@enterprisestandard/core 0.0.16 → 0.0.17-beta.20260423.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.d.ts +4 -1
  2. package/dist/index.js +1 -1
  3. package/package.json +3 -3
package/dist/index.d.ts CHANGED
@@ -2134,6 +2134,7 @@ type TenantConfigEnv = {
2134
2134
  ES_AZURE_FEDERATED_TOKEN_FILE?: string;
2135
2135
  ES_AZURE_MANAGED_IDENTITY_CLIENT_ID?: string;
2136
2136
  ES_AZURE_IMDS_API_VERSION?: string;
2137
+ ES_AZURE_PATH?: string;
2137
2138
  ES_AZURE_VAULT_URL?: string;
2138
2139
  ES_AZURE_VAULT_NAME?: string;
2139
2140
  ES_AZURE_TTL?: string;
@@ -2146,7 +2147,9 @@ type TenantSecretsConfig = (VaultSecretsConfig & {
2146
2147
  retryInterval?: number;
2147
2148
  }) | (AwsSecretsConfig & {
2148
2149
  ttl?: number;
2149
- }) | AzureSecretsConfig | (GcpSecretsConfig & {
2150
+ }) | (AzureSecretsConfig & {
2151
+ path?: string;
2152
+ }) | (GcpSecretsConfig & {
2150
2153
  ttl?: number;
2151
2154
  });
2152
2155
  type TenantStoredConfigLocator = {
package/dist/index.js CHANGED
@@ -1 +1 @@
1
- import{J as U,a as Dx,b as Gx,c as Yx,d as Rx,e as Bx,f as Hx,g as Nx,h as _x,i as Kx,j as wx,k as zx,l as qx,m as Wx,n as cx,o as yx,p as Cx,q as Fx,r as Mx,u as Vx,v as Ux,w as kx,x as Tx,y as Ex}from"./shared/core-wpy88bze.js";var p="0.0.16";var m=["sessionStore","userStore","groupStore","tokenStore","magicLinkStore"];function M(x){if(x===null||typeof x!=="object")return x;let f={};for(let[J,$]of Object.entries(x)){if(m.includes(J)||J==="validators"||J==="setStores")continue;f[J]=$!==null&&typeof $==="object"&&!Array.isArray($)&&Object.getPrototypeOf($)===Object.prototype?M($):$}return f}function h(x){return M(x)}function K(x,f,J,$){let A=f.length,Q=$??x,L=Q>0?Math.floor(J/Q)+1:1,X=Q>0?Math.ceil(x/Q):0;return{total:x,count:A,items:f,size:Q,page:L,pages:X}}class q extends Error{constructor(x,f){super(x,f);this.name="TenantRequestError",Object.setPrototypeOf(this,q.prototype)}}class R extends Error{userId;tenantIds;constructor(x,f,J){super(`Multiple tenants found for user id "${x}"`,J);this.name="MultipleTenantsForUserError",this.userId=x,this.tenantIds=f,Object.setPrototypeOf(this,R.prototype)}}class W{async findTenantByUser(x){let f=await this.findTenantsByUser(x),J=z(x);if(f.length>1)throw new R(J,f.map(($)=>$.tenantId));return f[0]}}var w=Number.POSITIVE_INFINITY;class N extends W{ttl;createEs;tenantEsMap=new Map;constructor(x){super();this.ttl=b(x.ttl),this.createEs=x.createEs}async registerUserTenantId(x,f){let J=x.trim();if(!J||f==null)return;await this.registerUserToTenant(J,f)}async registerUserToTenant(x,f){}prepareTenantForCreateEs(x){if(typeof x.config==="function")return x;if(x.configSource==null)throw Error(`Tenant "${x.tenantId}" is missing required configSource`);return U({...x,configSource:x.configSource})}invalidateTenantEsCache(x){this.tenantEsMap.delete(x)}async getEs(x){let f=await this.get(x);if(!f)return;if(!this.createEs)throw Error(`${this.constructor.name} requires options.createEs to use getEs()`);let J=this.prepareTenantForCreateEs(f);if(this.ttl===0)return this.createEs(J);let $=Date.now(),A=this.tenantEsMap.get(x);if(A&&A.expiresAt>$)return A.es;if(A)this.tenantEsMap.delete(x);let Q=this.createEs(J);return this.tenantEsMap.set(x,{es:Q,expiresAt:v($,this.ttl)}),Q}getCachedTenantIds(){if(this.ttl===0)return[];let x=Date.now();for(let[f,J]of this.tenantEsMap.entries())if(J.expiresAt<=x)this.tenantEsMap.delete(f);return Array.from(this.tenantEsMap.keys())}}class c extends N{async findTenantsByUser(x){let f=await this.findTenantByUser(x);return f?[f]:[]}}class y extends N{}class C{tenants=new Map;userTenantIds=new Map;invalidateTenantEsCache;constructor(x){this.invalidateTenantEsCache=x}async get(x){return this.tenants.get(x)}async list(x){let f=Array.from(this.tenants.values()),J=Math.max(0,x?.start??0),$=x?.limit,A=x?.sort;if(A?.length)f=[...f].sort((D,Y)=>{for(let{field:G,direction:O}of A){let g=D[G],S=Y[G],_=I(g,S);if(_!==0)return O==="desc"?-_:_}return 0});let Q=f.length,L=$!=null?J+$:void 0,X=f.slice(J,L);return K(Q,X,J,$)}async upsert(x){let f=x;return this.tenants.set(f.tenantId,f),this.invalidateTenantEsCache(f.tenantId),f}async delete(x){let f=this.tenants.has(x);return this.invalidateTenantEsCache(x),this.tenants.delete(x),f?1:0}async registerUserTenantId(x,f){if(!x)return;let J=V(f),$=this.userTenantIds.get(x);if($){$.add(J);return}this.userTenantIds.set(x,new Set([J]))}async registerUserToTenant(x,f){await this.registerUserTenantId(x,f)}async registerSingleUserTenantId(x,f){if(!x)return;let J=V(f);this.userTenantIds.set(x,new Set([J]))}async findSingleTenantByUser(x){let f=z(x),J=await this.resolveTenantsByUserId(f);if(J.length>1)throw new R(f,J.map(($)=>$.tenantId));return J[0]}async findMultipleTenantsByUser(x){let f=z(x);return this.resolveTenantsByUserId(f)}async resolveTenantsByUserId(x){let f=this.userTenantIds.get(x);if(!f||f.size===0)return[];let J=f.has(null),$=Array.from(f).filter((L)=>L!=null);if($.length===0)return[];let A=await Promise.all($.map(async(L)=>({tenantId:L,tenant:await this.get(L)}))),Q=A.filter((L)=>L.tenant!=null).map((L)=>L.tenantId);if(Q.length===0){if(J)this.userTenantIds.set(x,new Set([null]));else this.userTenantIds.delete(x);return[]}if(Q.length!==$.length){let L=J?[null,...Q]:Q;this.userTenantIds.set(x,new Set(L))}return A.map((L)=>L.tenant).filter((L)=>L!=null)}}class k extends c{store;constructor(x={}){super(x);this.store=new C((f)=>this.invalidateTenantEsCache(f))}async get(x){return this.store.get(x)}async list(x){return this.store.list(x)}async upsert(x){return this.store.upsert(x)}async delete(x){return this.store.delete(x)}async registerUserTenantId(x,f){await this.store.registerSingleUserTenantId(x,f)}async findTenantByUser(x){return this.store.findSingleTenantByUser(x)}}class T extends y{store;constructor(x={}){super(x);this.store=new C((f)=>this.invalidateTenantEsCache(f))}async get(x){return this.store.get(x)}async list(x){return this.store.list(x)}async upsert(x){return this.store.upsert(x)}async delete(x){return this.store.delete(x)}async registerUserTenantId(x,f){return this.store.registerUserTenantId(x,f)}async findTenantsByUser(x){return this.store.findMultipleTenantsByUser(x)}}function I(x,f){let J=x===void 0||x===null,$=f===void 0||f===null;if(J&&$)return 0;if(J)return 1;if($)return-1;if(x instanceof Date&&f instanceof Date)return x.getTime()-f.getTime();let A=String(x),Q=String(f);return A.localeCompare(Q)}function z(x){let f=x.id?.trim();if(!f)throw Error("Tenant lookup requires user.id");return f}function V(x){if(typeof x!=="string")return null;return x.trim()||null}function b(x){if(x===void 0)return w;if(x<=0)return x===0?0:w;return x}function v(x,f){if(!Number.isFinite(f))return w;return x+f}function o(x,f,J){return(async()=>{try{let $=await fetch(x,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(f)});if(!$.ok)J.error(`Failed to send webhook update: ${$.status} ${$.statusText}`)}catch($){J.error("Failed to send webhook update:",$)}})()}async function d(x,f,J){return o(x,f,J)}var n={beforeTenantSegments:["ui"]},r={beforeTenantSegments:["api"]};function E(x){return{segments:F(x?.segments)}}function F(x){return(x??[]).map((f)=>f.trim()).filter(Boolean)}function l(x){let f=x.trim();if(!f)return"/";let J=f.replace(/\\/g,"/").replace(/\/+/g,"/");return J.startsWith("/")?J:`/${J}`}function j(x){return l(x).split("/").filter(Boolean)}function B(x){return{beforeTenantSegments:F(x?.beforeTenantSegments),afterTenantSegments:F(x?.afterTenantSegments)}}function i(x){if(!x||x.type===void 0||x.type==="path"){let J=x;return{type:"path",ui:B(J?.ui),api:B(J?.api)}}let f=x;return{...f,ui:E(f.ui),api:E(f.api)}}function u(x,f){let J=B(f),$=J.beforeTenantSegments??[],A=J.afterTenantSegments??[],Q=j(x),L=$.length+1+A.length;if(Q.length<L)return null;for(let G=0;G<$.length;G++)if(Q[G]!==$[G])return null;let X=$.length,D=Q[X];if(!D)return null;for(let G=0;G<A.length;G++)if(Q[X+1+G]!==A[G])return null;let Y=Q.slice(X+1+A.length);return{tenantId:decodeURIComponent(D),restSegments:Y,restPath:Y.length>0?`/${Y.join("/")}`:"/"}}function t(x,f="/",J){let $=B(J),A=$.beforeTenantSegments??[],Q=$.afterTenantSegments??[],L=j(f),X=[...A,encodeURIComponent(x),...Q,...L];return X.length>0?`/${X.join("/")}`:"/"}function Z(x,f,J,$,A){if(x===void 0||x===null){if(J)$.push({message:`${f} is required`,path:A});return}if(typeof x!=="string"){$.push({message:`${f} must be a string`,path:A});return}return x}function H(x,f,J,$){if(x===void 0||x===null)return;if(typeof x!=="boolean"){J.push({message:`${f} must be a boolean`,path:$});return}return x}function a(x,f,J){if(x===void 0||x===null)return;if(typeof x!=="object"||x===null){f.push({message:"name must be an object",path:J});return}let $=x,A={};return A.formatted=Z($.formatted,"formatted",!1,f,[...J,"formatted"]),A.familyName=Z($.familyName,"familyName",!1,f,[...J,"familyName"]),A.givenName=Z($.givenName,"givenName",!1,f,[...J,"givenName"]),A.middleName=Z($.middleName,"middleName",!1,f,[...J,"middleName"]),A.honorificPrefix=Z($.honorificPrefix,"honorificPrefix",!1,f,[...J,"honorificPrefix"]),A.honorificSuffix=Z($.honorificSuffix,"honorificSuffix",!1,f,[...J,"honorificSuffix"]),A}function s(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"emails must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"email must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function e(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"phoneNumbers must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"phoneNumber must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function xx(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"addresses must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"address must be an object",path:L});continue}let X=Q;$.push({formatted:Z(X.formatted,"formatted",!1,f,[...L,"formatted"]),streetAddress:Z(X.streetAddress,"streetAddress",!1,f,[...L,"streetAddress"]),locality:Z(X.locality,"locality",!1,f,[...L,"locality"]),region:Z(X.region,"region",!1,f,[...L,"region"]),postalCode:Z(X.postalCode,"postalCode",!1,f,[...L,"postalCode"]),country:Z(X.country,"country",!1,f,[...L,"country"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function fx(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"groups must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"group must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,$ref:Z(X.$ref,"$ref",!1,f,[...L,"$ref"]),display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"])})}return $.length>0?$:void 0}function Jx(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"roles must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"role must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function $x(x,f,J){if(x===void 0||x===null)return;if(typeof x!=="object"||x===null){f.push({message:"Enterprise User extension must be an object",path:J});return}let $=x,A={};if(A.employeeNumber=Z($.employeeNumber,"employeeNumber",!1,f,[...J,"employeeNumber"]),A.costCenter=Z($.costCenter,"costCenter",!1,f,[...J,"costCenter"]),A.organization=Z($.organization,"organization",!1,f,[...J,"organization"]),A.division=Z($.division,"division",!1,f,[...J,"division"]),A.department=Z($.department,"department",!1,f,[...J,"department"]),$.manager!==void 0&&$.manager!==null)if(typeof $.manager!=="object"||$.manager===null)f.push({message:"manager must be an object",path:[...J,"manager"]});else{let Q=$.manager;A.manager={value:Z(Q.value,"value",!1,f,[...J,"manager","value"]),$ref:Z(Q.$ref,"$ref",!1,f,[...J,"manager","$ref"]),displayName:Z(Q.displayName,"displayName",!1,f,[...J,"manager","displayName"])}}return A}function Ax(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={},Q=Z(J.userName,"userName",!0,$,["userName"]);if(!Q)return{issues:$};A.userName=Q,A.id=Z(J.id,"id",!1,$,["id"]),A.externalId=Z(J.externalId,"externalId",!1,$,["externalId"]),A.displayName=Z(J.displayName,"displayName",!1,$,["displayName"]),A.nickName=Z(J.nickName,"nickName",!1,$,["nickName"]),A.profileUrl=Z(J.profileUrl,"profileUrl",!1,$,["profileUrl"]),A.title=Z(J.title,"title",!1,$,["title"]),A.userType=Z(J.userType,"userType",!1,$,["userType"]),A.preferredLanguage=Z(J.preferredLanguage,"preferredLanguage",!1,$,["preferredLanguage"]),A.locale=Z(J.locale,"locale",!1,$,["locale"]),A.timezone=Z(J.timezone,"timezone",!1,$,["timezone"]),A.password=Z(J.password,"password",!1,$,["password"]),A.active=H(J.active,"active",$,["active"]),A.name=a(J.name,$,["name"]),A.emails=s(J.emails,$,["emails"]),A.phoneNumbers=e(J.phoneNumbers,$,["phoneNumbers"]),A.addresses=xx(J.addresses,$,["addresses"]),A.groups=fx(J.groups,$,["groups"]),A.roles=Jx(J.roles,$,["roles"]);let L="urn:ietf:params:scim:schemas:extension:enterprise:2.0:User";if(J[L]!==void 0)A[L]=$x(J[L],$,[L]);if(J.schemas!==void 0)if(Array.isArray(J.schemas))A.schemas=J.schemas.filter((X)=>typeof X==="string");else $.push({message:"schemas must be an array",path:["schemas"]});if(J.meta!==void 0)if(typeof J.meta==="object"&&J.meta!==null){let X=J.meta;A.meta={resourceType:typeof X.resourceType==="string"?X.resourceType:void 0,created:typeof X.created==="string"?X.created:void 0,lastModified:typeof X.lastModified==="string"?X.lastModified:void 0,location:typeof X.location==="string"?X.location:void 0,version:typeof X.version==="string"?X.version:void 0}}else $.push({message:"meta must be an object",path:["meta"]});if($.length>0)return{issues:$};return{value:A}}}}}function Lx(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"members must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"member must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D){let Y=Z(X.type,"type",!1,f,[...L,"type"]);$.push({value:D,$ref:Z(X.$ref,"$ref",!1,f,[...L,"$ref"]),display:Z(X.display,"display",!1,f,[...L,"display"]),type:Y==="User"||Y==="Group"?Y:void 0})}}return $.length>0?$:void 0}function Qx(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={},Q=Z(J.displayName,"displayName",!0,$,["displayName"]);if(!Q)return{issues:$};if(A.displayName=Q,A.id=Z(J.id,"id",!1,$,["id"]),A.externalId=Z(J.externalId,"externalId",!1,$,["externalId"]),A.members=Lx(J.members,$,["members"]),J.schemas!==void 0)if(Array.isArray(J.schemas))A.schemas=J.schemas.filter((L)=>typeof L==="string");else $.push({message:"schemas must be an array",path:["schemas"]});if(J.meta!==void 0)if(typeof J.meta==="object"&&J.meta!==null){let L=J.meta;A.meta={resourceType:typeof L.resourceType==="string"?L.resourceType:void 0,created:typeof L.created==="string"?L.created:void 0,lastModified:typeof L.lastModified==="string"?L.lastModified:void 0,location:typeof L.location==="string"?L.location:void 0,version:typeof L.version==="string"?L.version:void 0}}else $.push({message:"meta must be an object",path:["meta"]});if($.length>0)return{issues:$};return{value:A}}}}}function Xx(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={...J},Q=["iss","sub"];for(let D of Q)if(D in J){if(typeof J[D]!=="string")$.push({message:`${D} must be a string`,path:[D]})}else $.push({message:`${D} is required`,path:[D]});if("aud"in J&&J.aud!==void 0){let D=J.aud;if(typeof D!=="string"&&!Array.isArray(D))$.push({message:"aud must be a string or array of strings",path:["aud"]});else if(Array.isArray(D)&&!D.every((Y)=>typeof Y==="string"))$.push({message:"aud array must contain only strings",path:["aud"]})}let L=["jti","scope"];for(let D of L)if(D in J&&J[D]!==void 0){if(typeof J[D]!=="string")$.push({message:`${D} must be a string`,path:[D]})}let X=["exp","iat"];for(let D of X)if(D in J){if(typeof J[D]!=="number")$.push({message:`${D} must be a number`,path:[D]})}else $.push({message:`${D} is required`,path:[D]});if($.length>0)return{issues:$};return{value:A}}}}}function Zx(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={};if("access_token"in J)if(typeof J.access_token==="string")A.access_token=J.access_token;else $.push({message:"access_token must be a string",path:["access_token"]});else $.push({message:"access_token is required",path:["access_token"]});if("token_type"in J)if(typeof J.token_type==="string")A.token_type=J.token_type;else $.push({message:"token_type must be a string",path:["token_type"]});else $.push({message:"token_type is required",path:["token_type"]});if("scope"in J)if(typeof J.scope==="string"||J.scope===void 0)A.scope=J.scope;else $.push({message:"scope must be a string",path:["scope"]});if("refresh_token"in J)if(typeof J.refresh_token==="string"||J.refresh_token===void 0)A.refresh_token=J.refresh_token;else $.push({message:"refresh_token must be a string",path:["refresh_token"]});if("expires"in J)if(typeof J.expires==="string"||J.expires===void 0)A.expires=J.expires;else $.push({message:"expires must be a string",path:["expires"]});if("expires_in"in J)if(typeof J.expires_in==="number"||J.expires_in===void 0)A.expires_in=J.expires_in;else $.push({message:"expires_in must be a number",path:["expires_in"]});if($.length>0)return{issues:$};return{value:A}}}}}export{Zx as workloadTokenResponseSchema,Rx as withValidate,zx as waitOn,p as version,Hx as validationFailureResponse,Ax as userSchema,Gx as tokenResponseSchema,_x as stripJsonComments,yx as silentLogger,Ux as setActiveSession,h as serializeESConfig,d as sendTenantWebhook,Kx as parseJsonc,Dx as oidcCallbackSchema,i as normalizeTenantRoutingStrategy,B as normalizeTenantPathNamespace,Bx as must,Nx as mergeConfig,u as matchTenantPath,Tx as listSsoClientIdsFromCookies,K as list,Xx as jwtAssertionClaimsSchema,Cx as infoLogger,Yx as idTokenClaimsSchema,Qx as groupResourceSchema,Vx as getActiveSession,Ex as findTenantFromStateParam,cx as defaultLogger,wx as deepEqualPlain,Wx as decodeUser,Fx as debugLogger,Mx as consoleLogger,kx as clearActiveSession,qx as claimsToUser,t as buildTenantPath,N as TenantStoreWithEsCache,W as TenantStore,q as TenantRequestError,c as SingleTenantStore,R as MultipleTenantsForUserError,y as MultiTenantStore,k as InMemorySingleTenantStore,T as InMemoryMultiTenantStore,n as DEFAULT_TENANT_UI_NAMESPACE,r as DEFAULT_TENANT_API_NAMESPACE};
1
+ import{J as U,a as D0,b as G0,c as Y0,d as R0,e as B0,f as H0,g as N0,h as _0,i as K0,j as w0,k as z0,l as q0,m as W0,n as c0,o as y0,p as C0,q as F0,r as M0,u as V0,v as U0,w as k0,x as T0,y as E0}from"./shared/core-wpy88bze.js";var p="0.0.17-beta.20260423.1";var m=["sessionStore","userStore","groupStore","tokenStore","magicLinkStore"];function M(x){if(x===null||typeof x!=="object")return x;let f={};for(let[J,$]of Object.entries(x)){if(m.includes(J)||J==="validators"||J==="setStores")continue;f[J]=$!==null&&typeof $==="object"&&!Array.isArray($)&&Object.getPrototypeOf($)===Object.prototype?M($):$}return f}function h(x){return M(x)}function K(x,f,J,$){let A=f.length,Q=$??x,L=Q>0?Math.floor(J/Q)+1:1,X=Q>0?Math.ceil(x/Q):0;return{total:x,count:A,items:f,size:Q,page:L,pages:X}}class q extends Error{constructor(x,f){super(x,f);this.name="TenantRequestError",Object.setPrototypeOf(this,q.prototype)}}class R extends Error{userId;tenantIds;constructor(x,f,J){super(`Multiple tenants found for user id "${x}"`,J);this.name="MultipleTenantsForUserError",this.userId=x,this.tenantIds=f,Object.setPrototypeOf(this,R.prototype)}}class W{async findTenantByUser(x){let f=await this.findTenantsByUser(x),J=z(x);if(f.length>1)throw new R(J,f.map(($)=>$.tenantId));return f[0]}}var w=Number.POSITIVE_INFINITY;class N extends W{ttl;createEs;tenantEsMap=new Map;constructor(x){super();this.ttl=b(x.ttl),this.createEs=x.createEs}async registerUserTenantId(x,f){let J=x.trim();if(!J||f==null)return;await this.registerUserToTenant(J,f)}async registerUserToTenant(x,f){}prepareTenantForCreateEs(x){if(typeof x.config==="function")return x;if(x.configSource==null)throw Error(`Tenant "${x.tenantId}" is missing required configSource`);return U({...x,configSource:x.configSource})}invalidateTenantEsCache(x){this.tenantEsMap.delete(x)}async getEs(x){let f=await this.get(x);if(!f)return;if(!this.createEs)throw Error(`${this.constructor.name} requires options.createEs to use getEs()`);let J=this.prepareTenantForCreateEs(f);if(this.ttl===0)return this.createEs(J);let $=Date.now(),A=this.tenantEsMap.get(x);if(A&&A.expiresAt>$)return A.es;if(A)this.tenantEsMap.delete(x);let Q=this.createEs(J);return this.tenantEsMap.set(x,{es:Q,expiresAt:v($,this.ttl)}),Q}getCachedTenantIds(){if(this.ttl===0)return[];let x=Date.now();for(let[f,J]of this.tenantEsMap.entries())if(J.expiresAt<=x)this.tenantEsMap.delete(f);return Array.from(this.tenantEsMap.keys())}}class c extends N{async findTenantsByUser(x){let f=await this.findTenantByUser(x);return f?[f]:[]}}class y extends N{}class C{tenants=new Map;userTenantIds=new Map;invalidateTenantEsCache;constructor(x){this.invalidateTenantEsCache=x}async get(x){return this.tenants.get(x)}async list(x){let f=Array.from(this.tenants.values()),J=Math.max(0,x?.start??0),$=x?.limit,A=x?.sort;if(A?.length)f=[...f].sort((D,Y)=>{for(let{field:G,direction:O}of A){let g=D[G],S=Y[G],_=I(g,S);if(_!==0)return O==="desc"?-_:_}return 0});let Q=f.length,L=$!=null?J+$:void 0,X=f.slice(J,L);return K(Q,X,J,$)}async upsert(x){let f=x;return this.tenants.set(f.tenantId,f),this.invalidateTenantEsCache(f.tenantId),f}async delete(x){let f=this.tenants.has(x);return this.invalidateTenantEsCache(x),this.tenants.delete(x),f?1:0}async registerUserTenantId(x,f){if(!x)return;let J=V(f),$=this.userTenantIds.get(x);if($){$.add(J);return}this.userTenantIds.set(x,new Set([J]))}async registerUserToTenant(x,f){await this.registerUserTenantId(x,f)}async registerSingleUserTenantId(x,f){if(!x)return;let J=V(f);this.userTenantIds.set(x,new Set([J]))}async findSingleTenantByUser(x){let f=z(x),J=await this.resolveTenantsByUserId(f);if(J.length>1)throw new R(f,J.map(($)=>$.tenantId));return J[0]}async findMultipleTenantsByUser(x){let f=z(x);return this.resolveTenantsByUserId(f)}async resolveTenantsByUserId(x){let f=this.userTenantIds.get(x);if(!f||f.size===0)return[];let J=f.has(null),$=Array.from(f).filter((L)=>L!=null);if($.length===0)return[];let A=await Promise.all($.map(async(L)=>({tenantId:L,tenant:await this.get(L)}))),Q=A.filter((L)=>L.tenant!=null).map((L)=>L.tenantId);if(Q.length===0){if(J)this.userTenantIds.set(x,new Set([null]));else this.userTenantIds.delete(x);return[]}if(Q.length!==$.length){let L=J?[null,...Q]:Q;this.userTenantIds.set(x,new Set(L))}return A.map((L)=>L.tenant).filter((L)=>L!=null)}}class k extends c{store;constructor(x={}){super(x);this.store=new C((f)=>this.invalidateTenantEsCache(f))}async get(x){return this.store.get(x)}async list(x){return this.store.list(x)}async upsert(x){return this.store.upsert(x)}async delete(x){return this.store.delete(x)}async registerUserTenantId(x,f){await this.store.registerSingleUserTenantId(x,f)}async findTenantByUser(x){return this.store.findSingleTenantByUser(x)}}class T extends y{store;constructor(x={}){super(x);this.store=new C((f)=>this.invalidateTenantEsCache(f))}async get(x){return this.store.get(x)}async list(x){return this.store.list(x)}async upsert(x){return this.store.upsert(x)}async delete(x){return this.store.delete(x)}async registerUserTenantId(x,f){return this.store.registerUserTenantId(x,f)}async findTenantsByUser(x){return this.store.findMultipleTenantsByUser(x)}}function I(x,f){let J=x===void 0||x===null,$=f===void 0||f===null;if(J&&$)return 0;if(J)return 1;if($)return-1;if(x instanceof Date&&f instanceof Date)return x.getTime()-f.getTime();let A=String(x),Q=String(f);return A.localeCompare(Q)}function z(x){let f=x.id?.trim();if(!f)throw Error("Tenant lookup requires user.id");return f}function V(x){if(typeof x!=="string")return null;return x.trim()||null}function b(x){if(x===void 0)return w;if(x<=0)return x===0?0:w;return x}function v(x,f){if(!Number.isFinite(f))return w;return x+f}function o(x,f,J){return(async()=>{try{let $=await fetch(x,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(f)});if(!$.ok)J.error(`Failed to send webhook update: ${$.status} ${$.statusText}`)}catch($){J.error("Failed to send webhook update:",$)}})()}async function d(x,f,J){return o(x,f,J)}var n={beforeTenantSegments:["ui"]},r={beforeTenantSegments:["api"]};function E(x){return{segments:F(x?.segments)}}function F(x){return(x??[]).map((f)=>f.trim()).filter(Boolean)}function l(x){let f=x.trim();if(!f)return"/";let J=f.replace(/\\/g,"/").replace(/\/+/g,"/");return J.startsWith("/")?J:`/${J}`}function j(x){return l(x).split("/").filter(Boolean)}function B(x){return{beforeTenantSegments:F(x?.beforeTenantSegments),afterTenantSegments:F(x?.afterTenantSegments)}}function i(x){if(!x||x.type===void 0||x.type==="path"){let J=x;return{type:"path",ui:B(J?.ui),api:B(J?.api)}}let f=x;return{...f,ui:E(f.ui),api:E(f.api)}}function u(x,f){let J=B(f),$=J.beforeTenantSegments??[],A=J.afterTenantSegments??[],Q=j(x),L=$.length+1+A.length;if(Q.length<L)return null;for(let G=0;G<$.length;G++)if(Q[G]!==$[G])return null;let X=$.length,D=Q[X];if(!D)return null;for(let G=0;G<A.length;G++)if(Q[X+1+G]!==A[G])return null;let Y=Q.slice(X+1+A.length);return{tenantId:decodeURIComponent(D),restSegments:Y,restPath:Y.length>0?`/${Y.join("/")}`:"/"}}function t(x,f="/",J){let $=B(J),A=$.beforeTenantSegments??[],Q=$.afterTenantSegments??[],L=j(f),X=[...A,encodeURIComponent(x),...Q,...L];return X.length>0?`/${X.join("/")}`:"/"}function Z(x,f,J,$,A){if(x===void 0||x===null){if(J)$.push({message:`${f} is required`,path:A});return}if(typeof x!=="string"){$.push({message:`${f} must be a string`,path:A});return}return x}function H(x,f,J,$){if(x===void 0||x===null)return;if(typeof x!=="boolean"){J.push({message:`${f} must be a boolean`,path:$});return}return x}function a(x,f,J){if(x===void 0||x===null)return;if(typeof x!=="object"||x===null){f.push({message:"name must be an object",path:J});return}let $=x,A={};return A.formatted=Z($.formatted,"formatted",!1,f,[...J,"formatted"]),A.familyName=Z($.familyName,"familyName",!1,f,[...J,"familyName"]),A.givenName=Z($.givenName,"givenName",!1,f,[...J,"givenName"]),A.middleName=Z($.middleName,"middleName",!1,f,[...J,"middleName"]),A.honorificPrefix=Z($.honorificPrefix,"honorificPrefix",!1,f,[...J,"honorificPrefix"]),A.honorificSuffix=Z($.honorificSuffix,"honorificSuffix",!1,f,[...J,"honorificSuffix"]),A}function s(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"emails must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"email must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function e(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"phoneNumbers must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"phoneNumber must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function x0(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"addresses must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"address must be an object",path:L});continue}let X=Q;$.push({formatted:Z(X.formatted,"formatted",!1,f,[...L,"formatted"]),streetAddress:Z(X.streetAddress,"streetAddress",!1,f,[...L,"streetAddress"]),locality:Z(X.locality,"locality",!1,f,[...L,"locality"]),region:Z(X.region,"region",!1,f,[...L,"region"]),postalCode:Z(X.postalCode,"postalCode",!1,f,[...L,"postalCode"]),country:Z(X.country,"country",!1,f,[...L,"country"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function f0(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"groups must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"group must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,$ref:Z(X.$ref,"$ref",!1,f,[...L,"$ref"]),display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"])})}return $.length>0?$:void 0}function J0(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"roles must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"role must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D)$.push({value:D,display:Z(X.display,"display",!1,f,[...L,"display"]),type:Z(X.type,"type",!1,f,[...L,"type"]),primary:H(X.primary,"primary",f,[...L,"primary"])})}return $.length>0?$:void 0}function $0(x,f,J){if(x===void 0||x===null)return;if(typeof x!=="object"||x===null){f.push({message:"Enterprise User extension must be an object",path:J});return}let $=x,A={};if(A.employeeNumber=Z($.employeeNumber,"employeeNumber",!1,f,[...J,"employeeNumber"]),A.costCenter=Z($.costCenter,"costCenter",!1,f,[...J,"costCenter"]),A.organization=Z($.organization,"organization",!1,f,[...J,"organization"]),A.division=Z($.division,"division",!1,f,[...J,"division"]),A.department=Z($.department,"department",!1,f,[...J,"department"]),$.manager!==void 0&&$.manager!==null)if(typeof $.manager!=="object"||$.manager===null)f.push({message:"manager must be an object",path:[...J,"manager"]});else{let Q=$.manager;A.manager={value:Z(Q.value,"value",!1,f,[...J,"manager","value"]),$ref:Z(Q.$ref,"$ref",!1,f,[...J,"manager","$ref"]),displayName:Z(Q.displayName,"displayName",!1,f,[...J,"manager","displayName"])}}return A}function A0(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={},Q=Z(J.userName,"userName",!0,$,["userName"]);if(!Q)return{issues:$};A.userName=Q,A.id=Z(J.id,"id",!1,$,["id"]),A.externalId=Z(J.externalId,"externalId",!1,$,["externalId"]),A.displayName=Z(J.displayName,"displayName",!1,$,["displayName"]),A.nickName=Z(J.nickName,"nickName",!1,$,["nickName"]),A.profileUrl=Z(J.profileUrl,"profileUrl",!1,$,["profileUrl"]),A.title=Z(J.title,"title",!1,$,["title"]),A.userType=Z(J.userType,"userType",!1,$,["userType"]),A.preferredLanguage=Z(J.preferredLanguage,"preferredLanguage",!1,$,["preferredLanguage"]),A.locale=Z(J.locale,"locale",!1,$,["locale"]),A.timezone=Z(J.timezone,"timezone",!1,$,["timezone"]),A.password=Z(J.password,"password",!1,$,["password"]),A.active=H(J.active,"active",$,["active"]),A.name=a(J.name,$,["name"]),A.emails=s(J.emails,$,["emails"]),A.phoneNumbers=e(J.phoneNumbers,$,["phoneNumbers"]),A.addresses=x0(J.addresses,$,["addresses"]),A.groups=f0(J.groups,$,["groups"]),A.roles=J0(J.roles,$,["roles"]);let L="urn:ietf:params:scim:schemas:extension:enterprise:2.0:User";if(J[L]!==void 0)A[L]=$0(J[L],$,[L]);if(J.schemas!==void 0)if(Array.isArray(J.schemas))A.schemas=J.schemas.filter((X)=>typeof X==="string");else $.push({message:"schemas must be an array",path:["schemas"]});if(J.meta!==void 0)if(typeof J.meta==="object"&&J.meta!==null){let X=J.meta;A.meta={resourceType:typeof X.resourceType==="string"?X.resourceType:void 0,created:typeof X.created==="string"?X.created:void 0,lastModified:typeof X.lastModified==="string"?X.lastModified:void 0,location:typeof X.location==="string"?X.location:void 0,version:typeof X.version==="string"?X.version:void 0}}else $.push({message:"meta must be an object",path:["meta"]});if($.length>0)return{issues:$};return{value:A}}}}}function L0(x,f,J){if(x===void 0||x===null)return;if(!Array.isArray(x)){f.push({message:"members must be an array",path:J});return}let $=[];for(let A=0;A<x.length;A++){let Q=x[A],L=[...J,A];if(typeof Q!=="object"||Q===null){f.push({message:"member must be an object",path:L});continue}let X=Q,D=Z(X.value,"value",!0,f,[...L,"value"]);if(D){let Y=Z(X.type,"type",!1,f,[...L,"type"]);$.push({value:D,$ref:Z(X.$ref,"$ref",!1,f,[...L,"$ref"]),display:Z(X.display,"display",!1,f,[...L,"display"]),type:Y==="User"||Y==="Group"?Y:void 0})}}return $.length>0?$:void 0}function Q0(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={},Q=Z(J.displayName,"displayName",!0,$,["displayName"]);if(!Q)return{issues:$};if(A.displayName=Q,A.id=Z(J.id,"id",!1,$,["id"]),A.externalId=Z(J.externalId,"externalId",!1,$,["externalId"]),A.members=L0(J.members,$,["members"]),J.schemas!==void 0)if(Array.isArray(J.schemas))A.schemas=J.schemas.filter((L)=>typeof L==="string");else $.push({message:"schemas must be an array",path:["schemas"]});if(J.meta!==void 0)if(typeof J.meta==="object"&&J.meta!==null){let L=J.meta;A.meta={resourceType:typeof L.resourceType==="string"?L.resourceType:void 0,created:typeof L.created==="string"?L.created:void 0,lastModified:typeof L.lastModified==="string"?L.lastModified:void 0,location:typeof L.location==="string"?L.location:void 0,version:typeof L.version==="string"?L.version:void 0}}else $.push({message:"meta must be an object",path:["meta"]});if($.length>0)return{issues:$};return{value:A}}}}}function X0(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={...J},Q=["iss","sub"];for(let D of Q)if(D in J){if(typeof J[D]!=="string")$.push({message:`${D} must be a string`,path:[D]})}else $.push({message:`${D} is required`,path:[D]});if("aud"in J&&J.aud!==void 0){let D=J.aud;if(typeof D!=="string"&&!Array.isArray(D))$.push({message:"aud must be a string or array of strings",path:["aud"]});else if(Array.isArray(D)&&!D.every((Y)=>typeof Y==="string"))$.push({message:"aud array must contain only strings",path:["aud"]})}let L=["jti","scope"];for(let D of L)if(D in J&&J[D]!==void 0){if(typeof J[D]!=="string")$.push({message:`${D} must be a string`,path:[D]})}let X=["exp","iat"];for(let D of X)if(D in J){if(typeof J[D]!=="number")$.push({message:`${D} must be a number`,path:[D]})}else $.push({message:`${D} is required`,path:[D]});if($.length>0)return{issues:$};return{value:A}}}}}function Z0(x){return{"~standard":{version:1,vendor:x,validate:(f)=>{if(typeof f!=="object"||f===null)return{issues:[{message:"Expected an object"}]};let J=f,$=[],A={};if("access_token"in J)if(typeof J.access_token==="string")A.access_token=J.access_token;else $.push({message:"access_token must be a string",path:["access_token"]});else $.push({message:"access_token is required",path:["access_token"]});if("token_type"in J)if(typeof J.token_type==="string")A.token_type=J.token_type;else $.push({message:"token_type must be a string",path:["token_type"]});else $.push({message:"token_type is required",path:["token_type"]});if("scope"in J)if(typeof J.scope==="string"||J.scope===void 0)A.scope=J.scope;else $.push({message:"scope must be a string",path:["scope"]});if("refresh_token"in J)if(typeof J.refresh_token==="string"||J.refresh_token===void 0)A.refresh_token=J.refresh_token;else $.push({message:"refresh_token must be a string",path:["refresh_token"]});if("expires"in J)if(typeof J.expires==="string"||J.expires===void 0)A.expires=J.expires;else $.push({message:"expires must be a string",path:["expires"]});if("expires_in"in J)if(typeof J.expires_in==="number"||J.expires_in===void 0)A.expires_in=J.expires_in;else $.push({message:"expires_in must be a number",path:["expires_in"]});if($.length>0)return{issues:$};return{value:A}}}}}export{Z0 as workloadTokenResponseSchema,R0 as withValidate,z0 as waitOn,p as version,H0 as validationFailureResponse,A0 as userSchema,G0 as tokenResponseSchema,_0 as stripJsonComments,y0 as silentLogger,U0 as setActiveSession,h as serializeESConfig,d as sendTenantWebhook,K0 as parseJsonc,D0 as oidcCallbackSchema,i as normalizeTenantRoutingStrategy,B as normalizeTenantPathNamespace,B0 as must,N0 as mergeConfig,u as matchTenantPath,T0 as listSsoClientIdsFromCookies,K as list,X0 as jwtAssertionClaimsSchema,C0 as infoLogger,Y0 as idTokenClaimsSchema,Q0 as groupResourceSchema,V0 as getActiveSession,E0 as findTenantFromStateParam,c0 as defaultLogger,w0 as deepEqualPlain,W0 as decodeUser,F0 as debugLogger,M0 as consoleLogger,k0 as clearActiveSession,q0 as claimsToUser,t as buildTenantPath,N as TenantStoreWithEsCache,W as TenantStore,q as TenantRequestError,c as SingleTenantStore,R as MultipleTenantsForUserError,y as MultiTenantStore,k as InMemorySingleTenantStore,T as InMemoryMultiTenantStore,n as DEFAULT_TENANT_UI_NAMESPACE,r as DEFAULT_TENANT_API_NAMESPACE};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@enterprisestandard/core",
3
- "version": "0.0.16",
3
+ "version": "0.0.17-beta.20260423.1",
4
4
  "description": "Enterprise Standard Core (Server-only)",
5
5
  "private": false,
6
6
  "author": "enterprisestandard",
@@ -27,7 +27,7 @@
27
27
  }
28
28
  },
29
29
  "peerDependencies": {
30
- "@enterprisestandard/zod": "^0.0.16",
31
- "@enterprisestandard/valibot": "^0.0.16"
30
+ "@enterprisestandard/zod": "0.0.17-beta.20260423.1",
31
+ "@enterprisestandard/valibot": "0.0.17-beta.20260423.1"
32
32
  }
33
33
  }