@atcute/oauth-types 0.1.0 → 1.0.0

package/dist/schemas/oauth-client-metadata.js

@@ -1,4 +1,4 @@
-import * as v from '@badrap/valita';
+import * as v from 'valibot';
 import { jwksPubSchema } from './jwks.js';
 import { oauthClientIdSchema } from './oauth-client-id.js';
 import { oauthEndpointAuthMethodSchema } from './oauth-endpoint-auth-method.js';
@@ -7,8 +7,8 @@ import { oauthRedirectUriSchema } from './oauth-redirect-uri.js';
 import { oauthResponseTypeSchema } from './oauth-response-type.js';
 import { oauthScopeSchema } from './oauth-scope.js';
 import { webUriSchema } from './uri.js';
-const oauthApplicationTypeSchema = v.union(v.literal('web'), v.literal('native'));
-const oauthSubjectTypeSchema = v.union(v.literal('public'), v.literal('pairwise'));
+const oauthApplicationTypeSchema = v.picklist(['web', 'native']);
+const oauthSubjectTypeSchema = v.picklist(['public', 'pairwise']);
 // simple email validation
 const EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 /**
@@ -17,44 +17,37 @@ const EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
  * @see {@link https://openid.net/specs/openid-connect-registration-1_0.html}
  * @see {@link https://datatracker.ietf.org/doc/html/rfc7591}
  */
-export const oauthClientMetadataSchema = v.object({
+export const oauthClientMetadataSchema = v.looseObject({
     // https://www.rfc-editor.org/rfc/rfc7591.html#section-2
-    redirect_uris: v
-        .array(oauthRedirectUriSchema)
-        .assert((arr) => arr.length > 0, `must have at least one redirect URI`),
-    response_types: v.array(oauthResponseTypeSchema).optional(),
+    redirect_uris: v.pipe(v.array(oauthRedirectUriSchema), v.minLength(1, `must have at least one redirect URI`)),
+    response_types: v.optional(v.array(oauthResponseTypeSchema)),
     // > If omitted, the default is that the client will use only the "code"
     // > response type.
-    // .optional((): OAuthResponseType[] => ['code'])
-    grant_types: v.array(oauthGrantTypeSchema).optional(),
+    grant_types: v.optional(v.array(oauthGrantTypeSchema)),
     // > If omitted, the default behavior is that the client will use only the
     // > "authorization_code" Grant Type.
-    // .optional((): OAuthGrantType[] => ['authorization_code']),
-    scope: oauthScopeSchema.optional(),
+    scope: v.optional(oauthScopeSchema),
     // https://www.rfc-editor.org/rfc/rfc7591.html#section-2
-    token_endpoint_auth_method: oauthEndpointAuthMethodSchema.optional(),
+    token_endpoint_auth_method: v.optional(oauthEndpointAuthMethodSchema),
     // > If unspecified or omitted, the default is "client_secret_basic" [...].
-    // .optional((): OAuthEndpointAuthMethod => 'client_secret_basic'),
-    token_endpoint_auth_signing_alg: v.string().optional(),
-    userinfo_signed_response_alg: v.string().optional(),
-    userinfo_encrypted_response_alg: v.string().optional(),
-    jwks_uri: webUriSchema.optional(),
-    jwks: jwksPubSchema.optional(),
-    application_type: oauthApplicationTypeSchema.optional(),
-    // .optional((): OAuthApplicationType => 'web'),
-    subject_type: oauthSubjectTypeSchema.optional(),
-    // .optional((): OAuthSubjectType => 'public'),
-    request_object_signing_alg: v.string().optional(),
-    id_token_signed_response_alg: v.string().optional(),
-    authorization_signed_response_alg: v.string().optional(),
-    authorization_encrypted_response_enc: v.literal('A128CBC-HS256').optional(),
-    authorization_encrypted_response_alg: v.string().optional(),
-    client_id: oauthClientIdSchema.optional(),
-    client_name: v.string().optional(),
-    client_uri: webUriSchema.optional(),
-    policy_uri: webUriSchema.optional(),
-    tos_uri: webUriSchema.optional(),
-    logo_uri: webUriSchema.optional(),
+    token_endpoint_auth_signing_alg: v.optional(v.string()),
+    userinfo_signed_response_alg: v.optional(v.string()),
+    userinfo_encrypted_response_alg: v.optional(v.string()),
+    jwks_uri: v.optional(webUriSchema),
+    jwks: v.optional(jwksPubSchema),
+    application_type: v.optional(oauthApplicationTypeSchema),
+    subject_type: v.optional(oauthSubjectTypeSchema),
+    request_object_signing_alg: v.optional(v.string()),
+    id_token_signed_response_alg: v.optional(v.string()),
+    authorization_signed_response_alg: v.optional(v.string()),
+    authorization_encrypted_response_enc: v.optional(v.literal('A128CBC-HS256')),
+    authorization_encrypted_response_alg: v.optional(v.string()),
+    client_id: v.optional(oauthClientIdSchema),
+    client_name: v.optional(v.string()),
+    client_uri: v.optional(webUriSchema),
+    policy_uri: v.optional(webUriSchema),
+    tos_uri: v.optional(webUriSchema),
+    logo_uri: v.optional(webUriSchema),
     /**
      * default Maximum Authentication Age. specifies that the End-User MUST be
      * actively authenticated if the End-User was authenticated longer ago than
@@ -62,13 +55,13 @@ export const oauthClientMetadataSchema = v.object({
      * this default value. if omitted, no default Maximum Authentication Age is
      * specified.
      */
-    default_max_age: v.number().optional(),
-    require_auth_time: v.boolean().optional(),
-    contacts: v.array(v.string().assert((s) => EMAIL_RE.test(s), `must be a valid email`)).optional(),
-    tls_client_certificate_bound_access_tokens: v.boolean().optional(),
+    default_max_age: v.optional(v.number()),
+    require_auth_time: v.optional(v.boolean()),
+    contacts: v.optional(v.array(v.pipe(v.string(), v.regex(EMAIL_RE, `must be a valid email`)))),
+    tls_client_certificate_bound_access_tokens: v.optional(v.boolean()),
     // https://datatracker.ietf.org/doc/html/rfc9449#section-5.2
-    dpop_bound_access_tokens: v.boolean().optional(),
+    dpop_bound_access_tokens: v.optional(v.boolean()),
     // https://datatracker.ietf.org/doc/html/rfc9396#section-14.5
-    authorization_details_types: v.array(v.string()).optional(),
+    authorization_details_types: v.optional(v.array(v.string())),
 });
 //# sourceMappingURL=oauth-client-metadata.js.map

package/dist/schemas/oauth-client-metadata.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-client-metadata.js","sourceRoot":"","sources":["../../lib/schemas/oauth-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,6BAA6B,EAAE,MAAM,iCAAiC,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;AAElF,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;AAEnF,0BAA0B;AAC1B,MAAM,QAAQ,GAAG,4BAA4B,CAAC;AAE9C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjD,wDAAwD;IACxD,aAAa,EAAE,CAAC;SACd,KAAK,CAAC,sBAAsB,CAAC;SAC7B,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,qCAAqC,CAAC;IACxE,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,QAAQ,EAAE;IAC3D,wEAAwE;IACxE,mBAAmB;IACnB,iDAAiD;IACjD,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,QAAQ,EAAE;IACrD,0EAA0E;IAC1E,qCAAqC;IACrC,6DAA6D;IAC7D,KAAK,EAAE,gBAAgB,CAAC,QAAQ,EAAE;IAClC,wDAAwD;IACxD,0BAA0B,EAAE,6BAA6B,CAAC,QAAQ,EAAE;IACpE,2EAA2E;IAC3E,mEAAmE;IACnE,+BAA+B,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtD,4BAA4B,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnD,+BAA+B,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtD,QAAQ,EAAE,YAAY,CAAC,QAAQ,EAAE;IACjC,IAAI,EAAE,aAAa,CAAC,QAAQ,EAAE;IAC9B,gBAAgB,EAAE,0BAA0B,CAAC,QAAQ,EAAE;IACvD,gDAAgD;IAChD,YAAY,EAAE,sBAAsB,CAAC,QAAQ,EAAE;IAC/C,+CAA+C;IAC/C,0BAA0B,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjD,4BAA4B,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnD,iCAAiC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACxD,oCAAoC,EAAE,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,QAAQ,EAAE;IAC3E,oCAAoC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3D,SAAS,EAAE,mBAAmB,CAAC,QAAQ,EAAE;IACzC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,UAAU,EAAE,YAAY,CAAC,QAAQ,EAAE;IACnC,UAAU,EAAE,YAAY,CAAC,QAAQ,EAAE;IACnC,OAAO,EAAE,YAAY,CAAC,QAAQ,EAAE;IAChC,QAAQ,EAAE,YAAY,CAAC,QAAQ,EAAE;IAEjC;;;;;;OAMG;IACH,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,iBAAiB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACzC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,uBAAuB,CAAC,CAAC,CAAC,QAAQ,EAAE;IACjG,0CAA0C,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAElE,4DAA4D;IAC5D,wBAAwB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAEhD,6DAA6D;IAC7D,2BAA2B,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC3D,CAAC,CAAC"}
+{"version":3,"file":"oauth-client-metadata.js","sourceRoot":"","sources":["../../lib/schemas/oauth-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,6BAA6B,EAAE,MAAM,iCAAiC,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,0BAA0B,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;AAEjE,MAAM,sBAAsB,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;AAElE,0BAA0B;AAC1B,MAAM,QAAQ,GAAG,4BAA4B,CAAC;AAE9C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,WAAW,CAAC;IACtD,wDAAwD;IACxD,aAAa,EAAE,CAAC,CAAC,IAAI,CACpB,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAC/B,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,qCAAqC,CAAC,CACrD;IACD,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC5D,wEAAwE;IACxE,mBAAmB;IACnB,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACtD,0EAA0E;IAC1E,qCAAqC;IACrC,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,gBAAgB,CAAC;IACnC,wDAAwD;IACxD,0BAA0B,EAAE,CAAC,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IACrE,2EAA2E;IAC3E,+BAA+B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACvD,4BAA4B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACpD,+BAA+B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACvD,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;IAClC,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC;IAC/B,gBAAgB,EAAE,CAAC,CAAC,QAAQ,CAAC,0BAA0B,CAAC;IACxD,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC;IAChD,0BAA0B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAClD,4BAA4B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACpD,iCAAiC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzD,oCAAoC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC5E,oCAAoC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC5D,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,mBAAmB,CAAC;IAC1C,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACnC,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;IACpC,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;IACpC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;IACjC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;IAElC;;;;;;OAMG;IACH,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACvC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAC1C,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC;IAC7F,0CAA0C,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAEnE,4DAA4D;IAC5D,wBAAwB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAEjD,6DAA6D;IAC7D,2BAA2B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;CAC5D,CAAC,CAAC"}

package/dist/schemas/oauth-code-challenge-method.d.ts

@@ -1,4 +1,4 @@
-import * as v from '@badrap/valita';
-export declare const oauthCodeChallengeMethodSchema: v.UnionType<[v.Type<"S256">, v.Type<"plain">]>;
-export type OAuthCodeChallengeMethod = v.Infer<typeof oauthCodeChallengeMethodSchema>;
+import * as v from 'valibot';
+export declare const oauthCodeChallengeMethodSchema: v.PicklistSchema<["S256", "plain"], undefined>;
+export type OAuthCodeChallengeMethod = v.InferOutput<typeof oauthCodeChallengeMethodSchema>;
 //# sourceMappingURL=oauth-code-challenge-method.d.ts.map

package/dist/schemas/oauth-code-challenge-method.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-code-challenge-method.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-code-challenge-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,eAAO,MAAM,8BAA8B,gDAAiD,CAAC;AAE7F,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC"}
+{"version":3,"file":"oauth-code-challenge-method.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-code-challenge-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,eAAO,MAAM,8BAA8B,gDAAgC,CAAC;AAE5E,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,8BAA8B,CAAC,CAAC"}

package/dist/schemas/oauth-code-challenge-method.js

@@ -1,3 +1,3 @@
-import * as v from '@badrap/valita';
-export const oauthCodeChallengeMethodSchema = v.union(v.literal('S256'), v.literal('plain'));
+import * as v from 'valibot';
+export const oauthCodeChallengeMethodSchema = v.picklist(['S256', 'plain']);
 //# sourceMappingURL=oauth-code-challenge-method.js.map

package/dist/schemas/oauth-code-challenge-method.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-code-challenge-method.js","sourceRoot":"","sources":["../../lib/schemas/oauth-code-challenge-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,MAAM,CAAC,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC"}
+{"version":3,"file":"oauth-code-challenge-method.js","sourceRoot":"","sources":["../../lib/schemas/oauth-code-challenge-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,MAAM,CAAC,MAAM,8BAA8B,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC"}

package/dist/schemas/oauth-endpoint-auth-method.d.ts

@@ -1,4 +1,4 @@
-import * as v from '@badrap/valita';
-export declare const oauthEndpointAuthMethodSchema: v.UnionType<[v.Type<"client_secret_basic">, v.Type<"client_secret_jwt">, v.Type<"client_secret_post">, v.Type<"none">, v.Type<"private_key_jwt">, v.Type<"self_signed_tls_client_auth">, v.Type<"tls_client_auth">]>;
-export type OAuthEndpointAuthMethod = v.Infer<typeof oauthEndpointAuthMethodSchema>;
+import * as v from 'valibot';
+export declare const oauthEndpointAuthMethodSchema: v.PicklistSchema<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"], undefined>;
+export type OAuthEndpointAuthMethod = v.InferOutput<typeof oauthEndpointAuthMethodSchema>;
 //# sourceMappingURL=oauth-endpoint-auth-method.d.ts.map

package/dist/schemas/oauth-endpoint-auth-method.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-endpoint-auth-method.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-endpoint-auth-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,eAAO,MAAM,6BAA6B,sNAQzC,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,6BAA6B,CAAC,CAAC"}
+{"version":3,"file":"oauth-endpoint-auth-method.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-endpoint-auth-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,eAAO,MAAM,6BAA6B,8KAQxC,CAAC;AAEH,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,6BAA6B,CAAC,CAAC"}

package/dist/schemas/oauth-endpoint-auth-method.js

@@ -1,3 +1,11 @@
-import * as v from '@badrap/valita';
-export const oauthEndpointAuthMethodSchema = v.union(v.literal('client_secret_basic'), v.literal('client_secret_jwt'), v.literal('client_secret_post'), v.literal('none'), v.literal('private_key_jwt'), v.literal('self_signed_tls_client_auth'), v.literal('tls_client_auth'));
+import * as v from 'valibot';
+export const oauthEndpointAuthMethodSchema = v.picklist([
+    'client_secret_basic',
+    'client_secret_jwt',
+    'client_secret_post',
+    'none',
+    'private_key_jwt',
+    'self_signed_tls_client_auth',
+    'tls_client_auth',
+]);
 //# sourceMappingURL=oauth-endpoint-auth-method.js.map

package/dist/schemas/oauth-endpoint-auth-method.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-endpoint-auth-method.js","sourceRoot":"","sources":["../../lib/schemas/oauth-endpoint-auth-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,MAAM,CAAC,MAAM,6BAA6B,GAAG,CAAC,CAAC,KAAK,CACnD,CAAC,CAAC,OAAO,CAAC,qBAAqB,CAAC,EAChC,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAC9B,CAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAC/B,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAC5B,CAAC,CAAC,OAAO,CAAC,6BAA6B,CAAC,EACxC,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAC5B,CAAC"}
+{"version":3,"file":"oauth-endpoint-auth-method.js","sourceRoot":"","sources":["../../lib/schemas/oauth-endpoint-auth-method.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,MAAM,CAAC,MAAM,6BAA6B,GAAG,CAAC,CAAC,QAAQ,CAAC;IACvD,qBAAqB;IACrB,mBAAmB;IACnB,oBAAoB;IACpB,MAAM;IACN,iBAAiB;IACjB,6BAA6B;IAC7B,iBAAiB;CACjB,CAAC,CAAC"}

package/dist/schemas/oauth-grant-type.d.ts

@@ -1,4 +1,4 @@
-import * as v from '@badrap/valita';
-export declare const oauthGrantTypeSchema: v.UnionType<[v.Type<"authorization_code">, v.Type<"implicit">, v.Type<"refresh_token">, v.Type<"password">, v.Type<"client_credentials">, v.Type<"urn:ietf:params:oauth:grant-type:jwt-bearer">, v.Type<"urn:ietf:params:oauth:grant-type:saml2-bearer">]>;
-export type OAuthGrantType = v.Infer<typeof oauthGrantTypeSchema>;
+import * as v from 'valibot';
+export declare const oauthGrantTypeSchema: v.PicklistSchema<["authorization_code", "implicit", "refresh_token", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer"], undefined>;
+export type OAuthGrantType = v.InferOutput<typeof oauthGrantTypeSchema>;
 //# sourceMappingURL=oauth-grant-type.d.ts.map

package/dist/schemas/oauth-grant-type.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-grant-type.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-grant-type.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,eAAO,MAAM,oBAAoB,4PAQhC,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC"}
+{"version":3,"file":"oauth-grant-type.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-grant-type.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,eAAO,MAAM,oBAAoB,oNAQ/B,CAAC;AAEH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,oBAAoB,CAAC,CAAC"}

package/dist/schemas/oauth-grant-type.js

@@ -1,4 +1,11 @@
-import * as v from '@badrap/valita';
-export const oauthGrantTypeSchema = v.union(v.literal('authorization_code'), v.literal('implicit'), v.literal('refresh_token'), v.literal('password'), // not part of OAuth 2.1
-v.literal('client_credentials'), v.literal('urn:ietf:params:oauth:grant-type:jwt-bearer'), v.literal('urn:ietf:params:oauth:grant-type:saml2-bearer'));
+import * as v from 'valibot';
+export const oauthGrantTypeSchema = v.picklist([
+    'authorization_code',
+    'implicit',
+    'refresh_token',
+    'password', // not part of OAuth 2.1
+    'client_credentials',
+    'urn:ietf:params:oauth:grant-type:jwt-bearer',
+    'urn:ietf:params:oauth:grant-type:saml2-bearer',
+]);
 //# sourceMappingURL=oauth-grant-type.js.map

package/dist/schemas/oauth-grant-type.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-grant-type.js","sourceRoot":"","sources":["../../lib/schemas/oauth-grant-type.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAC1C,CAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAC/B,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,EACrB,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,EAC1B,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,wBAAwB;AAC/C,CAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAC/B,CAAC,CAAC,OAAO,CAAC,6CAA6C,CAAC,EACxD,CAAC,CAAC,OAAO,CAAC,+CAA+C,CAAC,CAC1D,CAAC"}
+{"version":3,"file":"oauth-grant-type.js","sourceRoot":"","sources":["../../lib/schemas/oauth-grant-type.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,QAAQ,CAAC;IAC9C,oBAAoB;IACpB,UAAU;IACV,eAAe;IACf,UAAU,EAAE,wBAAwB;IACpC,oBAAoB;IACpB,6CAA6C;IAC7C,+CAA+C;CAC/C,CAAC,CAAC"}

package/dist/schemas/oauth-issuer-identifier.d.ts

@@ -1,4 +1,4 @@
-import * as v from '@badrap/valita';
-export declare const oauthIssuerIdentifierSchema: v.Type<string>;
-export type OAuthIssuerIdentifier = v.Infer<typeof oauthIssuerIdentifierSchema>;
+import * as v from 'valibot';
+export declare const oauthIssuerIdentifierSchema: v.SchemaWithPipe<readonly [v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, v.RawCheckAction<string>]>;
+export type OAuthIssuerIdentifier = v.InferOutput<typeof oauthIssuerIdentifierSchema>;
 //# sourceMappingURL=oauth-issuer-identifier.d.ts.map

package/dist/schemas/oauth-issuer-identifier.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-issuer-identifier.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-issuer-identifier.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAIpC,eAAO,MAAM,2BAA2B,gBAuBtC,CAAC;AAEH,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,2BAA2B,CAAC,CAAC"}
+{"version":3,"file":"oauth-issuer-identifier.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-issuer-identifier.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAI7B,eAAO,MAAM,2BAA2B,2aA+BvC,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,2BAA2B,CAAC,CAAC"}

package/dist/schemas/oauth-issuer-identifier.js

@@ -1,21 +1,28 @@
-import * as v from '@badrap/valita';
+import * as v from 'valibot';
 import { webUriSchema } from './uri.js';
-export const oauthIssuerIdentifierSchema = webUriSchema.chain((input) => {
-    // validate the issuer (MIX-UP attacks)
+export const oauthIssuerIdentifierSchema = v.pipe(webUriSchema, 
+// validate the issuer (MIX-UP attacks)
+v.rawCheck(({ dataset, addIssue }) => {
+    if (!dataset.typed) {
+        return;
+    }
+    const input = dataset.value;
     if (input.endsWith('/')) {
-        return v.err(`issuer URL must not end with a slash`);
+        addIssue({ message: `issuer URL must not end with a slash` });
+        return;
     }
     const url = new URL(input);
     if (url.username || url.password) {
-        return v.err(`issuer URL must not contain a username or password`);
+        addIssue({ message: `issuer URL must not contain a username or password` });
+        return;
     }
     if (url.hash || url.search) {
-        return v.err(`issuer URL must not contain a query or fragment`);
+        addIssue({ message: `issuer URL must not contain a query or fragment` });
+        return;
     }
     const canonicalValue = url.pathname === '/' ? url.origin : url.href;
     if (input !== canonicalValue) {
-        return v.err(`issuer URL must be in the canonical form`);
+        addIssue({ message: `issuer URL must be in the canonical form` });
     }
-    return v.ok(input);
-});
+}));
 //# sourceMappingURL=oauth-issuer-identifier.js.map

package/dist/schemas/oauth-issuer-identifier.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-issuer-identifier.js","sourceRoot":"","sources":["../../lib/schemas/oauth-issuer-identifier.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,CAAC,MAAM,2BAA2B,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;IACxE,uCAAuC;IAEvC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAE3B,IAAI,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QAClC,OAAO,CAAC,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;IACpE,CAAC;IAED,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;QAC5B,OAAO,CAAC,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,cAAc,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;IACpE,IAAI,KAAK,KAAK,cAAc,EAAE,CAAC;QAC9B,OAAO,CAAC,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;AAAA,CACnB,CAAC,CAAC"}
+{"version":3,"file":"oauth-issuer-identifier.js","sourceRoot":"","sources":["../../lib/schemas/oauth-issuer-identifier.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,CAAC,MAAM,2BAA2B,GAAG,CAAC,CAAC,IAAI,CAChD,YAAY;AACZ,uCAAuC;AACvC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE;IACpC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACpB,OAAO;IACR,CAAC;IACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;IAE5B,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC,CAAC;QAC9D,OAAO;IACR,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAE3B,IAAI,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QAClC,QAAQ,CAAC,EAAE,OAAO,EAAE,oDAAoD,EAAE,CAAC,CAAC;QAC5E,OAAO;IACR,CAAC;IAED,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;QAC5B,QAAQ,CAAC,EAAE,OAAO,EAAE,iDAAiD,EAAE,CAAC,CAAC;QACzE,OAAO;IACR,CAAC;IAED,MAAM,cAAc,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;IACpE,IAAI,KAAK,KAAK,cAAc,EAAE,CAAC;QAC9B,QAAQ,CAAC,EAAE,OAAO,EAAE,0CAA0C,EAAE,CAAC,CAAC;IACnE,CAAC;AACF,CAAC,CAAC,CACF,CAAC"}

package/dist/schemas/oauth-par-response.d.ts

@@ -1,7 +1,7 @@
-import * as v from '@badrap/valita';
-export declare const oauthParResponseSchema: v.ObjectType<{
-    request_uri: v.Type<string>;
-    expires_in: v.Type<number>;
+import * as v from 'valibot';
+export declare const oauthParResponseSchema: v.LooseObjectSchema<{
+    readonly request_uri: v.StringSchema<undefined>;
+    readonly expires_in: v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.CheckAction<number, "must be a positive integer">]>;
 }, undefined>;
-export type OAuthParResponse = v.Infer<typeof oauthParResponseSchema>;
+export type OAuthParResponse = v.InferOutput<typeof oauthParResponseSchema>;
 //# sourceMappingURL=oauth-par-response.d.ts.map

package/dist/schemas/oauth-par-response.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-par-response.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-par-response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAIpC,eAAO,MAAM,sBAAsB;;;aAGjC,CAAC;AAEH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC"}
+{"version":3,"file":"oauth-par-response.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-par-response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAI7B,eAAO,MAAM,sBAAsB;;;aAGjC,CAAC;AAEH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,sBAAsB,CAAC,CAAC"}

package/dist/schemas/oauth-par-response.js

@@ -1,7 +1,7 @@
-import * as v from '@badrap/valita';
+import * as v from 'valibot';
 const isPositiveInteger = (n) => Number.isInteger(n) && n > 0;
-export const oauthParResponseSchema = v.object({
+export const oauthParResponseSchema = v.looseObject({
     request_uri: v.string(),
-    expires_in: v.number().assert(isPositiveInteger, `must be a positive integer`),
+    expires_in: v.pipe(v.number(), v.check(isPositiveInteger, `must be a positive integer`)),
 });
 //# sourceMappingURL=oauth-par-response.js.map

package/dist/schemas/oauth-par-response.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-par-response.js","sourceRoot":"","sources":["../../lib/schemas/oauth-par-response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,MAAM,iBAAiB,GAAG,CAAC,CAAS,EAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAE/E,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,iBAAiB,EAAE,4BAA4B,CAAC;CAC9E,CAAC,CAAC"}
+{"version":3,"file":"oauth-par-response.js","sourceRoot":"","sources":["../../lib/schemas/oauth-par-response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,MAAM,iBAAiB,GAAG,CAAC,CAAS,EAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAE/E,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,WAAW,CAAC;IACnD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,iBAAiB,EAAE,4BAA4B,CAAC,CAAC;CACxF,CAAC,CAAC"}

package/dist/schemas/oauth-prompt.d.ts

@@ -1,4 +1,4 @@
-import * as v from '@badrap/valita';
+import * as v from 'valibot';
 /**
  * OAuth prompt mode values.
  *
@@ -8,6 +8,6 @@ import * as v from '@badrap/valita';
  * - `select_account`: force account selection
  * - `create`: force user registration screen
  */
-export declare const oauthPromptSchema: v.UnionType<[v.Type<"none">, v.Type<"login">, v.Type<"consent">, v.Type<"select_account">, v.Type<"create">]>;
-export type OAuthPrompt = v.Infer<typeof oauthPromptSchema>;
+export declare const oauthPromptSchema: v.PicklistSchema<["none", "login", "consent", "select_account", "create"], undefined>;
+export type OAuthPrompt = v.InferOutput<typeof oauthPromptSchema>;
 //# sourceMappingURL=oauth-prompt.d.ts.map

package/dist/schemas/oauth-prompt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-prompt.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-prompt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC;;;;;;;;GAQG;AACH,eAAO,MAAM,iBAAiB,+GAM7B,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC"}
+{"version":3,"file":"oauth-prompt.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-prompt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B;;;;;;;;GAQG;AACH,eAAO,MAAM,iBAAiB,uFAAuE,CAAC;AAEtG,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,iBAAiB,CAAC,CAAC"}

package/dist/schemas/oauth-prompt.js

@@ -1,4 +1,4 @@
-import * as v from '@badrap/valita';
+import * as v from 'valibot';
 /**
  * OAuth prompt mode values.
  *
@@ -8,5 +8,5 @@ import * as v from '@badrap/valita';
  * - `select_account`: force account selection
  * - `create`: force user registration screen
  */
-export const oauthPromptSchema = v.union(v.literal('none'), v.literal('login'), v.literal('consent'), v.literal('select_account'), v.literal('create'));
+export const oauthPromptSchema = v.picklist(['none', 'login', 'consent', 'select_account', 'create']);
 //# sourceMappingURL=oauth-prompt.js.map

package/dist/schemas/oauth-prompt.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-prompt.js","sourceRoot":"","sources":["../../lib/schemas/oauth-prompt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CACvC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,EACpB,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAC3B,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CACnB,CAAC"}
+{"version":3,"file":"oauth-prompt.js","sourceRoot":"","sources":["../../lib/schemas/oauth-prompt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAC"}

package/dist/schemas/oauth-protected-resource-metadata.d.ts

@@ -1,57 +1,127 @@
-import * as v from '@badrap/valita';
-export declare const oauthBearerMethodSchema: v.UnionType<[v.Type<"header">, v.Type<"body">, v.Type<"query">]>;
-export type OAuthBearerMethod = v.Infer<typeof oauthBearerMethodSchema>;
+import * as v from 'valibot';
+export declare const oauthBearerMethodSchema: v.PicklistSchema<["header", "body", "query"], undefined>;
+export type OAuthBearerMethod = v.InferOutput<typeof oauthBearerMethodSchema>;
 /**
  * @see {@link https://www.rfc-editor.org/rfc/rfc9728.html#section-3.2}
  */
-export declare const oauthProtectedResourceMetadataSchema: v.ObjectType<{
+export declare const oauthProtectedResourceMetadataSchema: v.LooseObjectSchema<{
     /**
      * REQUIRED. the protected resource's resource identifier, which is a URL that
      * uses the https scheme and has no query or fragment components.
      */
-    resource: v.Type<string>;
+    readonly resource: v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">;
     /**
      * OPTIONAL. JSON array containing a list of OAuth authorization server issuer
      * identifiers, as defined in RFC8414, for authorization servers that can be
      * used with this protected resource.
      */
-    authorization_servers: v.Optional<string[]>;
+    readonly authorization_servers: v.OptionalSchema<v.ArraySchema<v.SchemaWithPipe<readonly [v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, v.RawCheckAction<string>]>, undefined>, undefined>;
     /**
      * OPTIONAL. URL of the protected resource's JWK Set document.
      */
-    jwks_uri: v.Optional<string>;
+    readonly jwks_uri: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
     /**
      * RECOMMENDED. JSON array containing a list of the OAuth 2.0 scope values that
      * are used in authorization requests to request access to this protected resource.
      */
-    scopes_supported: v.Optional<string[]>;
+    readonly scopes_supported: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
     /**
      * OPTIONAL. JSON array containing a list of the supported methods of sending
      * an OAuth 2.0 Bearer Token to the protected resource.
      */
-    bearer_methods_supported: v.Optional<("body" | "header" | "query")[]>;
+    readonly bearer_methods_supported: v.OptionalSchema<v.ArraySchema<v.PicklistSchema<["header", "body", "query"], undefined>, undefined>, undefined>;
     /**
      * OPTIONAL. JSON array containing a list of the JWS signing algorithms
      * supported by the protected resource for signing resource responses.
      */
-    resource_signing_alg_values_supported: v.Optional<string[]>;
+    readonly resource_signing_alg_values_supported: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
     /**
      * OPTIONAL. URL of a page containing human-readable information that
      * developers might want or need to know when using the protected resource.
      */
-    resource_documentation: v.Optional<string>;
+    readonly resource_documentation: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
     /**
      * OPTIONAL. URL that the protected resource provides to read about the
      * protected resource's requirements on how the client can use the data.
      */
-    resource_policy_uri: v.Optional<string>;
+    readonly resource_policy_uri: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
     /**
      * OPTIONAL. URL that the protected resource provides to read about the
      * protected resource's terms of service.
      */
-    resource_tos_uri: v.Optional<string>;
+    readonly resource_tos_uri: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
 }, undefined>;
-export declare const oauthProtectedResourceMetadataValidator: v.Type<{
+export declare const oauthProtectedResourceMetadataValidator: v.SchemaWithPipe<readonly [v.LooseObjectSchema<{
+    /**
+     * REQUIRED. the protected resource's resource identifier, which is a URL that
+     * uses the https scheme and has no query or fragment components.
+     */
+    readonly resource: v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">;
+    /**
+     * OPTIONAL. JSON array containing a list of OAuth authorization server issuer
+     * identifiers, as defined in RFC8414, for authorization servers that can be
+     * used with this protected resource.
+     */
+    readonly authorization_servers: v.OptionalSchema<v.ArraySchema<v.SchemaWithPipe<readonly [v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, v.RawCheckAction<string>]>, undefined>, undefined>;
+    /**
+     * OPTIONAL. URL of the protected resource's JWK Set document.
+     */
+    readonly jwks_uri: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
+    /**
+     * RECOMMENDED. JSON array containing a list of the OAuth 2.0 scope values that
+     * are used in authorization requests to request access to this protected resource.
+     */
+    readonly scopes_supported: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
+    /**
+     * OPTIONAL. JSON array containing a list of the supported methods of sending
+     * an OAuth 2.0 Bearer Token to the protected resource.
+     */
+    readonly bearer_methods_supported: v.OptionalSchema<v.ArraySchema<v.PicklistSchema<["header", "body", "query"], undefined>, undefined>, undefined>;
+    /**
+     * OPTIONAL. JSON array containing a list of the JWS signing algorithms
+     * supported by the protected resource for signing resource responses.
+     */
+    readonly resource_signing_alg_values_supported: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
+    /**
+     * OPTIONAL. URL of a page containing human-readable information that
+     * developers might want or need to know when using the protected resource.
+     */
+    readonly resource_documentation: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
+    /**
+     * OPTIONAL. URL that the protected resource provides to read about the
+     * protected resource's requirements on how the client can use the data.
+     */
+    readonly resource_policy_uri: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
+    /**
+     * OPTIONAL. URL that the protected resource provides to read about the
+     * protected resource's terms of service.
+     */
+    readonly resource_tos_uri: v.OptionalSchema<v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>, v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "must be a valid url">]>, v.RawCheckAction<string>]>], "url must use http: or https: protocol">, undefined>;
+}, undefined>, v.BaseValidation<{
+    resource: string;
+    authorization_servers?: string[] | undefined;
+    jwks_uri?: string | undefined;
+    scopes_supported?: string[] | undefined;
+    bearer_methods_supported?: ("body" | "header" | "query")[] | undefined;
+    resource_signing_alg_values_supported?: string[] | undefined;
+    resource_documentation?: string | undefined;
+    resource_policy_uri?: string | undefined;
+    resource_tos_uri?: string | undefined;
+} & {
+    [key: string]: unknown;
+}, {
+    resource: string;
+    authorization_servers?: string[] | undefined;
+    jwks_uri?: string | undefined;
+    scopes_supported?: string[] | undefined;
+    bearer_methods_supported?: ("body" | "header" | "query")[] | undefined;
+    resource_signing_alg_values_supported?: string[] | undefined;
+    resource_documentation?: string | undefined;
+    resource_policy_uri?: string | undefined;
+    resource_tos_uri?: string | undefined;
+} & {
+    [key: string]: unknown;
+}, v.CheckIssue<{
     resource: string;
     authorization_servers?: string[] | undefined;
     jwks_uri?: string | undefined;
@@ -61,6 +131,8 @@ export declare const oauthProtectedResourceMetadataValidator: v.Type<{
     resource_documentation?: string | undefined;
     resource_policy_uri?: string | undefined;
     resource_tos_uri?: string | undefined;
-}>;
-export type OAuthProtectedResourceMetadata = v.Infer<typeof oauthProtectedResourceMetadataSchema>;
+} & {
+    [key: string]: unknown;
+}>>]>;
+export type OAuthProtectedResourceMetadata = v.InferOutput<typeof oauthProtectedResourceMetadataSchema>;
 //# sourceMappingURL=oauth-protected-resource-metadata.d.ts.map

package/dist/schemas/oauth-protected-resource-metadata.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-protected-resource-metadata.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-protected-resource-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAKpC,eAAO,MAAM,uBAAuB,kEAAsE,CAAC;AAE3G,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAExE;;GAEG;AACH,eAAO,MAAM,oCAAoC;IAChD;;;OAGG;;IAGH;;;;OAIG;;IAGH;;OAEG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;aAEF,CAAC;AAEH,eAAO,MAAM,uCAAuC;;;;;;;;;;EAkBlD,CAAC;AAEH,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oCAAoC,CAAC,CAAC"}
+{"version":3,"file":"oauth-protected-resource-metadata.d.ts","sourceRoot":"","sources":["../../lib/schemas/oauth-protected-resource-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAK7B,eAAO,MAAM,uBAAuB,0DAA0C,CAAC;AAE/E,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAE9E;;GAEG;AACH,eAAO,MAAM,oCAAoC;IAChD;;;OAGG;;IAGH;;;;OAIG;;IAGH;;OAEG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;aAEF,CAAC;AAEH,eAAO,MAAM,uCAAuC;IAvDnD;;;OAGG;;IAGH;;;;OAIG;;IAGH;;OAEG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;IAGH;;;OAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAaH,CAAC;AAEF,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,oCAAoC,CAAC,CAAC"}