@aura-stack/auth 0.1.0-rc.9 → 0.2.0

package/dist/actions/signIn/authorization.cjs

@@ -1,292 +1,283 @@
-"use strict"
-var __defProp = Object.defineProperty
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor
-var __getOwnPropNames = Object.getOwnPropertyNames
-var __hasOwnProp = Object.prototype.hasOwnProperty
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
-    for (var name in all) __defProp(target, name, { get: all[name], enumerable: true })
-}
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
 var __copyProps = (to, from, except, desc) => {
-    if ((from && typeof from === "object") || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-            if (!__hasOwnProp.call(to, key) && key !== except)
-                __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable })
-    }
-    return to
-}
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod)
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/actions/signIn/authorization.ts
-var authorization_exports = {}
+var authorization_exports = {};
 __export(authorization_exports, {
-    createAuthorizationURL: () => createAuthorizationURL,
-    createRedirectTo: () => createRedirectTo,
-    createRedirectURI: () => createRedirectURI,
-    getOriginURL: () => getOriginURL,
-})
-module.exports = __toCommonJS(authorization_exports)
+  createAuthorizationURL: () => createAuthorizationURL,
+  createRedirectTo: () => createRedirectTo,
+  createRedirectURI: () => createRedirectURI,
+  getOriginURL: () => getOriginURL
+});
+module.exports = __toCommonJS(authorization_exports);
 
 // src/assert.ts
 var isValidURL = (value) => {
-    if (value.includes("\r\n") || value.includes("\n") || value.includes("\r")) return false
-    const regex =
-        /^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()*+,;=:@-]*)*\/?$/
-    return regex.test(value)
-}
+  if (value.includes("\r\n") || value.includes("\n") || value.includes("\r")) return false;
+  const regex = /^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()*+,;=:@-]*)*\/?$/;
+  return regex.test(value);
+};
 
 // src/schemas.ts
-var import_v4 = require("zod/v4")
+var import_v4 = require("zod/v4");
 var OAuthProviderConfigSchema = (0, import_v4.object)({
-    authorizeURL: (0, import_v4.url)(),
-    accessToken: (0, import_v4.url)(),
-    scope: (0, import_v4.string)().optional(),
-    userInfo: (0, import_v4.url)(),
-    responseType: (0, import_v4.enum)(["code", "token", "id_token"]),
-    clientId: (0, import_v4.string)(),
-    clientSecret: (0, import_v4.string)(),
-})
+  authorizeURL: (0, import_v4.httpUrl)(),
+  accessToken: (0, import_v4.httpUrl)(),
+  scope: (0, import_v4.string)().optional(),
+  userInfo: (0, import_v4.httpUrl)(),
+  responseType: (0, import_v4.enum)(["code", "token", "id_token"]),
+  clientId: (0, import_v4.string)(),
+  clientSecret: (0, import_v4.string)()
+});
 var OAuthAuthorization = OAuthProviderConfigSchema.extend({
-    redirectURI: (0, import_v4.string)(),
-    state: (0, import_v4.string)(),
-    codeChallenge: (0, import_v4.string)(),
-    codeChallengeMethod: (0, import_v4.enum)(["plain", "S256"]),
-})
+  redirectURI: (0, import_v4.string)(),
+  state: (0, import_v4.string)(),
+  codeChallenge: (0, import_v4.string)(),
+  codeChallengeMethod: (0, import_v4.enum)(["plain", "S256"])
+});
 var OAuthAuthorizationResponse = (0, import_v4.object)({
-    state: (0, import_v4.string)(),
-    code: (0, import_v4.string)(),
-})
+  state: (0, import_v4.string)("Missing state parameter in the OAuth authorization response."),
+  code: (0, import_v4.string)("Missing code parameter in the OAuth authorization response.")
+});
 var OAuthAuthorizationErrorResponse = (0, import_v4.object)({
-    error: (0, import_v4.enum)([
-        "invalid_request",
-        "unauthorized_client",
-        "access_denied",
-        "unsupported_response_type",
-        "invalid_scope",
-        "server_error",
-        "temporarily_unavailable",
-    ]),
-    error_description: (0, import_v4.string)().optional(),
-    error_uri: (0, import_v4.string)().optional(),
-    state: (0, import_v4.string)(),
-})
+  error: (0, import_v4.enum)([
+    "invalid_request",
+    "unauthorized_client",
+    "access_denied",
+    "unsupported_response_type",
+    "invalid_scope",
+    "server_error",
+    "temporarily_unavailable"
+  ]),
+  error_description: (0, import_v4.string)().optional(),
+  error_uri: (0, import_v4.string)().optional(),
+  state: (0, import_v4.string)()
+});
 var OAuthAccessToken = OAuthProviderConfigSchema.extend({
-    redirectURI: (0, import_v4.string)(),
-    code: (0, import_v4.string)(),
-    codeVerifier: (0, import_v4.string)().min(43).max(128),
-})
+  redirectURI: (0, import_v4.string)(),
+  code: (0, import_v4.string)(),
+  codeVerifier: (0, import_v4.string)().min(43).max(128)
+});
 var OAuthAccessTokenResponse = (0, import_v4.object)({
-    access_token: (0, import_v4.string)(),
-    token_type: (0, import_v4.string)(),
-    expires_in: (0, import_v4.number)().optional(),
-    refresh_token: (0, import_v4.string)().optional(),
-    scope: (0, import_v4.string)().optional(),
-})
+  access_token: (0, import_v4.string)(),
+  token_type: (0, import_v4.string)(),
+  expires_in: (0, import_v4.number)().optional(),
+  refresh_token: (0, import_v4.string)().optional(),
+  scope: (0, import_v4.string)().optional()
+});
 var OAuthAccessTokenErrorResponse = (0, import_v4.object)({
-    error: (0, import_v4.enum)([
-        "invalid_request",
-        "invalid_client",
-        "invalid_grant",
-        "unauthorized_client",
-        "unsupported_grant_type",
-        "invalid_scope",
-    ]),
-    error_description: (0, import_v4.string)().optional(),
-    error_uri: (0, import_v4.string)().optional(),
-})
+  error: (0, import_v4.enum)([
+    "invalid_request",
+    "invalid_client",
+    "invalid_grant",
+    "unauthorized_client",
+    "unsupported_grant_type",
+    "invalid_scope"
+  ]),
+  error_description: (0, import_v4.string)().optional(),
+  error_uri: (0, import_v4.string)().optional()
+});
 var OAuthErrorResponse = (0, import_v4.object)({
-    error: (0, import_v4.string)(),
-    error_description: (0, import_v4.string)().optional(),
-})
-
-// src/utils.ts
-var import_router = require("@aura-stack/router")
+  error: (0, import_v4.string)(),
+  error_description: (0, import_v4.string)().optional()
+});
+var OAuthEnvSchema = (0, import_v4.object)({
+  clientId: import_v4.z.string().min(1, "OAuth Client ID is required in the environment variables."),
+  clientSecret: import_v4.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
+});
 
-// src/error.ts
-var AuthError = class extends Error {
-    constructor(type, message) {
-        super(message)
-        this.type = type
-        this.name = "AuthError"
-    }
-}
-var InvalidRedirectToError = class extends AuthError {
-    constructor(message = "The redirectTo parameter does not match the hosted origin.") {
-        super("invalid_redirect_to", message)
-        this.name = "InvalidRedirectToError"
-    }
-}
-var isAuthError = (error) => {
-    return error instanceof AuthError
-}
-var ERROR_RESPONSE = {
-    AUTHORIZATION: {
-        INVALID_REQUEST: "invalid_request",
-        UNAUTHORIZED_CLIENT: "unauthorized_client",
-        ACCESS_DENIED: "access_denied",
-        UNSUPPORTED_RESPONSE_TYPE: "unsupported_response_type",
-        INVALID_SCOPE: "invalid_scope",
-        SERVER_ERROR: "server_error",
-        TEMPORARILY_UNAVAILABLE: "temporarily_unavailable",
-    },
-    ACCESS_TOKEN: {
-        INVALID_REQUEST: "invalid_request",
-        INVALID_CLIENT: "invalid_client",
-        INVALID_GRANT: "invalid_grant",
-        UNAUTHORIZED_CLIENT: "unauthorized_client",
-        UNSUPPORTED_GRANT_TYPE: "unsupported_grant_type",
-        INVALID_SCOPE: "invalid_scope",
-    },
-}
+// src/errors.ts
+var AuthInternalError = class extends Error {
+  type = "AUTH_INTERNAL_ERROR";
+  code;
+  constructor(code, message, options2) {
+    super(message, options2);
+    this.code = code;
+    this.name = new.target.name;
+    Error.captureStackTrace(this, new.target);
+  }
+};
+var AuthSecurityError = class extends Error {
+  type = "AUTH_SECURITY_ERROR";
+  code;
+  constructor(code, message, options2) {
+    super(message, options2);
+    this.code = code;
+    this.name = new.target.name;
+    Error.captureStackTrace(this, new.target);
+  }
+};
+var isAuthSecurityError = (error) => {
+  return error instanceof AuthSecurityError;
+};
 
 // src/utils.ts
+var import_router = require("@aura-stack/router");
 var toSnakeCase = (str) => {
-    return str
-        .replace(/([a-z0-9])([A-Z])/g, "$1_$2")
-        .replace(/([A-Z]+)([A-Z][a-z])/g, "$1_$2")
-        .toLowerCase()
-        .replace(/^_+/, "")
-}
+  return str.replace(/([a-z0-9])([A-Z])/g, "$1_$2").replace(/([A-Z]+)([A-Z][a-z])/g, "$1_$2").toLowerCase().replace(/^_+/, "");
+};
 var toUpperCase = (str) => {
-    return str.toUpperCase()
-}
+  return str.toUpperCase();
+};
 var toCastCase = (obj, type = "snake") => {
-    return Object.entries(obj).reduce((previous, [key, value]) => {
-        const newKey = type === "snake" ? toSnakeCase(key) : toUpperCase(key)
-        return { ...previous, [newKey]: value }
-    }, {})
-}
+  return Object.entries(obj).reduce((previous, [key, value]) => {
+    const newKey = type === "snake" ? toSnakeCase(key) : toUpperCase(key);
+    return { ...previous, [newKey]: value };
+  }, {});
+};
 var equals = (a, b) => {
-    if (a === null || b === null || a === void 0 || b === void 0) return false
-    return a === b
-}
-var sanitizeURL = (url2) => {
-    try {
-        let decodedURL = decodeURIComponent(url2).trim()
-        const protocolMatch = decodedURL.match(/^([a-zA-Z][a-zA-Z0-9+.-]*:\/\/)/)
-        let protocol = ""
-        let rest = decodedURL
-        if (protocolMatch) {
-            protocol = protocolMatch[1]
-            rest = decodedURL.slice(protocol.length)
-            const slashIndex = rest.indexOf("/")
-            if (slashIndex === -1) {
-                return protocol + rest
-            }
-            const domain = rest.slice(0, slashIndex)
-            let path = rest
-                .slice(slashIndex)
-                .replace(/\/\.\.\//g, "/")
-                .replace(/\/\.\.$/, "")
-                .replace(/\.{2,}/g, "")
-                .replace(/\/{2,}/g, "/")
-            if (path !== "/" && path.endsWith("/")) {
-                path = path.replace(/\/+$/, "/")
-            } else if (path !== "/") {
-                path = path.replace(/\/+$/, "")
-            }
-            return protocol + domain + path
-        }
-        let sanitized = decodedURL
-            .replace(/\/\.\.\//g, "/")
-            .replace(/\/\.\.$/, "")
-            .replace(/\.{2,}/g, "")
-            .replace(/\/{2,}/g, "/")
-        if (sanitized !== "/" && sanitized.endsWith("/")) {
-            sanitized = sanitized.replace(/\/+$/, "/")
-        } else if (sanitized !== "/") {
-            sanitized = sanitized.replace(/\/+$/, "")
-        }
-        return sanitized
-    } catch {
-        return url2.trim()
+  if (a === null || b === null || a === void 0 || b === void 0) return false;
+  return a === b;
+};
+var sanitizeURL = (url) => {
+  try {
+    let decodedURL = decodeURIComponent(url).trim();
+    const protocolMatch = decodedURL.match(/^([a-zA-Z][a-zA-Z0-9+.-]*:\/\/)/);
+    let protocol = "";
+    let rest = decodedURL;
+    if (protocolMatch) {
+      protocol = protocolMatch[1];
+      rest = decodedURL.slice(protocol.length);
+      const slashIndex = rest.indexOf("/");
+      if (slashIndex === -1) {
+        return protocol + rest;
+      }
+      const domain = rest.slice(0, slashIndex);
+      let path = rest.slice(slashIndex).replace(/\/\.\.\//g, "/").replace(/\/\.\.$/, "").replace(/\.{2,}/g, "").replace(/\/{2,}/g, "/");
+      if (path !== "/" && path.endsWith("/")) {
+        path = path.replace(/\/+$/, "/");
+      } else if (path !== "/") {
+        path = path.replace(/\/+$/, "");
+      }
+      return protocol + domain + path;
     }
-}
-var getNormalizedOriginPath = (path) => {
-    try {
-        const url2 = new URL(path)
-        url2.hash = ""
-        url2.search = ""
-        return `${url2.origin}${url2.pathname}`
-    } catch {
-        return sanitizeURL(path)
+    let sanitized = decodedURL.replace(/\/\.\.\//g, "/").replace(/\/\.\.$/, "").replace(/\.{2,}/g, "").replace(/\/{2,}/g, "/");
+    if (sanitized !== "/" && sanitized.endsWith("/")) {
+      sanitized = sanitized.replace(/\/+$/, "/");
+    } else if (sanitized !== "/") {
+      sanitized = sanitized.replace(/\/+$/, "");
     }
-}
+    return sanitized;
+  } catch {
+    return url.trim();
+  }
+};
+var getNormalizedOriginPath = (path) => {
+  try {
+    const url = new URL(path);
+    url.hash = "";
+    url.search = "";
+    return `${url.origin}${url.pathname}`;
+  } catch {
+    return sanitizeURL(path);
+  }
+};
+var formatZodError = (error) => {
+  if (!error.issues || error.issues.length === 0) {
+    return {};
+  }
+  return error.issues.reduce((previous, issue) => {
+    const key = issue.path.join(".");
+    return {
+      ...previous,
+      [key]: {
+        code: issue.code,
+        message: issue.message
+      }
+    };
+  }, {});
+};
 
 // src/actions/signIn/authorization.ts
 var createAuthorizationURL = (oauthConfig, redirectURI, state, codeChallenge, codeChallengeMethod) => {
-    const parsed = OAuthAuthorization.safeParse({ ...oauthConfig, redirectURI, state, codeChallenge, codeChallengeMethod })
-    if (!parsed.success) {
-        throw new AuthError(ERROR_RESPONSE.AUTHORIZATION.SERVER_ERROR, "Invalid OAuth configuration")
-    }
-    const { authorizeURL, ...options2 } = parsed.data
-    const { userInfo, accessToken, clientSecret, ...required } = options2
-    const searchParams = new URLSearchParams(toCastCase(required))
-    return `${authorizeURL}?${searchParams}`
-}
+  const parsed = OAuthAuthorization.safeParse({ ...oauthConfig, redirectURI, state, codeChallenge, codeChallengeMethod });
+  if (!parsed.success) {
+    const msg = JSON.stringify(formatZodError(parsed.error), null, 2);
+    throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", msg);
+  }
+  const { authorizeURL, ...options2 } = parsed.data;
+  const { userInfo, accessToken, clientSecret, ...required } = options2;
+  const searchParams = new URLSearchParams(toCastCase(required));
+  return `${authorizeURL}?${searchParams}`;
+};
 var getOriginURL = (request, trustedProxyHeaders) => {
-    const headers = request.headers
-    if (trustedProxyHeaders) {
-        const protocol = headers.get("X-Forwarded-Proto") ?? headers.get("Forwarded")?.match(/proto=([^;]+)/i)?.[1] ?? "http"
-        const host =
-            headers.get("X-Forwarded-Host") ??
-            headers.get("Host") ??
-            headers.get("Forwarded")?.match(/host=([^;]+)/i)?.[1] ??
-            null
-        return new URL(`${protocol}://${host}${getNormalizedOriginPath(new URL(request.url).pathname)}`)
-    } else {
-        return new URL(getNormalizedOriginPath(request.url))
-    }
-}
+  const headers = request.headers;
+  if (trustedProxyHeaders) {
+    const protocol = headers.get("X-Forwarded-Proto") ?? headers.get("Forwarded")?.match(/proto=([^;]+)/i)?.[1] ?? "http";
+    const host = headers.get("X-Forwarded-Host") ?? headers.get("Host") ?? headers.get("Forwarded")?.match(/host=([^;]+)/i)?.[1] ?? null;
+    return new URL(`${protocol}://${host}${getNormalizedOriginPath(new URL(request.url).pathname)}`);
+  } else {
+    return new URL(getNormalizedOriginPath(request.url));
+  }
+};
 var createRedirectURI = (request, oauth, basePath, trustedProxyHeaders) => {
-    const url2 = getOriginURL(request, trustedProxyHeaders)
-    return `${url2.origin}${basePath}/callback/${oauth}`
-}
+  const url = getOriginURL(request, trustedProxyHeaders);
+  return `${url.origin}${basePath}/callback/${oauth}`;
+};
 var createRedirectTo = (request, redirectTo, trustedProxyHeaders) => {
-    try {
-        const headers = request.headers
-        const origin = headers.get("Origin")
-        const referer = headers.get("Referer")
-        let hostedURL = getOriginURL(request, trustedProxyHeaders)
-        if (redirectTo) {
-            if (redirectTo.startsWith("/")) {
-                return sanitizeURL(redirectTo)
-            }
-            const redirectToURL = new URL(sanitizeURL(getNormalizedOriginPath(redirectTo)))
-            if (!isValidURL(redirectTo) || !equals(redirectToURL.origin, hostedURL.origin)) {
-                throw new InvalidRedirectToError()
-            }
-            return sanitizeURL(redirectToURL.pathname)
-        }
-        if (referer) {
-            const refererURL = new URL(sanitizeURL(referer))
-            if (!isValidURL(referer) || !equals(refererURL.origin, hostedURL.origin)) {
-                throw new AuthError(
-                    ERROR_RESPONSE.AUTHORIZATION.INVALID_REQUEST,
-                    "The referer of the request does not match the hosted origin."
-                )
-            }
-            return sanitizeURL(refererURL.pathname)
-        }
-        if (origin) {
-            const originURL = new URL(sanitizeURL(getNormalizedOriginPath(origin)))
-            if (!isValidURL(origin) || !equals(originURL.origin, hostedURL.origin)) {
-                throw new AuthError(ERROR_RESPONSE.AUTHORIZATION.INVALID_REQUEST, "Invalid origin (potential CSRF).")
-            }
-            return sanitizeURL(originURL.pathname)
-        }
-        return "/"
-    } catch (error) {
-        if (isAuthError(error)) {
-            throw error
-        }
-        throw new AuthError(ERROR_RESPONSE.AUTHORIZATION.INVALID_REQUEST, "Invalid origin (potential CSRF).")
+  try {
+    const headers = request.headers;
+    const origin = headers.get("Origin");
+    const referer = headers.get("Referer");
+    let hostedURL = getOriginURL(request, trustedProxyHeaders);
+    if (redirectTo) {
+      if (redirectTo.startsWith("/")) {
+        return sanitizeURL(redirectTo);
+      }
+      const redirectToURL = new URL(sanitizeURL(getNormalizedOriginPath(redirectTo)));
+      if (!isValidURL(redirectTo) || !equals(redirectToURL.origin, hostedURL.origin)) {
+        throw new AuthSecurityError(
+          "POTENTIAL_OPEN_REDIRECT_ATTACK_DETECTED",
+          "The redirectTo parameter does not match the hosted origin."
+        );
+      }
+      return sanitizeURL(redirectToURL.pathname);
+    }
+    if (referer) {
+      const refererURL = new URL(sanitizeURL(referer));
+      if (!isValidURL(referer) || !equals(refererURL.origin, hostedURL.origin)) {
+        throw new AuthSecurityError(
+          "POTENTIAL_OPEN_REDIRECT_ATTACK_DETECTED",
+          "The referer of the request does not match the hosted origin."
+        );
+      }
+      return sanitizeURL(refererURL.pathname);
+    }
+    if (origin) {
+      const originURL = new URL(sanitizeURL(getNormalizedOriginPath(origin)));
+      if (!isValidURL(origin) || !equals(originURL.origin, hostedURL.origin)) {
+        throw new AuthSecurityError("POTENTIAL_OPEN_REDIRECT_ATTACK_DETECTED", "Invalid origin (potential CSRF).");
+      }
+      return sanitizeURL(originURL.pathname);
+    }
+    return "/";
+  } catch (error) {
+    if (isAuthSecurityError(error)) {
+      throw error;
     }
-}
+    throw new AuthSecurityError("POTENTIAL_OPEN_REDIRECT_ATTACK_DETECTED", "Invalid origin (potential CSRF).");
+  }
+};
 // Annotate the CommonJS export names for ESM import in node:
-0 &&
-    (module.exports = {
-        createAuthorizationURL,
-        createRedirectTo,
-        createRedirectURI,
-        getOriginURL,
-    })
+0 && (module.exports = {
+  createAuthorizationURL,
+  createRedirectTo,
+  createRedirectURI,
+  getOriginURL
+});

package/dist/actions/signIn/authorization.d.ts

@@ -1,10 +1,9 @@
-import { f as OAuthProviderCredentials } from "../../index-DpfbvTZ_.js"
-import "zod/v4"
-import "@aura-stack/jose/jose"
-import "../../schemas.js"
-import "zod/v4/core"
-import "cookie"
-import "../../@types/utility.js"
+import { h as OAuthProviderCredentials } from '../../index-EqsoyjrF.js';
+import 'zod/v4';
+import '../../schemas.js';
+import '@aura-stack/router/cookie';
+import '@aura-stack/jose/jose';
+import '../../@types/utility.js';
 
 /**
  * Constructs the request URI for the Authorization Request to the third-party OAuth service. It includes
@@ -18,14 +17,8 @@ import "../../@types/utility.js"
  * @param redirectURI - The redirect URI where the OAuth service will send the user after authorization.
  * @param state - A unique string used to maintain state between the request and callback.
  */
-declare const createAuthorizationURL: (
-    oauthConfig: OAuthProviderCredentials,
-    redirectURI: string,
-    state: string,
-    codeChallenge: string,
-    codeChallengeMethod: string
-) => string
-declare const getOriginURL: (request: Request, trustedProxyHeaders?: boolean) => URL
+declare const createAuthorizationURL: (oauthConfig: OAuthProviderCredentials, redirectURI: string, state: string, codeChallenge: string, codeChallengeMethod: string) => string;
+declare const getOriginURL: (request: Request, trustedProxyHeaders?: boolean) => URL;
 /**
  * Creates the redirect URI for the OAuth callback based on the original request URL and the OAuth provider.
  *
@@ -33,7 +26,7 @@ declare const getOriginURL: (request: Request, trustedProxyHeaders?: boolean) =>
  * @param oauth - OAuth provider name
  * @returns The redirect URI for the OAuth callback.
  */
-declare const createRedirectURI: (request: Request, oauth: string, basePath: string, trustedProxyHeaders?: boolean) => string
+declare const createRedirectURI: (request: Request, oauth: string, basePath: string, trustedProxyHeaders?: boolean) => string;
 /**
  * Verifies if the request's origin matches the expected origin. It accepts the redirectTo search
  * parameter for redirection. It checks the 'Referer' header of the request with the origin where
@@ -44,6 +37,6 @@ declare const createRedirectURI: (request: Request, oauth: string, basePath: str
  * @param redirectTo Optional redirectTo parameter to override the referer
  * @returns The pathname of the referer URL if origins match
  */
-declare const createRedirectTo: (request: Request, redirectTo?: string, trustedProxyHeaders?: boolean) => string
+declare const createRedirectTo: (request: Request, redirectTo?: string, trustedProxyHeaders?: boolean) => string;
 
-export { createAuthorizationURL, createRedirectTo, createRedirectURI, getOriginURL }
+export { createAuthorizationURL, createRedirectTo, createRedirectURI, getOriginURL };

package/dist/actions/signIn/authorization.js

@@ -1,6 +1,16 @@
-import { createAuthorizationURL, createRedirectTo, createRedirectURI, getOriginURL } from "../../chunk-CAKJT3KS.js"
-import "../../chunk-6SM22VVJ.js"
-import "../../chunk-256KIVJL.js"
-import "../../chunk-FJUDBLCP.js"
-import "../../chunk-HMRKN75I.js"
-export { createAuthorizationURL, createRedirectTo, createRedirectURI, getOriginURL }
+import {
+  createAuthorizationURL,
+  createRedirectTo,
+  createRedirectURI,
+  getOriginURL
+} from "../../chunk-QEZL7EYN.js";
+import "../../chunk-WD7AUHQ5.js";
+import "../../chunk-CXLATHS5.js";
+import "../../chunk-EIL2FPSS.js";
+import "../../chunk-RRLIF4PQ.js";
+export {
+  createAuthorizationURL,
+  createRedirectTo,
+  createRedirectURI,
+  getOriginURL
+};