fix: commit vendored @kuns/zitadel-auth dist (was excluded by dist/ gitignore)

2026-06-10 08:22:38 +00:00
parent 7331fe75e8
commit ab2f9affd1
24 changed files with 1707 additions and 1 deletions
--- a/vendor/zitadel-auth/dist/chunk-NFH7JLJM.js
+++ b/vendor/zitadel-auth/dist/chunk-NFH7JLJM.js
@@ -0,0 +1,173 @@
+// src/client.ts
+import { UserManager, WebStorageStateStore } from "oidc-client-ts";
+
+// src/guards.ts
+var RedirectGuard = class {
+  constructor(maxRedirects, windowSeconds, prefix) {
+    this.maxRedirects = maxRedirects;
+    this.windowSeconds = windowSeconds;
+    this.countKey = `${prefix}redirect_count`;
+    this.tsKey = `${prefix}redirect_ts`;
+  }
+  isLooping() {
+    const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10);
+    const ts = parseInt(sessionStorage.getItem(this.tsKey) ?? "0", 10);
+    if (ts > 0 && Date.now() - ts > this.windowSeconds * 1e3) {
+      this.clear();
+      return false;
+    }
+    return count > this.maxRedirects;
+  }
+  recordRedirect() {
+    const count = parseInt(sessionStorage.getItem(this.countKey) ?? "0", 10);
+    if (count === 0) {
+      sessionStorage.setItem(this.tsKey, String(Date.now()));
+    }
+    sessionStorage.setItem(this.countKey, String(count + 1));
+  }
+  clear() {
+    sessionStorage.removeItem(this.countKey);
+    sessionStorage.removeItem(this.tsKey);
+  }
+};
+
+// src/client.ts
+var ZitadelAuth = class {
+  constructor(config) {
+    this.currentUser = null;
+    this._isLoading = true;
+    this._error = null;
+    this.listeners = /* @__PURE__ */ new Set();
+    this.prefix = config.storagePrefix ?? "kuns_auth_";
+    this.redirectGuard = new RedirectGuard(
+      config.maxRedirects ?? 3,
+      config.redirectWindowSeconds ?? 30,
+      this.prefix
+    );
+    this.manager = new UserManager({
+      authority: config.issuer ?? "https://auth.kuns.dev",
+      client_id: config.clientId,
+      redirect_uri: config.redirectUri ?? `${window.location.origin}/auth/callback`,
+      post_logout_redirect_uri: config.postLogoutUri ?? window.location.origin,
+      scope: (config.scopes ?? ["openid", "profile", "email"]).join(" "),
+      automaticSilentRenew: config.silentRenew ?? true,
+      userStore: new WebStorageStateStore({ store: window.localStorage })
+    });
+    this.manager.events.addUserLoaded((user) => {
+      this.currentUser = user;
+      this.notify();
+    });
+    this.manager.events.addUserUnloaded(() => {
+      this.currentUser = null;
+      this.notify();
+    });
+    this.manager.events.addSilentRenewError(() => {
+    });
+  }
+  get isAuthenticated() {
+    return this.currentUser != null && !this.currentUser.expired;
+  }
+  get isLoading() {
+    return this._isLoading;
+  }
+  get user() {
+    if (!this.currentUser) return null;
+    return {
+      sub: this.currentUser.profile.sub,
+      name: this.currentUser.profile.name ?? "",
+      email: this.currentUser.profile.email ?? ""
+    };
+  }
+  get accessToken() {
+    if (!this.currentUser || this.currentUser.expired) return null;
+    return this.currentUser.access_token;
+  }
+  get error() {
+    return this._error;
+  }
+  async init() {
+    this._isLoading = true;
+    this.notify();
+    try {
+      if (window.location.pathname.endsWith("/auth/callback")) {
+        const user = await this.manager.signinRedirectCallback();
+        this.currentUser = user;
+        this.redirectGuard.clear();
+        const returnUrl = sessionStorage.getItem(`${this.prefix}return_url`) ?? "/";
+        sessionStorage.removeItem(`${this.prefix}return_url`);
+        window.history.replaceState({}, "", returnUrl);
+      } else {
+        const user = await this.manager.getUser();
+        if (user?.expired) {
+          await this.manager.removeUser();
+          this.currentUser = null;
+        } else {
+          this.currentUser = user;
+        }
+      }
+    } catch (e) {
+      this._error = `Auth initialization failed: ${e instanceof Error ? e.message : String(e)}`;
+      await this.manager.removeUser().catch(() => {
+      });
+      this.currentUser = null;
+      if (window.location.pathname.endsWith("/auth/callback")) {
+        window.history.replaceState({}, "", "/");
+      }
+    } finally {
+      this._isLoading = false;
+      this.notify();
+    }
+  }
+  login() {
+    if (this.redirectGuard.isLooping()) {
+      this._error = "Redirect loop detected. Please clear your browser cache and cookies, then try again.";
+      this.notify();
+      return;
+    }
+    this.redirectGuard.recordRedirect();
+    sessionStorage.setItem(
+      `${this.prefix}return_url`,
+      window.location.pathname + window.location.search
+    );
+    this.manager.signinRedirect();
+  }
+  async logout() {
+    this.redirectGuard.clear();
+    await this.manager.signoutRedirect();
+  }
+  requireAuth() {
+    if (this._isLoading) return false;
+    if (!this.isAuthenticated) {
+      this.login();
+      return false;
+    }
+    return true;
+  }
+  async fetch(url, init) {
+    const token = this.accessToken;
+    if (!token) {
+      this.login();
+      return new Response(null, { status: 401 });
+    }
+    const headers = new Headers(init?.headers);
+    headers.set("Authorization", `Bearer ${token}`);
+    return window.fetch(url, { ...init, headers });
+  }
+  onAuthChange(cb) {
+    this.listeners.add(cb);
+    return () => this.listeners.delete(cb);
+  }
+  notify() {
+    const state = {
+      isAuthenticated: this.isAuthenticated,
+      isLoading: this._isLoading,
+      user: this.user,
+      error: this._error
+    };
+    this.listeners.forEach((cb) => cb(state));
+  }
+};
+
+export {
+  ZitadelAuth
+};