@atproto/oauth-provider 0.5.2 → 0.6.0

package/dist/lib/html/build-document.js

@@ -37,7 +37,7 @@ const defaultViewport = (0, tags_js_1.html) `<meta
   name="viewport"
   content="width=device-width, initial-scale=1.0"
 />`;
-const buildDocument = ({ htmlAttrs, head, title, body, bodyAttrs, base, meta, links, scripts, styles, }) => (0, tags_js_1.html) `<!doctype html>
+const buildDocument = ({ htmlAttrs, head, title, body, bodyAttrs, base, meta, links, preloads, scripts, styles, }) => (0, tags_js_1.html) `<!doctype html>
 <html${attrsToHtml(htmlAttrs)}>
   <head>
     <meta charset="UTF-8" />
@@ -45,8 +45,7 @@ const buildDocument = ({ htmlAttrs, head, title, body, bodyAttrs, base, meta, li
     ${base && (0, tags_js_1.html) `<base href="${base.href}" />`}
     ${meta?.some(isViewportMeta) ? null : defaultViewport}
     ${meta?.map(metaToHtml)}
-    ${styles?.map(linkPreload('style'))}
-    ${scripts?.map(linkPreload('script'))}
+    ${preloads?.map(linkPreload)}
     ${links?.map(linkToHtml)}
     ${head}
     ${styles?.map(styleToHtml)}
@@ -77,10 +76,15 @@ function* attrsToHtml(attrs) {
         }
     }
 }
-function linkPreload(as) {
-    return (style) => style instanceof html_js_1.Html
-        ? undefined
-        : (0, tags_js_1.html) `<link rel="preload" href="${style.url}" as="${as}" />`;
+function linkPreload(asset) {
+    const [path] = asset.url.split('?', 2);
+    if (path.endsWith('.js')) {
+        return (0, tags_js_1.html) `<link rel="modulepreload" href="${asset.url}" />`;
+    }
+    if (path.endsWith('.css')) {
+        return (0, tags_js_1.html) `<link rel="preload" href="${asset.url}" as="style" />`;
+    }
+    return undefined;
 }
 function scriptToHtml(script) {
     return script instanceof html_js_1.Html

package/dist/lib/html/build-document.js.map

@@ -1 +1 @@
-{"version":3,"file":"build-document.js","sourceRoot":"","sources":["../../../src/lib/html/build-document.ts"],"names":[],"mappings":";;;AACA,uCAAgC;AAChC,uCAAgC;AAShC;;GAEG;AACH,MAAM,uBAAuB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,WAAW;IACX,QAAQ;IACR,WAAW;IACX,cAAc;IACd,UAAU;IACV,QAAQ;IACR,MAAM;IACN,MAAM;IACN,SAAS;IACT,UAAU;IACV,IAAI;IACJ,eAAe;IACf,MAAM;IACN,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,WAAW;IACX,MAAM;IACN,gBAAgB;IAChB,QAAQ;IACR,YAAY;IACZ,kBAAkB;CACV,CAAC,CAAA;AAEJ,MAAM,SAAS,GAAG,CAAC,GAAY,EAAkB,EAAE,CACvD,uBAA8C,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AADlD,QAAA,SAAS,aACyC;AAU/D,MAAM,eAAe,GAAG,IAAA,cAAI,EAAA;;;GAGzB,CAAA;AAeI,MAAM,aAAa,GAAG,CAAC,EAC5B,SAAS,EACT,IAAI,EACJ,KAAK,EACL,IAAI,EACJ,SAAS,EACT,IAAI,EACJ,IAAI,EACJ,KAAK,EACL,OAAO,EACP,MAAM,GACe,EAAE,EAAE,CAAC,IAAA,cAAI,EAAA;OACzB,WAAW,CAAC,SAAS,CAAC;;;MAGvB,KAAK,IAAI,IAAA,cAAI,EAAA,UAAU,KAAK,UAAU;MACtC,IAAI,IAAI,IAAA,cAAI,EAAA,eAAe,IAAI,CAAC,IAAI,MAAM;MAC1C,IAAI,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe;MACnD,IAAI,EAAE,GAAG,CAAC,UAAU,CAAC;MACrB,MAAM,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;MACjC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;MACnC,KAAK,EAAE,GAAG,CAAC,UAAU,CAAC;MACtB,IAAI;MACJ,MAAM,EAAE,GAAG,CAAC,WAAW,CAAC;;SAErB,WAAW,CAAC,SAAS,CAAC,IAAI,IAAI,GAAG,OAAO,EAAE,GAAG,CAAC,YAAY,CAAC;QAC5D,CAAA;AA1BK,QAAA,aAAa,iBA0BlB;AAER,SAAS,cAAc,CACrB,KAAQ;IAER,OAAO,MAAM,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,CAAA;AACrD,CAAC;AAED,SAAS,UAAU,CAAC,KAAgB;IAClC,OAAO,IAAA,cAAI,EAAA,QAAQ,WAAW,CAAC,KAAK,CAAC,KAAK,CAAA;AAC5C,CAAC;AAED,SAAS,UAAU,CAAC,KAAgB;IAClC,OAAO,IAAA,cAAI,EAAA,QAAQ,WAAW,CAAC,KAAK,CAAC,KAAK,CAAA;AAC5C,CAAC;AAED,QAAQ,CAAC,CAAC,WAAW,CAAC,KAAa;IACjC,IAAI,KAAK,EAAE,CAAC;QACV,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAClD,IAAI,KAAK,IAAI,IAAI;gBAAE,SAAQ;iBACtB,IAAI,KAAK,KAAK,KAAK;gBAAE,SAAQ;iBAC7B,IAAI,KAAK,KAAK,IAAI;gBAAE,MAAM,IAAA,cAAI,EAAA,IAAI,IAAI,EAAE,CAAA;;gBACxC,MAAM,IAAA,cAAI,EAAA,IAAI,IAAI,KAAK,KAAK,GAAG,CAAA;QACtC,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,EAAsB;IACzC,OAAO,CAAC,KAAsB,EAAE,EAAE,CAChC,KAAK,YAAY,cAAI;QACnB,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,IAAA,cAAI,EAAA,6BAA6B,KAAK,CAAC,GAAG,SAAS,EAAE,MAAM,CAAA;AACnE,CAAC;AAED,SAAS,YAAY,CAAC,MAAuB;IAC3C,OAAO,MAAM,YAAY,cAAI;QAC3B,CAAC,CAAC,kBAAkB;YAClB,IAAA,cAAI,EAAA,WAAW,MAAM,WAAW,CAAC,qDAAqD;QACxF,CAAC,CAAC,IAAA,cAAI,EAAA,8BAA8B,MAAM,CAAC,GAAG,aAAa,CAAA;AAC/D,CAAC;AAED,SAAS,WAAW,CAAC,KAAsB;IACzC,OAAO,KAAK,YAAY,cAAI;QAC1B,CAAC,CAAC,kBAAkB;YAClB,IAAA,cAAI,EAAA,UAAU,KAAK,UAAU,CAAC,qDAAqD;QACrF,CAAC,CAAC,IAAA,cAAI,EAAA,gCAAgC,KAAK,CAAC,GAAG,MAAM,CAAA;AACzD,CAAC"}
+{"version":3,"file":"build-document.js","sourceRoot":"","sources":["../../../src/lib/html/build-document.ts"],"names":[],"mappings":";;;AACA,uCAAgC;AAChC,uCAAgC;AAQhC;;GAEG;AACH,MAAM,uBAAuB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,WAAW;IACX,QAAQ;IACR,WAAW;IACX,cAAc;IACd,UAAU;IACV,QAAQ;IACR,MAAM;IACN,MAAM;IACN,SAAS;IACT,UAAU;IACV,IAAI;IACJ,eAAe;IACf,MAAM;IACN,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,WAAW;IACX,MAAM;IACN,gBAAgB;IAChB,QAAQ;IACR,YAAY;IACZ,kBAAkB;CACV,CAAC,CAAA;AAEJ,MAAM,SAAS,GAAG,CAAC,GAAY,EAAkB,EAAE,CACvD,uBAA8C,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AADlD,QAAA,SAAS,aACyC;AAU/D,MAAM,eAAe,GAAG,IAAA,cAAI,EAAA;;;GAGzB,CAAA;AAgBI,MAAM,aAAa,GAAG,CAAC,EAC5B,SAAS,EACT,IAAI,EACJ,KAAK,EACL,IAAI,EACJ,SAAS,EACT,IAAI,EACJ,IAAI,EACJ,KAAK,EACL,QAAQ,EACR,OAAO,EACP,MAAM,GACe,EAAE,EAAE,CAAC,IAAA,cAAI,EAAA;OACzB,WAAW,CAAC,SAAS,CAAC;;;MAGvB,KAAK,IAAI,IAAA,cAAI,EAAA,UAAU,KAAK,UAAU;MACtC,IAAI,IAAI,IAAA,cAAI,EAAA,eAAe,IAAI,CAAC,IAAI,MAAM;MAC1C,IAAI,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe;MACnD,IAAI,EAAE,GAAG,CAAC,UAAU,CAAC;MACrB,QAAQ,EAAE,GAAG,CAAC,WAAW,CAAC;MAC1B,KAAK,EAAE,GAAG,CAAC,UAAU,CAAC;MACtB,IAAI;MACJ,MAAM,EAAE,GAAG,CAAC,WAAW,CAAC;;SAErB,WAAW,CAAC,SAAS,CAAC,IAAI,IAAI,GAAG,OAAO,EAAE,GAAG,CAAC,YAAY,CAAC;QAC5D,CAAA;AA1BK,QAAA,aAAa,iBA0BlB;AAER,SAAS,cAAc,CACrB,KAAQ;IAER,OAAO,MAAM,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,CAAA;AACrD,CAAC;AAED,SAAS,UAAU,CAAC,KAAgB;IAClC,OAAO,IAAA,cAAI,EAAA,QAAQ,WAAW,CAAC,KAAK,CAAC,KAAK,CAAA;AAC5C,CAAC;AAED,SAAS,UAAU,CAAC,KAAgB;IAClC,OAAO,IAAA,cAAI,EAAA,QAAQ,WAAW,CAAC,KAAK,CAAC,KAAK,CAAA;AAC5C,CAAC;AAED,QAAQ,CAAC,CAAC,WAAW,CAAC,KAAa;IACjC,IAAI,KAAK,EAAE,CAAC;QACV,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAClD,IAAI,KAAK,IAAI,IAAI;gBAAE,SAAQ;iBACtB,IAAI,KAAK,KAAK,KAAK;gBAAE,SAAQ;iBAC7B,IAAI,KAAK,KAAK,IAAI;gBAAE,MAAM,IAAA,cAAI,EAAA,IAAI,IAAI,EAAE,CAAA;;gBACxC,MAAM,IAAA,cAAI,EAAA,IAAI,IAAI,KAAK,KAAK,GAAG,CAAA;QACtC,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,KAAe;IAClC,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;IAEtC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,IAAA,cAAI,EAAA,mCAAmC,KAAK,CAAC,GAAG,MAAM,CAAA;IAC/D,CAAC;IAED,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1B,OAAO,IAAA,cAAI,EAAA,6BAA6B,KAAK,CAAC,GAAG,iBAAiB,CAAA;IACpE,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,YAAY,CAAC,MAAuB;IAC3C,OAAO,MAAM,YAAY,cAAI;QAC3B,CAAC,CAAC,kBAAkB;YAClB,IAAA,cAAI,EAAA,WAAW,MAAM,WAAW,CAAC,qDAAqD;QACxF,CAAC,CAAC,IAAA,cAAI,EAAA,8BAA8B,MAAM,CAAC,GAAG,aAAa,CAAA;AAC/D,CAAC;AAED,SAAS,WAAW,CAAC,KAAsB;IACzC,OAAO,KAAK,YAAY,cAAI;QAC1B,CAAC,CAAC,kBAAkB;YAClB,IAAA,cAAI,EAAA,UAAU,KAAK,UAAU,CAAC,qDAAqD;QACrF,CAAC,CAAC,IAAA,cAAI,EAAA,gCAAgC,KAAK,CAAC,GAAG,MAAM,CAAA;AACzD,CAAC"}

package/dist/lib/html/html.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"html.d.ts","sourceRoot":"","sources":["../../../src/lib/html/html.ts"],"names":[],"mappings":"AAIA;;;GAGG;AACH,qBAAa,IAAK,YAAW,QAAQ,CAAC,MAAM,CAAC;;IAG3C,OAAO;IAYP,QAAQ,IAAI,MAAM;IAgBlB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,KAAA,GAAG,MAAM;IAUjC,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,gBAAgB,CAAC,MAAM,CAAC;IAU9C,MAAM,CAAC,iBAAiB,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,IAAI;CAGnE"}
+{"version":3,"file":"html.d.ts","sourceRoot":"","sources":["../../../src/lib/html/html.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,qBAAa,IAAK,YAAW,QAAQ,CAAC,MAAM,CAAC;;IAG3C,OAAO;IAcP,QAAQ,IAAI,MAAM;IASlB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,KAAA,GAAG,MAAM;IAUjC,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,gBAAgB,CAAC,MAAM,CAAC;IAU9C,MAAM,CAAC,iBAAiB,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,IAAI;CAGnE"}

package/dist/lib/html/html.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Html = void 0;
-const util_1 = require("./util");
 const symbol = Symbol('Html.dangerouslyCreate');
 /**
  * This class represents trusted HTML that can be safely embedded in a web page,
@@ -11,23 +10,21 @@ class Html {
     #fragments;
     constructor(fragments, guard) {
         if (guard !== symbol) {
-            // Force developers to use `Html.dangerouslyCreate` to create an Html
+            // Forces developers to use `Html.dangerouslyCreate` to create an Html
             // instance, to make it clear that the content needs to be trusted.
             throw new TypeError('Use Html.dangerouslyCreate() to create an Html instance');
         }
-        this.#fragments = fragments;
+        // Transform into an array in case iterable can be consumed only once
+        // (e.g. a generator function).
+        this.#fragments = Array.from(fragments);
     }
     toString() {
-        let result = '';
-        for (const fragment of this)
-            result += fragment;
-        // Cache result for future calls
-        if (!Array.isArray(this.#fragments) ||
-            this.#fragments.length > 1 ||
-            !this.#fragments.every(util_1.isString)) {
-            this.#fragments = result ? [result] : [];
-        }
-        return result;
+        // More efficient than `return this.#fragments.join('')` because it avoids
+        // creating intermediate strings when items of this.#fragments are Html
+        // instances (as all their toString() would end-up being called, creating
+        // lots of intermediary strings). The approach here allows to do a full scan
+        // of all the child nodes and concatenate them in a single pass.
+        return Array.from(this).join('');
     }
     [Symbol.toPrimitive](hint) {
         switch (hint) {

package/dist/lib/html/html.js.map

@@ -1 +1 @@
-{"version":3,"file":"html.js","sourceRoot":"","sources":["../../../src/lib/html/html.ts"],"names":[],"mappings":";;;AAAA,iCAAiC;AAEjC,MAAM,MAAM,GAAG,MAAM,CAAC,wBAAwB,CAAC,CAAA;AAE/C;;;GAGG;AACH,MAAa,IAAI;IACf,UAAU,CAAyB;IAEnC,YAAoB,SAAkC,EAAE,KAAa;QACnE,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;YACrB,qEAAqE;YACrE,mEAAmE;YACnE,MAAM,IAAI,SAAS,CACjB,yDAAyD,CAC1D,CAAA;QACH,CAAC;QAED,IAAI,CAAC,UAAU,GAAG,SAAS,CAAA;IAC7B,CAAC;IAED,QAAQ;QACN,IAAI,MAAM,GAAG,EAAE,CAAA;QACf,KAAK,MAAM,QAAQ,IAAI,IAAI;YAAE,MAAM,IAAI,QAAQ,CAAA;QAE/C,gCAAgC;QAChC,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC;YAC/B,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC;YAC1B,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,eAAQ,CAAC,EAChC,CAAC;YACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QAC1C,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAED,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI;QACvB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,QAAQ,CAAC;YACd,KAAK,SAAS;gBACZ,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAA;YACxB;gBACE,MAAM,IAAI,SAAS,CAAC,4BAA4B,IAAI,EAAE,CAAC,CAAA;QAC3D,CAAC;IACH,CAAC;IAED,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;QAChB,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACvC,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACjC,MAAM,QAAQ,CAAA;YAChB,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,CAAC,QAAQ,CAAA;YACjB,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,CAAC,iBAAiB,CAAC,SAAkC;QACzD,OAAO,IAAI,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACpC,CAAC;CACF;AAtDD,oBAsDC"}
+{"version":3,"file":"html.js","sourceRoot":"","sources":["../../../src/lib/html/html.ts"],"names":[],"mappings":";;;AAAA,MAAM,MAAM,GAAG,MAAM,CAAC,wBAAwB,CAAC,CAAA;AAE/C;;;GAGG;AACH,MAAa,IAAI;IACN,UAAU,CAA4B;IAE/C,YAAoB,SAAkC,EAAE,KAAa;QACnE,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;YACrB,sEAAsE;YACtE,mEAAmE;YACnE,MAAM,IAAI,SAAS,CACjB,yDAAyD,CAC1D,CAAA;QACH,CAAC;QAED,qEAAqE;QACrE,+BAA+B;QAC/B,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACzC,CAAC;IAED,QAAQ;QACN,0EAA0E;QAC1E,uEAAuE;QACvE,yEAAyE;QACzE,4EAA4E;QAC5E,gEAAgE;QAChE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAClC,CAAC;IAED,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI;QACvB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,QAAQ,CAAC;YACd,KAAK,SAAS;gBACZ,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAA;YACxB;gBACE,MAAM,IAAI,SAAS,CAAC,4BAA4B,IAAI,EAAE,CAAC,CAAA;QAC3D,CAAC;IACH,CAAC;IAED,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;QAChB,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACvC,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACjC,MAAM,QAAQ,CAAA;YAChB,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,CAAC,QAAQ,CAAA;YACjB,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,CAAC,iBAAiB,CAAC,SAAkC;QACzD,OAAO,IAAI,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACpC,CAAC;CACF;AAjDD,oBAiDC"}

package/dist/lib/html/util.d.ts

@@ -1,4 +1,3 @@
 export type NestedIterable<V> = V | Iterable<NestedIterable<V>>;
 export declare function stringReplacer(source: string, searchValue: string, replaceValue: string): Generator<string, void, undefined>;
-export declare function isString(value: unknown): value is string;
 //# sourceMappingURL=util.d.ts.map

package/dist/lib/html/util.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../src/lib/html/util.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAA;AAE/D,wBAAiB,cAAc,CAC7B,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,GACnB,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,SAAS,CAAC,CAUpC;AAED,wBAAgB,QAAQ,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAExD"}
+{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../src/lib/html/util.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAA;AAE/D,wBAAiB,cAAc,CAC7B,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,GACnB,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,SAAS,CAAC,CAUpC"}

package/dist/lib/html/util.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.stringReplacer = stringReplacer;
-exports.isString = isString;
 function* stringReplacer(source, searchValue, replaceValue) {
     let previousIndex = 0;
     let index = source.indexOf(searchValue);
@@ -13,7 +12,4 @@ function* stringReplacer(source, searchValue, replaceValue) {
     }
     yield source.slice(previousIndex);
 }
-function isString(value) {
-    return typeof value === 'string';
-}
 //# sourceMappingURL=util.js.map

package/dist/lib/html/util.js.map

@@ -1 +1 @@
-{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../src/lib/html/util.ts"],"names":[],"mappings":";;AAEA,wCAcC;AAED,4BAEC;AAlBD,QAAe,CAAC,CAAC,cAAc,CAC7B,MAAc,EACd,WAAmB,EACnB,YAAoB;IAEpB,IAAI,aAAa,GAAG,CAAC,CAAA;IACrB,IAAI,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAA;IACvC,OAAO,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;QACpB,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAA;QACxC,MAAM,YAAY,CAAA;QAClB,aAAa,GAAG,KAAK,GAAG,WAAW,CAAC,MAAM,CAAA;QAC1C,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;AACnC,CAAC;AAED,SAAgB,QAAQ,CAAC,KAAc;IACrC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAA;AAClC,CAAC"}
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../src/lib/html/util.ts"],"names":[],"mappings":";;AAEA,wCAcC;AAdD,QAAe,CAAC,CAAC,cAAc,CAC7B,MAAc,EACd,WAAmB,EACnB,YAAoB;IAEpB,IAAI,aAAa,GAAG,CAAC,CAAA;IACrB,IAAI,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAA;IACvC,OAAO,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;QACpB,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAA;QACxC,MAAM,YAAY,CAAA;QAClB,aAAa,GAAG,KAAK,GAAG,WAAW,CAAC,MAAM,CAAA;QAC1C,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;AACnC,CAAC"}

package/dist/lib/http/response.d.ts

@@ -1,5 +1,6 @@
 import type { ServerResponse } from 'node:http';
 import { type Readable } from 'node:stream';
+import { SecurityHeadersOptions } from './security-headers.js';
 import type { Handler, Middleware } from './types.js';
 export declare function appendHeader(res: ServerResponse, header: string, value: string | readonly string[]): void;
 export declare function writeRedirect(res: ServerResponse, url: string, status?: number): void;
@@ -12,6 +13,7 @@ export declare function writeBuffer(res: ServerResponse, chunk: string | Buffer,
 export declare function toJsonBuffer(value: unknown): Buffer;
 export declare function writeJson(res: ServerResponse, payload: unknown, { contentType, ...options }?: WriteResponseOptions): void;
 export declare function staticJsonMiddleware(value: unknown, { contentType, ...options }?: WriteResponseOptions): Handler<unknown>;
-export declare function writeHtml(res: ServerResponse, html: Buffer | string, { contentType, ...options }?: WriteResponseOptions): void;
+export type WriteHtmlOptions = WriteResponseOptions & SecurityHeadersOptions;
+export declare function writeHtml(res: ServerResponse, html: Buffer | string, { contentType, ...options }?: WriteHtmlOptions): void;
 export declare function cacheControlMiddleware(maxAge: number): Middleware<void>;
 //# sourceMappingURL=response.d.ts.map

package/dist/lib/http/response.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"response.d.ts","sourceRoot":"","sources":["../../../src/lib/http/response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAA;AAC/C,OAAO,EAAE,KAAK,QAAQ,EAAY,MAAM,aAAa,CAAA;AACrD,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAErD,wBAAgB,YAAY,CAC1B,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,GAChC,IAAI,CAQN;AAED,wBAAgB,aAAa,CAC3B,GAAG,EAAE,cAAc,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,SAAM,GACX,IAAI,CAEN;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED,wBAAgB,WAAW,CACzB,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,QAAQ,EAChB,EACE,MAAY,EACZ,WAAwC,GACzC,GAAE,oBAAyB,GAC3B,IAAI,CAYN;AAED,wBAAgB,WAAW,CACzB,GAAG,EAAE,cAAc,EACnB,KAAK,EAAE,MAAM,GAAG,MAAM,EACtB,IAAI,EAAE,oBAAoB,GACzB,IAAI,CAIN;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAMnD;AAED,wBAAgB,SAAS,CACvB,GAAG,EAAE,cAAc,EACnB,OAAO,EAAE,OAAO,EAChB,EAAE,WAAgC,EAAE,GAAG,OAAO,EAAE,GAAE,oBAAyB,GAC1E,IAAI,CAGN;AAED,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,OAAO,EACd,EAAE,WAAgC,EAAE,GAAG,OAAO,EAAE,GAAE,oBAAyB,GAC1E,OAAO,CAAC,OAAO,CAAC,CAMlB;AAED,wBAAgB,SAAS,CACvB,GAAG,EAAE,cAAc,EACnB,IAAI,EAAE,MAAM,GAAG,MAAM,EACrB,EAAE,WAAyB,EAAE,GAAG,OAAO,EAAE,GAAE,oBAAyB,GACnE,IAAI,CAEN;AAED,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAMvE"}
+{"version":3,"file":"response.d.ts","sourceRoot":"","sources":["../../../src/lib/http/response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAA;AAC/C,OAAO,EAAE,KAAK,QAAQ,EAAY,MAAM,aAAa,CAAA;AACrD,OAAO,EACL,sBAAsB,EAEvB,MAAM,uBAAuB,CAAA;AAC9B,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAErD,wBAAgB,YAAY,CAC1B,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,GAChC,IAAI,CAQN;AAED,wBAAgB,aAAa,CAC3B,GAAG,EAAE,cAAc,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,SAAM,GACX,IAAI,CAEN;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED,wBAAgB,WAAW,CACzB,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,QAAQ,EAChB,EACE,MAAY,EACZ,WAAwC,GACzC,GAAE,oBAAyB,GAC3B,IAAI,CAYN;AAED,wBAAgB,WAAW,CACzB,GAAG,EAAE,cAAc,EACnB,KAAK,EAAE,MAAM,GAAG,MAAM,EACtB,IAAI,EAAE,oBAAoB,GACzB,IAAI,CAIN;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAMnD;AAED,wBAAgB,SAAS,CACvB,GAAG,EAAE,cAAc,EACnB,OAAO,EAAE,OAAO,EAChB,EAAE,WAAgC,EAAE,GAAG,OAAO,EAAE,GAAE,oBAAyB,GAC1E,IAAI,CAGN;AAED,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,OAAO,EACd,EAAE,WAAgC,EAAE,GAAG,OAAO,EAAE,GAAE,oBAAyB,GAC1E,OAAO,CAAC,OAAO,CAAC,CAMlB;AAED,MAAM,MAAM,gBAAgB,GAAG,oBAAoB,GAAG,sBAAsB,CAAA;AAE5E,wBAAgB,SAAS,CACvB,GAAG,EAAE,cAAc,EACnB,IAAI,EAAE,MAAM,GAAG,MAAM,EACrB,EAAE,WAAyB,EAAE,GAAG,OAAO,EAAE,GAAE,gBAAqB,GAC/D,IAAI,CAIN;AAED,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAMvE"}

package/dist/lib/http/response.js

@@ -10,6 +10,7 @@ exports.staticJsonMiddleware = staticJsonMiddleware;
 exports.writeHtml = writeHtml;
 exports.cacheControlMiddleware = cacheControlMiddleware;
 const node_stream_1 = require("node:stream");
+const security_headers_js_1 = require("./security-headers.js");
 function appendHeader(res, header, value) {
     const existing = res.getHeader(header);
     if (existing == null) {
@@ -62,6 +63,8 @@ function staticJsonMiddleware(value, { contentType = 'application/json', ...opti
     };
 }
 function writeHtml(res, html, { contentType = 'text/html', ...options } = {}) {
+    // HTML pages should always be served with safety protection headers
+    (0, security_headers_js_1.setSecurityHeaders)(res, options);
     writeBuffer(res, html, { ...options, contentType });
 }
 function cacheControlMiddleware(maxAge) {

package/dist/lib/http/response.js.map

@@ -1 +1 @@
-{"version":3,"file":"response.js","sourceRoot":"","sources":["../../../src/lib/http/response.ts"],"names":[],"mappings":";;AAIA,oCAYC;AAED,sCAMC;AAOD,kCAmBC;AAED,kCAQC;AAED,oCAMC;AAED,8BAOC;AAED,oDASC;AAED,8BAMC;AAED,wDAMC;AAvGD,6CAAqD;AAGrD,SAAgB,YAAY,CAC1B,GAAmB,EACnB,MAAc,EACd,KAAiC;IAEjC,MAAM,QAAQ,GAAG,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;IACtC,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;IAC9B,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAA;QACnE,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;IAC1C,CAAC;AACH,CAAC;AAED,SAAgB,aAAa,CAC3B,GAAmB,EACnB,GAAW,EACX,MAAM,GAAG,GAAG;IAEZ,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAA;AAChD,CAAC;AAOD,SAAgB,WAAW,CACzB,GAAmB,EACnB,MAAgB,EAChB,EACE,MAAM,GAAG,GAAG,EACZ,WAAW,GAAG,0BAA0B,MAChB,EAAE;IAE5B,GAAG,CAAC,UAAU,GAAG,MAAM,CAAA;IACvB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAA;IAE1C,IAAI,GAAG,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC9B,GAAG,CAAC,GAAG,EAAE,CAAA;QACT,MAAM,CAAC,OAAO,EAAE,CAAA;IAClB,CAAC;SAAM,CAAC;QACN,IAAA,sBAAQ,EAAC,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC,IAAkB,EAAE,EAAE;YAC7C,mDAAmD;QACrD,CAAC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,SAAgB,WAAW,CACzB,GAAmB,EACnB,KAAsB,EACtB,IAA0B;IAE1B,IAAI,IAAI,EAAE,MAAM,IAAI,IAAI;QAAE,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,MAAM,CAAA;IACtD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,WAAW,IAAI,0BAA0B,CAAC,CAAA;IAC9E,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;AAChB,CAAC;AAED,SAAgB,YAAY,CAAC,KAAc;IACzC,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAA;IAC3C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,6BAA6B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;IAC3D,CAAC;AACH,CAAC;AAED,SAAgB,SAAS,CACvB,GAAmB,EACnB,OAAgB,EAChB,EAAE,WAAW,GAAG,kBAAkB,EAAE,GAAG,OAAO,KAA2B,EAAE;IAE3E,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,CAAA;IACpC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,CAAC,CAAA;AACvD,CAAC;AAED,SAAgB,oBAAoB,CAClC,KAAc,EACd,EAAE,WAAW,GAAG,kBAAkB,EAAE,GAAG,OAAO,KAA2B,EAAE;IAE3E,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAA;IAClC,MAAM,aAAa,GAAyB,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,CAAA;IACvE,OAAO,UAAU,GAAG,EAAE,GAAG;QACvB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,CAAC,CAAA;IACzC,CAAC,CAAA;AACH,CAAC;AAED,SAAgB,SAAS,CACvB,GAAmB,EACnB,IAAqB,EACrB,EAAE,WAAW,GAAG,WAAW,EAAE,GAAG,OAAO,KAA2B,EAAE;IAEpE,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,CAAC,CAAA;AACrD,CAAC;AAED,SAAgB,sBAAsB,CAAC,MAAc;IACnD,MAAM,MAAM,GAAG,WAAW,MAAM,EAAE,CAAA;IAClC,OAAO,UAAU,GAAG,EAAE,GAAG,EAAE,IAAI;QAC7B,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,MAAM,CAAC,CAAA;QACtC,IAAI,EAAE,CAAA;IACR,CAAC,CAAA;AACH,CAAC"}
+{"version":3,"file":"response.js","sourceRoot":"","sources":["../../../src/lib/http/response.ts"],"names":[],"mappings":";;AAQA,oCAYC;AAED,sCAMC;AAOD,kCAmBC;AAED,kCAQC;AAED,oCAMC;AAED,8BAOC;AAED,oDASC;AAID,8BAQC;AAED,wDAMC;AA/GD,6CAAqD;AACrD,+DAG8B;AAG9B,SAAgB,YAAY,CAC1B,GAAmB,EACnB,MAAc,EACd,KAAiC;IAEjC,MAAM,QAAQ,GAAG,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;IACtC,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;IAC9B,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAA;QACnE,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;IAC1C,CAAC;AACH,CAAC;AAED,SAAgB,aAAa,CAC3B,GAAmB,EACnB,GAAW,EACX,MAAM,GAAG,GAAG;IAEZ,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAA;AAChD,CAAC;AAOD,SAAgB,WAAW,CACzB,GAAmB,EACnB,MAAgB,EAChB,EACE,MAAM,GAAG,GAAG,EACZ,WAAW,GAAG,0BAA0B,MAChB,EAAE;IAE5B,GAAG,CAAC,UAAU,GAAG,MAAM,CAAA;IACvB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAA;IAE1C,IAAI,GAAG,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC9B,GAAG,CAAC,GAAG,EAAE,CAAA;QACT,MAAM,CAAC,OAAO,EAAE,CAAA;IAClB,CAAC;SAAM,CAAC;QACN,IAAA,sBAAQ,EAAC,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC,IAAkB,EAAE,EAAE;YAC7C,mDAAmD;QACrD,CAAC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,SAAgB,WAAW,CACzB,GAAmB,EACnB,KAAsB,EACtB,IAA0B;IAE1B,IAAI,IAAI,EAAE,MAAM,IAAI,IAAI;QAAE,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,MAAM,CAAA;IACtD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,WAAW,IAAI,0BAA0B,CAAC,CAAA;IAC9E,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;AAChB,CAAC;AAED,SAAgB,YAAY,CAAC,KAAc;IACzC,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAA;IAC3C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,6BAA6B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;IAC3D,CAAC;AACH,CAAC;AAED,SAAgB,SAAS,CACvB,GAAmB,EACnB,OAAgB,EAChB,EAAE,WAAW,GAAG,kBAAkB,EAAE,GAAG,OAAO,KAA2B,EAAE;IAE3E,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,CAAA;IACpC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,CAAC,CAAA;AACvD,CAAC;AAED,SAAgB,oBAAoB,CAClC,KAAc,EACd,EAAE,WAAW,GAAG,kBAAkB,EAAE,GAAG,OAAO,KAA2B,EAAE;IAE3E,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAA;IAClC,MAAM,aAAa,GAAyB,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,CAAA;IACvE,OAAO,UAAU,GAAG,EAAE,GAAG;QACvB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,CAAC,CAAA;IACzC,CAAC,CAAA;AACH,CAAC;AAID,SAAgB,SAAS,CACvB,GAAmB,EACnB,IAAqB,EACrB,EAAE,WAAW,GAAG,WAAW,EAAE,GAAG,OAAO,KAAuB,EAAE;IAEhE,oEAAoE;IACpE,IAAA,wCAAkB,EAAC,GAAG,EAAE,OAAO,CAAC,CAAA;IAChC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,CAAC,CAAA;AACrD,CAAC;AAED,SAAgB,sBAAsB,CAAC,MAAc;IACnD,MAAM,MAAM,GAAG,WAAW,MAAM,EAAE,CAAA;IAClC,OAAO,UAAU,GAAG,EAAE,GAAG,EAAE,IAAI;QAC7B,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,MAAM,CAAC,CAAA;QACtC,IAAI,EAAE,CAAA;IACR,CAAC,CAAA;AACH,CAAC"}

package/dist/lib/http/security-headers.d.ts

@@ -0,0 +1,48 @@
+import type { ServerResponse } from 'node:http';
+import { type CspConfig } from '../csp/index.js';
+/**
+ * @see {@link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy COEP on MDN}
+ */
+export declare enum CrossOriginEmbedderPolicy {
+    unsafeNone = "unsafe-none",
+    requireCorp = "require-corp",
+    credentialless = "credentialless"
+}
+/**
+ * @see {@link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy CORP on MDN}
+ */
+export declare enum CrossOriginResourcePolicy {
+    sameSite = "same-site",
+    sameOrigin = "same-origin",
+    crossOrigin = "cross-origin"
+}
+/**
+ * @see {@link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy COOP on MDN}
+ */
+export declare enum CrossOriginOpenerPolicy {
+    unsafeNone = "unsafe-none",
+    sameOriginAllowPopups = "same-origin-allow-popups",
+    sameOrigin = "same-origin",
+    noopenerAllowPopups = "noopener-allow-popups"
+}
+export type HTTPStrictTransportSecurityConfig = {
+    maxAge: number;
+    includeSubDomains?: boolean;
+    preload?: boolean;
+};
+export type SecurityHeadersOptions = {
+    /**
+     * Defaults to `default-src: 'none'`. Use an empty object to disable CSP.
+     * @see {@link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy CSP on MDN}
+     */
+    csp?: CspConfig;
+    coep?: CrossOriginEmbedderPolicy;
+    corp?: CrossOriginResourcePolicy;
+    coop?: CrossOriginOpenerPolicy;
+    /**
+     * Defaults to 2 years. Use `false` to disable HSTS.
+     */
+    hsts?: HTTPStrictTransportSecurityConfig | false;
+};
+export declare function setSecurityHeaders(res: ServerResponse, { csp, coep, corp, coop, hsts, }: SecurityHeadersOptions): void;
+//# sourceMappingURL=security-headers.d.ts.map

package/dist/lib/http/security-headers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-headers.d.ts","sourceRoot":"","sources":["../../../src/lib/http/security-headers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAA;AAC/C,OAAO,EAAE,KAAK,SAAS,EAAY,MAAM,iBAAiB,CAAA;AAE1D;;GAEG;AACH,oBAAY,yBAAyB;IACnC,UAAU,gBAAgB;IAC1B,WAAW,iBAAiB;IAC5B,cAAc,mBAAmB;CAClC;AAED;;GAEG;AACH,oBAAY,yBAAyB;IACnC,QAAQ,cAAc;IACtB,UAAU,gBAAgB;IAC1B,WAAW,iBAAiB;CAC7B;AAED;;GAEG;AACH,oBAAY,uBAAuB;IACjC,UAAU,gBAAgB;IAC1B,qBAAqB,6BAA6B;IAClD,UAAU,gBAAgB;IAC1B,mBAAmB,0BAA0B;CAC9C;AAED,MAAM,MAAM,iCAAiC,GAAG;IAC9C,MAAM,EAAE,MAAM,CAAA;IACd,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG;IACnC;;;OAGG;IACH,GAAG,CAAC,EAAE,SAAS,CAAA;IACf,IAAI,CAAC,EAAE,yBAAyB,CAAA;IAChC,IAAI,CAAC,EAAE,yBAAyB,CAAA;IAChC,IAAI,CAAC,EAAE,uBAAuB,CAAA;IAC9B;;OAEG;IACH,IAAI,CAAC,EAAE,iCAAiC,GAAG,KAAK,CAAA;CACjD,CAAA;AAED,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,cAAc,EACnB,EACE,GAAmC,EACnC,IAA4C,EAC5C,IAA2C,EAC3C,IAAyC,EACzC,IAA2B,GAC5B,EAAE,sBAAsB,GACxB,IAAI,CAsBN"}

package/dist/lib/http/security-headers.js

@@ -0,0 +1,62 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CrossOriginOpenerPolicy = exports.CrossOriginResourcePolicy = exports.CrossOriginEmbedderPolicy = void 0;
+exports.setSecurityHeaders = setSecurityHeaders;
+const index_js_1 = require("../csp/index.js");
+/**
+ * @see {@link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy COEP on MDN}
+ */
+var CrossOriginEmbedderPolicy;
+(function (CrossOriginEmbedderPolicy) {
+    CrossOriginEmbedderPolicy["unsafeNone"] = "unsafe-none";
+    CrossOriginEmbedderPolicy["requireCorp"] = "require-corp";
+    CrossOriginEmbedderPolicy["credentialless"] = "credentialless";
+})(CrossOriginEmbedderPolicy || (exports.CrossOriginEmbedderPolicy = CrossOriginEmbedderPolicy = {}));
+/**
+ * @see {@link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy CORP on MDN}
+ */
+var CrossOriginResourcePolicy;
+(function (CrossOriginResourcePolicy) {
+    CrossOriginResourcePolicy["sameSite"] = "same-site";
+    CrossOriginResourcePolicy["sameOrigin"] = "same-origin";
+    CrossOriginResourcePolicy["crossOrigin"] = "cross-origin";
+})(CrossOriginResourcePolicy || (exports.CrossOriginResourcePolicy = CrossOriginResourcePolicy = {}));
+/**
+ * @see {@link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy COOP on MDN}
+ */
+var CrossOriginOpenerPolicy;
+(function (CrossOriginOpenerPolicy) {
+    CrossOriginOpenerPolicy["unsafeNone"] = "unsafe-none";
+    CrossOriginOpenerPolicy["sameOriginAllowPopups"] = "same-origin-allow-popups";
+    CrossOriginOpenerPolicy["sameOrigin"] = "same-origin";
+    CrossOriginOpenerPolicy["noopenerAllowPopups"] = "noopener-allow-popups";
+})(CrossOriginOpenerPolicy || (exports.CrossOriginOpenerPolicy = CrossOriginOpenerPolicy = {}));
+function setSecurityHeaders(res, { csp = { 'default-src': ["'none'"] }, coep = CrossOriginEmbedderPolicy.requireCorp, corp = CrossOriginResourcePolicy.sameOrigin, coop = CrossOriginOpenerPolicy.sameOrigin, hsts = { maxAge: 63072000 }, }) {
+    // @NOTE Never set CSP through http-equiv meta as not all directives will
+    // be honored. Always set it through the Content-Security-Policy header.
+    const cspString = (0, index_js_1.buildCsp)(csp);
+    if (cspString) {
+        res.setHeader('Content-Security-Policy', cspString);
+    }
+    res.setHeader('Cross-Origin-Embedder-Policy', coep);
+    res.setHeader('Cross-Origin-Resource-Policy', corp);
+    res.setHeader('Cross-Origin-Opener-Policy', coop);
+    if (hsts) {
+        res.setHeader('Strict-Transport-Security', buildHstsValue(hsts));
+    }
+    // @TODO: make these headers configurable (?)
+    res.setHeader('Permissions-Policy', 'otp-credentials=*, document-domain=()');
+    res.setHeader('Referrer-Policy', 'same-origin');
+    res.setHeader('X-Frame-Options', 'DENY');
+    res.setHeader('X-Content-Type-Options', 'nosniff');
+    res.setHeader('X-XSS-Protection', '0');
+}
+function buildHstsValue(config) {
+    let value = `max-age=${config.maxAge}`;
+    if (config.includeSubDomains)
+        value += '; includeSubDomains';
+    if (config.preload)
+        value += '; preload';
+    return value;
+}
+//# sourceMappingURL=security-headers.js.map

package/dist/lib/http/security-headers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-headers.js","sourceRoot":"","sources":["../../../src/lib/http/security-headers.ts"],"names":[],"mappings":";;;AAoDA,gDA+BC;AAlFD,8CAA0D;AAE1D;;GAEG;AACH,IAAY,yBAIX;AAJD,WAAY,yBAAyB;IACnC,uDAA0B,CAAA;IAC1B,yDAA4B,CAAA;IAC5B,8DAAiC,CAAA;AACnC,CAAC,EAJW,yBAAyB,yCAAzB,yBAAyB,QAIpC;AAED;;GAEG;AACH,IAAY,yBAIX;AAJD,WAAY,yBAAyB;IACnC,mDAAsB,CAAA;IACtB,uDAA0B,CAAA;IAC1B,yDAA4B,CAAA;AAC9B,CAAC,EAJW,yBAAyB,yCAAzB,yBAAyB,QAIpC;AAED;;GAEG;AACH,IAAY,uBAKX;AALD,WAAY,uBAAuB;IACjC,qDAA0B,CAAA;IAC1B,6EAAkD,CAAA;IAClD,qDAA0B,CAAA;IAC1B,wEAA6C,CAAA;AAC/C,CAAC,EALW,uBAAuB,uCAAvB,uBAAuB,QAKlC;AAuBD,SAAgB,kBAAkB,CAChC,GAAmB,EACnB,EACE,GAAG,GAAG,EAAE,aAAa,EAAE,CAAC,QAAQ,CAAC,EAAE,EACnC,IAAI,GAAG,yBAAyB,CAAC,WAAW,EAC5C,IAAI,GAAG,yBAAyB,CAAC,UAAU,EAC3C,IAAI,GAAG,uBAAuB,CAAC,UAAU,EACzC,IAAI,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,GACJ;IAEzB,yEAAyE;IACzE,wEAAwE;IACxE,MAAM,SAAS,GAAG,IAAA,mBAAQ,EAAC,GAAG,CAAC,CAAA;IAC/B,IAAI,SAAS,EAAE,CAAC;QACd,GAAG,CAAC,SAAS,CAAC,yBAAyB,EAAE,SAAS,CAAC,CAAA;IACrD,CAAC;IAED,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,IAAI,CAAC,CAAA;IACnD,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,IAAI,CAAC,CAAA;IACnD,GAAG,CAAC,SAAS,CAAC,4BAA4B,EAAE,IAAI,CAAC,CAAA;IAEjD,IAAI,IAAI,EAAE,CAAC;QACT,GAAG,CAAC,SAAS,CAAC,2BAA2B,EAAE,cAAc,CAAC,IAAI,CAAC,CAAC,CAAA;IAClE,CAAC;IAED,6CAA6C;IAC7C,GAAG,CAAC,SAAS,CAAC,oBAAoB,EAAE,uCAAuC,CAAC,CAAA;IAC5E,GAAG,CAAC,SAAS,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAA;IAC/C,GAAG,CAAC,SAAS,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAA;IACxC,GAAG,CAAC,SAAS,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAA;IAClD,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAA;AACxC,CAAC;AAED,SAAS,cAAc,CAAC,MAAyC;IAC/D,IAAI,KAAK,GAAG,WAAW,MAAM,CAAC,MAAM,EAAE,CAAA;IACtC,IAAI,MAAM,CAAC,iBAAiB;QAAE,KAAK,IAAI,qBAAqB,CAAA;IAC5D,IAAI,MAAM,CAAC,OAAO;QAAE,KAAK,IAAI,WAAW,CAAA;IACxC,OAAO,KAAK,CAAA;AACd,CAAC"}

package/dist/lib/util/type.d.ts

@@ -5,6 +5,14 @@ export type Override<T, V> = Simplify<{
     [K in keyof (V & T)]: K extends keyof V ? V[K] : K extends keyof T ? T[K] : never;
 }>;
 export type Awaitable<T> = T | Promise<T>;
+/**
+ * Converts a tuple to the equivalent type of combining every item into a single
+ * one. If any of the item in the tuple is non nullish, the result will be non
+ * nullish.
+ */
+export type CombinedTuple<T extends readonly unknown[]> = T extends [] ? undefined : Exclude<T[number], {
+    [K in keyof T]-?: (null extends T[K] ? never : null) | (undefined extends T[K] ? never : undefined);
+}[keyof T]>;
 /**
  * Similar to {@link Required} but also ensures that all values are defined.
  */

package/dist/lib/util/type.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"type.d.ts","sourceRoot":"","sources":["../../../src/lib/util/type.ts"],"names":[],"mappings":"AACA,MAAM,MAAM,QAAQ,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,EAAE,CAAA;AACvD,MAAM,MAAM,QAAQ,CAAC,CAAC,EAAE,CAAC,IAAI,QAAQ,CAAC;KACnC,CAAC,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,MAAM,CAAC,GACnC,CAAC,CAAC,CAAC,CAAC,GACJ,CAAC,SAAS,MAAM,CAAC,GACf,CAAC,CAAC,CAAC,CAAC,GACJ,KAAK;CACZ,CAAC,CAAA;AACF,MAAM,MAAM,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;AAEzC;;GAEG;AACH,MAAM,MAAM,eAAe,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC;CAAE,CAAA;AAI/E;;;;;GAKG;AACH,KAAK,cAAc,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,MAAM,CAAC,GAAG,KAAK,CAAA;AAExD;;;;;;;GAOG;AACH,KAAK,mBAAmB,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,SAAS,CAC7E,CAAC,EAAE,MAAM,CAAC,KACP,IAAI,GACL,CAAC,GACD,KAAK,CAAA;AAET;;;;;GAKG;AACH,KAAK,gBAAgB,CAAC,CAAC,IAYrB,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,MAAM,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;AAE1E;;;;;;;;;;;;GAYG;AACH,KAAK,YAAY,CAAC,CAAC,IAAI,oBAAoB,CAAC,CAAC,CAAC,CAAA;AAE9C,KAAK,oBAAoB,CACvB,CAAC,EAED,GAAG,SAAS,SAAS,GAAG,EAAE,GAAG,EAAE,EAE/B,IAAI,GAAG,gBAAgB,CAAC,CAAC,CAAC,IAG1B;IAAC,IAAI;CAAC,SAAS,CAAC,KAAK,CAAC,GAElB,GAAG,GAGH,oBAAoB,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,SAAS,CAAC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAA;AAErE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,eAAO,MAAM,qBAAqB,GAC/B,CAAC,SAAS,MAAM,QAAQ,SAAS,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,MACjE,CAAC,SAAS,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,KAAG,KAAK,IAAI,CAAC,GAAG,eAAe,CAAC,CAAC,CACf,CAAA"}
+{"version":3,"file":"type.d.ts","sourceRoot":"","sources":["../../../src/lib/util/type.ts"],"names":[],"mappings":"AACA,MAAM,MAAM,QAAQ,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,EAAE,CAAA;AACvD,MAAM,MAAM,QAAQ,CAAC,CAAC,EAAE,CAAC,IAAI,QAAQ,CAAC;KACnC,CAAC,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,MAAM,CAAC,GACnC,CAAC,CAAC,CAAC,CAAC,GACJ,CAAC,SAAS,MAAM,CAAC,GACf,CAAC,CAAC,CAAC,CAAC,GACJ,KAAK;CACZ,CAAC,CAAA;AACF,MAAM,MAAM,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;AAEzC;;;;GAIG;AACH,MAAM,MAAM,aAAa,CAAC,CAAC,SAAS,SAAS,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,GAClE,SAAS,GACT,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAGT;KACG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,GACX,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC,GAClC,CAAC,SAAS,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,SAAS,CAAC;CACjD,CAAC,MAAM,CAAC,CAAC,CACX,CAAA;AAEL;;GAEG;AACH,MAAM,MAAM,eAAe,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC;CAAE,CAAA;AAI/E;;;;;GAKG;AACH,KAAK,cAAc,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,MAAM,CAAC,GAAG,KAAK,CAAA;AAExD;;;;;;;GAOG;AACH,KAAK,mBAAmB,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,SAAS,CAC7E,CAAC,EAAE,MAAM,CAAC,KACP,IAAI,GACL,CAAC,GACD,KAAK,CAAA;AAET;;;;;GAKG;AACH,KAAK,gBAAgB,CAAC,CAAC,IAYrB,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,MAAM,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;AAE1E;;;;;;;;;;;;GAYG;AACH,KAAK,YAAY,CAAC,CAAC,IAAI,oBAAoB,CAAC,CAAC,CAAC,CAAA;AAE9C,KAAK,oBAAoB,CACvB,CAAC,EAED,GAAG,SAAS,SAAS,GAAG,EAAE,GAAG,EAAE,EAE/B,IAAI,GAAG,gBAAgB,CAAC,CAAC,CAAC,IAG1B;IAAC,IAAI;CAAC,SAAS,CAAC,KAAK,CAAC,GAElB,GAAG,GAGH,oBAAoB,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,SAAS,CAAC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAC,CAAA;AAErE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,eAAO,MAAM,qBAAqB,GAC/B,CAAC,SAAS,MAAM,QAAQ,SAAS,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,MACjE,CAAC,SAAS,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,KAAG,KAAK,IAAI,CAAC,GAAG,eAAe,CAAC,CAAC,CACf,CAAA"}

package/dist/lib/util/type.js.map

@@ -1 +1 @@
-{"version":3,"file":"type.js","sourceRoot":"","sources":["../../../src/lib/util/type.ts"],"names":[],"mappings":";;;AA0FA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACI,MAAM,qBAAqB,GAChC,CAAmB,IAA+C,EAAE,EAAE,CACtE,CAAuB,KAAQ,EAAmC,EAAE,CAClE,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,SAAS,CAAC,CAAA;AAHtC,QAAA,qBAAqB,yBAGiB;AAEnD,mBAAmB"}
+{"version":3,"file":"type.js","sourceRoot":"","sources":["../../../src/lib/util/type.ts"],"names":[],"mappings":";;;AA4GA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACI,MAAM,qBAAqB,GAChC,CAAmB,IAA+C,EAAE,EAAE,CACtE,CAAuB,KAAQ,EAAmC,EAAE,CAClE,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,SAAS,CAAC,CAAA;AAHtC,QAAA,qBAAqB,yBAGiB;AAEnD,mBAAmB"}

package/dist/oauth-hooks.d.ts

@@ -2,7 +2,7 @@ import { Jwks } from '@atproto/jwk';
 import { OAuthAuthorizationDetails, OAuthAuthorizationRequestParameters, OAuthClientMetadata, OAuthTokenResponse } from '@atproto/oauth-types';
 import { Account } from './account/account.js';
 import { SignInData } from './account/sign-in-data.js';
-import { SignUpData } from './account/sign-up-data.js';
+import { SignUpInput } from './account/sign-up-input.js';
 import { ClientAuth } from './client/client-auth.js';
 import { ClientId } from './client/client-id.js';
 import { ClientInfo } from './client/client-info.js';
@@ -12,8 +12,8 @@ import { HcaptchaConfig, HcaptchaVerifyResult } from './lib/hcaptcha.js';
 import { RequestMetadata } from './lib/http/request.js';
 import { Awaitable } from './lib/util/type.js';
 import { AccessDeniedError, OAuthError } from './oauth-errors.js';
-import { DeviceAccountInfo, DeviceId } from './oauth-store.js';
-export { AccessDeniedError, type Account, type Awaitable, Client, type ClientAuth, type ClientId, type ClientInfo, type DeviceAccountInfo, type DeviceId, type HcaptchaConfig, type HcaptchaVerifyResult, InvalidRequestError, type Jwks, type OAuthAuthorizationDetails, type OAuthAuthorizationRequestParameters, type OAuthClientMetadata, OAuthError, type OAuthTokenResponse, type RequestMetadata, type SignInData, type SignUpData, };
+import { DeviceAccountInfo, DeviceId, SignUpData } from './oauth-store.js';
+export { AccessDeniedError, type Account, type Awaitable, Client, type ClientAuth, type ClientId, type ClientInfo, type DeviceAccountInfo, type DeviceId, type HcaptchaConfig, type HcaptchaVerifyResult, InvalidRequestError, type Jwks, type OAuthAuthorizationDetails, type OAuthAuthorizationRequestParameters, type OAuthClientMetadata, OAuthError, type OAuthTokenResponse, type RequestMetadata, type SignInData, type SignUpData, type SignUpInput, };
 export type OAuthHooks = {
     /**
      * Use this to alter, override or validate the client metadata & jwks returned
@@ -39,35 +39,14 @@ export type OAuthHooks = {
         parameters: OAuthAuthorizationRequestParameters;
         account: Account;
     }) => Awaitable<undefined | OAuthAuthorizationDetails>;
-    /**
-     * This hook is called whenever an hcaptcha challenge is verified
-     * during sign-up (if hcaptcha is enabled).
-     *
-     * @throws {InvalidRequestError} to deny the sign-up
-     */
-    onSignupHcaptchaResult?: (data: {
-        data: SignUpData;
-        /**
-         * This indicates not only wether the hCaptcha challenge succeeded, but also
-         * if the score was low enough according to the
-         * {@link HcaptchaConfig.scoreThreshold}.
-         *
-         * @see {@link HCaptchaClient.isAllowed}
-         */
-        allowed: boolean;
-        result: HcaptchaVerifyResult;
-        deviceId: DeviceId;
-        deviceMetadata: RequestMetadata;
-    }) => Awaitable<void>;
     /**
      * This hook is called when a user attempts to sign up, after every validation
      * has passed (including hcaptcha).
      */
     onSignupAttempt?: (data: {
-        data: SignUpData;
+        input: SignUpInput;
         deviceId: DeviceId;
         deviceMetadata: RequestMetadata;
-        hcaptchaResult?: HcaptchaVerifyResult;
     }) => Awaitable<void>;
     /**
      * This hook is called when a user successfully signs up.

package/dist/oauth-hooks.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-hooks.d.ts","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAA;AACvE,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACxE,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AACjE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAA;AAG9D,OAAO,EACL,iBAAiB,EACjB,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,MAAM,EACN,KAAK,UAAU,EACf,KAAK,QAAQ,EACb,KAAK,UAAU,EACf,KAAK,iBAAiB,EACtB,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,KAAK,oBAAoB,EACzB,mBAAmB,EACnB,KAAK,IAAI,EACT,KAAK,yBAAyB,EAC9B,KAAK,mCAAmC,EACxC,KAAK,mBAAmB,EACxB,UAAU,EACV,KAAK,kBAAkB,EACvB,KAAK,eAAe,EACpB,KAAK,UAAU,EACf,KAAK,UAAU,GAChB,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB;;;;;;OAMG;IACH,aAAa,CAAC,EAAE,CACd,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE;QAAE,QAAQ,EAAE,mBAAmB,CAAC;QAAC,IAAI,CAAC,EAAE,IAAI,CAAA;KAAE,KACjD,SAAS,CAAC,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;IAE/C;;;;;OAKG;IACH,uBAAuB,CAAC,EAAE,CAAC,IAAI,EAAE;QAC/B,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,UAAU,EAAE,mCAAmC,CAAA;QAC/C,OAAO,EAAE,OAAO,CAAA;KACjB,KAAK,SAAS,CAAC,SAAS,GAAG,yBAAyB,CAAC,CAAA;IAEtD;;;;;OAKG;IACH,sBAAsB,CAAC,EAAE,CAAC,IAAI,EAAE;QAC9B,IAAI,EAAE,UAAU,CAAA;QAChB;;;;;;WAMG;QACH,OAAO,EAAE,OAAO,CAAA;QAChB,MAAM,EAAE,oBAAoB,CAAA;QAC5B,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;OAGG;IACH,eAAe,CAAC,EAAE,CAAC,IAAI,EAAE;QACvB,IAAI,EAAE,UAAU,CAAA;QAChB,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;QAC/B,cAAc,CAAC,EAAE,oBAAoB,CAAA;KACtC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;OAIG;IACH,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE;QAClB,IAAI,EAAE,UAAU,CAAA;QAChB,IAAI,EAAE,iBAAiB,CAAA;QACvB,OAAO,EAAE,OAAO,CAAA;QAChB,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;OAIG;IACH,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE;QAClB,IAAI,EAAE,UAAU,CAAA;QAChB,IAAI,EAAE,iBAAiB,CAAA;QACvB,OAAO,EAAE,OAAO,CAAA;QAChB,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;;;;;;;OAUG;IACH,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE;QACpB,MAAM,EAAE,MAAM,CAAA;QACd,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE;QACtB,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,kGAAkG;QAClG,QAAQ,EAAE,IAAI,GAAG,QAAQ,CAAA;KAC1B,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,CAAC,IAAI,EAAE;QACxB,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,kGAAkG;QAClG,QAAQ,EAAE,IAAI,GAAG,QAAQ,CAAA;KAC1B,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;CACtB,CAAA"}
+{"version":3,"file":"oauth-hooks.d.ts","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAA;AACvE,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACxE,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AACjE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAG1E,OAAO,EACL,iBAAiB,EACjB,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,MAAM,EACN,KAAK,UAAU,EACf,KAAK,QAAQ,EACb,KAAK,UAAU,EACf,KAAK,iBAAiB,EACtB,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,KAAK,oBAAoB,EACzB,mBAAmB,EACnB,KAAK,IAAI,EACT,KAAK,yBAAyB,EAC9B,KAAK,mCAAmC,EACxC,KAAK,mBAAmB,EACxB,UAAU,EACV,KAAK,kBAAkB,EACvB,KAAK,eAAe,EACpB,KAAK,UAAU,EACf,KAAK,UAAU,EACf,KAAK,WAAW,GACjB,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB;;;;;;OAMG;IACH,aAAa,CAAC,EAAE,CACd,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE;QAAE,QAAQ,EAAE,mBAAmB,CAAC;QAAC,IAAI,CAAC,EAAE,IAAI,CAAA;KAAE,KACjD,SAAS,CAAC,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;IAE/C;;;;;OAKG;IACH,uBAAuB,CAAC,EAAE,CAAC,IAAI,EAAE;QAC/B,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,UAAU,EAAE,mCAAmC,CAAA;QAC/C,OAAO,EAAE,OAAO,CAAA;KACjB,KAAK,SAAS,CAAC,SAAS,GAAG,yBAAyB,CAAC,CAAA;IAEtD;;;OAGG;IACH,eAAe,CAAC,EAAE,CAAC,IAAI,EAAE;QACvB,KAAK,EAAE,WAAW,CAAA;QAClB,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;OAIG;IACH,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE;QAClB,IAAI,EAAE,UAAU,CAAA;QAChB,IAAI,EAAE,iBAAiB,CAAA;QACvB,OAAO,EAAE,OAAO,CAAA;QAChB,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;OAIG;IACH,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE;QAClB,IAAI,EAAE,UAAU,CAAA;QAChB,IAAI,EAAE,iBAAiB,CAAA;QACvB,OAAO,EAAE,OAAO,CAAA;QAChB,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;;;;;;;OAUG;IACH,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE;QACpB,MAAM,EAAE,MAAM,CAAA;QACd,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE;QACtB,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,kGAAkG;QAClG,QAAQ,EAAE,IAAI,GAAG,QAAQ,CAAA;KAC1B,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,CAAC,IAAI,EAAE;QACxB,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,kGAAkG;QAClG,QAAQ,EAAE,IAAI,GAAG,QAAQ,CAAA;KAC1B,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;CACtB,CAAA"}

package/dist/oauth-provider.js

@@ -15,7 +15,7 @@ const access_token_type_js_1 = require("./access-token/access-token-type.js");
 const account_manager_js_1 = require("./account/account-manager.js");
 const account_store_js_1 = require("./account/account-store.js");
 const sign_in_data_js_1 = require("./account/sign-in-data.js");
-const sign_up_data_js_1 = require("./account/sign-up-data.js");
+const sign_up_input_js_1 = require("./account/sign-up-input.js");
 const assets_middleware_js_1 = require("./assets/assets-middleware.js");
 const client_auth_js_1 = require("./client/client-auth.js");
 const client_manager_js_1 = require("./client/client-manager.js");
@@ -792,7 +792,7 @@ class OAuthProvider extends oauth_verifier_js_1.OAuthVerifier {
             await server.accountManager.verifyHandleAvailability(data.handle);
             return { available: true };
         }));
-        router.post('/oauth/authorize/sign-up', apiHandler(sign_up_data_js_1.signUpDataSchema, async function (req, res, data, ctx) {
+        router.post('/oauth/authorize/sign-up', apiHandler(sign_up_input_js_1.signUpInputSchema, async function (req, res, data, ctx) {
             return server.signUp(ctx, data);
         }));
         router.post('/oauth/authorize/sign-in', apiHandler(sign_in_data_js_1.signInDataSchema, async function (req, res, data, ctx) {