FictionArchive/fictionarchive-web/src/auth/oidcClient.ts

import { UserManager, WebStorageStateStore, type UserManagerSettings } from 'oidc-client-ts'

const authority = import.meta.env.VITE_OIDC_AUTHORITY
const clientId = import.meta.env.VITE_OIDC_CLIENT_ID
const redirectUri = import.meta.env.VITE_OIDC_REDIRECT_URI
const postLogoutRedirectUri =
  import.meta.env.VITE_OIDC_POST_LOGOUT_REDIRECT_URI ?? redirectUri
const scope = import.meta.env.VITE_OIDC_SCOPE ?? 'openid profile email'

export const isOidcConfigured =
  Boolean(authority) && Boolean(clientId) && Boolean(redirectUri)

function buildSettings(): UserManagerSettings | null {
  if (!isOidcConfigured) return null

  return {
    authority: authority!,
    client_id: clientId!,
    redirect_uri: redirectUri!,
    post_logout_redirect_uri: postLogoutRedirectUri,
    response_type: 'code',
    scope,
    loadUserInfo: true,
    automaticSilentRenew: true,
    userStore:
      typeof window !== 'undefined'
        ? new WebStorageStateStore({ store: window.localStorage })
        : undefined,
  }
}

export const userManager = (() => {
  const settings = buildSettings()
  if (!settings) return null
  return new UserManager(settings)
})()