feat(auth): address Copilot review findings for uvdsl migration

- Convert `SessionWithLegacyEvents` imports to type-only imports to avoid runtime side effects when importing auth-related modules
- Prevent eager initialization of `authSession` via type-only usage in:
  - types.ts
  - SolidAuthnLogic.ts
  - solidLogic.ts
- Add focused tests for fetch bridge behavior in `solidLogicSingleton`:
  - use `window.fetch` when `credentials: omit`
  - fall back to `authFetch` when `session.fetch` is unavailable
- Keep migration compatibility behavior intact while improving import safety and regression coverage

Author: bourgeoa

src/authn/SolidAuthnLogic.ts

@@ -1,8 +1,8 @@
 import { namedNode, NamedNode, sym } from 'rdflib'
 import { appContext, offlineTestID } from './authUtil'
 import * as debug from '../util/debug'
-import { SessionWithLegacyEvents } from '../authSession/authSession'
-import { AuthenticationContext, AuthnLogic } from '../types'
+import type { SessionWithLegacyEvents } from '../authSession/authSession'
+import type { AuthenticationContext, AuthnLogic } from '../types'
 
 export class SolidAuthnLogic implements AuthnLogic {
   private session: SessionWithLegacyEvents

src/logic/solidLogic.ts

@@ -2,14 +2,14 @@ import * as rdf from 'rdflib'
 import { LiveStore, NamedNode, Statement } from 'rdflib'
 import { createAclLogic } from '../acl/aclLogic'
 import { SolidAuthnLogic } from '../authn/SolidAuthnLogic'
-import { SessionWithLegacyEvents } from '../authSession/authSession'
+import type { SessionWithLegacyEvents } from '../authSession/authSession'
 import { createChatLogic } from '../chat/chatLogic'
 import { createInboxLogic } from '../inbox/inboxLogic'
 import { createProfileLogic } from '../profile/profileLogic'
 import { createTypeIndexLogic } from '../typeIndex/typeIndexLogic'
 import { createContainerLogic } from '../util/containerLogic'
 import { createUtilityLogic } from '../util/utilityLogic'
-import { AuthnLogic, SolidLogic } from '../types'
+import type { AuthnLogic, SolidLogic } from '../types'
 import * as debug from '../util/debug'
 /*
 ** It is important to distinquish `fetch`, a function provided by the browser

src/types.ts

@@ -1,4 +1,4 @@
-import { SessionWithLegacyEvents } from './authSession/authSession'
+import type { SessionWithLegacyEvents } from './authSession/authSession'
 import { LiveStore, NamedNode, Statement } from 'rdflib'
 
 export type AppDetails = {

test/logic.test.ts

@@ -1,4 +1,6 @@
 import { solidLogicSingleton } from '../src/logic/solidLogicSingleton'
+import { authSession } from '../src/authSession/authSession'
+import fetchMock from 'jest-fetch-mock'
 import { silenceDebugMessages } from './helpers/debugger'
 
 silenceDebugMessages()
@@ -27,3 +29,58 @@ describe('authn', () => {
   })
 })
 
+describe('solidLogicSingleton fetch bridge', () => {
+  const singletonFetch = (solidLogicSingleton.store.fetcher as any)._fetch as (url: string, init?: RequestInit) => Promise<Response>
+
+  let originalFetch: any
+  let originalAuthFetch: any
+  let originalWebId: any
+  let originalInfo: any
+
+  beforeEach(() => {
+    fetchMock.resetMocks()
+
+    const sessionAny = authSession as any
+    originalFetch = sessionAny.fetch
+    originalAuthFetch = sessionAny.authFetch
+    originalWebId = sessionAny.webId
+    originalInfo = sessionAny.info
+
+    sessionAny.webId = undefined
+    sessionAny.info = { isLoggedIn: false }
+  })
+
+  afterEach(() => {
+    const sessionAny = authSession as any
+    sessionAny.fetch = originalFetch
+    sessionAny.authFetch = originalAuthFetch
+    sessionAny.webId = originalWebId
+    sessionAny.info = originalInfo
+  })
+
+  it('uses window.fetch when credentials are omit even if a session exists', async () => {
+    const sessionAny = authSession as any
+    sessionAny.webId = 'https://alice.example/profile#me'
+    sessionAny.fetch = jest.fn().mockResolvedValue(new Response('session'))
+
+    fetchMock.mockResponseOnce('window')
+
+    await singletonFetch('https://example.com/resource', { credentials: 'omit' })
+
+    expect(sessionAny.fetch).not.toHaveBeenCalled()
+    expect(fetchMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('falls back to authFetch when session.fetch is unavailable', async () => {
+    const sessionAny = authSession as any
+    sessionAny.webId = 'https://alice.example/profile#me'
+    sessionAny.fetch = undefined
+    sessionAny.authFetch = jest.fn().mockResolvedValue(new Response('auth'))
+
+    await singletonFetch('https://example.com/resource')
+
+    expect(sessionAny.authFetch).toHaveBeenCalledTimes(1)
+    expect(fetchMock).not.toHaveBeenCalled()
+  })
+})
+