@cabin-id/nextjs 1.0.0 → 1.0.2

package/dist/cjs/server/client.js

@@ -0,0 +1,35 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var client_exports = {};
+__export(client_exports, {
+  cabinIdClient: () => cabinIdClient
+});
+module.exports = __toCommonJS(client_exports);
+var import_constants = require("../constants");
+var import_createCabinIdClient = require("../utils/createCabinIdClient");
+const cabinIdClient = (0, import_createCabinIdClient.createCabinIdClient)({
+  apiUrl: import_constants.API_URL,
+  apiVersion: import_constants.API_VERSION,
+  secretKey: import_constants.SECRET_KEY
+});
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  cabinIdClient
+});
+//# sourceMappingURL=client.js.map

package/dist/cjs/server/client.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/client.ts"],"sourcesContent":["import { API_URL, API_VERSION, SECRET_KEY } from '../constants';\nimport { createCabinIdClient } from '../utils/createCabinIdClient';\n\nconst cabinIdClient = createCabinIdClient({\n  apiUrl: API_URL,\n  apiVersion: API_VERSION,\n  secretKey: SECRET_KEY,\n});\n\nexport { cabinIdClient };\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,uBAAiD;AACjD,iCAAoC;AAEpC,MAAM,oBAAgB,gDAAoB;AAAA,EACxC,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AACb,CAAC;","names":[]}

package/dist/cjs/server/createGetAuth.js

@@ -0,0 +1,45 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var createGetAuth_exports = {};
+__export(createGetAuth_exports, {
+  createGetAuth: () => createGetAuth,
+  getAuth: () => getAuth
+});
+module.exports = __toCommonJS(createGetAuth_exports);
+var import_authObjects = require("../tokens/authObjects");
+var import_constants = require("../constants");
+var import_utils = require("./utils");
+const createGetAuth = () => (req) => {
+  const authToken = (0, import_utils.getCookie)(req, import_constants.constants.Cookies.Client);
+  const userId = (0, import_utils.getCookie)(req, import_constants.constants.Cookies.User);
+  if (authToken && userId) {
+    return (0, import_authObjects.signedInAuthObject)({
+      sessionToken: authToken || "",
+      userId: userId || ""
+    });
+  }
+  return (0, import_authObjects.signedOutAuthObject)();
+};
+const getAuth = createGetAuth();
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createGetAuth,
+  getAuth
+});
+//# sourceMappingURL=createGetAuth.js.map

package/dist/cjs/server/createGetAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/createGetAuth.ts"],"sourcesContent":["import {\n  AuthObject,\n  signedInAuthObject,\n  signedOutAuthObject,\n} from '../tokens/authObjects';\nimport { constants } from '../constants';\nimport { getCookie } from './utils';\nimport { RequestLike } from './type';\n\nexport const createGetAuth =\n  () =>\n  (req: RequestLike): AuthObject => {\n    const authToken = getCookie(req, constants.Cookies.Client);\n    const userId = getCookie(req, constants.Cookies.User);\n    if (authToken && userId) {\n      return signedInAuthObject({\n        sessionToken: authToken || '',\n        userId: userId || '',\n      });\n    }\n\n    return signedOutAuthObject();\n  };\n\nexport const getAuth = createGetAuth();\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,yBAIO;AACP,uBAA0B;AAC1B,mBAA0B;AAGnB,MAAM,gBACX,MACA,CAAC,QAAiC;AAChC,QAAM,gBAAY,wBAAU,KAAK,2BAAU,QAAQ,MAAM;AACzD,QAAM,aAAS,wBAAU,KAAK,2BAAU,QAAQ,IAAI;AACpD,MAAI,aAAa,QAAQ;AACvB,eAAO,uCAAmB;AAAA,MACxB,cAAc,aAAa;AAAA,MAC3B,QAAQ,UAAU;AAAA,IACpB,CAAC;AAAA,EACH;AAEA,aAAO,wCAAoB;AAC7B;AAEK,MAAM,UAAU,cAAc;","names":[]}

package/dist/cjs/server/createRedirect.js

@@ -0,0 +1,90 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var createRedirect_exports = {};
+__export(createRedirect_exports, {
+  createRedirect: () => createRedirect
+});
+module.exports = __toCommonJS(createRedirect_exports);
+var import_key = require("../utils/key");
+const buildUrl = (_baseUrl, _targetUrl, _returnBackUrl) => {
+  if (!!_baseUrl) {
+    const baseUrl = new URL(_baseUrl);
+    const returnBackUrl = _returnBackUrl ? new URL(_returnBackUrl, baseUrl) : void 0;
+    const res = new URL(_targetUrl, baseUrl);
+    if (returnBackUrl) {
+      res.searchParams.set("redirect_url", returnBackUrl.toString());
+    }
+    return res.toString();
+  } else {
+    const returnBackUrl = _returnBackUrl ? new URL(_returnBackUrl) : void 0;
+    const res = new URL(_targetUrl);
+    if (returnBackUrl) {
+      res.searchParams.set("redirect_url", returnBackUrl.toString());
+    }
+    return res.toString();
+  }
+};
+const buildAccountsBaseUrl = (frontendApi) => {
+  if (!frontendApi) {
+    return "";
+  }
+  const accountsBaseUrl = frontendApi;
+  return `https://${accountsBaseUrl}`;
+};
+const createRedirect = (params) => {
+  const { publishableKey, redirectAdapter, signInUrl, signUpUrl, baseUrl } = params;
+  const frontendApi = (0, import_key.parsePublishableKey)(publishableKey);
+  const accountsBaseUrl = buildAccountsBaseUrl(frontendApi);
+  const redirectToSignUp = ({ returnBackUrl } = {}) => {
+    if (!signUpUrl && !accountsBaseUrl) {
+      throw new Error("Publish Key is not exist");
+    }
+    const accountsSignUpUrl = `${accountsBaseUrl}/sign-up`;
+    let redirect = null;
+    if (signUpUrl) {
+      redirect = redirectAdapter(buildUrl(baseUrl, signUpUrl));
+    } else {
+      redirect = redirectAdapter(
+        buildUrl(null, accountsSignUpUrl, returnBackUrl)
+      );
+    }
+    return redirect;
+  };
+  const redirectToSignIn = ({ returnBackUrl } = {}) => {
+    if (!signInUrl && !accountsBaseUrl) {
+      throw new Error("Publish Key is not exist");
+    }
+    const accountsSignInUrl = `${accountsBaseUrl}/sign-in`;
+    let redirect = null;
+    if (signInUrl) {
+      redirect = redirectAdapter(buildUrl(baseUrl, signInUrl));
+    } else {
+      redirect = redirectAdapter(
+        buildUrl(null, accountsSignInUrl, returnBackUrl)
+      );
+    }
+    return redirect;
+  };
+  return { redirectToSignUp, redirectToSignIn };
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createRedirect
+});
+//# sourceMappingURL=createRedirect.js.map

package/dist/cjs/server/createRedirect.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/createRedirect.ts"],"sourcesContent":["import { parsePublishableKey } from '../utils/key';\n\ntype RedirectAdapter<RedirectReturn> = (url: string) => RedirectReturn;\ntype RedirectToParams = { returnBackUrl?: string | URL | null };\nexport type RedirectFun<ReturnType> = (params?: RedirectToParams) => ReturnType;\n\nconst buildUrl = (\n  _baseUrl: string | URL | null,\n  _targetUrl: string | URL,\n  _returnBackUrl?: string | URL | null\n) => {\n  if (!!_baseUrl) {\n    const baseUrl = new URL(_baseUrl);\n    const returnBackUrl = _returnBackUrl\n      ? new URL(_returnBackUrl, baseUrl)\n      : undefined;\n    const res = new URL(_targetUrl, baseUrl);\n\n    if (returnBackUrl) {\n      res.searchParams.set('redirect_url', returnBackUrl.toString());\n    }\n    return res.toString();\n  } else {\n    const returnBackUrl = _returnBackUrl ? new URL(_returnBackUrl) : undefined;\n    const res = new URL(_targetUrl);\n\n    if (returnBackUrl) {\n      res.searchParams.set('redirect_url', returnBackUrl.toString());\n    }\n    return res.toString();\n  }\n};\n\nconst buildAccountsBaseUrl = (frontendApi: string | null) => {\n  if (!frontendApi) {\n    return '';\n  }\n\n  // convert url from FAPI to accounts for Kima and legacy (prod & dev) instances\n  const accountsBaseUrl = frontendApi;\n  return `https://${accountsBaseUrl}`;\n};\n\n/**\n * @internal\n */\ntype CreateRedirect = <ReturnType>(params: {\n  publishableKey: string;\n  redirectAdapter: RedirectAdapter<ReturnType>;\n  baseUrl: URL | string;\n  signInUrl?: URL | string;\n  signUpUrl?: URL | string;\n}) => {\n  redirectToSignIn: RedirectFun<ReturnType>;\n  redirectToSignUp: RedirectFun<ReturnType>;\n};\n\nexport const createRedirect: CreateRedirect = (params) => {\n  const { publishableKey, redirectAdapter, signInUrl, signUpUrl, baseUrl } =\n    params;\n  const frontendApi = parsePublishableKey(publishableKey);\n  const accountsBaseUrl = buildAccountsBaseUrl(frontendApi);\n\n  const redirectToSignUp = ({ returnBackUrl }: RedirectToParams = {}) => {\n    if (!signUpUrl && !accountsBaseUrl) {\n      throw new Error('Publish Key is not exist');\n    }\n    const accountsSignUpUrl = `${accountsBaseUrl}/sign-up`;\n    let redirect = null;\n\n    if (signUpUrl) {\n      redirect = redirectAdapter(buildUrl(baseUrl, signUpUrl));\n    } else {\n      redirect = redirectAdapter(\n        buildUrl(null, accountsSignUpUrl, returnBackUrl)\n      );\n    }\n    return redirect;\n  };\n\n  const redirectToSignIn = ({ returnBackUrl }: RedirectToParams = {}) => {\n    if (!signInUrl && !accountsBaseUrl) {\n      throw new Error('Publish Key is not exist');\n    }\n    const accountsSignInUrl = `${accountsBaseUrl}/sign-in`;\n\n    let redirect = null;\n    if (signInUrl) {\n      redirect = redirectAdapter(buildUrl(baseUrl, signInUrl));\n    } else {\n      redirect = redirectAdapter(\n        buildUrl(null, accountsSignInUrl, returnBackUrl)\n      );\n    }\n\n    return redirect;\n  };\n\n  return { redirectToSignUp, redirectToSignIn };\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,iBAAoC;AAMpC,MAAM,WAAW,CACf,UACA,YACA,mBACG;AACH,MAAI,CAAC,CAAC,UAAU;AACd,UAAM,UAAU,IAAI,IAAI,QAAQ;AAChC,UAAM,gBAAgB,iBAClB,IAAI,IAAI,gBAAgB,OAAO,IAC/B;AACJ,UAAM,MAAM,IAAI,IAAI,YAAY,OAAO;AAEvC,QAAI,eAAe;AACjB,UAAI,aAAa,IAAI,gBAAgB,cAAc,SAAS,CAAC;AAAA,IAC/D;AACA,WAAO,IAAI,SAAS;AAAA,EACtB,OAAO;AACL,UAAM,gBAAgB,iBAAiB,IAAI,IAAI,cAAc,IAAI;AACjE,UAAM,MAAM,IAAI,IAAI,UAAU;AAE9B,QAAI,eAAe;AACjB,UAAI,aAAa,IAAI,gBAAgB,cAAc,SAAS,CAAC;AAAA,IAC/D;AACA,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;AAEA,MAAM,uBAAuB,CAAC,gBAA+B;AAC3D,MAAI,CAAC,aAAa;AAChB,WAAO;AAAA,EACT;AAGA,QAAM,kBAAkB;AACxB,SAAO,WAAW,eAAe;AACnC;AAgBO,MAAM,iBAAiC,CAAC,WAAW;AACxD,QAAM,EAAE,gBAAgB,iBAAiB,WAAW,WAAW,QAAQ,IACrE;AACF,QAAM,kBAAc,gCAAoB,cAAc;AACtD,QAAM,kBAAkB,qBAAqB,WAAW;AAExD,QAAM,mBAAmB,CAAC,EAAE,cAAc,IAAsB,CAAC,MAAM;AACrE,QAAI,CAAC,aAAa,CAAC,iBAAiB;AAClC,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,UAAM,oBAAoB,GAAG,eAAe;AAC5C,QAAI,WAAW;AAEf,QAAI,WAAW;AACb,iBAAW,gBAAgB,SAAS,SAAS,SAAS,CAAC;AAAA,IACzD,OAAO;AACL,iBAAW;AAAA,QACT,SAAS,MAAM,mBAAmB,aAAa;AAAA,MACjD;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAEA,QAAM,mBAAmB,CAAC,EAAE,cAAc,IAAsB,CAAC,MAAM;AACrE,QAAI,CAAC,aAAa,CAAC,iBAAiB;AAClC,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,UAAM,oBAAoB,GAAG,eAAe;AAE5C,QAAI,WAAW;AACf,QAAI,WAAW;AACb,iBAAW,gBAAgB,SAAS,SAAS,SAAS,CAAC;AAAA,IACzD,OAAO;AACL,iBAAW;AAAA,QACT,SAAS,MAAM,mBAAmB,aAAa;AAAA,MACjD;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAEA,SAAO,EAAE,kBAAkB,iBAAiB;AAC9C;","names":[]}

package/dist/cjs/server/errors.js

@@ -0,0 +1,110 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var errors_exports = {};
+__export(errors_exports, {
+  authAuthHeaderMissing: () => authAuthHeaderMissing,
+  authSignatureInvalid: () => authSignatureInvalid,
+  clockSkewDetected: () => clockSkewDetected,
+  getAuthAuthHeaderMissing: () => getAuthAuthHeaderMissing,
+  infiniteRedirectLoopDetected: () => infiniteRedirectLoopDetected,
+  informAboutProtectedRouteInfo: () => informAboutProtectedRouteInfo,
+  missingDomainAndProxy: () => missingDomainAndProxy,
+  missingSignInUrlInDev: () => missingSignInUrlInDev,
+  receivedRequestForIgnoredRoute: () => receivedRequestForIgnoredRoute
+});
+module.exports = __toCommonJS(errors_exports);
+const missingDomainAndProxy = `
+Missing domain and proxyUrl. A satellite application needs to specify a domain or a proxyUrl.
+
+1) With middleware
+   e.g. export default clerkMiddleware({domain:'YOUR_DOMAIN',isSatellite:true}); // or the deprecated authMiddleware()
+2) With environment variables e.g.
+   NEXT_PUBLIC_CLERK_DOMAIN='YOUR_DOMAIN'
+   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'
+   `;
+const missingSignInUrlInDev = `
+Invalid signInUrl. A satellite application requires a signInUrl for development instances.
+Check if signInUrl is missing from your configuration or if it is not an absolute URL
+
+1) With middleware
+   e.g. export default clerkMiddleware({signInUrl:'SOME_URL', isSatellite:true}); // or the deprecated authMiddleware()
+2) With environment variables e.g.
+   NEXT_PUBLIC_CLERK_SIGN_IN_URL='SOME_URL'
+   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'`;
+const receivedRequestForIgnoredRoute = (url, matcher) => `Clerk: The middleware was skipped for this request URL: ${url}. For performance reasons, it's recommended to your middleware matcher to:
+export const config = {
+  matcher: ${matcher},
+};
+
+Alternatively, you can set your own ignoredRoutes. See https://clerk.com/docs/nextjs/middleware
+(This log only appears in development mode)
+`;
+const getAuthAuthHeaderMissing = () => authAuthHeaderMissing("getAuth");
+const authAuthHeaderMissing = (helperName = "auth") => `CabinID: ${helperName}() was called but CabinID can't detect usage of authMiddleware(). Please ensure the following:
+-  clerkMiddleware() authMiddleware is used in your Next.js Middleware.
+- Your Middleware matcher is configured to match this route or page.
+- If you are using the src directory, make sure the Middleware file is inside of it.
+`;
+const clockSkewDetected = (verifyMessage) => `Clerk: Clock skew detected. This usually means that your system clock is inaccurate. Clerk will continuously try to issue new tokens, as the existing ones will be treated as "expired" due to clock skew.
+
+To resolve this issue, make sure your system's clock is set to the correct time (e.g. turn off and on automatic time synchronization).
+
+---
+
+${verifyMessage}`;
+const infiniteRedirectLoopDetected = () => `Clerk: Infinite redirect loop detected. That usually means that we were not able to determine the auth state for this request. A list of common causes and solutions follows.
+
+Reason 1:
+Your Clerk instance keys are incorrect, or you recently changed keys (Publishable Key, Secret Key).
+How to resolve:
+-> Make sure you're using the correct keys from the Clerk Dashboard. If you changed keys recently, make sure to clear your browser application data and cookies.
+
+Reason 2:
+A bug that may have already been fixed in the latest version of Clerk NextJS package.
+How to resolve:
+-> Make sure you are using the latest version of '@clerk/nextjs' and 'next'.
+`;
+const informAboutProtectedRouteInfo = (path, hasPublicRoutes, hasIgnoredRoutes, isApiRoute, defaultIgnoredRoutes) => {
+  const infoText = isApiRoute ? `INFO: Clerk: The request to ${path} is being protected (401) because there is no signed-in user, and the path is included in \`apiRoutes\`. To prevent this behavior, choose one of:` : `INFO: Clerk: The request to ${path} is being redirected because there is no signed-in user, and the path is not included in \`ignoredRoutes\` or \`publicRoutes\`. To prevent this behavior, choose one of:`;
+  const apiRoutesText = isApiRoute ? `To prevent Clerk authentication from protecting (401) the api route, remove the rule matching "${path}" from the \`apiRoutes\` array passed to authMiddleware` : void 0;
+  const publicRoutesText = hasPublicRoutes ? `To make the route accessible to both signed in and signed out users, add "${path}" to the \`publicRoutes\` array passed to authMiddleware` : `To make the route accessible to both signed in and signed out users, pass \`publicRoutes: ["${path}"]\` to authMiddleware`;
+  const ignoredRoutes = [...defaultIgnoredRoutes, path].map((r) => `"${r}"`).join(", ");
+  const ignoredRoutesText = hasIgnoredRoutes ? `To prevent Clerk authentication from running at all, add "${path}" to the \`ignoredRoutes\` array passed to authMiddleware` : `To prevent Clerk authentication from running at all, pass \`ignoredRoutes: [${ignoredRoutes}]\` to authMiddleware`;
+  const afterAuthText = "Pass a custom `afterAuth` to authMiddleware, and replace Clerk's default behavior of redirecting unless a route is included in publicRoutes";
+  return `${infoText}
+
+${[apiRoutesText, publicRoutesText, ignoredRoutesText, afterAuthText].filter(Boolean).map((text, index) => `${index + 1}. ${text}`).join("\n")}
+
+For additional information about middleware, please visit https://clerk.com/docs/nextjs/middleware
+(This log only appears in development mode, or if \`debug: true\` is passed to authMiddleware)`;
+};
+const authSignatureInvalid = `Clerk: Unable to verify request, this usually means the Clerk middleware did not run. Ensure Clerk's middleware is properly integrated and matches the current route. For more information, see: https://clerk.com/docs/nextjs/middleware. (code=auth_signature_invalid)`;
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  authAuthHeaderMissing,
+  authSignatureInvalid,
+  clockSkewDetected,
+  getAuthAuthHeaderMissing,
+  infiniteRedirectLoopDetected,
+  informAboutProtectedRouteInfo,
+  missingDomainAndProxy,
+  missingSignInUrlInDev,
+  receivedRequestForIgnoredRoute
+});
+//# sourceMappingURL=errors.js.map

package/dist/cjs/server/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/errors.ts"],"sourcesContent":["export const missingDomainAndProxy = `\nMissing domain and proxyUrl. A satellite application needs to specify a domain or a proxyUrl.\n\n1) With middleware\n   e.g. export default clerkMiddleware({domain:'YOUR_DOMAIN',isSatellite:true}); // or the deprecated authMiddleware()\n2) With environment variables e.g.\n   NEXT_PUBLIC_CLERK_DOMAIN='YOUR_DOMAIN'\n   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'\n   `;\n\nexport const missingSignInUrlInDev = `\nInvalid signInUrl. A satellite application requires a signInUrl for development instances.\nCheck if signInUrl is missing from your configuration or if it is not an absolute URL\n\n1) With middleware\n   e.g. export default clerkMiddleware({signInUrl:'SOME_URL', isSatellite:true}); // or the deprecated authMiddleware()\n2) With environment variables e.g.\n   NEXT_PUBLIC_CLERK_SIGN_IN_URL='SOME_URL'\n   NEXT_PUBLIC_CLERK_IS_SATELLITE='true'`;\n\nexport const receivedRequestForIgnoredRoute = (url: string, matcher: string) =>\n  `Clerk: The middleware was skipped for this request URL: ${url}. For performance reasons, it's recommended to your middleware matcher to:\nexport const config = {\n  matcher: ${matcher},\n};\n\nAlternatively, you can set your own ignoredRoutes. See https://clerk.com/docs/nextjs/middleware\n(This log only appears in development mode)\n`;\n\nexport const getAuthAuthHeaderMissing = () => authAuthHeaderMissing('getAuth');\n\nexport const authAuthHeaderMissing = (helperName = 'auth') =>\n  `CabinID: ${helperName}() was called but CabinID can't detect usage of authMiddleware(). Please ensure the following:\n-  clerkMiddleware() authMiddleware is used in your Next.js Middleware.\n- Your Middleware matcher is configured to match this route or page.\n- If you are using the src directory, make sure the Middleware file is inside of it.\n`;\n\nexport const clockSkewDetected = (verifyMessage: string) =>\n  `Clerk: Clock skew detected. This usually means that your system clock is inaccurate. Clerk will continuously try to issue new tokens, as the existing ones will be treated as \"expired\" due to clock skew.\n\nTo resolve this issue, make sure your system's clock is set to the correct time (e.g. turn off and on automatic time synchronization).\n\n---\n\n${verifyMessage}`;\n\nexport const infiniteRedirectLoopDetected = () =>\n  `Clerk: Infinite redirect loop detected. That usually means that we were not able to determine the auth state for this request. A list of common causes and solutions follows.\n\nReason 1:\nYour Clerk instance keys are incorrect, or you recently changed keys (Publishable Key, Secret Key).\nHow to resolve:\n-> Make sure you're using the correct keys from the Clerk Dashboard. If you changed keys recently, make sure to clear your browser application data and cookies.\n\nReason 2:\nA bug that may have already been fixed in the latest version of Clerk NextJS package.\nHow to resolve:\n-> Make sure you are using the latest version of '@clerk/nextjs' and 'next'.\n`;\n\nexport const informAboutProtectedRouteInfo = (\n  path: string,\n  hasPublicRoutes: boolean,\n  hasIgnoredRoutes: boolean,\n  isApiRoute: boolean,\n  defaultIgnoredRoutes: string[]\n) => {\n  const infoText = isApiRoute\n    ? `INFO: Clerk: The request to ${path} is being protected (401) because there is no signed-in user, and the path is included in \\`apiRoutes\\`. To prevent this behavior, choose one of:`\n    : `INFO: Clerk: The request to ${path} is being redirected because there is no signed-in user, and the path is not included in \\`ignoredRoutes\\` or \\`publicRoutes\\`. To prevent this behavior, choose one of:`;\n  const apiRoutesText = isApiRoute\n    ? `To prevent Clerk authentication from protecting (401) the api route, remove the rule matching \"${path}\" from the \\`apiRoutes\\` array passed to authMiddleware`\n    : undefined;\n  const publicRoutesText = hasPublicRoutes\n    ? `To make the route accessible to both signed in and signed out users, add \"${path}\" to the \\`publicRoutes\\` array passed to authMiddleware`\n    : `To make the route accessible to both signed in and signed out users, pass \\`publicRoutes: [\"${path}\"]\\` to authMiddleware`;\n  const ignoredRoutes = [...defaultIgnoredRoutes, path]\n    .map((r) => `\"${r}\"`)\n    .join(', ');\n  const ignoredRoutesText = hasIgnoredRoutes\n    ? `To prevent Clerk authentication from running at all, add \"${path}\" to the \\`ignoredRoutes\\` array passed to authMiddleware`\n    : `To prevent Clerk authentication from running at all, pass \\`ignoredRoutes: [${ignoredRoutes}]\\` to authMiddleware`;\n  const afterAuthText =\n    \"Pass a custom `afterAuth` to authMiddleware, and replace Clerk's default behavior of redirecting unless a route is included in publicRoutes\";\n\n  return `${infoText}\n\n${[apiRoutesText, publicRoutesText, ignoredRoutesText, afterAuthText]\n  .filter(Boolean)\n  .map((text, index) => `${index + 1}. ${text}`)\n  .join('\\n')}\n\nFor additional information about middleware, please visit https://clerk.com/docs/nextjs/middleware\n(This log only appears in development mode, or if \\`debug: true\\` is passed to authMiddleware)`;\n};\n\nexport const authSignatureInvalid = `Clerk: Unable to verify request, this usually means the Clerk middleware did not run. Ensure Clerk's middleware is properly integrated and matches the current route. For more information, see: https://clerk.com/docs/nextjs/middleware. (code=auth_signature_invalid)`;\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,MAAM,wBAAwB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAU9B,MAAM,wBAAwB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAU9B,MAAM,iCAAiC,CAAC,KAAa,YAC1D,2DAA2D,GAAG;AAAA;AAAA,aAEnD,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAOb,MAAM,2BAA2B,MAAM,sBAAsB,SAAS;AAEtE,MAAM,wBAAwB,CAAC,aAAa,WACjD,YAAY,UAAU;AAAA;AAAA;AAAA;AAAA;AAMjB,MAAM,oBAAoB,CAAC,kBAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,aAAa;AAER,MAAM,+BAA+B,MAC1C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAaK,MAAM,gCAAgC,CAC3C,MACA,iBACA,kBACA,YACA,yBACG;AACH,QAAM,WAAW,aACb,+BAA+B,IAAI,sJACnC,+BAA+B,IAAI;AACvC,QAAM,gBAAgB,aAClB,kGAAkG,IAAI,4DACtG;AACJ,QAAM,mBAAmB,kBACrB,6EAA6E,IAAI,6DACjF,+FAA+F,IAAI;AACvG,QAAM,gBAAgB,CAAC,GAAG,sBAAsB,IAAI,EACjD,IAAI,CAAC,MAAM,IAAI,CAAC,GAAG,EACnB,KAAK,IAAI;AACZ,QAAM,oBAAoB,mBACtB,6DAA6D,IAAI,8DACjE,+EAA+E,aAAa;AAChG,QAAM,gBACJ;AAEF,SAAO,GAAG,QAAQ;AAAA;AAAA,EAElB,CAAC,eAAe,kBAAkB,mBAAmB,aAAa,EACjE,OAAO,OAAO,EACd,IAAI,CAAC,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,IAAI,EAAE,EAC5C,KAAK,IAAI,CAAC;AAAA;AAAA;AAAA;AAIb;AAEO,MAAM,uBAAuB;","names":[]}

package/dist/cjs/server/getCurrentUser.js

@@ -0,0 +1,36 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var getCurrentUser_exports = {};
+__export(getCurrentUser_exports, {
+  currentUser: () => currentUser
+});
+module.exports = __toCommonJS(getCurrentUser_exports);
+var import_auth = require("./auth");
+var import_http = require("../utils/http");
+async function currentUser() {
+  const { userId } = (0, import_auth.auth)();
+  if (!userId)
+    return null;
+  return import_http.client.users.getUser(userId);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  currentUser
+});
+//# sourceMappingURL=getCurrentUser.js.map

package/dist/cjs/server/getCurrentUser.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/getCurrentUser.ts"],"sourcesContent":["import { User } from '../types';\nimport { auth } from './auth';\nimport { client } from '../utils/http';\n\nexport async function currentUser(): Promise<User | null> {\n  const { userId } = auth();\n  if (!userId) return null;\n  return client.users.getUser(userId);\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,kBAAqB;AACrB,kBAAuB;AAEvB,eAAsB,cAAoC;AACxD,QAAM,EAAE,OAAO,QAAI,kBAAK;AACxB,MAAI,CAAC;AAAQ,WAAO;AACpB,SAAO,mBAAO,MAAM,QAAQ,MAAM;AACpC;","names":[]}

package/dist/cjs/server/index.js

@@ -0,0 +1,32 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var server_exports = {};
+__export(server_exports, {
+  auth: () => import_auth.auth,
+  createRouteMatcher: () => import_routeMatcher.createRouteMatcher
+});
+module.exports = __toCommonJS(server_exports);
+var import_auth = require("./auth");
+var import_routeMatcher = require("./routeMatcher");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  auth,
+  createRouteMatcher
+});
+//# sourceMappingURL=index.js.map

package/dist/cjs/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/index.ts"],"sourcesContent":["export { auth } from './auth';\nexport { createRouteMatcher } from './routeMatcher';\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,kBAAqB;AACrB,0BAAmC;","names":[]}

package/dist/cjs/server/middleware.js

@@ -0,0 +1,193 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var middleware_exports = {};
+__export(middleware_exports, {
+  authMiddleware: () => authMiddleware
+});
+module.exports = __toCommonJS(middleware_exports);
+var import_server = require("next/server");
+var import_constants = require("../constants");
+var import_utils = require("./utils");
+var import_client = require("./client");
+var import_cabinIdRequest = require("../tokens/cabinIdRequest");
+var import_protect = require("./protect");
+var import_createRedirect = require("./createRedirect");
+var import_response = require("../utils/response");
+var import_serverRedirectWithAuth = require("./serverRedirectWithAuth");
+const CONTROL_FLOW_ERROR = {
+  FORCE_NOT_FOUND: "CABIN_ID_PROTECT_REWRITE",
+  REDIRECT_TO_URL: "CABIN_ID_PROTECT_REDIRECT_TO_URL",
+  REDIRECT_TO_SIGN_IN: "CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN"
+};
+const setCookieWithDefaults = (response, name, value, options = {}) => {
+  response.cookies.set(name, value, {
+    maxAge: options.maxAge || 60 * 60 * 24 * 30,
+    // 30 days mặc định
+    sameSite: "lax",
+    secure: true
+  });
+};
+const parseRequestAndEvent = (args) => {
+  return [
+    args[0] instanceof Request ? args[0] : void 0,
+    args[0] instanceof Request ? args[1] : void 0
+  ];
+};
+const parseHandlerAndOptions = (args) => {
+  return [
+    typeof args[0] === "function" ? args[0] : void 0,
+    (args.length === 2 ? args[1] : typeof args[0] === "function" ? {} : args[0]) || {}
+  ];
+};
+const authMiddleware = (...args) => {
+  const [request, event] = parseRequestAndEvent(args);
+  const [handler, params] = parseHandlerAndOptions(args);
+  const publishableKey = (0, import_utils.assertKey)(
+    params.publishableKey || import_constants.PUBLISHABLE_KEY,
+    () => {
+      throw new Error("Publish Key is not exist");
+    }
+  );
+  const secretKey = (0, import_utils.assertKey)(params.secretKey || import_constants.SECRET_KEY, () => {
+    throw new Error("Secret Key is not valid");
+  });
+  const signInUrl = params.signInUrl || import_constants.SIGN_IN_URL;
+  const signUpUrl = params.signUpUrl || import_constants.SIGN_UP_URL;
+  const options = {
+    ...params,
+    publishableKey,
+    secretKey,
+    signInUrl,
+    signUpUrl
+  };
+  const nextMiddleware = async (_request, _event) => {
+    const accessToken = _request.nextUrl.searchParams.get(
+      import_constants.constants.QueryParams.Token
+    );
+    const userId = _request.nextUrl.searchParams.get(
+      import_constants.constants.QueryParams.UserId
+    );
+    if (accessToken && userId) {
+      const url = _request.nextUrl;
+      const path = url.pathname;
+      const response = import_server.NextResponse.redirect(
+        new URL(path || "/", _request.url)
+      );
+      setCookieWithDefaults(response, import_constants.constants.Cookies.Client, accessToken);
+      setCookieWithDefaults(response, import_constants.constants.Cookies.User, userId);
+      return response;
+    }
+    const cabinIdRequest = (0, import_cabinIdRequest.createCabinIdRequest)(_request);
+    const requestState = await import_client.cabinIdClient.authenticateRequest(
+      cabinIdRequest,
+      options
+    );
+    const authObject = requestState.toAuth();
+    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);
+    const protect = createMiddlewareProtect(
+      cabinIdRequest,
+      authObject,
+      redirectToSignIn
+    );
+    const authObjWithMethods = Object.assign(
+      authObject,
+      { protect, redirectToSignIn }
+    );
+    let handlerResult = import_server.NextResponse.next();
+    try {
+      handlerResult = await (handler == null ? void 0 : handler(() => authObjWithMethods, _request, _event)) || handlerResult;
+    } catch (e) {
+      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);
+    }
+    if ((0, import_response.isRedirect)(handlerResult)) {
+      return (0, import_serverRedirectWithAuth.serverRedirectWithAuth)(cabinIdRequest, handlerResult);
+    }
+    (0, import_utils.decorateRequest)(
+      cabinIdRequest,
+      handlerResult,
+      requestState,
+      options.secretKey
+    );
+    if (requestState.headers) {
+      requestState.headers.forEach((value, key) => {
+        handlerResult.headers.append(key, value);
+      });
+    }
+    return handlerResult;
+  };
+  if (request && event) {
+    return nextMiddleware(request, event);
+  }
+  return nextMiddleware;
+};
+const createMiddlewareRedirectToSignIn = (cabinIdRequest) => {
+  return (opts = {}) => {
+    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN);
+    err.returnBackUrl = opts.returnBackUrl === null ? "" : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();
+    throw err;
+  };
+};
+const createMiddlewareProtect = (cabinIdRequest, authObject, redirectToSignIn) => {
+  return (_, options) => {
+    const notFound = () => {
+      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND);
+    };
+    const redirect = (url) => {
+      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL);
+      err.redirectUrl = url;
+      throw err;
+    };
+    return (0, import_protect.createProtect)({
+      request: cabinIdRequest,
+      redirect,
+      notFound,
+      authObject,
+      redirectToSignIn
+    })(options);
+  };
+};
+const handleControlFlowErrors = (e, cabinIdRequest, requestState) => {
+  switch (e.message) {
+    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:
+      return (0, import_response.setHeader)(
+        import_server.NextResponse.rewrite(
+          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`
+        ),
+        import_constants.constants.Headers.AuthReason,
+        "protect-rewrite"
+      );
+    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:
+      return (0, import_utils.redirectAdapter)(e.redirectUrl);
+    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:
+      return (0, import_createRedirect.createRedirect)({
+        redirectAdapter: import_utils.redirectAdapter,
+        baseUrl: cabinIdRequest.cabinIdUrl,
+        signInUrl: requestState.signInUrl,
+        signUpUrl: requestState.signUpUrl,
+        publishableKey: requestState.publishableKey
+      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });
+    default:
+      throw e;
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  authMiddleware
+});
+//# sourceMappingURL=middleware.js.map

package/dist/cjs/server/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextMiddleware, NextResponse } from \"next/server\";\nimport {\n  constants,\n  PUBLISHABLE_KEY,\n  SECRET_KEY,\n  SIGN_IN_URL,\n  SIGN_UP_URL,\n} from \"../constants\";\nimport { assertKey, decorateRequest, redirectAdapter } from \"./utils\";\nimport {\n  NextMiddlewareEvtParam,\n  NextMiddlewareRequestParam,\n  NextMiddlewareReturn,\n} from \"./type\";\nimport { cabinIdClient } from \"./client\";\nimport { CabinIdRequest, createCabinIdRequest } from \"../tokens/cabinIdRequest\";\nimport { AuthProtect, createProtect } from \"./protect\";\nimport { createRedirect, RedirectFun } from \"./createRedirect\";\nimport { isRedirect, setHeader } from \"../utils/response\";\nimport { RequestState } from \"../tokens/authStatus\";\nimport { AuthObject } from \"../tokens/authObjects\";\nimport { serverRedirectWithAuth } from \"./serverRedirectWithAuth\";\nimport { AuthenticateRequestOptions } from \"../api/factory\";\n\nconst CONTROL_FLOW_ERROR = {\n  FORCE_NOT_FOUND: \"CABIN_ID_PROTECT_REWRITE\",\n  REDIRECT_TO_URL: \"CABIN_ID_PROTECT_REDIRECT_TO_URL\",\n  REDIRECT_TO_SIGN_IN: \"CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN\",\n};\n\nexport type CabinIdMiddlewareAuthObject = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<Response>;\n};\n\nexport type CabinIdMiddlewareAuth = () => CabinIdMiddlewareAuthObject;\n\nexport interface AuthMiddleware {\n  /**\n   * @example\n   * export default clerkMiddleware((auth, request, event) => { ... }, options);\n   */\n  (\n    handler: CabinIdMiddlewareHandler,\n    options?: CabinIdMiddlewareOptions\n  ): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware(options);\n   */\n  (options?: CabinIdMiddlewareOptions): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware;\n   */\n  (\n    request: NextMiddlewareRequestParam,\n    event: NextMiddlewareEvtParam\n  ): NextMiddlewareReturn;\n}\n\ntype CabinIdMiddlewareHandler = (\n  auth: CabinIdMiddlewareAuth,\n  request: NextMiddlewareRequestParam,\n  event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type CabinIdMiddlewareOptions = AuthenticateRequestOptions;\n\n// Hàm tiện ích để thiết lập cookie với cấu hình mặc định\nconst setCookieWithDefaults = (\n  response: NextResponse,\n  name: string,\n  value: string,\n  options: { maxAge?: number } = {}\n) => {\n  response.cookies.set(name, value, {\n    maxAge: options.maxAge || 60 * 60 * 24 * 30, // 30 days mặc định\n    sameSite: \"lax\",\n    secure: true,\n  });\n};\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n  return [\n    args[0] instanceof Request ? args[0] : undefined,\n    args[0] instanceof Request ? args[1] : undefined,\n  ] as [\n    NextMiddlewareRequestParam | undefined,\n    NextMiddlewareEvtParam | undefined,\n  ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n  return [\n    typeof args[0] === \"function\" ? args[0] : undefined,\n    (args.length === 2\n      ? args[1]\n      : typeof args[0] === \"function\"\n      ? {}\n      : args[0]) || {},\n  ] as [CabinIdMiddlewareHandler | undefined, CabinIdMiddlewareOptions];\n};\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]): any => {\n  const [request, event] = parseRequestAndEvent(args);\n  const [handler, params] = parseHandlerAndOptions(args);\n\n  const publishableKey = assertKey(\n    params.publishableKey || PUBLISHABLE_KEY,\n    () => {\n      throw new Error(\"Publish Key is not exist\");\n    }\n  );\n  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n    throw new Error(\"Secret Key is not valid\");\n  });\n\n  const signInUrl = params.signInUrl || SIGN_IN_URL;\n  const signUpUrl = params.signUpUrl || SIGN_UP_URL;\n\n  const options = {\n    ...params,\n    publishableKey,\n    secretKey,\n    signInUrl,\n    signUpUrl,\n  };\n\n  const nextMiddleware: NextMiddleware = async (_request, _event) => {\n    const accessToken = _request.nextUrl.searchParams.get(\n      constants.QueryParams.Token\n    );\n    const userId = _request.nextUrl.searchParams.get(\n      constants.QueryParams.UserId\n    );\n\n    if (accessToken && userId) {\n      const url = _request.nextUrl;\n      const path = url.pathname;\n      const response = NextResponse.redirect(\n        new URL(path || \"/\", _request.url)\n      );\n      \n      // Sử dụng hàm tiện ích để thiết lập cookie với sameSite=\"lax\" và secure=true\n      setCookieWithDefaults(response, constants.Cookies.Client, accessToken);\n      setCookieWithDefaults(response, constants.Cookies.User, userId);\n\n      return response;\n    }\n\n    const cabinIdRequest = createCabinIdRequest(_request);\n\n    const requestState = await cabinIdClient.authenticateRequest(\n      cabinIdRequest,\n      options\n    );\n\n    const authObject = requestState.toAuth();\n\n    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);\n\n    const protect = createMiddlewareProtect(\n      cabinIdRequest,\n      authObject,\n      redirectToSignIn\n    );\n\n    const authObjWithMethods: CabinIdMiddlewareAuthObject = Object.assign(\n      authObject,\n      { protect, redirectToSignIn }\n    );\n\n    let handlerResult: Response = NextResponse.next();\n\n    try {\n      handlerResult =\n        (await handler?.(() => authObjWithMethods, _request, _event)) ||\n        handlerResult;\n    } catch (e: any) {\n      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);\n    }\n\n    if (isRedirect(handlerResult)) {\n      return serverRedirectWithAuth(cabinIdRequest, handlerResult);\n    }\n\n    decorateRequest(\n      cabinIdRequest,\n      handlerResult,\n      requestState,\n      options.secretKey\n    );\n\n    if (requestState.headers) {\n      requestState.headers.forEach((value, key) => {\n        handlerResult.headers.append(key, value);\n      });\n    }\n\n    return handlerResult;\n  };\n\n  if (request && event) {\n    return nextMiddleware(request, event);\n  }\n\n  return nextMiddleware;\n};\n\nexport { authMiddleware };\n\nconst createMiddlewareRedirectToSignIn = (\n  cabinIdRequest: CabinIdRequest\n): CabinIdMiddlewareAuthObject[\"redirectToSignIn\"] => {\n  return (opts = {}) => {\n    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN) as any;\n    err.returnBackUrl =\n      opts.returnBackUrl === null\n        ? \"\"\n        : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();\n    throw err;\n  };\n};\n\nconst createMiddlewareProtect = (\n  cabinIdRequest: CabinIdRequest,\n  authObject: AuthObject,\n  redirectToSignIn: RedirectFun<Response>\n): CabinIdMiddlewareAuthObject[\"protect\"] => {\n  return ((_: any, options: any) => {\n    const notFound = () => {\n      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND) as any;\n    };\n\n    const redirect = (url: string) => {\n      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL) as any;\n      err.redirectUrl = url;\n      throw err;\n    };\n\n    return createProtect({\n      request: cabinIdRequest,\n      redirect,\n      notFound,\n      authObject,\n      redirectToSignIn,\n    })(options);\n  }) as AuthProtect;\n};\n\nconst handleControlFlowErrors = (\n  e: any,\n  cabinIdRequest: CabinIdRequest,\n  requestState: RequestState\n): Response => {\n  switch (e.message) {\n    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:\n      return setHeader(\n        NextResponse.rewrite(\n          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`\n        ),\n        constants.Headers.AuthReason,\n        \"protect-rewrite\"\n      );\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:\n      return redirectAdapter(e.redirectUrl);\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:\n      return createRedirect({\n        redirectAdapter,\n        baseUrl: cabinIdRequest.cabinIdUrl,\n        signInUrl: requestState.signInUrl,\n        signUpUrl: requestState.signUpUrl,\n        publishableKey: requestState.publishableKey,\n      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });\n    default:\n      throw e;\n  }\n};"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA6C;AAC7C,uBAMO;AACP,mBAA4D;AAM5D,oBAA8B;AAC9B,4BAAqD;AACrD,qBAA2C;AAC3C,4BAA4C;AAC5C,sBAAsC;AAGtC,oCAAuC;AAGvC,MAAM,qBAAqB;AAAA,EACzB,iBAAiB;AAAA,EACjB,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AA0CA,MAAM,wBAAwB,CAC5B,UACA,MACA,OACA,UAA+B,CAAC,MAC7B;AACH,WAAS,QAAQ,IAAI,MAAM,OAAO;AAAA,IAChC,QAAQ,QAAQ,UAAU,KAAK,KAAK,KAAK;AAAA;AAAA,IACzC,UAAU;AAAA,IACV,QAAQ;AAAA,EACV,CAAC;AACH;AAEA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACnB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACnB;AACF;AAEA,MAAM,iBAAiC,IAAI,SAAyB;AAClE,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,qBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,gBAAY,wBAAU,OAAO,aAAa,6BAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiC,OAAO,UAAU,WAAW;AACjE,UAAM,cAAc,SAAS,QAAQ,aAAa;AAAA,MAChD,2BAAU,YAAY;AAAA,IACxB;AACA,UAAM,SAAS,SAAS,QAAQ,aAAa;AAAA,MAC3C,2BAAU,YAAY;AAAA,IACxB;AAEA,QAAI,eAAe,QAAQ;AACzB,YAAM,MAAM,SAAS;AACrB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,2BAAa;AAAA,QAC5B,IAAI,IAAI,QAAQ,KAAK,SAAS,GAAG;AAAA,MACnC;AAGA,4BAAsB,UAAU,2BAAU,QAAQ,QAAQ,WAAW;AACrE,4BAAsB,UAAU,2BAAU,QAAQ,MAAM,MAAM;AAE9D,aAAO;AAAA,IACT;AAEA,UAAM,qBAAiB,4CAAqB,QAAQ;AAEpD,UAAM,eAAe,MAAM,4BAAc;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAEA,UAAM,aAAa,aAAa,OAAO;AAEvC,UAAM,mBAAmB,iCAAiC,cAAc;AAExE,UAAM,UAAU;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,UAAM,qBAAkD,OAAO;AAAA,MAC7D;AAAA,MACA,EAAE,SAAS,iBAAiB;AAAA,IAC9B;AAEA,QAAI,gBAA0B,2BAAa,KAAK;AAEhD,QAAI;AACF,sBACG,OAAM,mCAAU,MAAM,oBAAoB,UAAU,YACrD;AAAA,IACJ,SAAS,GAAQ;AACf,sBAAgB,wBAAwB,GAAG,gBAAgB,YAAY;AAAA,IACzE;AAEA,YAAI,4BAAW,aAAa,GAAG;AAC7B,iBAAO,sDAAuB,gBAAgB,aAAa;AAAA,IAC7D;AAEA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACV;AAEA,QAAI,aAAa,SAAS;AACxB,mBAAa,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC3C,sBAAc,QAAQ,OAAO,KAAK,KAAK;AAAA,MACzC,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAEA,MAAI,WAAW,OAAO;AACpB,WAAO,eAAe,SAAS,KAAK;AAAA,EACtC;AAEA,SAAO;AACT;AAIA,MAAM,mCAAmC,CACvC,mBACoD;AACpD,SAAO,CAAC,OAAO,CAAC,MAAM;AACpB,UAAM,MAAM,IAAI,MAAM,mBAAmB,mBAAmB;AAC5D,QAAI,gBACF,KAAK,kBAAkB,OACnB,KACA,KAAK,iBAAiB,eAAe,WAAW,SAAS;AAC/D,UAAM;AAAA,EACR;AACF;AAEA,MAAM,0BAA0B,CAC9B,gBACA,YACA,qBAC2C;AAC3C,SAAQ,CAAC,GAAQ,YAAiB;AAChC,UAAM,WAAW,MAAM;AACrB,YAAM,IAAI,MAAM,mBAAmB,eAAe;AAAA,IACpD;AAEA,UAAM,WAAW,CAAC,QAAgB;AAChC,YAAM,MAAM,IAAI,MAAM,mBAAmB,eAAe;AACxD,UAAI,cAAc;AAClB,YAAM;AAAA,IACR;AAEA,eAAO,8BAAc;AAAA,MACnB,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC,EAAE,OAAO;AAAA,EACZ;AACF;AAEA,MAAM,0BAA0B,CAC9B,GACA,gBACA,iBACa;AACb,UAAQ,EAAE,SAAS;AAAA,IACjB,KAAK,mBAAmB;AACtB,iBAAO;AAAA,QACL,2BAAa;AAAA,UACX,GAAG,eAAe,WAAW,MAAM,UAAU,KAAK,IAAI,CAAC;AAAA,QACzD;AAAA,QACA,2BAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,KAAK,mBAAmB;AACtB,iBAAO,8BAAgB,EAAE,WAAW;AAAA,IACtC,KAAK,mBAAmB;AACtB,iBAAO,sCAAe;AAAA,QACpB;AAAA,QACA,SAAS,eAAe;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,gBAAgB,aAAa;AAAA,MAC/B,CAAC,EAAE,iBAAiB,EAAE,eAAe,EAAE,cAAc,CAAC;AAAA,IACxD;AACE,YAAM;AAAA,EACV;AACF;","names":[]}