@aura-stack/next 0.1.0

package/dist/index.cjs

@@ -0,0 +1 @@
+Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});let e=require(`next/navigation`),t=require(`@aura-stack/react/server`),n=require(`next/headers`),r=require(`@aura-stack/react/cookies`);const i=async e=>{let t=await(0,n.cookies)(),i=e.getSetCookie();for(let e of i){let{name:n,value:i,...a}=(0,r.parseSetCookie)(e);t.set(n,i??``,a)}},a=({api:e})=>async t=>{try{let r=await e.getSession({...t,headers:await(0,n.headers)()});return r.success?r.session:null}catch{return console.error(`[error:server] getSession - Failed to retrieve session`),null}},o=({api:t})=>async(r,i)=>{let a=await t.signIn(r,{headers:await(0,n.headers)(),...i,redirect:!!i?.redirect});return i?.redirect===!1?a:a.success&&a.signInURL?(0,e.redirect)(a.signInURL):a},s=({api:t})=>async r=>{let a=await t.signInCredentials({headers:await(0,n.headers)(),...r,redirect:!!r.redirect});return await i(a.headers),a.success&&a.redirectURL?(0,e.redirect)(a.redirectURL):a},c=({api:t})=>async r=>{let a=await t.updateSession({headers:await(0,n.headers)(),...r,redirect:!!r.redirect,session:r.session});return await i(a.headers),a.success&&a.redirectURL?(0,e.redirect)(a.redirectURL):a},l=({api:t})=>async r=>{let a=await t.signOut({headers:await(0,n.headers)(),...r,redirect:!!r?.redirect});return await i(a.headers),a.success&&a.redirectURL?(0,e.redirect)(a.redirectURL):a},u=e=>({getSession:a(e),signIn:o(e),signInCredentials:s(e),updateSession:c(e),signOut:l(e)}),d=e=>{let n=(0,t.createAuth)(e);return{core:n,api:u(n),handlers:n.handlers}};exports.createAuth=d;

package/dist/index.d.ts

@@ -0,0 +1,41 @@
+import { t as core_d_exports } from "./core-BDwHYePg.js";
+import { a as NextUpdateSessionReturn, n as NextSignInReturn, r as NextSignOutReturn, t as NextSignInCredentials } from "./index-B0R6c-K9.js";
+import { c as Session$1, d as SignInCredentialsAPIOptions$1, h as UpdateSessionAPIOptions$1, i as GetSessionAPIOptions, l as SignInAPIOptions$1, n as BuiltInOAuthProvider, o as LiteralUnion, p as SignOutAPIOptions$1, s as Prettify$1, t as AuthInstance$1 } from "./index-eKek4f4_.js";
+import { AuthConfig as AuthConfig$1 } from "@aura-stack/react";
+import { Identities } from "@aura-stack/react/identity";
+import { FromShapeToObject } from "@aura-stack/react/types";
+
+//#region src/createAuth.d.ts
+declare const createAuth: <Identity extends Identities>(config: AuthConfig$1<Identity>) => {
+  /**
+   * The core auth instance. It can be used to advanced use cases, such as creating custom behaviors.
+   * For most use cases, the `api` property should be sufficient, as it provides a higher-level API for common authentication tasks.
+   */
+  core: AuthInstance$1<FromShapeToObject<Identity>>;
+  /**
+   * Built-in API functions for server-side operations related to the auth flows.
+   */
+  api: {
+    getSession: (options?: GetSessionAPIOptions) => Promise<Session$1<FromShapeToObject<Identity>> | null>;
+    signIn: <Options extends SignInAPIOptions$1>(provider: LiteralUnion<BuiltInOAuthProvider>, options?: Options | undefined) => Promise<NextSignInReturn<Options>>;
+    signInCredentials: <Options extends SignInCredentialsAPIOptions$1>(options: Options) => Promise<NextSignInCredentials<Options>>;
+    updateSession: <Options extends Prettify$1<Omit<UpdateSessionAPIOptions$1<FromShapeToObject<Identity>>, "headers"> & {
+      headers?: HeadersInit;
+    }>>(options: Options) => Promise<NextUpdateSessionReturn<Options, FromShapeToObject<Identity>>>;
+    signOut: <Options extends SignOutAPIOptions$1>(options?: Partial<Options> | undefined) => Promise<NextSignOutReturn<Options>>;
+  };
+  /**
+   * The handlers object contains the HTTP request handlers.
+   */
+  handlers: {
+    GET: (request: Request) => Response | Promise<Response>;
+    POST: (request: Request) => Response | Promise<Response>;
+    PATCH: (request: Request) => Response | Promise<Response>;
+    ALL: (request: Request) => Response | Promise<Response>;
+  };
+};
+type AuthConfig = core_d_exports.AuthConfig;
+type AuthInstance = core_d_exports.AuthInstance;
+type Session = core_d_exports.Session;
+type User = core_d_exports.User;
+export { type AuthConfig, type AuthInstance, type Session, type User, createAuth };

package/dist/index.js

@@ -0,0 +1 @@
+import{redirect as e}from"next/navigation";import{createAuth as t}from"@aura-stack/react/server";import{cookies as n,headers as r}from"next/headers";import{parseSetCookie as i}from"@aura-stack/react/cookies";const a=async e=>{let t=await n(),r=e.getSetCookie();for(let e of r){let{name:n,value:r,...a}=i(e);t.set(n,r??``,a)}},o=({api:e})=>async t=>{try{let n=await e.getSession({...t,headers:await r()});return n.success?n.session:null}catch{return console.error(`[error:server] getSession - Failed to retrieve session`),null}},s=({api:t})=>async(n,i)=>{let a=await t.signIn(n,{headers:await r(),...i,redirect:!!i?.redirect});return i?.redirect===!1?a:a.success&&a.signInURL?e(a.signInURL):a},c=({api:t})=>async n=>{let i=await t.signInCredentials({headers:await r(),...n,redirect:!!n.redirect});return await a(i.headers),i.success&&i.redirectURL?e(i.redirectURL):i},l=({api:t})=>async n=>{let i=await t.updateSession({headers:await r(),...n,redirect:!!n.redirect,session:n.session});return await a(i.headers),i.success&&i.redirectURL?e(i.redirectURL):i},u=({api:t})=>async n=>{let i=await t.signOut({headers:await r(),...n,redirect:!!n?.redirect});return await a(i.headers),i.success&&i.redirectURL?e(i.redirectURL):i},d=e=>({getSession:o(e),signIn:s(e),signInCredentials:c(e),updateSession:l(e),signOut:u(e)}),f=e=>{let n=t(e);return{core:n,api:d(n),handlers:n.handlers}};export{f as createAuth};

package/dist/oauth/atlassian.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/atlassian`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/atlassian.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/atlassian";

package/dist/oauth/atlassian.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/atlassian";export{};

package/dist/oauth/bitbucket.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/bitbucket`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/bitbucket.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/bitbucket";

package/dist/oauth/bitbucket.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/bitbucket";export{};

package/dist/oauth/click-up.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/click-up`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/click-up.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/click-up";

package/dist/oauth/click-up.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/click-up";export{};

package/dist/oauth/discord.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/discord`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/discord.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/discord";

package/dist/oauth/discord.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/discord";export{};

package/dist/oauth/dribbble.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/dribbble`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/dribbble.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/dribbble";

package/dist/oauth/dribbble.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/dribbble";export{};

package/dist/oauth/dropbox.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/dropbox`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/dropbox.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/dropbox";

package/dist/oauth/dropbox.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/dropbox";export{};

package/dist/oauth/figma.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/figma`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/figma.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/figma";

package/dist/oauth/figma.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/figma";export{};

package/dist/oauth/github.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/github`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/github.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/github";

package/dist/oauth/github.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/github";export{};

package/dist/oauth/gitlab.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/gitlab`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/gitlab.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/gitlab";

package/dist/oauth/gitlab.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/gitlab";export{};

package/dist/oauth/index.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/index`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/index.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/index";

package/dist/oauth/index.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/index";export{};

package/dist/oauth/mailchimp.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/mailchimp`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/mailchimp.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/mailchimp";

package/dist/oauth/mailchimp.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/mailchimp";export{};

package/dist/oauth/notion.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/notion`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/notion.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/notion";

package/dist/oauth/notion.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/notion";export{};

package/dist/oauth/pinterest.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/pinterest`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/pinterest.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/pinterest";

package/dist/oauth/pinterest.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/pinterest";export{};

package/dist/oauth/spotify.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/spotify`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/spotify.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/spotify";

package/dist/oauth/spotify.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/spotify";export{};

package/dist/oauth/strava.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/strava`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/strava.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/strava";

package/dist/oauth/strava.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/strava";export{};

package/dist/oauth/twitch.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/twitch`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/twitch.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/twitch";

package/dist/oauth/twitch.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/twitch";export{};

package/dist/oauth/x.cjs

@@ -0,0 +1 @@
+var e=require(`@aura-stack/react/oauth/x`);Object.keys(e).forEach(function(t){t!==`default`&&!Object.prototype.hasOwnProperty.call(exports,t)&&Object.defineProperty(exports,t,{enumerable:!0,get:function(){return e[t]}})});

package/dist/oauth/x.d.ts

@@ -0,0 +1 @@
+export * from "@aura-stack/react/oauth/x";

package/dist/oauth/x.js

@@ -0,0 +1 @@
+export*from"@aura-stack/react/oauth/x";export{};

package/dist/pages/index.cjs

@@ -0,0 +1 @@
+Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});let e=require(`@aura-stack/react/context`),t=require(`react/jsx-runtime`),n=require(`@aura-stack/react/server`),r=require(`next/router.js`);const i=e=>`${e.headers[`x-forwarded-proto`]??`http`}://${e.headers[`x-forwarded-host`]??e.headers.host}`,a=(e,t)=>{for(let[n,r]of t.entries())n.toLowerCase()===`set-cookie`?e.setHeader(`Set-Cookie`,t.getSetCookie()):e.setHeader(n,r)},o=e=>async(t,n)=>{let r=t.method??`GET`,o=e[r];if(!o)return n.status(405).json({error:`Method ${r} Not Allowed`});let s=new URL(t.url,i(t)),c=new Request(s,{method:r,headers:new Headers(t.headers),body:r!==`GET`&&r!==`HEAD`?t.body:void 0});try{let e=await o(c);e.status>=300&&e.status<400&&!t.url?.includes(`/auth/signIn/`)&&!t.url?.includes(`/auth/callback/`)&&e.headers.delete(`Location`),a(n,e.headers);let r=await e.json();return n.status(e.status).json(r)}catch{return n.status(500).json({error:`Internal Server Error`})}},s=e=>{let t=(0,n.createAuth)(e);return{...t,toHandler:o(t.handlers)}},c=({client:n,children:i,initialSession:a,redirect:o})=>{let s=(0,r.useRouter)();return(0,t.jsx)(e.AuthProvider,{client:n,initialSession:a,redirect:o??(e=>s.push(e)),children:i})};exports.AuthProvider=c,exports.createAuth=s;

package/dist/pages/index.d.ts

@@ -0,0 +1,346 @@
+import { t as core_d_exports } from "../core-BDwHYePg.js";
+import { _ as DecodeJWTOptions, a as GetSessionAPIReturn, d as SignInCredentialsAPIOptions, f as SignInCredentialsAPIReturn, g as UpdateSessionAPIReturn, h as UpdateSessionAPIOptions, i as GetSessionAPIOptions, l as SignInAPIOptions, m as SignOutAPIReturn, n as BuiltInOAuthProvider, o as LiteralUnion, p as SignOutAPIOptions, r as FromShapeToObject, u as SignInAPIReturn, v as EncodeJWTOptions, y as TypedJWTPayload } from "../index-eKek4f4_.js";
+import { AuthConfig as AuthConfig$1 } from "@aura-stack/react";
+import { AuthProviderProps } from "@aura-stack/react/context";
+import * as _$react_jsx_runtime0 from "react/jsx-runtime";
+import { Identities } from "@aura-stack/react/identity";
+import * as _$next from "next";
+
+//#region ../../node_modules/.deno/jose@6.2.2/node_modules/jose/dist/types/types.d.ts
+/** Generic JSON Web Key Parameters. */
+interface JWKParameters {
+  /** JWK "kty" (Key Type) Parameter */
+  kty?: string;
+  /**
+   * JWK "alg" (Algorithm) Parameter
+   *
+   * @see {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}
+   */
+  alg?: string;
+  /** JWK "key_ops" (Key Operations) Parameter */
+  key_ops?: string[];
+  /** JWK "ext" (Extractable) Parameter */
+  ext?: boolean;
+  /** JWK "use" (Public Key Use) Parameter */
+  use?: string;
+  /** JWK "x5c" (X.509 Certificate Chain) Parameter */
+  x5c?: string[];
+  /** JWK "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter */
+  x5t?: string;
+  /** JWK "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter */
+  'x5t#S256'?: string;
+  /** JWK "x5u" (X.509 URL) Parameter */
+  x5u?: string;
+  /** JWK "kid" (Key ID) Parameter */
+  kid?: string;
+}
+/**
+ * JSON Web Key ({@link https://www.rfc-editor.org/rfc/rfc7517 JWK}). "RSA", "EC", "OKP", "AKP", and
+ * "oct" key types are supported.
+ *
+ * @see {@link JWK_AKP_Public}
+ * @see {@link JWK_AKP_Private}
+ * @see {@link JWK_OKP_Public}
+ * @see {@link JWK_OKP_Private}
+ * @see {@link JWK_EC_Public}
+ * @see {@link JWK_EC_Private}
+ * @see {@link JWK_RSA_Public}
+ * @see {@link JWK_RSA_Private}
+ * @see {@link JWK_oct}
+ */
+interface JWK extends JWKParameters {
+  /**
+   * - EC JWK "crv" (Curve) Parameter
+   * - OKP JWK "crv" (The Subtype of Key Pair) Parameter
+   */
+  crv?: string;
+  /**
+   * - Private RSA JWK "d" (Private Exponent) Parameter
+   * - Private EC JWK "d" (ECC Private Key) Parameter
+   * - Private OKP JWK "d" (The Private Key) Parameter
+   */
+  d?: string;
+  /** Private RSA JWK "dp" (First Factor CRT Exponent) Parameter */
+  dp?: string;
+  /** Private RSA JWK "dq" (Second Factor CRT Exponent) Parameter */
+  dq?: string;
+  /** RSA JWK "e" (Exponent) Parameter */
+  e?: string;
+  /** Oct JWK "k" (Key Value) Parameter */
+  k?: string;
+  /** RSA JWK "n" (Modulus) Parameter */
+  n?: string;
+  /** Private RSA JWK "p" (First Prime Factor) Parameter */
+  p?: string;
+  /** Private RSA JWK "q" (Second Prime Factor) Parameter */
+  q?: string;
+  /** Private RSA JWK "qi" (First CRT Coefficient) Parameter */
+  qi?: string;
+  /**
+   * - EC JWK "x" (X Coordinate) Parameter
+   * - OKP JWK "x" (The public key) Parameter
+   */
+  x?: string;
+  /** EC JWK "y" (Y Coordinate) Parameter */
+  y?: string;
+  /** AKP JWK "pub" (Public Key) Parameter */
+  pub?: string;
+  /** AKP JWK "priv" (Private key) Parameter */
+  priv?: string;
+}
+/** Header Parameters common to JWE and JWS */
+interface JoseHeaderParameters {
+  /** "kid" (Key ID) Header Parameter */
+  kid?: string;
+  /** "x5t" (X.509 Certificate SHA-1 Thumbprint) Header Parameter */
+  x5t?: string;
+  /** "x5c" (X.509 Certificate Chain) Header Parameter */
+  x5c?: string[];
+  /** "x5u" (X.509 URL) Header Parameter */
+  x5u?: string;
+  /** "jku" (JWK Set URL) Header Parameter */
+  jku?: string;
+  /** "jwk" (JSON Web Key) Header Parameter */
+  jwk?: Pick<JWK, 'kty' | 'crv' | 'x' | 'y' | 'e' | 'n' | 'alg' | 'pub'>;
+  /** "typ" (Type) Header Parameter */
+  typ?: string;
+  /** "cty" (Content Type) Header Parameter */
+  cty?: string;
+}
+/** Recognized JWS Header Parameters, any other Header Members may also be present. */
+interface JWSHeaderParameters extends JoseHeaderParameters {
+  /**
+   * JWS "alg" (Algorithm) Header Parameter
+   *
+   * @see {@link https://github.com/panva/jose/issues/210#jws-alg Algorithm Key Requirements}
+   */
+  alg?: string;
+  /**
+   * This JWS Extension Header Parameter modifies the JWS Payload representation and the JWS Signing
+   * Input computation as per {@link https://www.rfc-editor.org/rfc/rfc7797 RFC7797}.
+   */
+  b64?: boolean;
+  /** JWS "crit" (Critical) Header Parameter */
+  crit?: string[];
+  /** Any other JWS Header member. */
+  [propName: string]: unknown;
+}
+/** Recognized JWE Header Parameters, any other Header members may also be present. */
+interface JWEHeaderParameters extends JoseHeaderParameters {
+  /**
+   * JWE "alg" (Algorithm) Header Parameter
+   *
+   * @see {@link https://github.com/panva/jose/issues/210#jwe-alg Algorithm Key Requirements}
+   */
+  alg?: string;
+  /**
+   * JWE "enc" (Encryption Algorithm) Header Parameter
+   *
+   * @see {@link https://github.com/panva/jose/issues/210#jwe-alg Algorithm Key Requirements}
+   */
+  enc?: string;
+  /** JWE "crit" (Critical) Header Parameter */
+  crit?: string[];
+  /**
+   * JWE "zip" (Compression Algorithm) Header Parameter.
+   *
+   * The only supported value is `"DEF"` (DEFLATE). Requires the `CompressionStream` /
+   * `DecompressionStream` APIs to be available in the runtime.
+   *
+   * @see {@link https://www.rfc-editor.org/rfc/rfc7516#section-4.1.3 JWE "zip" Header Parameter}
+   */
+  zip?: string;
+  /** Any other JWE Header member. */
+  [propName: string]: unknown;
+}
+/** Shared Interface with a "crit" property for all sign, verify, encrypt and decrypt operations. */
+interface CritOption {
+  /**
+   * An object with keys representing recognized "crit" (Critical) Header Parameter names. The value
+   * for those is either `true` or `false`. `true` when the Header Parameter MUST be integrity
+   * protected, `false` when it's irrelevant.
+   *
+   * This makes the "Extension Header Parameter "..." is not recognized" error go away.
+   *
+   * Use this when a given JWS/JWT/JWE profile requires the use of proprietary non-registered "crit"
+   * (Critical) Header Parameters. This will only make sure the Header Parameter is syntactically
+   * correct when provided and that it is optionally integrity protected. It will not process the
+   * Header Parameter in any way or reject the operation if it is missing. You MUST still verify the
+   * Header Parameter was present and process it according to the profile's validation steps after
+   * the operation succeeds.
+   *
+   * The JWS extension Header Parameter `b64` is always recognized and processed properly. No other
+   * registered Header Parameters that need this kind of default built-in treatment are currently
+   * available.
+   */
+  crit?: {
+    [propName: string]: boolean;
+  };
+}
+/** JWE Decryption options. */
+interface DecryptOptions extends CritOption {
+  /**
+   * A list of accepted JWE "alg" (Algorithm) Header Parameter values. By default all "alg"
+   * (Algorithm) Header Parameter values applicable for the used key/secret are allowed except for
+   * all PBES2 Key Management Algorithms, these need to be explicitly allowed using this option.
+   */
+  keyManagementAlgorithms?: string[];
+  /**
+   * A list of accepted JWE "enc" (Encryption Algorithm) Header Parameter values. By default all
+   * "enc" (Encryption Algorithm) values applicable for the used key/secret are allowed.
+   */
+  contentEncryptionAlgorithms?: string[];
+  /**
+   * (PBES2 Key Management Algorithms only) Maximum allowed "p2c" (PBES2 Count) Header Parameter
+   * value. The PBKDF2 iteration count defines the algorithm's computational expense. By default
+   * this value is set to 10000.
+   */
+  maxPBES2Count?: number;
+  /**
+   * Maximum allowed size (in bytes) of the decompressed plaintext when the JWE `"zip"` (Compression
+   * Algorithm) Header Parameter is present. By default this value is set to 250000 (250 KB). The
+   * value must be `0`, a positive safe integer, or `Infinity`.
+   *
+   * Set to `0` to reject all compressed JWEs during decryption.
+   *
+   * Set to `Infinity` to disable the decompressed size limit.
+   */
+  maxDecompressedLength?: number;
+}
+/** JWT Claims Set verification options. */
+interface JWTClaimVerificationOptions {
+  /**
+   * Expected JWT "aud" (Audience) Claim value(s).
+   *
+   * This option makes the JWT "aud" (Audience) Claim presence required.
+   */
+  audience?: string | string[];
+  /**
+   * Clock skew tolerance
+   *
+   * - In seconds when number (e.g. 5)
+   * - Resolved into a number of seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
+   *
+   * Used when validating the JWT "nbf" (Not Before) and "exp" (Expiration Time) claims, and when
+   * validating the "iat" (Issued At) claim if the {@link maxTokenAge `maxTokenAge` option} is set.
+   */
+  clockTolerance?: string | number;
+  /**
+   * Expected JWT "iss" (Issuer) Claim value(s).
+   *
+   * This option makes the JWT "iss" (Issuer) Claim presence required.
+   */
+  issuer?: string | string[];
+  /**
+   * Maximum time elapsed (in seconds) from the JWT "iat" (Issued At) Claim value.
+   *
+   * - In seconds when number (e.g. 5)
+   * - Resolved into a number of seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
+   *
+   * This option makes the JWT "iat" (Issued At) Claim presence required.
+   */
+  maxTokenAge?: string | number;
+  /**
+   * Expected JWT "sub" (Subject) Claim value.
+   *
+   * This option makes the JWT "sub" (Subject) Claim presence required.
+   */
+  subject?: string;
+  /**
+   * Expected JWT "typ" (Type) Header Parameter value.
+   *
+   * This option makes the JWT "typ" (Type) Header Parameter presence required.
+   */
+  typ?: string;
+  /** Date to use when comparing NumericDate claims, defaults to `new Date()`. */
+  currentDate?: Date;
+  /**
+   * Array of required Claim Names that must be present in the JWT Claims Set. Default is that: if
+   * the {@link issuer `issuer` option} is set, then JWT "iss" (Issuer) Claim must be present; if the
+   * {@link audience `audience` option} is set, then JWT "aud" (Audience) Claim must be present; if
+   * the {@link subject `subject` option} is set, then JWT "sub" (Subject) Claim must be present; if
+   * the {@link maxTokenAge `maxTokenAge` option} is set, then JWT "iat" (Issued At) Claim must be
+   * present.
+   */
+  requiredClaims?: string[];
+}
+/** JWS Verification options. */
+interface VerifyOptions extends CritOption {
+  /**
+   * A list of accepted JWS "alg" (Algorithm) Header Parameter values. By default all "alg"
+   * (Algorithm) values applicable for the used key/secret are allowed.
+   *
+   * > [!NOTE]\
+   * > Unsecured JWTs (`{ "alg": "none" }`) are never accepted by this API.
+   */
+  algorithms?: string[];
+}
+/** Recognized Compact JWS Header Parameters, any other Header Members may also be present. */
+interface CompactJWSHeaderParameters extends JWSHeaderParameters {
+  alg: string;
+}
+/** Recognized Signed JWT Header Parameters, any other Header Members may also be present. */
+interface JWTHeaderParameters extends CompactJWSHeaderParameters {
+  b64?: true;
+}
+//#endregion
+//#region ../../node_modules/.deno/jose@6.2.2/node_modules/jose/dist/types/jwt/verify.d.ts
+/** Combination of JWS Verification options and JWT Claims Set verification options. */
+interface JWTVerifyOptions extends VerifyOptions, JWTClaimVerificationOptions {}
+//#endregion
+//#region ../../node_modules/.deno/jose@6.2.2/node_modules/jose/dist/types/jwt/decrypt.d.ts
+/** Combination of JWE Decryption options and JWT Claims Set verification options. */
+interface JWTDecryptOptions extends DecryptOptions, JWTClaimVerificationOptions {}
+//#endregion
+//#region src/pages/createAuth.d.ts
+declare const createAuth: <Identity extends Identities>(config: AuthConfig$1<Identity>) => {
+  /**
+   * The handlers object contains the HTTP request handlers.
+   */
+  toHandler: (req: _$next.NextApiRequest, res: _$next.NextApiResponse) => Promise<void>;
+  api: {
+    getSession: (options: GetSessionAPIOptions) => Promise<GetSessionAPIReturn<FromShapeToObject<Identity>>>;
+    signIn: (oauth: LiteralUnion<BuiltInOAuthProvider>, options?: SignInAPIOptions) => Promise<SignInAPIReturn>;
+    signInCredentials: (options: SignInCredentialsAPIOptions) => Promise<SignInCredentialsAPIReturn>;
+    updateSession: (options: UpdateSessionAPIOptions<FromShapeToObject<Identity>>) => Promise<UpdateSessionAPIReturn<FromShapeToObject<Identity>>>;
+    signOut: (options: SignOutAPIOptions) => Promise<SignOutAPIReturn>;
+  };
+  jose: {
+    signJWS: (payload: TypedJWTPayload<Partial<FromShapeToObject<Identity>>>, options?: JWTHeaderParameters) => Promise<string>;
+    verifyJWS: (token: string, options?: JWTVerifyOptions) => Promise<TypedJWTPayload<FromShapeToObject<Identity>>>;
+    encryptJWE: (payload: TypedJWTPayload<Partial<FromShapeToObject<Identity>>>, options?: JWEHeaderParameters) => Promise<string>;
+    decryptJWE: (token: string, options?: JWTDecryptOptions) => Promise<TypedJWTPayload<FromShapeToObject<Identity>>>;
+    encodeJWT: (payload: TypedJWTPayload<Partial<FromShapeToObject<Identity>>>, options?: EncodeJWTOptions) => Promise<string>;
+    decodeJWT: (token: string, options?: DecodeJWTOptions) => Promise<TypedJWTPayload<FromShapeToObject<Identity>>>;
+  };
+  handlers: {
+    GET: (request: Request) => Response | Promise<Response>;
+    POST: (request: Request) => Response | Promise<Response>;
+    PATCH: (request: Request) => Response | Promise<Response>;
+    ALL: (request: Request) => Response | Promise<Response>;
+  };
+};
+//#endregion
+//#region src/pages/context.d.ts
+/**
+ * Wrapper component that provides authentication context for Next.js Pages Router applications.
+ * Falls back to `router.push` from `next/router` when no custom `redirect` prop is supplied.
+ *
+ * @example
+ * const client = createAuthClient({ baseURL: "http://localhost:3000" })
+ *
+ * <AuthProvider client={client}>
+ *   <App />
+ * </AuthProvider>
+ */
+declare const AuthProvider: ({
+  client,
+  children,
+  initialSession,
+  redirect
+}: AuthProviderProps) => _$react_jsx_runtime0.JSX.Element;
+type AuthConfig = core_d_exports.AuthConfig;
+type AuthInstance = core_d_exports.AuthInstance;
+type Session = core_d_exports.Session;
+type User = core_d_exports.User;
+export { type AuthConfig, type AuthInstance, AuthProvider, type AuthProviderProps, type Session, type User, createAuth };

package/dist/pages/index.js

@@ -0,0 +1 @@
+import{AuthProvider as e}from"@aura-stack/react/context";import{jsx as t}from"react/jsx-runtime";import{createAuth as n}from"@aura-stack/react/server";import{useRouter as r}from"next/router.js";const i=e=>`${e.headers[`x-forwarded-proto`]??`http`}://${e.headers[`x-forwarded-host`]??e.headers.host}`,a=(e,t)=>{for(let[n,r]of t.entries())n.toLowerCase()===`set-cookie`?e.setHeader(`Set-Cookie`,t.getSetCookie()):e.setHeader(n,r)},o=e=>async(t,n)=>{let r=t.method??`GET`,o=e[r];if(!o)return n.status(405).json({error:`Method ${r} Not Allowed`});let s=new URL(t.url,i(t)),c=new Request(s,{method:r,headers:new Headers(t.headers),body:r!==`GET`&&r!==`HEAD`?t.body:void 0});try{let e=await o(c);e.status>=300&&e.status<400&&!t.url?.includes(`/auth/signIn/`)&&!t.url?.includes(`/auth/callback/`)&&e.headers.delete(`Location`),a(n,e.headers);let r=await e.json();return n.status(e.status).json(r)}catch{return n.status(500).json({error:`Internal Server Error`})}},s=e=>{let t=n(e);return{...t,toHandler:o(t.handlers)}},c=({client:n,children:i,initialSession:a,redirect:o})=>{let s=r();return t(e,{client:n,initialSession:a,redirect:o??(e=>s.push(e)),children:i})};export{c as AuthProvider,s as createAuth};