@clerk/shared 4.0.0-snapshot.v20251215212157 → 4.0.0-snapshot.v20251217162523

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. package/dist/runtime/alternativePhoneCode.d.mts +1 -1
  2. package/dist/runtime/alternativePhoneCode.d.ts +1 -1
  3. package/dist/runtime/{authorization-R5uuaK2u.js → authorization-BE2IYdvb.js} +31 -31
  4. package/dist/runtime/{authorization-R5uuaK2u.js.map → authorization-BE2IYdvb.js.map} +1 -1
  5. package/dist/runtime/{authorization-BpjgWZx-.mjs → authorization-CB5SAg8q.mjs} +31 -31
  6. package/dist/runtime/{authorization-BpjgWZx-.mjs.map → authorization-CB5SAg8q.mjs.map} +1 -1
  7. package/dist/runtime/authorization-errors.d.mts +1 -1
  8. package/dist/runtime/authorization-errors.d.ts +1 -1
  9. package/dist/runtime/authorization.d.mts +1 -1
  10. package/dist/runtime/authorization.d.ts +1 -1
  11. package/dist/runtime/authorization.js +1 -1
  12. package/dist/runtime/authorization.mjs +1 -1
  13. package/dist/runtime/clerkEventBus.d.mts +1 -1
  14. package/dist/runtime/clerkEventBus.d.ts +1 -1
  15. package/dist/runtime/color.d.mts +1 -1
  16. package/dist/runtime/color.d.ts +1 -1
  17. package/dist/runtime/color.d.ts.map +1 -1
  18. package/dist/runtime/deriveState.d.mts +1 -1
  19. package/dist/runtime/deriveState.d.ts +1 -1
  20. package/dist/runtime/{error-FQfTKcEF.d.ts → error-D_08BTAz.d.ts} +2 -2
  21. package/dist/runtime/{error-FQfTKcEF.d.ts.map → error-D_08BTAz.d.ts.map} +1 -1
  22. package/dist/runtime/{error-Btp0PBNP.d.mts → error-PZOXmiMQ.d.mts} +2 -2
  23. package/dist/runtime/{error-Btp0PBNP.d.mts.map → error-PZOXmiMQ.d.mts.map} +1 -1
  24. package/dist/runtime/error.d.mts +2 -2
  25. package/dist/runtime/error.d.ts +2 -2
  26. package/dist/runtime/globs.d.ts.map +1 -1
  27. package/dist/runtime/{index-6lIp5q8s.d.mts → index-Bb1t7kYz.d.mts} +10 -58
  28. package/dist/runtime/{index-6lIp5q8s.d.mts.map → index-Bb1t7kYz.d.mts.map} +1 -1
  29. package/dist/runtime/{index-TCL_gZUn.d.ts → index-C32ntfvR.d.ts} +10 -58
  30. package/dist/runtime/index-C32ntfvR.d.ts.map +1 -0
  31. package/dist/runtime/internal/clerk-js/completeSignUpFlow.d.mts +1 -1
  32. package/dist/runtime/internal/clerk-js/completeSignUpFlow.d.ts +1 -1
  33. package/dist/runtime/internal/clerk-js/componentGuards.d.mts +1 -1
  34. package/dist/runtime/internal/clerk-js/componentGuards.d.ts +1 -1
  35. package/dist/runtime/internal/clerk-js/injectedWeb3Providers.d.mts +1 -1
  36. package/dist/runtime/internal/clerk-js/injectedWeb3Providers.d.ts +1 -1
  37. package/dist/runtime/internal/clerk-js/passkeys.d.mts +2 -2
  38. package/dist/runtime/internal/clerk-js/passkeys.d.ts +2 -2
  39. package/dist/runtime/internal/clerk-js/passwords/complexity.d.mts +1 -1
  40. package/dist/runtime/internal/clerk-js/passwords/complexity.d.ts +1 -1
  41. package/dist/runtime/internal/clerk-js/passwords/loadZxcvbn.d.mts +1 -1
  42. package/dist/runtime/internal/clerk-js/passwords/loadZxcvbn.d.ts +1 -1
  43. package/dist/runtime/internal/clerk-js/passwords/password.d.mts +1 -1
  44. package/dist/runtime/internal/clerk-js/passwords/password.d.ts +1 -1
  45. package/dist/runtime/internal/clerk-js/passwords/strength.d.mts +1 -1
  46. package/dist/runtime/internal/clerk-js/passwords/strength.d.ts +1 -1
  47. package/dist/runtime/internal/clerk-js/queryParams.d.mts +2 -2
  48. package/dist/runtime/internal/clerk-js/queryParams.d.ts +2 -2
  49. package/dist/runtime/internal/clerk-js/redirectUrls.d.mts +1 -1
  50. package/dist/runtime/internal/clerk-js/redirectUrls.d.ts +1 -1
  51. package/dist/runtime/internal/clerk-js/sessionTasks.d.mts +2 -2
  52. package/dist/runtime/internal/clerk-js/sessionTasks.d.ts +2 -2
  53. package/dist/runtime/internal/clerk-js/url.d.mts +2 -2
  54. package/dist/runtime/internal/clerk-js/url.d.ts +2 -2
  55. package/dist/runtime/internal/clerk-js/user.d.mts +1 -1
  56. package/dist/runtime/internal/clerk-js/user.d.ts +1 -1
  57. package/dist/runtime/internal/clerk-js/web3.d.mts +1 -1
  58. package/dist/runtime/internal/clerk-js/web3.d.ts +1 -1
  59. package/dist/runtime/jwtPayloadParser.d.mts +1 -1
  60. package/dist/runtime/jwtPayloadParser.d.ts +1 -1
  61. package/dist/runtime/jwtPayloadParser.js +1 -1
  62. package/dist/runtime/jwtPayloadParser.mjs +1 -1
  63. package/dist/runtime/keys.d.mts +1 -1
  64. package/dist/runtime/keys.d.ts +1 -1
  65. package/dist/runtime/loadClerkJsScript.d.mts +1 -1
  66. package/dist/runtime/loadClerkJsScript.d.ts +1 -1
  67. package/dist/runtime/loadClerkJsScript.js +2 -2
  68. package/dist/runtime/loadClerkJsScript.mjs +2 -2
  69. package/dist/runtime/oauth.d.mts +1 -1
  70. package/dist/runtime/oauth.d.ts +1 -1
  71. package/dist/runtime/organization.d.mts +1 -1
  72. package/dist/runtime/organization.d.ts +1 -1
  73. package/dist/runtime/pathMatcher.d.mts +1 -1
  74. package/dist/runtime/pathMatcher.d.ts +1 -1
  75. package/dist/runtime/poller.d.mts.map +1 -1
  76. package/dist/runtime/poller.d.ts.map +1 -1
  77. package/dist/runtime/react/index.d.mts +3 -48
  78. package/dist/runtime/react/index.d.mts.map +1 -1
  79. package/dist/runtime/react/index.d.ts +3 -48
  80. package/dist/runtime/react/index.d.ts.map +1 -1
  81. package/dist/runtime/react/index.js +1 -46
  82. package/dist/runtime/react/index.js.map +1 -1
  83. package/dist/runtime/react/index.mjs +2 -45
  84. package/dist/runtime/react/index.mjs.map +1 -1
  85. package/dist/runtime/router.d.mts +1 -1
  86. package/dist/runtime/router.d.ts +1 -1
  87. package/dist/runtime/router.d.ts.map +1 -1
  88. package/dist/runtime/saml.d.mts +1 -1
  89. package/dist/runtime/saml.d.ts +1 -1
  90. package/dist/runtime/telemetry.d.mts +1 -1
  91. package/dist/runtime/telemetry.d.ts +1 -1
  92. package/dist/runtime/types/index.d.mts +1 -1
  93. package/dist/runtime/types/index.d.ts +1 -1
  94. package/dist/runtime/ui/index.d.mts +1 -1
  95. package/dist/runtime/ui/index.d.ts +1 -1
  96. package/dist/runtime/{url-CixoZcz6.d.mts → url-B6H3YfYM.d.mts} +2 -2
  97. package/dist/runtime/{url-CixoZcz6.d.mts.map → url-B6H3YfYM.d.mts.map} +1 -1
  98. package/dist/runtime/{url-8kDLvJOc.d.ts → url-oznSXRUO.d.ts} +2 -2
  99. package/dist/runtime/{url-8kDLvJOc.d.ts.map → url-oznSXRUO.d.ts.map} +1 -1
  100. package/dist/runtime/{versionSelector-DQ_xKgnp.mjs → versionSelector-CYDxDymx.mjs} +2 -2
  101. package/dist/runtime/{versionSelector-DQ_xKgnp.mjs.map → versionSelector-CYDxDymx.mjs.map} +1 -1
  102. package/dist/runtime/{versionSelector-Cya5GkG0.js → versionSelector-_5VXQHS3.js} +2 -2
  103. package/dist/runtime/{versionSelector-Cya5GkG0.js.map → versionSelector-_5VXQHS3.js.map} +1 -1
  104. package/dist/runtime/versionSelector.js +1 -1
  105. package/dist/runtime/versionSelector.mjs +1 -1
  106. package/dist/runtime/web3.d.mts +1 -1
  107. package/dist/runtime/web3.d.ts +1 -1
  108. package/dist/types/index.d.mts +9 -57
  109. package/dist/types/index.d.mts.map +1 -1
  110. package/dist/types/index.d.ts +9 -57
  111. package/dist/types/index.d.ts.map +1 -1
  112. package/package.json +3 -3
  113. package/dist/runtime/index-TCL_gZUn.d.ts.map +0 -1
package/dist/runtime/alternativePhoneCode.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { ql as PhoneCodeChannelData } from "./index-6lIp5q8s.mjs";
1
+ import { ql as PhoneCodeChannelData } from "./index-Bb1t7kYz.mjs";
2
2
  import "./moduleManager-pxNnXwxv.mjs";
3
3
 
4
4
  //#region src/alternativePhoneCode.d.ts
package/dist/runtime/alternativePhoneCode.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { ql as PhoneCodeChannelData } from "./index-TCL_gZUn.js";
1
+ import { ql as PhoneCodeChannelData } from "./index-C32ntfvR.js";
2
2
  import "./moduleManager-WB15hU3T.js";
3
3
 
4
4
  //#region src/alternativePhoneCode.d.ts
package/dist/runtime/{authorization-R5uuaK2u.js → authorization-BE2IYdvb.js} RENAMED
@@ -124,74 +124,74 @@ const createCheckAuthorization = (options) => {
124
124
  */
125
125
  const resolveAuthState = ({ authObject: { sessionId, sessionStatus, userId, actor, orgId, orgRole, orgSlug, signOut, getToken, has, sessionClaims }, options: { treatPendingAsSignedOut = true } }) => {
126
126
  if (sessionId === void 0 && userId === void 0) return {
127
+ actor: void 0,
128
+ getToken,
129
+ has: () => false,
127
130
  isLoaded: false,
128
131
  isSignedIn: void 0,
129
- sessionId,
130
- sessionClaims: void 0,
131
- userId,
132
- actor: void 0,
133
132
  orgId: void 0,
134
133
  orgRole: void 0,
135
134
  orgSlug: void 0,
136
- has: void 0,
135
+ sessionClaims: void 0,
136
+ sessionId,
137
137
  signOut,
138
- getToken
138
+ userId
139
139
  };
140
140
  if (sessionId === null && userId === null) return {
141
+ actor: null,
142
+ getToken,
143
+ has: () => false,
141
144
  isLoaded: true,
142
145
  isSignedIn: false,
143
- sessionId,
144
- userId,
145
- sessionClaims: null,
146
- actor: null,
147
146
  orgId: null,
148
147
  orgRole: null,
149
148
  orgSlug: null,
150
- has: () => false,
149
+ sessionClaims: null,
150
+ sessionId,
151
151
  signOut,
152
- getToken
152
+ userId
153
153
  };
154
154
  if (treatPendingAsSignedOut && sessionStatus === "pending") return {
155
+ actor: null,
156
+ getToken,
157
+ has: () => false,
155
158
  isLoaded: true,
156
159
  isSignedIn: false,
157
- sessionId: null,
158
- userId: null,
159
- sessionClaims: null,
160
- actor: null,
161
160
  orgId: null,
162
161
  orgRole: null,
163
162
  orgSlug: null,
164
- has: () => false,
163
+ sessionClaims: null,
164
+ sessionId: null,
165
165
  signOut,
166
- getToken
166
+ userId: null
167
167
  };
168
168
  if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) return {
169
+ actor: actor || null,
170
+ getToken,
171
+ has,
169
172
  isLoaded: true,
170
173
  isSignedIn: true,
171
- sessionId,
172
- sessionClaims,
173
- userId,
174
- actor: actor || null,
175
174
  orgId,
176
175
  orgRole,
177
176
  orgSlug: orgSlug || null,
178
- has,
177
+ sessionClaims,
178
+ sessionId,
179
179
  signOut,
180
- getToken
180
+ userId
181
181
  };
182
182
  if (!!sessionId && !!sessionClaims && !!userId && !orgId) return {
183
+ actor: actor || null,
184
+ getToken,
185
+ has,
183
186
  isLoaded: true,
184
187
  isSignedIn: true,
185
- sessionId,
186
- sessionClaims,
187
- userId,
188
- actor: actor || null,
189
188
  orgId: null,
190
189
  orgRole: null,
191
190
  orgSlug: null,
192
- has,
191
+ sessionClaims,
192
+ sessionId,
193
193
  signOut,
194
- getToken
194
+ userId
195
195
  };
196
196
  };
197
197
 
@@ -220,4 +220,4 @@ Object.defineProperty(exports, 'validateReverificationConfig', {
220
220
  return validateReverificationConfig;
221
221
  }
222
222
  });
223
- //# sourceMappingURL=authorization-R5uuaK2u.js.map
223
+ //# sourceMappingURL=authorization-BE2IYdvb.js.map
package/dist/runtime/{authorization-R5uuaK2u.js.map → authorization-BE2IYdvb.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-R5uuaK2u.js","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string | null | undefined;\n orgId: string | null | undefined;\n orgRole: string | null | undefined;\n orgPermissions: string[] | null | undefined;\n factorVerificationAge: [number, number] | null;\n features: string | null | undefined;\n plans: string | null | undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' | 'orgRole' | 'orgPermissions'>,\n) => boolean | null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' | 'features'>,\n) => boolean | null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean | null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)*/, 'org:');\n\n/**\n * Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n *\n * @returns null, if unable to determine due to missing data or unspecified role/permission.\n */\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId || !orgRole || !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id || scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string | null | undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig | undefined | null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue || isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/**\n * Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n *\n * @returns null, if requirements or verification data are missing.\n */\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification || !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/**\n * Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n */\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string | null;\n sessionId?: string | null;\n sessionStatus?: SessionStatusClaim | null;\n sessionClaims?: JwtPayload | null;\n actor?: ActClaim | null;\n orgId?: string | null;\n orgRole?: OrganizationCustomRoleKey | null;\n orgSlug?: string | null;\n orgPermissions?: OrganizationCustomPermissionKey[] | null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/**\n * Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n *\n * @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn | undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n isLoaded: false,\n isSignedIn: undefined,\n sessionId,\n sessionClaims: undefined,\n userId,\n actor: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n has: undefined,\n signOut,\n getToken,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId,\n userId,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId: null,\n userId: null,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor || null,\n orgId,\n orgRole,\n orgSlug: orgSlug || null,\n has,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor || null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has,\n signOut,\n getToken,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";;AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA,eAAe;EACf;EACA,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,KAAK;EACL;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,UAAU;EACV,YAAY;EACZ,WAAW;EACX,QAAQ;EACR,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACD"}
1
+ {"version":3,"file":"authorization-BE2IYdvb.js","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string | null | undefined;\n orgId: string | null | undefined;\n orgRole: string | null | undefined;\n orgPermissions: string[] | null | undefined;\n factorVerificationAge: [number, number] | null;\n features: string | null | undefined;\n plans: string | null | undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' | 'orgRole' | 'orgPermissions'>,\n) => boolean | null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' | 'features'>,\n) => boolean | null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean | null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)*/, 'org:');\n\n/**\n * Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n *\n * @returns null, if unable to determine due to missing data or unspecified role/permission.\n */\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId || !orgRole || !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id || scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string | null | undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig | undefined | null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue || isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/**\n * Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n *\n * @returns null, if requirements or verification data are missing.\n */\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification || !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/**\n * Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n */\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string | null;\n sessionId?: string | null;\n sessionStatus?: SessionStatusClaim | null;\n sessionClaims?: JwtPayload | null;\n actor?: ActClaim | null;\n orgId?: string | null;\n orgRole?: OrganizationCustomRoleKey | null;\n orgSlug?: string | null;\n orgPermissions?: OrganizationCustomPermissionKey[] | null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/**\n * Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n *\n * @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn | undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n actor: undefined,\n getToken,\n has: () => false,\n isLoaded: false,\n isSignedIn: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n sessionClaims: undefined,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId: null,\n signOut,\n userId: null,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n actor: actor || null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId,\n orgRole,\n orgSlug: orgSlug || null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n actor: actor || null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";;AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf,WAAW;EACX;EACA,QAAQ;EACT;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACA;EACD"}
package/dist/runtime/{authorization-BpjgWZx-.mjs → authorization-CB5SAg8q.mjs} RENAMED
@@ -123,77 +123,77 @@ const createCheckAuthorization = (options) => {
123
123
  */
124
124
  const resolveAuthState = ({ authObject: { sessionId, sessionStatus, userId, actor, orgId, orgRole, orgSlug, signOut, getToken, has, sessionClaims }, options: { treatPendingAsSignedOut = true } }) => {
125
125
  if (sessionId === void 0 && userId === void 0) return {
126
+ actor: void 0,
127
+ getToken,
128
+ has: () => false,
126
129
  isLoaded: false,
127
130
  isSignedIn: void 0,
128
- sessionId,
129
- sessionClaims: void 0,
130
- userId,
131
- actor: void 0,
132
131
  orgId: void 0,
133
132
  orgRole: void 0,
134
133
  orgSlug: void 0,
135
- has: void 0,
134
+ sessionClaims: void 0,
135
+ sessionId,
136
136
  signOut,
137
- getToken
137
+ userId
138
138
  };
139
139
  if (sessionId === null && userId === null) return {
140
+ actor: null,
141
+ getToken,
142
+ has: () => false,
140
143
  isLoaded: true,
141
144
  isSignedIn: false,
142
- sessionId,
143
- userId,
144
- sessionClaims: null,
145
- actor: null,
146
145
  orgId: null,
147
146
  orgRole: null,
148
147
  orgSlug: null,
149
- has: () => false,
148
+ sessionClaims: null,
149
+ sessionId,
150
150
  signOut,
151
- getToken
151
+ userId
152
152
  };
153
153
  if (treatPendingAsSignedOut && sessionStatus === "pending") return {
154
+ actor: null,
155
+ getToken,
156
+ has: () => false,
154
157
  isLoaded: true,
155
158
  isSignedIn: false,
156
- sessionId: null,
157
- userId: null,
158
- sessionClaims: null,
159
- actor: null,
160
159
  orgId: null,
161
160
  orgRole: null,
162
161
  orgSlug: null,
163
- has: () => false,
162
+ sessionClaims: null,
163
+ sessionId: null,
164
164
  signOut,
165
- getToken
165
+ userId: null
166
166
  };
167
167
  if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) return {
168
+ actor: actor || null,
169
+ getToken,
170
+ has,
168
171
  isLoaded: true,
169
172
  isSignedIn: true,
170
- sessionId,
171
- sessionClaims,
172
- userId,
173
- actor: actor || null,
174
173
  orgId,
175
174
  orgRole,
176
175
  orgSlug: orgSlug || null,
177
- has,
176
+ sessionClaims,
177
+ sessionId,
178
178
  signOut,
179
- getToken
179
+ userId
180
180
  };
181
181
  if (!!sessionId && !!sessionClaims && !!userId && !orgId) return {
182
+ actor: actor || null,
183
+ getToken,
184
+ has,
182
185
  isLoaded: true,
183
186
  isSignedIn: true,
184
- sessionId,
185
- sessionClaims,
186
- userId,
187
- actor: actor || null,
188
187
  orgId: null,
189
188
  orgRole: null,
190
189
  orgSlug: null,
191
- has,
190
+ sessionClaims,
191
+ sessionId,
192
192
  signOut,
193
- getToken
193
+ userId
194
194
  };
195
195
  };
196
196
 
197
197
  //#endregion
198
198
  export { validateReverificationConfig as i, resolveAuthState as n, splitByScope as r, createCheckAuthorization as t };
199
- //# sourceMappingURL=authorization-BpjgWZx-.mjs.map
199
+ //# sourceMappingURL=authorization-CB5SAg8q.mjs.map
package/dist/runtime/{authorization-BpjgWZx-.mjs.map → authorization-CB5SAg8q.mjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-BpjgWZx-.mjs","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string | null | undefined;\n orgId: string | null | undefined;\n orgRole: string | null | undefined;\n orgPermissions: string[] | null | undefined;\n factorVerificationAge: [number, number] | null;\n features: string | null | undefined;\n plans: string | null | undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' | 'orgRole' | 'orgPermissions'>,\n) => boolean | null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' | 'features'>,\n) => boolean | null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean | null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)*/, 'org:');\n\n/**\n * Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n *\n * @returns null, if unable to determine due to missing data or unspecified role/permission.\n */\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId || !orgRole || !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id || scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string | null | undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig | undefined | null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue || isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/**\n * Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n *\n * @returns null, if requirements or verification data are missing.\n */\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification || !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/**\n * Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n */\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string | null;\n sessionId?: string | null;\n sessionStatus?: SessionStatusClaim | null;\n sessionClaims?: JwtPayload | null;\n actor?: ActClaim | null;\n orgId?: string | null;\n orgRole?: OrganizationCustomRoleKey | null;\n orgSlug?: string | null;\n orgPermissions?: OrganizationCustomPermissionKey[] | null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/**\n * Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n *\n * @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn | undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n isLoaded: false,\n isSignedIn: undefined,\n sessionId,\n sessionClaims: undefined,\n userId,\n actor: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n has: undefined,\n signOut,\n getToken,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId,\n userId,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId: null,\n userId: null,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor || null,\n orgId,\n orgRole,\n orgSlug: orgSlug || null,\n has,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor || null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has,\n signOut,\n getToken,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA,eAAe;EACf;EACA,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,KAAK;EACL;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,UAAU;EACV,YAAY;EACZ,WAAW;EACX,QAAQ;EACR,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACD"}
1
+ {"version":3,"file":"authorization-CB5SAg8q.mjs","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string | null | undefined;\n orgId: string | null | undefined;\n orgRole: string | null | undefined;\n orgPermissions: string[] | null | undefined;\n factorVerificationAge: [number, number] | null;\n features: string | null | undefined;\n plans: string | null | undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' | 'orgRole' | 'orgPermissions'>,\n) => boolean | null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' | 'features'>,\n) => boolean | null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean | null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)*/, 'org:');\n\n/**\n * Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n *\n * @returns null, if unable to determine due to missing data or unspecified role/permission.\n */\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId || !orgRole || !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id || scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string | null | undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig | undefined | null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue || isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/**\n * Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n *\n * @returns null, if requirements or verification data are missing.\n */\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification || !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/**\n * Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n */\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization || orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string | null;\n sessionId?: string | null;\n sessionStatus?: SessionStatusClaim | null;\n sessionClaims?: JwtPayload | null;\n actor?: ActClaim | null;\n orgId?: string | null;\n orgRole?: OrganizationCustomRoleKey | null;\n orgSlug?: string | null;\n orgPermissions?: OrganizationCustomPermissionKey[] | null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/**\n * Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n *\n * @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn | undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n actor: undefined,\n getToken,\n has: () => false,\n isLoaded: false,\n isSignedIn: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n sessionClaims: undefined,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId: null,\n signOut,\n userId: null,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n actor: actor || null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId,\n orgRole,\n orgSlug: orgSlug || null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n actor: actor || null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf,WAAW;EACX;EACA,QAAQ;EACT;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACA;EACD"}
package/dist/runtime/authorization-errors.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { Do as ReverificationConfig } from "./index-6lIp5q8s.mjs";
1
+ import { Do as ReverificationConfig } from "./index-Bb1t7kYz.mjs";
2
2
  import "./moduleManager-pxNnXwxv.mjs";
3
3
 
4
4
  //#region src/authorization-errors.d.ts
package/dist/runtime/authorization-errors.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Do as ReverificationConfig } from "./index-TCL_gZUn.js";
1
+ import { Do as ReverificationConfig } from "./index-C32ntfvR.js";
2
2
  import "./moduleManager-WB15hU3T.js";
3
3
 
4
4
  //#region src/authorization-errors.d.ts
package/dist/runtime/authorization.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-6lIp5q8s.mjs";
1
+ import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-Bb1t7kYz.mjs";
2
2
  import "./moduleManager-pxNnXwxv.mjs";
3
3
 
4
4
  //#region src/authorization.d.ts
package/dist/runtime/authorization.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-TCL_gZUn.js";
1
+ import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-C32ntfvR.js";
2
2
  import "./moduleManager-WB15hU3T.js";
3
3
 
4
4
  //#region src/authorization.d.ts
package/dist/runtime/authorization.js CHANGED
@@ -1,4 +1,4 @@
1
- const require_authorization = require('./authorization-R5uuaK2u.js');
1
+ const require_authorization = require('./authorization-BE2IYdvb.js');
2
2
 
3
3
  exports.createCheckAuthorization = require_authorization.createCheckAuthorization;
4
4
  exports.resolveAuthState = require_authorization.resolveAuthState;
package/dist/runtime/authorization.mjs CHANGED
@@ -1,3 +1,3 @@
1
- import { i as validateReverificationConfig, n as resolveAuthState, r as splitByScope, t as createCheckAuthorization } from "./authorization-BpjgWZx-.mjs";
1
+ import { i as validateReverificationConfig, n as resolveAuthState, r as splitByScope, t as createCheckAuthorization } from "./authorization-CB5SAg8q.mjs";
2
2
 
3
3
  export { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };
package/dist/runtime/clerkEventBus.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { V as ClerkEventPayload } from "./index-6lIp5q8s.mjs";
1
+ import { V as ClerkEventPayload } from "./index-Bb1t7kYz.mjs";
2
2
  import "./moduleManager-pxNnXwxv.mjs";
3
3
 
4
4
  //#region src/clerkEventBus.d.ts
package/dist/runtime/clerkEventBus.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { V as ClerkEventPayload } from "./index-TCL_gZUn.js";
1
+ import { V as ClerkEventPayload } from "./index-C32ntfvR.js";
2
2
  import "./moduleManager-WB15hU3T.js";
3
3
 
4
4
  //#region src/clerkEventBus.d.ts
package/dist/runtime/color.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-6lIp5q8s.mjs";
1
+ import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-Bb1t7kYz.mjs";
2
2
  import "./moduleManager-pxNnXwxv.mjs";
3
3
 
4
4
  //#region src/color.d.ts
package/dist/runtime/color.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-TCL_gZUn.js";
1
+ import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-C32ntfvR.js";
2
2
  import "./moduleManager-WB15hU3T.js";
3
3
 
4
4
  //#region src/color.d.ts
package/dist/runtime/color.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"color.d.ts","names":[],"sources":["../../src/color.ts"],"sourcesContent":[],"mappings":";;;;cAUa;cAIA;cAIA;AARA,cAYA,UAVZ,EAAA,CAAA,CAAA,EAU6B,KAV7B,EAAA,GAAA,CAAA,IAU0C,SAV1C;AAEY,cAYA,UAVZ,EAAA,CAAA,CAAA,EAU6B,KAV7B,EAAA,GAAA,CAAA,IAU0C,SAV1C;AAEY,cAYA,aAVZ,EAAA,CAAA,CAAA,EAUgC,KAVhC,EAAA,GAAA,CAAA,IAU6C,gBAV7C;AAEY,cAYA,QAZiB,EAAA,CAAA,KAAa,EAYX,KAZW,EAE1C,GAAA,OAAA;AAEY,cAeA,iBAf8B,EAAA,CAAA,KAE1C,EAAA,MAAA,EAAA,GAaiD,SAbjD,GAAA,IAAA;AAEY,cA+BA,qBA/BiC,EAAA,CAAA,KAAA,EAAA,MAE7C,EAAA,GA6BqD,KA7BrD;AAEY,cA+CA,qBA/CwB,EAAA,CAAA,KAAA,EA+CQ,KA/CR,EAAA,GAAA,MAAA,GA+CyB,gBA/CzB;AAOxB,cAwDA,oBAxDqC,EAAA,CAAA,GAAS,EAAA,MAAA,EAAA,GAwDR,SAxDQ"}
1
+ {"version":3,"file":"color.d.ts","names":[],"sources":["../../src/color.ts"],"sourcesContent":[],"mappings":";;;;cAUa;cAIA;cAIA;AARA,cAYA,UAVZ,EAAA,CAAA,CAAA,EAU6B,KAV7B,EAAA,GAAA,CAAA,IAU0C,SAV1C;AAEY,cAYA,UAVZ,EAAA,CAAA,CAAA,EAU6B,KAV7B,EAAA,GAAA,CAAA,IAU0C,SAV1C;AAEY,cAYA,aAVZ,EAAA,CAAA,CAAA,EAUgC,KAVhC,EAAA,GAAA,CAAA,IAU6C,gBAV7C;AAEY,cAYA,QAVZ,EAF6B,CAAA,KAAa,EAYX,KAZW,EAAA,GAE1C,OAAA;AAEY,cAeA,iBAf8B,EAAA,CAAA,KAAA,EAE1C,MAAA,EAAA,GAaiD,SAbjD,GAAA,IAAA;AAEY,cA+BA,qBA/BiC,EAAA,CAAA,KAAA,EAAA,MAE7C,EAAA,GA6BqD,KA7BrD;AAEY,cA+CA,qBA/CwB,EAAA,CAAA,KAAA,EA+CQ,KA/CR,EAAA,GAAA,MAAA,GA+CyB,gBA/CzB;AAOxB,cAwDA,oBAxDqC,EAAA,CAAA,GAAS,EAAA,MAAA,EAAA,GAwDR,SAxDQ"}
package/dist/runtime/deriveState.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-6lIp5q8s.mjs";
1
+ import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-Bb1t7kYz.mjs";
2
2
  import "./moduleManager-pxNnXwxv.mjs";
3
3
 
4
4
  //#region src/deriveState.d.ts
package/dist/runtime/deriveState.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-TCL_gZUn.js";
1
+ import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-C32ntfvR.js";
2
2
  import "./moduleManager-WB15hU3T.js";
3
3
 
4
4
  //#region src/deriveState.d.ts
package/dist/runtime/{error-FQfTKcEF.d.ts → error-D_08BTAz.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-TCL_gZUn.js";
1
+ import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-C32ntfvR.js";
2
2
 
3
3
  //#region src/errors/parseError.d.ts
4
4
 
@@ -200,4 +200,4 @@ declare function isPasswordCompromisedError(err: any): boolean;
200
200
  declare function isEmailLinkError(err: Error): err is EmailLinkError;
201
201
  //#endregion
202
202
  export { parseError as C, errorToJSON as S, EmailLinkErrorCode as _, isEmailLinkError as a, ErrorThrowerOptions as b, isNetworkError as c, isReverificationCancelledError as d, isUnauthorizedError as f, EmailLinkError as g, MetamaskError as h, isClerkRuntimeError as i, isPasswordCompromisedError as l, ClerkWebAuthnError as m, isCaptchaError as n, isKnownError as o, isUserLockedError as p, isClerkAPIResponseError as r, isMetamaskError as s, is4xxError as t, isPasswordPwnedError as u, EmailLinkErrorCodeStatus as v, parseErrors as w, buildErrorThrower as x, ErrorThrower as y };
203
- //# sourceMappingURL=error-FQfTKcEF.d.ts.map
203
+ //# sourceMappingURL=error-D_08BTAz.d.ts.map
package/dist/runtime/{error-FQfTKcEF.d.ts.map → error-D_08BTAz.d.ts.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"file":"error-FQfTKcEF.d.ts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAK,EAAA,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}
1
+ {"version":3,"file":"error-D_08BTAz.d.ts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAA,EAAK,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}
package/dist/runtime/{error-Btp0PBNP.d.mts → error-PZOXmiMQ.d.mts} RENAMED
@@ -1,4 +1,4 @@
1
- import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-6lIp5q8s.mjs";
1
+ import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-Bb1t7kYz.mjs";
2
2
 
3
3
  //#region src/errors/parseError.d.ts
4
4
 
@@ -200,4 +200,4 @@ declare function isPasswordCompromisedError(err: any): boolean;
200
200
  declare function isEmailLinkError(err: Error): err is EmailLinkError;
201
201
  //#endregion
202
202
  export { parseError as C, errorToJSON as S, EmailLinkErrorCode as _, isEmailLinkError as a, ErrorThrowerOptions as b, isNetworkError as c, isReverificationCancelledError as d, isUnauthorizedError as f, EmailLinkError as g, MetamaskError as h, isClerkRuntimeError as i, isPasswordCompromisedError as l, ClerkWebAuthnError as m, isCaptchaError as n, isKnownError as o, isUserLockedError as p, isClerkAPIResponseError as r, isMetamaskError as s, is4xxError as t, isPasswordPwnedError as u, EmailLinkErrorCodeStatus as v, parseErrors as w, buildErrorThrower as x, ErrorThrower as y };
203
- //# sourceMappingURL=error-Btp0PBNP.d.mts.map
203
+ //# sourceMappingURL=error-PZOXmiMQ.d.mts.map
package/dist/runtime/{error-Btp0PBNP.d.mts.map → error-PZOXmiMQ.d.mts.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"file":"error-Btp0PBNP.d.mts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAA,EAAK,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}
1
+ {"version":3,"file":"error-PZOXmiMQ.d.mts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAA,EAAK,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}
package/dist/runtime/error.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-6lIp5q8s.mjs";
1
+ import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-Bb1t7kYz.mjs";
2
2
  import "./moduleManager-pxNnXwxv.mjs";
3
- import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-Btp0PBNP.mjs";
3
+ import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-PZOXmiMQ.mjs";
4
4
  export { ClerkAPIError, ClerkAPIResponseError, ClerkError, ClerkRuntimeError, ClerkWebAuthnError, EmailLinkError, EmailLinkErrorCode, EmailLinkErrorCodeStatus, ErrorThrower, ErrorThrowerOptions, MetamaskError, buildErrorThrower, createClerkGlobalHookError, errorToJSON, is4xxError, isCaptchaError, isClerkAPIResponseError, isClerkRuntimeError, isEmailLinkError, isKnownError, isMetamaskError, isNetworkError, isPasswordCompromisedError, isPasswordPwnedError, isReverificationCancelledError, isUnauthorizedError, isUserLockedError, parseError, parseErrors };
package/dist/runtime/error.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-TCL_gZUn.js";
1
+ import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-C32ntfvR.js";
2
2
  import "./moduleManager-WB15hU3T.js";
3
- import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-FQfTKcEF.js";
3
+ import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-D_08BTAz.js";
4
4
  export { ClerkAPIError, ClerkAPIResponseError, ClerkError, ClerkRuntimeError, ClerkWebAuthnError, EmailLinkError, EmailLinkErrorCode, EmailLinkErrorCodeStatus, ErrorThrower, ErrorThrowerOptions, MetamaskError, buildErrorThrower, createClerkGlobalHookError, errorToJSON, is4xxError, isCaptchaError, isClerkAPIResponseError, isClerkRuntimeError, isEmailLinkError, isKnownError, isMetamaskError, isNetworkError, isPasswordCompromisedError, isPasswordPwnedError, isReverificationCancelledError, isUnauthorizedError, isUserLockedError, parseError, parseErrors };
package/dist/runtime/globs.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"globs.d.ts","names":[],"sources":["../../src/globs.ts"],"sourcesContent":[],"mappings":";cAEa;EAAA,QAUZ,EAAA,CAAA,OAAA,EAAA,MAT8B,EAAM,GAAN,MAAM"}
1
+ {"version":3,"file":"globs.d.ts","names":[],"sources":["../../src/globs.ts"],"sourcesContent":[],"mappings":";cAEa;EAAA,QAUZ,EAAA,CAAA,OAAA,EAT8B,MAAA,EAAM,GAAN,MAAM"}