zudoku 0.57.0 → 0.58.0

package/lib/zudoku.auth-auth0.js

@@ -1,4 +1,4 @@
-import { u as o } from "./hook-bv3iuX7X.js";
+import { u as o } from "./hook-B4Q30zMI.js";
 import { OpenIDAuthenticationProvider as r } from "./zudoku.auth-openid.js";
 class a extends r {
   constructor(e) {

package/lib/zudoku.auth-auth0.js.map

@@ -1 +1 @@
-{"version":3,"file":"zudoku.auth-auth0.js","sources":["../src/lib/authentication/providers/auth0.tsx"],"sourcesContent":["import { type Auth0AuthenticationConfig } from \"../../../config/config.js\";\nimport {\n  type AuthenticationPlugin,\n  type AuthenticationProviderInitializer,\n} from \"../authentication.js\";\nimport { useAuthState } from \"../state.js\";\nimport { OpenIDAuthenticationProvider } from \"./openid.js\";\n\nclass Auth0AuthenticationProvider\n  extends OpenIDAuthenticationProvider\n  implements AuthenticationPlugin\n{\n  constructor(config: Auth0AuthenticationConfig) {\n    super({\n      ...config,\n      type: \"openid\",\n      issuer: `https://${config.domain}/`,\n      clientId: config.clientId,\n      audience: config.audience,\n      scopes: config.scopes,\n    });\n  }\n\n  onAuthorizationUrl = async (\n    url: URL,\n    { isSignUp }: { isSignUp: boolean },\n  ) => {\n    url.searchParams.set(\"prompt\", \"login\");\n    if (isSignUp) {\n      url.searchParams.set(\"screen_hint\", \"signup\");\n    }\n  };\n\n  signOut = async (): Promise<void> => {\n    const as = await this.getAuthServer();\n    const idToken = await this.getAccessToken();\n\n    useAuthState.setState({\n      isAuthenticated: false,\n      isPending: false,\n      profile: null,\n      providerData: null,\n    });\n\n    const redirectUrl = new URL(window.location.origin);\n    redirectUrl.pathname = this.redirectToAfterSignOut;\n\n    // SEE: https://auth0.com/docs/authenticate/login/logout/log-users-out-of-auth0\n    // For Auth0 tenants created on or after 14 November 2023, RP-Initiated\n    // Logout End Session Endpoint Discovery is enabled by default.\n    // Otherwise we fallback to the old non-compliant logout\n\n    // The endSessionEndpoint is set, the IdP supports some form of logout,\n    // so we use the IdP logout. Otherwise, just redirect the user to home\n    if (as.end_session_endpoint) {\n      const logoutUrl = new URL(as.end_session_endpoint);\n      if (idToken) {\n        logoutUrl.searchParams.set(\"id_token_hint\", idToken);\n      }\n      logoutUrl.searchParams.set(\n        \"post_logout_redirect_uri\",\n        redirectUrl.toString(),\n      );\n\n      // window.location.href = logoutUrl.toString();\n    } else {\n      const logoutUrl = new URL(\n        `${this.issuer.replace(/\\/$/, \"\")}/oidc/logout`,\n      );\n      // window.location.href = logoutUrl.toString();\n    }\n  };\n}\n\nconst auth0Auth: AuthenticationProviderInitializer<\n  Auth0AuthenticationConfig\n> = (options) => new Auth0AuthenticationProvider(options);\n\nexport default auth0Auth;\n"],"names":["Auth0AuthenticationProvider","OpenIDAuthenticationProvider","config","url","isSignUp","as","idToken","useAuthState","redirectUrl","logoutUrl","auth0Auth","options"],"mappings":";;AAQA,MAAMA,UACIC,EAEV;AAAA,EACE,YAAYC,GAAmC;AAC7C,UAAM;AAAA,MACJ,GAAGA;AAAA,MACH,MAAM;AAAA,MACN,QAAQ,WAAWA,EAAO,MAAM;AAAA,MAChC,UAAUA,EAAO;AAAA,MACjB,UAAUA,EAAO;AAAA,MACjB,QAAQA,EAAO;AAAA,IAAA,CAChB;AAAA,EACH;AAAA,EAEA,qBAAqB,OACnBC,GACA,EAAE,UAAAC,QACC;AACH,IAAAD,EAAI,aAAa,IAAI,UAAU,OAAO,GAClCC,KACFD,EAAI,aAAa,IAAI,eAAe,QAAQ;AAAA,EAEhD;AAAA,EAEA,UAAU,YAA2B;AACnC,UAAME,IAAK,MAAM,KAAK,cAAA,GAChBC,IAAU,MAAM,KAAK,eAAA;AAE3B,IAAAC,EAAa,SAAS;AAAA,MACpB,iBAAiB;AAAA,MACjB,WAAW;AAAA,MACX,SAAS;AAAA,MACT,cAAc;AAAA,IAAA,CACf;AAED,UAAMC,IAAc,IAAI,IAAI,OAAO,SAAS,MAAM;AAUlD,QATAA,EAAY,WAAW,KAAK,wBASxBH,EAAG,sBAAsB;AAC3B,YAAMI,IAAY,IAAI,IAAIJ,EAAG,oBAAoB;AACjD,MAAIC,KACFG,EAAU,aAAa,IAAI,iBAAiBH,CAAO,GAErDG,EAAU,aAAa;AAAA,QACrB;AAAA,QACAD,EAAY,SAAA;AAAA,MAAS;AAAA,IAIzB;AACoB,UAAI;AAAA,QACpB,GAAG,KAAK,OAAO,QAAQ,OAAO,EAAE,CAAC;AAAA,MAAA;AAAA,EAIvC;AACF;AAEA,MAAME,IAEF,CAACC,MAAY,IAAIX,EAA4BW,CAAO;"}
+{"version":3,"file":"zudoku.auth-auth0.js","sources":["../src/lib/authentication/providers/auth0.tsx"],"sourcesContent":["import type { Auth0AuthenticationConfig } from \"../../../config/config.js\";\nimport type {\n  AuthenticationPlugin,\n  AuthenticationProviderInitializer,\n} from \"../authentication.js\";\nimport { useAuthState } from \"../state.js\";\nimport { OpenIDAuthenticationProvider } from \"./openid.js\";\n\nclass Auth0AuthenticationProvider\n  extends OpenIDAuthenticationProvider\n  implements AuthenticationPlugin\n{\n  constructor(config: Auth0AuthenticationConfig) {\n    super({\n      ...config,\n      type: \"openid\",\n      issuer: `https://${config.domain}/`,\n      clientId: config.clientId,\n      audience: config.audience,\n      scopes: config.scopes,\n    });\n  }\n\n  onAuthorizationUrl = async (\n    url: URL,\n    { isSignUp }: { isSignUp: boolean },\n  ) => {\n    url.searchParams.set(\"prompt\", \"login\");\n    if (isSignUp) {\n      url.searchParams.set(\"screen_hint\", \"signup\");\n    }\n  };\n\n  signOut = async (): Promise<void> => {\n    const as = await this.getAuthServer();\n    const idToken = await this.getAccessToken();\n\n    useAuthState.setState({\n      isAuthenticated: false,\n      isPending: false,\n      profile: null,\n      providerData: null,\n    });\n\n    const redirectUrl = new URL(window.location.origin);\n    redirectUrl.pathname = this.redirectToAfterSignOut;\n\n    // SEE: https://auth0.com/docs/authenticate/login/logout/log-users-out-of-auth0\n    // For Auth0 tenants created on or after 14 November 2023, RP-Initiated\n    // Logout End Session Endpoint Discovery is enabled by default.\n    // Otherwise we fallback to the old non-compliant logout\n\n    // The endSessionEndpoint is set, the IdP supports some form of logout,\n    // so we use the IdP logout. Otherwise, just redirect the user to home\n    if (as.end_session_endpoint) {\n      const logoutUrl = new URL(as.end_session_endpoint);\n      if (idToken) {\n        logoutUrl.searchParams.set(\"id_token_hint\", idToken);\n      }\n      logoutUrl.searchParams.set(\n        \"post_logout_redirect_uri\",\n        redirectUrl.toString(),\n      );\n\n      // window.location.href = logoutUrl.toString();\n    } else {\n      const _logoutUrl = new URL(\n        `${this.issuer.replace(/\\/$/, \"\")}/oidc/logout`,\n      );\n      // window.location.href = logoutUrl.toString();\n    }\n  };\n}\n\nconst auth0Auth: AuthenticationProviderInitializer<\n  Auth0AuthenticationConfig\n> = (options) => new Auth0AuthenticationProvider(options);\n\nexport default auth0Auth;\n"],"names":["Auth0AuthenticationProvider","OpenIDAuthenticationProvider","config","url","isSignUp","as","idToken","useAuthState","redirectUrl","logoutUrl","auth0Auth","options"],"mappings":";;AAQA,MAAMA,UACIC,EAEV;AAAA,EACE,YAAYC,GAAmC;AAC7C,UAAM;AAAA,MACJ,GAAGA;AAAA,MACH,MAAM;AAAA,MACN,QAAQ,WAAWA,EAAO,MAAM;AAAA,MAChC,UAAUA,EAAO;AAAA,MACjB,UAAUA,EAAO;AAAA,MACjB,QAAQA,EAAO;AAAA,IAAA,CAChB;AAAA,EACH;AAAA,EAEA,qBAAqB,OACnBC,GACA,EAAE,UAAAC,QACC;AACH,IAAAD,EAAI,aAAa,IAAI,UAAU,OAAO,GAClCC,KACFD,EAAI,aAAa,IAAI,eAAe,QAAQ;AAAA,EAEhD;AAAA,EAEA,UAAU,YAA2B;AACnC,UAAME,IAAK,MAAM,KAAK,cAAA,GAChBC,IAAU,MAAM,KAAK,eAAA;AAE3B,IAAAC,EAAa,SAAS;AAAA,MACpB,iBAAiB;AAAA,MACjB,WAAW;AAAA,MACX,SAAS;AAAA,MACT,cAAc;AAAA,IAAA,CACf;AAED,UAAMC,IAAc,IAAI,IAAI,OAAO,SAAS,MAAM;AAUlD,QATAA,EAAY,WAAW,KAAK,wBASxBH,EAAG,sBAAsB;AAC3B,YAAMI,IAAY,IAAI,IAAIJ,EAAG,oBAAoB;AACjD,MAAIC,KACFG,EAAU,aAAa,IAAI,iBAAiBH,CAAO,GAErDG,EAAU,aAAa;AAAA,QACrB;AAAA,QACAD,EAAY,SAAA;AAAA,MAAS;AAAA,IAIzB;AACqB,UAAI;AAAA,QACrB,GAAG,KAAK,OAAO,QAAQ,OAAO,EAAE,CAAC;AAAA,MAAA;AAAA,EAIvC;AACF;AAEA,MAAME,IAEF,CAACC,MAAY,IAAIX,EAA4BW,CAAO;"}

package/lib/zudoku.auth-azureb2c.js

@@ -1,11 +1,11 @@
 import { j as o } from "./jsx-runtime-C5mzlN2N.js";
 import { PublicClientApplication as A, EventType as f } from "@azure/msal-browser";
-import { E as I } from "./index-DzO-Qh6S.js";
+import { E as I } from "./index-z-rQiwfg.js";
 import { C as T } from "./ClientOnly-E7hGysn1.js";
-import { j as S } from "./ZudokuContext-BuJD7yIX.js";
-import { C, A as c } from "./errors-CrI3s7mR.js";
-import { C as k, O as w } from "./OAuthErrorPage-Jv3r8wnL.js";
-import { u as h } from "./hook-bv3iuX7X.js";
+import { j as S } from "./ZudokuContext-BR-lnR7O.js";
+import { C, A as c } from "./errors-B6u81sEb.js";
+import { C as k, O as w } from "./OAuthErrorPage-C2pwoHzm.js";
+import { u as h } from "./hook-B4Q30zMI.js";
 const u = "/oauth/callback";
 class y extends C {
   msalInstance;

package/lib/zudoku.auth-azureb2c.js.map

@@ -1 +1 @@
-{"version":3,"file":"zudoku.auth-azureb2c.js","sources":["../src/lib/authentication/providers/azureb2c.tsx"],"sourcesContent":["import type { AuthenticationResult, EventMessage } from \"@azure/msal-browser\";\nimport { EventType, PublicClientApplication } from \"@azure/msal-browser\";\nimport { ErrorBoundary } from \"react-error-boundary\";\nimport { type AzureB2CAuthenticationConfig } from \"../../../config/config.js\";\nimport { ClientOnly } from \"../../components/ClientOnly.js\";\nimport { joinUrl } from \"../../util/joinUrl.js\";\nimport {\n  type AuthenticationPlugin,\n  type AuthenticationProviderInitializer,\n} from \"../authentication.js\";\nimport { CoreAuthenticationPlugin } from \"../AuthenticationPlugin.js\";\nimport { CallbackHandler } from \"../components/CallbackHandler.js\";\nimport { OAuthErrorPage } from \"../components/OAuthErrorPage.js\";\nimport { AuthorizationError } from \"../errors.js\";\nimport { useAuthState } from \"../state.js\";\n\nconst AZUREB2C_CALLBACK_PATH = \"/oauth/callback\";\n\nexport class AzureB2CAuthPlugin\n  extends CoreAuthenticationPlugin\n  implements AuthenticationPlugin\n{\n  private msalInstance: PublicClientApplication;\n  private readonly scopes: string[];\n  private readonly redirectToAfterSignUp?: string;\n  private readonly redirectToAfterSignIn?: string;\n  private readonly redirectToAfterSignOut: string;\n\n  constructor({\n    clientId,\n    tenantName,\n    policyName,\n    scopes,\n    redirectToAfterSignUp,\n    redirectToAfterSignIn,\n    redirectToAfterSignOut = \"/\",\n    basePath = \"\",\n  }: AzureB2CAuthenticationConfig) {\n    super();\n    this.scopes = scopes ?? [\"openid\", \"profile\", \"email\"];\n    this.redirectToAfterSignUp = redirectToAfterSignUp;\n    this.redirectToAfterSignIn = redirectToAfterSignIn;\n    this.redirectToAfterSignOut = redirectToAfterSignOut;\n\n    const authority = `https://${tenantName}.b2clogin.com/${tenantName}.onmicrosoft.com/${policyName}`;\n    const redirectUri = joinUrl(basePath, AZUREB2C_CALLBACK_PATH);\n\n    this.msalInstance = new PublicClientApplication({\n      auth: {\n        clientId,\n        authority,\n        redirectUri,\n        knownAuthorities: [`${tenantName}.b2clogin.com`],\n      },\n      cache: {\n        cacheLocation: \"sessionStorage\",\n        storeAuthStateInCookie: false,\n      },\n    });\n\n    void this.msalInstance.initialize().then(async () => {\n      void this.msalInstance\n        .handleRedirectPromise()\n        .then((response: AuthenticationResult | null) => {\n          if (response) {\n            this.handleAuthResponse(response);\n          }\n        });\n\n      // Add event callback\n      void this.msalInstance.addEventCallback((event: EventMessage) => {\n        if (event.eventType === EventType.LOGIN_SUCCESS) {\n          this.handleAuthResponse(event.payload as AuthenticationResult);\n        }\n      });\n    });\n  }\n\n  private handleAuthResponse(response: AuthenticationResult) {\n    const { accessToken, idToken, scopes, account } = response;\n\n    if (!account) {\n      throw new AuthorizationError(\"No account information in response\");\n    }\n\n    // Get the user's name from Azure B2C claims\n    const name =\n      [account.idTokenClaims?.given_name, account.idTokenClaims?.family_name]\n        .filter(Boolean)\n        .join(\" \") || account.username;\n\n    useAuthState.getState().setLoggedIn({\n      providerData: {\n        accessToken,\n        idToken,\n        scopes,\n        account,\n      },\n      profile: {\n        sub: account.localAccountId,\n        email: account.username,\n        name,\n        emailVerified: true, // Azure B2C emails are verified\n        pictureUrl: undefined, // Azure B2C doesn't provide profile pictures by default\n      },\n    });\n  }\n\n  async signUp({ redirectTo }: { redirectTo?: string } = {}) {\n    const redirectUri = this.redirectToAfterSignUp ?? redirectTo ?? \"/\";\n    sessionStorage.setItem(\"redirect-to\", redirectUri);\n\n    await this.msalInstance.loginRedirect({\n      scopes: this.scopes,\n      prompt: \"select_account\",\n    });\n  }\n\n  async signIn({ redirectTo }: { redirectTo?: string } = {}) {\n    const redirectUri = this.redirectToAfterSignIn ?? redirectTo ?? \"/\";\n    sessionStorage.setItem(\"redirect-to\", redirectUri);\n\n    await this.msalInstance.loginRedirect({\n      scopes: this.scopes,\n    });\n  }\n\n  async getAccessToken(): Promise<string> {\n    const account = this.msalInstance.getAllAccounts()[0];\n    if (!account) {\n      throw new AuthorizationError(\"No active account\");\n    }\n\n    try {\n      const response = await this.msalInstance.acquireTokenSilent({\n        scopes: this.scopes,\n        account,\n      });\n      return response.accessToken;\n    } catch {\n      // If silent token acquisition fails, try interactive\n      await this.msalInstance.acquireTokenRedirect({\n        scopes: this.scopes,\n        account,\n      });\n\n      throw new AuthorizationError(\n        \"Token acquisition failed after interactive attempt\",\n      );\n    }\n  }\n\n  signRequest = async (request: Request): Promise<Request> => {\n    const accessToken = await this.getAccessToken();\n    request.headers.set(\"Authorization\", `Bearer ${accessToken}`);\n    return request;\n  };\n\n  signOut = async () => {\n    const account = this.msalInstance.getAllAccounts()[0];\n    if (account) {\n      await this.msalInstance.logoutRedirect({\n        account,\n        postLogoutRedirectUri:\n          window.location.origin + this.redirectToAfterSignOut,\n      });\n    }\n\n    useAuthState.getState().setLoggedOut();\n  };\n\n  handleCallback = async () => {\n    const redirectTo = sessionStorage.getItem(\"redirect-to\") ?? \"/\";\n    sessionStorage.removeItem(\"redirect-to\");\n    return redirectTo;\n  };\n\n  getRoutes() {\n    return [\n      ...super.getRoutes(),\n      {\n        path: AZUREB2C_CALLBACK_PATH,\n        element: (\n          <ClientOnly>\n            <ErrorBoundary\n              fallbackRender={({ error }) => <OAuthErrorPage error={error} />}\n            >\n              <CallbackHandler handleCallback={this.handleCallback} />\n            </ErrorBoundary>\n          </ClientOnly>\n        ),\n      },\n    ];\n  }\n}\n\nconst azureB2CAuth: AuthenticationProviderInitializer<\n  AzureB2CAuthenticationConfig\n> = (options) => new AzureB2CAuthPlugin(options);\n\nexport default azureB2CAuth;\n"],"names":["AZUREB2C_CALLBACK_PATH","AzureB2CAuthPlugin","CoreAuthenticationPlugin","clientId","tenantName","policyName","scopes","redirectToAfterSignUp","redirectToAfterSignIn","redirectToAfterSignOut","basePath","authority","redirectUri","joinUrl","PublicClientApplication","response","event","EventType","accessToken","idToken","account","AuthorizationError","name","useAuthState","redirectTo","request","ClientOnly","jsx","ErrorBoundary","error","OAuthErrorPage","CallbackHandler","azureB2CAuth","options"],"mappings":";;;;;;;;AAgBA,MAAMA,IAAyB;AAExB,MAAMC,UACHC,EAEV;AAAA,EACU;AAAA,EACS;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY;AAAA,IACV,UAAAC;AAAA,IACA,YAAAC;AAAA,IACA,YAAAC;AAAA,IACA,QAAAC;AAAA,IACA,uBAAAC;AAAA,IACA,uBAAAC;AAAA,IACA,wBAAAC,IAAyB;AAAA,IACzB,UAAAC,IAAW;AAAA,EAAA,GACoB;AAC/B,UAAA,GACA,KAAK,SAASJ,KAAU,CAAC,UAAU,WAAW,OAAO,GACrD,KAAK,wBAAwBC,GAC7B,KAAK,wBAAwBC,GAC7B,KAAK,yBAAyBC;AAE9B,UAAME,IAAY,WAAWP,CAAU,iBAAiBA,CAAU,oBAAoBC,CAAU,IAC1FO,IAAcC,EAAQH,GAAUV,CAAsB;AAE5D,SAAK,eAAe,IAAIc,EAAwB;AAAA,MAC9C,MAAM;AAAA,QACJ,UAAAX;AAAA,QACA,WAAAQ;AAAA,QACA,aAAAC;AAAA,QACA,kBAAkB,CAAC,GAAGR,CAAU,eAAe;AAAA,MAAA;AAAA,MAEjD,OAAO;AAAA,QACL,eAAe;AAAA,QACf,wBAAwB;AAAA,MAAA;AAAA,IAC1B,CACD,GAEI,KAAK,aAAa,WAAA,EAAa,KAAK,YAAY;AACnD,MAAK,KAAK,aACP,sBAAA,EACA,KAAK,CAACW,MAA0C;AAC/C,QAAIA,KACF,KAAK,mBAAmBA,CAAQ;AAAA,MAEpC,CAAC,GAGE,KAAK,aAAa,iBAAiB,CAACC,MAAwB;AAC/D,QAAIA,EAAM,cAAcC,EAAU,iBAChC,KAAK,mBAAmBD,EAAM,OAA+B;AAAA,MAEjE,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AAAA,EAEQ,mBAAmBD,GAAgC;AACzD,UAAM,EAAE,aAAAG,GAAa,SAAAC,GAAS,QAAAb,GAAQ,SAAAc,MAAYL;AAElD,QAAI,CAACK;AACH,YAAM,IAAIC,EAAmB,oCAAoC;AAInE,UAAMC,IACJ,CAACF,EAAQ,eAAe,YAAYA,EAAQ,eAAe,WAAW,EACnE,OAAO,OAAO,EACd,KAAK,GAAG,KAAKA,EAAQ;AAE1B,IAAAG,EAAa,SAAA,EAAW,YAAY;AAAA,MAClC,cAAc;AAAA,QACZ,aAAAL;AAAA,QACA,SAAAC;AAAA,QACA,QAAAb;AAAA,QACA,SAAAc;AAAA,MAAA;AAAA,MAEF,SAAS;AAAA,QACP,KAAKA,EAAQ;AAAA,QACb,OAAOA,EAAQ;AAAA,QACf,MAAAE;AAAA,QACA,eAAe;AAAA;AAAA,QACf,YAAY;AAAA;AAAA,MAAA;AAAA,IACd,CACD;AAAA,EACH;AAAA,EAEA,MAAM,OAAO,EAAE,YAAAE,EAAA,IAAwC,IAAI;AACzD,UAAMZ,IAAc,KAAK,yBAAyBY,KAAc;AAChE,mBAAe,QAAQ,eAAeZ,CAAW,GAEjD,MAAM,KAAK,aAAa,cAAc;AAAA,MACpC,QAAQ,KAAK;AAAA,MACb,QAAQ;AAAA,IAAA,CACT;AAAA,EACH;AAAA,EAEA,MAAM,OAAO,EAAE,YAAAY,EAAA,IAAwC,IAAI;AACzD,UAAMZ,IAAc,KAAK,yBAAyBY,KAAc;AAChE,mBAAe,QAAQ,eAAeZ,CAAW,GAEjD,MAAM,KAAK,aAAa,cAAc;AAAA,MACpC,QAAQ,KAAK;AAAA,IAAA,CACd;AAAA,EACH;AAAA,EAEA,MAAM,iBAAkC;AACtC,UAAMQ,IAAU,KAAK,aAAa,eAAA,EAAiB,CAAC;AACpD,QAAI,CAACA;AACH,YAAM,IAAIC,EAAmB,mBAAmB;AAGlD,QAAI;AAKF,cAJiB,MAAM,KAAK,aAAa,mBAAmB;AAAA,QAC1D,QAAQ,KAAK;AAAA,QACb,SAAAD;AAAA,MAAA,CACD,GACe;AAAA,IAClB,QAAQ;AAEN,kBAAM,KAAK,aAAa,qBAAqB;AAAA,QAC3C,QAAQ,KAAK;AAAA,QACb,SAAAA;AAAA,MAAA,CACD,GAEK,IAAIC;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAAA,EACF;AAAA,EAEA,cAAc,OAAOI,MAAuC;AAC1D,UAAMP,IAAc,MAAM,KAAK,eAAA;AAC/B,WAAAO,EAAQ,QAAQ,IAAI,iBAAiB,UAAUP,CAAW,EAAE,GACrDO;AAAA,EACT;AAAA,EAEA,UAAU,YAAY;AACpB,UAAML,IAAU,KAAK,aAAa,eAAA,EAAiB,CAAC;AACpD,IAAIA,KACF,MAAM,KAAK,aAAa,eAAe;AAAA,MACrC,SAAAA;AAAA,MACA,uBACE,OAAO,SAAS,SAAS,KAAK;AAAA,IAAA,CACjC,GAGHG,EAAa,SAAA,EAAW,aAAA;AAAA,EAC1B;AAAA,EAEA,iBAAiB,YAAY;AAC3B,UAAMC,IAAa,eAAe,QAAQ,aAAa,KAAK;AAC5D,0BAAe,WAAW,aAAa,GAChCA;AAAA,EACT;AAAA,EAEA,YAAY;AACV,WAAO;AAAA,MACL,GAAG,MAAM,UAAA;AAAA,MACT;AAAA,QACE,MAAMxB;AAAA,QACN,+BACG0B,GAAA,EACC,UAAAC,gBAAAA,EAAAA;AAAAA,UAACC;AAAA,UAAA;AAAA,YACC,gBAAgB,CAAC,EAAE,OAAAC,QAAYF,gBAAAA,EAAAA,IAACG,KAAe,OAAAD,GAAc;AAAA,YAE7D,UAAAF,gBAAAA,EAAAA,IAACI,GAAA,EAAgB,gBAAgB,KAAK,eAAA,CAAgB;AAAA,UAAA;AAAA,QAAA,EACxD,CACF;AAAA,MAAA;AAAA,IAEJ;AAAA,EAEJ;AACF;AAEA,MAAMC,IAEF,CAACC,MAAY,IAAIhC,EAAmBgC,CAAO;"}
+{"version":3,"file":"zudoku.auth-azureb2c.js","sources":["../src/lib/authentication/providers/azureb2c.tsx"],"sourcesContent":["import type { AuthenticationResult, EventMessage } from \"@azure/msal-browser\";\nimport { EventType, PublicClientApplication } from \"@azure/msal-browser\";\nimport { ErrorBoundary } from \"react-error-boundary\";\nimport type { AzureB2CAuthenticationConfig } from \"../../../config/config.js\";\nimport { ClientOnly } from \"../../components/ClientOnly.js\";\nimport { joinUrl } from \"../../util/joinUrl.js\";\nimport { CoreAuthenticationPlugin } from \"../AuthenticationPlugin.js\";\nimport type {\n  AuthenticationPlugin,\n  AuthenticationProviderInitializer,\n} from \"../authentication.js\";\nimport { CallbackHandler } from \"../components/CallbackHandler.js\";\nimport { OAuthErrorPage } from \"../components/OAuthErrorPage.js\";\nimport { AuthorizationError } from \"../errors.js\";\nimport { useAuthState } from \"../state.js\";\n\nconst AZUREB2C_CALLBACK_PATH = \"/oauth/callback\";\n\nexport class AzureB2CAuthPlugin\n  extends CoreAuthenticationPlugin\n  implements AuthenticationPlugin\n{\n  private msalInstance: PublicClientApplication;\n  private readonly scopes: string[];\n  private readonly redirectToAfterSignUp?: string;\n  private readonly redirectToAfterSignIn?: string;\n  private readonly redirectToAfterSignOut: string;\n\n  constructor({\n    clientId,\n    tenantName,\n    policyName,\n    scopes,\n    redirectToAfterSignUp,\n    redirectToAfterSignIn,\n    redirectToAfterSignOut = \"/\",\n    basePath = \"\",\n  }: AzureB2CAuthenticationConfig) {\n    super();\n    this.scopes = scopes ?? [\"openid\", \"profile\", \"email\"];\n    this.redirectToAfterSignUp = redirectToAfterSignUp;\n    this.redirectToAfterSignIn = redirectToAfterSignIn;\n    this.redirectToAfterSignOut = redirectToAfterSignOut;\n\n    const authority = `https://${tenantName}.b2clogin.com/${tenantName}.onmicrosoft.com/${policyName}`;\n    const redirectUri = joinUrl(basePath, AZUREB2C_CALLBACK_PATH);\n\n    this.msalInstance = new PublicClientApplication({\n      auth: {\n        clientId,\n        authority,\n        redirectUri,\n        knownAuthorities: [`${tenantName}.b2clogin.com`],\n      },\n      cache: {\n        cacheLocation: \"sessionStorage\",\n        storeAuthStateInCookie: false,\n      },\n    });\n\n    void this.msalInstance.initialize().then(async () => {\n      void this.msalInstance\n        .handleRedirectPromise()\n        .then((response: AuthenticationResult | null) => {\n          if (response) {\n            this.handleAuthResponse(response);\n          }\n        });\n\n      // Add event callback\n      void this.msalInstance.addEventCallback((event: EventMessage) => {\n        if (event.eventType === EventType.LOGIN_SUCCESS) {\n          this.handleAuthResponse(event.payload as AuthenticationResult);\n        }\n      });\n    });\n  }\n\n  private handleAuthResponse(response: AuthenticationResult) {\n    const { accessToken, idToken, scopes, account } = response;\n\n    if (!account) {\n      throw new AuthorizationError(\"No account information in response\");\n    }\n\n    // Get the user's name from Azure B2C claims\n    const name =\n      [account.idTokenClaims?.given_name, account.idTokenClaims?.family_name]\n        .filter(Boolean)\n        .join(\" \") || account.username;\n\n    useAuthState.getState().setLoggedIn({\n      providerData: {\n        accessToken,\n        idToken,\n        scopes,\n        account,\n      },\n      profile: {\n        sub: account.localAccountId,\n        email: account.username,\n        name,\n        emailVerified: true, // Azure B2C emails are verified\n        pictureUrl: undefined, // Azure B2C doesn't provide profile pictures by default\n      },\n    });\n  }\n\n  async signUp({ redirectTo }: { redirectTo?: string } = {}) {\n    const redirectUri = this.redirectToAfterSignUp ?? redirectTo ?? \"/\";\n    sessionStorage.setItem(\"redirect-to\", redirectUri);\n\n    await this.msalInstance.loginRedirect({\n      scopes: this.scopes,\n      prompt: \"select_account\",\n    });\n  }\n\n  async signIn({ redirectTo }: { redirectTo?: string } = {}) {\n    const redirectUri = this.redirectToAfterSignIn ?? redirectTo ?? \"/\";\n    sessionStorage.setItem(\"redirect-to\", redirectUri);\n\n    await this.msalInstance.loginRedirect({\n      scopes: this.scopes,\n    });\n  }\n\n  async getAccessToken(): Promise<string> {\n    const account = this.msalInstance.getAllAccounts()[0];\n    if (!account) {\n      throw new AuthorizationError(\"No active account\");\n    }\n\n    try {\n      const response = await this.msalInstance.acquireTokenSilent({\n        scopes: this.scopes,\n        account,\n      });\n      return response.accessToken;\n    } catch {\n      // If silent token acquisition fails, try interactive\n      await this.msalInstance.acquireTokenRedirect({\n        scopes: this.scopes,\n        account,\n      });\n\n      throw new AuthorizationError(\n        \"Token acquisition failed after interactive attempt\",\n      );\n    }\n  }\n\n  signRequest = async (request: Request): Promise<Request> => {\n    const accessToken = await this.getAccessToken();\n    request.headers.set(\"Authorization\", `Bearer ${accessToken}`);\n    return request;\n  };\n\n  signOut = async () => {\n    const account = this.msalInstance.getAllAccounts()[0];\n    if (account) {\n      await this.msalInstance.logoutRedirect({\n        account,\n        postLogoutRedirectUri:\n          window.location.origin + this.redirectToAfterSignOut,\n      });\n    }\n\n    useAuthState.getState().setLoggedOut();\n  };\n\n  handleCallback = async () => {\n    const redirectTo = sessionStorage.getItem(\"redirect-to\") ?? \"/\";\n    sessionStorage.removeItem(\"redirect-to\");\n    return redirectTo;\n  };\n\n  getRoutes() {\n    return [\n      ...super.getRoutes(),\n      {\n        path: AZUREB2C_CALLBACK_PATH,\n        element: (\n          <ClientOnly>\n            <ErrorBoundary\n              fallbackRender={({ error }) => <OAuthErrorPage error={error} />}\n            >\n              <CallbackHandler handleCallback={this.handleCallback} />\n            </ErrorBoundary>\n          </ClientOnly>\n        ),\n      },\n    ];\n  }\n}\n\nconst azureB2CAuth: AuthenticationProviderInitializer<\n  AzureB2CAuthenticationConfig\n> = (options) => new AzureB2CAuthPlugin(options);\n\nexport default azureB2CAuth;\n"],"names":["AZUREB2C_CALLBACK_PATH","AzureB2CAuthPlugin","CoreAuthenticationPlugin","clientId","tenantName","policyName","scopes","redirectToAfterSignUp","redirectToAfterSignIn","redirectToAfterSignOut","basePath","authority","redirectUri","joinUrl","PublicClientApplication","response","event","EventType","accessToken","idToken","account","AuthorizationError","name","useAuthState","redirectTo","request","ClientOnly","jsx","ErrorBoundary","error","OAuthErrorPage","CallbackHandler","azureB2CAuth","options"],"mappings":";;;;;;;;AAgBA,MAAMA,IAAyB;AAExB,MAAMC,UACHC,EAEV;AAAA,EACU;AAAA,EACS;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY;AAAA,IACV,UAAAC;AAAA,IACA,YAAAC;AAAA,IACA,YAAAC;AAAA,IACA,QAAAC;AAAA,IACA,uBAAAC;AAAA,IACA,uBAAAC;AAAA,IACA,wBAAAC,IAAyB;AAAA,IACzB,UAAAC,IAAW;AAAA,EAAA,GACoB;AAC/B,UAAA,GACA,KAAK,SAASJ,KAAU,CAAC,UAAU,WAAW,OAAO,GACrD,KAAK,wBAAwBC,GAC7B,KAAK,wBAAwBC,GAC7B,KAAK,yBAAyBC;AAE9B,UAAME,IAAY,WAAWP,CAAU,iBAAiBA,CAAU,oBAAoBC,CAAU,IAC1FO,IAAcC,EAAQH,GAAUV,CAAsB;AAE5D,SAAK,eAAe,IAAIc,EAAwB;AAAA,MAC9C,MAAM;AAAA,QACJ,UAAAX;AAAA,QACA,WAAAQ;AAAA,QACA,aAAAC;AAAA,QACA,kBAAkB,CAAC,GAAGR,CAAU,eAAe;AAAA,MAAA;AAAA,MAEjD,OAAO;AAAA,QACL,eAAe;AAAA,QACf,wBAAwB;AAAA,MAAA;AAAA,IAC1B,CACD,GAEI,KAAK,aAAa,WAAA,EAAa,KAAK,YAAY;AACnD,MAAK,KAAK,aACP,sBAAA,EACA,KAAK,CAACW,MAA0C;AAC/C,QAAIA,KACF,KAAK,mBAAmBA,CAAQ;AAAA,MAEpC,CAAC,GAGE,KAAK,aAAa,iBAAiB,CAACC,MAAwB;AAC/D,QAAIA,EAAM,cAAcC,EAAU,iBAChC,KAAK,mBAAmBD,EAAM,OAA+B;AAAA,MAEjE,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AAAA,EAEQ,mBAAmBD,GAAgC;AACzD,UAAM,EAAE,aAAAG,GAAa,SAAAC,GAAS,QAAAb,GAAQ,SAAAc,MAAYL;AAElD,QAAI,CAACK;AACH,YAAM,IAAIC,EAAmB,oCAAoC;AAInE,UAAMC,IACJ,CAACF,EAAQ,eAAe,YAAYA,EAAQ,eAAe,WAAW,EACnE,OAAO,OAAO,EACd,KAAK,GAAG,KAAKA,EAAQ;AAE1B,IAAAG,EAAa,SAAA,EAAW,YAAY;AAAA,MAClC,cAAc;AAAA,QACZ,aAAAL;AAAA,QACA,SAAAC;AAAA,QACA,QAAAb;AAAA,QACA,SAAAc;AAAA,MAAA;AAAA,MAEF,SAAS;AAAA,QACP,KAAKA,EAAQ;AAAA,QACb,OAAOA,EAAQ;AAAA,QACf,MAAAE;AAAA,QACA,eAAe;AAAA;AAAA,QACf,YAAY;AAAA;AAAA,MAAA;AAAA,IACd,CACD;AAAA,EACH;AAAA,EAEA,MAAM,OAAO,EAAE,YAAAE,EAAA,IAAwC,IAAI;AACzD,UAAMZ,IAAc,KAAK,yBAAyBY,KAAc;AAChE,mBAAe,QAAQ,eAAeZ,CAAW,GAEjD,MAAM,KAAK,aAAa,cAAc;AAAA,MACpC,QAAQ,KAAK;AAAA,MACb,QAAQ;AAAA,IAAA,CACT;AAAA,EACH;AAAA,EAEA,MAAM,OAAO,EAAE,YAAAY,EAAA,IAAwC,IAAI;AACzD,UAAMZ,IAAc,KAAK,yBAAyBY,KAAc;AAChE,mBAAe,QAAQ,eAAeZ,CAAW,GAEjD,MAAM,KAAK,aAAa,cAAc;AAAA,MACpC,QAAQ,KAAK;AAAA,IAAA,CACd;AAAA,EACH;AAAA,EAEA,MAAM,iBAAkC;AACtC,UAAMQ,IAAU,KAAK,aAAa,eAAA,EAAiB,CAAC;AACpD,QAAI,CAACA;AACH,YAAM,IAAIC,EAAmB,mBAAmB;AAGlD,QAAI;AAKF,cAJiB,MAAM,KAAK,aAAa,mBAAmB;AAAA,QAC1D,QAAQ,KAAK;AAAA,QACb,SAAAD;AAAA,MAAA,CACD,GACe;AAAA,IAClB,QAAQ;AAEN,kBAAM,KAAK,aAAa,qBAAqB;AAAA,QAC3C,QAAQ,KAAK;AAAA,QACb,SAAAA;AAAA,MAAA,CACD,GAEK,IAAIC;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAAA,EACF;AAAA,EAEA,cAAc,OAAOI,MAAuC;AAC1D,UAAMP,IAAc,MAAM,KAAK,eAAA;AAC/B,WAAAO,EAAQ,QAAQ,IAAI,iBAAiB,UAAUP,CAAW,EAAE,GACrDO;AAAA,EACT;AAAA,EAEA,UAAU,YAAY;AACpB,UAAML,IAAU,KAAK,aAAa,eAAA,EAAiB,CAAC;AACpD,IAAIA,KACF,MAAM,KAAK,aAAa,eAAe;AAAA,MACrC,SAAAA;AAAA,MACA,uBACE,OAAO,SAAS,SAAS,KAAK;AAAA,IAAA,CACjC,GAGHG,EAAa,SAAA,EAAW,aAAA;AAAA,EAC1B;AAAA,EAEA,iBAAiB,YAAY;AAC3B,UAAMC,IAAa,eAAe,QAAQ,aAAa,KAAK;AAC5D,0BAAe,WAAW,aAAa,GAChCA;AAAA,EACT;AAAA,EAEA,YAAY;AACV,WAAO;AAAA,MACL,GAAG,MAAM,UAAA;AAAA,MACT;AAAA,QACE,MAAMxB;AAAA,QACN,+BACG0B,GAAA,EACC,UAAAC,gBAAAA,EAAAA;AAAAA,UAACC;AAAA,UAAA;AAAA,YACC,gBAAgB,CAAC,EAAE,OAAAC,QAAYF,gBAAAA,EAAAA,IAACG,KAAe,OAAAD,GAAc;AAAA,YAE7D,UAAAF,gBAAAA,EAAAA,IAACI,GAAA,EAAgB,gBAAgB,KAAK,eAAA,CAAgB;AAAA,UAAA;AAAA,QAAA,EACxD,CACF;AAAA,MAAA;AAAA,IAEJ;AAAA,EAEJ;AACF;AAEA,MAAMC,IAEF,CAACC,MAAY,IAAIhC,EAAmBgC,CAAO;"}

package/lib/zudoku.auth-clerk.js

@@ -1,7 +1,7 @@
 import { j as l } from "./jsx-runtime-C5mzlN2N.js";
 import { LogOutIcon as f } from "lucide-react";
-import { S as w, a as p, b as v } from "./SignUp-CxBGHgba.js";
-import { u as n } from "./hook-bv3iuX7X.js";
+import { S as w, a as p, b as v } from "./SignUp-u6c0hFsC.js";
+import { u as n } from "./hook-B4Q30zMI.js";
 const b = ({
   clerkPubKey: d,
   jwtTemplateName: m,

package/lib/zudoku.auth-clerk.js.map

@@ -1 +1 @@
-{"version":3,"file":"zudoku.auth-clerk.js","sources":["../src/lib/authentication/providers/clerk.tsx"],"sourcesContent":["import type { Clerk } from \"@clerk/clerk-js\";\nimport { LogOutIcon } from \"lucide-react\";\nimport { type ZudokuPlugin } from \"zudoku/plugins\";\nimport { type ClerkAuthenticationConfig } from \"../../../config/config.js\";\nimport {\n  type AuthenticationPlugin,\n  type AuthenticationProviderInitializer,\n} from \"../authentication.js\";\nimport { SignIn } from \"../components/SignIn.js\";\nimport { SignOut } from \"../components/SignOut.js\";\nimport { SignUp } from \"../components/SignUp.js\";\nimport { useAuthState } from \"../state.js\";\n\nconst clerkAuth: AuthenticationProviderInitializer<\n  ClerkAuthenticationConfig\n> = ({\n  clerkPubKey,\n  jwtTemplateName,\n  redirectToAfterSignOut = \"/\",\n  redirectToAfterSignUp,\n  redirectToAfterSignIn,\n}): AuthenticationPlugin & ZudokuPlugin => {\n  let clerkApi: Clerk | undefined;\n  const ensureLoaded = (async () => {\n    if (typeof window === \"undefined\") return;\n    const { Clerk } = await import(\"@clerk/clerk-js\");\n    clerkApi = new Clerk(clerkPubKey);\n\n    await clerkApi.load();\n\n    if (clerkApi.user) {\n      const verifiedEmail = clerkApi.user.emailAddresses.find(\n        (email) => email.verification.status === \"verified\",\n      );\n      useAuthState.getState().setLoggedIn({\n        profile: {\n          sub: clerkApi.user.id,\n          name: clerkApi.user.fullName ?? undefined,\n          email:\n            verifiedEmail?.emailAddress ??\n            clerkApi.user.emailAddresses[0]?.emailAddress,\n          emailVerified: verifiedEmail !== undefined,\n          pictureUrl: clerkApi.user.imageUrl,\n        },\n        providerData: {\n          user: {\n            publicMetadata: clerkApi.user.publicMetadata,\n            id: clerkApi.user.id,\n            emailAddresses: clerkApi.user.emailAddresses,\n            imageUrl: clerkApi.user.imageUrl,\n            fullName: clerkApi.user.fullName,\n          },\n        },\n      });\n    }\n\n    return clerkApi;\n  })();\n\n  async function getAccessToken() {\n    await ensureLoaded;\n    if (!clerkApi?.session) {\n      throw new Error(\"No session available\");\n    }\n    const response = await clerkApi.session.getToken({\n      template: jwtTemplateName,\n    });\n    if (!response) {\n      throw new Error(\"Could not get access token from Clerk\");\n    }\n    return response;\n  }\n\n  async function signRequest(request: Request): Promise<Request> {\n    const response = await getAccessToken();\n    request.headers.set(\"Authorization\", `Bearer ${response}`);\n    return request;\n  }\n\n  return {\n    getRoutes: () => {\n      return [\n        {\n          path: \"/signout\",\n          element: <SignOut />,\n        },\n        {\n          path: \"/signin\",\n          element: <SignIn />,\n        },\n        {\n          path: \"/signup\",\n          element: <SignUp />,\n        },\n      ];\n    },\n\n    getProfileMenuItems() {\n      return [\n        {\n          label: \"Logout\",\n          path: \"/signout\",\n          category: \"bottom\",\n          icon: LogOutIcon,\n        } as const,\n      ];\n    },\n    initialize: async () => {\n      const clerk = await ensureLoaded;\n\n      if (!clerk) {\n        return;\n      }\n\n      if (clerk.session) {\n        const verifiedEmail = clerk.session.user.emailAddresses.find(\n          (email) => email.verification.status === \"verified\",\n        );\n        useAuthState.getState().setLoggedIn({\n          profile: {\n            sub: clerk.session.user.id,\n            name: clerk.session.user.fullName ?? undefined,\n            email:\n              verifiedEmail?.emailAddress ??\n              clerk.session.user.emailAddresses[0]?.emailAddress,\n            emailVerified: verifiedEmail !== undefined,\n            pictureUrl: clerk.session.user.imageUrl,\n          },\n          providerData: {\n            user: clerk.session.user,\n          },\n        });\n      } else {\n        useAuthState.setState({\n          isAuthenticated: false,\n          isPending: false,\n          profile: undefined,\n        });\n      }\n    },\n    getAccessToken,\n    signRequest,\n    signOut: async () => {\n      await ensureLoaded;\n      await clerkApi?.signOut({\n        redirectUrl: window.location.origin + redirectToAfterSignOut,\n      });\n      useAuthState.getState().setLoggedOut();\n    },\n    signIn: async ({ redirectTo }: { redirectTo?: string } = {}) => {\n      await ensureLoaded;\n      await clerkApi?.redirectToSignIn({\n        signInForceRedirectUrl: redirectToAfterSignIn\n          ? window.location.origin + redirectToAfterSignIn\n          : redirectTo,\n        signUpForceRedirectUrl: redirectToAfterSignUp\n          ? window.location.origin + redirectToAfterSignUp\n          : redirectTo,\n      });\n    },\n    signUp: async ({ redirectTo }: { redirectTo?: string } = {}) => {\n      await ensureLoaded;\n      await clerkApi?.redirectToSignUp({\n        signInForceRedirectUrl: redirectToAfterSignIn\n          ? window.location.origin + redirectToAfterSignIn\n          : redirectTo,\n        signUpForceRedirectUrl: redirectToAfterSignUp\n          ? window.location.origin + redirectToAfterSignUp\n          : redirectTo,\n      });\n    },\n  };\n};\n\nexport default clerkAuth;\n"],"names":["clerkAuth","clerkPubKey","jwtTemplateName","redirectToAfterSignOut","redirectToAfterSignUp","redirectToAfterSignIn","clerkApi","ensureLoaded","Clerk","verifiedEmail","email","useAuthState","getAccessToken","response","signRequest","request","SignOut","SignIn","SignUp","LogOutIcon","clerk","redirectTo"],"mappings":";;;;AAaA,MAAMA,IAEF,CAAC;AAAA,EACH,aAAAC;AAAA,EACA,iBAAAC;AAAA,EACA,wBAAAC,IAAyB;AAAA,EACzB,uBAAAC;AAAA,EACA,uBAAAC;AACF,MAA2C;AACzC,MAAIC;AACJ,QAAMC,KAAgB,YAAY;AAChC,QAAI,OAAO,SAAW,IAAa;AACnC,UAAM,EAAE,OAAAC,EAAA,IAAU,MAAM,OAAO,iBAAiB;AAKhD,QAJAF,IAAW,IAAIE,EAAMP,CAAW,GAEhC,MAAMK,EAAS,KAAA,GAEXA,EAAS,MAAM;AACjB,YAAMG,IAAgBH,EAAS,KAAK,eAAe;AAAA,QACjD,CAACI,MAAUA,EAAM,aAAa,WAAW;AAAA,MAAA;AAE3C,MAAAC,EAAa,SAAA,EAAW,YAAY;AAAA,QAClC,SAAS;AAAA,UACP,KAAKL,EAAS,KAAK;AAAA,UACnB,MAAMA,EAAS,KAAK,YAAY;AAAA,UAChC,OACEG,GAAe,gBACfH,EAAS,KAAK,eAAe,CAAC,GAAG;AAAA,UACnC,eAAeG,MAAkB;AAAA,UACjC,YAAYH,EAAS,KAAK;AAAA,QAAA;AAAA,QAE5B,cAAc;AAAA,UACZ,MAAM;AAAA,YACJ,gBAAgBA,EAAS,KAAK;AAAA,YAC9B,IAAIA,EAAS,KAAK;AAAA,YAClB,gBAAgBA,EAAS,KAAK;AAAA,YAC9B,UAAUA,EAAS,KAAK;AAAA,YACxB,UAAUA,EAAS,KAAK;AAAA,UAAA;AAAA,QAC1B;AAAA,MACF,CACD;AAAA,IACH;AAEA,WAAOA;AAAA,EACT,GAAA;AAEA,iBAAeM,IAAiB;AAE9B,QADA,MAAML,GACF,CAACD,GAAU;AACb,YAAM,IAAI,MAAM,sBAAsB;AAExC,UAAMO,IAAW,MAAMP,EAAS,QAAQ,SAAS;AAAA,MAC/C,UAAUJ;AAAA,IAAA,CACX;AACD,QAAI,CAACW;AACH,YAAM,IAAI,MAAM,uCAAuC;AAEzD,WAAOA;AAAA,EACT;AAEA,iBAAeC,EAAYC,GAAoC;AAC7D,UAAMF,IAAW,MAAMD,EAAA;AACvB,WAAAG,EAAQ,QAAQ,IAAI,iBAAiB,UAAUF,CAAQ,EAAE,GAClDE;AAAA,EACT;AAEA,SAAO;AAAA,IACL,WAAW,MACF;AAAA,MACL;AAAA,QACE,MAAM;AAAA,QACN,+BAAUC,GAAA,CAAA,CAAQ;AAAA,MAAA;AAAA,MAEpB;AAAA,QACE,MAAM;AAAA,QACN,+BAAUC,GAAA,CAAA,CAAO;AAAA,MAAA;AAAA,MAEnB;AAAA,QACE,MAAM;AAAA,QACN,+BAAUC,GAAA,CAAA,CAAO;AAAA,MAAA;AAAA,IACnB;AAAA,IAIJ,sBAAsB;AACpB,aAAO;AAAA,QACL;AAAA,UACE,OAAO;AAAA,UACP,MAAM;AAAA,UACN,UAAU;AAAA,UACV,MAAMC;AAAA,QAAA;AAAA,MACR;AAAA,IAEJ;AAAA,IACA,YAAY,YAAY;AACtB,YAAMC,IAAQ,MAAMb;AAEpB,UAAKa;AAIL,YAAIA,EAAM,SAAS;AACjB,gBAAMX,IAAgBW,EAAM,QAAQ,KAAK,eAAe;AAAA,YACtD,CAACV,MAAUA,EAAM,aAAa,WAAW;AAAA,UAAA;AAE3C,UAAAC,EAAa,SAAA,EAAW,YAAY;AAAA,YAClC,SAAS;AAAA,cACP,KAAKS,EAAM,QAAQ,KAAK;AAAA,cACxB,MAAMA,EAAM,QAAQ,KAAK,YAAY;AAAA,cACrC,OACEX,GAAe,gBACfW,EAAM,QAAQ,KAAK,eAAe,CAAC,GAAG;AAAA,cACxC,eAAeX,MAAkB;AAAA,cACjC,YAAYW,EAAM,QAAQ,KAAK;AAAA,YAAA;AAAA,YAEjC,cAAc;AAAA,cACZ,MAAMA,EAAM,QAAQ;AAAA,YAAA;AAAA,UACtB,CACD;AAAA,QACH;AACE,UAAAT,EAAa,SAAS;AAAA,YACpB,iBAAiB;AAAA,YACjB,WAAW;AAAA,YACX,SAAS;AAAA,UAAA,CACV;AAAA,IAEL;AAAA,IACA,gBAAAC;AAAA,IACA,aAAAE;AAAA,IACA,SAAS,YAAY;AACnB,YAAMP,GACN,MAAMD,GAAU,QAAQ;AAAA,QACtB,aAAa,OAAO,SAAS,SAASH;AAAA,MAAA,CACvC,GACDQ,EAAa,SAAA,EAAW,aAAA;AAAA,IAC1B;AAAA,IACA,QAAQ,OAAO,EAAE,YAAAU,EAAA,IAAwC,OAAO;AAC9D,YAAMd,GACN,MAAMD,GAAU,iBAAiB;AAAA,QAC/B,wBAAwBD,IACpB,OAAO,SAAS,SAASA,IACzBgB;AAAA,QACJ,wBAAwBjB,IACpB,OAAO,SAAS,SAASA,IACzBiB;AAAA,MAAA,CACL;AAAA,IACH;AAAA,IACA,QAAQ,OAAO,EAAE,YAAAA,EAAA,IAAwC,OAAO;AAC9D,YAAMd,GACN,MAAMD,GAAU,iBAAiB;AAAA,QAC/B,wBAAwBD,IACpB,OAAO,SAAS,SAASA,IACzBgB;AAAA,QACJ,wBAAwBjB,IACpB,OAAO,SAAS,SAASA,IACzBiB;AAAA,MAAA,CACL;AAAA,IACH;AAAA,EAAA;AAEJ;"}
+{"version":3,"file":"zudoku.auth-clerk.js","sources":["../src/lib/authentication/providers/clerk.tsx"],"sourcesContent":["import type { Clerk } from \"@clerk/clerk-js\";\nimport { LogOutIcon } from \"lucide-react\";\nimport type { ZudokuPlugin } from \"zudoku/plugins\";\nimport type { ClerkAuthenticationConfig } from \"../../../config/config.js\";\nimport type {\n  AuthenticationPlugin,\n  AuthenticationProviderInitializer,\n} from \"../authentication.js\";\nimport { SignIn } from \"../components/SignIn.js\";\nimport { SignOut } from \"../components/SignOut.js\";\nimport { SignUp } from \"../components/SignUp.js\";\nimport { useAuthState } from \"../state.js\";\n\nconst clerkAuth: AuthenticationProviderInitializer<\n  ClerkAuthenticationConfig\n> = ({\n  clerkPubKey,\n  jwtTemplateName,\n  redirectToAfterSignOut = \"/\",\n  redirectToAfterSignUp,\n  redirectToAfterSignIn,\n}): AuthenticationPlugin & ZudokuPlugin => {\n  let clerkApi: Clerk | undefined;\n  const ensureLoaded = (async () => {\n    if (typeof window === \"undefined\") return;\n    const { Clerk } = await import(\"@clerk/clerk-js\");\n    clerkApi = new Clerk(clerkPubKey);\n\n    await clerkApi.load();\n\n    if (clerkApi.user) {\n      const verifiedEmail = clerkApi.user.emailAddresses.find(\n        (email) => email.verification.status === \"verified\",\n      );\n      useAuthState.getState().setLoggedIn({\n        profile: {\n          sub: clerkApi.user.id,\n          name: clerkApi.user.fullName ?? undefined,\n          email:\n            verifiedEmail?.emailAddress ??\n            clerkApi.user.emailAddresses[0]?.emailAddress,\n          emailVerified: verifiedEmail !== undefined,\n          pictureUrl: clerkApi.user.imageUrl,\n        },\n        providerData: {\n          user: {\n            publicMetadata: clerkApi.user.publicMetadata,\n            id: clerkApi.user.id,\n            emailAddresses: clerkApi.user.emailAddresses,\n            imageUrl: clerkApi.user.imageUrl,\n            fullName: clerkApi.user.fullName,\n          },\n        },\n      });\n    }\n\n    return clerkApi;\n  })();\n\n  async function getAccessToken() {\n    await ensureLoaded;\n    if (!clerkApi?.session) {\n      throw new Error(\"No session available\");\n    }\n    const response = await clerkApi.session.getToken({\n      template: jwtTemplateName,\n    });\n    if (!response) {\n      throw new Error(\"Could not get access token from Clerk\");\n    }\n    return response;\n  }\n\n  async function signRequest(request: Request): Promise<Request> {\n    const response = await getAccessToken();\n    request.headers.set(\"Authorization\", `Bearer ${response}`);\n    return request;\n  }\n\n  return {\n    getRoutes: () => {\n      return [\n        {\n          path: \"/signout\",\n          element: <SignOut />,\n        },\n        {\n          path: \"/signin\",\n          element: <SignIn />,\n        },\n        {\n          path: \"/signup\",\n          element: <SignUp />,\n        },\n      ];\n    },\n\n    getProfileMenuItems() {\n      return [\n        {\n          label: \"Logout\",\n          path: \"/signout\",\n          category: \"bottom\",\n          icon: LogOutIcon,\n        } as const,\n      ];\n    },\n    initialize: async () => {\n      const clerk = await ensureLoaded;\n\n      if (!clerk) {\n        return;\n      }\n\n      if (clerk.session) {\n        const verifiedEmail = clerk.session.user.emailAddresses.find(\n          (email) => email.verification.status === \"verified\",\n        );\n        useAuthState.getState().setLoggedIn({\n          profile: {\n            sub: clerk.session.user.id,\n            name: clerk.session.user.fullName ?? undefined,\n            email:\n              verifiedEmail?.emailAddress ??\n              clerk.session.user.emailAddresses[0]?.emailAddress,\n            emailVerified: verifiedEmail !== undefined,\n            pictureUrl: clerk.session.user.imageUrl,\n          },\n          providerData: {\n            user: clerk.session.user,\n          },\n        });\n      } else {\n        useAuthState.setState({\n          isAuthenticated: false,\n          isPending: false,\n          profile: undefined,\n        });\n      }\n    },\n    getAccessToken,\n    signRequest,\n    signOut: async () => {\n      await ensureLoaded;\n      await clerkApi?.signOut({\n        redirectUrl: window.location.origin + redirectToAfterSignOut,\n      });\n      useAuthState.getState().setLoggedOut();\n    },\n    signIn: async ({ redirectTo }: { redirectTo?: string } = {}) => {\n      await ensureLoaded;\n      await clerkApi?.redirectToSignIn({\n        signInForceRedirectUrl: redirectToAfterSignIn\n          ? window.location.origin + redirectToAfterSignIn\n          : redirectTo,\n        signUpForceRedirectUrl: redirectToAfterSignUp\n          ? window.location.origin + redirectToAfterSignUp\n          : redirectTo,\n      });\n    },\n    signUp: async ({ redirectTo }: { redirectTo?: string } = {}) => {\n      await ensureLoaded;\n      await clerkApi?.redirectToSignUp({\n        signInForceRedirectUrl: redirectToAfterSignIn\n          ? window.location.origin + redirectToAfterSignIn\n          : redirectTo,\n        signUpForceRedirectUrl: redirectToAfterSignUp\n          ? window.location.origin + redirectToAfterSignUp\n          : redirectTo,\n      });\n    },\n  };\n};\n\nexport default clerkAuth;\n"],"names":["clerkAuth","clerkPubKey","jwtTemplateName","redirectToAfterSignOut","redirectToAfterSignUp","redirectToAfterSignIn","clerkApi","ensureLoaded","Clerk","verifiedEmail","email","useAuthState","getAccessToken","response","signRequest","request","SignOut","SignIn","SignUp","LogOutIcon","clerk","redirectTo"],"mappings":";;;;AAaA,MAAMA,IAEF,CAAC;AAAA,EACH,aAAAC;AAAA,EACA,iBAAAC;AAAA,EACA,wBAAAC,IAAyB;AAAA,EACzB,uBAAAC;AAAA,EACA,uBAAAC;AACF,MAA2C;AACzC,MAAIC;AACJ,QAAMC,KAAgB,YAAY;AAChC,QAAI,OAAO,SAAW,IAAa;AACnC,UAAM,EAAE,OAAAC,EAAA,IAAU,MAAM,OAAO,iBAAiB;AAKhD,QAJAF,IAAW,IAAIE,EAAMP,CAAW,GAEhC,MAAMK,EAAS,KAAA,GAEXA,EAAS,MAAM;AACjB,YAAMG,IAAgBH,EAAS,KAAK,eAAe;AAAA,QACjD,CAACI,MAAUA,EAAM,aAAa,WAAW;AAAA,MAAA;AAE3C,MAAAC,EAAa,SAAA,EAAW,YAAY;AAAA,QAClC,SAAS;AAAA,UACP,KAAKL,EAAS,KAAK;AAAA,UACnB,MAAMA,EAAS,KAAK,YAAY;AAAA,UAChC,OACEG,GAAe,gBACfH,EAAS,KAAK,eAAe,CAAC,GAAG;AAAA,UACnC,eAAeG,MAAkB;AAAA,UACjC,YAAYH,EAAS,KAAK;AAAA,QAAA;AAAA,QAE5B,cAAc;AAAA,UACZ,MAAM;AAAA,YACJ,gBAAgBA,EAAS,KAAK;AAAA,YAC9B,IAAIA,EAAS,KAAK;AAAA,YAClB,gBAAgBA,EAAS,KAAK;AAAA,YAC9B,UAAUA,EAAS,KAAK;AAAA,YACxB,UAAUA,EAAS,KAAK;AAAA,UAAA;AAAA,QAC1B;AAAA,MACF,CACD;AAAA,IACH;AAEA,WAAOA;AAAA,EACT,GAAA;AAEA,iBAAeM,IAAiB;AAE9B,QADA,MAAML,GACF,CAACD,GAAU;AACb,YAAM,IAAI,MAAM,sBAAsB;AAExC,UAAMO,IAAW,MAAMP,EAAS,QAAQ,SAAS;AAAA,MAC/C,UAAUJ;AAAA,IAAA,CACX;AACD,QAAI,CAACW;AACH,YAAM,IAAI,MAAM,uCAAuC;AAEzD,WAAOA;AAAA,EACT;AAEA,iBAAeC,EAAYC,GAAoC;AAC7D,UAAMF,IAAW,MAAMD,EAAA;AACvB,WAAAG,EAAQ,QAAQ,IAAI,iBAAiB,UAAUF,CAAQ,EAAE,GAClDE;AAAA,EACT;AAEA,SAAO;AAAA,IACL,WAAW,MACF;AAAA,MACL;AAAA,QACE,MAAM;AAAA,QACN,+BAAUC,GAAA,CAAA,CAAQ;AAAA,MAAA;AAAA,MAEpB;AAAA,QACE,MAAM;AAAA,QACN,+BAAUC,GAAA,CAAA,CAAO;AAAA,MAAA;AAAA,MAEnB;AAAA,QACE,MAAM;AAAA,QACN,+BAAUC,GAAA,CAAA,CAAO;AAAA,MAAA;AAAA,IACnB;AAAA,IAIJ,sBAAsB;AACpB,aAAO;AAAA,QACL;AAAA,UACE,OAAO;AAAA,UACP,MAAM;AAAA,UACN,UAAU;AAAA,UACV,MAAMC;AAAA,QAAA;AAAA,MACR;AAAA,IAEJ;AAAA,IACA,YAAY,YAAY;AACtB,YAAMC,IAAQ,MAAMb;AAEpB,UAAKa;AAIL,YAAIA,EAAM,SAAS;AACjB,gBAAMX,IAAgBW,EAAM,QAAQ,KAAK,eAAe;AAAA,YACtD,CAACV,MAAUA,EAAM,aAAa,WAAW;AAAA,UAAA;AAE3C,UAAAC,EAAa,SAAA,EAAW,YAAY;AAAA,YAClC,SAAS;AAAA,cACP,KAAKS,EAAM,QAAQ,KAAK;AAAA,cACxB,MAAMA,EAAM,QAAQ,KAAK,YAAY;AAAA,cACrC,OACEX,GAAe,gBACfW,EAAM,QAAQ,KAAK,eAAe,CAAC,GAAG;AAAA,cACxC,eAAeX,MAAkB;AAAA,cACjC,YAAYW,EAAM,QAAQ,KAAK;AAAA,YAAA;AAAA,YAEjC,cAAc;AAAA,cACZ,MAAMA,EAAM,QAAQ;AAAA,YAAA;AAAA,UACtB,CACD;AAAA,QACH;AACE,UAAAT,EAAa,SAAS;AAAA,YACpB,iBAAiB;AAAA,YACjB,WAAW;AAAA,YACX,SAAS;AAAA,UAAA,CACV;AAAA,IAEL;AAAA,IACA,gBAAAC;AAAA,IACA,aAAAE;AAAA,IACA,SAAS,YAAY;AACnB,YAAMP,GACN,MAAMD,GAAU,QAAQ;AAAA,QACtB,aAAa,OAAO,SAAS,SAASH;AAAA,MAAA,CACvC,GACDQ,EAAa,SAAA,EAAW,aAAA;AAAA,IAC1B;AAAA,IACA,QAAQ,OAAO,EAAE,YAAAU,EAAA,IAAwC,OAAO;AAC9D,YAAMd,GACN,MAAMD,GAAU,iBAAiB;AAAA,QAC/B,wBAAwBD,IACpB,OAAO,SAAS,SAASA,IACzBgB;AAAA,QACJ,wBAAwBjB,IACpB,OAAO,SAAS,SAASA,IACzBiB;AAAA,MAAA,CACL;AAAA,IACH;AAAA,IACA,QAAQ,OAAO,EAAE,YAAAA,EAAA,IAAwC,OAAO;AAC9D,YAAMd,GACN,MAAMD,GAAU,iBAAiB;AAAA,QAC/B,wBAAwBD,IACpB,OAAO,SAAS,SAASA,IACzBgB;AAAA,QACJ,wBAAwBjB,IACpB,OAAO,SAAS,SAASA,IACzBiB;AAAA,MAAA,CACL;AAAA,IACH;AAAA,EAAA;AAEJ;"}

package/lib/zudoku.auth-openid.js

@@ -1,11 +1,11 @@
 import { j as D } from "./jsx-runtime-C5mzlN2N.js";
 import { g as Le } from "./invariant-Bm-FVUQE.js";
-import { E as Ue } from "./index-DzO-Qh6S.js";
+import { E as Ue } from "./index-z-rQiwfg.js";
 import { C as xe } from "./ClientOnly-E7hGysn1.js";
-import { j as Ce } from "./ZudokuContext-BuJD7yIX.js";
-import { C as Ie, O as re, A as R } from "./errors-CrI3s7mR.js";
-import { C as je, O as Oe } from "./OAuthErrorPage-Jv3r8wnL.js";
-import { u as S } from "./hook-bv3iuX7X.js";
+import { j as Ce } from "./ZudokuContext-BR-lnR7O.js";
+import { C as Ie, O as re, A as R } from "./errors-B6u81sEb.js";
+import { C as je, O as Oe } from "./OAuthErrorPage-C2pwoHzm.js";
+import { u as S } from "./hook-B4Q30zMI.js";
 var J = { exports: {} }, De = J.exports, oe;
 function Je() {
   return oe || (oe = 1, function(t) {