@aura-stack/auth 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/@types/index.d.ts +2 -2
- package/dist/assert-_fBNnaOk.js +3 -0
- package/dist/assert-hDwQ_SPO.cjs +3 -0
- package/dist/client/index.cjs +1 -1
- package/dist/client/index.d.ts +1 -1
- package/dist/client/index.js +1 -1
- package/dist/crypto-D6_SoGMH.cjs +1 -0
- package/dist/crypto-DyrRzBSQ.js +1 -0
- package/dist/env-7as-tgzO.cjs +1 -0
- package/dist/env-CJtSi1eX.js +1 -0
- package/dist/errors-Czt_w1t_.js +1 -0
- package/dist/errors-DcK2ELlk.cjs +1 -0
- package/dist/identity-b8FCr0Oa.cjs +1 -0
- package/dist/{index-BkpwQ0l4.d.cts → index-C9U6ICDT.d.ts} +792 -275
- package/dist/index.cjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -1
- package/dist/{logger-C59_CDMk.js → logger-DjXkgSn5.js} +1 -1
- package/dist/{logger-UnUhYL2V.cjs → logger-G5PinyEc.cjs} +1 -1
- package/dist/oauth/atlassian.d.ts +1 -1
- package/dist/oauth/bitbucket.d.ts +1 -1
- package/dist/oauth/click-up.cjs +1 -0
- package/dist/oauth/click-up.d.ts +2 -0
- package/dist/oauth/click-up.js +1 -0
- package/dist/oauth/discord.d.ts +1 -1
- package/dist/oauth/dribbble.cjs +1 -0
- package/dist/oauth/dribbble.d.ts +2 -0
- package/dist/oauth/dribbble.js +1 -0
- package/dist/oauth/dropbox.d.ts +1 -1
- package/dist/oauth/figma.d.ts +1 -1
- package/dist/oauth/github.d.ts +1 -1
- package/dist/oauth/gitlab.d.ts +1 -1
- package/dist/oauth/index.cjs +1 -1
- package/dist/oauth/index.d.ts +2 -2
- package/dist/oauth/index.js +1 -1
- package/dist/oauth/mailchimp.d.ts +1 -1
- package/dist/oauth/notion.cjs +1 -1
- package/dist/oauth/notion.d.ts +1 -1
- package/dist/oauth/notion.js +1 -1
- package/dist/oauth/pinterest.d.ts +1 -1
- package/dist/oauth/spotify.d.ts +1 -1
- package/dist/oauth/strava.d.ts +1 -1
- package/dist/oauth/twitch.cjs +1 -1
- package/dist/oauth/twitch.d.ts +1 -1
- package/dist/oauth/twitch.js +1 -1
- package/dist/oauth/x.d.ts +1 -1
- package/dist/oauth-D3_mnBOx.js +1 -0
- package/dist/oauth-gPiWxjBd.cjs +1 -0
- package/dist/shared/crypto.cjs +1 -1
- package/dist/shared/crypto.d.ts +26 -2
- package/dist/shared/crypto.js +1 -1
- package/dist/shared/identity.cjs +1 -1
- package/dist/shared/identity.d.ts +2 -2
- package/dist/shared/identity.js +1 -1
- package/dist/shared/index.cjs +1 -1
- package/dist/shared/index.d.ts +1 -1
- package/dist/shared/index.js +1 -1
- package/package.json +9 -6
- package/dist/assert-B3iQSYlK.js +0 -3
- package/dist/assert-NJGroSJd.cjs +0 -3
- package/dist/crypto-Bz8nIciY.js +0 -1
- package/dist/crypto-CoXA5w_4.cjs +0 -1
- package/dist/env-bq387KyP.cjs +0 -1
- package/dist/env-nvh8QBNz.js +0 -1
- package/dist/errors-CCYPHuBO.cjs +0 -1
- package/dist/errors-DFWHOho6.js +0 -1
- package/dist/index-nqLV2t91.d.ts +0 -2279
- package/dist/index.d.cts +0 -2
- package/dist/oauth-BntNm6aE.cjs +0 -1
- package/dist/oauth-DmHy9VrB.js +0 -1
package/dist/@types/index.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import { $ as
|
|
2
|
-
export { APIErrorMap, APIOptionsWithRedirectTo, APIOptionsWithRequest, APIOptionsWithSkipCSRFCheck, AccessTokenError, AuthAPI, AuthClient, AuthClientOptions, AuthConfig, AuthInstance, AuthInternalErrorCode, AuthResponse, AuthRuntimeConfig, AuthSecurityErrorCode, AuthorizationError, AuthorizeParams, BuiltInOAuthProvider, CookieConfig, CookieName, CookieStoreConfig, CookieStrategyAttributes, CreateSessionStrategyOptions, CredentialsPayload, CredentialsProvider, CredentialsProviderContext, DeepPartial, DeepRequired, EditableShape, ErrorType, FunctionAPIContext, GetSessionAPIOptions, GetSessionAPIReturn, GetStatelessSessionReturn, HostCookie, IdentityConfig,
|
|
1
|
+
import { $ as LiteralUnion, $t as JWTMode, A as APIErrorMap, At as StandardCookie, B as AuthResponse, Bt as AsymmetricKeyPair, C as SignOutAPIReturn, Ct as JoseInstance, D as UpdateSessionAPIReturn, Dt as SchemaRegistryContext, E as UpdateSessionAPIOptions, Et as RouterGlobalContext, F as ErrorType, Ft as OAuthProvider, G as EditableShapeArkType, Gt as JWTConfig, H as DeepPartial, Ht as CreateSessionStrategyOptions, I as OAuthError, It as OAuthProviderConfig, J as EditableShapeZod, Jt as JWTEncryptionAlgorithm, K as EditableShapeTypebox, Kt as JWTConfigBase, L as TokenRevocationError, Lt as OAuthProviderCredentials, M as AuthInternalErrorCode, Mt as TrustedOrigin, N as AuthSecurityErrorCode, Nt as TrustedProxyHeadersConfig, O as UpdateSessionOptions, Ot as SecureCookie, P as AuthorizationError, Pt as AuthorizeParams, Q as InferZodShape, Qt as JWTManager, Rt as OAuthProviderRecord, S as SignOutAPIOptions, St as InternalLogger, T as SignOutReturn, Tt as Logger, U as DeepRequired, Ut as CryptoSecret, V as ConfigSchema, Vt as AsymmetricKeyPairFromEnv, W as EditableShape, Wt as GetStatelessSessionReturn, X as InferSession, Xt as JWTKey, Y as FromShapeToObject, Yt as JWTExpirationStrategy, Z as InferUser, Zt as JWTKeyAlgorithm, _ as SignInCredentialsAPIReturn, _r as UserShape, _t as CredentialsProvider, a as OAuthEnv, an as Session, at as ValibotShapeToObject, b as SignInOptions, bt as IdentityConfig, c as APIOptionsWithRequest, cn as StatelessStrategyConfig, ct as AuthAPI, d as GetSessionAPIOptions, dt as AuthRuntimeConfig, en as JWTSealedMode, et as Merge, f as GetSessionAPIReturn, ft as CookieConfig, g as SignInCredentialsAPIOptions, gt as CredentialsPayload, h as SignInAPIReturn, ht as CookieStrategyAttributes, i as JWTStandardClaims, in as SecretKey, it as UserFrom, j as AccessTokenError, jt as SyslogOptions, k as UpdateSessionReturn, kt as Severity, l as APIOptionsWithSkipCSRFCheck, ln as User, lt as AuthConfig, m as SignInAPIOptions, mt as CookieStoreConfig, n as AuthClientOptions, nn as JWTSigningAlgorithm, nt as SessionFrom, o as TypedJWTPayload, on as SessionConfig, ot as Wrap, p as OptionsWithRedirectTo, pt as CookieName, q as EditableShapeValibot, qt as JWTEncryptedMode, r as JWTPayloadWithToken, rn as JWTStrategyOptions, rt as TypeboxShapeToObject, s as APIOptionsWithRedirectTo, sn as SessionStrategy, st as ZodShapeToObject, t as AuthClient, tn as JWTSignedMode, tt as Prettify, u as FunctionAPIContext, un as BuiltInOAuthProvider, ut as AuthInstance, v as SignInCredentialsOptions, vt as CredentialsProviderContext, w as SignOutOptions, wt as LogLevel, x as SignInReturn, xt as InternalContext, y as SignInCredentialsReturn, yt as HostCookie, z as ArktypeShapeToObject, zt as ResponseType } from "../index-C9U6ICDT.js";
|
|
2
|
+
export { APIErrorMap, APIOptionsWithRedirectTo, APIOptionsWithRequest, APIOptionsWithSkipCSRFCheck, AccessTokenError, ArktypeShapeToObject, AsymmetricKeyPair, AsymmetricKeyPairFromEnv, AuthAPI, AuthClient, AuthClientOptions, AuthConfig, AuthInstance, AuthInternalErrorCode, AuthResponse, AuthRuntimeConfig, AuthSecurityErrorCode, AuthorizationError, AuthorizeParams, BuiltInOAuthProvider, ConfigSchema, CookieConfig, CookieName, CookieStoreConfig, CookieStrategyAttributes, CreateSessionStrategyOptions, CredentialsPayload, CredentialsProvider, CredentialsProviderContext, CryptoSecret, DeepPartial, DeepRequired, EditableShape, EditableShapeArkType, EditableShapeTypebox, EditableShapeValibot, EditableShapeZod, ErrorType, FromShapeToObject, FunctionAPIContext, GetSessionAPIOptions, GetSessionAPIReturn, GetStatelessSessionReturn, HostCookie, IdentityConfig, InferSession, InferUser, InferZodShape, InternalContext, InternalLogger, JWTConfig, JWTConfigBase, JWTEncryptedMode, JWTEncryptionAlgorithm, JWTExpirationStrategy, JWTKey, JWTKeyAlgorithm, JWTManager, JWTMode, JWTPayloadWithToken, JWTSealedMode, JWTSignedMode, JWTSigningAlgorithm, JWTStandardClaims, JWTStrategyOptions, JoseInstance, LiteralUnion, LogLevel, Logger, Merge, OAuthEnv, OAuthError, OAuthProvider, OAuthProviderConfig, OAuthProviderCredentials, OAuthProviderRecord, OptionsWithRedirectTo, Prettify, ResponseType, RouterGlobalContext, SchemaRegistryContext, SecretKey, SecureCookie, Session, SessionConfig, SessionFrom, SessionStrategy, Severity, SignInAPIOptions, SignInAPIReturn, SignInCredentialsAPIOptions, SignInCredentialsAPIReturn, SignInCredentialsOptions, SignInCredentialsReturn, SignInOptions, SignInReturn, SignOutAPIOptions, SignOutAPIReturn, SignOutOptions, SignOutReturn, StandardCookie, StatelessStrategyConfig, SyslogOptions, TokenRevocationError, TrustedOrigin, TrustedProxyHeadersConfig, TypeboxShapeToObject, TypedJWTPayload, UpdateSessionAPIOptions, UpdateSessionAPIReturn, UpdateSessionOptions, UpdateSessionReturn, User, UserFrom, UserShape, ValibotShapeToObject, Wrap, ZodShapeToObject };
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import{n as e}from"./errors-Czt_w1t_.js";import{n as t}from"./env-CJtSi1eX.js";import{encoder as n}from"@aura-stack/jose/crypto";const r=`0.5.0`,i=(e,t)=>e===null||t===null||e===void 0||t===void 0?!1:e===t,a=(e,t)=>{let n=e instanceof Headers?e:e.headers,r=e instanceof Headers?null:e.url;return t?r?.startsWith(`https://`)||n.get(`X-Forwarded-Proto`)===`https`||(n.get(`Forwarded`)?.includes(`proto=https`)??!1):r?.startsWith(`https://`)??!1},o=e=>!e.issues||e.issues.length===0?{}:e.issues.reduce((e,t)=>{let n=t.path.join(`.`);return{...e,[n]:{code:t.code,message:t.message}}},{}),s=e=>{let t=e.match(/^https?:\/\/[a-zA-Z0-9_\-.]+(:\d+)?(\/.*)$/);return t&&t[2]?t[2]:`/`},c=e=>e instanceof Error?e.name:typeof e==`string`?e:`UnknownError`,l=e=>{try{if(e.length>2048)return null;e=e.replace(/\\/g,``);let t=e.match(/^(https?):\/\/([a-zA-Z0-9.*-]{1,253})(?::(\d{1,5}|\*))?(?:\/.*)?$/);if(!t)return null;let[,n,r,i]=t,a=r.includes(`*`);if(a&&!r.startsWith(`*.`)||a&&!r.startsWith(`*.`)||a&&r.slice(2).includes(`*`))return null;let o=(a?r.slice(2):r).replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),s=a?`[^.]+\\.${o}`:o,c=i===`*`?`:\\d{1,5}`:i?`:${i}`:``;return RegExp(`^${n}:\\/\\/${s}${c}$`)}catch{return null}},u=(e,t)=>{let r=n.encode(e),i=n.encode(t),a=Math.max(r.length,i.length),o=0;for(let e=0;e<a;e++)o|=(r[e]??0)^(i[e]??0);return o===0&&r.length===i.length},d=(r,i)=>{let a=t(r)??r,o=t(i)??i;if(!a||!o)throw new e(`INVALID_OAUTH_CONFIGURATION`,`Missing client credentials for OAuth provider configuration.`);let s=`${a}:${o}`,c=String.fromCharCode.apply(null,Array.from(n.encode(s)));return`Basic ${btoa(c)}`},f=(e,t)=>(new Headers(t).forEach((t,n)=>{e.has(n)||(n.toLowerCase()===`set-cookie`?e.append(n,t):e.set(n,t))}),e),p=[`<`,`>`,`"`,"`",` `,`\r`,`
|
|
2
|
+
`,` `,`\\`,`%2F`,`%5C`,`%2f`,`%5c`,`\r
|
|
3
|
+
`,`%0A`,`%0D`,`%0a`,`%0d`,`..`,`//`,`///`,`...`,`%20`,`\0`],m=e=>{if(!new RegExp(/^https?:\/\/[^/]/).test(e))return!1;let t=e.match(/^(https?:\/\/)(.*)$/);if(!t)return!1;let n=t[2];for(let e of p)if(n.includes(e))return!1;return/^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()?#*+,;=:@-]*)*\/?$/.test(t[0])},h=e=>typeof e==`object`&&!!e&&`token`in e&&typeof e?.token==`string`,g=e=>{if(e.length>100)return!1;for(let t of p)if(e.includes(t))return!1;return/^\/[a-zA-Z0-9\-_/.?&=#]*\/?$/.test(e)},_=(e,t)=>{let n=new URL(e),r=new URL(t);return i(n.origin,r.origin)},v=(e,t)=>{if(!m(e)||t.length===0)return!1;try{let n=new URL(e).origin;for(let e of t){if(l(e)?.test(n))return!0;try{if(m(e)&&i(new URL(e).origin,n))return!0}catch{}}}catch{}return!1},y=e=>e?.jwt?.mode??`sealed`,b=e=>y(e)===`signed`,x=e=>y(e)===`encrypted`,S=e=>y(e)===`sealed`,C=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,w=e=>typeof e==`object`&&!!e&&`algorithm`in e&&`extractable`in e,T=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,E=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&(w(e.sign)||C(e.sign))&&(w(e.encrypt)||C(e.encrypt)),D=e=>typeof e==`string`&&/-----BEGIN (PUBLIC|PRIVATE) KEY-----/.test(e),O=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e&&D(e.publicKey)&&D(e.privateKey),k=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&O(e.sign)&&O(e.encrypt),A=e=>typeof e==`object`&&!!e&&`~run`in e&&typeof e[`~run`]==`function`,j=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).length>0&&Object.values(e).every(A),M=e=>typeof e==`object`&&!!e&&`_def`in e,N=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(M),P=e=>typeof e==`function`&&e!==null&&`allows`in e&&`assert`in e,F=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(e=>typeof e==`object`&&`type`in e);export{f as A,i as C,a as D,c as E,l as O,d as S,o as T,A as _,x as a,M as b,T as c,_ as d,S as f,j as g,F as h,E as i,u as k,O as l,v as m,w as n,k as o,b as p,C as r,h as s,P as t,g as u,m as v,s as w,r as x,N as y};
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
require(`./identity-b8FCr0Oa.cjs`);const e=require(`./errors-DcK2ELlk.cjs`),t=require(`./env-7as-tgzO.cjs`);let n=require(`@aura-stack/jose/crypto`);const r=(e,t)=>e===null||t===null||e===void 0||t===void 0?!1:e===t,i=(e,t)=>{let n=e instanceof Headers?e:e.headers,r=e instanceof Headers?null:e.url;return t?r?.startsWith(`https://`)||n.get(`X-Forwarded-Proto`)===`https`||(n.get(`Forwarded`)?.includes(`proto=https`)??!1):r?.startsWith(`https://`)??!1},a=e=>!e.issues||e.issues.length===0?{}:e.issues.reduce((e,t)=>{let n=t.path.join(`.`);return{...e,[n]:{code:t.code,message:t.message}}},{}),o=e=>{let t=e.match(/^https?:\/\/[a-zA-Z0-9_\-.]+(:\d+)?(\/.*)$/);return t&&t[2]?t[2]:`/`},s=e=>e instanceof Error?e.name:typeof e==`string`?e:`UnknownError`,c=e=>{try{if(e.length>2048)return null;e=e.replace(/\\/g,``);let t=e.match(/^(https?):\/\/([a-zA-Z0-9.*-]{1,253})(?::(\d{1,5}|\*))?(?:\/.*)?$/);if(!t)return null;let[,n,r,i]=t,a=r.includes(`*`);if(a&&!r.startsWith(`*.`)||a&&!r.startsWith(`*.`)||a&&r.slice(2).includes(`*`))return null;let o=(a?r.slice(2):r).replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),s=a?`[^.]+\\.${o}`:o,c=i===`*`?`:\\d{1,5}`:i?`:${i}`:``;return RegExp(`^${n}:\\/\\/${s}${c}$`)}catch{return null}},l=(e,t)=>{let r=n.encoder.encode(e),i=n.encoder.encode(t),a=Math.max(r.length,i.length),o=0;for(let e=0;e<a;e++)o|=(r[e]??0)^(i[e]??0);return o===0&&r.length===i.length},u=(r,i)=>{let a=t.n(r)??r,o=t.n(i)??i;if(!a||!o)throw new e.n(`INVALID_OAUTH_CONFIGURATION`,`Missing client credentials for OAuth provider configuration.`);let s=`${a}:${o}`,c=String.fromCharCode.apply(null,Array.from(n.encoder.encode(s)));return`Basic ${btoa(c)}`},d=(e,t)=>(new Headers(t).forEach((t,n)=>{e.has(n)||(n.toLowerCase()===`set-cookie`?e.append(n,t):e.set(n,t))}),e),f=[`<`,`>`,`"`,"`",` `,`\r`,`
|
|
2
|
+
`,` `,`\\`,`%2F`,`%5C`,`%2f`,`%5c`,`\r
|
|
3
|
+
`,`%0A`,`%0D`,`%0a`,`%0d`,`..`,`//`,`///`,`...`,`%20`,`\0`],p=e=>{if(!new RegExp(/^https?:\/\/[^/]/).test(e))return!1;let t=e.match(/^(https?:\/\/)(.*)$/);if(!t)return!1;let n=t[2];for(let e of f)if(n.includes(e))return!1;return/^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()?#*+,;=:@-]*)*\/?$/.test(t[0])},m=e=>typeof e==`object`&&!!e&&`token`in e&&typeof e?.token==`string`,h=e=>{if(e.length>100)return!1;for(let t of f)if(e.includes(t))return!1;return/^\/[a-zA-Z0-9\-_/.?&=#]*\/?$/.test(e)},g=(e,t)=>{let n=new URL(e),i=new URL(t);return r(n.origin,i.origin)},_=(e,t)=>{if(!p(e)||t.length===0)return!1;try{let n=new URL(e).origin;for(let e of t){if(c(e)?.test(n))return!0;try{if(p(e)&&r(new URL(e).origin,n))return!0}catch{}}}catch{}return!1},v=e=>e?.jwt?.mode??`sealed`,y=e=>v(e)===`signed`,b=e=>v(e)===`encrypted`,x=e=>v(e)===`sealed`,S=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,C=e=>typeof e==`object`&&!!e&&`algorithm`in e&&`extractable`in e,w=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,T=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&(C(e.sign)||S(e.sign))&&(C(e.encrypt)||S(e.encrypt)),E=e=>typeof e==`string`&&/-----BEGIN (PUBLIC|PRIVATE) KEY-----/.test(e),D=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e&&E(e.publicKey)&&E(e.privateKey),O=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&D(e.sign)&&D(e.encrypt),k=e=>typeof e==`object`&&!!e&&`~run`in e&&typeof e[`~run`]==`function`,A=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).length>0&&Object.values(e).every(k),j=e=>typeof e==`object`&&!!e&&`_def`in e,M=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(j),N=e=>typeof e==`function`&&e!==null&&`allows`in e&&`assert`in e,P=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(e=>typeof e==`object`&&`type`in e);Object.defineProperty(exports,`A`,{enumerable:!0,get:function(){return d}}),Object.defineProperty(exports,`C`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`D`,{enumerable:!0,get:function(){return i}}),Object.defineProperty(exports,`E`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`O`,{enumerable:!0,get:function(){return c}}),Object.defineProperty(exports,`S`,{enumerable:!0,get:function(){return u}}),Object.defineProperty(exports,`T`,{enumerable:!0,get:function(){return a}}),Object.defineProperty(exports,`_`,{enumerable:!0,get:function(){return k}}),Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return b}}),Object.defineProperty(exports,`b`,{enumerable:!0,get:function(){return j}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return w}}),Object.defineProperty(exports,`d`,{enumerable:!0,get:function(){return g}}),Object.defineProperty(exports,`f`,{enumerable:!0,get:function(){return x}}),Object.defineProperty(exports,`g`,{enumerable:!0,get:function(){return A}}),Object.defineProperty(exports,`h`,{enumerable:!0,get:function(){return P}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return T}}),Object.defineProperty(exports,`k`,{enumerable:!0,get:function(){return l}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return D}}),Object.defineProperty(exports,`m`,{enumerable:!0,get:function(){return _}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return C}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return O}}),Object.defineProperty(exports,`p`,{enumerable:!0,get:function(){return y}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return S}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return N}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return h}}),Object.defineProperty(exports,`v`,{enumerable:!0,get:function(){return p}}),Object.defineProperty(exports,`w`,{enumerable:!0,get:function(){return o}}),Object.defineProperty(exports,`x`,{enumerable:!0,get:function(){return`0.5.0`}}),Object.defineProperty(exports,`y`,{enumerable:!0,get:function(){return M}});
|
package/dist/client/index.cjs
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});const e=require(`../errors-
|
|
1
|
+
Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`}),require(`../identity-b8FCr0Oa.cjs`);const e=require(`../errors-DcK2ELlk.cjs`),t=require(`@aura-stack/router`).createClient,n=n=>{if(typeof window>`u`&&!n.baseURL)throw new e.t("`baseURL` is required when createAuthClient is used outside the browser.");let r=t({cache:`no-store`,credentials:`include`,baseURL:n.baseURL??window.location.origin,...n}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let n=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{...t,redirect:!1}})).json();return(t?.redirect??!0)&&typeof window<`u`&&n?.signInURL&&window.location.assign(n.signInURL),n}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let t=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:e?.redirectTo}})).json();return(e?.redirect??!0)&&typeof window<`u`&&t?.redirectURL&&window.location.assign(t.redirectURL),t}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for session update.`);let{session:a}=t??{};if(!a)return{success:!1,session:null};let o=a.user??{},s=await(await r.patch(`/session`,{body:{user:o,expires:a.expires?new Date(a.expires):void 0},headers:{"X-CSRF-Token":n}})).json();return(t.redirect??!0)&&typeof window<`u`&&s?.redirectURL&&window.location.assign(s.redirectURL),s}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return(t?.redirect??!0)&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};exports.createAuthClient=n;
|
package/dist/client/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { $ as LiteralUnion, O as UpdateSessionOptions, T as SignOutReturn, an as Session, b as SignInOptions, k as UpdateSessionReturn, ln as User, n as AuthClientOptions, un as BuiltInOAuthProvider, v as SignInCredentialsOptions, w as SignOutOptions, x as SignInReturn, y as SignInCredentialsReturn } from "../index-C9U6ICDT.js";
|
|
2
2
|
//#region src/client/client.d.ts
|
|
3
3
|
declare const createAuthClient: <DefaultUser extends User = User>(options: AuthClientOptions) => {
|
|
4
4
|
getSession: () => Promise<Session<DefaultUser> | null>;
|
package/dist/client/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{t as e}from"../errors-
|
|
1
|
+
import{t as e}from"../errors-Czt_w1t_.js";import{createClient as t}from"@aura-stack/router";const n=t,r=t=>{if(typeof window>`u`&&!t.baseURL)throw new e("`baseURL` is required when createAuthClient is used outside the browser.");let r=n({cache:`no-store`,credentials:`include`,baseURL:t.baseURL??window.location.origin,...t}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let n=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{...t,redirect:!1}})).json();return(t?.redirect??!0)&&typeof window<`u`&&n?.signInURL&&window.location.assign(n.signInURL),n}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let t=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:e?.redirectTo}})).json();return(e?.redirect??!0)&&typeof window<`u`&&t?.redirectURL&&window.location.assign(t.redirectURL),t}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for session update.`);let{session:a}=t??{};if(!a)return{success:!1,session:null};let o=a.user??{},s=await(await r.patch(`/session`,{body:{user:o,expires:a.expires?new Date(a.expires):void 0},headers:{"X-CSRF-Token":n}})).json();return(t.redirect??!0)&&typeof window<`u`&&s?.redirectURL&&window.location.assign(s.redirectURL),s}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return(t?.redirect??!0)&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};export{r as createAuthClient};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
require(`./identity-b8FCr0Oa.cjs`);const e=require(`./errors-DcK2ELlk.cjs`),t=require(`./env-7as-tgzO.cjs`),n=require(`./assert-hDwQ_SPO.cjs`);let r=require(`@aura-stack/jose/crypto`),i=require(`@aura-stack/jose/jose`),a=require(`@aura-stack/jose`);const o=e=>e?.jwt,s=e=>{let t=o(e),n={};t?.audience&&(n.aud=t.audience),t?.issuer&&(n.iss=t.issuer);let r=Math.floor(Date.now()/1e3);return t?.maxAge&&(n.exp=r+t.maxAge),t?.maxExpiration&&(n.mexp=r+t.maxExpiration),n},c=(e,t)=>({...s(t),...e}),l=(e,t)=>{let r={};return(n.p(e)||n.f(e))&&e?.jwt?.signingAlgorithm&&(r.alg=e.jwt.signingAlgorithm),{...r,...t}},u=(e,t)=>{let r={};return(n.a(e)||n.f(e))&&(e?.jwt?.keyAlgorithm&&(r.alg=e.jwt.keyAlgorithm),e?.jwt?.encryptionAlgorithm&&(r.enc=e.jwt.encryptionAlgorithm)),{...r,...t}},d=(e,t)=>{let r={};return(n.p(e)||n.f(e))&&(e?.jwt?.signingAlgorithm&&(r.algorithms=[e.jwt.signingAlgorithm]),r.issuer=e?.jwt?.issuer,r.audience=e?.jwt?.audience),{...r,...t}},f=(e,t)=>{let r={};return(n.a(e)||n.f(e))&&(e?.jwt?.keyAlgorithm&&(r.keyManagementAlgorithms=[e.jwt.keyAlgorithm]),e?.jwt?.encryptionAlgorithm&&(r.contentEncryptionAlgorithms=[e.jwt.encryptionAlgorithm]),r.issuer=e?.jwt?.issuer,r.audience=e?.jwt?.audience),{...r,...t}},p=t=>{let n=Math.floor(Date.now()/1e3);if(t.mexp&&typeof t.mexp==`number`&&n>t.mexp)throw new e.a(`TOKEN_EXPIRED`,`The token has expired based on its maxExpiration (mexp) claim.`)},m=async(r,i,o)=>{if(n.o(r)){if(!n.f(o))throw new e.i(`INVALID_PEM_KEY_PAIR`,`Multiples PEM Key Pairs from environment variables require 'sealed' JWT mode. For 'signed' or 'encrypted' modes, provide a single PEM key pair or a combined key object.`);let{sign:i,encrypt:a}=r,s=t.n(`SIGNING_ALG`)||t.n(`SIGNING_ALGORITHM`)||o?.jwt.signingAlgorithm||`RS256`,c=t.n(`ENCRYPTION_ALG`)||t.n(`ENCRYPTION_ALGORITHM`)||o?.jwt.keyAlgorithm||`RSA-OAEP-256`,l=await T(i,s),u=await T(a,c);return{jwsSecret:l,jweSecret:u,jwtSecret:{sign:l,encrypt:u}}}if(n.l(r)){if(n.f(o))throw new e.i(`INVALID_PEM_KEY_PAIR`,`Single PEM key pairs from environment variables require 'signed' or 'encrypted' JWT mode. For 'sealed' mode, provide separate signing and encryption keys or a combined key object.`);let{publicKey:i,privateKey:a}=await T(r,t.n(`ALGORITHM`)||t.n(`ALG`)||(n.p(o)?o?.jwt?.signingAlgorithm:void 0)||(n.a(o)?o?.jwt?.keyAlgorithm:void 0)||`RS256`);return{jwsSecret:{publicKey:i,privateKey:a},jweSecret:{publicKey:i,privateKey:a},jwtSecret:{sign:{publicKey:i,privateKey:a},encrypt:{publicKey:i,privateKey:a}}}}if(n.i(r))return{jwsSecret:r.sign,jweSecret:r.encrypt,jwtSecret:{sign:r.sign,encrypt:r.encrypt}};if(n.n(r)||n.r(r)||n.c(r))return{jwsSecret:r,jweSecret:r,jwtSecret:{sign:r,encrypt:r}};let[s,c]=await Promise.all([(0,a.createDeriveKey)(r,i,`aura:signing`),(0,a.createDeriveKey)(r,i,`aura:encryption`)]);return{jwsSecret:s,jweSecret:c,jwtSecret:{sign:s,encrypt:c}}},h=e=>{let n=t.n(`${e}${e&&`_`}PUBLIC_KEY`),r=t.n(`${e}${e&&`_`}PRIVATE_KEY`);return n&&r?{publicKey:n,privateKey:r}:null},g=n=>{if(n??=t.n(`SECRET`),n)return n;let r=h(``);if(r)return r;let i=h(`SIGNING`),a=h(`ENCRYPTION`);if(i&&a)return{sign:i,encrypt:a};throw new e.n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SECRET environment variable is not set and no secret was provided.`)},_=(n,r)=>{let i=g(n),o=t.n(`SALT`);if(!o)throw new e.n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SALT or AUTH_SALT environment variable is not set. A salt value is required for key derivation.`);try{(0,a.createSecret)(o)}catch(t){throw new e.n(`INVALID_SALT_SECRET_VALUE`,`AURA_AUTH_SALT/AUTH_SALT is invalid. It must be at least 32 bytes long and meet entropy requirements.`,{cause:t})}let s=(async()=>{let{jwsSecret:e,jweSecret:t,jwtSecret:n}=await m(i,o,r);return{jwt:(0,a.createJWT)(n),jws:(0,a.createJWS)(e),jwe:(0,a.createJWE)(t)}})();return{signJWS:async(e,t)=>{let{jws:n}=await s;return n.signJWS(c(e,r),l(r,t))},verifyJWS:async(e,t)=>{let{jws:n}=await s,i=await n.verifyJWS(e,d(r,t));return p(i),i},encryptJWE:async(e,t)=>{let{jwe:n}=await s;return n.encryptJWE(c(e,r),u(r,t))},decryptJWE:async(e,t)=>{let{jwe:n}=await s,i=await n.decryptJWE(e,f(r,t));return p(i),i},encodeJWT:async(e,t)=>{let{jwt:n}=await s;return await n.encodeJWT(c(e,r),{sign:l(r,t?.sign),encrypt:u(r,t?.encrypt)})},decodeJWT:async(e,t)=>{let{jwt:n}=await s,i=await n.decodeJWT(e,{verify:d(r,t?.verify),decrypt:f(r,t?.decrypt)});return p(i),i}}},v=(e=32)=>i.base64url.encode((0,r.getRandomBytes)(e)),y=async e=>{let t=await(0,r.getSubtleCrypto)().digest(`SHA-256`,r.encoder.encode(e));return i.base64url.encode(new Uint8Array(t))},b=async t=>{let n=t?void 0:Math.floor(Math.random()*65+32),r=t??v(n??64);if(r.length<43||r.length>128)throw new e.a(`PKCE_VERIFIER_INVALID`,`The code verifier must be between 43 and 128 characters in length.`);return{codeVerifier:r,codeChallenge:await y(r),method:`S256`}},x=async(e,t)=>{try{if(t)return await e.verifyJWS(t),t;let n=v(32);return e.signJWS({token:n})}catch{let t=v(32);return e.signJWS({token:t})}},S=async(t,r,i)=>{try{let a=await t.verifyJWS(r),o=await t.verifyJWS(i);if(!n.s(a))throw new e.a(`CSRF_TOKEN_INVALID`,`Cookie payload missing token field.`);if(!n.s(o))throw new e.a(`CSRF_TOKEN_INVALID`,`Header payload missing token field.`);if(!n.C(a.token.length,o.token.length)||!n.k(a.token,o.token))throw new e.a(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`);return!0}catch{throw new e.a(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`)}},C=async(e,t,n=1e5)=>{let a=(0,r.getSubtleCrypto)(),o=t?i.base64url.decode(t):(0,r.getRandomBytes)(16),s=await a.importKey(`raw`,r.encoder.encode(e),`PBKDF2`,!1,[`deriveBits`]),c=await a.deriveBits({name:`PBKDF2`,salt:o,iterations:n,hash:`SHA-256`},s,256),l=new Uint8Array(c),u=i.base64url.encode(l);return`pbkdf2-sha256:${n}:${i.base64url.encode(o)}:${u}`},w=async(e,t)=>{try{let r=t.split(`:`);if(r.length!==4)return!1;let[i,a,o]=r;if(i!==`pbkdf2-sha256`)return!1;let s=parseInt(a,10);if(isNaN(s))return!1;let[,,,c]=(await C(e,o,s)).split(`:`),[,,,l]=t.split(`:`);return!c||!l?!1:n.k(c,l)}catch{return!1}},T=async(e,t)=>{let n=await(0,i.importPKCS8)(e.privateKey,t,{extractable:!0});return{publicKey:await(0,i.importSPKI)(e.publicKey,t,{extractable:!0}),privateKey:n}},E=async(e,t)=>{let{publicKey:n,privateKey:r}=await(0,i.generateKeyPair)(e,t);return{publicKey:await(0,i.exportJWK)(n),privateKey:await(0,i.exportJWK)(r)}};Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return E}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return S}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return v}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return w}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return y}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return C}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return b}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return T}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return x}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return _}});
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import{a as e,i as t,n}from"./errors-Czt_w1t_.js";import{n as r}from"./env-CJtSi1eX.js";import{C as i,a,c as o,f as s,i as c,k as l,l as u,n as d,o as f,p,r as m,s as h}from"./assert-_fBNnaOk.js";import{encoder as g,getRandomBytes as _,getSubtleCrypto as v}from"@aura-stack/jose/crypto";import{base64url as y,exportJWK as b,generateKeyPair as x,generateKeyPair as S,importPKCS8 as C,importSPKI as w}from"@aura-stack/jose/jose";import{createDeriveKey as T,createJWE as E,createJWS as D,createJWT as O,createSecret as k}from"@aura-stack/jose";const A=e=>e?.jwt,j=e=>{let t=A(e),n={};t?.audience&&(n.aud=t.audience),t?.issuer&&(n.iss=t.issuer);let r=Math.floor(Date.now()/1e3);return t?.maxAge&&(n.exp=r+t.maxAge),t?.maxExpiration&&(n.mexp=r+t.maxExpiration),n},M=(e,t)=>({...j(t),...e}),N=(e,t)=>{let n={};return(p(e)||s(e))&&e?.jwt?.signingAlgorithm&&(n.alg=e.jwt.signingAlgorithm),{...n,...t}},P=(e,t)=>{let n={};return(a(e)||s(e))&&(e?.jwt?.keyAlgorithm&&(n.alg=e.jwt.keyAlgorithm),e?.jwt?.encryptionAlgorithm&&(n.enc=e.jwt.encryptionAlgorithm)),{...n,...t}},F=(e,t)=>{let n={};return(p(e)||s(e))&&(e?.jwt?.signingAlgorithm&&(n.algorithms=[e.jwt.signingAlgorithm]),n.issuer=e?.jwt?.issuer,n.audience=e?.jwt?.audience),{...n,...t}},I=(e,t)=>{let n={};return(a(e)||s(e))&&(e?.jwt?.keyAlgorithm&&(n.keyManagementAlgorithms=[e.jwt.keyAlgorithm]),e?.jwt?.encryptionAlgorithm&&(n.contentEncryptionAlgorithms=[e.jwt.encryptionAlgorithm]),n.issuer=e?.jwt?.issuer,n.audience=e?.jwt?.audience),{...n,...t}},L=t=>{let n=Math.floor(Date.now()/1e3);if(t.mexp&&typeof t.mexp==`number`&&n>t.mexp)throw new e(`TOKEN_EXPIRED`,`The token has expired based on its maxExpiration (mexp) claim.`)},R=async(e,n,i)=>{if(f(e)){if(!s(i))throw new t(`INVALID_PEM_KEY_PAIR`,`Multiples PEM Key Pairs from environment variables require 'sealed' JWT mode. For 'signed' or 'encrypted' modes, provide a single PEM key pair or a combined key object.`);let{sign:n,encrypt:a}=e,o=r(`SIGNING_ALG`)||r(`SIGNING_ALGORITHM`)||i?.jwt.signingAlgorithm||`RS256`,c=r(`ENCRYPTION_ALG`)||r(`ENCRYPTION_ALGORITHM`)||i?.jwt.keyAlgorithm||`RSA-OAEP-256`,l=await Y(n,o),u=await Y(a,c);return{jwsSecret:l,jweSecret:u,jwtSecret:{sign:l,encrypt:u}}}if(u(e)){if(s(i))throw new t(`INVALID_PEM_KEY_PAIR`,`Single PEM key pairs from environment variables require 'signed' or 'encrypted' JWT mode. For 'sealed' mode, provide separate signing and encryption keys or a combined key object.`);let{publicKey:n,privateKey:o}=await Y(e,r(`ALGORITHM`)||r(`ALG`)||(p(i)?i?.jwt?.signingAlgorithm:void 0)||(a(i)?i?.jwt?.keyAlgorithm:void 0)||`RS256`);return{jwsSecret:{publicKey:n,privateKey:o},jweSecret:{publicKey:n,privateKey:o},jwtSecret:{sign:{publicKey:n,privateKey:o},encrypt:{publicKey:n,privateKey:o}}}}if(c(e))return{jwsSecret:e.sign,jweSecret:e.encrypt,jwtSecret:{sign:e.sign,encrypt:e.encrypt}};if(d(e)||m(e)||o(e))return{jwsSecret:e,jweSecret:e,jwtSecret:{sign:e,encrypt:e}};let[l,h]=await Promise.all([T(e,n,`aura:signing`),T(e,n,`aura:encryption`)]);return{jwsSecret:l,jweSecret:h,jwtSecret:{sign:l,encrypt:h}}},z=e=>{let t=r(`${e}${e&&`_`}PUBLIC_KEY`),n=r(`${e}${e&&`_`}PRIVATE_KEY`);return t&&n?{publicKey:t,privateKey:n}:null},B=e=>{if(e??=r(`SECRET`),e)return e;let t=z(``);if(t)return t;let i=z(`SIGNING`),a=z(`ENCRYPTION`);if(i&&a)return{sign:i,encrypt:a};throw new n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SECRET environment variable is not set and no secret was provided.`)},V=(e,t)=>{let i=B(e),a=r(`SALT`);if(!a)throw new n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SALT or AUTH_SALT environment variable is not set. A salt value is required for key derivation.`);try{k(a)}catch(e){throw new n(`INVALID_SALT_SECRET_VALUE`,`AURA_AUTH_SALT/AUTH_SALT is invalid. It must be at least 32 bytes long and meet entropy requirements.`,{cause:e})}let o=(async()=>{let{jwsSecret:e,jweSecret:n,jwtSecret:r}=await R(i,a,t);return{jwt:O(r),jws:D(e),jwe:E(n)}})();return{signJWS:async(e,n)=>{let{jws:r}=await o;return r.signJWS(M(e,t),N(t,n))},verifyJWS:async(e,n)=>{let{jws:r}=await o,i=await r.verifyJWS(e,F(t,n));return L(i),i},encryptJWE:async(e,n)=>{let{jwe:r}=await o;return r.encryptJWE(M(e,t),P(t,n))},decryptJWE:async(e,n)=>{let{jwe:r}=await o,i=await r.decryptJWE(e,I(t,n));return L(i),i},encodeJWT:async(e,n)=>{let{jwt:r}=await o;return await r.encodeJWT(M(e,t),{sign:N(t,n?.sign),encrypt:P(t,n?.encrypt)})},decodeJWT:async(e,n)=>{let{jwt:r}=await o,i=await r.decodeJWT(e,{verify:F(t,n?.verify),decrypt:I(t,n?.decrypt)});return L(i),i}}},H=(e=32)=>y.encode(_(e)),U=async e=>{let t=await v().digest(`SHA-256`,g.encode(e));return y.encode(new Uint8Array(t))},W=async t=>{let n=t?void 0:Math.floor(Math.random()*65+32),r=t??H(n??64);if(r.length<43||r.length>128)throw new e(`PKCE_VERIFIER_INVALID`,`The code verifier must be between 43 and 128 characters in length.`);return{codeVerifier:r,codeChallenge:await U(r),method:`S256`}},G=async(e,t)=>{try{if(t)return await e.verifyJWS(t),t;let n=H(32);return e.signJWS({token:n})}catch{let t=H(32);return e.signJWS({token:t})}},K=async(t,n,r)=>{try{let a=await t.verifyJWS(n),o=await t.verifyJWS(r);if(!h(a))throw new e(`CSRF_TOKEN_INVALID`,`Cookie payload missing token field.`);if(!h(o))throw new e(`CSRF_TOKEN_INVALID`,`Header payload missing token field.`);if(!i(a.token.length,o.token.length)||!l(a.token,o.token))throw new e(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`);return!0}catch{throw new e(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`)}},q=async(e,t,n=1e5)=>{let r=v(),i=t?y.decode(t):_(16),a=await r.importKey(`raw`,g.encode(e),`PBKDF2`,!1,[`deriveBits`]),o=await r.deriveBits({name:`PBKDF2`,salt:i,iterations:n,hash:`SHA-256`},a,256),s=new Uint8Array(o),c=y.encode(s);return`pbkdf2-sha256:${n}:${y.encode(i)}:${c}`},J=async(e,t)=>{try{let n=t.split(`:`);if(n.length!==4)return!1;let[r,i,a]=n;if(r!==`pbkdf2-sha256`)return!1;let o=parseInt(i,10);if(isNaN(o))return!1;let[,,,s]=(await q(e,a,o)).split(`:`),[,,,c]=t.split(`:`);return!s||!c?!1:l(s,c)}catch{return!1}},Y=async(e,t)=>{let n=await C(e.privateKey,t,{extractable:!0});return{publicKey:await w(e.publicKey,t,{extractable:!0}),privateKey:n}},X=async(e,t)=>{let{publicKey:n,privateKey:r}=await x(e,t);return{publicKey:await b(n),privateKey:await b(r)}};export{H as a,Y as c,V as d,W as i,K as l,U as n,X as o,S as r,q as s,G as t,J as u};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const e=new Proxy({},{get(e,t){if(typeof t!=`string`)return;let n=e=>e&&Object.prototype.hasOwnProperty.call(e,t);try{if(typeof process<`u`&&n(process.env))return process.env[t];if(n({}.env))return{}.env[t];if(typeof Deno<`u`&&Deno.env?.get)return Deno.env.get(t);if(typeof Bun<`u`&&n(Bun.env))return Bun.env[t];let e=globalThis[t];return typeof e==`string`?e:void 0}catch{return}}}),t=t=>{let n=[`AURA_AUTH_${t.toUpperCase()}`,`AURA_${t.toUpperCase()}`,`AUTH_${t.toUpperCase()}`,t.toUpperCase()].find(t=>e[t]!==void 0);return n?e[n]:void 0},n=e=>{let n=t(e);if(n===void 0)return!1;let r=n.trim().toLowerCase();return!![`1`,`true`,`yes`,`on`,`debug`].includes(r)},r=(e,n=[])=>{let r=t(e);return r?r.split(/[,;\n]+/).map(e=>e.trim()).filter(Boolean):n};Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return n}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return t}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return e}});
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const e=new Proxy({},{get(e,t){if(typeof t!=`string`)return;let n=e=>e&&Object.prototype.hasOwnProperty.call(e,t);try{if(typeof process<`u`&&n(process.env))return process.env[t];if(n(import.meta.env))return import.meta.env[t];if(typeof Deno<`u`&&Deno.env?.get)return Deno.env.get(t);if(typeof Bun<`u`&&n(Bun.env))return Bun.env[t];let e=globalThis[t];return typeof e==`string`?e:void 0}catch{return}}}),t=t=>{let n=[`AURA_AUTH_${t.toUpperCase()}`,`AURA_${t.toUpperCase()}`,`AUTH_${t.toUpperCase()}`,t.toUpperCase()].find(t=>e[t]!==void 0);return n?e[n]:void 0},n=e=>{let n=t(e);if(n===void 0)return!1;let r=n.trim().toLowerCase();return!![`1`,`true`,`yes`,`on`,`debug`].includes(r)},r=(e,n=[])=>{let r=t(e);return r?r.split(/[,;\n]+/).map(e=>e.trim()).filter(Boolean):n};export{n as i,t as n,r,e as t};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const e=e=>`captureStackTrace`in e&&typeof e.captureStackTrace==`function`;var t=class extends Error{type=`OAUTH_PROTOCOL_ERROR`;error;errorURI;constructor(t,n,r,i){super(n,i),this.error=t,this.errorURI=r,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},n=class extends Error{type=`AUTH_INTERNAL_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},r=class extends Error{type=`AUTH_SECURITY_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},i=class extends Error{type=`AUTH_CLIENT_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},a=class extends Error{type=`AUTH_INVALID_CONFIGURATION_ERROR`;constructor(t,n){super(t,n),this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},o=class extends Error{type=`AUTH_VALIDATION_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},s=class extends Error{type=`JOSE_INITIALIZATION_FAILED`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}};const c=e=>e instanceof Error,l=e=>e instanceof t,u=e=>e instanceof n,d=e=>e instanceof r,f=e=>e instanceof i,p=e=>e instanceof o,m=e=>u(e)||d(e)||f(e)||p(e);export{r as a,m as c,p as d,c as f,s as i,u as l,n,o,l as p,a as r,t as s,i as t,d as u};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const e=e=>`captureStackTrace`in e&&typeof e.captureStackTrace==`function`;var t=class extends Error{type=`OAUTH_PROTOCOL_ERROR`;error;errorURI;constructor(t,n,r,i){super(n,i),this.error=t,this.errorURI=r,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},n=class extends Error{type=`AUTH_INTERNAL_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},r=class extends Error{type=`AUTH_SECURITY_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},i=class extends Error{type=`AUTH_CLIENT_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},a=class extends Error{type=`AUTH_INVALID_CONFIGURATION_ERROR`;constructor(t,n){super(t,n),this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},o=class extends Error{type=`AUTH_VALIDATION_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},s=class extends Error{type=`JOSE_INITIALIZATION_FAILED`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}};const c=e=>e instanceof Error,l=e=>e instanceof t,u=e=>e instanceof n,d=e=>e instanceof r,f=e=>e instanceof i,p=e=>e instanceof o,m=e=>u(e)||d(e)||f(e)||p(e);Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`d`,{enumerable:!0,get:function(){return p}}),Object.defineProperty(exports,`f`,{enumerable:!0,get:function(){return c}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return u}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return n}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return o}}),Object.defineProperty(exports,`p`,{enumerable:!0,get:function(){return l}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return a}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return t}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return i}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return d}});
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
var e=Object.create,t=Object.defineProperty,n=Object.getOwnPropertyDescriptor,r=Object.getOwnPropertyNames,i=Object.getPrototypeOf,a=Object.prototype.hasOwnProperty,o=(e,i,o,s)=>{if(i&&typeof i==`object`||typeof i==`function`)for(var c=r(i),l=0,u=c.length,d;l<u;l++)d=c[l],!a.call(e,d)&&d!==o&&t(e,d,{get:(e=>i[e]).bind(null,d),enumerable:!(s=n(i,d))||s.enumerable});return e},s=(n,r,a)=>(a=n==null?{}:e(i(n)),o(r||!n||!n.__esModule?t(a,`default`,{value:n,enumerable:!0}):a,n));const c=require(`./assert-hDwQ_SPO.cjs`);let l=require(`zod/v4`),u=require(`valibot`);u=s(u,1);let d=require(`arktype`),f=require(`typebox`);const p=l.z.object({sub:l.z.string(),name:l.z.string().nullable().optional(),image:l.z.string().nullable().optional(),email:l.z.email().nullable().optional()}),m=u.object({sub:u.string(),name:u.optional(u.nullable(u.string())),image:u.optional(u.nullable(u.string())),email:u.optional(u.nullable(u.pipe(u.string(),u.email())))}),h=(0,d.type)({sub:`string`,name:`string | null?`,image:`string | null?`,email:`string.email | null?`}),g=f.Type.Object({sub:f.Type.String(),name:f.Type.Optional(f.Type.Union([f.Type.String(),f.Type.Null()])),image:f.Type.Optional(f.Type.Union([f.Type.String(),f.Type.Null()])),email:f.Type.Optional(f.Type.Union([f.Type.String({format:`email`}),f.Type.Null()]))}),_=e=>c.t(e)?e:c.g(e)?u.object(e):c.y(e)?l.z.object(e):c.h(e)?f.Type.Object(e):l.z.object(e);Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return _}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return h}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return g}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return p}});
|