npm - @aura-stack/auth - Versions diffs - 0.1.0-rc.9 → 0.1.0 - Mend

@aura-stack/auth 0.1.0-rc.9 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

package/dist/@types/index.cjs +15 -15
package/dist/@types/index.d.ts +7 -31
package/dist/@types/index.js +1 -1
package/dist/@types/router.d.cjs +1 -1
package/dist/@types/router.d.d.ts +7 -7
package/dist/@types/utility.cjs +15 -15
package/dist/@types/utility.d.ts +6 -6
package/dist/@types/utility.js +1 -1
package/dist/actions/callback/access-token.cjs +143 -143
package/dist/actions/callback/access-token.d.ts +15 -20
package/dist/actions/callback/access-token.js +8 -4
package/dist/actions/callback/callback.cjs +437 -455
package/dist/actions/callback/callback.d.ts +10 -12
package/dist/actions/callback/callback.js +16 -12
package/dist/actions/callback/userinfo.cjs +131 -134
package/dist/actions/callback/userinfo.d.ts +9 -9
package/dist/actions/callback/userinfo.js +10 -6
package/dist/actions/csrfToken/csrfToken.cjs +162 -171
package/dist/actions/csrfToken/csrfToken.d.ts +3 -3
package/dist/actions/csrfToken/csrfToken.js +12 -8
package/dist/actions/index.cjs +746 -773
package/dist/actions/index.d.ts +13 -13
package/dist/actions/index.js +34 -18
package/dist/actions/session/session.cjs +149 -155
package/dist/actions/session/session.d.ts +3 -3
package/dist/actions/session/session.js +11 -7
package/dist/actions/signIn/authorization.cjs +231 -249
package/dist/actions/signIn/authorization.d.ts +12 -18
package/dist/actions/signIn/authorization.js +16 -6
package/dist/actions/signIn/signIn.cjs +396 -423
package/dist/actions/signIn/signIn.d.ts +10 -10
package/dist/actions/signIn/signIn.js +14 -10
package/dist/actions/signOut/signOut.cjs +417 -440
package/dist/actions/signOut/signOut.d.ts +3 -3
package/dist/actions/signOut/signOut.js +15 -11
package/dist/assert.cjs +35 -36
package/dist/assert.d.ts +4 -4
package/dist/assert.js +10 -2
package/dist/chunk-256KIVJL.js +85 -96
package/dist/chunk-42XB3YCW.js +19 -17
package/dist/chunk-6SM22VVJ.js +13 -10
package/dist/chunk-CAKJT3KS.js +84 -69
package/dist/chunk-E3OXBRYF.js +19 -17
package/dist/chunk-EBPE35JT.js +28 -26
package/dist/chunk-FIPU4MLT.js +18 -16
package/dist/chunk-FJUDBLCP.js +50 -43
package/dist/chunk-FKRDCWBF.js +19 -17
package/dist/chunk-GZU3RBTB.js +51 -40
package/dist/chunk-HGJ4TXY4.js +132 -100
package/dist/chunk-HMRKN75I.js +63 -63
package/dist/chunk-IKHPGFCW.js +11 -9
package/dist/chunk-JAPMIE6S.js +7 -5
package/dist/chunk-KRNOMBXQ.js +19 -17
package/dist/chunk-LLR722CL.js +91 -70
package/dist/chunk-RLT4RFKV.js +39 -30
package/dist/chunk-SJPDVKUS.js +107 -88
package/dist/chunk-SMQO5WD7.js +26 -16
package/dist/chunk-STHEPPUZ.js +8 -6
package/dist/chunk-UJJ7R56J.js +47 -37
package/dist/chunk-UTDLUEEG.js +27 -21
package/dist/chunk-VFTYH33W.js +54 -37
package/dist/chunk-XXJKNKGQ.js +33 -23
package/dist/chunk-ZV4BH47P.js +132 -134
package/dist/cookie.cjs +169 -175
package/dist/cookie.d.ts +23 -51
package/dist/cookie.js +34 -34
package/dist/error.cjs +75 -75
package/dist/error.d.ts +30 -30
package/dist/error.js +15 -8
package/dist/headers.cjs +28 -28
package/dist/headers.d.ts +2 -2
package/dist/headers.js +6 -2
package/dist/index-DpfbvTZ_.d.ts +249 -298
package/dist/index.cjs +936 -969
package/dist/index.d.ts +10 -31
package/dist/index.js +70 -50
package/dist/jose.cjs +61 -64
package/dist/jose.d.ts +8 -8
package/dist/jose.js +9 -5
package/dist/oauth/bitbucket.cjs +38 -38
package/dist/oauth/bitbucket.d.ts +7 -7
package/dist/oauth/bitbucket.js +6 -2
package/dist/oauth/discord.cjs +48 -48
package/dist/oauth/discord.d.ts +7 -7
package/dist/oauth/discord.js +6 -2
package/dist/oauth/figma.cjs +39 -39
package/dist/oauth/figma.d.ts +7 -7
package/dist/oauth/figma.js +6 -2
package/dist/oauth/github.cjs +31 -31
package/dist/oauth/github.d.ts +7 -7
package/dist/oauth/github.js +6 -2
package/dist/oauth/gitlab.cjs +39 -39
package/dist/oauth/gitlab.d.ts +7 -7
package/dist/oauth/gitlab.js +6 -2
package/dist/oauth/index.cjs +180 -180
package/dist/oauth/index.d.ts +7 -26
package/dist/oauth/index.js +36 -9
package/dist/oauth/spotify.cjs +39 -39
package/dist/oauth/spotify.d.ts +7 -7
package/dist/oauth/spotify.js +6 -2
package/dist/oauth/x.cjs +39 -39
package/dist/oauth/x.d.ts +7 -7
package/dist/oauth/x.js +6 -2
package/dist/response.cjs +27 -27
package/dist/response.d.ts +2 -2
package/dist/response.js +6 -2
package/dist/schemas.cjs +91 -91
package/dist/schemas.d.ts +93 -126
package/dist/schemas.js +18 -18
package/dist/secure.cjs +95 -98
package/dist/secure.d.ts +17 -17
package/dist/secure.js +18 -4
package/dist/utils.cjs +119 -132
package/dist/utils.d.ts +11 -26
package/dist/utils.js +21 -21
package/package.json +2 -2

package/dist/actions/csrfToken/csrfToken.cjs CHANGED Viewed

@@ -1,216 +1,207 @@
-"use strict"
-var __create = Object.create
-var __defProp = Object.defineProperty
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor
-var __getOwnPropNames = Object.getOwnPropertyNames
-var __getProtoOf = Object.getPrototypeOf
-var __hasOwnProp = Object.prototype.hasOwnProperty
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
-    for (var name in all) __defProp(target, name, { get: all[name], enumerable: true })
-}
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
 var __copyProps = (to, from, except, desc) => {
-    if ((from && typeof from === "object") || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-            if (!__hasOwnProp.call(to, key) && key !== except)
-                __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable })
-    }
-    return to
-}
-var __toESM = (mod, isNodeMode, target) => (
-    (target = mod != null ? __create(__getProtoOf(mod)) : {}),
-    __copyProps(
-        // If the importer is in node compatibility mode or this is not an ESM
-        // file that has been converted to a CommonJS file using a Babel-
-        // compatible transform (i.e. "__esModule" has not been set), then set
-        // "default" to the CommonJS "module.exports" for node compatibility.
-        isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-        mod
-    )
-)
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod)
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 // src/actions/csrfToken/csrfToken.ts
-var csrfToken_exports = {}
+var csrfToken_exports = {};
 __export(csrfToken_exports, {
-    csrfTokenAction: () => csrfTokenAction,
-})
-module.exports = __toCommonJS(csrfToken_exports)
-var import_router2 = require("@aura-stack/router")
+  csrfTokenAction: () => csrfTokenAction
+});
+module.exports = __toCommonJS(csrfToken_exports);
+var import_router2 = require("@aura-stack/router");
 // src/secure.ts
-var import_node_crypto = __toESM(require("crypto"), 1)
+var import_node_crypto = __toESM(require("crypto"), 1);
 // src/utils.ts
-var import_router = require("@aura-stack/router")
+var import_router = require("@aura-stack/router");
 // src/error.ts
 var AuthError = class extends Error {
-    constructor(type, message) {
-        super(message)
-        this.type = type
-        this.name = "AuthError"
-    }
-}
+  constructor(type, message) {
+    super(message);
+    this.type = type;
+    this.name = "AuthError";
+  }
+};
 // src/secure.ts
 var generateSecure = (length = 32) => {
-    return import_node_crypto.default.randomBytes(length).toString("base64url")
-}
+  return import_node_crypto.default.randomBytes(length).toString("base64url");
+};
 var createCSRF = async (jose, csrfCookie) => {
-    try {
-        const token = generateSecure(32)
-        if (csrfCookie) {
-            await jose.verifyJWS(csrfCookie)
-            return csrfCookie
-        }
-        return jose.signJWS({ token })
-    } catch {
-        const token = generateSecure(32)
-        return jose.signJWS({ token })
+  try {
+    const token = generateSecure(32);
+    if (csrfCookie) {
+      await jose.verifyJWS(csrfCookie);
+      return csrfCookie;
     }
-}
+    return jose.signJWS({ token });
+  } catch {
+    const token = generateSecure(32);
+    return jose.signJWS({ token });
+  }
+};
 // src/headers.ts
 var cacheControl = {
-    "Cache-Control": "no-store",
-    Pragma: "no-cache",
-    Expires: "0",
-    Vary: "Cookie",
-}
+  "Cache-Control": "no-store",
+  Pragma: "no-cache",
+  Expires: "0",
+  Vary: "Cookie"
+};
 // src/cookie.ts
-var import_cookie = require("cookie")
+var import_cookie = require("cookie");
 // src/assert.ts
 var isRequest = (value) => {
-    return typeof Request !== "undefined" && value instanceof Request
-}
+  return typeof Request !== "undefined" && value instanceof Request;
+};
 // src/cookie.ts
-var import_cookie2 = require("cookie")
-var COOKIE_NAME = "aura-auth"
+var import_cookie2 = require("cookie");
+var COOKIE_NAME = "aura-auth";
 var defaultCookieOptions = {
-    httpOnly: true,
-    sameSite: "lax",
-    path: "/",
-    maxAge: 60 * 60 * 24 * 15,
-}
+  httpOnly: true,
+  sameSite: "lax",
+  path: "/",
+  maxAge: 60 * 60 * 24 * 15
+};
 var defaultStandardCookieConfig = {
-    secure: false,
-    httpOnly: true,
-    prefix: "",
-}
+  secure: false,
+  httpOnly: true,
+  prefix: ""
+};
 var defaultSecureCookieConfig = {
-    secure: true,
-    prefix: "__Secure-",
-}
+  secure: true,
+  prefix: "__Secure-"
+};
 var defaultHostCookieConfig = {
-    secure: true,
-    prefix: "__Host-",
-    path: "/",
-    domain: void 0,
-}
+  secure: true,
+  prefix: "__Host-",
+  path: "/",
+  domain: void 0
+};
 var expiredCookieOptions = {
-    ...defaultCookieOptions,
-    expires: /* @__PURE__ */ new Date(0),
-    maxAge: 0,
-}
+  ...defaultCookieOptions,
+  expires: /* @__PURE__ */ new Date(0),
+  maxAge: 0
+};
 var defineDefaultCookieOptions = (options) => {
-    return {
-        name: options?.name ?? COOKIE_NAME,
-        prefix: options?.prefix ?? (options?.secure ? "__Secure-" : ""),
-        ...defaultCookieOptions,
-        ...options,
-    }
-}
+  return {
+    name: options?.name ?? COOKIE_NAME,
+    prefix: options?.prefix ?? (options?.secure ? "__Secure-" : ""),
+    ...defaultCookieOptions,
+    ...options
+  };
+};
 var setCookie = (cookieName, value, options) => {
-    const { prefix, name } = defineDefaultCookieOptions(options)
-    const cookieNameWithPrefix = `${prefix}${name}.${cookieName}`
-    return (0, import_cookie.serialize)(cookieNameWithPrefix, value, {
-        ...defaultCookieOptions,
-        ...options,
-    })
-}
+  const { prefix, name } = defineDefaultCookieOptions(options);
+  const cookieNameWithPrefix = `${prefix}${name}.${cookieName}`;
+  return (0, import_cookie.serialize)(cookieNameWithPrefix, value, {
+    ...defaultCookieOptions,
+    ...options
+  });
+};
 var getCookie = (petition, cookie, options, optional = false) => {
-    const cookies = isRequest(petition) ? petition.headers.get("Cookie") : petition.headers.getSetCookie().join("; ")
-    if (!cookies) {
-        if (optional) {
-            return ""
-        }
-        throw new AuthError("invalid_request", "No cookies found. There is no active session")
+  const cookies = isRequest(petition) ? petition.headers.get("Cookie") : petition.headers.getSetCookie().join("; ");
+  if (!cookies) {
+    if (optional) {
+      return "";
     }
-    const { name, prefix } = defineDefaultCookieOptions(options)
-    const parsedCookies = (0, import_cookie.parse)(cookies)
-    const value = parsedCookies[`${prefix}${name}.${cookie}`]
-    if (value === void 0) {
-        if (optional) {
-            return ""
-        }
-        throw new AuthError("invalid_request", `Cookie "${cookie}" not found. There is no active session`)
+    throw new AuthError("invalid_request", "No cookies found. There is no active session");
+  }
+  const { name, prefix } = defineDefaultCookieOptions(options);
+  const parsedCookies = (0, import_cookie.parse)(cookies);
+  const value = parsedCookies[`${prefix}${name}.${cookie}`];
+  if (value === void 0) {
+    if (optional) {
+      return "";
     }
-    return value
-}
+    throw new AuthError("invalid_request", `Cookie "${cookie}" not found. There is no active session`);
+  }
+  return value;
+};
 var secureCookieOptions = (request, cookieOptions, trustedProxyHeaders) => {
-    const name = cookieOptions.name ?? COOKIE_NAME
-    const isSecure = trustedProxyHeaders
-        ? request.url.startsWith("https://") ||
-          request.headers.get("X-Forwarded-Proto") === "https" ||
-          request.headers.get("Forwarded")?.includes("proto=https")
-        : request.url.startsWith("https://")
-    if (!cookieOptions.options?.httpOnly) {
-        console.warn(
-            "[WARNING]: Cookie is configured without HttpOnly. This allows JavaScript access via document.cookie and increases XSS risk."
-        )
+  const name = cookieOptions.name ?? COOKIE_NAME;
+  const isSecure = trustedProxyHeaders ? request.url.startsWith("https://") || request.headers.get("X-Forwarded-Proto") === "https" || request.headers.get("Forwarded")?.includes("proto=https") : request.url.startsWith("https://");
+  if (!cookieOptions.options?.httpOnly) {
+    console.warn(
+      "[WARNING]: Cookie is configured without HttpOnly. This allows JavaScript access via document.cookie and increases XSS risk."
+    );
+  }
+  if (cookieOptions.options?.domain === "*") {
+    console.warn("[WARNING]: Cookie 'Domain' is set to '*', which is insecure. Avoid wildcard domains.");
+  }
+  if (!isSecure) {
+    const options = cookieOptions.options;
+    if (options?.secure) {
+      console.warn(
+        "[WARNING]: The 'Secure' attribute will be disabled for this cookie. Serve over HTTPS to enforce Secure cookies."
+      );
     }
-    if (cookieOptions.options?.domain === "*") {
-        console.warn("[WARNING]: Cookie 'Domain' is set to '*', which is insecure. Avoid wildcard domains.")
+    if (options?.sameSite == "none") {
+      console.warn("[WARNING]: SameSite=None without a secure connection can be blocked by browsers.");
     }
-    if (!isSecure) {
-        const options = cookieOptions.options
-        if (options?.secure) {
-            console.warn(
-                "[WARNING]: The 'Secure' attribute will be disabled for this cookie. Serve over HTTPS to enforce Secure cookies."
-            )
-        }
-        if (options?.sameSite == "none") {
-            console.warn("[WARNING]: SameSite=None without a secure connection can be blocked by browsers.")
-        }
-        if (process.env.NODE_ENV === "production") {
-            console.warn("[WARNING]: In production, ensure cookies are served over HTTPS to maintain security.")
-        }
-        return {
-            ...defaultCookieOptions,
-            ...cookieOptions.options,
-            sameSite: options?.sameSite === "none" ? "lax" : (options?.sameSite ?? "lax"),
-            ...defaultStandardCookieConfig,
-            name,
-        }
+    if (process.env.NODE_ENV === "production") {
+      console.warn("[WARNING]: In production, ensure cookies are served over HTTPS to maintain security.");
     }
-    return cookieOptions.strategy === "host"
-        ? {
-              ...defaultCookieOptions,
-              ...cookieOptions.options,
-              ...defaultHostCookieConfig,
-              name,
-          }
-        : { ...defaultCookieOptions, ...cookieOptions.options, ...defaultSecureCookieConfig, name }
-}
+    return {
+      ...defaultCookieOptions,
+      ...cookieOptions.options,
+      sameSite: options?.sameSite === "none" ? "lax" : options?.sameSite ?? "lax",
+      ...defaultStandardCookieConfig,
+      name
+    };
+  }
+  return cookieOptions.strategy === "host" ? {
+    ...defaultCookieOptions,
+    ...cookieOptions.options,
+    ...defaultHostCookieConfig,
+    name
+  } : { ...defaultCookieOptions, ...cookieOptions.options, ...defaultSecureCookieConfig, name };
+};
 // src/actions/csrfToken/csrfToken.ts
 var csrfTokenAction = (0, import_router2.createEndpoint)("GET", "/csrfToken", async (ctx) => {
-    const {
-        request,
-        context: { cookies, jose, trustedProxyHeaders },
-    } = ctx
-    const cookieOptions = secureCookieOptions(request, { ...cookies, strategy: "host" }, trustedProxyHeaders)
-    const existingCSRFToken = getCookie(request, "csrfToken", cookieOptions, true)
-    const csrfToken = await createCSRF(jose, existingCSRFToken)
-    const headers = new Headers(cacheControl)
-    headers.set("Set-Cookie", setCookie("csrfToken", csrfToken, cookieOptions))
-    return Response.json({ csrfToken }, { headers })
-})
+  const {
+    request,
+    context: { cookies, jose, trustedProxyHeaders }
+  } = ctx;
+  const cookieOptions = secureCookieOptions(request, { ...cookies, strategy: "host" }, trustedProxyHeaders);
+  const existingCSRFToken = getCookie(request, "csrfToken", cookieOptions, true);
+  const csrfToken = await createCSRF(jose, existingCSRFToken);
+  const headers = new Headers(cacheControl);
+  headers.set("Set-Cookie", setCookie("csrfToken", csrfToken, cookieOptions));
+  return Response.json({ csrfToken }, { headers });
+});
 // Annotate the CommonJS export names for ESM import in node:
-0 &&
-    (module.exports = {
-        csrfTokenAction,
-    })
+0 && (module.exports = {
+  csrfTokenAction
+});

package/dist/actions/csrfToken/csrfToken.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-import * as _aura_stack_router from "@aura-stack/router"
+import * as _aura_stack_router from '@aura-stack/router';
-declare const csrfTokenAction: _aura_stack_router.RouteEndpoint<"GET", "/csrfToken", {}>
+declare const csrfTokenAction: _aura_stack_router.RouteEndpoint<"GET", "/csrfToken", {}>;
-export { csrfTokenAction }
+export { csrfTokenAction };

package/dist/actions/csrfToken/csrfToken.js CHANGED Viewed

@@ -1,8 +1,12 @@
-import { csrfTokenAction } from "../../chunk-SMQO5WD7.js"
-import "../../chunk-ZV4BH47P.js"
-import "../../chunk-6SM22VVJ.js"
-import "../../chunk-STHEPPUZ.js"
-import "../../chunk-GZU3RBTB.js"
-import "../../chunk-256KIVJL.js"
-import "../../chunk-FJUDBLCP.js"
-export { csrfTokenAction }
+import {
+  csrfTokenAction
+} from "../../chunk-SMQO5WD7.js";
+import "../../chunk-ZV4BH47P.js";
+import "../../chunk-6SM22VVJ.js";
+import "../../chunk-STHEPPUZ.js";
+import "../../chunk-GZU3RBTB.js";
+import "../../chunk-256KIVJL.js";
+import "../../chunk-FJUDBLCP.js";
+export {
+  csrfTokenAction
+};