npm - @aura-stack/auth - Versions diffs - 0.1.0 → 0.2.0-rc.1 - Mend

@aura-stack/auth 0.1.0 → 0.2.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (111) hide show

package/dist/@types/index.d.ts +5 -5
package/dist/@types/router.d.d.ts +5 -5
package/dist/@types/utility.d.ts +1 -5
package/dist/actions/callback/access-token.cjs +95 -74
package/dist/actions/callback/access-token.d.ts +7 -7
package/dist/actions/callback/access-token.js +5 -3
package/dist/actions/callback/callback.cjs +171 -249
package/dist/actions/callback/callback.d.ts +6 -6
package/dist/actions/callback/callback.js +10 -10
package/dist/actions/callback/userinfo.cjs +81 -57
package/dist/actions/callback/userinfo.d.ts +5 -5
package/dist/actions/callback/userinfo.js +7 -5
package/dist/actions/csrfToken/csrfToken.cjs +36 -105
package/dist/actions/csrfToken/csrfToken.js +6 -6
package/dist/actions/index.cjs +309 -444
package/dist/actions/index.d.ts +5 -5
package/dist/actions/index.js +19 -19
package/dist/actions/session/session.cjs +25 -109
package/dist/actions/session/session.js +4 -5
package/dist/actions/signIn/authorization.cjs +96 -87
package/dist/actions/signIn/authorization.d.ts +5 -5
package/dist/actions/signIn/authorization.js +5 -5
package/dist/actions/signIn/signIn.cjs +133 -242
package/dist/actions/signIn/signIn.d.ts +6 -6
package/dist/actions/signIn/signIn.js +8 -9
package/dist/actions/signOut/signOut.cjs +136 -282
package/dist/actions/signOut/signOut.js +8 -9
package/dist/assert.cjs +5 -0
package/dist/assert.d.ts +10 -1
package/dist/assert.js +3 -1
package/dist/chunk-3EUWD5BB.js +63 -0
package/dist/chunk-6R2YZ4AC.js +22 -0
package/dist/chunk-A3N4PVAT.js +70 -0
package/dist/chunk-B737EUJV.js +22 -0
package/dist/{chunk-256KIVJL.js → chunk-CXLATHS5.js} +53 -9
package/dist/{chunk-6SM22VVJ.js → chunk-EIL2FPSS.js} +5 -1
package/dist/{chunk-VFTYH33W.js → chunk-EMKJA2GJ.js} +36 -8
package/dist/{chunk-UJJ7R56J.js → chunk-GA2SMTJO.js} +16 -10
package/dist/chunk-HP34YGGJ.js +22 -0
package/dist/chunk-HT4YLL7N.js +35 -0
package/dist/{chunk-EBPE35JT.js → chunk-IUYZQTJV.js} +0 -1
package/dist/{chunk-RLT4RFKV.js → chunk-IVET23KF.js} +21 -8
package/dist/{chunk-XXJKNKGQ.js → chunk-JVFTCTTE.js} +9 -13
package/dist/chunk-KSWLO5ZU.js +102 -0
package/dist/{chunk-GZU3RBTB.js → chunk-N2APGLXA.js} +19 -10
package/dist/{chunk-CAKJT3KS.js → chunk-N4SX7TZT.js} +21 -17
package/dist/chunk-RRLIF4PQ.js +55 -0
package/dist/chunk-TLE4PXY3.js +39 -0
package/dist/chunk-W6LG7BFW.js +197 -0
package/dist/{chunk-HMRKN75I.js → chunk-YRCB5FLE.js} +14 -9
package/dist/chunk-ZNCZVF6U.js +14 -0
package/dist/cookie.cjs +140 -99
package/dist/cookie.d.ts +35 -44
package/dist/cookie.js +10 -17
package/dist/errors.cjs +85 -0
package/dist/errors.d.ts +49 -0
package/dist/errors.js +18 -0
package/dist/{index-DpfbvTZ_.d.ts → index-DkaLJFn8.d.ts} +192 -61
package/dist/index.cjs +543 -443
package/dist/index.d.ts +6 -6
package/dist/index.js +42 -28
package/dist/jose.cjs +25 -14
package/dist/jose.d.ts +4 -1
package/dist/jose.js +5 -4
package/dist/oauth/bitbucket.d.ts +5 -5
package/dist/oauth/discord.cjs +0 -1
package/dist/oauth/discord.d.ts +5 -5
package/dist/oauth/discord.js +1 -1
package/dist/oauth/figma.d.ts +5 -5
package/dist/oauth/github.d.ts +5 -5
package/dist/oauth/gitlab.d.ts +5 -5
package/dist/oauth/index.cjs +176 -6
package/dist/oauth/index.d.ts +5 -5
package/dist/oauth/index.js +19 -4
package/dist/oauth/mailchimp.cjs +46 -0
package/dist/oauth/mailchimp.d.ts +7 -0
package/dist/oauth/mailchimp.js +6 -0
package/dist/oauth/pinterest.cjs +46 -0
package/dist/oauth/pinterest.d.ts +7 -0
package/dist/oauth/pinterest.js +6 -0
package/dist/oauth/spotify.d.ts +5 -5
package/dist/oauth/strava.cjs +46 -0
package/dist/oauth/strava.d.ts +7 -0
package/dist/oauth/strava.js +6 -0
package/dist/oauth/x.d.ts +5 -5
package/dist/{response.cjs → request.cjs} +14 -10
package/dist/request.d.ts +13 -0
package/dist/request.js +6 -0
package/dist/schemas.cjs +43 -37
package/dist/schemas.d.ts +67 -64
package/dist/schemas.js +3 -1
package/dist/secure.cjs +32 -24
package/dist/secure.d.ts +5 -5
package/dist/secure.js +4 -3
package/dist/utils.cjs +90 -15
package/dist/utils.d.ts +11 -2
package/dist/utils.js +8 -4
package/package.json +8 -7
package/dist/chunk-FJUDBLCP.js +0 -59
package/dist/chunk-HGJ4TXY4.js +0 -137
package/dist/chunk-JAPMIE6S.js +0 -10
package/dist/chunk-LLR722CL.js +0 -96
package/dist/chunk-SJPDVKUS.js +0 -112
package/dist/chunk-SMQO5WD7.js +0 -30
package/dist/chunk-UTDLUEEG.js +0 -31
package/dist/chunk-ZV4BH47P.js +0 -154
package/dist/error.cjs +0 -88
package/dist/error.d.ts +0 -62
package/dist/error.js +0 -16
package/dist/response.d.ts +0 -10
package/dist/response.js +0 -6

package/dist/{index-DpfbvTZ_.d.ts → index-DkaLJFn8.d.ts} RENAMED Viewed

@@ -1,9 +1,127 @@
-import { z } from 'zod/v4';
+import { z } from 'zod';
+import { OAuthAuthorizationErrorResponse, OAuthAccessTokenErrorResponse, OAuthEnvSchema } from './schemas.js';
+import { SerializeOptions } from '@aura-stack/router/cookie';
+import { JWTVerifyOptions, EncryptOptions, JWTDecryptOptions } from '@aura-stack/jose';
 import { JWTPayload } from '@aura-stack/jose/jose';
-import { OAuthAuthorizationErrorResponse, OAuthAccessTokenErrorResponse } from './schemas.js';
-import { SerializeOptions } from 'cookie';
 import { LiteralUnion, Prettify } from './@types/utility.js';
+/**
+ * @see [Pinterest - Get User Account](https://developers.pinterest.com/docs/api/v5/user_account-get)
+ */
+interface PinterestProfile {
+    account_type: LiteralUnion<"PINNER">;
+    id: string;
+    profile_image: string;
+    website_url: string;
+    username: string;
+    about: string;
+    business_name: string;
+    board_count: number;
+    pin_count: number;
+    follower_count: number;
+    following_count: number;
+    monthly_views: number;
+}
+/**
+ * @see [Pinterest - Connect App](https://developers.pinterest.com/docs/getting-started/connect-app/)
+ * @see [Pinterest - My Apps](https://developers.pinterest.com/apps/)
+ * @see [Pinterest - Get User Account](https://developers.pinterest.com/docs/api/v5/user_account-get)
+ */
+declare const pinterest: OAuthProviderConfig<PinterestProfile>;
+interface Login {
+    email: string;
+    avatar: string | null;
+    login_id: number;
+    login_name: string;
+    login_email: string;
+}
+interface MailchimpProfile {
+    dc: string;
+    role: string;
+    accountname: string;
+    user_id: string;
+    login: Login;
+    login_url: string;
+    api_endpoint: string;
+}
+/**
+ * @see [Mailchimp - Access Data on Behalf of Other Users with OAuth 2](https://mailchimp.com/developer/marketing/guides/access-user-data-oauth-2/)
+ */
+declare const mailchimp: OAuthProviderConfig<MailchimpProfile>;
+/**
+ * @see [Strava - SummaryClub](https://developers.strava.com/docs/reference/#api-models-SummaryClub)
+ */
+interface SummaryClub {
+    id: number;
+    resource_state: number;
+    name: string;
+    profile_medium: string;
+    cover_photo: string;
+    cover_photo_small: string;
+    sport_type: "cycling" | "running" | "triathlon" | "other";
+    activity_types: string[];
+    city: string;
+    state: string;
+    country: string;
+    private: boolean;
+    member_count: number;
+    featured: boolean;
+    verified: boolean;
+    url: string;
+}
+/**
+ * @see [Strava - SummaryGear](https://developers.strava.com/docs/reference/#api-models-SummaryGear)
+ */
+interface SummaryGear {
+    id: string;
+    resource_state: number;
+    primary: boolean;
+    name: string;
+    distance: number;
+}
+/**
+ * @see [Strava - DetailedAthlete](https://developers.strava.com/docs/reference/#api-models-DetailedAthlete)
+ */
+interface StravaProfile {
+    id: number;
+    resource_state: number;
+    firstname: string;
+    lastname: string;
+    bio: string | null;
+    profile: string;
+    profile_medium: string;
+    city: string;
+    state: string;
+    country: string;
+    sex: string;
+    premium: boolean;
+    summit: boolean;
+    created_at: Date;
+    updated_at: Date;
+    badge_type_id: number;
+    weight: number;
+    friend: null;
+    follower: null;
+    follower_count: number;
+    friend_count: number;
+    measurement_preference: string;
+    ftp: number;
+    clubs: SummaryClub[];
+    bikes: SummaryGear[];
+    shoes: SummaryGear[];
+}
+/**
+ * Strava OAuth Provider
+ * @see [Strava - Getting Started with the Strava API](https://developers.strava.com/docs/getting-started/)
+ * @see [Strava - My Applications](https://www.strava.com/settings/api)
+ * @see [Strava - Authentication](https://developers.strava.com/docs/authentication/)
+ * @see [Strava - API Application](https://www.strava.com/settings/api)
+ * @see [Strava - API Reference](https://developers.strava.com/docs/reference/)
+ */
+declare const strava: OAuthProviderConfig<StravaProfile>;
 /**
  * @see [X - Get my User](https://docs.x.com/x-api/users/get-my-user)
  */
@@ -16,6 +134,7 @@ interface XProfile {
     };
 }
 /**
+ * X (Twitter) OAuth Provider
  * @see [X - Developer Portal](https://developer.x.com/en/portal/projects-and-apps)
  * @see [X - Get my User](https://docs.x.com/x-api/users/get-my-user)
  * @see [X - OAuth 2.0 Authorization Code Flow with PKCE](https://docs.x.com/fundamentals/authentication/oauth-2-0/authorization-code)
@@ -55,6 +174,8 @@ interface SpotifyProfile {
     };
 }
 /**
+ * Spotify OAuth Provider
+ *
  * @see [Spotify - Spotify Developer Dashboard](https://developer.spotify.com/dashboard)
  * @see [Spotify - Getting started with Web API](https://developer.spotify.com/documentation/web-api/tutorials/getting-started)
  * @see [Spotify - Get Current User's Profile](https://developer.spotify.com/documentation/web-api/reference/get-current-users-profile)
@@ -116,6 +237,8 @@ interface GitLabProfile {
     scim_identities: unknown[];
 }
 /**
+ * GitLab OAuth Provider
+ *
  * @see [GitLab - Applications](https://gitlab.com/-/user_settings/applications)
  * @see [GitLab - OAuth 2.0 identify provider API](https://docs.gitlab.com/api/oauth2/)
  * @see [GitLab - Scopes](https://docs.gitlab.com/integration/oauth_provider/#view-all-authorized-applications)
@@ -170,12 +293,15 @@ interface DiscordProfile {
     };
 }
 /**
+ * Discord OAuth Provider
+ *
  * @see [Discord - Applications](https://discord.com/developers/applications)
  * @see [Discord - OAuth2](https://discord.com/developers/docs/topics/oauth2)
  * @see [Discord - Get Current User](https://discord.com/developers/docs/resources/user#get-current-user)
  * @see [Discord - User Object](https://discord.com/developers/docs/resources/user#user-object)
  * @see [Discord - OAuth2 Scopes](https://discord.com/developers/docs/topics/oauth2#shared-resources-oauth2-scopes)
  * @see [Discord - Image Formatting](https://discord.com/developers/docs/reference#image-formatting)
+ * @see [Discord - Display Names](https://discord.com/developers/docs/change-log#display-names)
  */
 declare const discord: OAuthProviderConfig<DiscordProfile>;
@@ -189,6 +315,7 @@ interface FigmaProfile {
     email: string;
 }
 /**
+ * Figma OAuth Provider
  * @see [Figma - REST API Introduction](https://developers.figma.com/docs/rest-api/)
  * @see [Figma - OAuth App](https://www.figma.com/developers/apps/)
  * @see [Figma - Create an OAuth App](https://developers.figma.com/docs/rest-api/authentication/#create-an-oauth-app)
@@ -281,6 +408,7 @@ interface GitHubProfile {
 }
 /**
  * GitHub OAuth Provider
+ *
  * @see [GitHub - Creating an OAuth App](https://docs.github.com/en/developers/apps/building-oauth-apps/creating-an-oauth-app)
  * @see [GitHub - Authorizing OAuth Apps](https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps)
  * @see [GitHub - Configure your GitHub OAuth Apps](https://github.com/settings/developers)
@@ -289,13 +417,16 @@ interface GitHubProfile {
 declare const github: OAuthProviderConfig<GitHubProfile>;
 declare const builtInOAuthProviders: {
-    github: OAuthProviderConfig<GitHubProfile>;
-    bitbucket: OAuthProviderConfig<BitbucketProfile>;
-    figma: OAuthProviderConfig<FigmaProfile>;
-    discord: OAuthProviderConfig<DiscordProfile>;
-    gitlab: OAuthProviderConfig<GitLabProfile>;
-    spotify: OAuthProviderConfig<SpotifyProfile>;
-    x: OAuthProviderConfig<XProfile>;
+    readonly github: OAuthProviderConfig<GitHubProfile>;
+    readonly bitbucket: OAuthProviderConfig<BitbucketProfile>;
+    readonly figma: OAuthProviderConfig<FigmaProfile>;
+    readonly discord: OAuthProviderConfig<DiscordProfile>;
+    readonly gitlab: OAuthProviderConfig<GitLabProfile>;
+    readonly spotify: OAuthProviderConfig<SpotifyProfile>;
+    readonly x: OAuthProviderConfig<XProfile>;
+    readonly strava: OAuthProviderConfig<StravaProfile>;
+    readonly mailchimp: OAuthProviderConfig<MailchimpProfile>;
+    readonly pinterest: OAuthProviderConfig<PinterestProfile>;
 };
 /**
  * Constructs OAuth provider configurations from an array of provider names or configurations.
@@ -312,15 +443,21 @@ type BuiltInOAuthProvider = keyof typeof builtInOAuthProviders;
  * These fields are typically filtered out before returning user data.
  */
 type JWTStandardClaims = Pick<JWTPayload, "exp" | "iat" | "jti" | "nbf" | "sub" | "aud" | "iss">;
+/**
+ * JWT payload structure that includes a mandatory `token` field used to verify CSRF Tokens
+ */
+type JWTPayloadWithToken = JWTPayload & {
+    token: string;
+};
 /**
  * Standardized user profile returned by OAuth providers after fetching user information
  * and mapping the response to this format by default or via the `profile` custom function.
  */
 interface User {
     sub: string;
-    name?: string;
-    email?: string;
-    image?: string;
+    name?: string | null;
+    email?: string | null;
+    image?: string | null;
 }
 /**
  * Session data returned by the session endpoint.
@@ -340,70 +477,49 @@ interface OAuthProviderConfig<Profile extends object = {}> {
     accessToken: string;
     userInfo: string;
     scope: string;
-    responseType: string;
+    responseType: "code" | "token" | "refresh_token" | "id_token";
     profile?: (profile: Profile) => User | Promise<User>;
 }
 /**
  * OAuth provider configuration with client credentials.
  * Extends OAuthProviderConfig with clientId and clientSecret.
  */
-interface OAuthProviderCredentials extends OAuthProviderConfig {
+interface OAuthProviderCredentials<Profile extends object = {}> extends OAuthProviderConfig<Profile> {
     clientId: string;
     clientSecret: string;
 }
 /**
  * Complete OAuth provider type combining configuration and credentials.
  */
-type OAuthProvider<Profile extends Record<string, unknown> = {}> = OAuthProviderConfig<Profile> & OAuthProviderCredentials;
+type OAuthProvider<Profile extends object = {}> = OAuthProviderCredentials<Profile>;
 /**
  * Cookie type with __Secure- prefix, must be Secure.
  * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__secure-prefix
  */
 type SecureCookie = {
     strategy: "secure";
-} & {
-    options?: Prettify<Omit<SerializeOptions, "secure" | "encode">>;
-};
+} & Prettify<Omit<SerializeOptions, "secure" | "encode">>;
 /**
  * Cookie type with __Host- prefix, must be Secure, Path=/, no Domain attribute.
  * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__host-prefix
  */
 type HostCookie = {
     strategy: "host";
-} & {
-    options?: Prettify<Omit<SerializeOptions, "secure" | "path" | "domain" | "encode">>;
-};
+} & Prettify<Omit<SerializeOptions, "secure" | "path" | "domain" | "encode">>;
 /**
  * Standard cookie type without security prefixes.
  * Can be sent over both HTTP and HTTPS connections (default in development).
  */
 type StandardCookie = {
     strategy?: "standard";
-} & {
-    options?: Prettify<Omit<SerializeOptions, "encode">>;
-};
+} & Prettify<Omit<SerializeOptions, "encode">>;
 /**
  * Union type for cookie options based on the specified strategy.
  * - `secure`: Cookies are only sent over HTTPS connections
  * - `host`: Cookies use the __Host- prefix and are only sent over HTTPS connections
  * - `standard`: Cookies can be sent over both HTTP and HTTPS connections (default in development)
  */
-type CookieStrategyOptions = StandardCookie | SecureCookie | HostCookie;
-/**
- * Configuration options for cookies used in Aura Auth.
- * @see {@link AuthConfig.cookies}
- */
-type CookieConfig = Prettify<{
-    name?: string;
-} & CookieStrategyOptions>;
-/**
- * Internal representation of cookie configuration with all options resolved.
- * @internal
- */
-type CookieConfigInternal = {
-    name?: string;
-    prefix?: string;
-} & SerializeOptions;
+type CookieStrategyAttributes = StandardCookie | SecureCookie | HostCookie;
 /**
  * Names of cookies used by Aura Auth for session management and OAuth flows.
  * - `sessionToken`: User session JWT
@@ -414,7 +530,18 @@ type CookieConfigInternal = {
  * - `redirect_to`: Post-authentication redirect path
  * - `nonce`: OpenID Connect nonce parameter
  */
-type CookieName = "sessionToken" | "csrfToken" | "state" | "nonce" | "code_verifier" | "redirect_to" | "redirect_uri";
+type CookieName = "sessionToken" | "csrfToken" | "state" | "codeVerifier" | "redirectTo" | "redirectURI";
+type CookieStoreConfig = Record<CookieName, {
+    name: string;
+    attributes: CookieStrategyAttributes;
+}>;
+interface CookieConfig {
+    /**
+     * Prefix to be added to all cookie names. By default "aura-stack".
+     */
+    prefix?: string;
+    overrides?: Partial<CookieStoreConfig>;
+}
 /**
  * Main configuration interface for Aura Auth.
  * This is the user-facing configuration object passed to `createAuth()`.
@@ -462,10 +589,10 @@ interface AuthConfig {
      * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__secure-prefix
      * @see https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#name-the-__host-prefix
      */
-    cookies?: CookieConfig;
+    cookies?: Partial<CookieConfig>;
     /**
      * Secret used to sign and verify JWT tokens for session and csrf protection.
-     * If not provided, it will load from the environment variable `AURA_AUTH_SECRET`, but if it
+     * If not provided, it will load from the environment variable `AURA_AUTH_SECRET` or `AUTH_SECRET`, but if it
      * doesn't exist, it will throw an error during the initialization of the Auth module.
      */
     secret?: string;
@@ -493,27 +620,24 @@ interface JoseInstance {
     decodeJWT: (token: string) => Promise<JWTPayload>;
     encodeJWT: (payload: JWTPayload) => Promise<string>;
     signJWS: (payload: JWTPayload) => Promise<string>;
-    verifyJWS: (payload: string) => Promise<JWTPayload>;
-}
-/**
- * Internal runtime configuration used within Aura Auth after initialization.
- * All optional fields from AuthConfig are resolved to their default values.
- * @internal
- * @todo: is this needed?
- */
-interface AuthRuntimeConfig {
-    oauth: Record<LiteralUnion<BuiltInOAuthProvider>, OAuthProviderCredentials>;
-    cookies: CookieConfig;
-    secret: string;
-    jose: JoseInstance;
+    verifyJWS: (payload: string, options?: JWTVerifyOptions) => Promise<JWTPayload>;
+    encryptJWE: (payload: string, options?: EncryptOptions) => Promise<string>;
+    decryptJWE: (payload: string, options?: JWTDecryptOptions) => Promise<string>;
 }
+type OAuthProviderRecord = Record<LiteralUnion<BuiltInOAuthProvider>, OAuthProviderCredentials>;
 interface RouterGlobalContext {
-    oauth: Record<LiteralUnion<BuiltInOAuthProvider>, OAuthProviderCredentials>;
-    cookies: CookieConfigInternal;
+    oauth: OAuthProviderRecord;
+    cookies: CookieStoreConfig;
     jose: JoseInstance;
+    secret?: string;
     basePath: string;
     trustedProxyHeaders: boolean;
 }
+/**
+ * Internal runtime configuration used within Aura Auth after initialization.
+ * All optional fields from AuthConfig are resolved to their default values.
+ */
+type AuthRuntimeConfig = RouterGlobalContext;
 interface AuthInstance {
     handlers: {
         GET: (request: Request) => Response | Promise<Response>;
@@ -542,7 +666,14 @@ type AccessTokenError = OAuthError<z.infer<typeof OAuthAccessTokenErrorResponse>
  * OAuth 2.0 Token Revocation Error Response Types
  * @see https://datatracker.ietf.org/doc/html/rfc7009#section-2.2.1
  */
-type TokenRevocationError = OAuthError<"invalid_session_token" | "invalid_csrf_token" | "invalid_redirect_to">;
+type TokenRevocationError = OAuthError<"invalid_session_token">;
 type ErrorType = AuthorizationError["error"] | AccessTokenError["error"] | TokenRevocationError["error"];
+type AuthInternalErrorCode = "INVALID_OAUTH_CONFIGURATION" | "INVALID_JWT_TOKEN" | "JOSE_INITIALIZATION_FAILED" | "SESSION_STORE_NOT_INITIALIZED" | "COOKIE_STORE_NOT_INITIALIZED" | "COOKIE_PARSING_FAILED" | "COOKIE_NOT_FOUND" | "INVALID_ENVIRONMENT_CONFIGURATION";
+type AuthSecurityErrorCode = "INVALID_STATE" | "MISMATCHING_STATE" | "POTENTIAL_OPEN_REDIRECT_ATTACK_DETECTED" | "CSRF_TOKEN_INVALID" | "CSRF_TOKEN_MISSING" | "SESSION_TOKEN_MISSING";
+type OAuthEnv = z.infer<typeof OAuthEnvSchema>;
+type APIErrorMap = Record<string, {
+    code: string;
+    message: string;
+}>;
-export { type AuthRuntimeConfig as A, type BitbucketProfile as B, type CookieConfig as C, type DiscordProfile as D, type ErrorType as E, type FigmaProfile as F, type GitLabProfile as G, type HostCookie as H, type JoseInstance as J, type Nameplate as N, type OAuthProvider as O, type RouterGlobalContext as R, type Session as S, type TokenRevocationError as T, type User as U, type XProfile as X, type CookieConfigInternal as a, type CookieName as b, type AuthConfig as c, type AuthInstance as d, type OAuthProviderConfig as e, type OAuthProviderCredentials as f, type SpotifyProfile as g, gitlab as h, discord as i, figma as j, bitbucket as k, type GitHubProfile as l, github as m, builtInOAuthProviders as n, createBuiltInOAuthProviders as o, type BuiltInOAuthProvider as p, type JWTStandardClaims as q, type SecureCookie as r, spotify as s, type StandardCookie as t, type CookieStrategyOptions as u, type OAuthError as v, type AuthorizationError as w, x, type AccessTokenError as y };
+export { type AuthorizationError as $, type AuthRuntimeConfig as A, type BitbucketProfile as B, type CookieConfig as C, type DiscordProfile as D, type ErrorType as E, type FigmaProfile as F, type GitLabProfile as G, createBuiltInOAuthProviders as H, type Image as I, type JWTPayloadWithToken as J, type BuiltInOAuthProvider as K, type Login as L, type MailchimpProfile as M, type Nameplate as N, type OAuthProvider as O, type PinterestProfile as P, type JWTStandardClaims as Q, type RouterGlobalContext as R, type Session as S, type SecureCookie as T, type User as U, type HostCookie as V, type StandardCookie as W, type XProfile as X, type CookieStrategyAttributes as Y, type CookieName as Z, type OAuthError as _, type CookieStoreConfig as a, type AccessTokenError as a0, type TokenRevocationError as a1, type OAuthEnv as a2, type AuthInternalErrorCode as b, type AuthSecurityErrorCode as c, type AuthConfig as d, type AuthInstance as e, type JoseInstance as f, type OAuthProviderConfig as g, type OAuthProviderCredentials as h, type APIErrorMap as i, type OAuthProviderRecord as j, type SummaryClub as k, type SummaryGear as l, mailchimp as m, type StravaProfile as n, type SpotifyProfile as o, pinterest as p, spotify as q, gitlab as r, strava as s, discord as t, figma as u, bitbucket as v, type GitHubProfile as w, x, github as y, builtInOAuthProviders as z };