@bajustone/fortress 1.0.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (465) hide show
  1. package/CHANGELOG.md +1011 -0
  2. package/LICENSE +21 -0
  3. package/README.md +760 -0
  4. package/SECURITY.md +197 -0
  5. package/bin/fortress.ts +667 -0
  6. package/dist/auth-service-BcyQ2PuZ.d.cts +307 -0
  7. package/dist/auth-service-BkzZkWfH.d.ts +307 -0
  8. package/dist/config-B2366s_G.d.ts +665 -0
  9. package/dist/config-GtlVt6ZD.d.cts +665 -0
  10. package/dist/convert-routes-BLCQT57f.d.ts +72 -0
  11. package/dist/convert-routes-BdMvP2_X.d.cts +72 -0
  12. package/dist/crypto.cjs +61 -0
  13. package/dist/crypto.d.cts +36 -0
  14. package/dist/crypto.d.ts +36 -0
  15. package/dist/crypto.js +35 -0
  16. package/dist/drift-BT1wtMDJ.d.cts +22 -0
  17. package/dist/drift-k9LiYpRP.d.ts +22 -0
  18. package/dist/drizzle/pg.cjs +481 -0
  19. package/dist/drizzle/pg.d.cts +15 -0
  20. package/dist/drizzle/pg.d.ts +15 -0
  21. package/dist/drizzle/pg.js +454 -0
  22. package/dist/drizzle.cjs +1442 -0
  23. package/dist/drizzle.d.cts +85 -0
  24. package/dist/drizzle.d.ts +85 -0
  25. package/dist/drizzle.js +1411 -0
  26. package/dist/express.cjs +1357 -0
  27. package/dist/express.d.cts +333 -0
  28. package/dist/express.d.ts +333 -0
  29. package/dist/express.js +1314 -0
  30. package/dist/fetcher.cjs +77 -0
  31. package/dist/fetcher.d.cts +7 -0
  32. package/dist/fetcher.d.ts +7 -0
  33. package/dist/fetcher.js +41 -0
  34. package/dist/fortress-BmSvFfqK.d.cts +1089 -0
  35. package/dist/fortress-uA-_cheR.d.ts +1089 -0
  36. package/dist/hono.cjs +1530 -0
  37. package/dist/hono.d.cts +514 -0
  38. package/dist/hono.d.ts +514 -0
  39. package/dist/hono.js +1483 -0
  40. package/dist/index-CxEkfCA0.d.cts +77 -0
  41. package/dist/index-CxEkfCA0.d.ts +77 -0
  42. package/dist/index-D054pcb-.d.cts +146 -0
  43. package/dist/index-jAMbbUAY.d.ts +146 -0
  44. package/dist/index.cjs +9046 -0
  45. package/dist/index.d.cts +717 -0
  46. package/dist/index.d.ts +717 -0
  47. package/dist/index.js +8935 -0
  48. package/dist/jwt.cjs +255 -0
  49. package/dist/jwt.d.cts +90 -0
  50. package/dist/jwt.d.ts +90 -0
  51. package/dist/jwt.js +227 -0
  52. package/dist/otel.cjs +108 -0
  53. package/dist/otel.d.cts +62 -0
  54. package/dist/otel.d.ts +62 -0
  55. package/dist/otel.js +73 -0
  56. package/dist/plugins/account-lockout.cjs +322 -0
  57. package/dist/plugins/account-lockout.d.cts +42 -0
  58. package/dist/plugins/account-lockout.d.ts +42 -0
  59. package/dist/plugins/account-lockout.js +295 -0
  60. package/dist/plugins/admin.cjs +2378 -0
  61. package/dist/plugins/admin.d.cts +72 -0
  62. package/dist/plugins/admin.d.ts +72 -0
  63. package/dist/plugins/admin.js +2351 -0
  64. package/dist/plugins/api-key.cjs +792 -0
  65. package/dist/plugins/api-key.d.cts +121 -0
  66. package/dist/plugins/api-key.d.ts +121 -0
  67. package/dist/plugins/api-key.js +765 -0
  68. package/dist/plugins/audit-log.cjs +493 -0
  69. package/dist/plugins/audit-log.d.cts +86 -0
  70. package/dist/plugins/audit-log.d.ts +86 -0
  71. package/dist/plugins/audit-log.js +468 -0
  72. package/dist/plugins/data-isolation.cjs +211 -0
  73. package/dist/plugins/data-isolation.d.cts +49 -0
  74. package/dist/plugins/data-isolation.d.ts +49 -0
  75. package/dist/plugins/data-isolation.js +186 -0
  76. package/dist/plugins/email-verification.cjs +273 -0
  77. package/dist/plugins/email-verification.d.cts +44 -0
  78. package/dist/plugins/email-verification.d.ts +44 -0
  79. package/dist/plugins/email-verification.js +246 -0
  80. package/dist/plugins/magic-link.cjs +231 -0
  81. package/dist/plugins/magic-link.d.cts +39 -0
  82. package/dist/plugins/magic-link.d.ts +39 -0
  83. package/dist/plugins/magic-link.js +204 -0
  84. package/dist/plugins/oauth.cjs +1696 -0
  85. package/dist/plugins/oauth.d.cts +406 -0
  86. package/dist/plugins/oauth.d.ts +406 -0
  87. package/dist/plugins/oauth.js +1669 -0
  88. package/dist/plugins/openapi.cjs +1185 -0
  89. package/dist/plugins/openapi.d.cts +6 -0
  90. package/dist/plugins/openapi.d.ts +6 -0
  91. package/dist/plugins/openapi.js +1158 -0
  92. package/dist/plugins/rate-limit/express.cjs +55 -0
  93. package/dist/plugins/rate-limit/express.d.cts +64 -0
  94. package/dist/plugins/rate-limit/express.d.ts +64 -0
  95. package/dist/plugins/rate-limit/express.js +30 -0
  96. package/dist/plugins/rate-limit/hono.cjs +51 -0
  97. package/dist/plugins/rate-limit/hono.d.cts +59 -0
  98. package/dist/plugins/rate-limit/hono.d.ts +59 -0
  99. package/dist/plugins/rate-limit/hono.js +26 -0
  100. package/dist/plugins/rate-limit/sveltekit.cjs +49 -0
  101. package/dist/plugins/rate-limit/sveltekit.d.cts +59 -0
  102. package/dist/plugins/rate-limit/sveltekit.d.ts +59 -0
  103. package/dist/plugins/rate-limit/sveltekit.js +24 -0
  104. package/dist/plugins/rate-limit.cjs +354 -0
  105. package/dist/plugins/rate-limit.d.cts +140 -0
  106. package/dist/plugins/rate-limit.d.ts +140 -0
  107. package/dist/plugins/rate-limit.js +325 -0
  108. package/dist/plugins/social-login.cjs +905 -0
  109. package/dist/plugins/social-login.d.cts +114 -0
  110. package/dist/plugins/social-login.d.ts +114 -0
  111. package/dist/plugins/social-login.js +880 -0
  112. package/dist/plugins/tenancy.cjs +780 -0
  113. package/dist/plugins/tenancy.d.cts +108 -0
  114. package/dist/plugins/tenancy.d.ts +108 -0
  115. package/dist/plugins/tenancy.js +753 -0
  116. package/dist/plugins/two-factor.cjs +555 -0
  117. package/dist/plugins/two-factor.d.cts +67 -0
  118. package/dist/plugins/two-factor.d.ts +67 -0
  119. package/dist/plugins/two-factor.js +526 -0
  120. package/dist/plugins/webauthn.cjs +786 -0
  121. package/dist/plugins/webauthn.d.cts +72 -0
  122. package/dist/plugins/webauthn.d.ts +72 -0
  123. package/dist/plugins/webauthn.js +766 -0
  124. package/dist/plugins/webhook.cjs +819 -0
  125. package/dist/plugins/webhook.d.cts +254 -0
  126. package/dist/plugins/webhook.d.ts +254 -0
  127. package/dist/plugins/webhook.js +789 -0
  128. package/dist/protect-D1v_0upK.d.cts +123 -0
  129. package/dist/protect-DsxV_-dJ.d.ts +123 -0
  130. package/dist/sveltekit.cjs +1258 -0
  131. package/dist/sveltekit.d.cts +420 -0
  132. package/dist/sveltekit.d.ts +420 -0
  133. package/dist/sveltekit.js +1207 -0
  134. package/dist/testing.cjs +4294 -0
  135. package/dist/testing.d.cts +197 -0
  136. package/dist/testing.d.ts +197 -0
  137. package/dist/testing.js +4264 -0
  138. package/dist/types-et0R8tsC.d.cts +217 -0
  139. package/dist/types-et0R8tsC.d.ts +217 -0
  140. package/docs/adapter-typed-helpers.md +192 -0
  141. package/docs/admin-recipes.md +227 -0
  142. package/docs/architecture.md +434 -0
  143. package/docs/ci/github-actions.yml +59 -0
  144. package/docs/ci.md +109 -0
  145. package/docs/compatibility.md +115 -0
  146. package/docs/deployment.md +305 -0
  147. package/docs/hardening.md +118 -0
  148. package/docs/host-owned-routes.md +154 -0
  149. package/docs/migrations/0001-schema-version.md +54 -0
  150. package/docs/migrations/0002-initial-schema.md +84 -0
  151. package/docs/migrations/upgrade-guide.md +160 -0
  152. package/docs/observability.md +394 -0
  153. package/docs/plugins/account-lockout.md +131 -0
  154. package/docs/plugins/admin.md +402 -0
  155. package/docs/plugins/api-key.md +327 -0
  156. package/docs/plugins/audit-log.md +261 -0
  157. package/docs/plugins/data-isolation.md +186 -0
  158. package/docs/plugins/email-verification.md +121 -0
  159. package/docs/plugins/magic-link.md +123 -0
  160. package/docs/plugins/oauth.md +544 -0
  161. package/docs/plugins/openapi.md +250 -0
  162. package/docs/plugins/rate-limit.md +223 -0
  163. package/docs/plugins/social-login.md +337 -0
  164. package/docs/plugins/tenancy.md +122 -0
  165. package/docs/plugins/two-factor.md +191 -0
  166. package/docs/plugins/webauthn.md +188 -0
  167. package/docs/plugins/webhook.md +242 -0
  168. package/docs/policy-as-code.md +156 -0
  169. package/docs/route-manifest.md +46 -0
  170. package/docs/security.md +261 -0
  171. package/docs/threat-model.md +161 -0
  172. package/examples/README.md +119 -0
  173. package/examples/express-app/index.ts +747 -0
  174. package/examples/hono-app/docker-compose.yml +14 -0
  175. package/examples/hono-app/index.ts +1009 -0
  176. package/examples/policy/fortress.policy.json +47 -0
  177. package/examples/sveltekit-app/README.md +125 -0
  178. package/examples/sveltekit-app/src/app.d.ts +16 -0
  179. package/examples/sveltekit-app/src/hooks.server.ts +23 -0
  180. package/examples/sveltekit-app/src/lib/server/fortress.ts +81 -0
  181. package/examples/sveltekit-app/src/routes/api/echo/[id]/+server.ts +32 -0
  182. package/examples/sveltekit-app/src/routes/api/fortress/[...path]/+server.ts +15 -0
  183. package/examples/sveltekit-app/src/routes/dashboard/+page.server.ts +20 -0
  184. package/examples/sveltekit-app/src/routes/login/+page.server.ts +48 -0
  185. package/examples/sveltekit-app/src/routes/oauth/consent/+page.server.ts +69 -0
  186. package/examples/sveltekit-app/src/routes/oauth/consent/+page.svelte +83 -0
  187. package/migrations/pg/0001_schema_version.down.sql +2 -0
  188. package/migrations/pg/0001_schema_version.sql +8 -0
  189. package/migrations/pg/0002_initial_schema.down.sql +36 -0
  190. package/migrations/pg/0002_initial_schema.sql +376 -0
  191. package/migrations/pg/0003_auth_continuation.down.sql +6 -0
  192. package/migrations/pg/0003_auth_continuation.sql +30 -0
  193. package/migrations/pg/0004_tenant_default_unique.down.sql +1 -0
  194. package/migrations/pg/0004_tenant_default_unique.sql +14 -0
  195. package/migrations/pg/0005_hot_indexes_timestamptz.down.sql +71 -0
  196. package/migrations/pg/0005_hot_indexes_timestamptz.sql +71 -0
  197. package/migrations/pg/0006_canonical_email.down.sql +3 -0
  198. package/migrations/pg/0006_canonical_email.sql +8 -0
  199. package/migrations/pg/0007_audit_chain_anchor.down.sql +1 -0
  200. package/migrations/pg/0007_audit_chain_anchor.sql +8 -0
  201. package/migrations/pg/0008_two_factor_hardening.down.sql +8 -0
  202. package/migrations/pg/0008_two_factor_hardening.sql +8 -0
  203. package/migrations/pg/0009_encrypt_totp_secrets.down.sql +2 -0
  204. package/migrations/pg/0009_encrypt_totp_secrets.sql +5 -0
  205. package/migrations/pg/0010_bigint_append_only_ids.down.sql +2 -0
  206. package/migrations/pg/0010_bigint_append_only_ids.sql +23 -0
  207. package/migrations/sqlite/0001_schema_version.down.sql +2 -0
  208. package/migrations/sqlite/0001_schema_version.sql +8 -0
  209. package/migrations/sqlite/0002_initial_schema.down.sql +36 -0
  210. package/migrations/sqlite/0002_initial_schema.sql +376 -0
  211. package/migrations/sqlite/0003_auth_continuation.down.sql +27 -0
  212. package/migrations/sqlite/0003_auth_continuation.sql +45 -0
  213. package/migrations/sqlite/0004_tenant_default_unique.down.sql +1 -0
  214. package/migrations/sqlite/0004_tenant_default_unique.sql +13 -0
  215. package/migrations/sqlite/0005_hot_indexes_timestamptz.down.sql +10 -0
  216. package/migrations/sqlite/0005_hot_indexes_timestamptz.sql +10 -0
  217. package/migrations/sqlite/0006_canonical_email.down.sql +3 -0
  218. package/migrations/sqlite/0006_canonical_email.sql +8 -0
  219. package/migrations/sqlite/0007_audit_chain_anchor.down.sql +1 -0
  220. package/migrations/sqlite/0007_audit_chain_anchor.sql +8 -0
  221. package/migrations/sqlite/0008_two_factor_hardening.down.sql +14 -0
  222. package/migrations/sqlite/0008_two_factor_hardening.sql +7 -0
  223. package/migrations/sqlite/0009_encrypt_totp_secrets.down.sql +2 -0
  224. package/migrations/sqlite/0009_encrypt_totp_secrets.sql +5 -0
  225. package/migrations/sqlite/0010_bigint_append_only_ids.down.sql +1 -0
  226. package/migrations/sqlite/0010_bigint_append_only_ids.sql +2 -0
  227. package/package.json +398 -0
  228. package/src/adapters/database/index.ts +63 -0
  229. package/src/adapters/database/types.ts +22 -0
  230. package/src/changelog-script.test.ts +21 -0
  231. package/src/cli.test.ts +79 -0
  232. package/src/core/auth/auth-admin.test.ts +247 -0
  233. package/src/core/auth/auth-endpoints.ts +558 -0
  234. package/src/core/auth/auth-observer.test.ts +191 -0
  235. package/src/core/auth/auth-service.ts +1464 -0
  236. package/src/core/auth/email.test.ts +17 -0
  237. package/src/core/auth/email.ts +11 -0
  238. package/src/core/auth/hooks.test.ts +251 -0
  239. package/src/core/auth/impersonation.test.ts +179 -0
  240. package/src/core/auth/jwt.test.ts +184 -0
  241. package/src/core/auth/jwt.ts +239 -0
  242. package/src/core/auth/login-timing.test.ts +77 -0
  243. package/src/core/auth/password-policy.test.ts +253 -0
  244. package/src/core/auth/password-policy.ts +220 -0
  245. package/src/core/auth/password.test.ts +42 -0
  246. package/src/core/auth/password.ts +62 -0
  247. package/src/core/auth/post-auth-gate.test.ts +258 -0
  248. package/src/core/auth/post-auth-gate.ts +228 -0
  249. package/src/core/auth/refresh-token.test.ts +86 -0
  250. package/src/core/auth/refresh-token.ts +105 -0
  251. package/src/core/auth/timing-safe.ts +23 -0
  252. package/src/core/config.ts +212 -0
  253. package/src/core/endpoint.ts +149 -0
  254. package/src/core/errors.ts +199 -0
  255. package/src/core/fetcher-interop.test.ts +106 -0
  256. package/src/core/fortress.test.ts +354 -0
  257. package/src/core/fortress.ts +550 -0
  258. package/src/core/http/call.test.ts +148 -0
  259. package/src/core/http/call.ts +149 -0
  260. package/src/core/http/cookie-serialize.test.ts +198 -0
  261. package/src/core/http/cookie-serialize.ts +107 -0
  262. package/src/core/http/csrf.test.ts +140 -0
  263. package/src/core/http/csrf.ts +173 -0
  264. package/src/core/http/dispatch.ts +652 -0
  265. package/src/core/http/error-response.test.ts +69 -0
  266. package/src/core/http/error-response.ts +93 -0
  267. package/src/core/http/fortress-rbac.test.ts +43 -0
  268. package/src/core/http/fortress-rbac.ts +127 -0
  269. package/src/core/http/handle-request.test.ts +441 -0
  270. package/src/core/http/handle-request.ts +354 -0
  271. package/src/core/http/match.test.ts +122 -0
  272. package/src/core/http/match.ts +126 -0
  273. package/src/core/http/outbound.test.ts +34 -0
  274. package/src/core/http/outbound.ts +105 -0
  275. package/src/core/http/plugin-middleware.ts +67 -0
  276. package/src/core/http/principal.test.ts +345 -0
  277. package/src/core/http/principal.ts +86 -0
  278. package/src/core/http/protect.test.ts +220 -0
  279. package/src/core/http/protect.ts +394 -0
  280. package/src/core/http/token-extraction.test.ts +59 -0
  281. package/src/core/http/token-extraction.ts +53 -0
  282. package/src/core/iam/explain.test.ts +177 -0
  283. package/src/core/iam/explain.ts +302 -0
  284. package/src/core/iam/iam-endpoints.ts +779 -0
  285. package/src/core/iam/iam-service.test.ts +829 -0
  286. package/src/core/iam/iam-service.ts +1137 -0
  287. package/src/core/iam/permission-cache.test.ts +115 -0
  288. package/src/core/iam/permission-cache.ts +71 -0
  289. package/src/core/iam/permission-check-observer.test.ts +90 -0
  290. package/src/core/iam/permission-evaluator.test.ts +291 -0
  291. package/src/core/iam/permission-evaluator.ts +198 -0
  292. package/src/core/iam/permission-sync.test.ts +166 -0
  293. package/src/core/iam/permission-sync.ts +192 -0
  294. package/src/core/iam/resource-sync.test.ts +70 -0
  295. package/src/core/iam/resource-sync.ts +182 -0
  296. package/src/core/iam/service-account-http.test.ts +529 -0
  297. package/src/core/iam/service-account.test.ts +282 -0
  298. package/src/core/internal-adapter.test.ts +389 -0
  299. package/src/core/internal-adapter.ts +435 -0
  300. package/src/core/json-schema.ts +50 -0
  301. package/src/core/manifest/__snapshots__/route-manifest.test.ts.snap +192 -0
  302. package/src/core/manifest/drift.ts +103 -0
  303. package/src/core/manifest/route-manifest.test.ts +142 -0
  304. package/src/core/manifest/route-manifest.ts +154 -0
  305. package/src/core/migrate.test.ts +72 -0
  306. package/src/core/migrations/engine.test.ts +308 -0
  307. package/src/core/migrations/engine.ts +548 -0
  308. package/src/core/migrations/migrations.ts +1771 -0
  309. package/src/core/migrations/pg-migration.integration-test.ts +353 -0
  310. package/src/core/migrations/upgrade-fixture.test.ts +378 -0
  311. package/src/core/observability/db-instrumentation.ts +205 -0
  312. package/src/core/observability/listener-list.test.ts +124 -0
  313. package/src/core/observability/listener-list.ts +73 -0
  314. package/src/core/observability/logger.test.ts +43 -0
  315. package/src/core/observability/logger.ts +49 -0
  316. package/src/core/observability/spans.test.ts +193 -0
  317. package/src/core/observability/types.ts +80 -0
  318. package/src/core/openapi-drift.test.ts +41 -0
  319. package/src/core/openapi.ts +47 -0
  320. package/src/core/plugin-methods-map.ts +75 -0
  321. package/src/core/plugin-runner.test.ts +233 -0
  322. package/src/core/plugin-runner.ts +276 -0
  323. package/src/core/plugin.ts +210 -0
  324. package/src/core/policy/apply.ts +272 -0
  325. package/src/core/policy/diff.ts +288 -0
  326. package/src/core/policy/loader.test.ts +63 -0
  327. package/src/core/policy/loader.ts +214 -0
  328. package/src/core/policy/policy.test.ts +232 -0
  329. package/src/core/policy/types.ts +105 -0
  330. package/src/core/schema-builder.test.ts +660 -0
  331. package/src/core/schema-builder.ts +881 -0
  332. package/src/core/standard-schema.ts +56 -0
  333. package/src/core/types.ts +258 -0
  334. package/src/core/validation.test.ts +195 -0
  335. package/src/core/validation.ts +192 -0
  336. package/src/drizzle/adapter.test.ts +425 -0
  337. package/src/drizzle/adapter.ts +474 -0
  338. package/src/drizzle/index.ts +31 -0
  339. package/src/drizzle/pg/adapter.integration-test.ts +456 -0
  340. package/src/drizzle/pg/index.ts +13 -0
  341. package/src/drizzle/pg/pg.integration-test.ts +1539 -0
  342. package/src/drizzle/pg/schema.ts +539 -0
  343. package/src/drizzle/pg-error-map.test.ts +218 -0
  344. package/src/drizzle/pg-error-map.ts +151 -0
  345. package/src/drizzle/schema.ts +544 -0
  346. package/src/drizzle/sqlite-serialization.test.ts +106 -0
  347. package/src/express/express-api-key-user-routes.test.ts +241 -0
  348. package/src/express/express.test.ts +442 -0
  349. package/src/express/handle.ts +191 -0
  350. package/src/express/index.ts +62 -0
  351. package/src/express/middleware.ts +551 -0
  352. package/src/express/protect.ts +154 -0
  353. package/src/express/validated.test.ts +86 -0
  354. package/src/express/validated.ts +99 -0
  355. package/src/fetcher/index.ts +81 -0
  356. package/src/hono/convert-routes.test.ts +220 -0
  357. package/src/hono/convert-routes.ts +196 -0
  358. package/src/hono/converters.test.ts +50 -0
  359. package/src/hono/converters.ts +43 -0
  360. package/src/hono/handle.ts +79 -0
  361. package/src/hono/helpers.ts +2 -0
  362. package/src/hono/hono-api-key-user-routes.test.ts +225 -0
  363. package/src/hono/hono-handlers.test.ts +861 -0
  364. package/src/hono/hono.test.ts +454 -0
  365. package/src/hono/index.ts +101 -0
  366. package/src/hono/middleware/auth.ts +236 -0
  367. package/src/hono/middleware/auth.types.test.ts +94 -0
  368. package/src/hono/middleware/csrf.test.ts +127 -0
  369. package/src/hono/middleware/csrf.ts +68 -0
  370. package/src/hono/middleware/error-handler.ts +12 -0
  371. package/src/hono/middleware/plugin-middleware.ts +35 -0
  372. package/src/hono/middleware/rbac.ts +131 -0
  373. package/src/hono/middleware/security-headers.test.ts +88 -0
  374. package/src/hono/middleware/security-headers.ts +68 -0
  375. package/src/hono/openapi.ts +237 -0
  376. package/src/hono/protect.ts +87 -0
  377. package/src/hono/validated.test.ts +123 -0
  378. package/src/hono/validated.ts +62 -0
  379. package/src/index.ts +309 -0
  380. package/src/integration.test.ts +718 -0
  381. package/src/internal/changelog.ts +56 -0
  382. package/src/otel/index.ts +158 -0
  383. package/src/otel/otel-types.test.ts +35 -0
  384. package/src/otel/otel.test.ts +235 -0
  385. package/src/plugins/account-lockout/account-lockout.test.ts +367 -0
  386. package/src/plugins/account-lockout/index.ts +267 -0
  387. package/src/plugins/admin/admin-api-key.test.ts +438 -0
  388. package/src/plugins/admin/index.ts +1612 -0
  389. package/src/plugins/api-key/api-key.test.ts +684 -0
  390. package/src/plugins/api-key/core.ts +336 -0
  391. package/src/plugins/api-key/index.ts +315 -0
  392. package/src/plugins/audit-log/audit-log.test.ts +749 -0
  393. package/src/plugins/audit-log/index.ts +680 -0
  394. package/src/plugins/data-isolation/data-isolation.test.ts +197 -0
  395. package/src/plugins/data-isolation/index.ts +157 -0
  396. package/src/plugins/email-verification/email-verification.test.ts +199 -0
  397. package/src/plugins/email-verification/index.ts +190 -0
  398. package/src/plugins/magic-link/index.ts +129 -0
  399. package/src/plugins/magic-link/magic-link.test.ts +156 -0
  400. package/src/plugins/oauth/id-token.ts +86 -0
  401. package/src/plugins/oauth/index.ts +2145 -0
  402. package/src/plugins/oauth/jwks.test.ts +32 -0
  403. package/src/plugins/oauth/jwks.ts +182 -0
  404. package/src/plugins/oauth/oauth.test.ts +2220 -0
  405. package/src/plugins/oauth/pkce.ts +58 -0
  406. package/src/plugins/openapi/index.ts +298 -0
  407. package/src/plugins/openapi/openapi.test.ts +425 -0
  408. package/src/plugins/openapi/spec-builder.ts +287 -0
  409. package/src/plugins/rate-limit/express.test.ts +89 -0
  410. package/src/plugins/rate-limit/express.ts +86 -0
  411. package/src/plugins/rate-limit/hono.test.ts +60 -0
  412. package/src/plugins/rate-limit/hono.ts +74 -0
  413. package/src/plugins/rate-limit/index.ts +383 -0
  414. package/src/plugins/rate-limit/memory-store.ts +61 -0
  415. package/src/plugins/rate-limit/rate-limit.test.ts +756 -0
  416. package/src/plugins/rate-limit/sveltekit.test.ts +58 -0
  417. package/src/plugins/rate-limit/sveltekit.ts +66 -0
  418. package/src/plugins/social-login/index.ts +715 -0
  419. package/src/plugins/social-login/providers/apple.ts +34 -0
  420. package/src/plugins/social-login/providers/discord.ts +26 -0
  421. package/src/plugins/social-login/providers/github.ts +54 -0
  422. package/src/plugins/social-login/providers/google.ts +23 -0
  423. package/src/plugins/social-login/providers/index.ts +22 -0
  424. package/src/plugins/social-login/providers/microsoft.ts +35 -0
  425. package/src/plugins/social-login/providers/oidc.ts +37 -0
  426. package/src/plugins/social-login/providers/providers.test.ts +211 -0
  427. package/src/plugins/social-login/social-login.test.ts +675 -0
  428. package/src/plugins/social-login/types.ts +80 -0
  429. package/src/plugins/tenancy/index.ts +544 -0
  430. package/src/plugins/tenancy/tenancy.test.ts +323 -0
  431. package/src/plugins/two-factor/index.ts +569 -0
  432. package/src/plugins/two-factor/two-factor.test.ts +235 -0
  433. package/src/plugins/webauthn/index.ts +554 -0
  434. package/src/plugins/webauthn/webauthn.test.ts +472 -0
  435. package/src/plugins/webhook/builtin-events.ts +29 -0
  436. package/src/plugins/webhook/delivery.test.ts +51 -0
  437. package/src/plugins/webhook/delivery.ts +154 -0
  438. package/src/plugins/webhook/hooks.ts +89 -0
  439. package/src/plugins/webhook/index.ts +445 -0
  440. package/src/plugins/webhook/queue/database.ts +67 -0
  441. package/src/plugins/webhook/queue/in-memory.test.ts +48 -0
  442. package/src/plugins/webhook/queue/in-memory.ts +71 -0
  443. package/src/plugins/webhook/queue/types.ts +51 -0
  444. package/src/plugins/webhook/registry.test.ts +48 -0
  445. package/src/plugins/webhook/registry.ts +64 -0
  446. package/src/plugins/webhook/signing.ts +45 -0
  447. package/src/plugins/webhook/ssrf.ts +198 -0
  448. package/src/plugins/webhook/types.ts +138 -0
  449. package/src/plugins/webhook/webhook.test.ts +324 -0
  450. package/src/sveltekit/actions.ts +233 -0
  451. package/src/sveltekit/catch-all.ts +43 -0
  452. package/src/sveltekit/cookies.ts +136 -0
  453. package/src/sveltekit/handle.ts +356 -0
  454. package/src/sveltekit/helpers.ts +69 -0
  455. package/src/sveltekit/index.ts +74 -0
  456. package/src/sveltekit/protect.ts +80 -0
  457. package/src/sveltekit/sveltekit-types.test.ts +31 -0
  458. package/src/sveltekit/sveltekit.test.ts +799 -0
  459. package/src/sveltekit/types.ts +134 -0
  460. package/src/sveltekit/validated.test.ts +117 -0
  461. package/src/sveltekit/validated.ts +78 -0
  462. package/src/testing/adapter-conformance.test.ts +408 -0
  463. package/src/testing/checks.test.ts +124 -0
  464. package/src/testing/checks.ts +304 -0
  465. package/src/testing/index.ts +107 -0
package/dist/hono.d.ts ADDED
@@ -0,0 +1,514 @@
1
+ import { F as Fortress } from './fortress-uA-_cheR.js';
2
+ import { Env, Context, MiddlewareHandler, ErrorHandler, Hono } from 'hono';
3
+ import { D as DatabaseAdapter } from './index-CxEkfCA0.js';
4
+ import { S as Subject, T as TokenClaims } from './types-et0R8tsC.js';
5
+ import { M as MiddlewareDefinition, J as JSONSchema, E as EndpointDefinition, S as StandardSchemaV1 } from './config-B2366s_G.js';
6
+ import { T as ToJSONSchemaConverter } from './convert-routes-BLCQT57f.js';
7
+ export { C as ConvertRoutesOptions, E as ExternalRoute, c as convertRoutes } from './convert-routes-BLCQT57f.js';
8
+ import { P as ProtectedRouteContext, a as ProtectOptions } from './protect-DsxV_-dJ.js';
9
+ export { c as ProtectedRouteHandler, b as ProtectedRouteTarget } from './protect-DsxV_-dJ.js';
10
+ import './index-jAMbbUAY.js';
11
+ import './auth-service-BkzZkWfH.js';
12
+ import './plugins/api-key.js';
13
+ import './jwt.js';
14
+ import './plugins/audit-log.js';
15
+ import './plugins/data-isolation.js';
16
+ import './plugins/email-verification.js';
17
+ import './plugins/magic-link.js';
18
+ import './plugins/oauth.js';
19
+ import './plugins/social-login.js';
20
+ import './plugins/tenancy.js';
21
+ import './plugins/two-factor.js';
22
+ import './plugins/webauthn.js';
23
+ import '@simplewebauthn/server';
24
+
25
+ /**
26
+ * Hono `Variables` slot populated by the fortress auth middleware.
27
+ *
28
+ * `fortressSubject` is the authoritative principal — set for every
29
+ * authenticated request regardless of credential type (JWT, api-key, future
30
+ * OAuth client_credentials, mTLS, ...). `fortressUserId` is a convenience
31
+ * alias populated **only** when the subject is a `USER`; non-USER subjects
32
+ * (e.g. `SERVICE_ACCOUNT` via api-key) leave it `undefined`.
33
+ *
34
+ * Use {@link FortressEnv} to compose this with your own Hono env types
35
+ * without casts.
36
+ */
37
+ interface FortressVariables {
38
+ fortressSubject: Subject;
39
+ fortressUserId?: string;
40
+ fortressClaims?: TokenClaims;
41
+ fortressScopes?: string[] | null;
42
+ fortressDb: DatabaseAdapter;
43
+ fortressGetScopedDb: (model: string) => Promise<DatabaseAdapter>;
44
+ }
45
+ type ExtractVariables<E> = E extends {
46
+ Variables: infer V;
47
+ } ? V : Record<string, never>;
48
+ type ExtractBindings<E> = E extends {
49
+ Bindings: infer B;
50
+ } ? B : Record<string, never>;
51
+ /**
52
+ * Generic Hono env that composes {@link FortressVariables} with the host
53
+ * app's own env types. Use it directly (`Hono<FortressEnv>`) for a
54
+ * Fortress-only app, or parameterize with your existing env
55
+ * (`Hono<FortressEnv<MyEnv>>`) to add Fortress's variables on top of
56
+ * yours — no `Context<AppEnv>` ↔ `Context<FortressEnv>` casts.
57
+ *
58
+ * @example
59
+ * ```ts
60
+ * interface MyEnv {
61
+ * Variables: { requestId: string };
62
+ * Bindings: { DB: D1Database };
63
+ * }
64
+ *
65
+ * const app = new Hono<FortressEnv<MyEnv>>();
66
+ * app.use(createAuthMiddleware(fortress));
67
+ * app.get('/me', (c) => {
68
+ * const requestId = c.get('requestId'); // host-defined, typed
69
+ * const subject = getSubject(c); // fortress-defined, typed
70
+ * return c.json({ requestId, subject });
71
+ * });
72
+ * ```
73
+ */
74
+ interface FortressEnv<TAppEnv extends Env = Env> {
75
+ Variables: FortressVariables & ExtractVariables<TAppEnv>;
76
+ Bindings: ExtractBindings<TAppEnv>;
77
+ }
78
+ /** Minimum-viable context shape the typed helpers need — works with any `Context<E>` whose `Variables` include {@link FortressVariables}. */
79
+ type FortressContext<E extends Env = FortressEnv> = Context<E>;
80
+ /**
81
+ * Hono middleware that resolves the request principal and populates the
82
+ * Hono context with `fortressSubject`, `fortressUserId` (USER alias),
83
+ * `fortressClaims`, `fortressDb`, and `fortressGetScopedDb`.
84
+ *
85
+ * Principal resolution goes through `fortress.resolvePrincipal`, which
86
+ * tries plugin `resolvePrincipal` hooks (api-key, future OAuth
87
+ * client_credentials, mTLS) first and then falls back to the JWT bearer
88
+ * token (cookie-first, `Authorization: Bearer` second). This means the
89
+ * same Hono app can authenticate browsers (cookies), SPA clients (Bearer),
90
+ * and service accounts (`Authorization: ApiKey ...` or `X-API-Key`)
91
+ * without extra wiring on any route.
92
+ *
93
+ * `fortressDb` has plugin `wrapAdapter` applied (e.g. tenancy schema
94
+ * switching). `fortressGetScopedDb(model)` additionally applies
95
+ * `scopeRules` for the requested model.
96
+ */
97
+ declare function createAuthMiddleware(fortress: Fortress): MiddlewareHandler<FortressEnv>;
98
+ /**
99
+ * Get the authenticated principal from the Hono context. Works for every
100
+ * subject kind (`USER`, `SERVICE_ACCOUNT`, ...). Generic in the env type
101
+ * so host apps can pass their own `Context<FortressEnv<MyEnv>>` without
102
+ * casts.
103
+ */
104
+ declare function getSubject<E extends Env = FortressEnv>(c: Context<E>): Subject;
105
+ /**
106
+ * Get the authenticated user ID from Hono context. Throws 401 if the
107
+ * request was authenticated by a non-USER subject (e.g. a service account
108
+ * via api-key) — use {@link getSubject} for handlers that need to accept
109
+ * any principal.
110
+ */
111
+ declare function getUserId<E extends Env = FortressEnv>(c: Context<E>): string;
112
+ /**
113
+ * Get the authenticated user's JWT claims from Hono context. Claims are
114
+ * only populated when the request was authenticated via a JWT — api-key
115
+ * principals have no JWT claims. Throws 401 if unavailable.
116
+ *
117
+ * Pass a `TCustomClaims` type parameter to narrow `customClaims` to your
118
+ * deployment's plugin-augmented claim shape (e.g. tenancy adds
119
+ * `tenantId` / `tenantCode`).
120
+ *
121
+ * @example
122
+ * ```ts
123
+ * interface MyClaims { tenantId: string; tenantCode: string }
124
+ * const claims = getClaims<MyClaims>(c);
125
+ * claims.customClaims?.tenantCode; // string | undefined
126
+ * ```
127
+ */
128
+ declare function getClaims<TCustomClaims extends object = Record<string, unknown>, E extends Env = FortressEnv>(c: Context<E>): TokenClaims & {
129
+ customClaims?: TCustomClaims;
130
+ };
131
+ /**
132
+ * Get the request-scoped database adapter with plugin wrapAdapter applied.
133
+ */
134
+ declare function getDb<E extends Env = FortressEnv>(c: Context<E>): DatabaseAdapter;
135
+ /**
136
+ * Get a model-scoped database adapter with both wrapAdapter and scopeRules applied.
137
+ */
138
+ declare function getScopedDb<E extends Env = FortressEnv>(c: Context<E>, model: string): Promise<DatabaseAdapter>;
139
+
140
+ /** A `(resource, action)` IAM mapping for an HTTP route. */
141
+ interface RouteMapping {
142
+ resource: string;
143
+ action: string;
144
+ }
145
+ /** Options accepted by {@link createRbacMiddleware} (and the Hono adapter factory). */
146
+ interface RbacOptions {
147
+ /** Declarative route-to-resource mapping: 'METHOD /path' → { resource, action } */
148
+ routeMap?: Record<string, RouteMapping>;
149
+ /** Dynamic mapping function (used if routeMap doesn't match) */
150
+ mapRequest?: (method: string, path: string) => RouteMapping | null;
151
+ /** Paths that skip permission checks entirely (supports * wildcards) */
152
+ skipPaths?: string[];
153
+ /** Behavior for non-skipped routes absent from routeMap/mapRequest. */
154
+ unmappedRoutes?: 'allow' | 'deny';
155
+ /** @deprecated Use `unmappedRoutes: 'deny'`. */
156
+ defaultDeny?: boolean;
157
+ }
158
+ /**
159
+ * Hono middleware that checks IAM permissions for **user-owned routes**
160
+ * via a declarative route map. Fortress-managed routes (`/auth/*`,
161
+ * `/iam/*`, plugin paths) are protected automatically inside
162
+ * `fortress.handleRequest` — this middleware only handles routes the
163
+ * caller registered themselves.
164
+ *
165
+ * Lookup order:
166
+ * 1. {@link RbacOptions.skipPaths} — if matched, allow.
167
+ * 2. {@link RbacOptions.routeMap} — exact `'METHOD /path'` then
168
+ * parameterized match.
169
+ * 3. {@link RbacOptions.mapRequest} — dynamic resolver fallback.
170
+ * 4. No mapping found → allow, unless {@link RbacOptions.defaultDeny} is set,
171
+ * in which case the route is refused with a 403 (fail closed).
172
+ *
173
+ * Throws {@link FortressError} on missing/insufficient permissions.
174
+ */
175
+ declare function createRbacMiddleware(fortress: Fortress, options?: RbacOptions): MiddlewareHandler<FortressEnv>;
176
+
177
+ /**
178
+ * Hono error handler that maps FortressError to HTTP responses.
179
+ * Delegates to the framework-agnostic `errorToResponse` in core so the
180
+ * mapping (status codes, `Retry-After`, sanitized 500s) stays consistent
181
+ * across Hono / Express / SvelteKit / `fortress.handleRequest`.
182
+ */
183
+ declare function createErrorHandler(): ErrorHandler;
184
+
185
+ /**
186
+ * Hono middleware that executes plugin-defined middleware for a given position.
187
+ *
188
+ * Normalizes Hono's context to the shared {@link PluginRequestContext}, so
189
+ * plugin middleware receives the same web-standard Request and resolved auth
190
+ * fields under core, Hono, and Express.
191
+ */
192
+ declare function createPluginMiddleware(fortress: Fortress, position: MiddlewareDefinition['position']): MiddlewareHandler<FortressEnv>;
193
+
194
+ /**
195
+ * Hono OpenAPI adapter for Fortress.
196
+ *
197
+ * Schema-library agnostic — accepts a converter function from the user.
198
+ * Users pass their own JSON Schema → schema-library converter (Zod, Valibot, etc.).
199
+ *
200
+ * Users pass their schema library's JSON Schema converter:
201
+ * - Zod v4: `z.fromJSONSchema`
202
+ * - TypeBox: schemas are JSON Schema natively
203
+ * - ArkType: `@ark/jsonschema`
204
+ */
205
+
206
+ /**
207
+ * A function that converts a JSON Schema to whatever schema type your
208
+ * framework adapter expects (e.g. Zod schema, Valibot schema). Used by
209
+ * {@link buildRouteDefinition} so fortress's OpenAPI generator stays
210
+ * schema-library agnostic.
211
+ */
212
+ type SchemaConverter<T = unknown> = (jsonSchema: JSONSchema) => T;
213
+ interface MountOptions<T = unknown> {
214
+ /** Convert JSON Schema → your schema library (e.g., jsonSchemaToZod from '@bajustone/fortress/zod') */
215
+ schemaConverter: SchemaConverter<T>;
216
+ /** Paths to skip (won't be mounted) */
217
+ skipPaths?: string[];
218
+ /** Function to create a route definition from an endpoint (framework-specific) */
219
+ createRoute: (def: Record<string, unknown>) => unknown;
220
+ /** Function to register security schemes on the app */
221
+ registerSecuritySchemes?: (app: unknown) => void;
222
+ }
223
+ interface GenericOpenAPIApp {
224
+ openapi: (route: unknown, handler: (...args: any[]) => any) => void;
225
+ }
226
+ /**
227
+ * Build a framework-agnostic route definition object from an EndpointDefinition.
228
+ * The schemaConverter transforms JSON Schema into whatever the target framework expects.
229
+ */
230
+ declare function buildRouteDefinition<T>(ep: EndpointDefinition, schemaConverter: SchemaConverter<T>): Record<string, unknown>;
231
+ /**
232
+ * Auto-mount all Fortress endpoints on an OpenAPI-compatible Hono app.
233
+ *
234
+ * Schema-library agnostic: you provide the converter.
235
+ *
236
+ * @example
237
+ * ```ts
238
+ * import { OpenAPIHono, createRoute } from '@hono/zod-openapi';
239
+ * import { mountFortressOpenAPI } from '@bajustone/fortress/hono';
240
+ * import { jsonSchemaToZod } from '@bajustone/fortress/zod';
241
+ *
242
+ * const app = new OpenAPIHono();
243
+ * mountFortressOpenAPI(app, fortress, {
244
+ * schemaConverter: jsonSchemaToZod,
245
+ * createRoute,
246
+ * });
247
+ * ```
248
+ */
249
+ declare function mountFortressOpenAPI<T>(app: GenericOpenAPIApp & {
250
+ openAPIRegistry?: {
251
+ registerComponent: (type: string, name: string, schema: Record<string, unknown>) => void;
252
+ };
253
+ }, fortress: Fortress, options: MountOptions<T>): void;
254
+ /**
255
+ * Get all Fortress endpoint definitions as framework route definitions.
256
+ * Returns a map of `{ [handlerName]: routeDef }`.
257
+ */
258
+ declare function getFortressRoutes<T>(fortress: Fortress, schemaConverter: SchemaConverter<T>, createRoute: (def: Record<string, unknown>) => unknown): Record<string, unknown>;
259
+
260
+ /**
261
+ * Default schema converters for the Hono OpenAPI integration — so you can mount
262
+ * fortress endpoints (or import external routes) **without pulling in Zod**.
263
+ *
264
+ * fortress's builder schemas (and `@bajustone/fetcher`'s builder schemas) ARE
265
+ * JSON Schema, so the converters are trivial: identity for the JSON-Schema
266
+ * direction, and `fromJSONSchema` when the target wants a validating Standard
267
+ * Schema V1. Existing Zod callers are unaffected — these are opt-in defaults.
268
+ *
269
+ * @module
270
+ */
271
+
272
+ /**
273
+ * A {@link SchemaConverter} that passes JSON Schema through unchanged. Use with
274
+ * OpenAPI tooling that consumes JSON Schema directly, or for raw spec
275
+ * generation. Requires no schema library.
276
+ */
277
+ declare const identitySchemaConverter: SchemaConverter<JSONSchema>;
278
+ /**
279
+ * A {@link SchemaConverter} that compiles JSON Schema into a validating
280
+ * `@bajustone/fetcher` Standard Schema V1. Use with Hono OpenAPI tooling that
281
+ * accepts Standard Schema (e.g. `hono-openapi` / `@hono/standard-validator`) —
282
+ * no Zod required.
283
+ */
284
+ declare const fetcherSchemaConverter: SchemaConverter<StandardSchemaV1>;
285
+ /**
286
+ * A {@link ToJSONSchemaConverter} for importing external routes authored with
287
+ * fortress's or fetcher's builder (both ARE JSON Schema). Extracts clean JSON
288
+ * Schema (runtime-only `~`-prefixed props are dropped at OpenAPI emission).
289
+ * Pass to {@link convertRoutes} so such routes import without Zod.
290
+ */
291
+ declare const toJSONSchemaConverter: ToJSONSchemaConverter;
292
+
293
+ /**
294
+ * Primary entry point for the Hono adapter: register a single fortress
295
+ * middleware that detects Fortress-managed paths and delegates to
296
+ * `fortress.handleRequest`. Custom user routes registered *before*
297
+ * `mountFortress` keep working — Hono's first-match routing means user
298
+ * handlers win over the catch-all.
299
+ *
300
+ * @example
301
+ * ```ts
302
+ * import { Hono } from 'hono';
303
+ * import { mountFortress } from '@bajustone/fortress/hono';
304
+ *
305
+ * const app = new Hono();
306
+ * mountFortress(app, fortress);
307
+ * // POST /auth/login, POST /auth/refresh, GET /auth/me, /iam/*, /oauth/* …
308
+ * // are all handled automatically. Cookies for login/refresh are set on
309
+ * // the response without any extra wiring.
310
+ * ```
311
+ */
312
+
313
+ /** Options for {@link mountFortress}. */
314
+ interface MountFortressOptions {
315
+ /**
316
+ * Optional path prefix to mount Fortress under (e.g. `/api`). When set,
317
+ * a request to `/api/auth/login` is internally rewritten to `/auth/login`
318
+ * before being passed to `fortress.handleRequest`.
319
+ */
320
+ prefix?: string;
321
+ }
322
+ /**
323
+ * Mount a single Hono middleware that delegates Fortress-managed paths to
324
+ * `fortress.handleRequest` and otherwise calls `next()` so user-route
325
+ * handlers run normally.
326
+ *
327
+ * Cookies emitted by login/refresh/impersonate are honored automatically:
328
+ * the `Response` returned by `fortress.handleRequest` already carries the
329
+ * `Set-Cookie` headers built by core, and Hono returns it verbatim.
330
+ */
331
+ declare function mountFortress<E extends Env = Env>(app: Hono<E>, fortress: Fortress, options?: MountFortressOptions): void;
332
+
333
+ /** Options accepted by {@link createCsrfMiddleware}. */
334
+ interface CsrfConfig {
335
+ /** Header name to check. Default: 'X-Fortress-CSRF'. */
336
+ headerName?: string;
337
+ /** Paths to skip CSRF checking. */
338
+ skipPaths?: string[];
339
+ /** HTTP methods that don't need CSRF checking. Default: ['GET', 'HEAD', 'OPTIONS']. */
340
+ safeMethods?: string[];
341
+ }
342
+ /**
343
+ * CSRF middleware using the custom-header strategy.
344
+ *
345
+ * Browsers enforce CORS preflight on custom headers, so cross-origin requests
346
+ * cannot set them without explicit server permission. This middleware requires
347
+ * a specific header to be present on non-safe HTTP methods.
348
+ *
349
+ * Additionally checks `Sec-Fetch-Site` to reject cross-site requests.
350
+ */
351
+ declare function createCsrfMiddleware(config?: CsrfConfig): MiddlewareHandler;
352
+
353
+ /** Options accepted by {@link createSecurityHeadersMiddleware}. */
354
+ interface SecurityHeadersConfig {
355
+ /** Strict-Transport-Security max-age in seconds. Default: 63072000 (2 years). Set to 0 to disable. */
356
+ hstsMaxAge?: number;
357
+ /** Include subdomains in HSTS. Default: true. */
358
+ hstsIncludeSubdomains?: boolean;
359
+ /** HSTS preload flag. Default: false. */
360
+ hstsPreload?: boolean;
361
+ /** X-Frame-Options value. Default: 'DENY'. Set to false to disable. */
362
+ frameOptions?: 'DENY' | 'SAMEORIGIN' | false;
363
+ /** X-Content-Type-Options nosniff. Default: true. */
364
+ noSniff?: boolean;
365
+ /** Content-Security-Policy value. Default: "default-src 'self'". Set to false to disable. */
366
+ contentSecurityPolicy?: string | false;
367
+ /** Referrer-Policy value. Default: 'strict-origin-when-cross-origin'. Set to false to disable. */
368
+ referrerPolicy?: string | false;
369
+ /** X-Permitted-Cross-Domain-Policies value. Default: 'none'. Set to false to disable. */
370
+ permittedCrossDomainPolicies?: string | false;
371
+ }
372
+ /**
373
+ * Hono middleware that sets security-related HTTP headers.
374
+ * All headers are enabled by default with secure values.
375
+ */
376
+ declare function createSecurityHeadersMiddleware(config?: SecurityHeadersConfig): MiddlewareHandler;
377
+
378
+ /**
379
+ * Hono-flavoured host callback. `E` flows in from the endpoint passed to
380
+ * `protectedRoute()`, so `ctx.body` / `ctx.query` / `ctx.params` / `ctx.input`
381
+ * are typed from the endpoint's phantom generics.
382
+ *
383
+ * `HEnv` is Hono's environment generic (renamed from `E` so it no longer
384
+ * collides with the endpoint generic). String targets degrade to the
385
+ * loose default just like the core helper.
386
+ */
387
+ type HonoProtectedRouteHandler<E extends EndpointDefinition<any, any, any, any> = EndpointDefinition, HEnv extends Env = Env, TResult = unknown> = (c: Context<HEnv>, ctx: ProtectedRouteContext<E>) => TResult | Response | Promise<TResult | Response>;
388
+ /**
389
+ * Wrap a host-owned Hono route in Fortress's route protection pipeline.
390
+ *
391
+ * Two overloads, mirroring `protect()`:
392
+ *
393
+ * - **Typed target** — passing an `EndpointDefinition` flows its phantom
394
+ * generics through `ctx.body` / `ctx.query` / `ctx.params` / `ctx.input`.
395
+ * - **String target** — passing a unique `handler` name keeps the loose
396
+ * `Record<string, unknown>` / `unknown` typing.
397
+ */
398
+ declare function protectedRoute<E extends EndpointDefinition<any, any, any, any>, HEnv extends Env = Env, TResult = unknown>(fortress: Fortress, target: E, handler: HonoProtectedRouteHandler<E, HEnv, TResult>, options?: ProtectOptions): MiddlewareHandler<HEnv>;
399
+ declare function protectedRoute<HEnv extends Env = Env, TResult = unknown>(fortress: Fortress, target: string, handler: HonoProtectedRouteHandler<EndpointDefinition, HEnv, TResult>, options?: ProtectOptions): MiddlewareHandler<HEnv>;
400
+
401
+ /**
402
+ * Typed extraction-and-validation helpers for Hono handlers.
403
+ *
404
+ * These helpers extract request data (body, params, query) **and validate
405
+ * it at runtime** against the supplied Standard Schema. On success they
406
+ * return the parsed value with full TypeScript inference; on failure they
407
+ * throw `FortressError('VALIDATION_ERROR', 422)` — the same shape every
408
+ * fortress-managed endpoint produces — so the existing Hono error handler
409
+ * formats it identically.
410
+ *
411
+ * Works with any Standard Schema V1 library: Zod, Valibot, ArkType, or
412
+ * fortress's built-in schema builders.
413
+ *
414
+ * @example
415
+ * ```ts
416
+ * import { vBody, vParam, vQuery } from '@bajustone/fortress/hono';
417
+ *
418
+ * app.post('/users/:id', async (c) => {
419
+ * const body = await vBody(c, CreateUserBody);
420
+ * const { id } = await vParam(c, IdParam);
421
+ * const { page } = await vQuery(c, PaginationQuery);
422
+ * // ...
423
+ * });
424
+ * ```
425
+ *
426
+ * Validation runs per call, so the first failing helper throws and any
427
+ * downstream helpers in the same handler do not run. If you need to
428
+ * aggregate body+query+params issues into a single response, use the
429
+ * framework-agnostic `validateRequest` from `@bajustone/fortress` instead.
430
+ */
431
+
432
+ /** Infer the output type of a Standard Schema V1 schema. */
433
+ type InferOutput<T extends StandardSchemaV1> = StandardSchemaV1.InferOutput<T>;
434
+ /**
435
+ * Extract and validate the request body. Returns the parsed value typed as
436
+ * `InferOutput<T>`, or throws `FortressError('VALIDATION_ERROR', 422)`.
437
+ */
438
+ declare function vBody<T extends StandardSchemaV1>(c: Context, schema: T): Promise<InferOutput<T>>;
439
+ /**
440
+ * Extract and validate route parameters. Returns the parsed value typed as
441
+ * `InferOutput<T>`, or throws `FortressError('VALIDATION_ERROR', 422)`.
442
+ */
443
+ declare function vParam<T extends StandardSchemaV1>(c: Context, schema: T): Promise<InferOutput<T>>;
444
+ /**
445
+ * Extract and validate query parameters. Returns the parsed value typed as
446
+ * `InferOutput<T>`, or throws `FortressError('VALIDATION_ERROR', 422)`.
447
+ */
448
+ declare function vQuery<T extends StandardSchemaV1>(c: Context, schema: T): Promise<InferOutput<T>>;
449
+
450
+ /**
451
+ * Hono adapter for fortress.
452
+ *
453
+ * Provides {@link mountFortress}, the modern entry point that delegates to
454
+ * `fortress.handleRequest`, plus the lower-level middleware factories
455
+ * (`createHonoMiddleware`, `createAuthMiddleware`, `createRbacMiddleware`,
456
+ * `createCsrfMiddleware`, `createSecurityHeadersMiddleware`, etc.) for
457
+ * user-owned routes. Also exports `vBody` / `vParam` / `vQuery` typed
458
+ * extraction helpers for custom routes.
459
+ *
460
+ * @example
461
+ * ```ts
462
+ * import { Hono } from 'hono';
463
+ * import { mountFortress, createHonoMiddleware } from '@bajustone/fortress/hono';
464
+ *
465
+ * const app = new Hono();
466
+ *
467
+ * // One-line mount: handles all Fortress routes (auth, IAM, plugins, OAuth, OpenAPI).
468
+ * mountFortress(app, fortress);
469
+ *
470
+ * // Optional: protect your own routes with the IAM middleware.
471
+ * const { authMiddleware, rbacMiddleware, errorHandler } = createHonoMiddleware(fortress, {
472
+ * routeMap: { 'GET /api/users': { resource: 'user', action: 'list' } },
473
+ * });
474
+ * app.use('/api/*', authMiddleware, rbacMiddleware);
475
+ * app.onError(errorHandler);
476
+ * ```
477
+ *
478
+ * @module
479
+ */
480
+
481
+ /**
482
+ * Options for {@link createHonoMiddleware}. Currently extends {@link RbacOptions}
483
+ * so callers can override which IAM resource/action a route maps to.
484
+ */
485
+ interface HonoAdapterOptions extends RbacOptions {
486
+ }
487
+ /**
488
+ * Create Hono middleware from a Fortress instance.
489
+ *
490
+ * Usage:
491
+ * const { authMiddleware, pluginMiddleware, rbacMiddleware, errorHandler } = createHonoMiddleware(fortress, {
492
+ * routeMap: { 'POST /api/users': { resource: 'user', action: 'create' } },
493
+ * skipPaths: ['/health', '/auth/*'],
494
+ * });
495
+ *
496
+ * app.onError(errorHandler);
497
+ * app.use('/api/*', pluginMiddleware.beforeAuth);
498
+ * app.use('/api/*', authMiddleware);
499
+ * app.use('/api/*', pluginMiddleware.afterAuth);
500
+ * app.use('/api/*', rbacMiddleware);
501
+ * app.use('/api/*', pluginMiddleware.afterRbac);
502
+ */
503
+ declare function createHonoMiddleware(fortress: Fortress, options?: HonoAdapterOptions): {
504
+ authMiddleware: ReturnType<typeof createAuthMiddleware>;
505
+ rbacMiddleware: ReturnType<typeof createRbacMiddleware>;
506
+ errorHandler: ReturnType<typeof createErrorHandler>;
507
+ pluginMiddleware: {
508
+ beforeAuth: ReturnType<typeof createPluginMiddleware>;
509
+ afterAuth: ReturnType<typeof createPluginMiddleware>;
510
+ afterRbac: ReturnType<typeof createPluginMiddleware>;
511
+ };
512
+ };
513
+
514
+ export { type CsrfConfig, type FortressContext, type FortressEnv, type FortressVariables, type HonoAdapterOptions, type HonoProtectedRouteHandler, type InferOutput, type MountFortressOptions, ProtectOptions, ProtectedRouteContext, type RbacOptions, type RouteMapping, type SchemaConverter, type SecurityHeadersConfig, ToJSONSchemaConverter, buildRouteDefinition, createCsrfMiddleware, createHonoMiddleware, createPluginMiddleware, createSecurityHeadersMiddleware, fetcherSchemaConverter, getClaims, getDb, getFortressRoutes, getScopedDb, getSubject, getUserId, identitySchemaConverter, mountFortress, mountFortressOpenAPI, protectedRoute, toJSONSchemaConverter, vBody, vParam, vQuery };