From ab2f9affd1973d6ab46a04016889374634f9b611 Mon Sep 17 00:00:00 2001 From: Claude Date: Wed, 10 Jun 2026 08:22:38 +0000 Subject: [PATCH] fix: commit vendored @kuns/zitadel-auth dist (was excluded by dist/ gitignore) --- .gitignore | 1 - vendor/zitadel-auth/dist/angular.cjs | 230 +++++++++++++++++ vendor/zitadel-auth/dist/angular.d.cts | 10 + vendor/zitadel-auth/dist/angular.d.ts | 10 + vendor/zitadel-auth/dist/angular.js | 36 +++ vendor/zitadel-auth/dist/chunk-NFH7JLJM.js | 173 +++++++++++++ vendor/zitadel-auth/dist/index.cjs | 199 +++++++++++++++ vendor/zitadel-auth/dist/index.d.cts | 26 ++ vendor/zitadel-auth/dist/index.d.ts | 26 ++ vendor/zitadel-auth/dist/index.js | 6 + vendor/zitadel-auth/dist/react.cjs | 239 ++++++++++++++++++ vendor/zitadel-auth/dist/react.d.cts | 19 ++ vendor/zitadel-auth/dist/react.d.ts | 19 ++ vendor/zitadel-auth/dist/react.js | 51 ++++ vendor/zitadel-auth/dist/svelte.cjs | 231 +++++++++++++++++ vendor/zitadel-auth/dist/svelte.d.cts | 13 + vendor/zitadel-auth/dist/svelte.d.ts | 13 + vendor/zitadel-auth/dist/svelte.js | 37 +++ vendor/zitadel-auth/dist/types-C5b7Bv-t.d.cts | 34 +++ vendor/zitadel-auth/dist/types-C5b7Bv-t.d.ts | 34 +++ vendor/zitadel-auth/dist/vue.cjs | 231 +++++++++++++++++ vendor/zitadel-auth/dist/vue.d.cts | 16 ++ vendor/zitadel-auth/dist/vue.d.ts | 16 ++ vendor/zitadel-auth/dist/vue.js | 38 +++ 24 files changed, 1707 insertions(+), 1 deletion(-) create mode 100644 vendor/zitadel-auth/dist/angular.cjs create mode 100644 vendor/zitadel-auth/dist/angular.d.cts create mode 100644 vendor/zitadel-auth/dist/angular.d.ts create mode 100644 vendor/zitadel-auth/dist/angular.js create mode 100644 vendor/zitadel-auth/dist/chunk-NFH7JLJM.js create mode 100644 vendor/zitadel-auth/dist/index.cjs create mode 100644 vendor/zitadel-auth/dist/index.d.cts create mode 100644 vendor/zitadel-auth/dist/index.d.ts create mode 100644 vendor/zitadel-auth/dist/index.js create mode 100644 vendor/zitadel-auth/dist/react.cjs create mode 100644 vendor/zitadel-auth/dist/react.d.cts create mode 100644 vendor/zitadel-auth/dist/react.d.ts create mode 100644 vendor/zitadel-auth/dist/react.js create mode 100644 vendor/zitadel-auth/dist/svelte.cjs create mode 100644 vendor/zitadel-auth/dist/svelte.d.cts create mode 100644 vendor/zitadel-auth/dist/svelte.d.ts create mode 100644 vendor/zitadel-auth/dist/svelte.js create mode 100644 vendor/zitadel-auth/dist/types-C5b7Bv-t.d.cts create mode 100644 vendor/zitadel-auth/dist/types-C5b7Bv-t.d.ts create mode 100644 vendor/zitadel-auth/dist/vue.cjs create mode 100644 vendor/zitadel-auth/dist/vue.d.cts create mode 100644 vendor/zitadel-auth/dist/vue.d.ts create mode 100644 vendor/zitadel-auth/dist/vue.js diff --git a/.gitignore b/.gitignore index bf0f329..485e9ec 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,6 @@ node_modules/ .nuxt/ .output/ .data/ -dist/ *.log .env .env.* diff --git a/vendor/zitadel-auth/dist/angular.cjs b/vendor/zitadel-auth/dist/angular.cjs new file mode 100644 index 0000000..93d1b1e --- /dev/null +++ b/vendor/zitadel-auth/dist/angular.cjs @@ -0,0 +1,230 @@ +"use strict"; +var __defProp = Object.defineProperty; +var __getOwnPropDesc = Object.getOwnPropertyDescriptor; +var __getOwnPropNames = Object.getOwnPropertyNames; +var __hasOwnProp = Object.prototype.hasOwnProperty; +var __export = (target, all) => { + for (var name in all) + __defProp(target, name, { get: all[name], enumerable: true }); +}; +var __copyProps = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames(from)) + if (!__hasOwnProp.call(to, key) && key !== except) + __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); + } + return to; +}; +var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); + +// src/adapters/angular.ts +var angular_exports = {}; +__export(angular_exports, { + provideZitadelAuth: () => provideZitadelAuth, + zitadelGuard: () => zitadelGuard +}); +module.exports = __toCommonJS(angular_exports); + +// src/client.ts +var import_oidc_client_ts = require("oidc-client-ts"); + +// src/guards.ts +var RedirectGuard = class { + constructor(maxRedirects, windowSeconds, prefix) { + this.maxRedirects = maxRedirects; + this.windowSeconds = windowSeconds; + this.countKey = `${prefix}redirect_count`; + this.tsKey = `${prefix}redirect_ts`; + } + isLooping() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + const ts = parseInt(sessionStorage.getItem(this.tsKey) ?? "0", 10); + if (ts > 0 && Date.now() - ts > this.windowSeconds * 1e3) { + this.clear(); + return false; + } + return count > this.maxRedirects; + } + recordRedirect() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + if (count === 0) { + sessionStorage.setItem(this.tsKey, String(Date.now())); + } + sessionStorage.setItem(this.countKey, String(count + 1)); + } + clear() { + sessionStorage.removeItem(this.countKey); + sessionStorage.removeItem(this.tsKey); + } +}; + +// src/client.ts +var ZitadelAuth = class { + constructor(config) { + this.currentUser = null; + this._isLoading = true; + this._error = null; + this.listeners = /* @__PURE__ */ new Set(); + this.prefix = config.storagePrefix ?? "kuns_auth_"; + this.redirectGuard = new RedirectGuard( + config.maxRedirects ?? 3, + config.redirectWindowSeconds ?? 30, + this.prefix + ); + this.manager = new import_oidc_client_ts.UserManager({ + authority: config.issuer ?? "https://auth.kuns.dev", + client_id: config.clientId, + redirect_uri: config.redirectUri ?? `${window.location.origin}/auth/callback`, + post_logout_redirect_uri: config.postLogoutUri ?? window.location.origin, + scope: (config.scopes ?? ["openid", "profile", "email"]).join(" "), + automaticSilentRenew: config.silentRenew ?? true, + userStore: new import_oidc_client_ts.WebStorageStateStore({ store: window.localStorage }) + }); + this.manager.events.addUserLoaded((user) => { + this.currentUser = user; + this.notify(); + }); + this.manager.events.addUserUnloaded(() => { + this.currentUser = null; + this.notify(); + }); + this.manager.events.addSilentRenewError(() => { + }); + } + get isAuthenticated() { + return this.currentUser != null && !this.currentUser.expired; + } + get isLoading() { + return this._isLoading; + } + get user() { + if (!this.currentUser) return null; + return { + sub: this.currentUser.profile.sub, + name: this.currentUser.profile.name ?? "", + email: this.currentUser.profile.email ?? "" + }; + } + get accessToken() { + if (!this.currentUser || this.currentUser.expired) return null; + return this.currentUser.access_token; + } + get error() { + return this._error; + } + async init() { + this._isLoading = true; + this.notify(); + try { + if (window.location.pathname.endsWith("/auth/callback")) { + const user = await this.manager.signinRedirectCallback(); + this.currentUser = user; + this.redirectGuard.clear(); + const returnUrl = sessionStorage.getItem(`${this.prefix}return_url`) ?? "/"; + sessionStorage.removeItem(`${this.prefix}return_url`); + window.history.replaceState({}, "", returnUrl); + } else { + const user = await this.manager.getUser(); + if (user?.expired) { + await this.manager.removeUser(); + this.currentUser = null; + } else { + this.currentUser = user; + } + } + } catch (e) { + this._error = `Auth initialization failed: ${e instanceof Error ? e.message : String(e)}`; + await this.manager.removeUser().catch(() => { + }); + this.currentUser = null; + if (window.location.pathname.endsWith("/auth/callback")) { + window.history.replaceState({}, "", "/"); + } + } finally { + this._isLoading = false; + this.notify(); + } + } + login() { + if (this.redirectGuard.isLooping()) { + this._error = "Redirect loop detected. Please clear your browser cache and cookies, then try again."; + this.notify(); + return; + } + this.redirectGuard.recordRedirect(); + sessionStorage.setItem( + `${this.prefix}return_url`, + window.location.pathname + window.location.search + ); + this.manager.signinRedirect(); + } + async logout() { + this.redirectGuard.clear(); + await this.manager.signoutRedirect(); + } + requireAuth() { + if (this._isLoading) return false; + if (!this.isAuthenticated) { + this.login(); + return false; + } + return true; + } + async fetch(url, init) { + const token = this.accessToken; + if (!token) { + this.login(); + return new Response(null, { status: 401 }); + } + const headers = new Headers(init?.headers); + headers.set("Authorization", `Bearer ${token}`); + return window.fetch(url, { ...init, headers }); + } + onAuthChange(cb) { + this.listeners.add(cb); + return () => this.listeners.delete(cb); + } + notify() { + const state = { + isAuthenticated: this.isAuthenticated, + isLoading: this._isLoading, + user: this.user, + error: this._error + }; + this.listeners.forEach((cb) => cb(state)); + } +}; + +// src/adapters/angular.ts +var AUTH_INSTANCE_KEY = "__kuns_zitadel_auth__"; +function provideZitadelAuth(config) { + const auth = new ZitadelAuth(config); + globalThis[AUTH_INSTANCE_KEY] = auth; + return { + provide: "KUNS_ZITADEL_AUTH", + useValue: auth + }; +} +function getAuthInstance() { + const auth = globalThis[AUTH_INSTANCE_KEY]; + if (!auth) throw new Error("Call provideZitadelAuth() before using zitadelGuard()"); + return auth; +} +function zitadelGuard() { + let initPromise = null; + return async () => { + const auth = getAuthInstance(); + if (!initPromise) { + initPromise = auth.init(); + } + await initPromise; + if (auth.isAuthenticated) return true; + auth.login(); + return false; + }; +} +// Annotate the CommonJS export names for ESM import in node: +0 && (module.exports = { + provideZitadelAuth, + zitadelGuard +}); diff --git a/vendor/zitadel-auth/dist/angular.d.cts b/vendor/zitadel-auth/dist/angular.d.cts new file mode 100644 index 0000000..3c2d450 --- /dev/null +++ b/vendor/zitadel-auth/dist/angular.d.cts @@ -0,0 +1,10 @@ +import { ZitadelAuth } from './index.cjs'; +import { Z as ZitadelAuthConfig } from './types-C5b7Bv-t.cjs'; + +declare function provideZitadelAuth(config: ZitadelAuthConfig): { + provide: string; + useValue: ZitadelAuth; +}; +declare function zitadelGuard(): () => Promise; + +export { provideZitadelAuth, zitadelGuard }; diff --git a/vendor/zitadel-auth/dist/angular.d.ts b/vendor/zitadel-auth/dist/angular.d.ts new file mode 100644 index 0000000..d62a0eb --- /dev/null +++ b/vendor/zitadel-auth/dist/angular.d.ts @@ -0,0 +1,10 @@ +import { ZitadelAuth } from './index.js'; +import { Z as ZitadelAuthConfig } from './types-C5b7Bv-t.js'; + +declare function provideZitadelAuth(config: ZitadelAuthConfig): { + provide: string; + useValue: ZitadelAuth; +}; +declare function zitadelGuard(): () => Promise; + +export { provideZitadelAuth, zitadelGuard }; diff --git a/vendor/zitadel-auth/dist/angular.js b/vendor/zitadel-auth/dist/angular.js new file mode 100644 index 0000000..29ee1db --- /dev/null +++ b/vendor/zitadel-auth/dist/angular.js @@ -0,0 +1,36 @@ +import { + ZitadelAuth +} from "./chunk-NFH7JLJM.js"; + +// src/adapters/angular.ts +var AUTH_INSTANCE_KEY = "__kuns_zitadel_auth__"; +function provideZitadelAuth(config) { + const auth = new ZitadelAuth(config); + globalThis[AUTH_INSTANCE_KEY] = auth; + return { + provide: "KUNS_ZITADEL_AUTH", + useValue: auth + }; +} +function getAuthInstance() { + const auth = globalThis[AUTH_INSTANCE_KEY]; + if (!auth) throw new Error("Call provideZitadelAuth() before using zitadelGuard()"); + return auth; +} +function zitadelGuard() { + let initPromise = null; + return async () => { + const auth = getAuthInstance(); + if (!initPromise) { + initPromise = auth.init(); + } + await initPromise; + if (auth.isAuthenticated) return true; + auth.login(); + return false; + }; +} +export { + provideZitadelAuth, + zitadelGuard +}; diff --git a/vendor/zitadel-auth/dist/chunk-NFH7JLJM.js b/vendor/zitadel-auth/dist/chunk-NFH7JLJM.js new file mode 100644 index 0000000..688eb27 --- /dev/null +++ b/vendor/zitadel-auth/dist/chunk-NFH7JLJM.js @@ -0,0 +1,173 @@ +// src/client.ts +import { UserManager, WebStorageStateStore } from "oidc-client-ts"; + +// src/guards.ts +var RedirectGuard = class { + constructor(maxRedirects, windowSeconds, prefix) { + this.maxRedirects = maxRedirects; + this.windowSeconds = windowSeconds; + this.countKey = `${prefix}redirect_count`; + this.tsKey = `${prefix}redirect_ts`; + } + isLooping() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + const ts = parseInt(sessionStorage.getItem(this.tsKey) ?? "0", 10); + if (ts > 0 && Date.now() - ts > this.windowSeconds * 1e3) { + this.clear(); + return false; + } + return count > this.maxRedirects; + } + recordRedirect() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + if (count === 0) { + sessionStorage.setItem(this.tsKey, String(Date.now())); + } + sessionStorage.setItem(this.countKey, String(count + 1)); + } + clear() { + sessionStorage.removeItem(this.countKey); + sessionStorage.removeItem(this.tsKey); + } +}; + +// src/client.ts +var ZitadelAuth = class { + constructor(config) { + this.currentUser = null; + this._isLoading = true; + this._error = null; + this.listeners = /* @__PURE__ */ new Set(); + this.prefix = config.storagePrefix ?? "kuns_auth_"; + this.redirectGuard = new RedirectGuard( + config.maxRedirects ?? 3, + config.redirectWindowSeconds ?? 30, + this.prefix + ); + this.manager = new UserManager({ + authority: config.issuer ?? "https://auth.kuns.dev", + client_id: config.clientId, + redirect_uri: config.redirectUri ?? `${window.location.origin}/auth/callback`, + post_logout_redirect_uri: config.postLogoutUri ?? window.location.origin, + scope: (config.scopes ?? ["openid", "profile", "email"]).join(" "), + automaticSilentRenew: config.silentRenew ?? true, + userStore: new WebStorageStateStore({ store: window.localStorage }) + }); + this.manager.events.addUserLoaded((user) => { + this.currentUser = user; + this.notify(); + }); + this.manager.events.addUserUnloaded(() => { + this.currentUser = null; + this.notify(); + }); + this.manager.events.addSilentRenewError(() => { + }); + } + get isAuthenticated() { + return this.currentUser != null && !this.currentUser.expired; + } + get isLoading() { + return this._isLoading; + } + get user() { + if (!this.currentUser) return null; + return { + sub: this.currentUser.profile.sub, + name: this.currentUser.profile.name ?? "", + email: this.currentUser.profile.email ?? "" + }; + } + get accessToken() { + if (!this.currentUser || this.currentUser.expired) return null; + return this.currentUser.access_token; + } + get error() { + return this._error; + } + async init() { + this._isLoading = true; + this.notify(); + try { + if (window.location.pathname.endsWith("/auth/callback")) { + const user = await this.manager.signinRedirectCallback(); + this.currentUser = user; + this.redirectGuard.clear(); + const returnUrl = sessionStorage.getItem(`${this.prefix}return_url`) ?? "/"; + sessionStorage.removeItem(`${this.prefix}return_url`); + window.history.replaceState({}, "", returnUrl); + } else { + const user = await this.manager.getUser(); + if (user?.expired) { + await this.manager.removeUser(); + this.currentUser = null; + } else { + this.currentUser = user; + } + } + } catch (e) { + this._error = `Auth initialization failed: ${e instanceof Error ? e.message : String(e)}`; + await this.manager.removeUser().catch(() => { + }); + this.currentUser = null; + if (window.location.pathname.endsWith("/auth/callback")) { + window.history.replaceState({}, "", "/"); + } + } finally { + this._isLoading = false; + this.notify(); + } + } + login() { + if (this.redirectGuard.isLooping()) { + this._error = "Redirect loop detected. Please clear your browser cache and cookies, then try again."; + this.notify(); + return; + } + this.redirectGuard.recordRedirect(); + sessionStorage.setItem( + `${this.prefix}return_url`, + window.location.pathname + window.location.search + ); + this.manager.signinRedirect(); + } + async logout() { + this.redirectGuard.clear(); + await this.manager.signoutRedirect(); + } + requireAuth() { + if (this._isLoading) return false; + if (!this.isAuthenticated) { + this.login(); + return false; + } + return true; + } + async fetch(url, init) { + const token = this.accessToken; + if (!token) { + this.login(); + return new Response(null, { status: 401 }); + } + const headers = new Headers(init?.headers); + headers.set("Authorization", `Bearer ${token}`); + return window.fetch(url, { ...init, headers }); + } + onAuthChange(cb) { + this.listeners.add(cb); + return () => this.listeners.delete(cb); + } + notify() { + const state = { + isAuthenticated: this.isAuthenticated, + isLoading: this._isLoading, + user: this.user, + error: this._error + }; + this.listeners.forEach((cb) => cb(state)); + } +}; + +export { + ZitadelAuth +}; diff --git a/vendor/zitadel-auth/dist/index.cjs b/vendor/zitadel-auth/dist/index.cjs new file mode 100644 index 0000000..47bf926 --- /dev/null +++ b/vendor/zitadel-auth/dist/index.cjs @@ -0,0 +1,199 @@ +"use strict"; +var __defProp = Object.defineProperty; +var __getOwnPropDesc = Object.getOwnPropertyDescriptor; +var __getOwnPropNames = Object.getOwnPropertyNames; +var __hasOwnProp = Object.prototype.hasOwnProperty; +var __export = (target, all) => { + for (var name in all) + __defProp(target, name, { get: all[name], enumerable: true }); +}; +var __copyProps = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames(from)) + if (!__hasOwnProp.call(to, key) && key !== except) + __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); + } + return to; +}; +var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); + +// src/index.ts +var src_exports = {}; +__export(src_exports, { + ZitadelAuth: () => ZitadelAuth +}); +module.exports = __toCommonJS(src_exports); + +// src/client.ts +var import_oidc_client_ts = require("oidc-client-ts"); + +// src/guards.ts +var RedirectGuard = class { + constructor(maxRedirects, windowSeconds, prefix) { + this.maxRedirects = maxRedirects; + this.windowSeconds = windowSeconds; + this.countKey = `${prefix}redirect_count`; + this.tsKey = `${prefix}redirect_ts`; + } + isLooping() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + const ts = parseInt(sessionStorage.getItem(this.tsKey) ?? "0", 10); + if (ts > 0 && Date.now() - ts > this.windowSeconds * 1e3) { + this.clear(); + return false; + } + return count > this.maxRedirects; + } + recordRedirect() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + if (count === 0) { + sessionStorage.setItem(this.tsKey, String(Date.now())); + } + sessionStorage.setItem(this.countKey, String(count + 1)); + } + clear() { + sessionStorage.removeItem(this.countKey); + sessionStorage.removeItem(this.tsKey); + } +}; + +// src/client.ts +var ZitadelAuth = class { + constructor(config) { + this.currentUser = null; + this._isLoading = true; + this._error = null; + this.listeners = /* @__PURE__ */ new Set(); + this.prefix = config.storagePrefix ?? "kuns_auth_"; + this.redirectGuard = new RedirectGuard( + config.maxRedirects ?? 3, + config.redirectWindowSeconds ?? 30, + this.prefix + ); + this.manager = new import_oidc_client_ts.UserManager({ + authority: config.issuer ?? "https://auth.kuns.dev", + client_id: config.clientId, + redirect_uri: config.redirectUri ?? `${window.location.origin}/auth/callback`, + post_logout_redirect_uri: config.postLogoutUri ?? window.location.origin, + scope: (config.scopes ?? ["openid", "profile", "email"]).join(" "), + automaticSilentRenew: config.silentRenew ?? true, + userStore: new import_oidc_client_ts.WebStorageStateStore({ store: window.localStorage }) + }); + this.manager.events.addUserLoaded((user) => { + this.currentUser = user; + this.notify(); + }); + this.manager.events.addUserUnloaded(() => { + this.currentUser = null; + this.notify(); + }); + this.manager.events.addSilentRenewError(() => { + }); + } + get isAuthenticated() { + return this.currentUser != null && !this.currentUser.expired; + } + get isLoading() { + return this._isLoading; + } + get user() { + if (!this.currentUser) return null; + return { + sub: this.currentUser.profile.sub, + name: this.currentUser.profile.name ?? "", + email: this.currentUser.profile.email ?? "" + }; + } + get accessToken() { + if (!this.currentUser || this.currentUser.expired) return null; + return this.currentUser.access_token; + } + get error() { + return this._error; + } + async init() { + this._isLoading = true; + this.notify(); + try { + if (window.location.pathname.endsWith("/auth/callback")) { + const user = await this.manager.signinRedirectCallback(); + this.currentUser = user; + this.redirectGuard.clear(); + const returnUrl = sessionStorage.getItem(`${this.prefix}return_url`) ?? "/"; + sessionStorage.removeItem(`${this.prefix}return_url`); + window.history.replaceState({}, "", returnUrl); + } else { + const user = await this.manager.getUser(); + if (user?.expired) { + await this.manager.removeUser(); + this.currentUser = null; + } else { + this.currentUser = user; + } + } + } catch (e) { + this._error = `Auth initialization failed: ${e instanceof Error ? e.message : String(e)}`; + await this.manager.removeUser().catch(() => { + }); + this.currentUser = null; + if (window.location.pathname.endsWith("/auth/callback")) { + window.history.replaceState({}, "", "/"); + } + } finally { + this._isLoading = false; + this.notify(); + } + } + login() { + if (this.redirectGuard.isLooping()) { + this._error = "Redirect loop detected. Please clear your browser cache and cookies, then try again."; + this.notify(); + return; + } + this.redirectGuard.recordRedirect(); + sessionStorage.setItem( + `${this.prefix}return_url`, + window.location.pathname + window.location.search + ); + this.manager.signinRedirect(); + } + async logout() { + this.redirectGuard.clear(); + await this.manager.signoutRedirect(); + } + requireAuth() { + if (this._isLoading) return false; + if (!this.isAuthenticated) { + this.login(); + return false; + } + return true; + } + async fetch(url, init) { + const token = this.accessToken; + if (!token) { + this.login(); + return new Response(null, { status: 401 }); + } + const headers = new Headers(init?.headers); + headers.set("Authorization", `Bearer ${token}`); + return window.fetch(url, { ...init, headers }); + } + onAuthChange(cb) { + this.listeners.add(cb); + return () => this.listeners.delete(cb); + } + notify() { + const state = { + isAuthenticated: this.isAuthenticated, + isLoading: this._isLoading, + user: this.user, + error: this._error + }; + this.listeners.forEach((cb) => cb(state)); + } +}; +// Annotate the CommonJS export names for ESM import in node: +0 && (module.exports = { + ZitadelAuth +}); diff --git a/vendor/zitadel-auth/dist/index.d.cts b/vendor/zitadel-auth/dist/index.d.cts new file mode 100644 index 0000000..e14f456 --- /dev/null +++ b/vendor/zitadel-auth/dist/index.d.cts @@ -0,0 +1,26 @@ +import { Z as ZitadelAuthConfig, a as ZitadelUser, A as AuthState } from './types-C5b7Bv-t.cjs'; + +declare class ZitadelAuth { + private manager; + private currentUser; + private _isLoading; + private _error; + private listeners; + private redirectGuard; + private prefix; + constructor(config: ZitadelAuthConfig); + get isAuthenticated(): boolean; + get isLoading(): boolean; + get user(): ZitadelUser | null; + get accessToken(): string | null; + get error(): string | null; + init(): Promise; + login(): void; + logout(): Promise; + requireAuth(): boolean; + fetch(url: string, init?: RequestInit): Promise; + onAuthChange(cb: (state: AuthState) => void): () => void; + private notify; +} + +export { AuthState, ZitadelAuth, ZitadelAuthConfig, ZitadelUser }; diff --git a/vendor/zitadel-auth/dist/index.d.ts b/vendor/zitadel-auth/dist/index.d.ts new file mode 100644 index 0000000..e6af914 --- /dev/null +++ b/vendor/zitadel-auth/dist/index.d.ts @@ -0,0 +1,26 @@ +import { Z as ZitadelAuthConfig, a as ZitadelUser, A as AuthState } from './types-C5b7Bv-t.js'; + +declare class ZitadelAuth { + private manager; + private currentUser; + private _isLoading; + private _error; + private listeners; + private redirectGuard; + private prefix; + constructor(config: ZitadelAuthConfig); + get isAuthenticated(): boolean; + get isLoading(): boolean; + get user(): ZitadelUser | null; + get accessToken(): string | null; + get error(): string | null; + init(): Promise; + login(): void; + logout(): Promise; + requireAuth(): boolean; + fetch(url: string, init?: RequestInit): Promise; + onAuthChange(cb: (state: AuthState) => void): () => void; + private notify; +} + +export { AuthState, ZitadelAuth, ZitadelAuthConfig, ZitadelUser }; diff --git a/vendor/zitadel-auth/dist/index.js b/vendor/zitadel-auth/dist/index.js new file mode 100644 index 0000000..f05c086 --- /dev/null +++ b/vendor/zitadel-auth/dist/index.js @@ -0,0 +1,6 @@ +import { + ZitadelAuth +} from "./chunk-NFH7JLJM.js"; +export { + ZitadelAuth +}; diff --git a/vendor/zitadel-auth/dist/react.cjs b/vendor/zitadel-auth/dist/react.cjs new file mode 100644 index 0000000..9e5ced2 --- /dev/null +++ b/vendor/zitadel-auth/dist/react.cjs @@ -0,0 +1,239 @@ +"use strict"; +var __defProp = Object.defineProperty; +var __getOwnPropDesc = Object.getOwnPropertyDescriptor; +var __getOwnPropNames = Object.getOwnPropertyNames; +var __hasOwnProp = Object.prototype.hasOwnProperty; +var __export = (target, all) => { + for (var name in all) + __defProp(target, name, { get: all[name], enumerable: true }); +}; +var __copyProps = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames(from)) + if (!__hasOwnProp.call(to, key) && key !== except) + __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); + } + return to; +}; +var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); + +// src/adapters/react.tsx +var react_exports = {}; +__export(react_exports, { + ZitadelProvider: () => ZitadelProvider, + useAuth: () => useAuth +}); +module.exports = __toCommonJS(react_exports); +var import_react = require("react"); + +// src/client.ts +var import_oidc_client_ts = require("oidc-client-ts"); + +// src/guards.ts +var RedirectGuard = class { + constructor(maxRedirects, windowSeconds, prefix) { + this.maxRedirects = maxRedirects; + this.windowSeconds = windowSeconds; + this.countKey = `${prefix}redirect_count`; + this.tsKey = `${prefix}redirect_ts`; + } + isLooping() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + const ts = parseInt(sessionStorage.getItem(this.tsKey) ?? "0", 10); + if (ts > 0 && Date.now() - ts > this.windowSeconds * 1e3) { + this.clear(); + return false; + } + return count > this.maxRedirects; + } + recordRedirect() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + if (count === 0) { + sessionStorage.setItem(this.tsKey, String(Date.now())); + } + sessionStorage.setItem(this.countKey, String(count + 1)); + } + clear() { + sessionStorage.removeItem(this.countKey); + sessionStorage.removeItem(this.tsKey); + } +}; + +// src/client.ts +var ZitadelAuth = class { + constructor(config) { + this.currentUser = null; + this._isLoading = true; + this._error = null; + this.listeners = /* @__PURE__ */ new Set(); + this.prefix = config.storagePrefix ?? "kuns_auth_"; + this.redirectGuard = new RedirectGuard( + config.maxRedirects ?? 3, + config.redirectWindowSeconds ?? 30, + this.prefix + ); + this.manager = new import_oidc_client_ts.UserManager({ + authority: config.issuer ?? "https://auth.kuns.dev", + client_id: config.clientId, + redirect_uri: config.redirectUri ?? `${window.location.origin}/auth/callback`, + post_logout_redirect_uri: config.postLogoutUri ?? window.location.origin, + scope: (config.scopes ?? ["openid", "profile", "email"]).join(" "), + automaticSilentRenew: config.silentRenew ?? true, + userStore: new import_oidc_client_ts.WebStorageStateStore({ store: window.localStorage }) + }); + this.manager.events.addUserLoaded((user) => { + this.currentUser = user; + this.notify(); + }); + this.manager.events.addUserUnloaded(() => { + this.currentUser = null; + this.notify(); + }); + this.manager.events.addSilentRenewError(() => { + }); + } + get isAuthenticated() { + return this.currentUser != null && !this.currentUser.expired; + } + get isLoading() { + return this._isLoading; + } + get user() { + if (!this.currentUser) return null; + return { + sub: this.currentUser.profile.sub, + name: this.currentUser.profile.name ?? "", + email: this.currentUser.profile.email ?? "" + }; + } + get accessToken() { + if (!this.currentUser || this.currentUser.expired) return null; + return this.currentUser.access_token; + } + get error() { + return this._error; + } + async init() { + this._isLoading = true; + this.notify(); + try { + if (window.location.pathname.endsWith("/auth/callback")) { + const user = await this.manager.signinRedirectCallback(); + this.currentUser = user; + this.redirectGuard.clear(); + const returnUrl = sessionStorage.getItem(`${this.prefix}return_url`) ?? "/"; + sessionStorage.removeItem(`${this.prefix}return_url`); + window.history.replaceState({}, "", returnUrl); + } else { + const user = await this.manager.getUser(); + if (user?.expired) { + await this.manager.removeUser(); + this.currentUser = null; + } else { + this.currentUser = user; + } + } + } catch (e) { + this._error = `Auth initialization failed: ${e instanceof Error ? e.message : String(e)}`; + await this.manager.removeUser().catch(() => { + }); + this.currentUser = null; + if (window.location.pathname.endsWith("/auth/callback")) { + window.history.replaceState({}, "", "/"); + } + } finally { + this._isLoading = false; + this.notify(); + } + } + login() { + if (this.redirectGuard.isLooping()) { + this._error = "Redirect loop detected. Please clear your browser cache and cookies, then try again."; + this.notify(); + return; + } + this.redirectGuard.recordRedirect(); + sessionStorage.setItem( + `${this.prefix}return_url`, + window.location.pathname + window.location.search + ); + this.manager.signinRedirect(); + } + async logout() { + this.redirectGuard.clear(); + await this.manager.signoutRedirect(); + } + requireAuth() { + if (this._isLoading) return false; + if (!this.isAuthenticated) { + this.login(); + return false; + } + return true; + } + async fetch(url, init) { + const token = this.accessToken; + if (!token) { + this.login(); + return new Response(null, { status: 401 }); + } + const headers = new Headers(init?.headers); + headers.set("Authorization", `Bearer ${token}`); + return window.fetch(url, { ...init, headers }); + } + onAuthChange(cb) { + this.listeners.add(cb); + return () => this.listeners.delete(cb); + } + notify() { + const state = { + isAuthenticated: this.isAuthenticated, + isLoading: this._isLoading, + user: this.user, + error: this._error + }; + this.listeners.forEach((cb) => cb(state)); + } +}; + +// src/adapters/react.tsx +var import_jsx_runtime = require("react/jsx-runtime"); +var AuthContext = (0, import_react.createContext)(null); +function ZitadelProvider({ children, ...config }) { + const [auth] = (0, import_react.useState)(() => new ZitadelAuth(config)); + const [ready, setReady] = (0, import_react.useState)(false); + (0, import_react.useEffect)(() => { + auth.init().then(() => { + setReady(true); + if (!auth.isAuthenticated && !auth.error) { + auth.login(); + } + }); + }, [auth]); + if (!ready) return null; + return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(AuthContext.Provider, { value: auth, children }); +} +function useAuth() { + const auth = (0, import_react.useContext)(AuthContext); + if (!auth) throw new Error("useAuth must be used within a ZitadelProvider"); + const state = (0, import_react.useSyncExternalStore)( + (cb) => auth.onAuthChange(cb), + () => ({ + isAuthenticated: auth.isAuthenticated, + isLoading: auth.isLoading, + user: auth.user, + error: auth.error + }) + ); + return { + ...state, + login: () => auth.login(), + logout: () => auth.logout(), + fetch: (url, init) => auth.fetch(url, init) + }; +} +// Annotate the CommonJS export names for ESM import in node: +0 && (module.exports = { + ZitadelProvider, + useAuth +}); diff --git a/vendor/zitadel-auth/dist/react.d.cts b/vendor/zitadel-auth/dist/react.d.cts new file mode 100644 index 0000000..450c13c --- /dev/null +++ b/vendor/zitadel-auth/dist/react.d.cts @@ -0,0 +1,19 @@ +import * as react_jsx_runtime from 'react/jsx-runtime'; +import { ReactNode } from 'react'; +import { Z as ZitadelAuthConfig, a as ZitadelUser } from './types-C5b7Bv-t.cjs'; + +interface ZitadelProviderProps extends ZitadelAuthConfig { + children: ReactNode; +} +declare function ZitadelProvider({ children, ...config }: ZitadelProviderProps): react_jsx_runtime.JSX.Element | null; +declare function useAuth(): { + login: () => void; + logout: () => Promise; + fetch: (url: string, init?: RequestInit) => Promise; + isAuthenticated: boolean; + isLoading: boolean; + user: ZitadelUser | null; + error: string | null; +}; + +export { ZitadelProvider, useAuth }; diff --git a/vendor/zitadel-auth/dist/react.d.ts b/vendor/zitadel-auth/dist/react.d.ts new file mode 100644 index 0000000..07c6f56 --- /dev/null +++ b/vendor/zitadel-auth/dist/react.d.ts @@ -0,0 +1,19 @@ +import * as react_jsx_runtime from 'react/jsx-runtime'; +import { ReactNode } from 'react'; +import { Z as ZitadelAuthConfig, a as ZitadelUser } from './types-C5b7Bv-t.js'; + +interface ZitadelProviderProps extends ZitadelAuthConfig { + children: ReactNode; +} +declare function ZitadelProvider({ children, ...config }: ZitadelProviderProps): react_jsx_runtime.JSX.Element | null; +declare function useAuth(): { + login: () => void; + logout: () => Promise; + fetch: (url: string, init?: RequestInit) => Promise; + isAuthenticated: boolean; + isLoading: boolean; + user: ZitadelUser | null; + error: string | null; +}; + +export { ZitadelProvider, useAuth }; diff --git a/vendor/zitadel-auth/dist/react.js b/vendor/zitadel-auth/dist/react.js new file mode 100644 index 0000000..4edec8d --- /dev/null +++ b/vendor/zitadel-auth/dist/react.js @@ -0,0 +1,51 @@ +import { + ZitadelAuth +} from "./chunk-NFH7JLJM.js"; + +// src/adapters/react.tsx +import { + createContext, + useContext, + useEffect, + useState, + useSyncExternalStore +} from "react"; +import { jsx } from "react/jsx-runtime"; +var AuthContext = createContext(null); +function ZitadelProvider({ children, ...config }) { + const [auth] = useState(() => new ZitadelAuth(config)); + const [ready, setReady] = useState(false); + useEffect(() => { + auth.init().then(() => { + setReady(true); + if (!auth.isAuthenticated && !auth.error) { + auth.login(); + } + }); + }, [auth]); + if (!ready) return null; + return /* @__PURE__ */ jsx(AuthContext.Provider, { value: auth, children }); +} +function useAuth() { + const auth = useContext(AuthContext); + if (!auth) throw new Error("useAuth must be used within a ZitadelProvider"); + const state = useSyncExternalStore( + (cb) => auth.onAuthChange(cb), + () => ({ + isAuthenticated: auth.isAuthenticated, + isLoading: auth.isLoading, + user: auth.user, + error: auth.error + }) + ); + return { + ...state, + login: () => auth.login(), + logout: () => auth.logout(), + fetch: (url, init) => auth.fetch(url, init) + }; +} +export { + ZitadelProvider, + useAuth +}; diff --git a/vendor/zitadel-auth/dist/svelte.cjs b/vendor/zitadel-auth/dist/svelte.cjs new file mode 100644 index 0000000..ae75b12 --- /dev/null +++ b/vendor/zitadel-auth/dist/svelte.cjs @@ -0,0 +1,231 @@ +"use strict"; +var __defProp = Object.defineProperty; +var __getOwnPropDesc = Object.getOwnPropertyDescriptor; +var __getOwnPropNames = Object.getOwnPropertyNames; +var __hasOwnProp = Object.prototype.hasOwnProperty; +var __export = (target, all) => { + for (var name in all) + __defProp(target, name, { get: all[name], enumerable: true }); +}; +var __copyProps = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames(from)) + if (!__hasOwnProp.call(to, key) && key !== except) + __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); + } + return to; +}; +var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); + +// src/adapters/svelte.ts +var svelte_exports = {}; +__export(svelte_exports, { + createZitadelHandle: () => createZitadelHandle, + getAuth: () => getAuth +}); +module.exports = __toCommonJS(svelte_exports); + +// src/client.ts +var import_oidc_client_ts = require("oidc-client-ts"); + +// src/guards.ts +var RedirectGuard = class { + constructor(maxRedirects, windowSeconds, prefix) { + this.maxRedirects = maxRedirects; + this.windowSeconds = windowSeconds; + this.countKey = `${prefix}redirect_count`; + this.tsKey = `${prefix}redirect_ts`; + } + isLooping() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + const ts = parseInt(sessionStorage.getItem(this.tsKey) ?? "0", 10); + if (ts > 0 && Date.now() - ts > this.windowSeconds * 1e3) { + this.clear(); + return false; + } + return count > this.maxRedirects; + } + recordRedirect() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + if (count === 0) { + sessionStorage.setItem(this.tsKey, String(Date.now())); + } + sessionStorage.setItem(this.countKey, String(count + 1)); + } + clear() { + sessionStorage.removeItem(this.countKey); + sessionStorage.removeItem(this.tsKey); + } +}; + +// src/client.ts +var ZitadelAuth = class { + constructor(config) { + this.currentUser = null; + this._isLoading = true; + this._error = null; + this.listeners = /* @__PURE__ */ new Set(); + this.prefix = config.storagePrefix ?? "kuns_auth_"; + this.redirectGuard = new RedirectGuard( + config.maxRedirects ?? 3, + config.redirectWindowSeconds ?? 30, + this.prefix + ); + this.manager = new import_oidc_client_ts.UserManager({ + authority: config.issuer ?? "https://auth.kuns.dev", + client_id: config.clientId, + redirect_uri: config.redirectUri ?? `${window.location.origin}/auth/callback`, + post_logout_redirect_uri: config.postLogoutUri ?? window.location.origin, + scope: (config.scopes ?? ["openid", "profile", "email"]).join(" "), + automaticSilentRenew: config.silentRenew ?? true, + userStore: new import_oidc_client_ts.WebStorageStateStore({ store: window.localStorage }) + }); + this.manager.events.addUserLoaded((user) => { + this.currentUser = user; + this.notify(); + }); + this.manager.events.addUserUnloaded(() => { + this.currentUser = null; + this.notify(); + }); + this.manager.events.addSilentRenewError(() => { + }); + } + get isAuthenticated() { + return this.currentUser != null && !this.currentUser.expired; + } + get isLoading() { + return this._isLoading; + } + get user() { + if (!this.currentUser) return null; + return { + sub: this.currentUser.profile.sub, + name: this.currentUser.profile.name ?? "", + email: this.currentUser.profile.email ?? "" + }; + } + get accessToken() { + if (!this.currentUser || this.currentUser.expired) return null; + return this.currentUser.access_token; + } + get error() { + return this._error; + } + async init() { + this._isLoading = true; + this.notify(); + try { + if (window.location.pathname.endsWith("/auth/callback")) { + const user = await this.manager.signinRedirectCallback(); + this.currentUser = user; + this.redirectGuard.clear(); + const returnUrl = sessionStorage.getItem(`${this.prefix}return_url`) ?? "/"; + sessionStorage.removeItem(`${this.prefix}return_url`); + window.history.replaceState({}, "", returnUrl); + } else { + const user = await this.manager.getUser(); + if (user?.expired) { + await this.manager.removeUser(); + this.currentUser = null; + } else { + this.currentUser = user; + } + } + } catch (e) { + this._error = `Auth initialization failed: ${e instanceof Error ? e.message : String(e)}`; + await this.manager.removeUser().catch(() => { + }); + this.currentUser = null; + if (window.location.pathname.endsWith("/auth/callback")) { + window.history.replaceState({}, "", "/"); + } + } finally { + this._isLoading = false; + this.notify(); + } + } + login() { + if (this.redirectGuard.isLooping()) { + this._error = "Redirect loop detected. Please clear your browser cache and cookies, then try again."; + this.notify(); + return; + } + this.redirectGuard.recordRedirect(); + sessionStorage.setItem( + `${this.prefix}return_url`, + window.location.pathname + window.location.search + ); + this.manager.signinRedirect(); + } + async logout() { + this.redirectGuard.clear(); + await this.manager.signoutRedirect(); + } + requireAuth() { + if (this._isLoading) return false; + if (!this.isAuthenticated) { + this.login(); + return false; + } + return true; + } + async fetch(url, init) { + const token = this.accessToken; + if (!token) { + this.login(); + return new Response(null, { status: 401 }); + } + const headers = new Headers(init?.headers); + headers.set("Authorization", `Bearer ${token}`); + return window.fetch(url, { ...init, headers }); + } + onAuthChange(cb) { + this.listeners.add(cb); + return () => this.listeners.delete(cb); + } + notify() { + const state = { + isAuthenticated: this.isAuthenticated, + isLoading: this._isLoading, + user: this.user, + error: this._error + }; + this.listeners.forEach((cb) => cb(state)); + } +}; + +// src/adapters/svelte.ts +var authInstance = null; +function createZitadelHandle(config) { + const auth = new ZitadelAuth(config); + authInstance = auth; + auth.init().then(() => { + if (!auth.isAuthenticated && !auth.error) { + auth.login(); + } + }); + return { + subscribe: (cb) => { + cb({ + isAuthenticated: auth.isAuthenticated, + isLoading: auth.isLoading, + user: auth.user, + error: auth.error + }); + return auth.onAuthChange(cb); + }, + login: () => auth.login(), + logout: () => auth.logout(), + fetch: (url, init) => auth.fetch(url, init) + }; +} +function getAuth() { + if (!authInstance) throw new Error("Call createZitadelHandle() before getAuth()"); + return authInstance; +} +// Annotate the CommonJS export names for ESM import in node: +0 && (module.exports = { + createZitadelHandle, + getAuth +}); diff --git a/vendor/zitadel-auth/dist/svelte.d.cts b/vendor/zitadel-auth/dist/svelte.d.cts new file mode 100644 index 0000000..e9dd93e --- /dev/null +++ b/vendor/zitadel-auth/dist/svelte.d.cts @@ -0,0 +1,13 @@ +import { ZitadelAuth } from './index.cjs'; +import { Z as ZitadelAuthConfig, A as AuthState } from './types-C5b7Bv-t.cjs'; + +interface ZitadelSvelteAuth { + subscribe: (cb: (state: AuthState) => void) => () => void; + login: () => void; + logout: () => Promise; + fetch: (url: string, init?: RequestInit) => Promise; +} +declare function createZitadelHandle(config: ZitadelAuthConfig): ZitadelSvelteAuth; +declare function getAuth(): ZitadelAuth; + +export { createZitadelHandle, getAuth }; diff --git a/vendor/zitadel-auth/dist/svelte.d.ts b/vendor/zitadel-auth/dist/svelte.d.ts new file mode 100644 index 0000000..c7071b0 --- /dev/null +++ b/vendor/zitadel-auth/dist/svelte.d.ts @@ -0,0 +1,13 @@ +import { ZitadelAuth } from './index.js'; +import { Z as ZitadelAuthConfig, A as AuthState } from './types-C5b7Bv-t.js'; + +interface ZitadelSvelteAuth { + subscribe: (cb: (state: AuthState) => void) => () => void; + login: () => void; + logout: () => Promise; + fetch: (url: string, init?: RequestInit) => Promise; +} +declare function createZitadelHandle(config: ZitadelAuthConfig): ZitadelSvelteAuth; +declare function getAuth(): ZitadelAuth; + +export { createZitadelHandle, getAuth }; diff --git a/vendor/zitadel-auth/dist/svelte.js b/vendor/zitadel-auth/dist/svelte.js new file mode 100644 index 0000000..7c5df0e --- /dev/null +++ b/vendor/zitadel-auth/dist/svelte.js @@ -0,0 +1,37 @@ +import { + ZitadelAuth +} from "./chunk-NFH7JLJM.js"; + +// src/adapters/svelte.ts +var authInstance = null; +function createZitadelHandle(config) { + const auth = new ZitadelAuth(config); + authInstance = auth; + auth.init().then(() => { + if (!auth.isAuthenticated && !auth.error) { + auth.login(); + } + }); + return { + subscribe: (cb) => { + cb({ + isAuthenticated: auth.isAuthenticated, + isLoading: auth.isLoading, + user: auth.user, + error: auth.error + }); + return auth.onAuthChange(cb); + }, + login: () => auth.login(), + logout: () => auth.logout(), + fetch: (url, init) => auth.fetch(url, init) + }; +} +function getAuth() { + if (!authInstance) throw new Error("Call createZitadelHandle() before getAuth()"); + return authInstance; +} +export { + createZitadelHandle, + getAuth +}; diff --git a/vendor/zitadel-auth/dist/types-C5b7Bv-t.d.cts b/vendor/zitadel-auth/dist/types-C5b7Bv-t.d.cts new file mode 100644 index 0000000..96b6bbc --- /dev/null +++ b/vendor/zitadel-auth/dist/types-C5b7Bv-t.d.cts @@ -0,0 +1,34 @@ +interface ZitadelAuthConfig { + /** Zitadel application client ID (required). */ + clientId: string; + /** Zitadel issuer URL. Defaults to "https://auth.kuns.dev". */ + issuer?: string; + /** OAuth callback URL. Defaults to `${location.origin}/auth/callback`. */ + redirectUri?: string; + /** Post-logout redirect URL. Defaults to `location.origin`. */ + postLogoutUri?: string; + /** OIDC scopes. Defaults to ["openid", "profile", "email"]. */ + scopes?: string[]; + /** Prefix for sessionStorage keys used by redirect loop guard. Defaults to "kuns_auth_". */ + storagePrefix?: string; + /** Enable automatic silent token renewal. Defaults to true. */ + silentRenew?: boolean; + /** Max redirects before loop detection triggers. Defaults to 3. */ + maxRedirects?: number; + /** Time window in seconds for redirect loop detection. Defaults to 30. */ + redirectWindowSeconds?: number; +} +interface ZitadelUser { + sub: string; + name: string; + email: string; + [key: string]: unknown; +} +interface AuthState { + isAuthenticated: boolean; + isLoading: boolean; + user: ZitadelUser | null; + error: string | null; +} + +export type { AuthState as A, ZitadelAuthConfig as Z, ZitadelUser as a }; diff --git a/vendor/zitadel-auth/dist/types-C5b7Bv-t.d.ts b/vendor/zitadel-auth/dist/types-C5b7Bv-t.d.ts new file mode 100644 index 0000000..96b6bbc --- /dev/null +++ b/vendor/zitadel-auth/dist/types-C5b7Bv-t.d.ts @@ -0,0 +1,34 @@ +interface ZitadelAuthConfig { + /** Zitadel application client ID (required). */ + clientId: string; + /** Zitadel issuer URL. Defaults to "https://auth.kuns.dev". */ + issuer?: string; + /** OAuth callback URL. Defaults to `${location.origin}/auth/callback`. */ + redirectUri?: string; + /** Post-logout redirect URL. Defaults to `location.origin`. */ + postLogoutUri?: string; + /** OIDC scopes. Defaults to ["openid", "profile", "email"]. */ + scopes?: string[]; + /** Prefix for sessionStorage keys used by redirect loop guard. Defaults to "kuns_auth_". */ + storagePrefix?: string; + /** Enable automatic silent token renewal. Defaults to true. */ + silentRenew?: boolean; + /** Max redirects before loop detection triggers. Defaults to 3. */ + maxRedirects?: number; + /** Time window in seconds for redirect loop detection. Defaults to 30. */ + redirectWindowSeconds?: number; +} +interface ZitadelUser { + sub: string; + name: string; + email: string; + [key: string]: unknown; +} +interface AuthState { + isAuthenticated: boolean; + isLoading: boolean; + user: ZitadelUser | null; + error: string | null; +} + +export type { AuthState as A, ZitadelAuthConfig as Z, ZitadelUser as a }; diff --git a/vendor/zitadel-auth/dist/vue.cjs b/vendor/zitadel-auth/dist/vue.cjs new file mode 100644 index 0000000..60b3bc0 --- /dev/null +++ b/vendor/zitadel-auth/dist/vue.cjs @@ -0,0 +1,231 @@ +"use strict"; +var __defProp = Object.defineProperty; +var __getOwnPropDesc = Object.getOwnPropertyDescriptor; +var __getOwnPropNames = Object.getOwnPropertyNames; +var __hasOwnProp = Object.prototype.hasOwnProperty; +var __export = (target, all) => { + for (var name in all) + __defProp(target, name, { get: all[name], enumerable: true }); +}; +var __copyProps = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames(from)) + if (!__hasOwnProp.call(to, key) && key !== except) + __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); + } + return to; +}; +var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); + +// src/adapters/vue.ts +var vue_exports = {}; +__export(vue_exports, { + useZitadelAuth: () => useZitadelAuth +}); +module.exports = __toCommonJS(vue_exports); +var import_vue = require("vue"); + +// src/client.ts +var import_oidc_client_ts = require("oidc-client-ts"); + +// src/guards.ts +var RedirectGuard = class { + constructor(maxRedirects, windowSeconds, prefix) { + this.maxRedirects = maxRedirects; + this.windowSeconds = windowSeconds; + this.countKey = `${prefix}redirect_count`; + this.tsKey = `${prefix}redirect_ts`; + } + isLooping() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + const ts = parseInt(sessionStorage.getItem(this.tsKey) ?? "0", 10); + if (ts > 0 && Date.now() - ts > this.windowSeconds * 1e3) { + this.clear(); + return false; + } + return count > this.maxRedirects; + } + recordRedirect() { + const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10); + if (count === 0) { + sessionStorage.setItem(this.tsKey, String(Date.now())); + } + sessionStorage.setItem(this.countKey, String(count + 1)); + } + clear() { + sessionStorage.removeItem(this.countKey); + sessionStorage.removeItem(this.tsKey); + } +}; + +// src/client.ts +var ZitadelAuth = class { + constructor(config) { + this.currentUser = null; + this._isLoading = true; + this._error = null; + this.listeners = /* @__PURE__ */ new Set(); + this.prefix = config.storagePrefix ?? "kuns_auth_"; + this.redirectGuard = new RedirectGuard( + config.maxRedirects ?? 3, + config.redirectWindowSeconds ?? 30, + this.prefix + ); + this.manager = new import_oidc_client_ts.UserManager({ + authority: config.issuer ?? "https://auth.kuns.dev", + client_id: config.clientId, + redirect_uri: config.redirectUri ?? `${window.location.origin}/auth/callback`, + post_logout_redirect_uri: config.postLogoutUri ?? window.location.origin, + scope: (config.scopes ?? ["openid", "profile", "email"]).join(" "), + automaticSilentRenew: config.silentRenew ?? true, + userStore: new import_oidc_client_ts.WebStorageStateStore({ store: window.localStorage }) + }); + this.manager.events.addUserLoaded((user) => { + this.currentUser = user; + this.notify(); + }); + this.manager.events.addUserUnloaded(() => { + this.currentUser = null; + this.notify(); + }); + this.manager.events.addSilentRenewError(() => { + }); + } + get isAuthenticated() { + return this.currentUser != null && !this.currentUser.expired; + } + get isLoading() { + return this._isLoading; + } + get user() { + if (!this.currentUser) return null; + return { + sub: this.currentUser.profile.sub, + name: this.currentUser.profile.name ?? "", + email: this.currentUser.profile.email ?? "" + }; + } + get accessToken() { + if (!this.currentUser || this.currentUser.expired) return null; + return this.currentUser.access_token; + } + get error() { + return this._error; + } + async init() { + this._isLoading = true; + this.notify(); + try { + if (window.location.pathname.endsWith("/auth/callback")) { + const user = await this.manager.signinRedirectCallback(); + this.currentUser = user; + this.redirectGuard.clear(); + const returnUrl = sessionStorage.getItem(`${this.prefix}return_url`) ?? "/"; + sessionStorage.removeItem(`${this.prefix}return_url`); + window.history.replaceState({}, "", returnUrl); + } else { + const user = await this.manager.getUser(); + if (user?.expired) { + await this.manager.removeUser(); + this.currentUser = null; + } else { + this.currentUser = user; + } + } + } catch (e) { + this._error = `Auth initialization failed: ${e instanceof Error ? e.message : String(e)}`; + await this.manager.removeUser().catch(() => { + }); + this.currentUser = null; + if (window.location.pathname.endsWith("/auth/callback")) { + window.history.replaceState({}, "", "/"); + } + } finally { + this._isLoading = false; + this.notify(); + } + } + login() { + if (this.redirectGuard.isLooping()) { + this._error = "Redirect loop detected. Please clear your browser cache and cookies, then try again."; + this.notify(); + return; + } + this.redirectGuard.recordRedirect(); + sessionStorage.setItem( + `${this.prefix}return_url`, + window.location.pathname + window.location.search + ); + this.manager.signinRedirect(); + } + async logout() { + this.redirectGuard.clear(); + await this.manager.signoutRedirect(); + } + requireAuth() { + if (this._isLoading) return false; + if (!this.isAuthenticated) { + this.login(); + return false; + } + return true; + } + async fetch(url, init) { + const token = this.accessToken; + if (!token) { + this.login(); + return new Response(null, { status: 401 }); + } + const headers = new Headers(init?.headers); + headers.set("Authorization", `Bearer ${token}`); + return window.fetch(url, { ...init, headers }); + } + onAuthChange(cb) { + this.listeners.add(cb); + return () => this.listeners.delete(cb); + } + notify() { + const state = { + isAuthenticated: this.isAuthenticated, + isLoading: this._isLoading, + user: this.user, + error: this._error + }; + this.listeners.forEach((cb) => cb(state)); + } +}; + +// src/adapters/vue.ts +function useZitadelAuth(router, config) { + const auth = new ZitadelAuth(config); + const state = (0, import_vue.reactive)({ + isAuthenticated: false, + isLoading: true, + user: null, + error: null + }); + auth.onAuthChange((s) => { + state.isAuthenticated = s.isAuthenticated; + state.isLoading = s.isLoading; + state.user = s.user; + state.error = s.error; + }); + const initPromise = auth.init(); + router.beforeEach(async (to) => { + if (to.path.includes("/auth/callback")) return true; + await initPromise; + if (auth.isAuthenticated) return true; + auth.login(); + return false; + }); + return { + ...(0, import_vue.toRefs)(state), + login: () => auth.login(), + logout: () => auth.logout(), + fetch: (url, init) => auth.fetch(url, init) + }; +} +// Annotate the CommonJS export names for ESM import in node: +0 && (module.exports = { + useZitadelAuth +}); diff --git a/vendor/zitadel-auth/dist/vue.d.cts b/vendor/zitadel-auth/dist/vue.d.cts new file mode 100644 index 0000000..70393d1 --- /dev/null +++ b/vendor/zitadel-auth/dist/vue.d.cts @@ -0,0 +1,16 @@ +import { Ref } from 'vue'; +import { Router } from 'vue-router'; +import { Z as ZitadelAuthConfig, a as ZitadelUser } from './types-C5b7Bv-t.cjs'; + +interface ZitadelAuthReturn { + isAuthenticated: Ref; + isLoading: Ref; + user: Ref; + error: Ref; + login: () => void; + logout: () => Promise; + fetch: (url: string, init?: RequestInit) => Promise; +} +declare function useZitadelAuth(router: Router, config: ZitadelAuthConfig): ZitadelAuthReturn; + +export { useZitadelAuth }; diff --git a/vendor/zitadel-auth/dist/vue.d.ts b/vendor/zitadel-auth/dist/vue.d.ts new file mode 100644 index 0000000..99cebae --- /dev/null +++ b/vendor/zitadel-auth/dist/vue.d.ts @@ -0,0 +1,16 @@ +import { Ref } from 'vue'; +import { Router } from 'vue-router'; +import { Z as ZitadelAuthConfig, a as ZitadelUser } from './types-C5b7Bv-t.js'; + +interface ZitadelAuthReturn { + isAuthenticated: Ref; + isLoading: Ref; + user: Ref; + error: Ref; + login: () => void; + logout: () => Promise; + fetch: (url: string, init?: RequestInit) => Promise; +} +declare function useZitadelAuth(router: Router, config: ZitadelAuthConfig): ZitadelAuthReturn; + +export { useZitadelAuth }; diff --git a/vendor/zitadel-auth/dist/vue.js b/vendor/zitadel-auth/dist/vue.js new file mode 100644 index 0000000..094ee27 --- /dev/null +++ b/vendor/zitadel-auth/dist/vue.js @@ -0,0 +1,38 @@ +import { + ZitadelAuth +} from "./chunk-NFH7JLJM.js"; + +// src/adapters/vue.ts +import { reactive, toRefs } from "vue"; +function useZitadelAuth(router, config) { + const auth = new ZitadelAuth(config); + const state = reactive({ + isAuthenticated: false, + isLoading: true, + user: null, + error: null + }); + auth.onAuthChange((s) => { + state.isAuthenticated = s.isAuthenticated; + state.isLoading = s.isLoading; + state.user = s.user; + state.error = s.error; + }); + const initPromise = auth.init(); + router.beforeEach(async (to) => { + if (to.path.includes("/auth/callback")) return true; + await initPromise; + if (auth.isAuthenticated) return true; + auth.login(); + return false; + }); + return { + ...toRefs(state), + login: () => auth.login(), + logout: () => auth.logout(), + fetch: (url, init) => auth.fetch(url, init) + }; +} +export { + useZitadelAuth +};