@aura-stack/auth 0.4.0-rc.5 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (201) hide show
  1. package/dist/@types/index.d.ts +8 -3
  2. package/dist/@types/router.d.cjs +0 -17
  3. package/dist/@types/router.d.d.ts +7 -2
  4. package/dist/@types/router.d.js +0 -1
  5. package/dist/actions/callback/access-token.cjs +130 -71
  6. package/dist/actions/callback/access-token.d.ts +9 -4
  7. package/dist/actions/callback/access-token.js +3 -4
  8. package/dist/actions/callback/callback.cjs +428 -152
  9. package/dist/actions/callback/callback.d.ts +11 -3
  10. package/dist/actions/callback/callback.js +12 -10
  11. package/dist/actions/callback/userinfo.cjs +159 -65
  12. package/dist/actions/callback/userinfo.d.ts +8 -3
  13. package/dist/actions/callback/userinfo.js +7 -6
  14. package/dist/actions/csrfToken/csrfToken.cjs +70 -19
  15. package/dist/actions/csrfToken/csrfToken.js +8 -7
  16. package/dist/actions/index.cjs +780 -348
  17. package/dist/actions/index.d.ts +6 -2
  18. package/dist/actions/index.js +23 -18
  19. package/dist/actions/session/session.cjs +107 -26
  20. package/dist/actions/session/session.js +7 -5
  21. package/dist/actions/signIn/authorization-url.cjs +288 -0
  22. package/dist/actions/signIn/authorization-url.d.ts +31 -0
  23. package/dist/actions/signIn/authorization-url.js +16 -0
  24. package/dist/actions/signIn/authorization.cjs +209 -211
  25. package/dist/actions/signIn/authorization.d.ts +32 -21
  26. package/dist/actions/signIn/authorization.js +12 -9
  27. package/dist/actions/signIn/signIn.cjs +470 -235
  28. package/dist/actions/signIn/signIn.d.ts +12 -3
  29. package/dist/actions/signIn/signIn.js +11 -8
  30. package/dist/actions/signOut/signOut.cjs +376 -228
  31. package/dist/actions/signOut/signOut.d.ts +1 -1
  32. package/dist/actions/signOut/signOut.js +10 -9
  33. package/dist/api/createApi.cjs +750 -0
  34. package/dist/api/createApi.d.ts +12 -0
  35. package/dist/api/createApi.js +19 -0
  36. package/dist/api/getSession.cjs +141 -0
  37. package/dist/api/getSession.d.ts +16 -0
  38. package/dist/api/getSession.js +10 -0
  39. package/dist/api/signIn.cjs +549 -0
  40. package/dist/api/signIn.d.ts +26 -0
  41. package/dist/api/signIn.js +15 -0
  42. package/dist/api/signOut.cjs +279 -0
  43. package/dist/api/signOut.d.ts +16 -0
  44. package/dist/api/signOut.js +13 -0
  45. package/dist/assert.cjs +150 -5
  46. package/dist/assert.d.ts +26 -3
  47. package/dist/assert.js +17 -3
  48. package/dist/{chunk-YRCB5FLE.js → chunk-2A5B7GWR.js} +52 -6
  49. package/dist/chunk-2GQLSIJ2.js +40 -0
  50. package/dist/chunk-2IR674WX.js +44 -0
  51. package/dist/chunk-3J5TUH2I.js +50 -0
  52. package/dist/chunk-4RWSYUKX.js +98 -0
  53. package/dist/chunk-4YHJ4IEQ.js +25 -0
  54. package/dist/chunk-54CZPKR4.js +25 -0
  55. package/dist/chunk-5LZ7TOM3.js +25 -0
  56. package/dist/chunk-7BE46WWS.js +88 -0
  57. package/dist/chunk-7YYXFKLR.js +35 -0
  58. package/dist/chunk-C3A37LQC.js +33 -0
  59. package/dist/chunk-CITNGXDA.js +31 -0
  60. package/dist/chunk-CWX724AG.js +78 -0
  61. package/dist/chunk-D2CSIUKP.js +74 -0
  62. package/dist/chunk-E6G5YCI6.js +25 -0
  63. package/dist/chunk-EBAMFRB7.js +34 -0
  64. package/dist/chunk-EEE7UM5T.js +25 -0
  65. package/dist/{chunk-HT4YLL7N.js → chunk-FPCVZUVG.js} +10 -8
  66. package/dist/chunk-FW4W3REU.js +25 -0
  67. package/dist/chunk-GNNBM2WJ.js +83 -0
  68. package/dist/chunk-IPKO6UQN.js +25 -0
  69. package/dist/chunk-JOCGX3RP.js +59 -0
  70. package/dist/chunk-KBXWTD6E.js +94 -0
  71. package/dist/chunk-KMMAZFSJ.js +25 -0
  72. package/dist/chunk-LATR3NIV.js +117 -0
  73. package/dist/chunk-LAYPUDQF.js +39 -0
  74. package/dist/chunk-LDU7A2JE.js +25 -0
  75. package/dist/chunk-LX3TJ2TJ.js +294 -0
  76. package/dist/chunk-NHZBQNRR.js +143 -0
  77. package/dist/chunk-OVHNRULD.js +33 -0
  78. package/dist/chunk-PDP3PHB3.js +127 -0
  79. package/dist/chunk-PHYNROD4.js +47 -0
  80. package/dist/chunk-QQEKY4XP.js +29 -0
  81. package/dist/chunk-U4RK4LKJ.js +348 -0
  82. package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
  83. package/dist/chunk-UN7X6SU5.js +53 -0
  84. package/dist/chunk-UZQJJD6A.js +100 -0
  85. package/dist/chunk-V6LLEAR4.js +80 -0
  86. package/dist/chunk-WHNDRO3N.js +50 -0
  87. package/dist/{chunk-W6LG7BFW.js → chunk-XY5R3EHH.js} +30 -23
  88. package/dist/client/client.cjs +135 -0
  89. package/dist/client/client.d.ts +85 -0
  90. package/dist/client/client.js +9 -0
  91. package/dist/client/index.cjs +135 -0
  92. package/dist/client/index.d.ts +14 -0
  93. package/dist/client/index.js +10 -0
  94. package/dist/context.cjs +1237 -0
  95. package/dist/context.d.ts +16 -0
  96. package/dist/context.js +28 -0
  97. package/dist/cookie.cjs +57 -22
  98. package/dist/cookie.d.ts +11 -6
  99. package/dist/cookie.js +3 -2
  100. package/dist/createAuth.cjs +2320 -0
  101. package/dist/createAuth.d.ts +12 -0
  102. package/dist/createAuth.js +48 -0
  103. package/dist/env.cjs +78 -0
  104. package/dist/env.d.ts +10 -0
  105. package/dist/env.js +12 -0
  106. package/dist/errors.cjs +17 -0
  107. package/dist/errors.d.ts +15 -4
  108. package/dist/errors.js +5 -1
  109. package/dist/headers.cjs +28 -2
  110. package/dist/headers.d.ts +25 -1
  111. package/dist/headers.js +9 -3
  112. package/dist/index-_aXtxb_s.d.ts +1377 -0
  113. package/dist/index.cjs +1843 -610
  114. package/dist/index.d.ts +11 -92
  115. package/dist/index.js +53 -85
  116. package/dist/jose.cjs +113 -38
  117. package/dist/jose.d.ts +12 -23
  118. package/dist/jose.js +17 -7
  119. package/dist/logger.cjs +424 -0
  120. package/dist/logger.d.ts +12 -0
  121. package/dist/logger.js +17 -0
  122. package/dist/oauth/atlassian.cjs +57 -0
  123. package/dist/oauth/atlassian.d.ts +12 -0
  124. package/dist/oauth/atlassian.js +6 -0
  125. package/dist/oauth/bitbucket.cjs +19 -15
  126. package/dist/oauth/bitbucket.d.ts +7 -2
  127. package/dist/oauth/bitbucket.js +1 -1
  128. package/dist/oauth/discord.cjs +27 -24
  129. package/dist/oauth/discord.d.ts +7 -2
  130. package/dist/oauth/discord.js +1 -1
  131. package/dist/oauth/dropbox.cjs +53 -0
  132. package/dist/oauth/dropbox.d.ts +12 -0
  133. package/dist/oauth/dropbox.js +6 -0
  134. package/dist/oauth/figma.cjs +19 -16
  135. package/dist/oauth/figma.d.ts +7 -2
  136. package/dist/oauth/figma.js +1 -1
  137. package/dist/oauth/github.cjs +19 -8
  138. package/dist/oauth/github.d.ts +7 -2
  139. package/dist/oauth/github.js +1 -1
  140. package/dist/oauth/gitlab.cjs +19 -16
  141. package/dist/oauth/gitlab.d.ts +7 -2
  142. package/dist/oauth/gitlab.js +1 -1
  143. package/dist/oauth/index.cjs +529 -239
  144. package/dist/oauth/index.d.ts +7 -2
  145. package/dist/oauth/index.js +39 -22
  146. package/dist/oauth/mailchimp.cjs +19 -16
  147. package/dist/oauth/mailchimp.d.ts +7 -2
  148. package/dist/oauth/mailchimp.js +1 -1
  149. package/dist/oauth/notion.cjs +131 -0
  150. package/dist/oauth/notion.d.ts +12 -0
  151. package/dist/oauth/notion.js +9 -0
  152. package/dist/oauth/pinterest.cjs +19 -16
  153. package/dist/oauth/pinterest.d.ts +7 -2
  154. package/dist/oauth/pinterest.js +1 -1
  155. package/dist/oauth/spotify.cjs +19 -16
  156. package/dist/oauth/spotify.d.ts +7 -2
  157. package/dist/oauth/spotify.js +1 -1
  158. package/dist/oauth/strava.cjs +19 -16
  159. package/dist/oauth/strava.d.ts +7 -2
  160. package/dist/oauth/strava.js +1 -1
  161. package/dist/oauth/twitch.cjs +95 -0
  162. package/dist/oauth/twitch.d.ts +12 -0
  163. package/dist/oauth/twitch.js +7 -0
  164. package/dist/oauth/x.cjs +19 -16
  165. package/dist/oauth/x.d.ts +7 -2
  166. package/dist/oauth/x.js +1 -1
  167. package/dist/schemas.cjs +89 -42
  168. package/dist/schemas.d.ts +114 -18
  169. package/dist/schemas.js +5 -3
  170. package/dist/secure.cjs +73 -31
  171. package/dist/secure.d.ts +11 -11
  172. package/dist/secure.js +7 -6
  173. package/dist/utils.cjs +203 -90
  174. package/dist/utils.d.ts +21 -40
  175. package/dist/utils.js +21 -12
  176. package/package.json +9 -6
  177. package/dist/chunk-3EUWD5BB.js +0 -63
  178. package/dist/chunk-42XB3YCW.js +0 -22
  179. package/dist/chunk-6R2YZ4AC.js +0 -22
  180. package/dist/chunk-A3N4PVAT.js +0 -70
  181. package/dist/chunk-B737EUJV.js +0 -22
  182. package/dist/chunk-CXLATHS5.js +0 -143
  183. package/dist/chunk-E3OXBRYF.js +0 -22
  184. package/dist/chunk-EIL2FPSS.js +0 -22
  185. package/dist/chunk-EMKJA2GJ.js +0 -89
  186. package/dist/chunk-FIPU4MLT.js +0 -21
  187. package/dist/chunk-FKRDCWBF.js +0 -22
  188. package/dist/chunk-GA2SMTJO.js +0 -58
  189. package/dist/chunk-HP34YGGJ.js +0 -22
  190. package/dist/chunk-IKHPGFCW.js +0 -14
  191. package/dist/chunk-IUYZQTJV.js +0 -30
  192. package/dist/chunk-IVET23KF.js +0 -58
  193. package/dist/chunk-JVFTCTTE.js +0 -33
  194. package/dist/chunk-KRNOMBXQ.js +0 -22
  195. package/dist/chunk-KSWLO5ZU.js +0 -102
  196. package/dist/chunk-N2APGLXA.js +0 -71
  197. package/dist/chunk-N4SX7TZT.js +0 -96
  198. package/dist/chunk-STHEPPUZ.js +0 -11
  199. package/dist/chunk-TLE4PXY3.js +0 -39
  200. package/dist/index-B8jeIElf.d.ts +0 -679
  201. /package/dist/{chunk-DIVDFNAP.js → chunk-5X7JZMEF.js} +0 -0
@@ -0,0 +1,12 @@
1
+ import 'jose';
2
+ export { w as createAuth, ay as createAuthInstance } from './index-_aXtxb_s.js';
3
+ import '@aura-stack/jose';
4
+ import '@aura-stack/router';
5
+ import 'zod/v4/core';
6
+ import 'zod';
7
+ import './@types/utility.js';
8
+ import './schemas.js';
9
+ import 'zod/v4';
10
+ import '@aura-stack/jose/jose';
11
+ import '@aura-stack/jose/crypto';
12
+ import '@aura-stack/router/cookie';
@@ -0,0 +1,48 @@
1
+ import {
2
+ createAuth,
3
+ createAuthInstance
4
+ } from "./chunk-CWX724AG.js";
5
+ import "./chunk-ITQ7352M.js";
6
+ import "./chunk-NHZBQNRR.js";
7
+ import "./chunk-GNNBM2WJ.js";
8
+ import "./chunk-FPCVZUVG.js";
9
+ import "./chunk-UN7X6SU5.js";
10
+ import "./chunk-7YYXFKLR.js";
11
+ import "./chunk-3J5TUH2I.js";
12
+ import "./chunk-7BE46WWS.js";
13
+ import "./chunk-LAYPUDQF.js";
14
+ import "./chunk-CITNGXDA.js";
15
+ import "./chunk-JOCGX3RP.js";
16
+ import "./chunk-D2CSIUKP.js";
17
+ import "./chunk-LATR3NIV.js";
18
+ import "./chunk-KBXWTD6E.js";
19
+ import "./chunk-ZNCZVF6U.js";
20
+ import "./chunk-V6LLEAR4.js";
21
+ import "./chunk-2IR674WX.js";
22
+ import "./chunk-PDP3PHB3.js";
23
+ import "./chunk-LDU7A2JE.js";
24
+ import "./chunk-PHYNROD4.js";
25
+ import "./chunk-E6G5YCI6.js";
26
+ import "./chunk-IPKO6UQN.js";
27
+ import "./chunk-54CZPKR4.js";
28
+ import "./chunk-2GQLSIJ2.js";
29
+ import "./chunk-EEE7UM5T.js";
30
+ import "./chunk-C3A37LQC.js";
31
+ import "./chunk-4YHJ4IEQ.js";
32
+ import "./chunk-OVHNRULD.js";
33
+ import "./chunk-QQEKY4XP.js";
34
+ import "./chunk-KMMAZFSJ.js";
35
+ import "./chunk-FW4W3REU.js";
36
+ import "./chunk-5LZ7TOM3.js";
37
+ import "./chunk-U4RK4LKJ.js";
38
+ import "./chunk-2A5B7GWR.js";
39
+ import "./chunk-UZQJJD6A.js";
40
+ import "./chunk-LX3TJ2TJ.js";
41
+ import "./chunk-XY5R3EHH.js";
42
+ import "./chunk-WHNDRO3N.js";
43
+ import "./chunk-U5663F2U.js";
44
+ import "./chunk-EBAMFRB7.js";
45
+ export {
46
+ createAuth,
47
+ createAuthInstance
48
+ };
package/dist/env.cjs ADDED
@@ -0,0 +1,78 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __export = (target, all) => {
7
+ for (var name in all)
8
+ __defProp(target, name, { get: all[name], enumerable: true });
9
+ };
10
+ var __copyProps = (to, from, except, desc) => {
11
+ if (from && typeof from === "object" || typeof from === "function") {
12
+ for (let key of __getOwnPropNames(from))
13
+ if (!__hasOwnProp.call(to, key) && key !== except)
14
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
+ }
16
+ return to;
17
+ };
18
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
+
20
+ // src/env.ts
21
+ var env_exports = {};
22
+ __export(env_exports, {
23
+ env: () => env,
24
+ getEnv: () => getEnv,
25
+ getEnvArray: () => getEnvArray,
26
+ getEnvBoolean: () => getEnvBoolean
27
+ });
28
+ module.exports = __toCommonJS(env_exports);
29
+ var import_meta = {};
30
+ var env = new Proxy({}, {
31
+ get(_, prop) {
32
+ if (typeof prop !== "string") return void 0;
33
+ const hasProperty = (process2) => {
34
+ return process2 && Object.prototype.hasOwnProperty.call(process2, prop);
35
+ };
36
+ try {
37
+ if (typeof process !== "undefined" && hasProperty(process.env)) {
38
+ return process.env[prop];
39
+ }
40
+ if (typeof import_meta !== "undefined" && hasProperty(import_meta.env)) {
41
+ return import_meta.env[prop];
42
+ }
43
+ if (typeof Deno !== "undefined" && Deno.env?.get) {
44
+ return Deno.env.get(prop);
45
+ }
46
+ if (typeof Bun !== "undefined" && hasProperty(Bun.env)) {
47
+ return Bun.env[prop];
48
+ }
49
+ const globalValue = globalThis[prop];
50
+ return typeof globalValue === "string" ? globalValue : void 0;
51
+ } catch {
52
+ return void 0;
53
+ }
54
+ }
55
+ });
56
+ var getEnv = (key) => {
57
+ const keys = [`AURA_AUTH_${key.toUpperCase()}`, `AURA_${key.toUpperCase()}`, `AUTH_${key.toUpperCase()}`, key.toUpperCase()];
58
+ return env[keys.find((k) => env[k]) ?? ""];
59
+ };
60
+ var getEnvBoolean = (key) => {
61
+ const value = getEnv(key);
62
+ if (value === void 0) return false;
63
+ const normalized = value.trim().toLowerCase();
64
+ if (["1", "true", "yes", "on", "debug"].includes(normalized)) return true;
65
+ return false;
66
+ };
67
+ var getEnvArray = (key, defaultValue = []) => {
68
+ const value = getEnv(key);
69
+ if (!value) return defaultValue;
70
+ return value.split(/[,;\n]+/).map((v) => v.trim()).filter(Boolean);
71
+ };
72
+ // Annotate the CommonJS export names for ESM import in node:
73
+ 0 && (module.exports = {
74
+ env,
75
+ getEnv,
76
+ getEnvArray,
77
+ getEnvBoolean
78
+ });
package/dist/env.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ /**
2
+ * A runtime-agnostic environment variable proxy.
3
+ * Checks multiple sources to ensure compatibility with Node, Bun, Deno, Vite, and Edge platforms.
4
+ */
5
+ declare const env: Record<string, string | undefined>;
6
+ declare const getEnv: (key: string) => string | undefined;
7
+ declare const getEnvBoolean: (key: string) => boolean;
8
+ declare const getEnvArray: (key: string, defaultValue?: string[]) => string[];
9
+
10
+ export { env, getEnv, getEnvArray, getEnvBoolean };
package/dist/env.js ADDED
@@ -0,0 +1,12 @@
1
+ import {
2
+ env,
3
+ getEnv,
4
+ getEnvArray,
5
+ getEnvBoolean
6
+ } from "./chunk-WHNDRO3N.js";
7
+ export {
8
+ env,
9
+ getEnv,
10
+ getEnvArray,
11
+ getEnvBoolean
12
+ };
package/dist/errors.cjs CHANGED
@@ -20,9 +20,11 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
20
20
  // src/errors.ts
21
21
  var errors_exports = {};
22
22
  __export(errors_exports, {
23
+ AuthClientError: () => AuthClientError,
23
24
  AuthInternalError: () => AuthInternalError,
24
25
  AuthSecurityError: () => AuthSecurityError,
25
26
  OAuthProtocolError: () => OAuthProtocolError,
27
+ isAuthClientError: () => isAuthClientError,
26
28
  isAuthInternalError: () => isAuthInternalError,
27
29
  isAuthSecurityError: () => isAuthSecurityError,
28
30
  isNativeError: () => isNativeError,
@@ -61,6 +63,16 @@ var AuthSecurityError = class extends Error {
61
63
  Error.captureStackTrace(this, new.target);
62
64
  }
63
65
  };
66
+ var AuthClientError = class extends Error {
67
+ type = "AUTH_CLIENT_ERROR";
68
+ code;
69
+ constructor(code, message, options) {
70
+ super(message, options);
71
+ this.code = code;
72
+ this.name = new.target.name;
73
+ Error.captureStackTrace(this, new.target);
74
+ }
75
+ };
64
76
  var isNativeError = (error) => {
65
77
  return error instanceof Error;
66
78
  };
@@ -73,11 +85,16 @@ var isAuthInternalError = (error) => {
73
85
  var isAuthSecurityError = (error) => {
74
86
  return error instanceof AuthSecurityError;
75
87
  };
88
+ var isAuthClientError = (error) => {
89
+ return error instanceof AuthClientError;
90
+ };
76
91
  // Annotate the CommonJS export names for ESM import in node:
77
92
  0 && (module.exports = {
93
+ AuthClientError,
78
94
  AuthInternalError,
79
95
  AuthSecurityError,
80
96
  OAuthProtocolError,
97
+ isAuthClientError,
81
98
  isAuthInternalError,
82
99
  isAuthSecurityError,
83
100
  isNativeError,
package/dist/errors.d.ts CHANGED
@@ -1,10 +1,15 @@
1
- import { E as ErrorType, b as AuthInternalErrorCode, c as AuthSecurityErrorCode } from './index-B8jeIElf.js';
1
+ import { d as AuthInternalErrorCode, e as AuthSecurityErrorCode, E as ErrorType } from './index-_aXtxb_s.js';
2
2
  import { LiteralUnion } from './@types/utility.js';
3
3
  import 'zod';
4
4
  import './schemas.js';
5
- import '@aura-stack/router/cookie';
5
+ import 'zod/v4';
6
6
  import '@aura-stack/jose';
7
7
  import '@aura-stack/jose/jose';
8
+ import '@aura-stack/jose/crypto';
9
+ import '@aura-stack/router/cookie';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
8
13
 
9
14
  /**
10
15
  * The object returned by the class to users its:
@@ -39,11 +44,17 @@ declare class AuthInternalError extends Error {
39
44
  declare class AuthSecurityError extends Error {
40
45
  readonly type = "AUTH_SECURITY_ERROR";
41
46
  readonly code: string;
42
- constructor(code: AuthSecurityErrorCode, message?: string, options?: ErrorOptions);
47
+ constructor(code: LiteralUnion<AuthSecurityErrorCode>, message?: string, options?: ErrorOptions);
48
+ }
49
+ declare class AuthClientError extends Error {
50
+ readonly type = "AUTH_CLIENT_ERROR";
51
+ readonly code: string;
52
+ constructor(code: string, message?: string, options?: ErrorOptions);
43
53
  }
44
54
  declare const isNativeError: (error: unknown) => error is Error;
45
55
  declare const isOAuthProtocolError: (error: unknown) => error is OAuthProtocolError;
46
56
  declare const isAuthInternalError: (error: unknown) => error is AuthInternalError;
47
57
  declare const isAuthSecurityError: (error: unknown) => error is AuthSecurityError;
58
+ declare const isAuthClientError: (error: unknown) => error is AuthClientError;
48
59
 
49
- export { AuthInternalError, AuthSecurityError, OAuthProtocolError, isAuthInternalError, isAuthSecurityError, isNativeError, isOAuthProtocolError };
60
+ export { AuthClientError, AuthInternalError, AuthSecurityError, OAuthProtocolError, isAuthClientError, isAuthInternalError, isAuthSecurityError, isNativeError, isOAuthProtocolError };
package/dist/errors.js CHANGED
@@ -1,16 +1,20 @@
1
1
  import {
2
+ AuthClientError,
2
3
  AuthInternalError,
3
4
  AuthSecurityError,
4
5
  OAuthProtocolError,
6
+ isAuthClientError,
5
7
  isAuthInternalError,
6
8
  isAuthSecurityError,
7
9
  isNativeError,
8
10
  isOAuthProtocolError
9
- } from "./chunk-RRLIF4PQ.js";
11
+ } from "./chunk-U5663F2U.js";
10
12
  export {
13
+ AuthClientError,
11
14
  AuthInternalError,
12
15
  AuthSecurityError,
13
16
  OAuthProtocolError,
17
+ isAuthClientError,
14
18
  isAuthInternalError,
15
19
  isAuthSecurityError,
16
20
  isNativeError,
package/dist/headers.cjs CHANGED
@@ -20,7 +20,10 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
20
20
  // src/headers.ts
21
21
  var headers_exports = {};
22
22
  __export(headers_exports, {
23
- cacheControl: () => cacheControl
23
+ cacheControl: () => cacheControl,
24
+ contentSecurityPolicy: () => contentSecurityPolicy,
25
+ secureApiHeaders: () => secureApiHeaders,
26
+ secureHeaders: () => secureHeaders
24
27
  });
25
28
  module.exports = __toCommonJS(headers_exports);
26
29
  var cacheControl = {
@@ -29,7 +32,30 @@ var cacheControl = {
29
32
  Expires: "0",
30
33
  Vary: "Cookie"
31
34
  };
35
+ var contentSecurityPolicy = {
36
+ "Content-Security-Policy": [
37
+ "default-src 'none'",
38
+ "script-src 'self'",
39
+ "frame-src 'none'",
40
+ "object-src 'none'",
41
+ "frame-ancestors 'none'",
42
+ "base-uri 'none'"
43
+ ].join("; ")
44
+ };
45
+ var secureHeaders = {
46
+ "X-Content-Type-Options": "nosniff",
47
+ "X-Frame-Options": "DENY",
48
+ "Referrer-Policy": "strict-origin-when-cross-origin"
49
+ };
50
+ var secureApiHeaders = {
51
+ ...cacheControl,
52
+ ...contentSecurityPolicy,
53
+ ...secureHeaders
54
+ };
32
55
  // Annotate the CommonJS export names for ESM import in node:
33
56
  0 && (module.exports = {
34
- cacheControl
57
+ cacheControl,
58
+ contentSecurityPolicy,
59
+ secureApiHeaders,
60
+ secureHeaders
35
61
  });
package/dist/headers.d.ts CHANGED
@@ -5,5 +5,29 @@
5
5
  * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Vary
6
6
  */
7
7
  declare const cacheControl: HeadersInit;
8
+ /**
9
+ * Content Security Policy headers optimized for JSON API endpoints.
10
+ * Provides protection against XSS, clickjacking, and code injection attacks.
11
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
12
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Security-Policy
13
+ */
14
+ declare const contentSecurityPolicy: HeadersInit;
15
+ /**
16
+ * X-Frame-Options is overridden by the frame-ancestors directive in CSP.
17
+ * However, it's included here for compatibility with older browsers that do not support CSP.
18
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Content-Type-Options
19
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Frame-Options
20
+ * @see https://developer.mozilla.org/es/docs/Web/HTTP/Reference/Headers/Referrer-Policy
21
+ */
22
+ declare const secureHeaders: {
23
+ "X-Content-Type-Options": string;
24
+ "X-Frame-Options": string;
25
+ "Referrer-Policy": string;
26
+ };
27
+ /**
28
+ * Combined security headers for JSON API responses.
29
+ * Includes cache control, CSP, and other security headers.
30
+ */
31
+ declare const secureApiHeaders: HeadersInit;
8
32
 
9
- export { cacheControl };
33
+ export { cacheControl, contentSecurityPolicy, secureApiHeaders, secureHeaders };
package/dist/headers.js CHANGED
@@ -1,6 +1,12 @@
1
1
  import {
2
- cacheControl
3
- } from "./chunk-STHEPPUZ.js";
2
+ cacheControl,
3
+ contentSecurityPolicy,
4
+ secureApiHeaders,
5
+ secureHeaders
6
+ } from "./chunk-EBAMFRB7.js";
4
7
  export {
5
- cacheControl
8
+ cacheControl,
9
+ contentSecurityPolicy,
10
+ secureApiHeaders,
11
+ secureHeaders
6
12
  };