@aura-stack/auth 0.4.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +36 -1
- package/dist/@types/index.cjs +0 -18
- package/dist/@types/index.d.ts +2 -8
- package/dist/@types/index.js +0 -1
- package/dist/assert-B3iQSYlK.js +3 -0
- package/dist/assert-NJGroSJd.cjs +3 -0
- package/dist/client/index.cjs +1 -0
- package/dist/client/index.d.ts +11 -0
- package/dist/client/index.js +1 -0
- package/dist/crypto-Bz8nIciY.js +1 -0
- package/dist/crypto-CoXA5w_4.cjs +1 -0
- package/dist/env-bq387KyP.cjs +1 -0
- package/dist/env-nvh8QBNz.js +1 -0
- package/dist/errors-CCYPHuBO.cjs +1 -0
- package/dist/errors-DFWHOho6.js +1 -0
- package/dist/index-BkpwQ0l4.d.cts +2279 -0
- package/dist/index-nqLV2t91.d.ts +2279 -0
- package/dist/index.cjs +1 -1839
- package/dist/index.d.cts +2 -0
- package/dist/index.d.ts +2 -35
- package/dist/index.js +1 -132
- package/dist/logger-C59_CDMk.js +1 -0
- package/dist/logger-UnUhYL2V.cjs +1 -0
- package/dist/oauth/atlassian.cjs +1 -0
- package/dist/oauth/atlassian.d.ts +2 -0
- package/dist/oauth/atlassian.js +1 -0
- package/dist/oauth/bitbucket.cjs +1 -49
- package/dist/oauth/bitbucket.d.ts +2 -8
- package/dist/oauth/bitbucket.js +1 -6
- package/dist/oauth/discord.cjs +1 -57
- package/dist/oauth/discord.d.ts +2 -8
- package/dist/oauth/discord.js +1 -6
- package/dist/oauth/dropbox.cjs +1 -0
- package/dist/oauth/dropbox.d.ts +2 -0
- package/dist/oauth/dropbox.js +1 -0
- package/dist/oauth/figma.cjs +1 -49
- package/dist/oauth/figma.d.ts +2 -8
- package/dist/oauth/figma.js +1 -6
- package/dist/oauth/github.cjs +1 -49
- package/dist/oauth/github.d.ts +2 -8
- package/dist/oauth/github.js +1 -6
- package/dist/oauth/gitlab.cjs +1 -49
- package/dist/oauth/gitlab.d.ts +2 -8
- package/dist/oauth/gitlab.js +1 -6
- package/dist/oauth/index.cjs +1 -483
- package/dist/oauth/index.d.ts +2 -8
- package/dist/oauth/index.js +1 -52
- package/dist/oauth/mailchimp.cjs +1 -49
- package/dist/oauth/mailchimp.d.ts +2 -8
- package/dist/oauth/mailchimp.js +1 -6
- package/dist/oauth/notion.cjs +1 -0
- package/dist/oauth/notion.d.ts +2 -0
- package/dist/oauth/notion.js +1 -0
- package/dist/oauth/pinterest.cjs +1 -49
- package/dist/oauth/pinterest.d.ts +2 -8
- package/dist/oauth/pinterest.js +1 -6
- package/dist/oauth/spotify.cjs +1 -49
- package/dist/oauth/spotify.d.ts +2 -8
- package/dist/oauth/spotify.js +1 -6
- package/dist/oauth/strava.cjs +1 -49
- package/dist/oauth/strava.d.ts +2 -8
- package/dist/oauth/strava.js +1 -6
- package/dist/oauth/twitch.cjs +1 -0
- package/dist/oauth/twitch.d.ts +2 -0
- package/dist/oauth/twitch.js +1 -0
- package/dist/oauth/x.cjs +1 -49
- package/dist/oauth/x.d.ts +2 -8
- package/dist/oauth/x.js +1 -6
- package/dist/oauth-BntNm6aE.cjs +1 -0
- package/dist/oauth-DmHy9VrB.js +1 -0
- package/dist/shared/crypto.cjs +1 -0
- package/dist/shared/crypto.d.ts +47 -0
- package/dist/shared/crypto.js +1 -0
- package/dist/shared/identity.cjs +1 -0
- package/dist/shared/identity.d.ts +2 -0
- package/dist/shared/identity.js +1 -0
- package/dist/shared/index.cjs +1 -0
- package/dist/shared/index.d.ts +5 -0
- package/dist/shared/index.js +1 -0
- package/package.json +39 -12
- package/dist/@types/router.d.cjs +0 -1
- package/dist/@types/router.d.d.ts +0 -12
- package/dist/@types/router.d.js +0 -0
- package/dist/@types/utility.cjs +0 -18
- package/dist/@types/utility.d.ts +0 -6
- package/dist/@types/utility.js +0 -1
- package/dist/actions/callback/access-token.cjs +0 -206
- package/dist/actions/callback/access-token.d.ts +0 -29
- package/dist/actions/callback/access-token.js +0 -9
- package/dist/actions/callback/callback.cjs +0 -649
- package/dist/actions/callback/callback.d.ts +0 -13
- package/dist/actions/callback/callback.js +0 -19
- package/dist/actions/callback/userinfo.cjs +0 -250
- package/dist/actions/callback/userinfo.d.ts +0 -21
- package/dist/actions/callback/userinfo.js +0 -14
- package/dist/actions/csrfToken/csrfToken.cjs +0 -197
- package/dist/actions/csrfToken/csrfToken.d.ts +0 -5
- package/dist/actions/csrfToken/csrfToken.js +0 -14
- package/dist/actions/index.cjs +0 -954
- package/dist/actions/index.d.ts +0 -14
- package/dist/actions/index.js +0 -36
- package/dist/actions/session/session.cjs +0 -136
- package/dist/actions/session/session.d.ts +0 -5
- package/dist/actions/session/session.js +0 -10
- package/dist/actions/signIn/authorization.cjs +0 -322
- package/dist/actions/signIn/authorization.d.ts +0 -53
- package/dist/actions/signIn/authorization.js +0 -18
- package/dist/actions/signIn/signIn.cjs +0 -467
- package/dist/actions/signIn/signIn.d.ts +0 -13
- package/dist/actions/signIn/signIn.js +0 -15
- package/dist/actions/signOut/signOut.cjs +0 -493
- package/dist/actions/signOut/signOut.d.ts +0 -8
- package/dist/actions/signOut/signOut.js +0 -16
- package/dist/assert.cjs +0 -161
- package/dist/assert.d.ts +0 -33
- package/dist/assert.js +0 -26
- package/dist/chunk-4EKY7655.js +0 -123
- package/dist/chunk-4MYWAOLG.js +0 -31
- package/dist/chunk-4YHJ4IEQ.js +0 -25
- package/dist/chunk-54CZPKR4.js +0 -25
- package/dist/chunk-5LZ7TOM3.js +0 -25
- package/dist/chunk-5W4BRQYG.js +0 -201
- package/dist/chunk-6MXFPFR3.js +0 -143
- package/dist/chunk-7QF22LHP.js +0 -67
- package/dist/chunk-ALG3GIV4.js +0 -95
- package/dist/chunk-E6G5YCI6.js +0 -25
- package/dist/chunk-EBAMFRB7.js +0 -34
- package/dist/chunk-EEE7UM5T.js +0 -25
- package/dist/chunk-FRJFWTOY.js +0 -70
- package/dist/chunk-FW4W3REU.js +0 -25
- package/dist/chunk-ICAZ4OVS.js +0 -37
- package/dist/chunk-IPKO6UQN.js +0 -25
- package/dist/chunk-ITQ7352M.js +0 -0
- package/dist/chunk-KJBAQZX2.js +0 -92
- package/dist/chunk-KMMAZFSJ.js +0 -25
- package/dist/chunk-LDU7A2JE.js +0 -25
- package/dist/chunk-NUDITUKX.js +0 -73
- package/dist/chunk-OVHNRULD.js +0 -33
- package/dist/chunk-PG7UYFG5.js +0 -0
- package/dist/chunk-PHFH2MGS.js +0 -36
- package/dist/chunk-QQVSRXGX.js +0 -149
- package/dist/chunk-RRLIF4PQ.js +0 -55
- package/dist/chunk-TM5IPSNF.js +0 -113
- package/dist/chunk-TZB6MUXN.js +0 -78
- package/dist/chunk-VNCNJKS2.js +0 -267
- package/dist/chunk-XGLBNXL4.js +0 -75
- package/dist/chunk-XUP6KKNG.js +0 -106
- package/dist/chunk-ZNCZVF6U.js +0 -14
- package/dist/cookie.cjs +0 -246
- package/dist/cookie.d.ts +0 -85
- package/dist/cookie.js +0 -29
- package/dist/env.cjs +0 -56
- package/dist/env.d.ts +0 -7
- package/dist/env.js +0 -6
- package/dist/errors.cjs +0 -85
- package/dist/errors.d.ts +0 -50
- package/dist/errors.js +0 -18
- package/dist/headers.cjs +0 -61
- package/dist/headers.d.ts +0 -33
- package/dist/headers.js +0 -12
- package/dist/index-CSyIJmCM.d.ts +0 -1007
- package/dist/jose.cjs +0 -128
- package/dist/jose.d.ts +0 -25
- package/dist/jose.js +0 -12
- package/dist/logger.cjs +0 -292
- package/dist/logger.d.ts +0 -8
- package/dist/logger.js +0 -8
- package/dist/request.cjs +0 -38
- package/dist/request.d.ts +0 -13
- package/dist/request.js +0 -6
- package/dist/schemas.cjs +0 -125
- package/dist/schemas.d.ts +0 -149
- package/dist/schemas.js +0 -24
- package/dist/secure.cjs +0 -170
- package/dist/secure.d.ts +0 -35
- package/dist/secure.js +0 -19
- package/dist/utils.cjs +0 -223
- package/dist/utils.d.ts +0 -24
- package/dist/utils.js +0 -29
package/README.md
CHANGED
|
@@ -5,6 +5,7 @@
|
|
|
5
5
|
**Core authentication library for the Aura Stack ecosystem**
|
|
6
6
|
|
|
7
7
|
[](https://www.npmjs.com/package/@aura-stack/auth)
|
|
8
|
+
[](https://jsr.io/@aura-stack/auth)
|
|
8
9
|
[](https://opensource.org/licenses/MIT)
|
|
9
10
|
|
|
10
11
|
[Official Docs](https://aura-stack-auth.vercel.app/docs) · [Core Package Docs](https://aura-stack-auth.vercel.app/docs/packages/core)
|
|
@@ -27,13 +28,47 @@ Inspired by [Auth.js](https://authjs.dev/), Aura Auth focuses on simplicity, dev
|
|
|
27
28
|
- **Extensible architecture** — Easily integrate with `@aura-stack/router` or custom routing layers.
|
|
28
29
|
- **Framework-agnostic** — Works seamlessly in any environment that supports the Web Request/Response APIs.
|
|
29
30
|
|
|
31
|
+
## Installation
|
|
32
|
+
|
|
33
|
+
```bash
|
|
34
|
+
pnpm add @aura-stack/auth
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
## Quick Start
|
|
38
|
+
|
|
39
|
+
### 1. Create Auth Instance
|
|
40
|
+
|
|
41
|
+
Configure your auth instance in a shared file (e.g., `lib/auth.ts`).
|
|
42
|
+
|
|
43
|
+
```ts
|
|
44
|
+
import { createAuth } from "@aura-stack/auth"
|
|
45
|
+
|
|
46
|
+
export const auth = createAuth({
|
|
47
|
+
oauth: ["github"],
|
|
48
|
+
})
|
|
49
|
+
|
|
50
|
+
export const { api, jose handlers } = auth
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
### 2. Creat Auth Client Instance
|
|
54
|
+
|
|
55
|
+
Configure your auth client instance in a shared file (e.g., `lib/auth-client.ts`).
|
|
56
|
+
|
|
57
|
+
```ts
|
|
58
|
+
import { createAuthClient } from "@aura-stack/auth/client"
|
|
59
|
+
|
|
60
|
+
export const authClient = createAuth({
|
|
61
|
+
baseURL: "http://localhost:3000",
|
|
62
|
+
})
|
|
63
|
+
```
|
|
64
|
+
|
|
30
65
|
## Documentation
|
|
31
66
|
|
|
32
67
|
Visit the [**official documentation website**](https://aura-stack-auth.vercel.app).
|
|
33
68
|
|
|
34
69
|
## License
|
|
35
70
|
|
|
36
|
-
Licensed under the [MIT License](LICENSE). © [Aura Stack](https://github.com/aura-stack-ts)
|
|
71
|
+
Licensed under the [MIT License](../../LICENSE). © [Aura Stack](https://github.com/aura-stack-ts)
|
|
37
72
|
|
|
38
73
|
---
|
|
39
74
|
|
package/dist/@types/index.cjs
CHANGED
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __defProp = Object.defineProperty;
|
|
3
|
-
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
4
|
-
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
-
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
6
|
-
var __copyProps = (to, from, except, desc) => {
|
|
7
|
-
if (from && typeof from === "object" || typeof from === "function") {
|
|
8
|
-
for (let key of __getOwnPropNames(from))
|
|
9
|
-
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
10
|
-
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
11
|
-
}
|
|
12
|
-
return to;
|
|
13
|
-
};
|
|
14
|
-
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
15
|
-
|
|
16
|
-
// src/@types/index.ts
|
|
17
|
-
var types_exports = {};
|
|
18
|
-
module.exports = __toCommonJS(types_exports);
|
package/dist/@types/index.d.ts
CHANGED
|
@@ -1,8 +1,2 @@
|
|
|
1
|
-
import
|
|
2
|
-
export {
|
|
3
|
-
import '../schemas.js';
|
|
4
|
-
import '../jose.js';
|
|
5
|
-
import '@aura-stack/router/cookie';
|
|
6
|
-
export { LiteralUnion, Prettify } from './utility.js';
|
|
7
|
-
import '@aura-stack/jose/jose';
|
|
8
|
-
import '@aura-stack/jose';
|
|
1
|
+
import { $ as JWTConfigBase, A as APIErrorMap, At as IdentityConfig, B as DeepPartial, Bt as SyslogOptions, C as SignOutAPIReturn, Ct as CookieName, D as UpdateSessionAPIReturn, Dt as CredentialsProvider, E as UpdateSessionAPIOptions, Et as CredentialsPayload, F as ErrorType, Ft as Logger, G as InferShape, Gt as OAuthProviderCredentials, H as EditableShape, Hn as UserShape, Ht as AuthorizeParams, I as OAuthError, It as RouterGlobalContext, J as Prettify, Jt as BuiltInOAuthProvider, K as LiteralUnion, Kt as OAuthProviderRecord, L as TokenRevocationError, Lt as SecureCookie, M as AuthInternalErrorCode, Mt as InternalLogger, N as AuthSecurityErrorCode, Nt as JoseInstance, O as UpdateSessionOptions, Ot as CredentialsProviderContext, P as AuthorizationError, Pt as LogLevel, Q as JWTConfig, Rt as Severity, S as SignOutAPIOptions, St as CookieConfig, T as SignOutReturn, Tt as CookieStrategyAttributes, U as InferAuthIdentity, Ut as OAuthProvider, V as DeepRequired, Vn as UserIdentityType, Vt as TrustedOrigin, W as InferIdentity, Wt as OAuthProviderConfig, X as CreateSessionStrategyOptions, Y as ShapeToObject, Z as GetStatelessSessionReturn, _ as SignInCredentialsAPIReturn, _t as User, a as OAuthEnv, at as JWTManager, b as SignInOptions, bt as AuthInstance, c as APIOptionsWithRequest, ct as JWTSignedMode, d as GetSessionAPIOptions, dt as KeyPair, et as JWTEncryptedMode, f as GetSessionAPIReturn, ft as SecretKey, g as SignInCredentialsAPIOptions, gt as StatelessStrategyConfig, h as SignInAPIReturn, ht as SessionStrategy, i as JWTStandardClaims, it as JWTKeyAlgorithm, j as AccessTokenError, jt as InternalContext, k as UpdateSessionReturn, kt as HostCookie, l as APIOptionsWithSkipCSRFCheck, lt as JWTSigningAlgorithm, m as SignInAPIOptions, mt as SessionConfig, n as AuthClientOptions, nt as JWTExpirationStrategy, o as TypedJWTPayload, ot as JWTMode, p as OptionsWithRedirectTo, pt as Session, q as Merge, qt as ResponseType, r as JWTPayloadWithToken, rt as JWTKey, s as APIOptionsWithRedirectTo, st as JWTSealedMode, t as AuthClient, tt as JWTEncryptionAlgorithm, u as FunctionAPIContext, ut as JWTStrategyOptions, v as SignInCredentialsOptions, vt as AuthAPI, w as SignOutOptions, wt as CookieStoreConfig, x as SignInReturn, xt as AuthRuntimeConfig, y as SignInCredentialsReturn, yt as AuthConfig, z as AuthResponse, zt as StandardCookie } from "../index-nqLV2t91.js";
|
|
2
|
+
export { APIErrorMap, APIOptionsWithRedirectTo, APIOptionsWithRequest, APIOptionsWithSkipCSRFCheck, AccessTokenError, AuthAPI, AuthClient, AuthClientOptions, AuthConfig, AuthInstance, AuthInternalErrorCode, AuthResponse, AuthRuntimeConfig, AuthSecurityErrorCode, AuthorizationError, AuthorizeParams, BuiltInOAuthProvider, CookieConfig, CookieName, CookieStoreConfig, CookieStrategyAttributes, CreateSessionStrategyOptions, CredentialsPayload, CredentialsProvider, CredentialsProviderContext, DeepPartial, DeepRequired, EditableShape, ErrorType, FunctionAPIContext, GetSessionAPIOptions, GetSessionAPIReturn, GetStatelessSessionReturn, HostCookie, IdentityConfig, InferAuthIdentity, InferIdentity, InferShape, InternalContext, InternalLogger, JWTConfig, JWTConfigBase, JWTEncryptedMode, JWTEncryptionAlgorithm, JWTExpirationStrategy, JWTKey, JWTKeyAlgorithm, JWTManager, JWTMode, JWTPayloadWithToken, JWTSealedMode, JWTSignedMode, JWTSigningAlgorithm, JWTStandardClaims, JWTStrategyOptions, JoseInstance, KeyPair, LiteralUnion, LogLevel, Logger, Merge, OAuthEnv, OAuthError, OAuthProvider, OAuthProviderConfig, OAuthProviderCredentials, OAuthProviderRecord, OptionsWithRedirectTo, Prettify, ResponseType, RouterGlobalContext, SecretKey, SecureCookie, Session, SessionConfig, SessionStrategy, Severity, ShapeToObject, SignInAPIOptions, SignInAPIReturn, SignInCredentialsAPIOptions, SignInCredentialsAPIReturn, SignInCredentialsOptions, SignInCredentialsReturn, SignInOptions, SignInReturn, SignOutAPIOptions, SignOutAPIReturn, SignOutOptions, SignOutReturn, StandardCookie, StatelessStrategyConfig, SyslogOptions, TokenRevocationError, TrustedOrigin, TypedJWTPayload, UpdateSessionAPIOptions, UpdateSessionAPIReturn, UpdateSessionOptions, UpdateSessionReturn, User, UserIdentityType, UserShape };
|
package/dist/@types/index.js
CHANGED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import "../chunk-PG7UYFG5.js";
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import{n as e}from"./errors-DFWHOho6.js";import{n as t}from"./env-nvh8QBNz.js";import{encoder as n}from"@aura-stack/jose/crypto";const r=`0.5.0`,i=(e,t)=>e===null||t===null||e===void 0||t===void 0?!1:e===t,a=(e,t)=>{let n=e instanceof Headers?e:e.headers,r=e instanceof Headers?null:e.url;return t?r?.startsWith(`https://`)||n.get(`X-Forwarded-Proto`)===`https`||(n.get(`Forwarded`)?.includes(`proto=https`)??!1):r?.startsWith(`https://`)??!1},o=e=>!e.issues||e.issues.length===0?{}:e.issues.reduce((e,t)=>{let n=t.path.join(`.`);return{...e,[n]:{code:t.code,message:t.message}}},{}),s=e=>{let t=e.match(/^https?:\/\/[a-zA-Z0-9_\-.]+(:\d+)?(\/.*)$/);return t&&t[2]?t[2]:`/`},c=e=>e instanceof Error?e.name:typeof e==`string`?e:`UnknownError`,l=e=>{try{if(e.length>2048)return null;e=e.replace(/\\/g,``);let t=e.match(/^(https?):\/\/([a-zA-Z0-9.*-]{1,253})(?::(\d{1,5}|\*))?(?:\/.*)?$/);if(!t)return null;let[,n,r,i]=t,a=r.includes(`*`);if(a&&!r.startsWith(`*.`)||a&&r.slice(2).includes(`*`))return null;let o=(a?r.slice(2):r).replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),s=a?`[^.]+\\.${o}`:o,c=i===`*`?`:\\d{1,5}`:i?`:${i}`:``;return RegExp(`^${n}:\\/\\/${s}${c}$`)}catch{return null}},u=(e,t)=>{let r=n.encode(e),i=n.encode(t),a=Math.max(r.length,i.length),o=0;for(let e=0;e<a;e++)o|=(r[e]??0)^(i[e]??0);return o===0&&r.length===i.length},d=(r,i)=>{let a=t(r)??r,o=t(i)??i;if(!a||!o)throw new e(`INVALID_OAUTH_CONFIGURATION`,`Missing client credentials for OAuth provider configuration.`);let s=`${a}:${o}`,c=String.fromCharCode.apply(null,Array.from(n.encode(s)));return`Basic ${btoa(c)}`},f=(e,t)=>(new Headers(t).forEach((t,n)=>{e.has(n)||(n.toLowerCase()===`set-cookie`?e.append(n,t):e.set(n,t))}),e),p=[`<`,`>`,`"`,"`",` `,`\r`,`
|
|
2
|
+
`,` `,`\\`,`%2F`,`%5C`,`%2f`,`%5c`,`\r
|
|
3
|
+
`,`%0A`,`%0D`,`%0a`,`%0d`,`..`,`//`,`///`,`...`,`%20`,`\0`],m=e=>{if(!new RegExp(/^https?:\/\/[^/]/).test(e))return!1;let t=e.match(/^(https?:\/\/)(.*)$/);if(!t)return!1;let n=t[2];for(let e of p)if(n.includes(e))return!1;return/^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()?#*+,;=:@-]*)*\/?$/.test(t[0])},h=e=>typeof e==`object`&&!!e&&`token`in e&&typeof e?.token==`string`,g=e=>{if(e.length>100)return!1;for(let t of p)if(e.includes(t))return!1;return/^\/[a-zA-Z0-9\-_/.?&=#]*\/?$/.test(e)},_=(e,t)=>{let n=new URL(e),r=new URL(t);return i(n.origin,r.origin)},v=(e,t)=>{if(!m(e)||t.length===0)return!1;try{let n=new URL(e).origin;for(let e of t){if(l(e)?.test(n))return!0;try{if(m(e)&&i(new URL(e).origin,n))return!0}catch{}}}catch{}return!1},y=e=>e?.jwt?.mode??`sealed`,b=e=>y(e)===`signed`,x=e=>y(e)===`encrypted`,S=e=>y(e)===`sealed`;export{u as _,S as a,m as c,i as d,s as f,l as g,a as h,_ as i,r as l,c as m,h as n,b as o,o as p,g as r,v as s,x as t,d as u,f as v};
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
const e=require(`./errors-CCYPHuBO.cjs`),t=require(`./env-bq387KyP.cjs`);let n=require(`@aura-stack/jose/crypto`);const r=(e,t)=>e===null||t===null||e===void 0||t===void 0?!1:e===t,i=(e,t)=>{let n=e instanceof Headers?e:e.headers,r=e instanceof Headers?null:e.url;return t?r?.startsWith(`https://`)||n.get(`X-Forwarded-Proto`)===`https`||(n.get(`Forwarded`)?.includes(`proto=https`)??!1):r?.startsWith(`https://`)??!1},a=e=>!e.issues||e.issues.length===0?{}:e.issues.reduce((e,t)=>{let n=t.path.join(`.`);return{...e,[n]:{code:t.code,message:t.message}}},{}),o=e=>{let t=e.match(/^https?:\/\/[a-zA-Z0-9_\-.]+(:\d+)?(\/.*)$/);return t&&t[2]?t[2]:`/`},s=e=>e instanceof Error?e.name:typeof e==`string`?e:`UnknownError`,c=e=>{try{if(e.length>2048)return null;e=e.replace(/\\/g,``);let t=e.match(/^(https?):\/\/([a-zA-Z0-9.*-]{1,253})(?::(\d{1,5}|\*))?(?:\/.*)?$/);if(!t)return null;let[,n,r,i]=t,a=r.includes(`*`);if(a&&!r.startsWith(`*.`)||a&&r.slice(2).includes(`*`))return null;let o=(a?r.slice(2):r).replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),s=a?`[^.]+\\.${o}`:o,c=i===`*`?`:\\d{1,5}`:i?`:${i}`:``;return RegExp(`^${n}:\\/\\/${s}${c}$`)}catch{return null}},l=(e,t)=>{let r=n.encoder.encode(e),i=n.encoder.encode(t),a=Math.max(r.length,i.length),o=0;for(let e=0;e<a;e++)o|=(r[e]??0)^(i[e]??0);return o===0&&r.length===i.length},u=(r,i)=>{let a=t.n(r)??r,o=t.n(i)??i;if(!a||!o)throw new e.n(`INVALID_OAUTH_CONFIGURATION`,`Missing client credentials for OAuth provider configuration.`);let s=`${a}:${o}`,c=String.fromCharCode.apply(null,Array.from(n.encoder.encode(s)));return`Basic ${btoa(c)}`},d=(e,t)=>(new Headers(t).forEach((t,n)=>{e.has(n)||(n.toLowerCase()===`set-cookie`?e.append(n,t):e.set(n,t))}),e),f=[`<`,`>`,`"`,"`",` `,`\r`,`
|
|
2
|
+
`,` `,`\\`,`%2F`,`%5C`,`%2f`,`%5c`,`\r
|
|
3
|
+
`,`%0A`,`%0D`,`%0a`,`%0d`,`..`,`//`,`///`,`...`,`%20`,`\0`],p=e=>{if(!new RegExp(/^https?:\/\/[^/]/).test(e))return!1;let t=e.match(/^(https?:\/\/)(.*)$/);if(!t)return!1;let n=t[2];for(let e of f)if(n.includes(e))return!1;return/^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()?#*+,;=:@-]*)*\/?$/.test(t[0])},m=e=>typeof e==`object`&&!!e&&`token`in e&&typeof e?.token==`string`,h=e=>{if(e.length>100)return!1;for(let t of f)if(e.includes(t))return!1;return/^\/[a-zA-Z0-9\-_/.?&=#]*\/?$/.test(e)},g=(e,t)=>{let n=new URL(e),i=new URL(t);return r(n.origin,i.origin)},_=(e,t)=>{if(!p(e)||t.length===0)return!1;try{let n=new URL(e).origin;for(let e of t){if(c(e)?.test(n))return!0;try{if(p(e)&&r(new URL(e).origin,n))return!0}catch{}}}catch{}return!1},v=e=>e?.jwt?.mode??`sealed`,y=e=>v(e)===`signed`,b=e=>v(e)===`encrypted`,x=e=>v(e)===`sealed`;Object.defineProperty(exports,`_`,{enumerable:!0,get:function(){return l}}),Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return x}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return p}}),Object.defineProperty(exports,`d`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`f`,{enumerable:!0,get:function(){return o}}),Object.defineProperty(exports,`g`,{enumerable:!0,get:function(){return c}}),Object.defineProperty(exports,`h`,{enumerable:!0,get:function(){return i}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return g}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return`0.5.0`}}),Object.defineProperty(exports,`m`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return y}}),Object.defineProperty(exports,`p`,{enumerable:!0,get:function(){return a}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return h}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return _}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return b}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return u}}),Object.defineProperty(exports,`v`,{enumerable:!0,get:function(){return d}});
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});const e=require(`../errors-CCYPHuBO.cjs`),t=require(`@aura-stack/router`).createClient,n=n=>{if(typeof window>`u`&&!n.baseURL)throw new e.t("`baseURL` is required when createAuthClient is used outside the browser.");let r=t({cache:`no-store`,credentials:`include`,baseURL:n.baseURL??window.location.origin,...n}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let n=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{...t,redirect:!1}})).json();return(t?.redirect??!0)&&typeof window<`u`&&n?.signInURL&&window.location.assign(n.signInURL),n}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let t=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:e?.redirectTo}})).json();return(e?.redirect??!0)&&typeof window<`u`&&t?.redirectURL&&window.location.assign(t.redirectURL),t}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for session update.`);let{session:a}=t??{};if(!a)return{success:!1,session:null};let o=a.user??{},s=await(await r.patch(`/session`,{body:{user:o,expires:a.expires?new Date(a.expires):void 0},headers:{"X-CSRF-Token":n}})).json();return(t.redirect??!0)&&typeof window<`u`&&s?.redirectURL&&window.location.assign(s.redirectURL),s}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return(t?.redirect??!0)&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};exports.createAuthClient=n;
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Jt as BuiltInOAuthProvider, K as LiteralUnion, O as UpdateSessionOptions, T as SignOutReturn, _t as User, b as SignInOptions, k as UpdateSessionReturn, n as AuthClientOptions, pt as Session, v as SignInCredentialsOptions, w as SignOutOptions, x as SignInReturn, y as SignInCredentialsReturn } from "../index-nqLV2t91.js";
|
|
2
|
+
//#region src/client/client.d.ts
|
|
3
|
+
declare const createAuthClient: <DefaultUser extends User = User>(options: AuthClientOptions) => {
|
|
4
|
+
getSession: () => Promise<Session<DefaultUser> | null>;
|
|
5
|
+
signIn: <Options extends SignInOptions>(oauth: LiteralUnion<BuiltInOAuthProvider>, options?: Options) => Promise<SignInReturn<Options>>;
|
|
6
|
+
signInCredentials: <Options extends SignInCredentialsOptions>(options: Options) => Promise<SignInCredentialsReturn<Options>>;
|
|
7
|
+
updateSession: <Options extends UpdateSessionOptions<DefaultUser>>(options: Options) => Promise<UpdateSessionReturn<Options, DefaultUser>>;
|
|
8
|
+
signOut: <Options extends SignOutOptions>(options?: Options) => Promise<SignOutReturn<Options>>;
|
|
9
|
+
};
|
|
10
|
+
//#endregion
|
|
11
|
+
export { type AuthClientOptions, createAuthClient };
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import{t as e}from"../errors-DFWHOho6.js";import{createClient as t}from"@aura-stack/router";const n=t,r=t=>{if(typeof window>`u`&&!t.baseURL)throw new e("`baseURL` is required when createAuthClient is used outside the browser.");let r=n({cache:`no-store`,credentials:`include`,baseURL:t.baseURL??window.location.origin,...t}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let n=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{...t,redirect:!1}})).json();return(t?.redirect??!0)&&typeof window<`u`&&n?.signInURL&&window.location.assign(n.signInURL),n}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let t=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:e?.redirectTo}})).json();return(e?.redirect??!0)&&typeof window<`u`&&t?.redirectURL&&window.location.assign(t.redirectURL),t}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for session update.`);let{session:a}=t??{};if(!a)return{success:!1,session:null};let o=a.user??{},s=await(await r.patch(`/session`,{body:{user:o,expires:a.expires?new Date(a.expires):void 0},headers:{"X-CSRF-Token":n}})).json();return(t.redirect??!0)&&typeof window<`u`&&s?.redirectURL&&window.location.assign(s.redirectURL),s}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return(t?.redirect??!0)&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};export{r as createAuthClient};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import{i as e,n as t}from"./errors-DFWHOho6.js";import{n}from"./env-nvh8QBNz.js";import{_ as r,a as i,d as a,n as o,o as s,t as c}from"./assert-B3iQSYlK.js";import{encoder as l,getRandomBytes as u,getSubtleCrypto as d}from"@aura-stack/jose/crypto";import{createDeriveKey as f,createJWE as p,createJWS as m,createJWT as h,createSecret as g}from"@aura-stack/jose";import{base64url as _}from"@aura-stack/jose/jose";const v=e=>e?.jwt,y=e=>{let t=v(e),n={};t?.audience&&(n.aud=t.audience),t?.issuer&&(n.iss=t.issuer);let r=Math.floor(Date.now()/1e3);return t?.maxAge&&(n.exp=r+t.maxAge),t?.maxExpiration&&(n.mexp=r+t.maxExpiration),n},b=(e,t)=>({...y(t),...e}),x=(e,t)=>{let n={};return(s(e)||i(e))&&e?.jwt?.signingAlgorithm&&(n.alg=e.jwt.signingAlgorithm),{...n,...t}},S=(e,t)=>{let n={};return(c(e)||i(e))&&(e?.jwt?.keyAlgorithm&&(n.alg=e.jwt.keyAlgorithm),e?.jwt?.encryptionAlgorithm&&(n.enc=e.jwt.encryptionAlgorithm)),{...n,...t}},C=(e,t)=>{let n={};return(s(e)||i(e))&&(e?.jwt?.signingAlgorithm&&(n.algorithms=[e.jwt.signingAlgorithm]),n.issuer=e?.jwt?.issuer,n.audience=e?.jwt?.audience),{...n,...t}},w=(e,t)=>{let n={};return(c(e)||i(e))&&(e?.jwt?.keyAlgorithm&&(n.keyManagementAlgorithms=[e.jwt.keyAlgorithm]),e?.jwt?.encryptionAlgorithm&&(n.contentEncryptionAlgorithms=[e.jwt.encryptionAlgorithm]),n.issuer=e?.jwt?.issuer,n.audience=e?.jwt?.audience),{...n,...t}},T=t=>{let n=Math.floor(Date.now()/1e3);if(t.mexp&&typeof t.mexp==`number`&&n>t.mexp)throw new e(`TOKEN_EXPIRED`,`The token has expired based on its maxExpiration (mexp) claim.`)},E=(e,r)=>{if(e??=n(`SECRET`),!e)throw new t(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SECRET environment variable is not set and no secret was provided.`);let i=n(`SALT`);if(!i)throw new t(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SALT or AUTH_SALT environment variable is not set. A salt value is required for key derivation.`);try{g(i)}catch(e){throw new t(`INVALID_SALT_SECRET_VALUE`,`AURA_AUTH_SALT/AUTH_SALT is invalid. It must be at least 32 bytes long and meet entropy requirements.`,{cause:e})}let a=(async()=>{let[t,n,r]=await Promise.all([f(e,i,`signing`),f(e,i,`encryption`),f(e,i,`csrfToken`)]);return{jwt:h({sign:t,encrypt:n}),jws:m(r),jwe:p(n)}})();return a.catch(()=>{}),{signJWS:async(e,t)=>{let{jws:n}=await a;return n.signJWS(b(e,r),x(r,t))},verifyJWS:async(e,t)=>{let{jws:n}=await a,i=await n.verifyJWS(e,C(r,t));return T(i),i},encryptJWE:async(e,t)=>{let{jwe:n}=await a;return n.encryptJWE(b(e,r),S(r,t))},decryptJWE:async(e,t)=>{let{jwe:n}=await a,i=await n.decryptJWE(e,w(r,t));return T(i),i},encodeJWT:async(e,t)=>{let{jwt:n}=await a;return await n.encodeJWT(b(e,r),{sign:x(r,t?.sign),encrypt:S(r,t?.encrypt)})},decodeJWT:async(e,t)=>{let{jwt:n}=await a,i=await n.decodeJWT(e,{verify:C(r,t?.verify),decrypt:w(r,t?.decrypt)});return T(i),i}}},D=(e=32)=>_.encode(u(e)),O=async e=>{let t=await d().digest(`SHA-256`,l.encode(e));return _.encode(new Uint8Array(t))},k=async t=>{let n=t?void 0:Math.floor(Math.random()*65+32),r=t??D(n??64);if(r.length<43||r.length>128)throw new e(`PKCE_VERIFIER_INVALID`,`The code verifier must be between 43 and 128 characters in length.`);return{codeVerifier:r,codeChallenge:await O(r),method:`S256`}},A=async(e,t)=>{try{if(t)return await e.verifyJWS(t),t;let n=D(32);return e.signJWS({token:n})}catch{let t=D(32);return e.signJWS({token:t})}},j=async(t,n,i)=>{try{let s=await t.verifyJWS(n),c=await t.verifyJWS(i);if(!o(s))throw new e(`CSRF_TOKEN_INVALID`,`Cookie payload missing token field.`);if(!o(c))throw new e(`CSRF_TOKEN_INVALID`,`Header payload missing token field.`);if(!a(s.token.length,c.token.length)||!r(s.token,c.token))throw new e(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`);return!0}catch{throw new e(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`)}},M=async(e,t,n=1e5)=>{let r=d(),i=t?_.decode(t):u(16),a=await r.importKey(`raw`,l.encode(e),`PBKDF2`,!1,[`deriveBits`]),o=await r.deriveBits({name:`PBKDF2`,salt:i,iterations:n,hash:`SHA-256`},a,256),s=new Uint8Array(o),c=_.encode(s);return`pbkdf2-sha256:${n}:${_.encode(i)}:${c}`},N=async(e,t)=>{try{let n=t.split(`:`);if(n.length!==4)return!1;let[i,a,o]=n;if(i!==`pbkdf2-sha256`)return!1;let s=parseInt(a,10);return isNaN(s)?!1:r(await M(e,o,s),t)}catch{return!1}};export{M as a,E as c,D as i,O as n,j as o,k as r,N as s,A as t};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const e=require(`./errors-CCYPHuBO.cjs`),t=require(`./env-bq387KyP.cjs`),n=require(`./assert-NJGroSJd.cjs`);let r=require(`@aura-stack/jose/crypto`),i=require(`@aura-stack/jose`),a=require(`@aura-stack/jose/jose`);const o=e=>e?.jwt,s=e=>{let t=o(e),n={};t?.audience&&(n.aud=t.audience),t?.issuer&&(n.iss=t.issuer);let r=Math.floor(Date.now()/1e3);return t?.maxAge&&(n.exp=r+t.maxAge),t?.maxExpiration&&(n.mexp=r+t.maxExpiration),n},c=(e,t)=>({...s(t),...e}),l=(e,t)=>{let r={};return(n.o(e)||n.a(e))&&e?.jwt?.signingAlgorithm&&(r.alg=e.jwt.signingAlgorithm),{...r,...t}},u=(e,t)=>{let r={};return(n.t(e)||n.a(e))&&(e?.jwt?.keyAlgorithm&&(r.alg=e.jwt.keyAlgorithm),e?.jwt?.encryptionAlgorithm&&(r.enc=e.jwt.encryptionAlgorithm)),{...r,...t}},d=(e,t)=>{let r={};return(n.o(e)||n.a(e))&&(e?.jwt?.signingAlgorithm&&(r.algorithms=[e.jwt.signingAlgorithm]),r.issuer=e?.jwt?.issuer,r.audience=e?.jwt?.audience),{...r,...t}},f=(e,t)=>{let r={};return(n.t(e)||n.a(e))&&(e?.jwt?.keyAlgorithm&&(r.keyManagementAlgorithms=[e.jwt.keyAlgorithm]),e?.jwt?.encryptionAlgorithm&&(r.contentEncryptionAlgorithms=[e.jwt.encryptionAlgorithm]),r.issuer=e?.jwt?.issuer,r.audience=e?.jwt?.audience),{...r,...t}},p=t=>{let n=Math.floor(Date.now()/1e3);if(t.mexp&&typeof t.mexp==`number`&&n>t.mexp)throw new e.i(`TOKEN_EXPIRED`,`The token has expired based on its maxExpiration (mexp) claim.`)},m=(n,r)=>{if(n??=t.n(`SECRET`),!n)throw new e.n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SECRET environment variable is not set and no secret was provided.`);let a=t.n(`SALT`);if(!a)throw new e.n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SALT or AUTH_SALT environment variable is not set. A salt value is required for key derivation.`);try{(0,i.createSecret)(a)}catch(t){throw new e.n(`INVALID_SALT_SECRET_VALUE`,`AURA_AUTH_SALT/AUTH_SALT is invalid. It must be at least 32 bytes long and meet entropy requirements.`,{cause:t})}let o=(async()=>{let[e,t,r]=await Promise.all([(0,i.createDeriveKey)(n,a,`signing`),(0,i.createDeriveKey)(n,a,`encryption`),(0,i.createDeriveKey)(n,a,`csrfToken`)]);return{jwt:(0,i.createJWT)({sign:e,encrypt:t}),jws:(0,i.createJWS)(r),jwe:(0,i.createJWE)(t)}})();return o.catch(()=>{}),{signJWS:async(e,t)=>{let{jws:n}=await o;return n.signJWS(c(e,r),l(r,t))},verifyJWS:async(e,t)=>{let{jws:n}=await o,i=await n.verifyJWS(e,d(r,t));return p(i),i},encryptJWE:async(e,t)=>{let{jwe:n}=await o;return n.encryptJWE(c(e,r),u(r,t))},decryptJWE:async(e,t)=>{let{jwe:n}=await o,i=await n.decryptJWE(e,f(r,t));return p(i),i},encodeJWT:async(e,t)=>{let{jwt:n}=await o;return await n.encodeJWT(c(e,r),{sign:l(r,t?.sign),encrypt:u(r,t?.encrypt)})},decodeJWT:async(e,t)=>{let{jwt:n}=await o,i=await n.decodeJWT(e,{verify:d(r,t?.verify),decrypt:f(r,t?.decrypt)});return p(i),i}}},h=(e=32)=>a.base64url.encode((0,r.getRandomBytes)(e)),g=async e=>{let t=await(0,r.getSubtleCrypto)().digest(`SHA-256`,r.encoder.encode(e));return a.base64url.encode(new Uint8Array(t))},_=async t=>{let n=t?void 0:Math.floor(Math.random()*65+32),r=t??h(n??64);if(r.length<43||r.length>128)throw new e.i(`PKCE_VERIFIER_INVALID`,`The code verifier must be between 43 and 128 characters in length.`);return{codeVerifier:r,codeChallenge:await g(r),method:`S256`}},v=async(e,t)=>{try{if(t)return await e.verifyJWS(t),t;let n=h(32);return e.signJWS({token:n})}catch{let t=h(32);return e.signJWS({token:t})}},y=async(t,r,i)=>{try{let a=await t.verifyJWS(r),o=await t.verifyJWS(i);if(!n.n(a))throw new e.i(`CSRF_TOKEN_INVALID`,`Cookie payload missing token field.`);if(!n.n(o))throw new e.i(`CSRF_TOKEN_INVALID`,`Header payload missing token field.`);if(!n.d(a.token.length,o.token.length)||!n._(a.token,o.token))throw new e.i(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`);return!0}catch{throw new e.i(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`)}},b=async(e,t,n=1e5)=>{let i=(0,r.getSubtleCrypto)(),o=t?a.base64url.decode(t):(0,r.getRandomBytes)(16),s=await i.importKey(`raw`,r.encoder.encode(e),`PBKDF2`,!1,[`deriveBits`]),c=await i.deriveBits({name:`PBKDF2`,salt:o,iterations:n,hash:`SHA-256`},s,256),l=new Uint8Array(c),u=a.base64url.encode(l);return`pbkdf2-sha256:${n}:${a.base64url.encode(o)}:${u}`},x=async(e,t)=>{try{let r=t.split(`:`);if(r.length!==4)return!1;let[i,a,o]=r;if(i!==`pbkdf2-sha256`)return!1;let s=parseInt(a,10);return isNaN(s)?!1:n._(await b(e,o,s),t)}catch{return!1}};Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return b}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return h}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return g}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return y}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return _}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return x}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return v}});
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const e=new Proxy({},{get(e,t){if(typeof t!=`string`)return;let n=e=>e&&Object.prototype.hasOwnProperty.call(e,t);try{if(typeof process<`u`&&n(process.env))return process.env[t];if(n({}.env))return{}.env[t];if(typeof Deno<`u`&&Deno.env?.get)return Deno.env.get(t);if(typeof Bun<`u`&&n(Bun.env))return Bun.env[t];let e=globalThis[t];return typeof e==`string`?e:void 0}catch{return}}}),t=t=>e[[`AURA_AUTH_${t.toUpperCase()}`,`AURA_${t.toUpperCase()}`,`AUTH_${t.toUpperCase()}`,t.toUpperCase()].find(t=>e[t])??``],n=e=>{let n=t(e);if(n===void 0)return!1;let r=n.trim().toLowerCase();return!![`1`,`true`,`yes`,`on`,`debug`].includes(r)},r=(e,n=[])=>{let r=t(e);return r?r.split(/[,;\n]+/).map(e=>e.trim()).filter(Boolean):n};Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return n}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return t}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return e}});
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const e=new Proxy({},{get(e,t){if(typeof t!=`string`)return;let n=e=>e&&Object.prototype.hasOwnProperty.call(e,t);try{if(typeof process<`u`&&n(process.env))return process.env[t];if(n(import.meta.env))return import.meta.env[t];if(typeof Deno<`u`&&Deno.env?.get)return Deno.env.get(t);if(typeof Bun<`u`&&n(Bun.env))return Bun.env[t];let e=globalThis[t];return typeof e==`string`?e:void 0}catch{return}}}),t=t=>e[[`AURA_AUTH_${t.toUpperCase()}`,`AURA_${t.toUpperCase()}`,`AUTH_${t.toUpperCase()}`,t.toUpperCase()].find(t=>e[t])??``],n=e=>{let n=t(e);if(n===void 0)return!1;let r=n.trim().toLowerCase();return!![`1`,`true`,`yes`,`on`,`debug`].includes(r)},r=(e,n=[])=>{let r=t(e);return r?r.split(/[,;\n]+/).map(e=>e.trim()).filter(Boolean):n};export{n as i,t as n,r,e as t};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
var e=class extends Error{type=`OAUTH_PROTOCOL_ERROR`;error;errorURI;constructor(e,t,n,r){super(t,r),this.error=e,this.errorURI=n,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},t=class extends Error{type=`AUTH_INTERNAL_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},n=class extends Error{type=`AUTH_SECURITY_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},r=class extends Error{type=`AUTH_CLIENT_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},i=class extends Error{type=`AUTH_INVALID_CONFIGURATION_ERROR`;constructor(e,t){super(e,t),this.name=new.target.name,Error?.captureStackTrace?.(this,new.target)}},a=class extends Error{type=`AUTH_VALIDATION_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace?.(this,new.target)}};const o=e=>e instanceof Error,s=t=>t instanceof e,c=e=>e instanceof t,l=e=>e instanceof n,u=e=>e instanceof r,d=e=>e instanceof a,f=e=>c(e)||l(e)||u(e)||d(e);Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return a}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return c}}),Object.defineProperty(exports,`d`,{enumerable:!0,get:function(){return o}}),Object.defineProperty(exports,`f`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return n}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return l}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return t}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return e}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return i}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return f}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return d}});
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
var e=class extends Error{type=`OAUTH_PROTOCOL_ERROR`;error;errorURI;constructor(e,t,n,r){super(t,r),this.error=e,this.errorURI=n,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},t=class extends Error{type=`AUTH_INTERNAL_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},n=class extends Error{type=`AUTH_SECURITY_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},r=class extends Error{type=`AUTH_CLIENT_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace(this,new.target)}},i=class extends Error{type=`AUTH_INVALID_CONFIGURATION_ERROR`;constructor(e,t){super(e,t),this.name=new.target.name,Error?.captureStackTrace?.(this,new.target)}},a=class extends Error{type=`AUTH_VALIDATION_ERROR`;code;constructor(e,t,n){super(t,n),this.code=e,this.name=new.target.name,Error?.captureStackTrace?.(this,new.target)}};const o=e=>e instanceof Error,s=t=>t instanceof e,c=e=>e instanceof t,l=e=>e instanceof n,u=e=>e instanceof r,d=e=>e instanceof a,f=e=>c(e)||l(e)||u(e)||d(e);export{a,c,o as d,s as f,n as i,l,t as n,e as o,i as r,f as s,r as t,d as u};
|