@draftlab/auth 0.15.0 → 0.16.0

package/dist/router/safe-request.mjs

@@ -1,160 +0,0 @@
-//#region src/router/safe-request.ts
-var SafeRequest = class SafeRequest {
-	cachedBody = null;
-	bodyBuffer = null;
-	textDecoder = new TextDecoder();
-	cache;
-	credentials;
-	destination;
-	headers;
-	integrity;
-	keepalive;
-	method;
-	mode;
-	redirect;
-	referrer;
-	referrerPolicy;
-	signal;
-	url;
-	constructor(url, method, headers, body, options) {
-		this.url = url;
-		this.method = method;
-		this.headers = headers;
-		this.bodyBuffer = body;
-		this.cache = options?.cache ?? "default";
-		this.credentials = options?.credentials ?? "same-origin";
-		this.destination = options?.destination ?? "";
-		this.integrity = options?.integrity ?? "";
-		this.keepalive = options?.keepalive ?? false;
-		this.mode = options?.mode ?? "cors";
-		this.redirect = options?.redirect ?? "follow";
-		this.referrer = options?.referrer ?? "";
-		this.referrerPolicy = options?.referrerPolicy ?? "";
-		this.signal = options?.signal ?? new AbortController().signal;
-	}
-	async arrayBuffer() {
-		return this.bodyBuffer ?? /* @__PURE__ */ new ArrayBuffer(0);
-	}
-	async blob() {
-		const buffer = await this.arrayBuffer();
-		return new Blob([buffer]);
-	}
-	async formData() {
-		const buffer = await this.arrayBuffer();
-		const blob = new Blob([buffer], { type: this.headers.get("content-type") || "application/x-www-form-urlencoded" });
-		return new Request(this.url, {
-			method: this.method,
-			headers: this.headers,
-			body: blob
-		}).formData();
-	}
-	async json() {
-		const text = await this.text();
-		return JSON.parse(text);
-	}
-	async text() {
-		const buffer = await this.arrayBuffer();
-		return this.textDecoder.decode(buffer);
-	}
-	async bytes() {
-		return this.arrayBuffer().then((buffer) => new Uint8Array(buffer));
-	}
-	get body() {
-		if (this.cachedBody) return this.cachedBody;
-		if (this.bodyBuffer) {
-			const buffer = this.bodyBuffer;
-			this.cachedBody = new ReadableStream({ start(controller) {
-				controller.enqueue(new Uint8Array(buffer));
-				controller.close();
-			} });
-			return this.cachedBody;
-		}
-		return null;
-	}
-	get bodyUsed() {
-		return false;
-	}
-	clone() {
-		return new SafeRequest(this.url, this.method, this.headers, this.bodyBuffer, {
-			cache: this.cache,
-			credentials: this.credentials,
-			destination: this.destination,
-			integrity: this.integrity,
-			keepalive: this.keepalive,
-			mode: this.mode,
-			redirect: this.redirect,
-			referrer: this.referrer,
-			referrerPolicy: this.referrerPolicy,
-			signal: this.signal
-		});
-	}
-};
-/**
-* Extracts data from a Request and creates a SafeRequest.
-* Uses ReadableStream to safely read the body and avoid issues with certain Request implementations.
-*/
-async function makeSafeRequest(request) {
-	if (request instanceof SafeRequest) return request;
-	const url = request.url;
-	const method = request.method;
-	const headers = new Headers(request.headers);
-	let bodyBuffer = null;
-	const requestMethod = method.toUpperCase();
-	if (requestMethod === "POST" || requestMethod === "PUT" || requestMethod === "PATCH") try {
-		const body = request.body;
-		if (body) {
-			const reader = body.getReader();
-			const chunks = [];
-			while (true) {
-				const { done, value } = await reader.read();
-				if (done) break;
-				if (value) chunks.push(value);
-			}
-			const totalLength = chunks.reduce((acc, chunk) => acc + chunk.length, 0);
-			const combined = new Uint8Array(totalLength);
-			let offset = 0;
-			for (const chunk of chunks) {
-				combined.set(chunk, offset);
-				offset += chunk.length;
-			}
-			bodyBuffer = combined.buffer;
-		}
-	} catch (error) {
-		console.warn("Failed to read request body via stream:", error);
-	}
-	const options = {};
-	try {
-		options.cache = request.cache;
-	} catch {}
-	try {
-		options.credentials = request.credentials;
-	} catch {}
-	try {
-		options.destination = request.destination;
-	} catch {}
-	try {
-		options.integrity = request.integrity;
-	} catch {}
-	try {
-		options.keepalive = request.keepalive;
-	} catch {}
-	try {
-		options.mode = request.mode;
-	} catch {}
-	try {
-		options.redirect = request.redirect;
-	} catch {}
-	try {
-		options.referrer = request.referrer;
-	} catch {}
-	try {
-		options.referrerPolicy = request.referrerPolicy;
-	} catch {}
-	try {
-		options.signal = request.signal;
-	} catch {}
-	return new SafeRequest(url, method, headers, bodyBuffer, options);
-}
-
-//#endregion
-export { SafeRequest, makeSafeRequest };

package/dist/router/types.d.mts

@@ -1,67 +0,0 @@
-//#region src/router/types.d.ts
-type ExtractParams<T extends string> = string extends T ? Record<string, string> : T extends `${string}:${infer Param}/${infer Rest}` ? { readonly [K in Param]: string } & ExtractParams<`/${Rest}`> : T extends `${string}:${infer Param}` ? { readonly [K in Param]: string } : Record<string, never>;
-type VariableMap = Record<string, unknown>;
-interface RouterEnvironment<TVariables extends VariableMap = VariableMap> {
-  Variables: TVariables;
-}
-interface CookieOptions {
-  domain?: string;
-  path?: string;
-  expires?: Date;
-  maxAge?: number;
-  httpOnly?: boolean;
-  secure?: boolean;
-  sameSite?: "Strict" | "Lax" | "None";
-}
-interface RouterContext<TParams extends Record<string, string> = Record<string, string>, TVariables extends VariableMap = VariableMap> {
-  readonly request: Request;
-  readonly params: Readonly<TParams>;
-  readonly searchParams: Readonly<URLSearchParams>;
-  query<K extends string>(key: K): string | undefined;
-  header<K extends string>(key: K): string | undefined;
-  cookie<K extends string>(key: K): string | undefined;
-  formData(): Promise<FormData>;
-  parseJson<T = unknown>(): Promise<T>;
-  json<T>(data: T, init?: ResponseInit): Response;
-  redirect(url: string | URL, status?: 300 | 301 | 302 | 303 | 307 | 308): Response;
-  text(data: string, init?: ResponseInit): Response;
-  setCookie(name: string, value: string, options?: CookieOptions): void;
-  deleteCookie(name: string, options?: Pick<CookieOptions, "domain" | "path">): void;
-  newResponse(body?: BodyInit, init?: ResponseInit): Response;
-  set<K extends keyof TVariables>(key: K, value: TVariables[K]): void;
-  get<K extends keyof TVariables>(key: K): TVariables[K];
-  has<K extends keyof TVariables>(key: K): key is K;
-}
-type RouteHandler<TParams extends Record<string, string> = Record<string, string>, TVariables extends VariableMap = VariableMap> = (ctx: RouterContext<TParams, TVariables>) => Promise<Response> | Response;
-type MiddlewareHandler<TParams extends Record<string, string> = Record<string, string>, TVariables extends VariableMap = VariableMap> = (ctx: RouterContext<TParams, TVariables>, next: () => Promise<Response> | Response) => Promise<Response> | Response;
-type EnhancedRouteHandler<TParams extends Record<string, string> = Record<string, string>, TVariables extends VariableMap = VariableMap> = {
-  handler: RouteHandler<TParams, TVariables>;
-  middleware?: MiddlewareHandler<TParams, TVariables>[];
-};
-type AnyHandler<TParams extends Record<string, string>, TVariables extends VariableMap = VariableMap> = RouteHandler<TParams, TVariables> | EnhancedRouteHandler<TParams, TVariables>;
-type HttpMethod = "GET" | "POST";
-interface CompiledRoute {
-  regex: RegExp;
-  paramNames: string[];
-  pattern: string;
-}
-interface MatchResult {
-  params: Record<string, string>;
-  pattern: string;
-}
-interface RouteDefinition<TVariables extends VariableMap = VariableMap> {
-  method: HttpMethod;
-  pattern: string;
-  handler: RouteHandler<Record<string, string>, TVariables>;
-  middleware: MiddlewareHandler<Record<string, string>, TVariables>[];
-  compiled: CompiledRoute;
-}
-interface RouterOptions {
-  caseSensitive?: boolean;
-  strict?: boolean;
-  basePath?: string;
-}
-type ErrorHandler<TVariables extends VariableMap = VariableMap> = (error: Error, ctx: RouterContext<Record<string, string>, TVariables>) => Promise<Response> | Response;
-type GlobalMiddleware<TVariables extends VariableMap = VariableMap> = (ctx: RouterContext<Record<string, string>, TVariables>, next: () => Promise<Response> | Response) => Promise<Response> | Response;
-//#endregion
-export { AnyHandler, CompiledRoute, CookieOptions, EnhancedRouteHandler, ErrorHandler, ExtractParams, GlobalMiddleware, HttpMethod, MatchResult, MiddlewareHandler, RouteDefinition, RouteHandler, RouterContext, RouterEnvironment, RouterOptions, VariableMap };

package/dist/router/types.mjs

@@ -1 +0,0 @@
-export {  };

package/dist/router/variables.d.mts

@@ -1,12 +0,0 @@
-import { VariableMap } from "./types.mjs";
-
-//#region src/router/variables.d.ts
-declare class ContextVariableManager<TVariables extends VariableMap = VariableMap> {
-  private readonly state;
-  constructor(initialVariables?: Partial<TVariables>);
-  set<K extends keyof TVariables>(key: K, value: TVariables[K]): void;
-  get<K extends keyof TVariables>(key: K): TVariables[K];
-  has<K extends keyof TVariables>(key: K): key is K;
-}
-//#endregion
-export { ContextVariableManager };

package/dist/router/variables.mjs

@@ -1,20 +0,0 @@
-//#region src/router/variables.ts
-var ContextVariableManager = class {
-	state = /* @__PURE__ */ new Map();
-	constructor(initialVariables) {
-		if (initialVariables) for (const [key, value] of Object.entries(initialVariables)) this.state.set(key, value);
-	}
-	set(key, value) {
-		if (typeof key !== "string" || key.length === 0) throw new Error("Variable key must be a non-empty string");
-		this.state.set(key, value);
-	}
-	get(key) {
-		return this.state.get(key);
-	}
-	has(key) {
-		return this.state.has(key);
-	}
-};
-
-//#endregion
-export { ContextVariableManager };

package/dist/storage/memory.mjs

@@ -1,125 +0,0 @@
-import { joinKey, splitKey } from "./storage.mjs";
-import { existsSync, readFileSync } from "node:fs";
-import { writeFile } from "node:fs/promises";
-
-//#region src/storage/memory.ts
-/**
-* Creates an in-memory storage adapter with optional file persistence.
-* Uses binary search for efficient key lookups and maintains sorted order.
-*
-* @param options - Configuration options for the memory storage
-* @returns Storage adapter implementing the StorageAdapter interface
-*
-* @example
-* ```ts
-* // Development storage (data lost on restart)
-* const devStorage = MemoryStorage()
-*
-* // Persistent storage (survives restarts)
-* const persistentStorage = MemoryStorage({
-*   persist: "./auth-data.json"
-* })
-*
-* // Use with issuer
-* export default issuer({
-*   storage: persistentStorage,
-*   providers: { ... }
-* })
-* ```
-*/
-const MemoryStorage = (options) => {
-	const store = [];
-	/**
-	* Type guard to validate loaded store data structure.
-	*/
-	const isValidStoreData = (data) => {
-		return Array.isArray(data) && data.every((item) => Array.isArray(item) && item.length === 2 && typeof item[0] === "string" && typeof item[1] === "object" && item[1] !== null && "value" in item[1]);
-	};
-	if (options?.persist && existsSync(options.persist)) try {
-		const fileContent = readFileSync(options.persist, "utf8");
-		const parsed = JSON.parse(fileContent);
-		if (isValidStoreData(parsed)) store.push(...parsed);
-	} catch {}
-	/**
-	* Saves the current store state to the persistence file if configured.
-	*/
-	const save = async () => {
-		if (!options?.persist) return;
-		try {
-			const serialized = JSON.stringify(store, null, 2);
-			await writeFile(options.persist, serialized, "utf8");
-		} catch {}
-	};
-	/**
-	* Performs binary search to find a key in the sorted store.
-	* Returns both whether the key was found and the insertion index.
-	*/
-	const search = (key) => {
-		let left = 0;
-		let right = store.length - 1;
-		while (left <= right) {
-			const mid = Math.floor((left + right) / 2);
-			const midEntry = store[mid];
-			if (!midEntry) return {
-				found: false,
-				index: left
-			};
-			const comparison = key.localeCompare(midEntry[0]);
-			if (comparison === 0) return {
-				found: true,
-				index: mid
-			};
-			if (comparison < 0) right = mid - 1;
-			else left = mid + 1;
-		}
-		return {
-			found: false,
-			index: left
-		};
-	};
-	return {
-		async get(key) {
-			const match = search(joinKey(key));
-			if (!match.found) return;
-			const storeEntry = store[match.index];
-			if (!storeEntry) return;
-			const entry = storeEntry[1];
-			if (entry.expiry && Date.now() >= entry.expiry) {
-				store.splice(match.index, 1);
-				await save();
-				return;
-			}
-			return entry.value;
-		},
-		async set(key, value, expiry) {
-			const searchKey = joinKey(key);
-			const match = search(searchKey);
-			const entry = [searchKey, {
-				value,
-				expiry: expiry?.getTime()
-			}];
-			if (match.found) store[match.index] = entry;
-			else store.splice(match.index, 0, entry);
-			await save();
-		},
-		async remove(key) {
-			const match = search(joinKey(key));
-			if (match.found) {
-				store.splice(match.index, 1);
-				await save();
-			}
-		},
-		async *scan(prefix) {
-			const now = Date.now();
-			const prefixStr = joinKey(prefix);
-			for (const [key, entry] of store) {
-				if (!key.startsWith(prefixStr)) continue;
-				if (entry.expiry && now >= entry.expiry) continue;
-				yield [splitKey(key), entry.value];
-			}
-		}
-	};
-};
-
-//#endregion
-export { MemoryStorage };

package/dist/storage/storage.d.mts

@@ -1,179 +0,0 @@
-//#region src/storage/storage.d.ts
-/**
- * Storage abstraction layer for Draft Auth persistence operations.
- * Provides a unified interface for different storage backends with key encoding,
- * TTL support, and type-safe operations.
- */
-/**
- * Abstract storage adapter interface that must be implemented by all storage backends.
- * Defines the core operations needed for OAuth data persistence.
- */
-interface StorageAdapter {
-  /**
-   * Retrieves a value by its key path.
-   *
-   * @param key - Array of key segments forming the storage path
-   * @returns Promise resolving to the stored value or undefined if not found
-   */
-  get(key: string[]): Promise<Record<string, unknown> | undefined>;
-  /**
-   * Removes a value by its key path.
-   *
-   * @param key - Array of key segments forming the storage path
-   * @returns Promise that resolves when removal is complete
-   */
-  remove(key: string[]): Promise<void>;
-  /**
-   * Stores a value with an optional expiration date.
-   *
-   * @param key - Array of key segments forming the storage path
-   * @param value - The value to store
-   * @param expiry - Optional expiration date for automatic cleanup
-   * @returns Promise that resolves when storage is complete
-   */
-  set(key: string[], value: unknown, expiry?: Date): Promise<void>;
-  /**
-   * Scans for keys matching a prefix pattern.
-   *
-   * @param prefix - Array of key segments to use as prefix filter
-   * @returns Async iterable of key-value pairs matching the prefix
-   */
-  scan(prefix: string[]): AsyncIterable<readonly [string[], unknown]>;
-}
-/**
- * Joins an array of key segments into a single string using the separator.
- * Segments are properly escaped to handle any input, including separators and escape characters.
- *
- * @param key - Array of key segments to join
- * @returns Single string representing the full key path
- *
- * @example
- * ```ts
- * joinKey(['user', 'data\x1fwith\x1fseparators'])
- * // Returns: "user\x1fdata\\x1fwith\\x1fseparators"
- * ```
- */
-declare const joinKey: (key: string[]) => string;
-/**
- * Splits a joined key string back into its component segments.
- * Handles escaped characters properly.
- *
- * @param key - Joined key string to split
- * @returns Array of individual key segments
- *
- * @example
- * ```ts
- * splitKey("user\x1fdata\\x1fwith\\x1fseparators")
- * // Returns: ['user', 'data\x1fwith\x1fseparators']
- * ```
- */
-declare const splitKey: (key: string) => string[];
-/**
- * High-level storage operations with key encoding and type safety.
- * Provides a convenient interface over storage adapters with additional features
- * like TTL validation and secure key encoding to prevent collisions.
- */
-declare const Storage: {
-  /**
-   * Encodes key segments by escaping special characters.
-   * Ensures storage keys don't contain unescaped separator characters that could cause collisions.
-   *
-   * @param key - Array of key segments to encode
-   * @returns Array of properly escaped key segments
-   *
-   * @throws {Error} If any segment is empty or whitespace-only
-   *
-   * @example
-   * ```ts
-   * Storage.encode(['user', 'data\x1fwith\x1fseparators'])
-   * // Returns: ['user', 'data\\x1fwith\\x1fseparators']
-   * ```
-   */
-  readonly encode: (key: string[]) => string[];
-  /**
-   * Decodes key segments by unescaping special characters.
-   * Reverse operation of encode().
-   *
-   * @param key - Array of encoded key segments
-   * @returns Array of decoded key segments
-   *
-   * @internal
-   */
-  readonly decode: (key: string[]) => string[];
-  /**
-   * Retrieves a typed value from storage.
-   *
-   * @template T - Expected type of the stored value
-   * @param adapter - Storage adapter to use
-   * @param key - Array of key segments identifying the value
-   * @returns Promise resolving to the typed value or null if not found
-   *
-   * @example
-   * ```ts
-   * interface UserSession {
-   *   userId: string
-   *   expiresAt: number
-   * }
-   *
-   * const session = await Storage.get<UserSession>(adapter, ['sessions', sessionId])
-   * if (session) {
-   *   // Fully typed: session.userId
-   * }
-   * ```
-   */
-  readonly get: <T = Record<string, unknown>>(adapter: StorageAdapter, key: string[]) => Promise<T | null>;
-  /**
-   * Stores a value with optional time-to-live in seconds.
-   * Validates that TTL is a positive integer to prevent edge cases like negative or overflow values.
-   *
-   * @param adapter - Storage adapter to use
-   * @param key - Array of key segments identifying where to store
-   * @param value - The value to store
-   * @param ttlSeconds - Optional TTL in seconds for automatic expiration
-   * @returns Promise that resolves when storage is complete
-   *
-   * @throws {RangeError} If TTL is invalid (negative, non-integer, or exceeds maximum)
-   *
-   * @example
-   * ```ts
-   * // Store with 1 hour TTL
-   * await Storage.set(adapter, ['sessions', sessionId], sessionData, 3600)
-   *
-   * // Store permanently (no expiration)
-   * await Storage.set(adapter, ['users', userId], userData)
-   * ```
-   */
-  readonly set: (adapter: StorageAdapter, key: string[], value: unknown, ttlSeconds?: number) => Promise<void>;
-  /**
-   * Removes a value from storage.
-   *
-   * @param adapter - Storage adapter to use
-   * @param key - Array of key segments identifying the value to remove
-   * @returns Promise that resolves when removal is complete
-   *
-   * @example
-   * ```ts
-   * await Storage.remove(adapter, ['sessions', expiredSessionId])
-   * ```
-   */
-  readonly remove: (adapter: StorageAdapter, key: string[]) => Promise<void>;
-  /**
-   * Scans for entries matching a key prefix with type safety.
-   *
-   * @template T - Expected type of the stored values
-   * @param adapter - Storage adapter to use
-   * @param prefix - Array of key segments to use as prefix filter
-   * @returns Async iterable of typed key-value pairs
-   *
-   * @example
-   * ```ts
-   * // Find all user sessions
-   * for await (const [key, session] of Storage.scan<UserSession>(adapter, ['sessions'])) {
-   *   // Session: `${key.join('/')} expires at ${session.expiresAt}`
-   * }
-   * ```
-   */
-  readonly scan: <T = Record<string, unknown>>(adapter: StorageAdapter, prefix: string[]) => AsyncIterable<readonly [string[], T]>;
-};
-//#endregion
-export { Storage, StorageAdapter, joinKey, splitKey };

package/dist/storage/storage.mjs

@@ -1,104 +0,0 @@
-//#region src/storage/storage.ts
-/**
-* ASCII unit separator character used to join key segments.
-* Using a control character ensures it won't conflict with user data.
-*/
-const SEPARATOR = String.fromCharCode(31);
-/**
-* Escape character used to escape SEPARATOR characters in key segments.
-* Uses backslash as the escape character, which is then itself escaped when appearing.
-*/
-const ESCAPE = "\\";
-/**
-* Joins an array of key segments into a single string using the separator.
-* Segments are properly escaped to handle any input, including separators and escape characters.
-*
-* @param key - Array of key segments to join
-* @returns Single string representing the full key path
-*
-* @example
-* ```ts
-* joinKey(['user', 'data\x1fwith\x1fseparators'])
-* // Returns: "user\x1fdata\\x1fwith\\x1fseparators"
-* ```
-*/
-const joinKey = (key) => {
-	return key.join(SEPARATOR);
-};
-/**
-* Splits a joined key string back into its component segments.
-* Handles escaped characters properly.
-*
-* @param key - Joined key string to split
-* @returns Array of individual key segments
-*
-* @example
-* ```ts
-* splitKey("user\x1fdata\\x1fwith\\x1fseparators")
-* // Returns: ['user', 'data\x1fwith\x1fseparators']
-* ```
-*/
-const splitKey = (key) => {
-	return key.split(SEPARATOR);
-};
-/**
-* Encodes a single key segment by escaping special characters.
-* Prevents collisions by properly escaping separator and escape characters.
-*
-* @param segment - The key segment to encode
-* @returns Encoded segment with special characters escaped
-* @throws {Error} If segment is empty or whitespace-only
-*
-* @internal
-*/
-const encodeSegment = (segment) => {
-	if (!segment || !segment.trim()) throw new Error(`Storage key segment cannot be empty or whitespace-only: "${segment}"`);
-	return segment.replaceAll(ESCAPE, ESCAPE + ESCAPE).replaceAll(SEPARATOR, ESCAPE + SEPARATOR);
-};
-/**
-* Decodes a key segment by unescaping special characters.
-* Reverse of encodeSegment operation.
-*
-* @param segment - The encoded segment to decode
-* @returns Decoded segment with special characters restored
-*
-* @internal
-*/
-const decodeSegment = (segment) => {
-	return segment.replaceAll(ESCAPE + SEPARATOR, SEPARATOR).replaceAll(ESCAPE + ESCAPE, ESCAPE);
-};
-/**
-* High-level storage operations with key encoding and type safety.
-* Provides a convenient interface over storage adapters with additional features
-* like TTL validation and secure key encoding to prevent collisions.
-*/
-const Storage = {
-	encode: (key) => {
-		return key.map(encodeSegment);
-	},
-	decode: (key) => {
-		return key.map(decodeSegment);
-	},
-	get: (adapter, key) => {
-		return adapter.get(Storage.encode(key));
-	},
-	set: (adapter, key, value, ttlSeconds) => {
-		if (ttlSeconds !== void 0 && ttlSeconds !== null) {
-			if (!Number.isInteger(ttlSeconds)) throw new RangeError(`Storage TTL must be an integer in seconds, received ${typeof ttlSeconds}`);
-			if (ttlSeconds <= 0) throw new RangeError(`Storage TTL must be positive, received ${ttlSeconds}`);
-			const maxTtlSeconds = 3600 * 24 * 365 * 10;
-			if (ttlSeconds > maxTtlSeconds) throw new RangeError(`Storage TTL exceeds maximum (${maxTtlSeconds}s = 10 years), received ${ttlSeconds}s`);
-		}
-		const expiry = ttlSeconds ? new Date(Date.now() + ttlSeconds * 1e3) : void 0;
-		return adapter.set(Storage.encode(key), value, expiry);
-	},
-	remove: (adapter, key) => {
-		return adapter.remove(Storage.encode(key));
-	},
-	scan: (adapter, prefix) => {
-		return adapter.scan(Storage.encode(prefix));
-	}
-};
-
-//#endregion
-export { Storage, joinKey, splitKey };