npm - @clerk/shared - Versions diffs - 4.0.0-snapshot.v20251216175437 → 4.0.0-snapshot.v20251217165918 - Mend

@clerk/shared 4.0.0-snapshot.v20251216175437 → 4.0.0-snapshot.v20251217165918

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (105) hide show

package/dist/runtime/alternativePhoneCode.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { ql as PhoneCodeChannelData } from "./index-Cp3xe3Y1.mjs";
+import { ql as PhoneCodeChannelData } from "./index-Bb1t7kYz.mjs";
 import "./moduleManager-pxNnXwxv.mjs";
 //#region src/alternativePhoneCode.d.ts

package/dist/runtime/alternativePhoneCode.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { ql as PhoneCodeChannelData } from "./index-uUVoqZPx.js";
+import { ql as PhoneCodeChannelData } from "./index-C32ntfvR.js";
 import "./moduleManager-WB15hU3T.js";
 //#region src/alternativePhoneCode.d.ts

package/dist/runtime/{authorization-R5uuaK2u.js → authorization-BE2IYdvb.js} RENAMED Viewed

@@ -124,74 +124,74 @@ const createCheckAuthorization = (options) => {
 */
 const resolveAuthState = ({ authObject: { sessionId, sessionStatus, userId, actor, orgId, orgRole, orgSlug, signOut, getToken, has, sessionClaims }, options: { treatPendingAsSignedOut = true } }) => {
 	if (sessionId === void 0 && userId === void 0) return {
+		actor: void 0,
+		getToken,
+		has: () => false,
 		isLoaded: false,
 		isSignedIn: void 0,
-		sessionId,
-		sessionClaims: void 0,
-		userId,
-		actor: void 0,
 		orgId: void 0,
 		orgRole: void 0,
 		orgSlug: void 0,
-		has: void 0,
+		sessionClaims: void 0,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 	if (sessionId === null && userId === null) return {
+		actor: null,
+		getToken,
+		has: () => false,
 		isLoaded: true,
 		isSignedIn: false,
-		sessionId,
-		userId,
-		sessionClaims: null,
-		actor: null,
 		orgId: null,
 		orgRole: null,
 		orgSlug: null,
-		has: () => false,
+		sessionClaims: null,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 	if (treatPendingAsSignedOut && sessionStatus === "pending") return {
+		actor: null,
+		getToken,
+		has: () => false,
 		isLoaded: true,
 		isSignedIn: false,
-		sessionId: null,
-		userId: null,
-		sessionClaims: null,
-		actor: null,
 		orgId: null,
 		orgRole: null,
 		orgSlug: null,
-		has: () => false,
+		sessionClaims: null,
+		sessionId: null,
 		signOut,
-		getToken
+		userId: null
 	};
 	if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) return {
+		actor: actor || null,
+		getToken,
+		has,
 		isLoaded: true,
 		isSignedIn: true,
-		sessionId,
-		sessionClaims,
-		userId,
-		actor: actor || null,
 		orgId,
 		orgRole,
 		orgSlug: orgSlug || null,
-		has,
+		sessionClaims,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 	if (!!sessionId && !!sessionClaims && !!userId && !orgId) return {
+		actor: actor || null,
+		getToken,
+		has,
 		isLoaded: true,
 		isSignedIn: true,
-		sessionId,
-		sessionClaims,
-		userId,
-		actor: actor || null,
 		orgId: null,
 		orgRole: null,
 		orgSlug: null,
-		has,
+		sessionClaims,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 };
@@ -220,4 +220,4 @@ Object.defineProperty(exports, 'validateReverificationConfig', {
     return validateReverificationConfig;
   }
 });
-//# sourceMappingURL=authorization-R5uuaK2u.js.map
+//# sourceMappingURL=authorization-BE2IYdvb.js.map

package/dist/runtime/{authorization-R5uuaK2u.js.map → authorization-BE2IYdvb.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorization-R5uuaK2u.js","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string \| null \| undefined;\n orgId: string \| null \| undefined;\n orgRole: string \| null \| undefined;\n orgPermissions: string[] \| null \| undefined;\n factorVerificationAge: [number, number] \| null;\n features: string \| null \| undefined;\n plans: string \| null \| undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' \| 'orgRole' \| 'orgPermissions'>,\n) => boolean \| null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' \| 'features'>,\n) => boolean \| null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean \| null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)/, 'org:');\n\n/\n Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n \n @returns null, if unable to determine due to missing data or unspecified role/permission.\n /\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId \|\| !orgRole \|\| !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id \|\| scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string \| null \| undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig \| undefined \| null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue \|\| isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/\n Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n \n @returns null, if requirements or verification data are missing.\n /\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification \|\| !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/\n Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n /\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string \| null;\n sessionId?: string \| null;\n sessionStatus?: SessionStatusClaim \| null;\n sessionClaims?: JwtPayload \| null;\n actor?: ActClaim \| null;\n orgId?: string \| null;\n orgRole?: OrganizationCustomRoleKey \| null;\n orgSlug?: string \| null;\n orgPermissions?: OrganizationCustomPermissionKey[] \| null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/\n Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n \n @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn \| undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n isLoaded: false,\n isSignedIn: undefined,\n sessionId,\n sessionClaims: undefined,\n userId,\n actor: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n has: undefined,\n signOut,\n getToken,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId,\n userId,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId: null,\n userId: null,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor \|\| null,\n orgId,\n orgRole,\n orgSlug: orgSlug \|\| null,\n has,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor \|\| null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has,\n signOut,\n getToken,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";;AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA,eAAe;EACf;EACA,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,KAAK;EACL;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,UAAU;EACV,YAAY;EACZ,WAAW;EACX,QAAQ;EACR,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACD"}
1	+ {"version":3,"file":"authorization-BE2IYdvb.js","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string \| null \| undefined;\n orgId: string \| null \| undefined;\n orgRole: string \| null \| undefined;\n orgPermissions: string[] \| null \| undefined;\n factorVerificationAge: [number, number] \| null;\n features: string \| null \| undefined;\n plans: string \| null \| undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' \| 'orgRole' \| 'orgPermissions'>,\n) => boolean \| null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' \| 'features'>,\n) => boolean \| null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean \| null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)/, 'org:');\n\n/\n Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n \n @returns null, if unable to determine due to missing data or unspecified role/permission.\n /\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId \|\| !orgRole \|\| !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id \|\| scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string \| null \| undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig \| undefined \| null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue \|\| isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/\n Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n \n @returns null, if requirements or verification data are missing.\n /\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification \|\| !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/\n Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n /\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string \| null;\n sessionId?: string \| null;\n sessionStatus?: SessionStatusClaim \| null;\n sessionClaims?: JwtPayload \| null;\n actor?: ActClaim \| null;\n orgId?: string \| null;\n orgRole?: OrganizationCustomRoleKey \| null;\n orgSlug?: string \| null;\n orgPermissions?: OrganizationCustomPermissionKey[] \| null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/\n Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n \n @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn \| undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n actor: undefined,\n getToken,\n has: () => false,\n isLoaded: false,\n isSignedIn: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n sessionClaims: undefined,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId: null,\n signOut,\n userId: null,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n actor: actor \|\| null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId,\n orgRole,\n orgSlug: orgSlug \|\| null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n actor: actor \|\| null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";;AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf,WAAW;EACX;EACA,QAAQ;EACT;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACA;EACD"}

package/dist/runtime/{authorization-BpjgWZx-.mjs → authorization-CB5SAg8q.mjs} RENAMED Viewed

@@ -123,77 +123,77 @@ const createCheckAuthorization = (options) => {
 */
 const resolveAuthState = ({ authObject: { sessionId, sessionStatus, userId, actor, orgId, orgRole, orgSlug, signOut, getToken, has, sessionClaims }, options: { treatPendingAsSignedOut = true } }) => {
 	if (sessionId === void 0 && userId === void 0) return {
+		actor: void 0,
+		getToken,
+		has: () => false,
 		isLoaded: false,
 		isSignedIn: void 0,
-		sessionId,
-		sessionClaims: void 0,
-		userId,
-		actor: void 0,
 		orgId: void 0,
 		orgRole: void 0,
 		orgSlug: void 0,
-		has: void 0,
+		sessionClaims: void 0,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 	if (sessionId === null && userId === null) return {
+		actor: null,
+		getToken,
+		has: () => false,
 		isLoaded: true,
 		isSignedIn: false,
-		sessionId,
-		userId,
-		sessionClaims: null,
-		actor: null,
 		orgId: null,
 		orgRole: null,
 		orgSlug: null,
-		has: () => false,
+		sessionClaims: null,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 	if (treatPendingAsSignedOut && sessionStatus === "pending") return {
+		actor: null,
+		getToken,
+		has: () => false,
 		isLoaded: true,
 		isSignedIn: false,
-		sessionId: null,
-		userId: null,
-		sessionClaims: null,
-		actor: null,
 		orgId: null,
 		orgRole: null,
 		orgSlug: null,
-		has: () => false,
+		sessionClaims: null,
+		sessionId: null,
 		signOut,
-		getToken
+		userId: null
 	};
 	if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) return {
+		actor: actor || null,
+		getToken,
+		has,
 		isLoaded: true,
 		isSignedIn: true,
-		sessionId,
-		sessionClaims,
-		userId,
-		actor: actor || null,
 		orgId,
 		orgRole,
 		orgSlug: orgSlug || null,
-		has,
+		sessionClaims,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 	if (!!sessionId && !!sessionClaims && !!userId && !orgId) return {
+		actor: actor || null,
+		getToken,
+		has,
 		isLoaded: true,
 		isSignedIn: true,
-		sessionId,
-		sessionClaims,
-		userId,
-		actor: actor || null,
 		orgId: null,
 		orgRole: null,
 		orgSlug: null,
-		has,
+		sessionClaims,
+		sessionId,
 		signOut,
-		getToken
+		userId
 	};
 };
 //#endregion
 export { validateReverificationConfig as i, resolveAuthState as n, splitByScope as r, createCheckAuthorization as t };
-//# sourceMappingURL=authorization-BpjgWZx-.mjs.map
+//# sourceMappingURL=authorization-CB5SAg8q.mjs.map

package/dist/runtime/{authorization-BpjgWZx-.mjs.map → authorization-CB5SAg8q.mjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorization-BpjgWZx-.mjs","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string \| null \| undefined;\n orgId: string \| null \| undefined;\n orgRole: string \| null \| undefined;\n orgPermissions: string[] \| null \| undefined;\n factorVerificationAge: [number, number] \| null;\n features: string \| null \| undefined;\n plans: string \| null \| undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' \| 'orgRole' \| 'orgPermissions'>,\n) => boolean \| null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' \| 'features'>,\n) => boolean \| null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean \| null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)/, 'org:');\n\n/\n Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n \n @returns null, if unable to determine due to missing data or unspecified role/permission.\n /\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId \|\| !orgRole \|\| !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id \|\| scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string \| null \| undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig \| undefined \| null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue \|\| isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/\n Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n \n @returns null, if requirements or verification data are missing.\n /\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification \|\| !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/\n Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n /\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string \| null;\n sessionId?: string \| null;\n sessionStatus?: SessionStatusClaim \| null;\n sessionClaims?: JwtPayload \| null;\n actor?: ActClaim \| null;\n orgId?: string \| null;\n orgRole?: OrganizationCustomRoleKey \| null;\n orgSlug?: string \| null;\n orgPermissions?: OrganizationCustomPermissionKey[] \| null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/\n Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n \n @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn \| undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n isLoaded: false,\n isSignedIn: undefined,\n sessionId,\n sessionClaims: undefined,\n userId,\n actor: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n has: undefined,\n signOut,\n getToken,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId,\n userId,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n isLoaded: true,\n isSignedIn: false,\n sessionId: null,\n userId: null,\n sessionClaims: null,\n actor: null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has: () => false,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor \|\| null,\n orgId,\n orgRole,\n orgSlug: orgSlug \|\| null,\n has,\n signOut,\n getToken,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n isLoaded: true,\n isSignedIn: true,\n sessionId,\n sessionClaims,\n userId,\n actor: actor \|\| null,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n has,\n signOut,\n getToken,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA,eAAe;EACf;EACA,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,KAAK;EACL;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,UAAU;EACV,YAAY;EACZ,WAAW;EACX,QAAQ;EACR,eAAe;EACf,OAAO;EACP,OAAO;EACP,SAAS;EACT,SAAS;EACT,WAAW;EACX;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,UAAU;EACV,YAAY;EACZ;EACA;EACA;EACA,OAAO,SAAS;EAChB,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACD"}
1	+ {"version":3,"file":"authorization-CB5SAg8q.mjs","names":["TYPES_TO_OBJECTS: TypesToConfig","checkOrgAuthorization: CheckOrgAuthorization","checkBillingAuthorization: CheckBillingAuthorization","config","checkReverificationAuthorization: CheckReverificationAuthorization"],"sources":["../../src/authorization.ts"],"sourcesContent":["import type {\n ActClaim,\n CheckAuthorizationWithCustomPermissions,\n GetToken,\n JwtPayload,\n OrganizationCustomPermissionKey,\n OrganizationCustomRoleKey,\n PendingSessionOptions,\n ReverificationConfig,\n SessionStatusClaim,\n SessionVerificationLevel,\n SessionVerificationTypes,\n SignOut,\n UseAuthReturn,\n} from './types';\n\ntype TypesToConfig = Record<SessionVerificationTypes, Exclude<ReverificationConfig, SessionVerificationTypes>>;\ntype AuthorizationOptions = {\n userId: string \| null \| undefined;\n orgId: string \| null \| undefined;\n orgRole: string \| null \| undefined;\n orgPermissions: string[] \| null \| undefined;\n factorVerificationAge: [number, number] \| null;\n features: string \| null \| undefined;\n plans: string \| null \| undefined;\n};\n\ntype CheckOrgAuthorization = (\n params: { role?: OrganizationCustomRoleKey; permission?: OrganizationCustomPermissionKey },\n options: Pick<AuthorizationOptions, 'orgId' \| 'orgRole' \| 'orgPermissions'>,\n) => boolean \| null;\n\ntype CheckBillingAuthorization = (\n params: { feature?: string; plan?: string },\n options: Pick<AuthorizationOptions, 'plans' \| 'features'>,\n) => boolean \| null;\n\ntype CheckReverificationAuthorization = (\n params: {\n reverification?: ReverificationConfig;\n },\n { factorVerificationAge }: AuthorizationOptions,\n) => boolean \| null;\n\nconst TYPES_TO_OBJECTS: TypesToConfig = {\n strict_mfa: {\n afterMinutes: 10,\n level: 'multi_factor',\n },\n strict: {\n afterMinutes: 10,\n level: 'second_factor',\n },\n moderate: {\n afterMinutes: 60,\n level: 'second_factor',\n },\n lax: {\n afterMinutes: 1_440,\n level: 'second_factor',\n },\n};\n\nconst ALLOWED_LEVELS = new Set<SessionVerificationLevel>(['first_factor', 'second_factor', 'multi_factor']);\n\nconst ALLOWED_TYPES = new Set<SessionVerificationTypes>(['strict_mfa', 'strict', 'moderate', 'lax']);\n\n// Helper functions\nconst isValidMaxAge = (maxAge: any) => typeof maxAge === 'number' && maxAge > 0;\nconst isValidLevel = (level: any) => ALLOWED_LEVELS.has(level);\nconst isValidVerificationType = (type: any) => ALLOWED_TYPES.has(type);\n\nconst prefixWithOrg = (value: string) => value.replace(/^(org:)/, 'org:');\n\n/\n Checks if a user has the required organization-level authorization.\n * Verifies if the user has the specified role or permission within their organization.\n \n @returns null, if unable to determine due to missing data or unspecified role/permission.\n /\nconst checkOrgAuthorization: CheckOrgAuthorization = (params, options) => {\n const { orgId, orgRole, orgPermissions } = options;\n if (!params.role && !params.permission) {\n return null;\n }\n\n if (!orgId \|\| !orgRole \|\| !orgPermissions) {\n return null;\n }\n\n if (params.permission) {\n return orgPermissions.includes(prefixWithOrg(params.permission));\n }\n\n if (params.role) {\n return prefixWithOrg(orgRole) === prefixWithOrg(params.role);\n }\n return null;\n};\n\nconst checkForFeatureOrPlan = (claim: string, featureOrPlan: string) => {\n const { org: orgFeatures, user: userFeatures } = splitByScope(claim);\n const [scope, _id] = featureOrPlan.split(':');\n const id = _id \|\| scope;\n\n if (scope === 'org') {\n return orgFeatures.includes(id);\n } else if (scope === 'user') {\n return userFeatures.includes(id);\n } else {\n // Since org scoped features will not exist if there is not an active org, merging is safe.\n return [...orgFeatures, ...userFeatures].includes(id);\n }\n};\n\nconst checkBillingAuthorization: CheckBillingAuthorization = (params, options) => {\n const { features, plans } = options;\n\n if (params.feature && features) {\n return checkForFeatureOrPlan(features, params.feature);\n }\n\n if (params.plan && plans) {\n return checkForFeatureOrPlan(plans, params.plan);\n }\n return null;\n};\n\nconst splitByScope = (fea: string \| null \| undefined) => {\n const features = fea ? fea.split(',').map(f => f.trim()) : [];\n\n // TODO: make this more efficient\n return {\n org: features.filter(f => f.split(':')[0].includes('o')).map(f => f.split(':')[1]),\n user: features.filter(f => f.split(':')[0].includes('u')).map(f => f.split(':')[1]),\n };\n};\n\nconst validateReverificationConfig = (config: ReverificationConfig \| undefined \| null) => {\n if (!config) {\n return false;\n }\n\n const convertConfigToObject = (config: ReverificationConfig) => {\n if (typeof config === 'string') {\n return TYPES_TO_OBJECTS[config];\n }\n return config;\n };\n\n const isValidStringValue = typeof config === 'string' && isValidVerificationType(config);\n const isValidObjectValue =\n typeof config === 'object' && isValidLevel(config.level) && isValidMaxAge(config.afterMinutes);\n\n if (isValidStringValue \|\| isValidObjectValue) {\n return convertConfigToObject.bind(null, config);\n }\n\n return false;\n};\n\n/\n Evaluates if the user meets re-verification authentication requirements.\n * Compares the user's factor verification ages against the specified maxAge.\n * Handles different verification levels (first factor, second factor, multi-factor).\n \n @returns null, if requirements or verification data are missing.\n /\nconst checkReverificationAuthorization: CheckReverificationAuthorization = (params, { factorVerificationAge }) => {\n if (!params.reverification \|\| !factorVerificationAge) {\n return null;\n }\n\n const isValidReverification = validateReverificationConfig(params.reverification);\n if (!isValidReverification) {\n return null;\n }\n\n const { level, afterMinutes } = isValidReverification();\n const [factor1Age, factor2Age] = factorVerificationAge;\n\n // -1 indicates the factor group (1fa,2fa) is not enabled\n // -1 for 1fa is not a valid scenario, but we need to make sure we handle it properly\n const isValidFactor1 = factor1Age !== -1 ? afterMinutes > factor1Age : null;\n const isValidFactor2 = factor2Age !== -1 ? afterMinutes > factor2Age : null;\n\n switch (level) {\n case 'first_factor':\n return isValidFactor1;\n case 'second_factor':\n return factor2Age !== -1 ? isValidFactor2 : isValidFactor1;\n case 'multi_factor':\n return factor2Age === -1 ? isValidFactor1 : isValidFactor1 && isValidFactor2;\n }\n};\n\n/\n Creates a function for comprehensive user authorization checks.\n * Combines organization-level and reverification authentication checks.\n * The returned function authorizes if both checks pass, or if at least one passes\n * when the other is indeterminate. Fails if userId is missing.\n /\nconst createCheckAuthorization = (options: AuthorizationOptions): CheckAuthorizationWithCustomPermissions => {\n return (params): boolean => {\n if (!options.userId) {\n return false;\n }\n\n const billingAuthorization = checkBillingAuthorization(params, options);\n const orgAuthorization = checkOrgAuthorization(params, options);\n const reverificationAuthorization = checkReverificationAuthorization(params, options);\n\n if ([billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === null)) {\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].some(a => a === true);\n }\n\n return [billingAuthorization \|\| orgAuthorization, reverificationAuthorization].every(a => a === true);\n };\n};\n\ntype AuthStateOptions = {\n authObject: {\n userId?: string \| null;\n sessionId?: string \| null;\n sessionStatus?: SessionStatusClaim \| null;\n sessionClaims?: JwtPayload \| null;\n actor?: ActClaim \| null;\n orgId?: string \| null;\n orgRole?: OrganizationCustomRoleKey \| null;\n orgSlug?: string \| null;\n orgPermissions?: OrganizationCustomPermissionKey[] \| null;\n getToken: GetToken;\n signOut: SignOut;\n has: (params: Parameters<CheckAuthorizationWithCustomPermissions>[0]) => boolean;\n };\n options: PendingSessionOptions;\n};\n\n/\n Shared utility function that centralizes auth state resolution logic,\n * preventing duplication across different packages.\n \n @internal\n */\nconst resolveAuthState = ({\n authObject: {\n sessionId,\n sessionStatus,\n userId,\n actor,\n orgId,\n orgRole,\n orgSlug,\n signOut,\n getToken,\n has,\n sessionClaims,\n },\n options: { treatPendingAsSignedOut = true },\n}: AuthStateOptions): UseAuthReturn \| undefined => {\n if (sessionId === undefined && userId === undefined) {\n return {\n actor: undefined,\n getToken,\n has: () => false,\n isLoaded: false,\n isSignedIn: undefined,\n orgId: undefined,\n orgRole: undefined,\n orgSlug: undefined,\n sessionClaims: undefined,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (sessionId === null && userId === null) {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (treatPendingAsSignedOut && sessionStatus === 'pending') {\n return {\n actor: null,\n getToken,\n has: () => false,\n isLoaded: true,\n isSignedIn: false,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims: null,\n sessionId: null,\n signOut,\n userId: null,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !!orgId && !!orgRole) {\n return {\n actor: actor \|\| null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId,\n orgRole,\n orgSlug: orgSlug \|\| null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n\n if (!!sessionId && !!sessionClaims && !!userId && !orgId) {\n return {\n actor: actor \|\| null,\n getToken,\n has,\n isLoaded: true,\n isSignedIn: true,\n orgId: null,\n orgRole: null,\n orgSlug: null,\n sessionClaims,\n sessionId,\n signOut,\n userId,\n } as const;\n }\n};\n\nexport { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };\n"],"mappings":";AA4CA,MAAMA,mBAAkC;CACtC,YAAY;EACV,cAAc;EACd,OAAO;EACR;CACD,QAAQ;EACN,cAAc;EACd,OAAO;EACR;CACD,UAAU;EACR,cAAc;EACd,OAAO;EACR;CACD,KAAK;EACH,cAAc;EACd,OAAO;EACR;CACF;AAED,MAAM,iBAAiB,IAAI,IAA8B;CAAC;CAAgB;CAAiB;CAAe,CAAC;AAE3G,MAAM,gBAAgB,IAAI,IAA8B;CAAC;CAAc;CAAU;CAAY;CAAM,CAAC;AAGpG,MAAM,iBAAiB,WAAgB,OAAO,WAAW,YAAY,SAAS;AAC9E,MAAM,gBAAgB,UAAe,eAAe,IAAI,MAAM;AAC9D,MAAM,2BAA2B,SAAc,cAAc,IAAI,KAAK;AAEtE,MAAM,iBAAiB,UAAkB,MAAM,QAAQ,YAAY,OAAO;;;;;;;AAQ1E,MAAMC,yBAAgD,QAAQ,YAAY;CACxE,MAAM,EAAE,OAAO,SAAS,mBAAmB;AAC3C,KAAI,CAAC,OAAO,QAAQ,CAAC,OAAO,WAC1B,QAAO;AAGT,KAAI,CAAC,SAAS,CAAC,WAAW,CAAC,eACzB,QAAO;AAGT,KAAI,OAAO,WACT,QAAO,eAAe,SAAS,cAAc,OAAO,WAAW,CAAC;AAGlE,KAAI,OAAO,KACT,QAAO,cAAc,QAAQ,KAAK,cAAc,OAAO,KAAK;AAE9D,QAAO;;AAGT,MAAM,yBAAyB,OAAe,kBAA0B;CACtE,MAAM,EAAE,KAAK,aAAa,MAAM,iBAAiB,aAAa,MAAM;CACpE,MAAM,CAAC,OAAO,OAAO,cAAc,MAAM,IAAI;CAC7C,MAAM,KAAK,OAAO;AAElB,KAAI,UAAU,MACZ,QAAO,YAAY,SAAS,GAAG;UACtB,UAAU,OACnB,QAAO,aAAa,SAAS,GAAG;KAGhC,QAAO,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,GAAG;;AAIzD,MAAMC,6BAAwD,QAAQ,YAAY;CAChF,MAAM,EAAE,UAAU,UAAU;AAE5B,KAAI,OAAO,WAAW,SACpB,QAAO,sBAAsB,UAAU,OAAO,QAAQ;AAGxD,KAAI,OAAO,QAAQ,MACjB,QAAO,sBAAsB,OAAO,OAAO,KAAK;AAElD,QAAO;;AAGT,MAAM,gBAAgB,QAAmC;CACvD,MAAM,WAAW,MAAM,IAAI,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,GAAG,EAAE;AAG7D,QAAO;EACL,KAAK,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EAClF,MAAM,SAAS,QAAO,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,CAAC,KAAI,MAAK,EAAE,MAAM,IAAI,CAAC,GAAG;EACpF;;AAGH,MAAM,gCAAgC,WAAoD;AACxF,KAAI,CAAC,OACH,QAAO;CAGT,MAAM,yBAAyB,aAAiC;AAC9D,MAAI,OAAOC,aAAW,SACpB,QAAO,iBAAiBA;AAE1B,SAAOA;;CAGT,MAAM,qBAAqB,OAAO,WAAW,YAAY,wBAAwB,OAAO;CACxF,MAAM,qBACJ,OAAO,WAAW,YAAY,aAAa,OAAO,MAAM,IAAI,cAAc,OAAO,aAAa;AAEhG,KAAI,sBAAsB,mBACxB,QAAO,sBAAsB,KAAK,MAAM,OAAO;AAGjD,QAAO;;;;;;;;;AAUT,MAAMC,oCAAsE,QAAQ,EAAE,4BAA4B;AAChH,KAAI,CAAC,OAAO,kBAAkB,CAAC,sBAC7B,QAAO;CAGT,MAAM,wBAAwB,6BAA6B,OAAO,eAAe;AACjF,KAAI,CAAC,sBACH,QAAO;CAGT,MAAM,EAAE,OAAO,iBAAiB,uBAAuB;CACvD,MAAM,CAAC,YAAY,cAAc;CAIjC,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;CACvE,MAAM,iBAAiB,eAAe,KAAK,eAAe,aAAa;AAEvE,SAAQ,OAAR;EACE,KAAK,eACH,QAAO;EACT,KAAK,gBACH,QAAO,eAAe,KAAK,iBAAiB;EAC9C,KAAK,eACH,QAAO,eAAe,KAAK,iBAAiB,kBAAkB;;;;;;;;;AAUpE,MAAM,4BAA4B,YAA2E;AAC3G,SAAQ,WAAoB;AAC1B,MAAI,CAAC,QAAQ,OACX,QAAO;EAGT,MAAM,uBAAuB,0BAA0B,QAAQ,QAAQ;EACvE,MAAM,mBAAmB,sBAAsB,QAAQ,QAAQ;EAC/D,MAAM,8BAA8B,iCAAiC,QAAQ,QAAQ;AAErF,MAAI,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK,CAC/F,QAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,MAAK,MAAK,MAAM,KAAK;AAGtG,SAAO,CAAC,wBAAwB,kBAAkB,4BAA4B,CAAC,OAAM,MAAK,MAAM,KAAK;;;;;;;;;AA4BzG,MAAM,oBAAoB,EACxB,YAAY,EACV,WACA,eACA,QACA,OACA,OACA,SACA,SACA,SACA,UACA,KACA,iBAEF,SAAS,EAAE,0BAA0B,aACY;AACjD,KAAI,cAAc,UAAa,WAAW,OACxC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,cAAc,QAAQ,WAAW,KACnC,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf;EACA;EACA;EACD;AAGH,KAAI,2BAA2B,kBAAkB,UAC/C,QAAO;EACL,OAAO;EACP;EACA,WAAW;EACX,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT,eAAe;EACf,WAAW;EACX;EACA,QAAQ;EACT;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,QAC7D,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ;EACA;EACA,SAAS,WAAW;EACpB;EACA;EACA;EACA;EACD;AAGH,KAAI,CAAC,CAAC,aAAa,CAAC,CAAC,iBAAiB,CAAC,CAAC,UAAU,CAAC,MACjD,QAAO;EACL,OAAO,SAAS;EAChB;EACA;EACA,UAAU;EACV,YAAY;EACZ,OAAO;EACP,SAAS;EACT,SAAS;EACT;EACA;EACA;EACA;EACD"}

package/dist/runtime/authorization-errors.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Do as ReverificationConfig } from "./index-Cp3xe3Y1.mjs";
+import { Do as ReverificationConfig } from "./index-Bb1t7kYz.mjs";
 import "./moduleManager-pxNnXwxv.mjs";
 //#region src/authorization-errors.d.ts

package/dist/runtime/authorization-errors.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Do as ReverificationConfig } from "./index-uUVoqZPx.js";
+import { Do as ReverificationConfig } from "./index-C32ntfvR.js";
 import "./moduleManager-WB15hU3T.js";
 //#region src/authorization-errors.d.ts

package/dist/runtime/authorization.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-Cp3xe3Y1.mjs";
+import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-Bb1t7kYz.mjs";
 import "./moduleManager-pxNnXwxv.mjs";
 //#region src/authorization.d.ts

package/dist/runtime/authorization.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-uUVoqZPx.js";
+import { Ao as SessionVerificationLevel, Da as GetToken, Do as ReverificationConfig, Ea as CheckAuthorizationWithCustomPermissions, Gi as ActClaim, Ji as JwtPayload, Oo as SessionVerificationAfterMinutes, Qi as OrganizationCustomRoleKey, Yi as SessionStatusClaim, Zi as OrganizationCustomPermissionKey, ka as PendingSessionOptions, kt as SignOut, m as UseAuthReturn } from "./index-C32ntfvR.js";
 import "./moduleManager-WB15hU3T.js";
 //#region src/authorization.d.ts

package/dist/runtime/authorization.js CHANGED Viewed

@@ -1,4 +1,4 @@
-const require_authorization = require('./authorization-R5uuaK2u.js');
+const require_authorization = require('./authorization-BE2IYdvb.js');
 exports.createCheckAuthorization = require_authorization.createCheckAuthorization;
 exports.resolveAuthState = require_authorization.resolveAuthState;

package/dist/runtime/authorization.mjs CHANGED Viewed

@@ -1,3 +1,3 @@
-import { i as validateReverificationConfig, n as resolveAuthState, r as splitByScope, t as createCheckAuthorization } from "./authorization-BpjgWZx-.mjs";
+import { i as validateReverificationConfig, n as resolveAuthState, r as splitByScope, t as createCheckAuthorization } from "./authorization-CB5SAg8q.mjs";
 export { createCheckAuthorization, resolveAuthState, splitByScope, validateReverificationConfig };

package/dist/runtime/clerkEventBus.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { V as ClerkEventPayload } from "./index-Cp3xe3Y1.mjs";
+import { V as ClerkEventPayload } from "./index-Bb1t7kYz.mjs";
 import "./moduleManager-pxNnXwxv.mjs";
 //#region src/clerkEventBus.d.ts

package/dist/runtime/clerkEventBus.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { V as ClerkEventPayload } from "./index-uUVoqZPx.js";
+import { V as ClerkEventPayload } from "./index-C32ntfvR.js";
 import "./moduleManager-WB15hU3T.js";
 //#region src/clerkEventBus.d.ts

package/dist/runtime/color.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-Cp3xe3Y1.mjs";
+import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-Bb1t7kYz.mjs";
 import "./moduleManager-pxNnXwxv.mjs";
 //#region src/color.d.ts

package/dist/runtime/color.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-uUVoqZPx.js";
+import { Ci as HslaColor, Di as TransparentColor, Ti as RgbaColor, _i as Color } from "./index-C32ntfvR.js";
 import "./moduleManager-WB15hU3T.js";
 //#region src/color.d.ts

package/dist/runtime/deriveState.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-Cp3xe3Y1.mjs";
+import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-Bb1t7kYz.mjs";
 import "./moduleManager-pxNnXwxv.mjs";
 //#region src/deriveState.d.ts

package/dist/runtime/deriveState.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-uUVoqZPx.js";
+import { Gi as ActClaim, Ha as SignedInSessionResource, Ji as JwtPayload, gt as Resources, pa as OrganizationResource, rf as Autocomplete, t as InitialState, ta as OrganizationSystemPermissionKey, to as UserResource } from "./index-C32ntfvR.js";
 import "./moduleManager-WB15hU3T.js";
 //#region src/deriveState.d.ts

package/dist/runtime/{error-uvNWuzfd.d.ts → error-D_08BTAz.d.ts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-uUVoqZPx.js";
+import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-C32ntfvR.js";
 //#region src/errors/parseError.d.ts
@@ -200,4 +200,4 @@ declare function isPasswordCompromisedError(err: any): boolean;
 declare function isEmailLinkError(err: Error): err is EmailLinkError;
 //#endregion
 export { parseError as C, errorToJSON as S, EmailLinkErrorCode as _, isEmailLinkError as a, ErrorThrowerOptions as b, isNetworkError as c, isReverificationCancelledError as d, isUnauthorizedError as f, EmailLinkError as g, MetamaskError as h, isClerkRuntimeError as i, isPasswordCompromisedError as l, ClerkWebAuthnError as m, isCaptchaError as n, isKnownError as o, isUserLockedError as p, isClerkAPIResponseError as r, isMetamaskError as s, is4xxError as t, isPasswordPwnedError as u, EmailLinkErrorCodeStatus as v, parseErrors as w, buildErrorThrower as x, ErrorThrower as y };
-//# sourceMappingURL=error-uvNWuzfd.d.ts.map
+//# sourceMappingURL=error-D_08BTAz.d.ts.map

package/dist/runtime/{error-uvNWuzfd.d.ts.map → error-D_08BTAz.d.ts.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"error-~~uvNWuzfd~~.d.ts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAK,EAAA,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}
1	+ {"version":3,"file":"error-D_08BTAz.d.ts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAK,EAAA,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}

package/dist/runtime/{error-DrbZI8Pq.d.mts → error-PZOXmiMQ.d.mts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-Cp3xe3Y1.mjs";
+import { Mf as ClerkAPIResponseError, Pf as ClerkAPIError, cl as ClerkAPIError$1, jf as ClerkRuntimeError, ll as ClerkAPIErrorJSON } from "./index-Bb1t7kYz.mjs";
 //#region src/errors/parseError.d.ts
@@ -200,4 +200,4 @@ declare function isPasswordCompromisedError(err: any): boolean;
 declare function isEmailLinkError(err: Error): err is EmailLinkError;
 //#endregion
 export { parseError as C, errorToJSON as S, EmailLinkErrorCode as _, isEmailLinkError as a, ErrorThrowerOptions as b, isNetworkError as c, isReverificationCancelledError as d, isUnauthorizedError as f, EmailLinkError as g, MetamaskError as h, isClerkRuntimeError as i, isPasswordCompromisedError as l, ClerkWebAuthnError as m, isCaptchaError as n, isKnownError as o, isUserLockedError as p, isClerkAPIResponseError as r, isMetamaskError as s, is4xxError as t, isPasswordPwnedError as u, EmailLinkErrorCodeStatus as v, parseErrors as w, buildErrorThrower as x, ErrorThrower as y };
-//# sourceMappingURL=error-DrbZI8Pq.d.mts.map
+//# sourceMappingURL=error-PZOXmiMQ.d.mts.map

package/dist/runtime/{error-DrbZI8Pq.d.mts.map → error-PZOXmiMQ.d.mts.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"error-~~DrbZI8Pq~~.d.mts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAA,EAAK,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}
1	+ {"version":3,"file":"error-PZOXmiMQ.d.mts","names":[],"sources":["../../src/errors/parseError.ts","../../src/errors/errorThrower.ts","../../src/errors/emailLinkError.ts","../../src/errors/metamaskError.ts","../../src/errors/webAuthNError.ts","../../src/errors/helpers.ts"],"sourcesContent":[],"mappings":";;;;;AAQA;AAWA;AASA;;iBApBgB,WAAA,QAAkB,sBAA2B;;;ACRxC;AAQ0B;AAEzB;AAItB;AAKA;AAC0B,iBDDV,UAAA,CCCU,KAAA,EDDQ,iBCCR,CAAA,EDD4B,eCC5B;;;;;AAsB1B;AAAoC,iBDdpB,WAAA,CCcoB,KAAA,EDdD,aCcC,GAAA,IAAA,CAAA,EDdsB,iBCctB;;;cA1C9B,iBAAe;;;EDQL,iCAAkB,EAAA,wGAAiD;EAWnE,4BAAkB,EAAA,mGAA0C;EAS5D,oBAAW,EAAA,kIAAgD;;KCpBtE,WAAA,gBAA2B;KAE3B,QAAA,GAAW,OAAO;KAElB,cAAA,GAAiB,OANpB,CAM4B,QAZT,CAAA;AAQhB,KAMO,mBAAA,GANoB;EAE3B,WAAQ,EAAA,MAAA;EAER,cAAA,CAAA,EAIc,cAJW;AAE9B,CAAA;AAKiB,UAAA,YAAA,CAAY;EACH,cAAA,CAAA,OAAA,EAAA,mBAAA,CAAA,EAAsB,YAAtB;EAAsB,WAAA,CAAA,OAAA,EAEzB,mBAFyB,CAAA,EAEH,YAFG;EAEzB,+BAAA,CAAA,MAAA,EAAA;IAAsB,GAAA,CAAA,EAAA,MAAA;EAAY,CAAA,CAAA,EAAA,KAAA;EAoBzC,oBAAiB,CAAA,MAAA,EAAA;IAAG,GAAA,CAAA,EAAA,MAAA;EAAa,CAAA,CAAA,EAAA,KAAA;EAAkB,+BAAA,EAAA,EAAA,KAAA;EAAsB,0BAAA,EAAA,EAAA,KAAA;EAAY,8BAAA,CAAA,MAAA,EAAA;;;;AC1CrG;AAgBA;AAMA;;;;ACpBiB,iBFwCD,iBAAA,CExC4B;EAAA,WAAA;EAAA;AAAA,CAAA,EFwCuB,mBExCvB,CAAA,EFwC6C,YExC7C;;;cDF/B,cAAA,SAAuB,KAAA;;;AFQpC;AAWA;AASA;;;;AC5BM,cCgBO,kBDhBQ,EAAA;EAQhB,OAAA,EAAA,MAAW;EAEX,MAAA,EAAA,MAAQ;EAER,cAAA,EAAA,MAAc;AAEnB,CAAA;AAKiB,cCGJ,wBDHgB,EAAA;EACH,SAAA,OAAA,EAAA,SAAA;EAAsB,SAAA,MAAA,EAAA,QAAA;EAEzB,SAAA,cAAA,EAAA,iBAAA;CAAsB;;;UEpB5B,aAAA,SAAsB;;;EHMvB,IAAA,CAAA,EAAA,OAAW;AAW3B;;;KIjBK,sBAAA;cAcQ,kBAAA,SAA2B,iBAAA;EJRxB;AAWhB;AASA;QIRQ;;;EHpBF;UGsB2C;EHtB3C,CAAA;AAAe;;;ADmBrB;AASA;;;;;AC5BqB;AAUhB,iBIEW,mBAAA,CJFA,CAAA,EAAA,GAAM,CAAA,EAAA,OAAA;AAAA;AAItB;AAKA;;;AAGuB,iBICP,cAAA,CJDO,CAAA,EICW,qBJDX,CAAA,EAAA,OAAA;;;AAoBvB;;;AAAmE,iBIVnD,UAAA,CJUmD,CAAA,EAAA,GAAA,CAAA,EAAA,OAAA;;;;;;AC1CtD,iBG0CG,cAAA,CH1CoB,CAAA,EAAK,GAAA,CAAA,EAAA,OAAA;AAgBzC;AAMA;;;;ACpBiB,iBEmDD,YAAA,CFnDuB,KAAK,EAAA,GAAA,CAAA,EAAA,KAAA,IEmDO,qBFnDP,GEmD+B,iBFnD/B,GEmDmD,aFnDnD;;;;ACFY;AAgBxD;AAIQ,iBC0CQ,uBAAA,CD1CR,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IC0CkD,qBD1ClD;;;;;;;;ACRR;AAWA;AASA;AAUA;AAWA;;;;;AASgB,iBAoBA,mBAAA,CApB0C,GAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAoBJ,iBApByB;AAoB/E;AASA;AASA;AASA;AASA;AASgB,iBApCA,8BAAA,CAoC0B,GAAA,EAAA,GAAA,CAAA,EAAA,OAAA;AAS1C;;;;;iBApCgB,eAAA,mBAAkC;;;;;;iBASlC,iBAAA;;;;;;iBASA,oBAAA;;;;;;iBASA,0BAAA;;;;;;iBASA,gBAAA,MAAsB,eAAe"}

package/dist/runtime/error.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-Cp3xe3Y1.mjs";
+import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-Bb1t7kYz.mjs";
 import "./moduleManager-pxNnXwxv.mjs";
-import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-DrbZI8Pq.mjs";
+import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-PZOXmiMQ.mjs";
 export { ClerkAPIError, ClerkAPIResponseError, ClerkError, ClerkRuntimeError, ClerkWebAuthnError, EmailLinkError, EmailLinkErrorCode, EmailLinkErrorCodeStatus, ErrorThrower, ErrorThrowerOptions, MetamaskError, buildErrorThrower, createClerkGlobalHookError, errorToJSON, is4xxError, isCaptchaError, isClerkAPIResponseError, isClerkRuntimeError, isEmailLinkError, isKnownError, isMetamaskError, isNetworkError, isPasswordCompromisedError, isPasswordPwnedError, isReverificationCancelledError, isUnauthorizedError, isUserLockedError, parseError, parseErrors };

package/dist/runtime/error.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-uUVoqZPx.js";
+import { Af as createClerkGlobalHookError, Mf as ClerkAPIResponseError, Nf as ClerkError, Pf as ClerkAPIError, jf as ClerkRuntimeError } from "./index-C32ntfvR.js";
 import "./moduleManager-WB15hU3T.js";
-import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-uvNWuzfd.js";
+import { C as parseError, S as errorToJSON, _ as EmailLinkErrorCode, a as isEmailLinkError, b as ErrorThrowerOptions, c as isNetworkError, d as isReverificationCancelledError, f as isUnauthorizedError, g as EmailLinkError, h as MetamaskError, i as isClerkRuntimeError, l as isPasswordCompromisedError, m as ClerkWebAuthnError, n as isCaptchaError, o as isKnownError, p as isUserLockedError, r as isClerkAPIResponseError, s as isMetamaskError, t as is4xxError, u as isPasswordPwnedError, v as EmailLinkErrorCodeStatus, w as parseErrors, x as buildErrorThrower, y as ErrorThrower } from "./error-D_08BTAz.js";
 export { ClerkAPIError, ClerkAPIResponseError, ClerkError, ClerkRuntimeError, ClerkWebAuthnError, EmailLinkError, EmailLinkErrorCode, EmailLinkErrorCodeStatus, ErrorThrower, ErrorThrowerOptions, MetamaskError, buildErrorThrower, createClerkGlobalHookError, errorToJSON, is4xxError, isCaptchaError, isClerkAPIResponseError, isClerkRuntimeError, isEmailLinkError, isKnownError, isMetamaskError, isNetworkError, isPasswordCompromisedError, isPasswordPwnedError, isReverificationCancelledError, isUnauthorizedError, isUserLockedError, parseError, parseErrors };

package/dist/runtime/globs.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"globs.d.ts","names":[],"sources":["../../src/globs.ts"],"sourcesContent":[],"mappings":";cAEa;EAAA,QAUZ,EAAA,CAAA,OAAA,~~EAAA~~,~~MAT8B~~,EAAM,GAAN,MAAM"}
1	+ {"version":3,"file":"globs.d.ts","names":[],"sources":["../../src/globs.ts"],"sourcesContent":[],"mappings":";cAEa;EAAA,QAUZ,EAAA,CAAA,OAAA,EAT8B,MAAA,EAAM,GAAN,MAAM"}