@aura-stack/auth 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/dist/@types/index.d.ts +6 -2
  2. package/dist/@types/router.d.d.ts +6 -2
  3. package/dist/actions/callback/access-token.cjs +103 -59
  4. package/dist/actions/callback/access-token.d.ts +7 -3
  5. package/dist/actions/callback/access-token.js +3 -3
  6. package/dist/actions/callback/callback.cjs +200 -134
  7. package/dist/actions/callback/callback.d.ts +32 -3
  8. package/dist/actions/callback/callback.js +11 -12
  9. package/dist/actions/callback/userinfo.cjs +103 -70
  10. package/dist/actions/callback/userinfo.d.ts +6 -2
  11. package/dist/actions/callback/userinfo.js +7 -8
  12. package/dist/actions/csrfToken/csrfToken.cjs +7 -15
  13. package/dist/actions/csrfToken/csrfToken.d.ts +3 -1
  14. package/dist/actions/csrfToken/csrfToken.js +7 -8
  15. package/dist/actions/index.cjs +502 -295
  16. package/dist/actions/index.d.ts +5 -2
  17. package/dist/actions/index.js +23 -20
  18. package/dist/actions/session/session.cjs +76 -24
  19. package/dist/actions/session/session.d.ts +3 -1
  20. package/dist/actions/session/session.js +6 -4
  21. package/dist/actions/signIn/authorization-url.cjs +288 -0
  22. package/dist/actions/signIn/authorization-url.d.ts +31 -0
  23. package/dist/actions/signIn/authorization-url.js +16 -0
  24. package/dist/actions/signIn/authorization.cjs +91 -132
  25. package/dist/actions/signIn/authorization.d.ts +17 -16
  26. package/dist/actions/signIn/authorization.js +8 -7
  27. package/dist/actions/signIn/signIn.cjs +319 -191
  28. package/dist/actions/signIn/signIn.d.ts +32 -3
  29. package/dist/actions/signIn/signIn.js +10 -9
  30. package/dist/actions/signOut/signOut.cjs +211 -212
  31. package/dist/actions/signOut/signOut.d.ts +9 -1
  32. package/dist/actions/signOut/signOut.js +9 -10
  33. package/dist/api/createApi.cjs +750 -0
  34. package/dist/api/createApi.d.ts +12 -0
  35. package/dist/api/createApi.js +19 -0
  36. package/dist/api/getSession.cjs +141 -0
  37. package/dist/api/getSession.d.ts +16 -0
  38. package/dist/api/getSession.js +10 -0
  39. package/dist/api/signIn.cjs +549 -0
  40. package/dist/api/signIn.d.ts +26 -0
  41. package/dist/api/signIn.js +15 -0
  42. package/dist/api/signOut.cjs +279 -0
  43. package/dist/api/signOut.d.ts +16 -0
  44. package/dist/api/signOut.js +13 -0
  45. package/dist/assert.cjs +42 -9
  46. package/dist/assert.d.ts +8 -4
  47. package/dist/assert.js +5 -5
  48. package/dist/{chunk-KJBAQZX2.js → chunk-2A5B7GWR.js} +44 -11
  49. package/dist/chunk-2GQLSIJ2.js +40 -0
  50. package/dist/chunk-2IR674WX.js +44 -0
  51. package/dist/chunk-3J5TUH2I.js +50 -0
  52. package/dist/chunk-4RWSYUKX.js +98 -0
  53. package/dist/chunk-5X7JZMEF.js +0 -0
  54. package/dist/{chunk-TZB6MUXN.js → chunk-7BE46WWS.js} +21 -11
  55. package/dist/chunk-7YYXFKLR.js +35 -0
  56. package/dist/chunk-C3A37LQC.js +33 -0
  57. package/dist/chunk-CITNGXDA.js +31 -0
  58. package/dist/chunk-CWX724AG.js +78 -0
  59. package/dist/chunk-D2CSIUKP.js +74 -0
  60. package/dist/{chunk-ICAZ4OVS.js → chunk-FPCVZUVG.js} +2 -2
  61. package/dist/{chunk-XGLBNXL4.js → chunk-GNNBM2WJ.js} +17 -9
  62. package/dist/chunk-JOCGX3RP.js +59 -0
  63. package/dist/chunk-KBXWTD6E.js +94 -0
  64. package/dist/{chunk-XUP6KKNG.js → chunk-LATR3NIV.js} +48 -37
  65. package/dist/chunk-LAYPUDQF.js +39 -0
  66. package/dist/chunk-LX3TJ2TJ.js +294 -0
  67. package/dist/{chunk-6MXFPFR3.js → chunk-NHZBQNRR.js} +19 -19
  68. package/dist/{chunk-TM5IPSNF.js → chunk-PDP3PHB3.js} +33 -19
  69. package/dist/chunk-PHYNROD4.js +47 -0
  70. package/dist/chunk-QQEKY4XP.js +29 -0
  71. package/dist/{chunk-VNCNJKS2.js → chunk-U4RK4LKJ.js} +82 -1
  72. package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
  73. package/dist/chunk-UN7X6SU5.js +53 -0
  74. package/dist/chunk-UZQJJD6A.js +100 -0
  75. package/dist/{chunk-NUDITUKX.js → chunk-V6LLEAR4.js} +22 -15
  76. package/dist/{chunk-4MYWAOLG.js → chunk-WHNDRO3N.js} +20 -1
  77. package/dist/{chunk-5W4BRQYG.js → chunk-XY5R3EHH.js} +6 -3
  78. package/dist/client/client.cjs +135 -0
  79. package/dist/client/client.d.ts +85 -0
  80. package/dist/client/client.js +9 -0
  81. package/dist/client/index.cjs +135 -0
  82. package/dist/client/index.d.ts +14 -0
  83. package/dist/client/index.js +10 -0
  84. package/dist/context.cjs +1237 -0
  85. package/dist/context.d.ts +16 -0
  86. package/dist/context.js +28 -0
  87. package/dist/cookie.cjs +33 -2
  88. package/dist/cookie.d.ts +9 -5
  89. package/dist/cookie.js +3 -2
  90. package/dist/createAuth.cjs +2320 -0
  91. package/dist/createAuth.d.ts +12 -0
  92. package/dist/createAuth.js +48 -0
  93. package/dist/env.cjs +24 -2
  94. package/dist/env.d.ts +4 -1
  95. package/dist/env.js +9 -3
  96. package/dist/errors.cjs +17 -0
  97. package/dist/errors.d.ts +13 -3
  98. package/dist/errors.js +5 -1
  99. package/dist/{index-CSyIJmCM.d.ts → index-_aXtxb_s.d.ts} +383 -13
  100. package/dist/index.cjs +2135 -1547
  101. package/dist/index.d.ts +9 -30
  102. package/dist/index.js +46 -119
  103. package/dist/jose.cjs +52 -14
  104. package/dist/jose.d.ts +12 -25
  105. package/dist/jose.js +11 -3
  106. package/dist/logger.cjs +132 -0
  107. package/dist/logger.d.ts +6 -2
  108. package/dist/logger.js +10 -1
  109. package/dist/oauth/atlassian.cjs +57 -0
  110. package/dist/oauth/atlassian.d.ts +12 -0
  111. package/dist/oauth/atlassian.js +6 -0
  112. package/dist/oauth/bitbucket.d.ts +6 -2
  113. package/dist/oauth/discord.d.ts +6 -2
  114. package/dist/oauth/dropbox.cjs +53 -0
  115. package/dist/oauth/dropbox.d.ts +12 -0
  116. package/dist/oauth/dropbox.js +6 -0
  117. package/dist/oauth/figma.d.ts +6 -2
  118. package/dist/oauth/github.d.ts +6 -2
  119. package/dist/oauth/gitlab.d.ts +6 -2
  120. package/dist/oauth/index.cjs +278 -88
  121. package/dist/oauth/index.d.ts +6 -2
  122. package/dist/oauth/index.js +27 -11
  123. package/dist/oauth/mailchimp.d.ts +6 -2
  124. package/dist/oauth/notion.cjs +131 -0
  125. package/dist/oauth/notion.d.ts +12 -0
  126. package/dist/oauth/notion.js +9 -0
  127. package/dist/oauth/pinterest.d.ts +6 -2
  128. package/dist/oauth/spotify.d.ts +6 -2
  129. package/dist/oauth/strava.d.ts +6 -2
  130. package/dist/oauth/twitch.cjs +95 -0
  131. package/dist/oauth/twitch.d.ts +12 -0
  132. package/dist/oauth/twitch.js +7 -0
  133. package/dist/oauth/x.d.ts +6 -2
  134. package/dist/schemas.cjs +84 -51
  135. package/dist/schemas.d.ts +103 -23
  136. package/dist/schemas.js +1 -1
  137. package/dist/secure.cjs +36 -36
  138. package/dist/secure.d.ts +10 -4
  139. package/dist/secure.js +7 -6
  140. package/dist/utils.cjs +109 -3
  141. package/dist/utils.d.ts +15 -4
  142. package/dist/utils.js +11 -4
  143. package/package.json +9 -5
  144. package/dist/chunk-4EKY7655.js +0 -123
  145. package/dist/chunk-7QF22LHP.js +0 -67
  146. package/dist/chunk-ALG3GIV4.js +0 -95
  147. package/dist/chunk-FRJFWTOY.js +0 -70
  148. package/dist/chunk-PHFH2MGS.js +0 -36
  149. package/dist/chunk-QQVSRXGX.js +0 -149
package/dist/index.d.ts CHANGED
@@ -1,35 +1,14 @@
1
- import { d as AuthConfig, e as AuthInstance } from './index-CSyIJmCM.js';
2
- export { C as CookieConfig, E as ErrorType, f as JoseInstance, i as LogLevel, L as Logger, O as OAuthProvider, g as OAuthProviderConfig, h as OAuthProviderCredentials, S as Session, T as TrustedOrigin, U as User } from './index-CSyIJmCM.js';
1
+ export { q as AuthAPI, p as AuthClient, l as AuthClientOptions, A as AuthConfig, r as AuthInstance, B as BuiltInOAuthProvider, C as CookieConfig, E as ErrorType, G as GetSessionAPIOptions, s as JoseInstance, L as LogLevel, t as Logger, k as OAuthProvider, u as OAuthProviderConfig, j as OAuthProviderCredentials, m as Session, g as SignInAPIOptions, n as SignInOptions, i as SignOutAPIOptions, o as SignOutOptions, T as TrustedOrigin, U as User, v as builtInOAuthProviders, w as createAuth, x as createSyslogMessage } from './index-_aXtxb_s.js';
2
+ export { createAuthClient, createClient } from './client/client.js';
3
+ export { Client, ClientOptions } from '@aura-stack/router/types';
4
+ export { LiteralUnion, Prettify } from './@types/utility.js';
3
5
  import 'zod';
4
6
  import './schemas.js';
5
- import './jose.js';
7
+ import 'zod/v4';
6
8
  import '@aura-stack/jose';
7
9
  import '@aura-stack/jose/jose';
10
+ import '@aura-stack/jose/crypto';
8
11
  import '@aura-stack/router/cookie';
9
- import './@types/utility.js';
10
-
11
- /**
12
- * Creates the authentication instance with the configuration provided for OAuth provider.
13
- * > NOTE: The handlers returned by this function should be used in the server to handle the authentication routes
14
- * and within the `/auth` base path
15
- *
16
- * @param authConfig - Authentication configuration including OAuth provider
17
- * @returns Authentication instance with handlers to be used in the server
18
- * @example
19
- * const auth = createAuth({
20
- * oauth: ["github", {
21
- * id: "custom-oauth",
22
- * name: "custom-oauth",
23
- * authorizationURL: "https://custom-oauth.com/oauth/authorize",
24
- * accessToken: "https://custom-oauth.com/oauth/token",
25
- * scope: "profile email",
26
- * responseType: "code",
27
- * userInfo: "https://custom-oauth.com/api/userinfo",
28
- * clientId: process.env.AURA_AUTH_CUSTOM_OAUTH_CLIENT_ID!,
29
- * clientSecret: process.env.AURA_AUTH_CUSTOM_OAUTH_CLIENT_SECRET!,
30
- * }]
31
- * })
32
- */
33
- declare const createAuth: (authConfig: AuthConfig) => AuthInstance;
34
-
35
- export { AuthConfig, AuthInstance, createAuth };
12
+ import 'jose';
13
+ import '@aura-stack/router';
14
+ import 'zod/v4/core';
package/dist/index.js CHANGED
@@ -1,132 +1,59 @@
1
+ import "./chunk-5X7JZMEF.js";
1
2
  import {
2
- createBuiltInOAuthProviders
3
- } from "./chunk-TM5IPSNF.js";
3
+ createAuthClient,
4
+ createClient
5
+ } from "./chunk-4RWSYUKX.js";
6
+ import {
7
+ createAuth
8
+ } from "./chunk-CWX724AG.js";
9
+ import "./chunk-ITQ7352M.js";
10
+ import "./chunk-NHZBQNRR.js";
11
+ import "./chunk-GNNBM2WJ.js";
12
+ import "./chunk-FPCVZUVG.js";
13
+ import "./chunk-UN7X6SU5.js";
14
+ import "./chunk-7YYXFKLR.js";
15
+ import "./chunk-3J5TUH2I.js";
16
+ import "./chunk-7BE46WWS.js";
17
+ import "./chunk-LAYPUDQF.js";
18
+ import "./chunk-CITNGXDA.js";
19
+ import "./chunk-JOCGX3RP.js";
20
+ import "./chunk-D2CSIUKP.js";
21
+ import "./chunk-LATR3NIV.js";
22
+ import "./chunk-KBXWTD6E.js";
23
+ import "./chunk-ZNCZVF6U.js";
24
+ import "./chunk-V6LLEAR4.js";
25
+ import "./chunk-2IR674WX.js";
26
+ import {
27
+ builtInOAuthProviders
28
+ } from "./chunk-PDP3PHB3.js";
29
+ import "./chunk-LDU7A2JE.js";
30
+ import "./chunk-PHYNROD4.js";
31
+ import "./chunk-E6G5YCI6.js";
4
32
  import "./chunk-IPKO6UQN.js";
5
33
  import "./chunk-54CZPKR4.js";
34
+ import "./chunk-2GQLSIJ2.js";
6
35
  import "./chunk-EEE7UM5T.js";
36
+ import "./chunk-C3A37LQC.js";
7
37
  import "./chunk-4YHJ4IEQ.js";
8
38
  import "./chunk-OVHNRULD.js";
39
+ import "./chunk-QQEKY4XP.js";
9
40
  import "./chunk-KMMAZFSJ.js";
10
41
  import "./chunk-FW4W3REU.js";
11
42
  import "./chunk-5LZ7TOM3.js";
12
- import "./chunk-LDU7A2JE.js";
13
- import "./chunk-E6G5YCI6.js";
14
- import "./chunk-ITQ7352M.js";
15
- import {
16
- signInAction
17
- } from "./chunk-7QF22LHP.js";
18
- import {
19
- csrfTokenAction
20
- } from "./chunk-ICAZ4OVS.js";
21
43
  import {
22
- signOutAction
23
- } from "./chunk-ALG3GIV4.js";
24
- import {
25
- callbackAction
26
- } from "./chunk-6MXFPFR3.js";
27
- import "./chunk-TZB6MUXN.js";
28
- import "./chunk-XGLBNXL4.js";
29
- import {
30
- sessionAction
31
- } from "./chunk-PHFH2MGS.js";
32
- import "./chunk-XUP6KKNG.js";
33
- import "./chunk-ZNCZVF6U.js";
34
- import "./chunk-KJBAQZX2.js";
35
- import "./chunk-NUDITUKX.js";
36
- import "./chunk-4EKY7655.js";
37
- import {
38
- createErrorHandler,
39
- useSecureCookies
40
- } from "./chunk-QQVSRXGX.js";
41
- import {
42
- createCookieStore
43
- } from "./chunk-5W4BRQYG.js";
44
+ createSyslogMessage
45
+ } from "./chunk-U4RK4LKJ.js";
46
+ import "./chunk-2A5B7GWR.js";
47
+ import "./chunk-UZQJJD6A.js";
48
+ import "./chunk-LX3TJ2TJ.js";
49
+ import "./chunk-XY5R3EHH.js";
50
+ import "./chunk-WHNDRO3N.js";
51
+ import "./chunk-U5663F2U.js";
44
52
  import "./chunk-EBAMFRB7.js";
45
- import {
46
- createJoseInstance
47
- } from "./chunk-FRJFWTOY.js";
48
- import "./chunk-4MYWAOLG.js";
49
- import "./chunk-RRLIF4PQ.js";
50
- import {
51
- createLogEntry
52
- } from "./chunk-VNCNJKS2.js";
53
-
54
- // src/index.ts
55
- import { createRouter } from "@aura-stack/router";
56
- var logLevelToSeverity = {
57
- debug: ["debug", "info", "notice", "warning", "error", "critical", "alert", "emergency"],
58
- info: ["info", "notice", "warning", "error", "critical", "alert", "emergency"],
59
- warn: ["warning", "error", "critical", "alert", "emergency"],
60
- error: ["error", "critical", "alert", "emergency"]
61
- };
62
- var createLoggerProxy = (logger) => {
63
- if (!logger) return void 0;
64
- const level = logger.level;
65
- const allowedSeverities = logLevelToSeverity[level] ?? [];
66
- const internalLogger = {
67
- level,
68
- log(key, overrides) {
69
- const entry = createLogEntry(key, overrides);
70
- if (!allowedSeverities.includes(entry.severity)) return entry;
71
- logger.log({
72
- timestamp: entry.timestamp ?? (/* @__PURE__ */ new Date()).toISOString(),
73
- appName: entry.appName ?? "aura-auth",
74
- hostname: entry.hostname ?? "aura-auth",
75
- ...entry
76
- });
77
- return entry;
78
- }
79
- };
80
- return internalLogger;
81
- };
82
- var createInternalConfig = (authConfig) => {
83
- const useSecure = authConfig?.trustedProxyHeaders ?? false;
84
- const logger = authConfig?.logger;
85
- const internalLogger = createLoggerProxy(logger);
86
- return {
87
- basePath: authConfig?.basePath ?? "/auth",
88
- onError: createErrorHandler(internalLogger),
89
- context: {
90
- oauth: createBuiltInOAuthProviders(authConfig?.oauth),
91
- cookies: createCookieStore(
92
- useSecure,
93
- authConfig?.cookies?.prefix,
94
- authConfig?.cookies?.overrides ?? {},
95
- internalLogger
96
- ),
97
- jose: createJoseInstance(authConfig?.secret),
98
- secret: authConfig?.secret,
99
- basePath: authConfig?.basePath ?? "/auth",
100
- trustedProxyHeaders: useSecure,
101
- trustedOrigins: authConfig?.trustedOrigins,
102
- logger: internalLogger
103
- },
104
- middlewares: [
105
- (ctx) => {
106
- const useSecure2 = useSecureCookies(ctx.request, ctx.context.trustedProxyHeaders);
107
- const cookies = createCookieStore(
108
- useSecure2,
109
- authConfig?.cookies?.prefix,
110
- authConfig?.cookies?.overrides ?? {},
111
- internalLogger
112
- );
113
- ctx.context.cookies = cookies;
114
- return ctx;
115
- }
116
- ]
117
- };
118
- };
119
- var createAuth = (authConfig) => {
120
- const config = createInternalConfig(authConfig);
121
- const router = createRouter(
122
- [signInAction(config.context.oauth), callbackAction(config.context.oauth), sessionAction, signOutAction, csrfTokenAction],
123
- config
124
- );
125
- return {
126
- handlers: router,
127
- jose: config.context.jose
128
- };
129
- };
130
53
  export {
131
- createAuth
54
+ builtInOAuthProviders,
55
+ createAuth,
56
+ createAuthClient,
57
+ createClient,
58
+ createSyslogMessage
132
59
  };
package/dist/jose.cjs CHANGED
@@ -20,8 +20,12 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
20
20
  // src/jose.ts
21
21
  var jose_exports = {};
22
22
  __export(jose_exports, {
23
+ base64url: () => import_jose2.base64url,
23
24
  createJoseInstance: () => createJoseInstance,
24
25
  decodeJWTOptions: () => decodeJWTOptions,
26
+ encoder: () => import_crypto.encoder,
27
+ getRandomBytes: () => import_crypto.getRandomBytes,
28
+ getSubtleCrypto: () => import_crypto.getSubtleCrypto,
25
29
  jwtVerificationOptions: () => jwtVerificationOptions
26
30
  });
27
31
  module.exports = __toCommonJS(jose_exports);
@@ -54,6 +58,10 @@ var env = new Proxy({}, {
54
58
  }
55
59
  }
56
60
  });
61
+ var getEnv = (key) => {
62
+ const keys = [`AURA_AUTH_${key.toUpperCase()}`, `AURA_${key.toUpperCase()}`, `AUTH_${key.toUpperCase()}`, key.toUpperCase()];
63
+ return env[keys.find((k) => env[k]) ?? ""];
64
+ };
57
65
 
58
66
  // src/jose.ts
59
67
  var import_jose = require("@aura-stack/jose");
@@ -71,15 +79,17 @@ var AuthInternalError = class extends Error {
71
79
  };
72
80
 
73
81
  // src/jose.ts
82
+ var import_jose2 = require("@aura-stack/jose/jose");
83
+ var import_crypto = require("@aura-stack/jose/crypto");
74
84
  var createJoseInstance = (secret) => {
75
- secret ??= env.AURA_AUTH_SECRET ?? env.AUTH_SECRET;
85
+ secret ??= getEnv("SECRET");
76
86
  if (!secret) {
77
87
  throw new AuthInternalError(
78
88
  "JOSE_INITIALIZATION_FAILED",
79
89
  "AURA_AUTH_SECRET environment variable is not set and no secret was provided."
80
90
  );
81
91
  }
82
- const salt = env.AURA_AUTH_SALT ?? env.AUTH_SALT;
92
+ const salt = getEnv("SALT");
83
93
  if (!salt) {
84
94
  throw new AuthInternalError(
85
95
  "JOSE_INITIALIZATION_FAILED",
@@ -95,19 +105,43 @@ var createJoseInstance = (secret) => {
95
105
  { cause: error }
96
106
  );
97
107
  }
98
- const { derivedKey: derivedSigningKey } = (0, import_jose.createDeriveKey)(secret, salt, "signing");
99
- const { derivedKey: derivedEncryptionKey } = (0, import_jose.createDeriveKey)(secret, salt, "encryption");
100
- const { derivedKey: derivedCsrfTokenKey } = (0, import_jose.createDeriveKey)(secret, salt, "csrfToken");
101
- const { decodeJWT, encodeJWT } = (0, import_jose.createJWT)({ jws: derivedSigningKey, jwe: derivedEncryptionKey });
102
- const { signJWS, verifyJWS } = (0, import_jose.createJWS)(derivedCsrfTokenKey);
103
- const { encryptJWE, decryptJWE } = (0, import_jose.createJWE)(derivedEncryptionKey);
108
+ const jose = (async () => {
109
+ const derivedSigningKey = await (0, import_jose.createDeriveKey)(secret, salt, "signing");
110
+ const derivedEncryptionKey = await (0, import_jose.createDeriveKey)(secret, salt, "encryption");
111
+ const derivedCsrfTokenKey = await (0, import_jose.createDeriveKey)(secret, salt, "csrfToken");
112
+ return {
113
+ jwt: (0, import_jose.createJWT)({ jws: derivedSigningKey, jwe: derivedEncryptionKey }),
114
+ jws: (0, import_jose.createJWS)(derivedCsrfTokenKey),
115
+ jwe: (0, import_jose.createJWE)(derivedEncryptionKey)
116
+ };
117
+ })();
118
+ jose.catch(() => {
119
+ });
104
120
  return {
105
- decodeJWT,
106
- encodeJWT,
107
- signJWS,
108
- verifyJWS,
109
- encryptJWE,
110
- decryptJWE
121
+ decodeJWT: async (token, options) => {
122
+ const { jwt } = await jose;
123
+ return jwt.decodeJWT(token, options);
124
+ },
125
+ encodeJWT: async (payload) => {
126
+ const { jwt } = await jose;
127
+ return jwt.encodeJWT(payload);
128
+ },
129
+ signJWS: async (...args) => {
130
+ const { jws } = await jose;
131
+ return jws.signJWS(...args);
132
+ },
133
+ verifyJWS: async (...args) => {
134
+ const { jws } = await jose;
135
+ return jws.verifyJWS(...args);
136
+ },
137
+ encryptJWE: async (...args) => {
138
+ const { jwe } = await jose;
139
+ return jwe.encryptJWE(...args);
140
+ },
141
+ decryptJWE: async (...args) => {
142
+ const { jwe } = await jose;
143
+ return jwe.decryptJWE(...args);
144
+ }
111
145
  };
112
146
  };
113
147
  var jwtVerificationOptions = {
@@ -122,7 +156,11 @@ var decodeJWTOptions = {
122
156
  };
123
157
  // Annotate the CommonJS export names for ESM import in node:
124
158
  0 && (module.exports = {
159
+ base64url,
125
160
  createJoseInstance,
126
161
  decodeJWTOptions,
162
+ encoder,
163
+ getRandomBytes,
164
+ getSubtleCrypto,
127
165
  jwtVerificationOptions
128
166
  });
package/dist/jose.d.ts CHANGED
@@ -1,25 +1,12 @@
1
- import * as _aura_stack_jose from '@aura-stack/jose';
2
- import { JWTVerifyOptions, DecodedJWTPayloadOptions } from '@aura-stack/jose';
3
- import * as _aura_stack_jose_jose from '@aura-stack/jose/jose';
4
- export { JWTPayload } from '@aura-stack/jose/jose';
5
-
6
- /**
7
- * Creates the JOSE instance used for signing and verifying tokens. It derives keys
8
- * for session tokens and CSRF tokens. For security and determinism, it's required
9
- * to set a salt value in `AURA_AUTH_SALT` or `AUTH_SALT` env.
10
- *
11
- * @param secret the base secret for key derivation
12
- * @returns jose instance with methods for encoding/decoding JWTs and signing/verifying JWSs
13
- */
14
- declare const createJoseInstance: (secret?: string) => {
15
- decodeJWT: (token: string) => Promise<_aura_stack_jose_jose.JWTPayload>;
16
- encodeJWT: (payload: _aura_stack_jose_jose.JWTPayload) => Promise<string>;
17
- signJWS: (payload: _aura_stack_jose_jose.JWTPayload) => Promise<string>;
18
- verifyJWS: (payload: string, options?: JWTVerifyOptions) => Promise<_aura_stack_jose_jose.JWTPayload>;
19
- encryptJWE: (payload: string, options?: _aura_stack_jose.EncryptOptions) => Promise<string>;
20
- decryptJWE: (payload: string, options?: _aura_stack_jose.JWTDecryptOptions) => Promise<string>;
21
- };
22
- declare const jwtVerificationOptions: JWTVerifyOptions;
23
- declare const decodeJWTOptions: DecodedJWTPayloadOptions;
24
-
25
- export { createJoseInstance, decodeJWTOptions, jwtVerificationOptions };
1
+ import '@aura-stack/jose';
2
+ export { JWTPayload, base64url } from '@aura-stack/jose/jose';
3
+ export { encoder, getRandomBytes, getSubtleCrypto } from '@aura-stack/jose/crypto';
4
+ export { K as createJoseInstance, M as decodeJWTOptions, N as jwtVerificationOptions } from './index-_aXtxb_s.js';
5
+ import 'zod';
6
+ import './schemas.js';
7
+ import 'zod/v4';
8
+ import '@aura-stack/router/cookie';
9
+ import './@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
package/dist/jose.js CHANGED
@@ -1,12 +1,20 @@
1
1
  import {
2
+ base64url,
2
3
  createJoseInstance,
3
4
  decodeJWTOptions,
5
+ encoder,
6
+ getRandomBytes,
7
+ getSubtleCrypto,
4
8
  jwtVerificationOptions
5
- } from "./chunk-FRJFWTOY.js";
6
- import "./chunk-4MYWAOLG.js";
7
- import "./chunk-RRLIF4PQ.js";
9
+ } from "./chunk-UZQJJD6A.js";
10
+ import "./chunk-WHNDRO3N.js";
11
+ import "./chunk-U5663F2U.js";
8
12
  export {
13
+ base64url,
9
14
  createJoseInstance,
10
15
  decodeJWTOptions,
16
+ encoder,
17
+ getRandomBytes,
18
+ getSubtleCrypto,
11
19
  jwtVerificationOptions
12
20
  };
package/dist/logger.cjs CHANGED
@@ -21,9 +21,68 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
21
21
  var logger_exports = {};
22
22
  __export(logger_exports, {
23
23
  createLogEntry: () => createLogEntry,
24
+ createLogger: () => createLogger,
25
+ createProxyLogger: () => createProxyLogger,
26
+ createSyslogMessage: () => createSyslogMessage,
24
27
  logMessages: () => logMessages
25
28
  });
26
29
  module.exports = __toCommonJS(logger_exports);
30
+
31
+ // src/env.ts
32
+ var import_meta = {};
33
+ var env = new Proxy({}, {
34
+ get(_, prop) {
35
+ if (typeof prop !== "string") return void 0;
36
+ const hasProperty = (process2) => {
37
+ return process2 && Object.prototype.hasOwnProperty.call(process2, prop);
38
+ };
39
+ try {
40
+ if (typeof process !== "undefined" && hasProperty(process.env)) {
41
+ return process.env[prop];
42
+ }
43
+ if (typeof import_meta !== "undefined" && hasProperty(import_meta.env)) {
44
+ return import_meta.env[prop];
45
+ }
46
+ if (typeof Deno !== "undefined" && Deno.env?.get) {
47
+ return Deno.env.get(prop);
48
+ }
49
+ if (typeof Bun !== "undefined" && hasProperty(Bun.env)) {
50
+ return Bun.env[prop];
51
+ }
52
+ const globalValue = globalThis[prop];
53
+ return typeof globalValue === "string" ? globalValue : void 0;
54
+ } catch {
55
+ return void 0;
56
+ }
57
+ }
58
+ });
59
+ var getEnv = (key) => {
60
+ const keys = [`AURA_AUTH_${key.toUpperCase()}`, `AURA_${key.toUpperCase()}`, `AUTH_${key.toUpperCase()}`, key.toUpperCase()];
61
+ return env[keys.find((k) => env[k]) ?? ""];
62
+ };
63
+ var getEnvBoolean = (key) => {
64
+ const value = getEnv(key);
65
+ if (value === void 0) return false;
66
+ const normalized = value.trim().toLowerCase();
67
+ if (["1", "true", "yes", "on", "debug"].includes(normalized)) return true;
68
+ return false;
69
+ };
70
+
71
+ // src/utils.ts
72
+ var import_router = require("@aura-stack/router");
73
+
74
+ // src/assert.ts
75
+ var import_crypto = require("@aura-stack/jose/crypto");
76
+
77
+ // src/utils.ts
78
+ var createStructuredData = (data, sdID = "metadata") => {
79
+ const entries = Object.entries(data);
80
+ if (entries.length === 0) return `[${sdID}]`;
81
+ const values = entries.map(([key, value]) => `${key}="${String(value).replace(/(["\\\]])/g, "\\$1")}"`).join(" ");
82
+ return `[${sdID} ${values}]`;
83
+ };
84
+
85
+ // src/logger.ts
27
86
  var logMessages = {
28
87
  ROUTER_INTERNAL_ERROR: {
29
88
  facility: 10,
@@ -282,11 +341,84 @@ var createLogEntry = (key, overrides) => {
282
341
  const message = logMessages[key];
283
342
  return {
284
343
  ...message,
344
+ timestamp: (/* @__PURE__ */ new Date()).toISOString(),
345
+ hostname: "aura-auth",
346
+ procId: typeof process !== "undefined" && process.pid ? process.pid.toString() : "-",
285
347
  ...overrides
286
348
  };
287
349
  };
350
+ var logLevelToSeverity = {
351
+ debug: ["debug", "info", "notice", "warning", "error", "critical", "alert", "emergency"],
352
+ info: ["info", "notice", "warning", "error", "critical", "alert", "emergency"],
353
+ warn: ["warning", "error", "critical", "alert", "emergency"],
354
+ error: ["error", "critical", "alert", "emergency"]
355
+ };
356
+ var isValidLogLevel = (value) => {
357
+ return value === "debug" || value === "info" || value === "warn" || value === "error";
358
+ };
359
+ var getSeverityLevel = (severity) => {
360
+ const severities = {
361
+ emergency: 0,
362
+ alert: 1,
363
+ critical: 2,
364
+ error: 3,
365
+ warning: 4,
366
+ notice: 5,
367
+ info: 6,
368
+ debug: 7
369
+ };
370
+ return severities[severity] ?? 6;
371
+ };
372
+ var createSyslogMessage = (options) => {
373
+ const { timestamp, hostname, appName = "aura-auth", procId = "-", msgId, structuredData, message } = options;
374
+ const pri = (options.facility ?? 16) * 8 + getSeverityLevel(options.severity);
375
+ const structuredDataStr = createStructuredData(structuredData ?? {});
376
+ return `<${pri}>1 ${timestamp} ${hostname} ${appName} ${procId} ${msgId} ${structuredDataStr} ${message}`;
377
+ };
378
+ var createLogger = (logger) => {
379
+ if (!logger) return void 0;
380
+ const level = logger.level;
381
+ const allowedSeverities = logLevelToSeverity[level] ?? [];
382
+ return {
383
+ level,
384
+ log(key, overrides) {
385
+ const entry = createLogEntry(key, overrides);
386
+ if (!allowedSeverities.includes(entry.severity)) return entry;
387
+ logger.log({
388
+ timestamp: entry.timestamp,
389
+ appName: entry.appName ?? "aura-auth",
390
+ hostname: entry.hostname ?? "aura-auth",
391
+ ...entry
392
+ });
393
+ return entry;
394
+ }
395
+ };
396
+ };
397
+ var createProxyLogger = (config) => {
398
+ const level = getEnv("LOG_LEVEL");
399
+ const debug = getEnvBoolean("DEBUG");
400
+ if (typeof config?.logger === "object") {
401
+ return createLogger({
402
+ log: config.logger?.log || createSyslogMessage,
403
+ level: isValidLogLevel(config.logger?.level) ? config.logger?.level : isValidLogLevel(level) ? level : "error"
404
+ });
405
+ }
406
+ if (debug || config?.logger === true || level) {
407
+ return createLogger({
408
+ level: isValidLogLevel(level) ? level : "debug",
409
+ log: (options) => {
410
+ const message = createSyslogMessage(options);
411
+ console.log(message);
412
+ }
413
+ });
414
+ }
415
+ return void 0;
416
+ };
288
417
  // Annotate the CommonJS export names for ESM import in node:
289
418
  0 && (module.exports = {
290
419
  createLogEntry,
420
+ createLogger,
421
+ createProxyLogger,
422
+ createSyslogMessage,
291
423
  logMessages
292
424
  });
package/dist/logger.d.ts CHANGED
@@ -1,8 +1,12 @@
1
- export { m as createLogEntry, l as logMessages } from './index-CSyIJmCM.js';
1
+ export { y as createLogEntry, z as createLogger, D as createProxyLogger, x as createSyslogMessage, H as logMessages } from './index-_aXtxb_s.js';
2
2
  import 'zod';
3
3
  import './schemas.js';
4
- import './jose.js';
4
+ import 'zod/v4';
5
5
  import '@aura-stack/jose';
6
6
  import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
7
8
  import '@aura-stack/router/cookie';
8
9
  import './@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
package/dist/logger.js CHANGED
@@ -1,8 +1,17 @@
1
1
  import {
2
2
  createLogEntry,
3
+ createLogger,
4
+ createProxyLogger,
5
+ createSyslogMessage,
3
6
  logMessages
4
- } from "./chunk-VNCNJKS2.js";
7
+ } from "./chunk-U4RK4LKJ.js";
8
+ import "./chunk-LX3TJ2TJ.js";
9
+ import "./chunk-WHNDRO3N.js";
10
+ import "./chunk-U5663F2U.js";
5
11
  export {
6
12
  createLogEntry,
13
+ createLogger,
14
+ createProxyLogger,
15
+ createSyslogMessage,
7
16
  logMessages
8
17
  };
@@ -0,0 +1,57 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __export = (target, all) => {
7
+ for (var name in all)
8
+ __defProp(target, name, { get: all[name], enumerable: true });
9
+ };
10
+ var __copyProps = (to, from, except, desc) => {
11
+ if (from && typeof from === "object" || typeof from === "function") {
12
+ for (let key of __getOwnPropNames(from))
13
+ if (!__hasOwnProp.call(to, key) && key !== except)
14
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
+ }
16
+ return to;
17
+ };
18
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
+
20
+ // src/oauth/atlassian.ts
21
+ var atlassian_exports = {};
22
+ __export(atlassian_exports, {
23
+ atlassian: () => atlassian
24
+ });
25
+ module.exports = __toCommonJS(atlassian_exports);
26
+ var atlassian = (options) => {
27
+ return {
28
+ id: "atlassian",
29
+ name: "Atlassian",
30
+ authorize: {
31
+ url: "https://auth.atlassian.com/authorize",
32
+ params: {
33
+ audience: "api.atlassian.com",
34
+ scope: "read:me read:account",
35
+ prompt: "consent"
36
+ }
37
+ },
38
+ authorizeURL: "https://auth.atlassian.com/authorize",
39
+ accessToken: "https://auth.atlassian.com/oauth/token",
40
+ userInfo: "https://api.atlassian.com/me",
41
+ scope: "read:me read:account",
42
+ responseType: "code",
43
+ profile(profile) {
44
+ return {
45
+ sub: profile.account_id,
46
+ name: profile.name,
47
+ email: profile.email,
48
+ image: profile.picture
49
+ };
50
+ },
51
+ ...options
52
+ };
53
+ };
54
+ // Annotate the CommonJS export names for ESM import in node:
55
+ 0 && (module.exports = {
56
+ atlassian
57
+ });
@@ -0,0 +1,12 @@
1
+ export { P as AtlassianProfile, Q as ExtendedProfile, V as atlassian } from '../index-_aXtxb_s.js';
2
+ import '../@types/utility.js';
3
+ import 'zod';
4
+ import '../schemas.js';
5
+ import 'zod/v4';
6
+ import '@aura-stack/jose';
7
+ import '@aura-stack/jose/jose';
8
+ import '@aura-stack/jose/crypto';
9
+ import '@aura-stack/router/cookie';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
@@ -0,0 +1,6 @@
1
+ import {
2
+ atlassian
3
+ } from "../chunk-C3A37LQC.js";
4
+ export {
5
+ atlassian
6
+ };