
-    "build:standalone:vite": "vite build --mode standalone --config vite.standalone.config.ts",
-    "build:standalone:html": "cp ./src/app/standalone.html ./standalone/standalone.html && cp ./src/app/demo.html ./standalone/demo.html && cp ./src/app/demo-cdn.html ./standalone/index.html",
-    "hack:fix-worker-paths": "node ./scripts/hack-worker.mjs",
-    "clean": "tsc --build --clean",
-    "test": "node --test --enable-source-maps"
-  },
   "dependencies": {
     "@envelop/core": "5.0.1",
     "@graphql-typed-document-node/core": "3.2.0",
@@ -147,7 +116,7 @@
     "openapi-types": "12.1.3",
     "picocolors": "^1.0.1",
     "postcss": "8.4.39",
-    "posthog-node": "^4.0.1",
+    "posthog-node": "^4.1.1",
     "prism-react-renderer": "2.3.1",
     "prismjs": "1.29.0",
     "react": "18.3.1",
@@ -216,5 +185,16 @@
   "optionalDependencies": {
     "@clerk/clerk-js": "5.11.0",
     "@inkeep/widgets": "^0.2.289"
-  }
-}
+  },
+  "scripts": {
+    "build": "tsc --project tsconfig.json",
+    "build:vite": "vite build && pnpm run hack:fix-worker-paths lib",
+    "build:standalone:vite": "vite build --mode standalone --config vite.standalone.config.ts",
+    "build:standalone:html": "cp ./src/app/standalone.html ./standalone/standalone.html && cp ./src/app/demo.html ./standalone/demo.html && cp ./src/app/demo-cdn.html ./standalone/index.html",
+    "hack:fix-worker-paths": "node ./scripts/hack-worker.mjs",
+    "clean": "tsc --build --clean",
+    "test": "node --test --enable-source-maps"
+  },
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts"
+}

package/src/app/main.css

@@ -249,7 +249,7 @@
     --popover: 222.2 84% 4.9%;
     --popover-foreground: 210 40% 98%;
     --primary: 217.2 91.2% 59.8%;
-    --primary-foreground: 222.2 47.4% 11.2%;
+    --primary-foreground: 210 40% 98%;
     --secondary: 217.2 32.6% 17.5%;
     --secondary-foreground: 210 40% 98%;
     --muted: 217.2 32.6% 17.5%;

package/src/lib/authentication/authentication.ts

@@ -5,6 +5,7 @@ export interface AuthenticationProvider {
   signIn(options?: { redirectTo?: string }): Promise<void>;
   signOut(): Promise<void>;
   getAccessToken(): Promise<string>;
+  pageLoad?(): void;
   getAuthenticationPlugin?(): DevPortalPlugin;
 }
 

package/src/lib/authentication/components/CallbackHandler.tsx

@@ -0,0 +1,59 @@
+import logger from "loglevel";
+import { useEffect, useRef, useState } from "react";
+import { useNavigate } from "react-router-dom";
+import { DeveloperHint } from "../../components/DeveloperHint.js";
+import { ErrorPage } from "../../components/ErrorPage.js";
+import { Spinner } from "../../components/Spinner.js";
+import { SyntaxHighlight } from "../../components/SyntaxHighlight.js";
+
+export function CallbackHandler({
+  handleCallback,
+}: {
+  handleCallback: () => Promise<string>;
+}) {
+  const [error, setError] = useState<Error | null>(null);
+  const navigate = useNavigate();
+  // Deal with double mount in dev mode which will break
+  // the OAuth flow because you can only use the code once
+  const didInitialize = useRef(false);
+
+  useEffect(() => {
+    if (didInitialize.current) {
+      return;
+    }
+    didInitialize.current = true;
+    handleCallback()
+      .then((redirect) => {
+        navigate(redirect);
+      })
+      .catch((err) => {
+        logger.error(err);
+        setError(err);
+      });
+  }, [navigate, handleCallback]);
+
+  if (error) {
+    return (
+      <ErrorPage
+        category="Error"
+        title="Authentication Error"
+        message={
+          <>
+            <DeveloperHint className="mb-4">
+              Check the configuration of your authorization provider and ensure
+              all settings such as the callback URL are configured correctly.
+            </DeveloperHint>
+            An error occurred while authorizing the user.
+            <SyntaxHighlight code={error.toString()} language="plain" />
+          </>
+        }
+      />
+    );
+  }
+
+  return (
+    <div className="grid h-full place-items-center">
+      <Spinner />
+    </div>
+  );
+}

package/src/lib/authentication/providers/auth0.tsx

@@ -4,6 +4,16 @@ import { useAuthState } from "../state.js";
 import { OpenIDAuthenticationProvider } from "./openid.js";
 
 class Auth0AuthenticationProvider extends OpenIDAuthenticationProvider {
+  constructor(config: Auth0AuthenticationConfig) {
+    super({
+      ...config,
+      type: "openid",
+      issuer: `https://${config.domain}`,
+      clientId: config.clientId,
+      audience: config.audience,
+    });
+  }
+
   onAuthorizationUrl = async (
     url: URL,
     { isSignUp }: { isSignUp: boolean },
@@ -12,13 +22,14 @@ class Auth0AuthenticationProvider extends OpenIDAuthenticationProvider {
       url.searchParams.set("screen_hint", "signup");
     }
   };
+
   signOut = async (): Promise<void> => {
     useAuthState.setState({
       isAuthenticated: false,
       isPending: false,
       profile: undefined,
     });
-    localStorage.removeItem("auto-login");
+    sessionStorage.clear();
     const as = await this.getAuthServer();
 
     const redirectUrl = new URL(
@@ -53,11 +64,6 @@ class Auth0AuthenticationProvider extends OpenIDAuthenticationProvider {
 
 const auth0Auth: AuthenticationProviderInitializer<
   Auth0AuthenticationConfig
-> = ({ domain, ...options }) =>
-  new Auth0AuthenticationProvider({
-    ...options,
-    type: "openid",
-    issuer: `https://${domain}`,
-  });
+> = (options) => new Auth0AuthenticationProvider(options);
 
 export default auth0Auth;

package/src/lib/authentication/providers/openid.tsx

@@ -1,13 +1,12 @@
 import logger from "loglevel";
 import * as oauth from "oauth4webapi";
-import { NavigateFunction } from "react-router-dom";
 import { OpenIDAuthenticationConfig } from "../../../config/config.js";
-import { CommonPlugin } from "../../core/plugins.js";
 import {
   AuthenticationProvider,
   AuthenticationProviderInitializer,
 } from "../authentication.js";
 import { AuthenticationPlugin } from "../AuthenticationPlugin.js";
+import { CallbackHandler } from "../components/CallbackHandler.js";
 import { AuthorizationError, OAuthAuthorizationError } from "../errors.js";
 import { useAuthState, UserProfile } from "../state.js";
 
@@ -23,7 +22,7 @@ interface TokenState {
 class OpenIdAuthPlugin extends AuthenticationPlugin {
   constructor(
     private callbackUrlPath: string,
-    public initialize?: CommonPlugin["initialize"],
+    private handleCallback: () => Promise<string>,
   ) {
     super();
   }
@@ -32,7 +31,7 @@ class OpenIdAuthPlugin extends AuthenticationPlugin {
       ...super.getRoutes(),
       {
         path: this.callbackUrlPath,
-        element: <div />,
+        element: <CallbackHandler handleCallback={this.handleCallback} />,
       },
     ];
   }
@@ -41,11 +40,8 @@ class OpenIdAuthPlugin extends AuthenticationPlugin {
 export class OpenIDAuthenticationProvider implements AuthenticationProvider {
   protected client: oauth.Client;
   protected issuer: string;
-  protected authorizationEndpoint: string | undefined;
-  protected tokenEndpoint: string | undefined;
 
   protected authorizationServer: oauth.AuthorizationServer | undefined;
-  protected tokens: TokenState | undefined;
 
   protected callbackUrlPath = "/oauth/callback";
   protected logoutRedirectUrlPath = "/";
@@ -61,8 +57,6 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
   constructor({
     issuer,
     audience,
-    authorizationEndpoint,
-    tokenEndpoint,
     clientId,
     redirectToAfterSignUp,
     redirectToAfterSignIn,
@@ -74,8 +68,6 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
     };
     this.audience = audience;
     this.issuer = issuer;
-    this.authorizationEndpoint = authorizationEndpoint;
-    this.tokenEndpoint = tokenEndpoint;
     this.redirectToAfterSignUp = redirectToAfterSignUp ?? "/";
     this.redirectToAfterSignIn = redirectToAfterSignIn ?? "/";
     this.redirectToAfterSignOut = redirectToAfterSignOut ?? "/";
@@ -83,21 +75,12 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
 
   protected async getAuthServer() {
     if (!this.authorizationServer) {
-      if (this.tokenEndpoint && this.authorizationEndpoint) {
-        this.authorizationServer = {
-          issuer: new URL(this.authorizationEndpoint!).origin,
-          authorization_endpoint: this.authorizationEndpoint,
-          token_endpoint: this.tokenEndpoint,
-          code_challenge_methods_supported: [],
-        };
-      } else {
-        const issuerUrl = new URL(this.issuer);
-        const response = await oauth.discoveryRequest(issuerUrl);
-        this.authorizationServer = await oauth.processDiscoveryResponse(
-          issuerUrl,
-          response,
-        );
-      }
+      const issuerUrl = new URL(this.issuer);
+      const response = await oauth.discoveryRequest(issuerUrl);
+      this.authorizationServer = await oauth.processDiscoveryResponse(
+        issuerUrl,
+        response,
+      );
     }
     return this.authorizationServer;
   }
@@ -118,13 +101,13 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
       throw new AuthorizationError("No expires_in in response");
     }
 
-    this.tokens = {
+    const tokens: TokenState = {
       accessToken: response.access_token,
       refreshToken: response.refresh_token,
       expiresOn: new Date(Date.now() + response.expires_in * 1000),
       tokenType: response.token_type,
     };
-    sessionStorage.setItem("openid-token", JSON.stringify(this.tokens));
+    sessionStorage.setItem("token-state", JSON.stringify(tokens));
   }
 
   async signUp({ redirectTo }: { redirectTo?: string } = {}) {
@@ -178,7 +161,7 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
     authorizationUrl.searchParams.set("client_id", this.client.client_id);
     authorizationUrl.searchParams.set("redirect_uri", redirectUrl.toString());
     authorizationUrl.searchParams.set("response_type", "code");
-    authorizationUrl.searchParams.set("scope", "openid+profile+email");
+    authorizationUrl.searchParams.set("scope", "openid profile email");
     authorizationUrl.searchParams.set("code_challenge", codeChallenge);
     authorizationUrl.searchParams.set(
       "code_challenge_method",
@@ -211,11 +194,14 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
 
   async getAccessToken(): Promise<string> {
     const as = await this.getAuthServer();
-    if (!this.tokens) {
+    const tokenState = sessionStorage.getItem("token-state");
+    if (!tokenState) {
       throw new AuthorizationError("User is not authenticated");
     }
-    if (this.tokens.expiresOn < new Date()) {
-      if (!this.tokens.refreshToken) {
+
+    const state = JSON.parse(tokenState) as TokenState;
+    if (state.expiresOn < new Date()) {
+      if (!state.refreshToken) {
         await this.signIn();
         return "";
       }
@@ -223,7 +209,7 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
       const request = await oauth.refreshTokenGrantRequest(
         as,
         this.client,
-        this.tokens.refreshToken,
+        state.refreshToken,
       );
       const response = await oauth.processRefreshTokenResponse(
         as,
@@ -231,10 +217,16 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
         request,
       );
 
+      if (!response.access_token) {
+        throw new AuthorizationError("No access token in response");
+      }
+
       this.setTokensFromResponse(response);
-    }
 
-    return this.tokens.accessToken;
+      return response.access_token.toString();
+    } else {
+      return state.accessToken;
+    }
   }
 
   signOut = async () => {
@@ -243,7 +235,7 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
       isPending: false,
       profile: undefined,
     });
-    localStorage.removeItem("auto-login");
+    sessionStorage.clear();
 
     const as = await this.getAuthServer();
 
@@ -279,9 +271,8 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
     // Authorization Code Grant Request & Response
     const codeVerifier = sessionStorage.getItem(CODE_VERIFIER_KEY);
     sessionStorage.removeItem(CODE_VERIFIER_KEY);
-
     if (!codeVerifier) {
-      return "/";
+      throw new AuthorizationError("No code verifier found in state.");
     }
 
     const authServer = await this.getAuthServer();
@@ -320,7 +311,7 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
     //   }
     //   throw new Error(); // Handle WWW-Authenticate Challenges as needed
     // }
-    const oauthResult = await oauth.processAuthorizationCodeOAuth2Response(
+    const oauthResult = await oauth.processAuthorizationCodeOpenIDResponse(
       authServer,
       this.client,
       response,
@@ -351,29 +342,36 @@ export class OpenIDAuthenticationProvider implements AuthenticationProvider {
       profile,
     });
 
-    localStorage.setItem("auto-login", "1");
+    sessionStorage.setItem(
+      "profile-state",
+      JSON.stringify(useAuthState.getState().profile),
+    );
 
-    return sessionStorage.getItem("redirect-to") ?? "/";
+    const redirectTo = sessionStorage.getItem("redirect-to") ?? "/";
+    sessionStorage.removeItem("redirect-to");
+    return redirectTo;
   };
 
+  pageLoad(): void {
+    const profileState = sessionStorage.getItem("profile-state");
+    if (profileState) {
+      try {
+        const profile = JSON.parse(profileState);
+        useAuthState.setState({
+          isAuthenticated: true,
+          isPending: false,
+          profile,
+        });
+      } catch (err) {
+        logger.error("Error parsing auth state", err);
+      }
+    }
+  }
+
   getAuthenticationPlugin() {
-    return new OpenIdAuthPlugin(
-      this.callbackUrlPath,
-      async (_, options: { navigate: NavigateFunction }) => {
-        if (typeof window === "undefined") return;
-
-        if (localStorage.getItem("auto-login")) {
-          localStorage.removeItem("auto-login");
-
-          await this.authorize({ redirectTo: window.location.pathname });
-        } else if (window.location.pathname === "/oauth/callback") {
-          const redirect = await this.handleCallback();
-          if (redirect) {
-            options.navigate(redirect);
-          }
-        }
-      },
-    );
+    // TODO: This API is a bit messy, we need to refactor auth plugins/providers
+    // to remove the extra layers of abstraction.
+    return new OpenIdAuthPlugin(this.callbackUrlPath, this.handleCallback);
   }
 }