@aura-stack/auth 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/dist/@types/index.d.ts +6 -2
  2. package/dist/@types/router.d.d.ts +6 -2
  3. package/dist/actions/callback/access-token.cjs +103 -59
  4. package/dist/actions/callback/access-token.d.ts +7 -3
  5. package/dist/actions/callback/access-token.js +3 -3
  6. package/dist/actions/callback/callback.cjs +200 -134
  7. package/dist/actions/callback/callback.d.ts +32 -3
  8. package/dist/actions/callback/callback.js +11 -12
  9. package/dist/actions/callback/userinfo.cjs +103 -70
  10. package/dist/actions/callback/userinfo.d.ts +6 -2
  11. package/dist/actions/callback/userinfo.js +7 -8
  12. package/dist/actions/csrfToken/csrfToken.cjs +7 -15
  13. package/dist/actions/csrfToken/csrfToken.d.ts +3 -1
  14. package/dist/actions/csrfToken/csrfToken.js +7 -8
  15. package/dist/actions/index.cjs +502 -295
  16. package/dist/actions/index.d.ts +5 -2
  17. package/dist/actions/index.js +23 -20
  18. package/dist/actions/session/session.cjs +76 -24
  19. package/dist/actions/session/session.d.ts +3 -1
  20. package/dist/actions/session/session.js +6 -4
  21. package/dist/actions/signIn/authorization-url.cjs +288 -0
  22. package/dist/actions/signIn/authorization-url.d.ts +31 -0
  23. package/dist/actions/signIn/authorization-url.js +16 -0
  24. package/dist/actions/signIn/authorization.cjs +91 -132
  25. package/dist/actions/signIn/authorization.d.ts +17 -16
  26. package/dist/actions/signIn/authorization.js +8 -7
  27. package/dist/actions/signIn/signIn.cjs +319 -191
  28. package/dist/actions/signIn/signIn.d.ts +32 -3
  29. package/dist/actions/signIn/signIn.js +10 -9
  30. package/dist/actions/signOut/signOut.cjs +211 -212
  31. package/dist/actions/signOut/signOut.d.ts +9 -1
  32. package/dist/actions/signOut/signOut.js +9 -10
  33. package/dist/api/createApi.cjs +750 -0
  34. package/dist/api/createApi.d.ts +12 -0
  35. package/dist/api/createApi.js +19 -0
  36. package/dist/api/getSession.cjs +141 -0
  37. package/dist/api/getSession.d.ts +16 -0
  38. package/dist/api/getSession.js +10 -0
  39. package/dist/api/signIn.cjs +549 -0
  40. package/dist/api/signIn.d.ts +26 -0
  41. package/dist/api/signIn.js +15 -0
  42. package/dist/api/signOut.cjs +279 -0
  43. package/dist/api/signOut.d.ts +16 -0
  44. package/dist/api/signOut.js +13 -0
  45. package/dist/assert.cjs +42 -9
  46. package/dist/assert.d.ts +8 -4
  47. package/dist/assert.js +5 -5
  48. package/dist/{chunk-KJBAQZX2.js → chunk-2A5B7GWR.js} +44 -11
  49. package/dist/chunk-2GQLSIJ2.js +40 -0
  50. package/dist/chunk-2IR674WX.js +44 -0
  51. package/dist/chunk-3J5TUH2I.js +50 -0
  52. package/dist/chunk-4RWSYUKX.js +98 -0
  53. package/dist/chunk-5X7JZMEF.js +0 -0
  54. package/dist/{chunk-TZB6MUXN.js → chunk-7BE46WWS.js} +21 -11
  55. package/dist/chunk-7YYXFKLR.js +35 -0
  56. package/dist/chunk-C3A37LQC.js +33 -0
  57. package/dist/chunk-CITNGXDA.js +31 -0
  58. package/dist/chunk-CWX724AG.js +78 -0
  59. package/dist/chunk-D2CSIUKP.js +74 -0
  60. package/dist/{chunk-ICAZ4OVS.js → chunk-FPCVZUVG.js} +2 -2
  61. package/dist/{chunk-XGLBNXL4.js → chunk-GNNBM2WJ.js} +17 -9
  62. package/dist/chunk-JOCGX3RP.js +59 -0
  63. package/dist/chunk-KBXWTD6E.js +94 -0
  64. package/dist/{chunk-XUP6KKNG.js → chunk-LATR3NIV.js} +48 -37
  65. package/dist/chunk-LAYPUDQF.js +39 -0
  66. package/dist/chunk-LX3TJ2TJ.js +294 -0
  67. package/dist/{chunk-6MXFPFR3.js → chunk-NHZBQNRR.js} +19 -19
  68. package/dist/{chunk-TM5IPSNF.js → chunk-PDP3PHB3.js} +33 -19
  69. package/dist/chunk-PHYNROD4.js +47 -0
  70. package/dist/chunk-QQEKY4XP.js +29 -0
  71. package/dist/{chunk-VNCNJKS2.js → chunk-U4RK4LKJ.js} +82 -1
  72. package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
  73. package/dist/chunk-UN7X6SU5.js +53 -0
  74. package/dist/chunk-UZQJJD6A.js +100 -0
  75. package/dist/{chunk-NUDITUKX.js → chunk-V6LLEAR4.js} +22 -15
  76. package/dist/{chunk-4MYWAOLG.js → chunk-WHNDRO3N.js} +20 -1
  77. package/dist/{chunk-5W4BRQYG.js → chunk-XY5R3EHH.js} +6 -3
  78. package/dist/client/client.cjs +135 -0
  79. package/dist/client/client.d.ts +85 -0
  80. package/dist/client/client.js +9 -0
  81. package/dist/client/index.cjs +135 -0
  82. package/dist/client/index.d.ts +14 -0
  83. package/dist/client/index.js +10 -0
  84. package/dist/context.cjs +1237 -0
  85. package/dist/context.d.ts +16 -0
  86. package/dist/context.js +28 -0
  87. package/dist/cookie.cjs +33 -2
  88. package/dist/cookie.d.ts +9 -5
  89. package/dist/cookie.js +3 -2
  90. package/dist/createAuth.cjs +2320 -0
  91. package/dist/createAuth.d.ts +12 -0
  92. package/dist/createAuth.js +48 -0
  93. package/dist/env.cjs +24 -2
  94. package/dist/env.d.ts +4 -1
  95. package/dist/env.js +9 -3
  96. package/dist/errors.cjs +17 -0
  97. package/dist/errors.d.ts +13 -3
  98. package/dist/errors.js +5 -1
  99. package/dist/{index-CSyIJmCM.d.ts → index-_aXtxb_s.d.ts} +383 -13
  100. package/dist/index.cjs +2135 -1547
  101. package/dist/index.d.ts +9 -30
  102. package/dist/index.js +46 -119
  103. package/dist/jose.cjs +52 -14
  104. package/dist/jose.d.ts +12 -25
  105. package/dist/jose.js +11 -3
  106. package/dist/logger.cjs +132 -0
  107. package/dist/logger.d.ts +6 -2
  108. package/dist/logger.js +10 -1
  109. package/dist/oauth/atlassian.cjs +57 -0
  110. package/dist/oauth/atlassian.d.ts +12 -0
  111. package/dist/oauth/atlassian.js +6 -0
  112. package/dist/oauth/bitbucket.d.ts +6 -2
  113. package/dist/oauth/discord.d.ts +6 -2
  114. package/dist/oauth/dropbox.cjs +53 -0
  115. package/dist/oauth/dropbox.d.ts +12 -0
  116. package/dist/oauth/dropbox.js +6 -0
  117. package/dist/oauth/figma.d.ts +6 -2
  118. package/dist/oauth/github.d.ts +6 -2
  119. package/dist/oauth/gitlab.d.ts +6 -2
  120. package/dist/oauth/index.cjs +278 -88
  121. package/dist/oauth/index.d.ts +6 -2
  122. package/dist/oauth/index.js +27 -11
  123. package/dist/oauth/mailchimp.d.ts +6 -2
  124. package/dist/oauth/notion.cjs +131 -0
  125. package/dist/oauth/notion.d.ts +12 -0
  126. package/dist/oauth/notion.js +9 -0
  127. package/dist/oauth/pinterest.d.ts +6 -2
  128. package/dist/oauth/spotify.d.ts +6 -2
  129. package/dist/oauth/strava.d.ts +6 -2
  130. package/dist/oauth/twitch.cjs +95 -0
  131. package/dist/oauth/twitch.d.ts +12 -0
  132. package/dist/oauth/twitch.js +7 -0
  133. package/dist/oauth/x.d.ts +6 -2
  134. package/dist/schemas.cjs +84 -51
  135. package/dist/schemas.d.ts +103 -23
  136. package/dist/schemas.js +1 -1
  137. package/dist/secure.cjs +36 -36
  138. package/dist/secure.d.ts +10 -4
  139. package/dist/secure.js +7 -6
  140. package/dist/utils.cjs +109 -3
  141. package/dist/utils.d.ts +15 -4
  142. package/dist/utils.js +11 -4
  143. package/package.json +9 -5
  144. package/dist/chunk-4EKY7655.js +0 -123
  145. package/dist/chunk-7QF22LHP.js +0 -67
  146. package/dist/chunk-ALG3GIV4.js +0 -95
  147. package/dist/chunk-FRJFWTOY.js +0 -70
  148. package/dist/chunk-PHFH2MGS.js +0 -36
  149. package/dist/chunk-QQVSRXGX.js +0 -149
@@ -1,123 +0,0 @@
1
- import {
2
- equals
3
- } from "./chunk-QQVSRXGX.js";
4
-
5
- // src/assert.ts
6
- import { timingSafeEqual } from "crypto";
7
- var isFalsy = (value) => {
8
- return value === false || value === 0 || value === "" || value === null || value === void 0 || Number.isNaN(value);
9
- };
10
- var isRequest = (value) => {
11
- return typeof Request !== "undefined" && value instanceof Request;
12
- };
13
- var unsafeChars = [
14
- "<",
15
- ">",
16
- '"',
17
- "`",
18
- " ",
19
- "\r",
20
- "\n",
21
- " ",
22
- "\\",
23
- "%2F",
24
- "%5C",
25
- "%2f",
26
- "%5c",
27
- "\r\n",
28
- "%0A",
29
- "%0D",
30
- "%0a",
31
- "%0d",
32
- "..",
33
- "//",
34
- "///",
35
- "...",
36
- "%20",
37
- "\0"
38
- ];
39
- var isValidURL = (value) => {
40
- if (!new RegExp(/^https?:\/\/[^/]/).test(value)) {
41
- return false;
42
- }
43
- const match = value.match(/^(https?:\/\/)(.*)$/);
44
- if (!match) return false;
45
- const rest = match[2];
46
- for (const char of unsafeChars) {
47
- if (rest.includes(char)) return false;
48
- }
49
- const regex = /^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()?#*+,;=:@-]*)*\/?$/;
50
- return regex.test(match[0]);
51
- };
52
- var isJWTPayloadWithToken = (payload) => {
53
- return typeof payload === "object" && payload !== null && "token" in payload && typeof payload?.token === "string";
54
- };
55
- var isRelativeURL = (value) => {
56
- if (value.length > 100) return false;
57
- for (const char of unsafeChars) {
58
- if (value.includes(char)) return false;
59
- }
60
- const regex = /^\/[a-zA-Z0-9\-_\/.?&=#]*\/?$/;
61
- return regex.test(value);
62
- };
63
- var isSameOrigin = (origin, expected) => {
64
- const originURL = new URL(origin);
65
- const expectedURL = new URL(expected);
66
- return equals(originURL.origin, expectedURL.origin);
67
- };
68
- var patternToRegex = (pattern) => {
69
- try {
70
- if (pattern.length > 2048) return null;
71
- pattern = pattern.replace(/\\/g, "");
72
- const match = pattern.match(/^(https?):\/\/([a-zA-Z0-9.*-]{1,253})(?::(\d{1,5}|\*))?(?:\/.*)?$/);
73
- if (!match) return null;
74
- const [, protocol, host, port] = match;
75
- const hasWildcard = host.includes("*");
76
- if (hasWildcard && !host.startsWith("*.")) return null;
77
- if (hasWildcard && host.slice(2).includes("*")) return null;
78
- const domain = hasWildcard ? host.slice(2) : host;
79
- const escapedDomain = domain.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
80
- const hostRegex = hasWildcard ? `[^.]+\\.${escapedDomain}` : escapedDomain;
81
- const portRegex = port === "*" ? ":\\d{1,5}" : port ? `:${port}` : "";
82
- return new RegExp(`^${protocol}:\\/\\/${hostRegex}${portRegex}$`);
83
- } catch {
84
- return null;
85
- }
86
- };
87
- var isTrustedOrigin = (url, trustedOrigins) => {
88
- if (!isValidURL(url) || trustedOrigins.length === 0) return false;
89
- try {
90
- const urlOrigin = new URL(url).origin;
91
- for (const pattern of trustedOrigins) {
92
- const regex = patternToRegex(pattern);
93
- if (regex?.test(urlOrigin)) return true;
94
- try {
95
- if (isValidURL(pattern) && equals(new URL(pattern).origin, urlOrigin)) return true;
96
- } catch {
97
- }
98
- }
99
- } catch {
100
- }
101
- return false;
102
- };
103
- var safeEquals = (a, b) => {
104
- const bufferA = Buffer.from(a);
105
- const bufferB = Buffer.from(b);
106
- if (bufferA.length !== bufferB.length) {
107
- return false;
108
- }
109
- return timingSafeEqual(bufferA, bufferB);
110
- };
111
-
112
- export {
113
- isFalsy,
114
- isRequest,
115
- unsafeChars,
116
- isValidURL,
117
- isJWTPayloadWithToken,
118
- isRelativeURL,
119
- isSameOrigin,
120
- patternToRegex,
121
- isTrustedOrigin,
122
- safeEquals
123
- };
@@ -1,67 +0,0 @@
1
- import {
2
- createAuthorizationURL,
3
- createRedirectTo,
4
- createRedirectURI
5
- } from "./chunk-XUP6KKNG.js";
6
- import {
7
- createPKCE,
8
- generateSecure
9
- } from "./chunk-NUDITUKX.js";
10
- import {
11
- cacheControl
12
- } from "./chunk-EBAMFRB7.js";
13
-
14
- // src/actions/signIn/signIn.ts
15
- import { z } from "zod";
16
- import { createEndpoint, createEndpointConfig, HeadersBuilder } from "@aura-stack/router";
17
- var signInConfig = (oauth) => {
18
- return createEndpointConfig("/signIn/:oauth", {
19
- schemas: {
20
- params: z.object({
21
- oauth: z.enum(
22
- Object.keys(oauth),
23
- "The OAuth provider is not supported or invalid."
24
- )
25
- }),
26
- searchParams: z.object({
27
- redirectTo: z.string().optional()
28
- })
29
- }
30
- });
31
- };
32
- var signInAction = (oauth) => {
33
- return createEndpoint(
34
- "GET",
35
- "/signIn/:oauth",
36
- async (ctx) => {
37
- const {
38
- request,
39
- params: { oauth: oauth2 },
40
- searchParams: { redirectTo },
41
- context
42
- } = ctx;
43
- const { oauth: providers, cookies, logger } = context;
44
- const state = generateSecure();
45
- const redirectURI = await createRedirectURI(request, oauth2, context);
46
- const redirectToValue = await createRedirectTo(request, redirectTo, context);
47
- const { codeVerifier, codeChallenge, method } = await createPKCE();
48
- const authorization = createAuthorizationURL(providers[oauth2], redirectURI, state, codeChallenge, method, logger);
49
- logger?.log("SIGN_IN_INITIATED", {
50
- structuredData: { oauth_provider: oauth2, code_challenge_method: method }
51
- });
52
- const headers = new HeadersBuilder(cacheControl).setHeader("Location", authorization).setCookie(cookies.state.name, state, cookies.state.attributes).setCookie(cookies.redirectURI.name, redirectURI, cookies.redirectURI.attributes).setCookie(cookies.redirectTo.name, redirectToValue, cookies.redirectTo.attributes).setCookie(cookies.codeVerifier.name, codeVerifier, cookies.codeVerifier.attributes).toHeaders();
53
- return Response.json(
54
- { oauth: oauth2 },
55
- {
56
- status: 302,
57
- headers
58
- }
59
- );
60
- },
61
- signInConfig(oauth)
62
- );
63
- };
64
-
65
- export {
66
- signInAction
67
- };
@@ -1,95 +0,0 @@
1
- import {
2
- createRedirectTo
3
- } from "./chunk-XUP6KKNG.js";
4
- import {
5
- verifyCSRF
6
- } from "./chunk-NUDITUKX.js";
7
- import {
8
- getBaseURL,
9
- getErrorName
10
- } from "./chunk-QQVSRXGX.js";
11
- import {
12
- expiredCookieAttributes
13
- } from "./chunk-5W4BRQYG.js";
14
- import {
15
- secureApiHeaders
16
- } from "./chunk-EBAMFRB7.js";
17
- import {
18
- AuthSecurityError
19
- } from "./chunk-RRLIF4PQ.js";
20
-
21
- // src/actions/signOut/signOut.ts
22
- import { z } from "zod";
23
- import { createEndpoint, createEndpointConfig, HeadersBuilder, statusCode } from "@aura-stack/router";
24
- var config = createEndpointConfig({
25
- schemas: {
26
- searchParams: z.object({
27
- token_type_hint: z.literal("session_token"),
28
- redirectTo: z.string().optional()
29
- })
30
- }
31
- });
32
- var signOutAction = createEndpoint(
33
- "POST",
34
- "/signOut",
35
- async (ctx) => {
36
- const {
37
- request,
38
- headers,
39
- searchParams: { redirectTo },
40
- context
41
- } = ctx;
42
- const { jose, cookies, logger } = context;
43
- const session = headers.getCookie(cookies.sessionToken.name);
44
- const csrfToken = headers.getCookie(cookies.csrfToken.name);
45
- const header = headers.getHeader("X-CSRF-Token");
46
- logger?.log("SIGN_OUT_ATTEMPT", {
47
- structuredData: {
48
- has_session: Boolean(session),
49
- has_csrf_token: Boolean(csrfToken),
50
- has_csrf_header: Boolean(header)
51
- }
52
- });
53
- if (!session) {
54
- logger?.log("SESSION_TOKEN_MISSING");
55
- throw new AuthSecurityError("SESSION_TOKEN_MISSING", "The sessionToken is missing.");
56
- }
57
- if (!csrfToken) {
58
- logger?.log("CSRF_TOKEN_MISSING");
59
- throw new AuthSecurityError("CSRF_TOKEN_MISSING", "The CSRF token is missing.");
60
- }
61
- if (!header) {
62
- logger?.log("CSRF_HEADER_MISSING");
63
- throw new AuthSecurityError("CSRF_HEADER_MISSING", "The CSRF header is missing.");
64
- }
65
- try {
66
- await verifyCSRF(jose, csrfToken, header);
67
- } catch (error) {
68
- logger?.log("CSRF_TOKEN_INVALID", { structuredData: { error_type: getErrorName(error) } });
69
- throw new AuthSecurityError("CSRF_TOKEN_INVALID", "CSRF token verification failed");
70
- }
71
- logger?.log("SIGN_OUT_CSRF_VERIFIED");
72
- try {
73
- await jose.decodeJWT(session);
74
- logger?.log("SIGN_OUT_SUCCESS");
75
- } catch (error) {
76
- logger?.log("INVALID_JWT_TOKEN", { structuredData: { error_type: getErrorName(error) } });
77
- }
78
- const baseURL = getBaseURL(request);
79
- const location = await createRedirectTo(
80
- new Request(baseURL, {
81
- headers: headers.toHeaders()
82
- }),
83
- redirectTo,
84
- context
85
- );
86
- logger?.log("SIGN_OUT_REDIRECT", { structuredData: { location } });
87
- const headersList = new HeadersBuilder(secureApiHeaders).setHeader("Location", location).setCookie(cookies.csrfToken.name, "", expiredCookieAttributes).setCookie(cookies.sessionToken.name, "", expiredCookieAttributes).toHeaders();
88
- return Response.json({ message: "Signed out successfully" }, { status: statusCode.ACCEPTED, headers: headersList });
89
- },
90
- config
91
- );
92
-
93
- export {
94
- signOutAction
95
- };
@@ -1,70 +0,0 @@
1
- import {
2
- env
3
- } from "./chunk-4MYWAOLG.js";
4
- import {
5
- AuthInternalError
6
- } from "./chunk-RRLIF4PQ.js";
7
-
8
- // src/jose.ts
9
- import {
10
- createJWT,
11
- createJWS,
12
- createJWE,
13
- createDeriveKey,
14
- createSecret
15
- } from "@aura-stack/jose";
16
- var createJoseInstance = (secret) => {
17
- secret ??= env.AURA_AUTH_SECRET ?? env.AUTH_SECRET;
18
- if (!secret) {
19
- throw new AuthInternalError(
20
- "JOSE_INITIALIZATION_FAILED",
21
- "AURA_AUTH_SECRET environment variable is not set and no secret was provided."
22
- );
23
- }
24
- const salt = env.AURA_AUTH_SALT ?? env.AUTH_SALT;
25
- if (!salt) {
26
- throw new AuthInternalError(
27
- "JOSE_INITIALIZATION_FAILED",
28
- "AURA_AUTH_SALT or AUTH_SALT environment variable is not set. A salt value is required for key derivation."
29
- );
30
- }
31
- try {
32
- createSecret(salt);
33
- } catch (error) {
34
- throw new AuthInternalError(
35
- "INVALID_SALT_SECRET_VALUE",
36
- "AURA_AUTH_SALT/AUTH_SALT is invalid. It must be at least 32 bytes long and meet entropy requirements.",
37
- { cause: error }
38
- );
39
- }
40
- const { derivedKey: derivedSigningKey } = createDeriveKey(secret, salt, "signing");
41
- const { derivedKey: derivedEncryptionKey } = createDeriveKey(secret, salt, "encryption");
42
- const { derivedKey: derivedCsrfTokenKey } = createDeriveKey(secret, salt, "csrfToken");
43
- const { decodeJWT, encodeJWT } = createJWT({ jws: derivedSigningKey, jwe: derivedEncryptionKey });
44
- const { signJWS, verifyJWS } = createJWS(derivedCsrfTokenKey);
45
- const { encryptJWE, decryptJWE } = createJWE(derivedEncryptionKey);
46
- return {
47
- decodeJWT,
48
- encodeJWT,
49
- signJWS,
50
- verifyJWS,
51
- encryptJWE,
52
- decryptJWE
53
- };
54
- };
55
- var jwtVerificationOptions = {
56
- algorithms: ["HS256"],
57
- typ: "JWT"
58
- };
59
- var decodeJWTOptions = {
60
- jws: jwtVerificationOptions,
61
- jwt: {
62
- typ: "JWT"
63
- }
64
- };
65
-
66
- export {
67
- createJoseInstance,
68
- jwtVerificationOptions,
69
- decodeJWTOptions
70
- };
@@ -1,36 +0,0 @@
1
- import {
2
- getErrorName,
3
- toISOString
4
- } from "./chunk-QQVSRXGX.js";
5
- import {
6
- expiredCookieAttributes,
7
- getCookie
8
- } from "./chunk-5W4BRQYG.js";
9
- import {
10
- secureApiHeaders
11
- } from "./chunk-EBAMFRB7.js";
12
-
13
- // src/actions/session/session.ts
14
- import { createEndpoint, HeadersBuilder } from "@aura-stack/router";
15
- var sessionAction = createEndpoint("GET", "/session", async (ctx) => {
16
- const {
17
- request,
18
- context: { jose, cookies, logger }
19
- } = ctx;
20
- try {
21
- const session = getCookie(request, cookies.sessionToken.name);
22
- const decoded = await jose.decodeJWT(session);
23
- logger?.log("AUTH_SESSION_VALID");
24
- const { exp, iat, jti, nbf, ...user } = decoded;
25
- const headers = new Headers(secureApiHeaders);
26
- return Response.json({ user, expires: toISOString(exp * 1e3) }, { headers });
27
- } catch (error) {
28
- logger?.log("AUTH_SESSION_INVALID", { structuredData: { error_type: getErrorName(error) } });
29
- const headers = new HeadersBuilder(secureApiHeaders).setCookie(cookies.sessionToken.name, "", expiredCookieAttributes).toHeaders();
30
- return Response.json({ authenticated: false, message: "Unauthorized" }, { status: 401, headers });
31
- }
32
- });
33
-
34
- export {
35
- sessionAction
36
- };
@@ -1,149 +0,0 @@
1
- import {
2
- isAuthInternalError,
3
- isAuthSecurityError,
4
- isOAuthProtocolError
5
- } from "./chunk-RRLIF4PQ.js";
6
-
7
- // src/utils.ts
8
- import { isInvalidZodSchemaError, isRouterError } from "@aura-stack/router";
9
- var toSnakeCase = (str) => {
10
- return str.replace(/([a-z0-9])([A-Z])/g, "$1_$2").replace(/([A-Z]+)([A-Z][a-z])/g, "$1_$2").toLowerCase().replace(/^_+/, "");
11
- };
12
- var toUpperCase = (str) => {
13
- return str.toUpperCase();
14
- };
15
- var toCastCase = (obj, type = "snake") => {
16
- return Object.entries(obj).reduce((previous, [key, value]) => {
17
- const newKey = type === "snake" ? toSnakeCase(key) : toUpperCase(key);
18
- return { ...previous, [newKey]: value };
19
- }, {});
20
- };
21
- var equals = (a, b) => {
22
- if (a === null || b === null || a === void 0 || b === void 0) return false;
23
- return a === b;
24
- };
25
- var createErrorHandler = (logger) => {
26
- return (error) => {
27
- if (isRouterError(error)) {
28
- const { message, status, statusText } = error;
29
- logger?.log("ROUTER_INTERNAL_ERROR");
30
- return Response.json({ type: "ROUTER_ERROR", code: "ROUTER_INTERNAL_ERROR", message }, { status, statusText });
31
- }
32
- if (isInvalidZodSchemaError(error)) {
33
- logger?.log("INVALID_REQUEST");
34
- return Response.json({ type: "ROUTER_ERROR", code: "INVALID_REQUEST", message: error.errors }, { status: 422 });
35
- }
36
- if (isOAuthProtocolError(error)) {
37
- const { error: errorCode, message, type, errorURI } = error;
38
- logger?.log("OAUTH_PROTOCOL_ERROR", {
39
- structuredData: {
40
- error: errorCode,
41
- error_description: message,
42
- error_uri: errorURI ?? ""
43
- }
44
- });
45
- return Response.json(
46
- {
47
- type,
48
- message
49
- },
50
- { status: 400 }
51
- );
52
- }
53
- if (isAuthInternalError(error)) {
54
- const { type, code, message } = error;
55
- logger?.log("INVALID_OAUTH_CONFIGURATION", {
56
- structuredData: {
57
- error: code,
58
- error_description: message
59
- }
60
- });
61
- return Response.json(
62
- {
63
- type,
64
- message
65
- },
66
- { status: 400 }
67
- );
68
- }
69
- if (isAuthSecurityError(error)) {
70
- const { type, code, message } = error;
71
- logger?.log("INVALID_OAUTH_CONFIGURATION", {
72
- structuredData: {
73
- error: code,
74
- error_description: message
75
- }
76
- });
77
- return Response.json(
78
- {
79
- type,
80
- code,
81
- message
82
- },
83
- { status: 400 }
84
- );
85
- }
86
- logger?.log("SERVER_ERROR");
87
- return Response.json(
88
- { type: "SERVER_ERROR", code: "SERVER_ERROR", message: "An unexpected error occurred" },
89
- { status: 500 }
90
- );
91
- };
92
- };
93
- var getBaseURL = (request) => {
94
- const url = new URL(request.url);
95
- return `${url.origin}${url.pathname}`;
96
- };
97
- var toISOString = (date) => {
98
- return new Date(date).toISOString();
99
- };
100
- var useSecureCookies = (request, trustedProxyHeaders) => {
101
- return trustedProxyHeaders ? request.url.startsWith("https://") || request.headers.get("X-Forwarded-Proto") === "https" || (request.headers.get("Forwarded")?.includes("proto=https") ?? false) : request.url.startsWith("https://");
102
- };
103
- var formatZodError = (error) => {
104
- if (!error.issues || error.issues.length === 0) {
105
- return {};
106
- }
107
- return error.issues.reduce((previous, issue) => {
108
- const key = issue.path.join(".");
109
- return {
110
- ...previous,
111
- [key]: {
112
- code: issue.code,
113
- message: issue.message
114
- }
115
- };
116
- }, {});
117
- };
118
- var extractPath = (url) => {
119
- const pathRegex = /^https?:\/\/[a-zA-Z0-9_\-\.]+(:\d+)?(\/.*)$/;
120
- const match = url.match(pathRegex);
121
- return match && match[2] ? match[2] : "/";
122
- };
123
- var createStructuredData = (data, sdID = "metadata") => {
124
- const entries = Object.entries(data);
125
- if (entries.length === 0) return `[${sdID}]`;
126
- const values = entries.map(([key, value]) => `${key}="${String(value).replace(/(["\\\]])/g, "\\$1")}"`).join(" ");
127
- return `[${sdID} ${values}]`;
128
- };
129
- var getErrorName = (error) => {
130
- if (error instanceof Error) {
131
- return error.name;
132
- }
133
- return typeof error === "string" ? error : "UnknownError";
134
- };
135
-
136
- export {
137
- toSnakeCase,
138
- toUpperCase,
139
- toCastCase,
140
- equals,
141
- createErrorHandler,
142
- getBaseURL,
143
- toISOString,
144
- useSecureCookies,
145
- formatZodError,
146
- extractPath,
147
- createStructuredData,
148
- getErrorName
149
- };