@aura-stack/auth 0.6.0 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (73) hide show
  1. package/dist/@types/index.cjs +1 -0
  2. package/dist/@types/index.d.ts +2 -2
  3. package/dist/@types/index.js +1 -0
  4. package/dist/assert-DaZSf4SH.cjs +3 -0
  5. package/dist/assert-av6s0a6t.js +3 -0
  6. package/dist/client/index.cjs +1 -1
  7. package/dist/client/index.d.ts +1 -1
  8. package/dist/client/index.js +1 -1
  9. package/dist/crypto-BF4ETYC9.cjs +1 -0
  10. package/dist/crypto-D6aq4c8x.js +1 -0
  11. package/dist/env-BG1x-kSX.js +1 -0
  12. package/dist/env-BhQ2k7jj.cjs +1 -0
  13. package/dist/errors-Czt_w1t_.js +1 -0
  14. package/dist/errors-DcK2ELlk.cjs +1 -0
  15. package/dist/identity-n3aahaEr.cjs +1 -0
  16. package/dist/{index-BkpwQ0l4.d.cts → index-1ADcIVGC.d.ts} +822 -355
  17. package/dist/index.cjs +1 -1
  18. package/dist/index.d.ts +1 -1
  19. package/dist/index.js +1 -1
  20. package/dist/{logger-C59_CDMk.js → logger-BfUjjtxf.js} +1 -1
  21. package/dist/{logger-UnUhYL2V.cjs → logger-CVwkloPj.cjs} +1 -1
  22. package/dist/oauth/atlassian.d.ts +1 -1
  23. package/dist/oauth/bitbucket.d.ts +1 -1
  24. package/dist/oauth/click-up.cjs +1 -0
  25. package/dist/oauth/click-up.d.ts +2 -0
  26. package/dist/oauth/click-up.js +1 -0
  27. package/dist/oauth/discord.d.ts +1 -1
  28. package/dist/oauth/dribbble.cjs +1 -0
  29. package/dist/oauth/dribbble.d.ts +2 -0
  30. package/dist/oauth/dribbble.js +1 -0
  31. package/dist/oauth/dropbox.d.ts +1 -1
  32. package/dist/oauth/figma.d.ts +1 -1
  33. package/dist/oauth/github.d.ts +1 -1
  34. package/dist/oauth/gitlab.d.ts +1 -1
  35. package/dist/oauth/index.cjs +1 -1
  36. package/dist/oauth/index.d.ts +2 -2
  37. package/dist/oauth/index.js +1 -1
  38. package/dist/oauth/mailchimp.d.ts +1 -1
  39. package/dist/oauth/notion.cjs +1 -1
  40. package/dist/oauth/notion.d.ts +1 -1
  41. package/dist/oauth/notion.js +1 -1
  42. package/dist/oauth/pinterest.d.ts +1 -1
  43. package/dist/oauth/spotify.d.ts +1 -1
  44. package/dist/oauth/strava.d.ts +1 -1
  45. package/dist/oauth/twitch.cjs +1 -1
  46. package/dist/oauth/twitch.d.ts +1 -1
  47. package/dist/oauth/twitch.js +1 -1
  48. package/dist/oauth/x.d.ts +1 -1
  49. package/dist/shared/cookies.cjs +1 -0
  50. package/dist/shared/cookies.d.ts +1 -0
  51. package/dist/shared/cookies.js +1 -0
  52. package/dist/shared/crypto.cjs +1 -1
  53. package/dist/shared/crypto.d.ts +26 -2
  54. package/dist/shared/crypto.js +1 -1
  55. package/dist/shared/identity.cjs +1 -1
  56. package/dist/shared/identity.d.ts +2 -2
  57. package/dist/shared/identity.js +1 -1
  58. package/dist/shared/index.cjs +1 -1
  59. package/dist/shared/index.d.ts +1 -1
  60. package/dist/shared/index.js +1 -1
  61. package/package.json +28 -6
  62. package/dist/assert-B3iQSYlK.js +0 -3
  63. package/dist/assert-NJGroSJd.cjs +0 -3
  64. package/dist/crypto-Bz8nIciY.js +0 -1
  65. package/dist/crypto-CoXA5w_4.cjs +0 -1
  66. package/dist/env-bq387KyP.cjs +0 -1
  67. package/dist/env-nvh8QBNz.js +0 -1
  68. package/dist/errors-CCYPHuBO.cjs +0 -1
  69. package/dist/errors-DFWHOho6.js +0 -1
  70. package/dist/index-nqLV2t91.d.ts +0 -2279
  71. package/dist/index.d.cts +0 -2
  72. package/dist/oauth-BntNm6aE.cjs +0 -1
  73. package/dist/oauth-DmHy9VrB.js +0 -1
@@ -0,0 +1 @@
1
+ Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`}),require(`../identity-n3aahaEr.cjs`);let e=require(`zod/v4`);const t=e.z.union([(0,e.string)().url(),(0,e.object)({url:(0,e.string)().url(),params:(0,e.object)({owner:(0,e.string)().optional(),responseType:(0,e.enum)([`code`,`token`,`id_token`,`refresh_token`]).optional(),scope:(0,e.string)().optional()})})]),n=e.z.union([(0,e.string)().url(),(0,e.object)({url:(0,e.string)().url(),headers:e.z.record((0,e.string)(),(0,e.string)()).optional()})]),r=e.z.union([(0,e.string)().url(),(0,e.object)({url:(0,e.string)().url(),headers:e.z.record((0,e.string)(),(0,e.string)()).optional(),method:(0,e.string)().optional()})]),i=(0,e.object)({id:(0,e.string)(),name:(0,e.string)(),authorize:t.optional(),authorizeURL:(0,e.string)().url().optional(),accessToken:n,scope:(0,e.string)().optional(),userInfo:r,responseType:(0,e.enum)([`code`,`token`,`id_token`,`refresh_token`]).optional(),clientId:(0,e.string)(),clientSecret:(0,e.string)(),profile:e.z.function().optional()}),a=(0,e.object)({authorize:t.optional(),authorizeURL:(0,e.string)().url().optional(),accessToken:n,scope:(0,e.string)().optional(),userInfo:r,responseType:(0,e.enum)([`code`,`token`,`id_token`,`refresh_token`]).optional(),clientId:(0,e.string)(),clientSecret:(0,e.string)()}),o=a.extend({redirectURI:(0,e.string)(),state:(0,e.string)(),codeChallenge:(0,e.string)(),codeChallengeMethod:(0,e.enum)([`plain`,`S256`])});(0,e.object)({state:(0,e.string)({message:`Missing state parameter in the OAuth authorization response.`}),code:(0,e.string)({message:`Missing code parameter in the OAuth authorization response.`})});const s=(0,e.object)({error:(0,e.enum)([`invalid_request`,`unauthorized_client`,`access_denied`,`unsupported_response_type`,`invalid_scope`,`server_error`,`temporarily_unavailable`]),error_description:(0,e.string)().optional(),error_uri:(0,e.string)().optional(),state:(0,e.string)()});a.extend({redirectURI:(0,e.string)(),code:(0,e.string)(),codeVerifier:(0,e.string)().min(43).max(128)});const c=(0,e.object)({access_token:(0,e.string)(),token_type:(0,e.string)().optional(),expires_in:(0,e.number)().optional(),refresh_token:(0,e.string)().optional(),scope:(0,e.union)([(0,e.string)().optional().or((0,e.null)()),(0,e.array)((0,e.string)()).optional()])}),l=(0,e.object)({error:(0,e.enum)([`invalid_request`,`invalid_client`,`invalid_grant`,`unauthorized_client`,`unsupported_grant_type`,`invalid_scope`]),error_description:(0,e.string)().optional(),error_uri:(0,e.string)().optional()}),u=(0,e.object)({error:(0,e.string)(),error_description:(0,e.string)().optional()}),d=(0,e.object)({clientId:e.z.string().min(1,`OAuth Client ID is required in the environment variables.`),clientSecret:e.z.string().min(1,`OAuth Client Secret is required in the environment variables.`)}),f=(0,e.object)({redirect:e.z.stringbool().optional().default(!0),redirectTo:(0,e.string)().optional()}),p=(0,e.object)({username:(0,e.string)(),password:(0,e.string)()});exports.a=s,exports.c=i,exports.i=o,exports.l=f,exports.n=l,exports.o=d,exports.r=c,exports.s=u,exports.t=p;
@@ -1,2 +1,2 @@
1
- import { $ as JWTConfigBase, A as APIErrorMap, At as IdentityConfig, B as DeepPartial, Bt as SyslogOptions, C as SignOutAPIReturn, Ct as CookieName, D as UpdateSessionAPIReturn, Dt as CredentialsProvider, E as UpdateSessionAPIOptions, Et as CredentialsPayload, F as ErrorType, Ft as Logger, G as InferShape, Gt as OAuthProviderCredentials, H as EditableShape, Hn as UserShape, Ht as AuthorizeParams, I as OAuthError, It as RouterGlobalContext, J as Prettify, Jt as BuiltInOAuthProvider, K as LiteralUnion, Kt as OAuthProviderRecord, L as TokenRevocationError, Lt as SecureCookie, M as AuthInternalErrorCode, Mt as InternalLogger, N as AuthSecurityErrorCode, Nt as JoseInstance, O as UpdateSessionOptions, Ot as CredentialsProviderContext, P as AuthorizationError, Pt as LogLevel, Q as JWTConfig, Rt as Severity, S as SignOutAPIOptions, St as CookieConfig, T as SignOutReturn, Tt as CookieStrategyAttributes, U as InferAuthIdentity, Ut as OAuthProvider, V as DeepRequired, Vn as UserIdentityType, Vt as TrustedOrigin, W as InferIdentity, Wt as OAuthProviderConfig, X as CreateSessionStrategyOptions, Y as ShapeToObject, Z as GetStatelessSessionReturn, _ as SignInCredentialsAPIReturn, _t as User, a as OAuthEnv, at as JWTManager, b as SignInOptions, bt as AuthInstance, c as APIOptionsWithRequest, ct as JWTSignedMode, d as GetSessionAPIOptions, dt as KeyPair, et as JWTEncryptedMode, f as GetSessionAPIReturn, ft as SecretKey, g as SignInCredentialsAPIOptions, gt as StatelessStrategyConfig, h as SignInAPIReturn, ht as SessionStrategy, i as JWTStandardClaims, it as JWTKeyAlgorithm, j as AccessTokenError, jt as InternalContext, k as UpdateSessionReturn, kt as HostCookie, l as APIOptionsWithSkipCSRFCheck, lt as JWTSigningAlgorithm, m as SignInAPIOptions, mt as SessionConfig, n as AuthClientOptions, nt as JWTExpirationStrategy, o as TypedJWTPayload, ot as JWTMode, p as OptionsWithRedirectTo, pt as Session, q as Merge, qt as ResponseType, r as JWTPayloadWithToken, rt as JWTKey, s as APIOptionsWithRedirectTo, st as JWTSealedMode, t as AuthClient, tt as JWTEncryptionAlgorithm, u as FunctionAPIContext, ut as JWTStrategyOptions, v as SignInCredentialsOptions, vt as AuthAPI, w as SignOutOptions, wt as CookieStoreConfig, x as SignInReturn, xt as AuthRuntimeConfig, y as SignInCredentialsReturn, yt as AuthConfig, z as AuthResponse, zt as StandardCookie } from "../index-nqLV2t91.js";
2
- export { APIErrorMap, APIOptionsWithRedirectTo, APIOptionsWithRequest, APIOptionsWithSkipCSRFCheck, AccessTokenError, AuthAPI, AuthClient, AuthClientOptions, AuthConfig, AuthInstance, AuthInternalErrorCode, AuthResponse, AuthRuntimeConfig, AuthSecurityErrorCode, AuthorizationError, AuthorizeParams, BuiltInOAuthProvider, CookieConfig, CookieName, CookieStoreConfig, CookieStrategyAttributes, CreateSessionStrategyOptions, CredentialsPayload, CredentialsProvider, CredentialsProviderContext, DeepPartial, DeepRequired, EditableShape, ErrorType, FunctionAPIContext, GetSessionAPIOptions, GetSessionAPIReturn, GetStatelessSessionReturn, HostCookie, IdentityConfig, InferAuthIdentity, InferIdentity, InferShape, InternalContext, InternalLogger, JWTConfig, JWTConfigBase, JWTEncryptedMode, JWTEncryptionAlgorithm, JWTExpirationStrategy, JWTKey, JWTKeyAlgorithm, JWTManager, JWTMode, JWTPayloadWithToken, JWTSealedMode, JWTSignedMode, JWTSigningAlgorithm, JWTStandardClaims, JWTStrategyOptions, JoseInstance, KeyPair, LiteralUnion, LogLevel, Logger, Merge, OAuthEnv, OAuthError, OAuthProvider, OAuthProviderConfig, OAuthProviderCredentials, OAuthProviderRecord, OptionsWithRedirectTo, Prettify, ResponseType, RouterGlobalContext, SecretKey, SecureCookie, Session, SessionConfig, SessionStrategy, Severity, ShapeToObject, SignInAPIOptions, SignInAPIReturn, SignInCredentialsAPIOptions, SignInCredentialsAPIReturn, SignInCredentialsOptions, SignInCredentialsReturn, SignInOptions, SignInReturn, SignOutAPIOptions, SignOutAPIReturn, SignOutOptions, SignOutReturn, StandardCookie, StatelessStrategyConfig, SyslogOptions, TokenRevocationError, TrustedOrigin, TypedJWTPayload, UpdateSessionAPIOptions, UpdateSessionAPIReturn, UpdateSessionOptions, UpdateSessionReturn, User, UserIdentityType, UserShape };
1
+ import { $ as FromShapeToObject, $t as JWTEncryptionAlgorithm, A as UpdateSessionOptions, At as Logger, B as TokenRevocationError, Bt as OAuthProvider, C as SignOutAPIOptions, Ct as CredentialsProviderContext, D as SignOutReturnData, Dt as InternalLogger, E as SignOutReturn, Et as InternalContext, F as AuthInternalErrorCode, Ft as StandardCookie, G as DeepPartial, Gt as AsymmetricKeyPair, H as ArktypeShapeToObject, Ht as OAuthProviderCredentials, I as AuthSecurityErrorCode, It as SyslogOptions, J as EditableShapeArkType, Jt as CryptoSecret, K as DeepRequired, Kt as AsymmetricKeyPairFromEnv, L as AuthorizationError, Lt as TrustedOrigin, M as UpdateSessionReturnData, Mt as SchemaRegistryContext, N as APIErrorMap, Nt as SecureCookie, O as UpdateSessionAPIOptions, Ot as JoseInstance, P as AccessTokenError, Pt as Severity, Q as EditableUser, Qt as JWTEncryptedMode, R as ErrorType, Rt as TrustedProxyHeadersConfig, S as SignInReturn, Sr as UserShape, St as CredentialsProvider, T as SignOutOptions, Tt as IdentityConfig, U as AuthResponse, Ut as OAuthProviderRecord, Vt as OAuthProviderConfig, W as ConfigSchema, Wt as ResponseType, X as EditableShapeValibot, Xt as JWTConfig, Y as EditableShapeTypebox, Yt as GetStatelessSessionReturn, Z as EditableShapeZod, Zt as JWTConfigBase, _ as SignInCredentialsAPIReturn, _t as CookieConfig, a as OAuthEnv, an as JWTSealedMode, at as Prettify, b as SignInCredentialsReturnData, bt as CookieStrategyAttributes, c as APIOptionsWithRequest, cn as JWTStrategyOptions, ct as TypeboxShapeToObject, d as GetSessionAPIOptions, dn as SessionConfig, dt as Wrap, en as JWTExpirationStrategy, et as InferSession, f as GetSessionAPIReturn, fn as SessionStrategy, ft as ZodShapeToObject, g as SignInCredentialsAPIOptions, gt as AuthRuntimeConfig, h as SignInAPIReturn, hn as BuiltInOAuthProvider, ht as AuthInstance, i as JWTStandardClaims, in as JWTMode, it as Merge, j as UpdateSessionReturn, jt as RouterGlobalContext, k as UpdateSessionAPIReturn, kt as LogLevel, l as APIOptionsWithSkipCSRFCheck, ln as SecretKey, lt as UserFrom, m as SignInAPIOptions, mn as User, mt as AuthConfig, n as AuthClientOptions, nn as JWTKeyAlgorithm, nt as InferZodShape, o as TypedJWTPayload, on as JWTSignedMode, ot as RequiredKeys, p as OptionsWithRedirectTo, pn as StatelessStrategyConfig, pt as AuthAPI, q as EditableShape, qt as CreateSessionStrategyOptions, r as JWTPayloadWithToken, rn as JWTManager, rt as LiteralUnion, s as APIOptionsWithRedirectTo, sn as JWTSigningAlgorithm, st as SessionFrom, t as AuthClient, tn as JWTKey, tt as InferUser, u as FunctionAPIContext, un as Session, ut as ValibotShapeToObject, v as SignInCredentialsOptions, vt as CookieName, w as SignOutAPIReturn, wt as HostCookie, x as SignInOptions, xt as CredentialsPayload, y as SignInCredentialsReturn, yt as CookieStoreConfig, z as OAuthError, zt as AuthorizeParams } from "../index-1ADcIVGC.js";
2
+ export { APIErrorMap, APIOptionsWithRedirectTo, APIOptionsWithRequest, APIOptionsWithSkipCSRFCheck, AccessTokenError, ArktypeShapeToObject, AsymmetricKeyPair, AsymmetricKeyPairFromEnv, AuthAPI, AuthClient, AuthClientOptions, AuthConfig, AuthInstance, AuthInternalErrorCode, AuthResponse, AuthRuntimeConfig, AuthSecurityErrorCode, AuthorizationError, AuthorizeParams, BuiltInOAuthProvider, ConfigSchema, CookieConfig, CookieName, CookieStoreConfig, CookieStrategyAttributes, CreateSessionStrategyOptions, CredentialsPayload, CredentialsProvider, CredentialsProviderContext, CryptoSecret, DeepPartial, DeepRequired, EditableShape, EditableShapeArkType, EditableShapeTypebox, EditableShapeValibot, EditableShapeZod, EditableUser, ErrorType, FromShapeToObject, FunctionAPIContext, GetSessionAPIOptions, GetSessionAPIReturn, GetStatelessSessionReturn, HostCookie, IdentityConfig, InferSession, InferUser, InferZodShape, InternalContext, InternalLogger, JWTConfig, JWTConfigBase, JWTEncryptedMode, JWTEncryptionAlgorithm, JWTExpirationStrategy, JWTKey, JWTKeyAlgorithm, JWTManager, JWTMode, JWTPayloadWithToken, JWTSealedMode, JWTSignedMode, JWTSigningAlgorithm, JWTStandardClaims, JWTStrategyOptions, JoseInstance, LiteralUnion, LogLevel, Logger, Merge, OAuthEnv, OAuthError, OAuthProvider, OAuthProviderConfig, OAuthProviderCredentials, OAuthProviderRecord, OptionsWithRedirectTo, Prettify, RequiredKeys, ResponseType, RouterGlobalContext, SchemaRegistryContext, SecretKey, SecureCookie, Session, SessionConfig, SessionFrom, SessionStrategy, Severity, SignInAPIOptions, SignInAPIReturn, SignInCredentialsAPIOptions, SignInCredentialsAPIReturn, SignInCredentialsOptions, SignInCredentialsReturn, SignInCredentialsReturnData, SignInOptions, SignInReturn, SignOutAPIOptions, SignOutAPIReturn, SignOutOptions, SignOutReturn, SignOutReturnData, StandardCookie, StatelessStrategyConfig, SyslogOptions, TokenRevocationError, TrustedOrigin, TrustedProxyHeadersConfig, TypeboxShapeToObject, TypedJWTPayload, UpdateSessionAPIOptions, UpdateSessionAPIReturn, UpdateSessionOptions, UpdateSessionReturn, UpdateSessionReturnData, User, UserFrom, UserShape, ValibotShapeToObject, Wrap, ZodShapeToObject };
@@ -0,0 +1 @@
1
+ import{array as e,enum as t,null as n,number as r,object as i,string as a,union as o,z as s}from"zod/v4";const c=s.union([a().url(),i({url:a().url(),params:i({owner:a().optional(),responseType:t([`code`,`token`,`id_token`,`refresh_token`]).optional(),scope:a().optional()})})]),l=s.union([a().url(),i({url:a().url(),headers:s.record(a(),a()).optional()})]),u=s.union([a().url(),i({url:a().url(),headers:s.record(a(),a()).optional(),method:a().optional()})]),d=i({id:a(),name:a(),authorize:c.optional(),authorizeURL:a().url().optional(),accessToken:l,scope:a().optional(),userInfo:u,responseType:t([`code`,`token`,`id_token`,`refresh_token`]).optional(),clientId:a(),clientSecret:a(),profile:s.function().optional()}),f=i({authorize:c.optional(),authorizeURL:a().url().optional(),accessToken:l,scope:a().optional(),userInfo:u,responseType:t([`code`,`token`,`id_token`,`refresh_token`]).optional(),clientId:a(),clientSecret:a()}),p=f.extend({redirectURI:a(),state:a(),codeChallenge:a(),codeChallengeMethod:t([`plain`,`S256`])});i({state:a({message:`Missing state parameter in the OAuth authorization response.`}),code:a({message:`Missing code parameter in the OAuth authorization response.`})});const m=i({error:t([`invalid_request`,`unauthorized_client`,`access_denied`,`unsupported_response_type`,`invalid_scope`,`server_error`,`temporarily_unavailable`]),error_description:a().optional(),error_uri:a().optional(),state:a()});f.extend({redirectURI:a(),code:a(),codeVerifier:a().min(43).max(128)});const h=i({access_token:a(),token_type:a().optional(),expires_in:r().optional(),refresh_token:a().optional(),scope:o([a().optional().or(n()),e(a()).optional()])}),g=i({error:t([`invalid_request`,`invalid_client`,`invalid_grant`,`unauthorized_client`,`unsupported_grant_type`,`invalid_scope`]),error_description:a().optional(),error_uri:a().optional()}),_=i({error:a(),error_description:a().optional()}),v=i({clientId:s.string().min(1,`OAuth Client ID is required in the environment variables.`),clientSecret:s.string().min(1,`OAuth Client Secret is required in the environment variables.`)}),y=i({redirect:s.stringbool().optional().default(!0),redirectTo:a().optional()}),b=i({username:a(),password:a()});export{m as a,d as c,p as i,y as l,g as n,v as o,h as r,_ as s,b as t};
@@ -0,0 +1,3 @@
1
+ require(`./identity-n3aahaEr.cjs`);const e=require(`./errors-DcK2ELlk.cjs`),t=require(`./env-BhQ2k7jj.cjs`);require(`arktype`),require(`typebox`);let n=require(`@aura-stack/jose/crypto`);const r=(e,t)=>e===null||t===null||e===void 0||t===void 0?!1:e===t,i=(e,t)=>{let n=e instanceof Headers?e:e.headers,r=e instanceof Headers?null:e.url;return t?r?.startsWith(`https://`)||n.get(`X-Forwarded-Proto`)===`https`||(n.get(`Forwarded`)?.includes(`proto=https`)??!1):r?.startsWith(`https://`)??!1},a=e=>!e.issues||e.issues.length===0?{}:e.issues.reduce((e,t)=>{let n=t.path.join(`.`);return{...e,[n]:{code:t.code,message:t.message}}},{}),o=e=>{let t=e.match(/^https?:\/\/[a-zA-Z0-9_\-.]+(:\d+)?(\/.*)$/);return t&&t[2]?t[2]:`/`},s=e=>e instanceof Error?e.name:typeof e==`string`?e:`UnknownError`,c=e=>{try{if(e.length>2048)return null;e=e.replace(/\\/g,``);let t=e.match(/^(https?):\/\/([a-zA-Z0-9.*-]{1,253})(?::(\d{1,5}|\*))?(?:\/.*)?$/);if(!t)return null;let[,n,r,i]=t,a=r.includes(`*`);if(a&&!r.startsWith(`*.`)||a&&!r.startsWith(`*.`)||a&&r.slice(2).includes(`*`))return null;let o=(a?r.slice(2):r).replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),s=a?`[^.]+\\.${o}`:o,c=i===`*`?`:\\d{1,5}`:i?`:${i}`:``;return RegExp(`^${n}:\\/\\/${s}${c}$`)}catch{return null}},l=(e,t)=>{let r=n.encoder.encode(e),i=n.encoder.encode(t),a=Math.max(r.length,i.length),o=0;for(let e=0;e<a;e++)o|=(r[e]??0)^(i[e]??0);return o===0&&r.length===i.length},u=(r,i)=>{let a=t.n(r)??r,o=t.n(i)??i;if(!a||!o)throw new e.n(`INVALID_OAUTH_CONFIGURATION`,`Missing client credentials for OAuth provider configuration.`);let s=`${a}:${o}`,c=String.fromCharCode.apply(null,Array.from(n.encoder.encode(s)));return`Basic ${btoa(c)}`},d=(e,t)=>(new Headers(t).forEach((t,n)=>{e.has(n)||(n.toLowerCase()===`set-cookie`?e.append(n,t):e.set(n,t))}),e),f=[`<`,`>`,`"`,"`",` `,`\r`,`
2
+ `,` `,`\\`,`%2F`,`%5C`,`%2f`,`%5c`,`\r
3
+ `,`%0A`,`%0D`,`%0a`,`%0d`,`..`,`//`,`///`,`...`,`%20`,`\0`],p=e=>{if(!new RegExp(/^https?:\/\/[^/]/).test(e))return!1;let t=e.match(/^(https?:\/\/)(.*)$/);if(!t)return!1;let n=t[2];for(let e of f)if(n.includes(e))return!1;return/^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()?#*+,;=:@-]*)*\/?$/.test(t[0])},m=e=>typeof e==`object`&&!!e&&`token`in e&&typeof e?.token==`string`,h=e=>{if(e.length>100)return!1;for(let t of f)if(e.includes(t))return!1;return/^\/[a-zA-Z0-9\-_/.?&=#]*\/?$/.test(e)},g=(e,t)=>{let n=new URL(e),i=new URL(t);return r(n.origin,i.origin)},_=(e,t)=>{if(!p(e)||t.length===0)return!1;try{let n=new URL(e).origin;for(let e of t){if(c(e)?.test(n))return!0;try{if(p(e)&&r(new URL(e).origin,n))return!0}catch{}}}catch{}return!1},v=e=>e?.jwt?.mode??`sealed`,y=e=>v(e)===`signed`,b=e=>v(e)===`encrypted`,x=e=>v(e)===`sealed`,S=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,C=e=>typeof e==`object`&&!!e&&`algorithm`in e&&`extractable`in e,w=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,T=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&(C(e.sign)||S(e.sign))&&(C(e.encrypt)||S(e.encrypt)),E=e=>typeof e==`string`&&/-----BEGIN (PUBLIC|PRIVATE) KEY-----/.test(e),D=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e&&E(e.publicKey)&&E(e.privateKey),O=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&D(e.sign)&&D(e.encrypt),k=e=>typeof e==`object`&&!!e&&`~run`in e&&typeof e[`~run`]==`function`,A=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).length>0&&Object.values(e).every(k),j=e=>typeof e==`object`&&!!e&&`_def`in e,M=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(j),N=e=>typeof e==`function`&&e!==null&&`allows`in e&&`assert`in e,P=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(e=>typeof e==`object`&&`type`in e);Object.defineProperty(exports,`A`,{enumerable:!0,get:function(){return d}}),Object.defineProperty(exports,`C`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`D`,{enumerable:!0,get:function(){return i}}),Object.defineProperty(exports,`E`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`O`,{enumerable:!0,get:function(){return c}}),Object.defineProperty(exports,`S`,{enumerable:!0,get:function(){return u}}),Object.defineProperty(exports,`T`,{enumerable:!0,get:function(){return a}}),Object.defineProperty(exports,`_`,{enumerable:!0,get:function(){return k}}),Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return b}}),Object.defineProperty(exports,`b`,{enumerable:!0,get:function(){return j}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return w}}),Object.defineProperty(exports,`d`,{enumerable:!0,get:function(){return g}}),Object.defineProperty(exports,`f`,{enumerable:!0,get:function(){return x}}),Object.defineProperty(exports,`g`,{enumerable:!0,get:function(){return A}}),Object.defineProperty(exports,`h`,{enumerable:!0,get:function(){return P}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return T}}),Object.defineProperty(exports,`k`,{enumerable:!0,get:function(){return l}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return D}}),Object.defineProperty(exports,`m`,{enumerable:!0,get:function(){return _}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return C}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return O}}),Object.defineProperty(exports,`p`,{enumerable:!0,get:function(){return y}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return S}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return N}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return h}}),Object.defineProperty(exports,`v`,{enumerable:!0,get:function(){return p}}),Object.defineProperty(exports,`w`,{enumerable:!0,get:function(){return o}}),Object.defineProperty(exports,`x`,{enumerable:!0,get:function(){return`0.5.0`}}),Object.defineProperty(exports,`y`,{enumerable:!0,get:function(){return M}});
@@ -0,0 +1,3 @@
1
+ import{n as e}from"./errors-Czt_w1t_.js";import{n as t}from"./env-BG1x-kSX.js";import"arktype";import"typebox";import{encoder as n}from"@aura-stack/jose/crypto";const r=`0.5.0`,i=(e,t)=>e===null||t===null||e===void 0||t===void 0?!1:e===t,a=(e,t)=>{let n=e instanceof Headers?e:e.headers,r=e instanceof Headers?null:e.url;return t?r?.startsWith(`https://`)||n.get(`X-Forwarded-Proto`)===`https`||(n.get(`Forwarded`)?.includes(`proto=https`)??!1):r?.startsWith(`https://`)??!1},o=e=>!e.issues||e.issues.length===0?{}:e.issues.reduce((e,t)=>{let n=t.path.join(`.`);return{...e,[n]:{code:t.code,message:t.message}}},{}),s=e=>{let t=e.match(/^https?:\/\/[a-zA-Z0-9_\-.]+(:\d+)?(\/.*)$/);return t&&t[2]?t[2]:`/`},c=e=>e instanceof Error?e.name:typeof e==`string`?e:`UnknownError`,l=e=>{try{if(e.length>2048)return null;e=e.replace(/\\/g,``);let t=e.match(/^(https?):\/\/([a-zA-Z0-9.*-]{1,253})(?::(\d{1,5}|\*))?(?:\/.*)?$/);if(!t)return null;let[,n,r,i]=t,a=r.includes(`*`);if(a&&!r.startsWith(`*.`)||a&&!r.startsWith(`*.`)||a&&r.slice(2).includes(`*`))return null;let o=(a?r.slice(2):r).replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),s=a?`[^.]+\\.${o}`:o,c=i===`*`?`:\\d{1,5}`:i?`:${i}`:``;return RegExp(`^${n}:\\/\\/${s}${c}$`)}catch{return null}},u=(e,t)=>{let r=n.encode(e),i=n.encode(t),a=Math.max(r.length,i.length),o=0;for(let e=0;e<a;e++)o|=(r[e]??0)^(i[e]??0);return o===0&&r.length===i.length},d=(r,i)=>{let a=t(r)??r,o=t(i)??i;if(!a||!o)throw new e(`INVALID_OAUTH_CONFIGURATION`,`Missing client credentials for OAuth provider configuration.`);let s=`${a}:${o}`,c=String.fromCharCode.apply(null,Array.from(n.encode(s)));return`Basic ${btoa(c)}`},f=(e,t)=>(new Headers(t).forEach((t,n)=>{e.has(n)||(n.toLowerCase()===`set-cookie`?e.append(n,t):e.set(n,t))}),e),p=[`<`,`>`,`"`,"`",` `,`\r`,`
2
+ `,` `,`\\`,`%2F`,`%5C`,`%2f`,`%5c`,`\r
3
+ `,`%0A`,`%0D`,`%0a`,`%0d`,`..`,`//`,`///`,`...`,`%20`,`\0`],m=e=>{if(!new RegExp(/^https?:\/\/[^/]/).test(e))return!1;let t=e.match(/^(https?:\/\/)(.*)$/);if(!t)return!1;let n=t[2];for(let e of p)if(n.includes(e))return!1;return/^https?:\/\/(?:[a-zA-Z0-9._-]+|localhost|\[[0-9a-fA-F:]+\])(?::\d{1,5})?(?:\/[a-zA-Z0-9._~!$&'()?#*+,;=:@-]*)*\/?$/.test(t[0])},h=e=>typeof e==`object`&&!!e&&`token`in e&&typeof e?.token==`string`,g=e=>{if(e.length>100)return!1;for(let t of p)if(e.includes(t))return!1;return/^\/[a-zA-Z0-9\-_/.?&=#]*\/?$/.test(e)},_=(e,t)=>{let n=new URL(e),r=new URL(t);return i(n.origin,r.origin)},v=(e,t)=>{if(!m(e)||t.length===0)return!1;try{let n=new URL(e).origin;for(let e of t){if(l(e)?.test(n))return!0;try{if(m(e)&&i(new URL(e).origin,n))return!0}catch{}}}catch{}return!1},y=e=>e?.jwt?.mode??`sealed`,b=e=>y(e)===`signed`,x=e=>y(e)===`encrypted`,S=e=>y(e)===`sealed`,C=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,w=e=>typeof e==`object`&&!!e&&`algorithm`in e&&`extractable`in e,T=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e,E=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&(w(e.sign)||C(e.sign))&&(w(e.encrypt)||C(e.encrypt)),D=e=>typeof e==`string`&&/-----BEGIN (PUBLIC|PRIVATE) KEY-----/.test(e),O=e=>typeof e==`object`&&!!e&&`publicKey`in e&&`privateKey`in e&&D(e.publicKey)&&D(e.privateKey),k=e=>typeof e==`object`&&!!e&&`sign`in e&&`encrypt`in e&&O(e.sign)&&O(e.encrypt),A=e=>typeof e==`object`&&!!e&&`~run`in e&&typeof e[`~run`]==`function`,j=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).length>0&&Object.values(e).every(A),M=e=>typeof e==`object`&&!!e&&`_def`in e,N=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(M),P=e=>typeof e==`function`&&e!==null&&`allows`in e&&`assert`in e,F=e=>typeof e==`object`&&!!e&&!Array.isArray(e)&&Object.values(e).every(e=>typeof e==`object`&&`type`in e);export{f as A,i as C,a as D,c as E,l as O,d as S,o as T,A as _,x as a,M as b,T as c,_ as d,S as f,j as g,F as h,E as i,u as k,O as l,v as m,w as n,k as o,b as p,C as r,h as s,P as t,g as u,m as v,s as w,r as x,N as y};
@@ -1 +1 @@
1
- Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});const e=require(`../errors-CCYPHuBO.cjs`),t=require(`@aura-stack/router`).createClient,n=n=>{if(typeof window>`u`&&!n.baseURL)throw new e.t("`baseURL` is required when createAuthClient is used outside the browser.");let r=t({cache:`no-store`,credentials:`include`,baseURL:n.baseURL??window.location.origin,...n}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let n=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{...t,redirect:!1}})).json();return(t?.redirect??!0)&&typeof window<`u`&&n?.signInURL&&window.location.assign(n.signInURL),n}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let t=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:e?.redirectTo}})).json();return(e?.redirect??!0)&&typeof window<`u`&&t?.redirectURL&&window.location.assign(t.redirectURL),t}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for session update.`);let{session:a}=t??{};if(!a)return{success:!1,session:null};let o=a.user??{},s=await(await r.patch(`/session`,{body:{user:o,expires:a.expires?new Date(a.expires):void 0},headers:{"X-CSRF-Token":n}})).json();return(t.redirect??!0)&&typeof window<`u`&&s?.redirectURL&&window.location.assign(s.redirectURL),s}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return(t?.redirect??!0)&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};exports.createAuthClient=n;
1
+ Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`}),require(`../identity-n3aahaEr.cjs`);const e=require(`../errors-DcK2ELlk.cjs`),t=require(`@aura-stack/router`).createClient,n=n=>{if(typeof window>`u`&&!n.baseURL)throw new e.t("`baseURL` is required when createAuthClient is used outside the browser.");let r=t({cache:`no-store`,credentials:`include`,baseURL:n.baseURL??window.location.origin,...n}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let{redirectTo:n}=t??{},i=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{redirectTo:n,redirect:!1}})).json();return t?.redirect===!0&&typeof window<`u`&&i?.signInURL&&window.location.assign(i.signInURL),i}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let{redirectTo:t}=e??{},n=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:t,redirect:!1}})).json();return e?.redirect===!0&&typeof window<`u`&&n?.redirectURL&&window.location.assign(n.redirectURL),n}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for session update.`);let{session:a,redirectTo:o}=t??{};if(!a)return{success:!1,session:null};let s=a.user??{},c=await(await r.patch(`/session`,{body:{user:s,expires:a.expires?new Date(a.expires):void 0},searchParams:{redirectTo:o,redirect:!1},headers:{"X-CSRF-Token":n}})).json();return t?.redirect===!0&&typeof window<`u`&&c?.redirectURL&&window.location.assign(c.redirectURL),c}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e.t(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,redirect:!1,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return t?.redirect===!0&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};exports.createAuthClient=n;
@@ -1,4 +1,4 @@
1
- import { Jt as BuiltInOAuthProvider, K as LiteralUnion, O as UpdateSessionOptions, T as SignOutReturn, _t as User, b as SignInOptions, k as UpdateSessionReturn, n as AuthClientOptions, pt as Session, v as SignInCredentialsOptions, w as SignOutOptions, x as SignInReturn, y as SignInCredentialsReturn } from "../index-nqLV2t91.js";
1
+ import { A as UpdateSessionOptions, E as SignOutReturn, S as SignInReturn, T as SignOutOptions, hn as BuiltInOAuthProvider, j as UpdateSessionReturn, mn as User, n as AuthClientOptions, rt as LiteralUnion, un as Session, v as SignInCredentialsOptions, x as SignInOptions, y as SignInCredentialsReturn } from "../index-1ADcIVGC.js";
2
2
  //#region src/client/client.d.ts
3
3
  declare const createAuthClient: <DefaultUser extends User = User>(options: AuthClientOptions) => {
4
4
  getSession: () => Promise<Session<DefaultUser> | null>;
@@ -1 +1 @@
1
- import{t as e}from"../errors-DFWHOho6.js";import{createClient as t}from"@aura-stack/router";const n=t,r=t=>{if(typeof window>`u`&&!t.baseURL)throw new e("`baseURL` is required when createAuthClient is used outside the browser.");let r=n({cache:`no-store`,credentials:`include`,baseURL:t.baseURL??window.location.origin,...t}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let n=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{...t,redirect:!1}})).json();return(t?.redirect??!0)&&typeof window<`u`&&n?.signInURL&&window.location.assign(n.signInURL),n}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let t=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:e?.redirectTo}})).json();return(e?.redirect??!0)&&typeof window<`u`&&t?.redirectURL&&window.location.assign(t.redirectURL),t}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for session update.`);let{session:a}=t??{};if(!a)return{success:!1,session:null};let o=a.user??{},s=await(await r.patch(`/session`,{body:{user:o,expires:a.expires?new Date(a.expires):void 0},headers:{"X-CSRF-Token":n}})).json();return(t.redirect??!0)&&typeof window<`u`&&s?.redirectURL&&window.location.assign(s.redirectURL),s}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return(t?.redirect??!0)&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};export{r as createAuthClient};
1
+ import{t as e}from"../errors-Czt_w1t_.js";import{createClient as t}from"@aura-stack/router";const n=t,r=t=>{if(typeof window>`u`&&!t.baseURL)throw new e("`baseURL` is required when createAuthClient is used outside the browser.");let r=n({cache:`no-store`,credentials:`include`,baseURL:t.baseURL??window.location.origin,...t}),i=async()=>{try{let e=await r.get(`/csrfToken`);return e.ok?(await e.json()).csrfToken??null:null}catch(e){return console.error(`Error fetching CSRF token:`,e),null}};return{getSession:async()=>{try{let e=await r.get(`/session`);if(!e.ok)return null;let t=await e.json();return t.success?t.session:null}catch(e){return console.error(`Error fetching session:`,e),null}},signIn:async(e,t)=>{try{let{redirectTo:n}=t??{},i=await(await r.get(`/signIn/:oauth`,{params:{oauth:e},searchParams:{redirectTo:n,redirect:!1}})).json();return t?.redirect===!0&&typeof window<`u`&&i?.signInURL&&window.location.assign(i.signInURL),i}catch(e){return console.error(`Error during sign-in:`,e),{success:!1,redirect:!1,signInURL:`/`}}},signInCredentials:async e=>{try{let{redirectTo:t}=e??{},n=await(await r.post(`/signIn/credentials`,{body:e.payload,searchParams:{redirectTo:t,redirect:!1}})).json();return e?.redirect===!0&&typeof window<`u`&&n?.redirectURL&&window.location.assign(n.redirectURL),n}catch(e){return console.error(`Error during credentials sign-in:`,e),{success:!1,redirectURL:null}}},updateSession:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for session update.`);let{session:a,redirectTo:o}=t??{};if(!a)return{success:!1,session:null};let s=a.user??{},c=await(await r.patch(`/session`,{body:{user:s,expires:a.expires?new Date(a.expires):void 0},searchParams:{redirectTo:o,redirect:!1},headers:{"X-CSRF-Token":n}})).json();return t?.redirect===!0&&typeof window<`u`&&c?.redirectURL&&window.location.assign(c.redirectURL),c}catch(e){return console.error(`Error updating session:`,e),{success:!1,session:null}}},signOut:async t=>{try{let n=await i();if(!n)throw new e(`Failed to fetch CSRF token for sign-out.`);let a=await(await r.post(`/signOut`,{searchParams:{redirectTo:t?.redirectTo,redirect:!1,token_type_hint:`session_token`},headers:{"X-CSRF-Token":n}})).json();return t?.redirect===!0&&typeof window<`u`&&a?.redirectURL&&window.location.assign(a.redirectURL),a}catch(e){return console.error(`Error during sign-out:`,e),{success:!1,redirect:!1,redirectURL:`/`}}}}};export{r as createAuthClient};
@@ -0,0 +1 @@
1
+ require(`./identity-n3aahaEr.cjs`);const e=require(`./errors-DcK2ELlk.cjs`),t=require(`./env-BhQ2k7jj.cjs`),n=require(`./assert-DaZSf4SH.cjs`);let r=require(`@aura-stack/jose/crypto`),i=require(`@aura-stack/jose/jose`),a=require(`@aura-stack/jose`);const o=e=>e?.jwt,s=e=>{let t=o(e),n={};t?.audience&&(n.aud=t.audience),t?.issuer&&(n.iss=t.issuer);let r=Math.floor(Date.now()/1e3);return t?.maxAge&&(n.exp=r+t.maxAge),t?.maxExpiration&&(n.mexp=r+t.maxExpiration),n},c=(e,t)=>({...s(t),...e}),l=(e,t)=>{let r={};return(n.p(e)||n.f(e))&&e?.jwt?.signingAlgorithm&&(r.alg=e.jwt.signingAlgorithm),{...r,...t}},u=(e,t)=>{let r={};return(n.a(e)||n.f(e))&&(e?.jwt?.keyAlgorithm&&(r.alg=e.jwt.keyAlgorithm),e?.jwt?.encryptionAlgorithm&&(r.enc=e.jwt.encryptionAlgorithm)),{...r,...t}},d=(e,t)=>{let r={};return(n.p(e)||n.f(e))&&(e?.jwt?.signingAlgorithm&&(r.algorithms=[e.jwt.signingAlgorithm]),r.issuer=e?.jwt?.issuer,r.audience=e?.jwt?.audience),{...r,...t}},f=(e,t)=>{let r={};return(n.a(e)||n.f(e))&&(e?.jwt?.keyAlgorithm&&(r.keyManagementAlgorithms=[e.jwt.keyAlgorithm]),e?.jwt?.encryptionAlgorithm&&(r.contentEncryptionAlgorithms=[e.jwt.encryptionAlgorithm]),r.issuer=e?.jwt?.issuer,r.audience=e?.jwt?.audience),{...r,...t}},p=t=>{let n=Math.floor(Date.now()/1e3);if(t.mexp&&typeof t.mexp==`number`&&n>t.mexp)throw new e.a(`TOKEN_EXPIRED`,`The token has expired based on its maxExpiration (mexp) claim.`)},m=async(r,i,o)=>{if(n.o(r)){if(!n.f(o))throw new e.i(`INVALID_PEM_KEY_PAIR`,`Multiples PEM Key Pairs from environment variables require 'sealed' JWT mode. For 'signed' or 'encrypted' modes, provide a single PEM key pair or a combined key object.`);let{sign:i,encrypt:a}=r,s=t.n(`SIGNING_ALG`)||t.n(`SIGNING_ALGORITHM`)||o?.jwt.signingAlgorithm||`RS256`,c=t.n(`ENCRYPTION_ALG`)||t.n(`ENCRYPTION_ALGORITHM`)||o?.jwt.keyAlgorithm||`RSA-OAEP-256`,l=await T(i,s),u=await T(a,c);return{jwsSecret:l,jweSecret:u,jwtSecret:{sign:l,encrypt:u}}}if(n.l(r)){if(n.f(o))throw new e.i(`INVALID_PEM_KEY_PAIR`,`Single PEM key pairs from environment variables require 'signed' or 'encrypted' JWT mode. For 'sealed' mode, provide separate signing and encryption keys or a combined key object.`);let{publicKey:i,privateKey:a}=await T(r,t.n(`ALGORITHM`)||t.n(`ALG`)||(n.p(o)?o?.jwt?.signingAlgorithm:void 0)||(n.a(o)?o?.jwt?.keyAlgorithm:void 0)||`RS256`);return{jwsSecret:{publicKey:i,privateKey:a},jweSecret:{publicKey:i,privateKey:a},jwtSecret:{sign:{publicKey:i,privateKey:a},encrypt:{publicKey:i,privateKey:a}}}}if(n.i(r))return{jwsSecret:r.sign,jweSecret:r.encrypt,jwtSecret:{sign:r.sign,encrypt:r.encrypt}};if(n.n(r)||n.r(r)||n.c(r))return{jwsSecret:r,jweSecret:r,jwtSecret:{sign:r,encrypt:r}};let[s,c]=await Promise.all([(0,a.createDeriveKey)(r,i,`aura:signing`),(0,a.createDeriveKey)(r,i,`aura:encryption`)]);return{jwsSecret:s,jweSecret:c,jwtSecret:{sign:s,encrypt:c}}},h=e=>{let n=t.n(`${e}${e&&`_`}PUBLIC_KEY`),r=t.n(`${e}${e&&`_`}PRIVATE_KEY`);return n&&r?{publicKey:n,privateKey:r}:null},g=n=>{if(n??=t.n(`SECRET`),n)return n;let r=h(``);if(r)return r;let i=h(`SIGNING`),a=h(`ENCRYPTION`);if(i&&a)return{sign:i,encrypt:a};throw new e.n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SECRET environment variable is not set and no secret was provided.`)},_=(n,r)=>{let i=g(n),o=t.n(`SALT`);if(!o)throw new e.n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SALT or AUTH_SALT environment variable is not set. A salt value is required for key derivation.`);try{(0,a.createSecret)(o)}catch(t){throw new e.n(`INVALID_SALT_SECRET_VALUE`,`AURA_AUTH_SALT/AUTH_SALT is invalid. It must be at least 32 bytes long and meet entropy requirements.`,{cause:t})}let s=(async()=>{let{jwsSecret:e,jweSecret:t,jwtSecret:n}=await m(i,o,r);return{jwt:(0,a.createJWT)(n),jws:(0,a.createJWS)(e),jwe:(0,a.createJWE)(t)}})();return{signJWS:async(e,t)=>{let{jws:n}=await s;return n.signJWS(c(e,r),l(r,t))},verifyJWS:async(e,t)=>{let{jws:n}=await s,i=await n.verifyJWS(e,d(r,t));return p(i),i},encryptJWE:async(e,t)=>{let{jwe:n}=await s;return n.encryptJWE(c(e,r),u(r,t))},decryptJWE:async(e,t)=>{let{jwe:n}=await s,i=await n.decryptJWE(e,f(r,t));return p(i),i},encodeJWT:async(e,t)=>{let{jwt:n}=await s;return await n.encodeJWT(c(e,r),{sign:l(r,t?.sign),encrypt:u(r,t?.encrypt)})},decodeJWT:async(e,t)=>{let{jwt:n}=await s,i=await n.decodeJWT(e,{verify:d(r,t?.verify),decrypt:f(r,t?.decrypt)});return p(i),i}}},v=(e=32)=>i.base64url.encode((0,r.getRandomBytes)(e)),y=async e=>{let t=await(0,r.getSubtleCrypto)().digest(`SHA-256`,r.encoder.encode(e));return i.base64url.encode(new Uint8Array(t))},b=async t=>{let n=t?void 0:Math.floor(Math.random()*65+32),r=t??v(n??64);if(r.length<43||r.length>128)throw new e.a(`PKCE_VERIFIER_INVALID`,`The code verifier must be between 43 and 128 characters in length.`);return{codeVerifier:r,codeChallenge:await y(r),method:`S256`}},x=async(e,t)=>{try{if(t)return await e.verifyJWS(t),t;let n=v(32);return e.signJWS({token:n})}catch{let t=v(32);return e.signJWS({token:t})}},S=async(t,r,i)=>{try{let a=await t.verifyJWS(r),o=await t.verifyJWS(i);if(!n.s(a))throw new e.a(`CSRF_TOKEN_INVALID`,`Cookie payload missing token field.`);if(!n.s(o))throw new e.a(`CSRF_TOKEN_INVALID`,`Header payload missing token field.`);if(!n.C(a.token.length,o.token.length)||!n.k(a.token,o.token))throw new e.a(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`);return!0}catch{throw new e.a(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`)}},C=async(e,t,n=1e5)=>{let a=(0,r.getSubtleCrypto)(),o=t?i.base64url.decode(t):(0,r.getRandomBytes)(16),s=await a.importKey(`raw`,r.encoder.encode(e),`PBKDF2`,!1,[`deriveBits`]),c=await a.deriveBits({name:`PBKDF2`,salt:o,iterations:n,hash:`SHA-256`},s,256),l=new Uint8Array(c),u=i.base64url.encode(l);return`pbkdf2-sha256:${n}:${i.base64url.encode(o)}:${u}`},w=async(e,t)=>{try{let r=t.split(`:`);if(r.length!==4)return!1;let[i,a,o]=r;if(i!==`pbkdf2-sha256`)return!1;let s=parseInt(a,10);if(isNaN(s))return!1;let[,,,c]=(await C(e,o,s)).split(`:`),[,,,l]=t.split(`:`);return!c||!l?!1:n.k(c,l)}catch{return!1}},T=async(e,t)=>{let n=await(0,i.importPKCS8)(e.privateKey,t,{extractable:!0});return{publicKey:await(0,i.importSPKI)(e.publicKey,t,{extractable:!0}),privateKey:n}},E=async(e,t)=>{let{publicKey:n,privateKey:r}=await(0,i.generateKeyPair)(e,t);return{publicKey:await(0,i.exportJWK)(n),privateKey:await(0,i.exportJWK)(r)}};Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return E}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return S}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return v}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return w}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return y}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return C}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return b}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return T}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return x}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return _}});
@@ -0,0 +1 @@
1
+ import{a as e,i as t,n}from"./errors-Czt_w1t_.js";import{n as r}from"./env-BG1x-kSX.js";import{C as i,a,c as o,f as s,i as c,k as l,l as u,n as d,o as f,p,r as m,s as h}from"./assert-av6s0a6t.js";import{encoder as g,getRandomBytes as _,getSubtleCrypto as v}from"@aura-stack/jose/crypto";import{base64url as y,exportJWK as b,generateKeyPair as x,generateKeyPair as S,importPKCS8 as C,importSPKI as w}from"@aura-stack/jose/jose";import{createDeriveKey as T,createJWE as E,createJWS as D,createJWT as O,createSecret as k}from"@aura-stack/jose";const A=e=>e?.jwt,j=e=>{let t=A(e),n={};t?.audience&&(n.aud=t.audience),t?.issuer&&(n.iss=t.issuer);let r=Math.floor(Date.now()/1e3);return t?.maxAge&&(n.exp=r+t.maxAge),t?.maxExpiration&&(n.mexp=r+t.maxExpiration),n},M=(e,t)=>({...j(t),...e}),N=(e,t)=>{let n={};return(p(e)||s(e))&&e?.jwt?.signingAlgorithm&&(n.alg=e.jwt.signingAlgorithm),{...n,...t}},P=(e,t)=>{let n={};return(a(e)||s(e))&&(e?.jwt?.keyAlgorithm&&(n.alg=e.jwt.keyAlgorithm),e?.jwt?.encryptionAlgorithm&&(n.enc=e.jwt.encryptionAlgorithm)),{...n,...t}},F=(e,t)=>{let n={};return(p(e)||s(e))&&(e?.jwt?.signingAlgorithm&&(n.algorithms=[e.jwt.signingAlgorithm]),n.issuer=e?.jwt?.issuer,n.audience=e?.jwt?.audience),{...n,...t}},I=(e,t)=>{let n={};return(a(e)||s(e))&&(e?.jwt?.keyAlgorithm&&(n.keyManagementAlgorithms=[e.jwt.keyAlgorithm]),e?.jwt?.encryptionAlgorithm&&(n.contentEncryptionAlgorithms=[e.jwt.encryptionAlgorithm]),n.issuer=e?.jwt?.issuer,n.audience=e?.jwt?.audience),{...n,...t}},L=t=>{let n=Math.floor(Date.now()/1e3);if(t.mexp&&typeof t.mexp==`number`&&n>t.mexp)throw new e(`TOKEN_EXPIRED`,`The token has expired based on its maxExpiration (mexp) claim.`)},R=async(e,n,i)=>{if(f(e)){if(!s(i))throw new t(`INVALID_PEM_KEY_PAIR`,`Multiples PEM Key Pairs from environment variables require 'sealed' JWT mode. For 'signed' or 'encrypted' modes, provide a single PEM key pair or a combined key object.`);let{sign:n,encrypt:a}=e,o=r(`SIGNING_ALG`)||r(`SIGNING_ALGORITHM`)||i?.jwt.signingAlgorithm||`RS256`,c=r(`ENCRYPTION_ALG`)||r(`ENCRYPTION_ALGORITHM`)||i?.jwt.keyAlgorithm||`RSA-OAEP-256`,l=await Y(n,o),u=await Y(a,c);return{jwsSecret:l,jweSecret:u,jwtSecret:{sign:l,encrypt:u}}}if(u(e)){if(s(i))throw new t(`INVALID_PEM_KEY_PAIR`,`Single PEM key pairs from environment variables require 'signed' or 'encrypted' JWT mode. For 'sealed' mode, provide separate signing and encryption keys or a combined key object.`);let{publicKey:n,privateKey:o}=await Y(e,r(`ALGORITHM`)||r(`ALG`)||(p(i)?i?.jwt?.signingAlgorithm:void 0)||(a(i)?i?.jwt?.keyAlgorithm:void 0)||`RS256`);return{jwsSecret:{publicKey:n,privateKey:o},jweSecret:{publicKey:n,privateKey:o},jwtSecret:{sign:{publicKey:n,privateKey:o},encrypt:{publicKey:n,privateKey:o}}}}if(c(e))return{jwsSecret:e.sign,jweSecret:e.encrypt,jwtSecret:{sign:e.sign,encrypt:e.encrypt}};if(d(e)||m(e)||o(e))return{jwsSecret:e,jweSecret:e,jwtSecret:{sign:e,encrypt:e}};let[l,h]=await Promise.all([T(e,n,`aura:signing`),T(e,n,`aura:encryption`)]);return{jwsSecret:l,jweSecret:h,jwtSecret:{sign:l,encrypt:h}}},z=e=>{let t=r(`${e}${e&&`_`}PUBLIC_KEY`),n=r(`${e}${e&&`_`}PRIVATE_KEY`);return t&&n?{publicKey:t,privateKey:n}:null},B=e=>{if(e??=r(`SECRET`),e)return e;let t=z(``);if(t)return t;let i=z(`SIGNING`),a=z(`ENCRYPTION`);if(i&&a)return{sign:i,encrypt:a};throw new n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SECRET environment variable is not set and no secret was provided.`)},V=(e,t)=>{let i=B(e),a=r(`SALT`);if(!a)throw new n(`JOSE_INITIALIZATION_FAILED`,`AURA_AUTH_SALT or AUTH_SALT environment variable is not set. A salt value is required for key derivation.`);try{k(a)}catch(e){throw new n(`INVALID_SALT_SECRET_VALUE`,`AURA_AUTH_SALT/AUTH_SALT is invalid. It must be at least 32 bytes long and meet entropy requirements.`,{cause:e})}let o=(async()=>{let{jwsSecret:e,jweSecret:n,jwtSecret:r}=await R(i,a,t);return{jwt:O(r),jws:D(e),jwe:E(n)}})();return{signJWS:async(e,n)=>{let{jws:r}=await o;return r.signJWS(M(e,t),N(t,n))},verifyJWS:async(e,n)=>{let{jws:r}=await o,i=await r.verifyJWS(e,F(t,n));return L(i),i},encryptJWE:async(e,n)=>{let{jwe:r}=await o;return r.encryptJWE(M(e,t),P(t,n))},decryptJWE:async(e,n)=>{let{jwe:r}=await o,i=await r.decryptJWE(e,I(t,n));return L(i),i},encodeJWT:async(e,n)=>{let{jwt:r}=await o;return await r.encodeJWT(M(e,t),{sign:N(t,n?.sign),encrypt:P(t,n?.encrypt)})},decodeJWT:async(e,n)=>{let{jwt:r}=await o,i=await r.decodeJWT(e,{verify:F(t,n?.verify),decrypt:I(t,n?.decrypt)});return L(i),i}}},H=(e=32)=>y.encode(_(e)),U=async e=>{let t=await v().digest(`SHA-256`,g.encode(e));return y.encode(new Uint8Array(t))},W=async t=>{let n=t?void 0:Math.floor(Math.random()*65+32),r=t??H(n??64);if(r.length<43||r.length>128)throw new e(`PKCE_VERIFIER_INVALID`,`The code verifier must be between 43 and 128 characters in length.`);return{codeVerifier:r,codeChallenge:await U(r),method:`S256`}},G=async(e,t)=>{try{if(t)return await e.verifyJWS(t),t;let n=H(32);return e.signJWS({token:n})}catch{let t=H(32);return e.signJWS({token:t})}},K=async(t,n,r)=>{try{let a=await t.verifyJWS(n),o=await t.verifyJWS(r);if(!h(a))throw new e(`CSRF_TOKEN_INVALID`,`Cookie payload missing token field.`);if(!h(o))throw new e(`CSRF_TOKEN_INVALID`,`Header payload missing token field.`);if(!i(a.token.length,o.token.length)||!l(a.token,o.token))throw new e(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`);return!0}catch{throw new e(`CSRF_TOKEN_INVALID`,`The CSRF tokens do not match.`)}},q=async(e,t,n=1e5)=>{let r=v(),i=t?y.decode(t):_(16),a=await r.importKey(`raw`,g.encode(e),`PBKDF2`,!1,[`deriveBits`]),o=await r.deriveBits({name:`PBKDF2`,salt:i,iterations:n,hash:`SHA-256`},a,256),s=new Uint8Array(o),c=y.encode(s);return`pbkdf2-sha256:${n}:${y.encode(i)}:${c}`},J=async(e,t)=>{try{let n=t.split(`:`);if(n.length!==4)return!1;let[r,i,a]=n;if(r!==`pbkdf2-sha256`)return!1;let o=parseInt(i,10);if(isNaN(o))return!1;let[,,,s]=(await q(e,a,o)).split(`:`),[,,,c]=t.split(`:`);return!s||!c?!1:l(s,c)}catch{return!1}},Y=async(e,t)=>{let n=await C(e.privateKey,t,{extractable:!0});return{publicKey:await w(e.publicKey,t,{extractable:!0}),privateKey:n}},X=async(e,t)=>{let{publicKey:n,privateKey:r}=await x(e,t);return{publicKey:await b(n),privateKey:await b(r)}};export{H as a,Y as c,V as d,W as i,K as l,U as n,X as o,S as r,q as s,G as t,J as u};
@@ -0,0 +1 @@
1
+ const e=new Proxy({},{get(e,t){if(typeof t!=`string`)return;let n=e=>e&&Object.prototype.hasOwnProperty.call(e,t);try{if(typeof process<`u`&&n(process.env))return process.env[t];if(n(import.meta.env))return import.meta.env[t];if(typeof Deno<`u`&&Deno.env?.get)return Deno.env.get(t);if(typeof Bun<`u`&&n(Bun.env))return Bun.env[t];let e=globalThis[t];return typeof e==`string`?e:void 0}catch{return}}}),t=t=>{let n=[`AURA_AUTH_${t.toUpperCase()}`,`AURA_${t.toUpperCase()}`,`AUTH_${t.toUpperCase()}`,t.toUpperCase()].find(t=>e[t]!==void 0);return n?e[n]:void 0},n=e=>{let n=t(e);if(n===void 0)return!1;let r=n.trim().toLowerCase();return!![`1`,`true`,`yes`,`on`,`debug`].includes(r)},r=(e,n=[])=>{let r=t(e);return r?r.split(/[,;\n]+/).map(e=>e.trim()).filter(Boolean):n};export{n as i,t as n,r,e as t};
@@ -0,0 +1 @@
1
+ const e=new Proxy({},{get(e,t){if(typeof t!=`string`)return;let n=e=>e&&Object.prototype.hasOwnProperty.call(e,t);try{if(typeof process<`u`&&n(process.env))return process.env[t];if(n({}.env))return{}.env[t];if(typeof Deno<`u`&&Deno.env?.get)return Deno.env.get(t);if(typeof Bun<`u`&&n(Bun.env))return Bun.env[t];let e=globalThis[t];return typeof e==`string`?e:void 0}catch{return}}}),t=t=>{let n=[`AURA_AUTH_${t.toUpperCase()}`,`AURA_${t.toUpperCase()}`,`AUTH_${t.toUpperCase()}`,t.toUpperCase()].find(t=>e[t]!==void 0);return n?e[n]:void 0},n=e=>{let n=t(e);if(n===void 0)return!1;let r=n.trim().toLowerCase();return!![`1`,`true`,`yes`,`on`,`debug`].includes(r)},r=(e,n=[])=>{let r=t(e);return r?r.split(/[,;\n]+/).map(e=>e.trim()).filter(Boolean):n};Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return n}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return t}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return e}});
@@ -0,0 +1 @@
1
+ const e=e=>`captureStackTrace`in e&&typeof e.captureStackTrace==`function`;var t=class extends Error{type=`OAUTH_PROTOCOL_ERROR`;error;errorURI;constructor(t,n,r,i){super(n,i),this.error=t,this.errorURI=r,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},n=class extends Error{type=`AUTH_INTERNAL_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},r=class extends Error{type=`AUTH_SECURITY_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},i=class extends Error{type=`AUTH_CLIENT_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},a=class extends Error{type=`AUTH_INVALID_CONFIGURATION_ERROR`;constructor(t,n){super(t,n),this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},o=class extends Error{type=`AUTH_VALIDATION_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},s=class extends Error{type=`JOSE_INITIALIZATION_FAILED`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}};const c=e=>e instanceof Error,l=e=>e instanceof t,u=e=>e instanceof n,d=e=>e instanceof r,f=e=>e instanceof i,p=e=>e instanceof o,m=e=>u(e)||d(e)||f(e)||p(e);export{r as a,m as c,p as d,c as f,s as i,u as l,n,o,l as p,a as r,t as s,i as t,d as u};
@@ -0,0 +1 @@
1
+ const e=e=>`captureStackTrace`in e&&typeof e.captureStackTrace==`function`;var t=class extends Error{type=`OAUTH_PROTOCOL_ERROR`;error;errorURI;constructor(t,n,r,i){super(n,i),this.error=t,this.errorURI=r,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},n=class extends Error{type=`AUTH_INTERNAL_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},r=class extends Error{type=`AUTH_SECURITY_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},i=class extends Error{type=`AUTH_CLIENT_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},a=class extends Error{type=`AUTH_INVALID_CONFIGURATION_ERROR`;constructor(t,n){super(t,n),this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},o=class extends Error{type=`AUTH_VALIDATION_ERROR`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}},s=class extends Error{type=`JOSE_INITIALIZATION_FAILED`;code;constructor(t,n,r){super(n,r),this.code=t,this.name=new.target.name,e(Error)&&Error.captureStackTrace(this,new.target)}};const c=e=>e instanceof Error,l=e=>e instanceof t,u=e=>e instanceof n,d=e=>e instanceof r,f=e=>e instanceof i,p=e=>e instanceof o,m=e=>u(e)||d(e)||f(e)||p(e);Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return r}}),Object.defineProperty(exports,`c`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`d`,{enumerable:!0,get:function(){return p}}),Object.defineProperty(exports,`f`,{enumerable:!0,get:function(){return c}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`l`,{enumerable:!0,get:function(){return u}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return n}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return o}}),Object.defineProperty(exports,`p`,{enumerable:!0,get:function(){return l}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return a}}),Object.defineProperty(exports,`s`,{enumerable:!0,get:function(){return t}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return i}}),Object.defineProperty(exports,`u`,{enumerable:!0,get:function(){return d}});
@@ -0,0 +1 @@
1
+ var e=Object.create,t=Object.defineProperty,n=Object.getOwnPropertyDescriptor,r=Object.getOwnPropertyNames,i=Object.getPrototypeOf,a=Object.prototype.hasOwnProperty,o=(e,i,o,s)=>{if(i&&typeof i==`object`||typeof i==`function`)for(var c=r(i),l=0,u=c.length,d;l<u;l++)d=c[l],!a.call(e,d)&&d!==o&&t(e,d,{get:(e=>i[e]).bind(null,d),enumerable:!(s=n(i,d))||s.enumerable});return e},s=(n,r,a)=>(a=n==null?{}:e(i(n)),o(r||!n||!n.__esModule?t(a,`default`,{value:n,enumerable:!0}):a,n));const c=require(`./assert-DaZSf4SH.cjs`);let l=require(`zod/v4`),u=require(`arktype`),d=require(`typebox`),f=require(`valibot`);f=s(f,1);const p=l.z.object({sub:l.z.string(),name:l.z.string().nullable().optional(),image:l.z.string().nullable().optional(),email:l.z.email().nullable().optional()}),m=f.object({sub:f.string(),name:f.optional(f.nullable(f.string())),image:f.optional(f.nullable(f.string())),email:f.optional(f.nullable(f.pipe(f.string(),f.email())))}),h=(0,u.type)({sub:`string`,name:`string | null?`,image:`string | null?`,email:`string.email | null?`}),g=d.Type.Object({sub:d.Type.String(),name:d.Type.Optional(d.Type.Union([d.Type.String(),d.Type.Null()])),image:d.Type.Optional(d.Type.Union([d.Type.String(),d.Type.Null()])),email:d.Type.Optional(d.Type.Union([d.Type.String({format:`email`}),d.Type.Null()]))}),_=e=>c.t(e)?e:c.g(e)?f.object(e):c.y(e)?l.z.object(e):c.h(e)?d.Type.Object(e):l.z.object(e);Object.defineProperty(exports,`a`,{enumerable:!0,get:function(){return _}}),Object.defineProperty(exports,`i`,{enumerable:!0,get:function(){return m}}),Object.defineProperty(exports,`n`,{enumerable:!0,get:function(){return h}}),Object.defineProperty(exports,`o`,{enumerable:!0,get:function(){return s}}),Object.defineProperty(exports,`r`,{enumerable:!0,get:function(){return g}}),Object.defineProperty(exports,`t`,{enumerable:!0,get:function(){return p}});