@fnd-platform/cognito-auth 1.0.0-alpha.1 → 1.0.0-alpha.2

package/lib/remix/session.server.js

@@ -1,4 +1,4 @@
-'use strict';
+"use strict";
 /**
  * Remix session management utilities.
  *
@@ -7,7 +7,7 @@
  *
  * @packageDocumentation
  */
-Object.defineProperty(exports, '__esModule', { value: true });
+Object.defineProperty(exports, "__esModule", { value: true });
 exports.createSessionStorage = createSessionStorage;
 exports.resetDefaultStorage = resetDefaultStorage;
 exports.getSession = getSession;
@@ -16,7 +16,7 @@ exports.requireAuth = requireAuth;
 exports.getOptionalUser = getOptionalUser;
 exports.getUserSession = getUserSession;
 exports.logout = logout;
-const node_1 = require('@remix-run/node');
+const node_1 = require("@remix-run/node");
 /**
  * Default session storage instance.
  * Lazily initialized to avoid accessing env at module load.
@@ -26,11 +26,11 @@ let defaultSessionStorage = null;
  * Cookie configuration for session storage.
  */
 const COOKIE_CONFIG = {
-  name: '__fnd_session',
-  httpOnly: true,
-  maxAge: 60 * 60 * 24 * 7, // 1 week
-  path: '/',
-  sameSite: 'lax',
+    name: '__fnd_session',
+    httpOnly: true,
+    maxAge: 60 * 60 * 24 * 7, // 1 week
+    path: '/',
+    sameSite: 'lax',
 };
 /**
  * Creates a session storage with the given secret.
@@ -48,17 +48,17 @@ const COOKIE_CONFIG = {
  * ```
  */
 function createSessionStorage(secret) {
-  const sessionSecret = secret ?? process.env.SESSION_SECRET;
-  if (!sessionSecret) {
-    throw new Error('SESSION_SECRET environment variable is required');
-  }
-  return (0, node_1.createCookieSessionStorage)({
-    cookie: {
-      ...COOKIE_CONFIG,
-      secrets: [sessionSecret],
-      secure: process.env.NODE_ENV === 'production',
-    },
-  });
+    const sessionSecret = secret ?? process.env.SESSION_SECRET;
+    if (!sessionSecret) {
+        throw new Error('SESSION_SECRET environment variable is required');
+    }
+    return (0, node_1.createCookieSessionStorage)({
+        cookie: {
+            ...COOKIE_CONFIG,
+            secrets: [sessionSecret],
+            secure: process.env.NODE_ENV === 'production',
+        },
+    });
 }
 /**
  * Gets the default session storage instance.
@@ -67,10 +67,10 @@ function createSessionStorage(secret) {
  * @internal
  */
 function getDefaultStorage() {
-  if (!defaultSessionStorage) {
-    defaultSessionStorage = createSessionStorage();
-  }
-  return defaultSessionStorage;
+    if (!defaultSessionStorage) {
+        defaultSessionStorage = createSessionStorage();
+    }
+    return defaultSessionStorage;
 }
 /**
  * Resets the default session storage. Useful for testing.
@@ -78,7 +78,7 @@ function getDefaultStorage() {
  * @internal
  */
 function resetDefaultStorage() {
-  defaultSessionStorage = null;
+    defaultSessionStorage = null;
 }
 /**
  * Gets the session from a request.
@@ -96,8 +96,8 @@ function resetDefaultStorage() {
  * ```
  */
 async function getSession(request, storage) {
-  const sessionStorage = storage ?? getDefaultStorage();
-  return sessionStorage.getSession(request.headers.get('Cookie'));
+    const sessionStorage = storage ?? getDefaultStorage();
+    return sessionStorage.getSession(request.headers.get('Cookie'));
 }
 /**
  * Decodes a JWT token payload (base64).
@@ -108,13 +108,14 @@ async function getSession(request, storage) {
  * @internal
  */
 function decodeTokenPayload(token) {
-  try {
-    const payload = token.split('.')[1];
-    const decoded = Buffer.from(payload, 'base64').toString('utf-8');
-    return JSON.parse(decoded);
-  } catch {
-    return {};
-  }
+    try {
+        const payload = token.split('.')[1];
+        const decoded = Buffer.from(payload, 'base64').toString('utf-8');
+        return JSON.parse(decoded);
+    }
+    catch {
+        return {};
+    }
 }
 /**
  * Creates a user session with authentication tokens and redirects.
@@ -136,23 +137,23 @@ function decodeTokenPayload(token) {
  * ```
  */
 async function createUserSession(tokens, redirectTo, storage) {
-  const sessionStorage = storage ?? getDefaultStorage();
-  const session = await sessionStorage.getSession();
-  // Decode ID token to get user info
-  const payload = decodeTokenPayload(tokens.idToken);
-  // Store tokens and user info in session
-  session.set('accessToken', tokens.accessToken);
-  session.set('idToken', tokens.idToken);
-  session.set('refreshToken', tokens.refreshToken);
-  session.set('expiresAt', Date.now() + tokens.expiresIn * 1000);
-  session.set('userId', payload.sub);
-  session.set('email', payload.email ?? '');
-  session.set('groups', payload['cognito:groups'] ?? []);
-  return (0, node_1.redirect)(redirectTo, {
-    headers: {
-      'Set-Cookie': await sessionStorage.commitSession(session),
-    },
-  });
+    const sessionStorage = storage ?? getDefaultStorage();
+    const session = await sessionStorage.getSession();
+    // Decode ID token to get user info
+    const payload = decodeTokenPayload(tokens.idToken);
+    // Store only essential user info in session to stay under cookie size limit (~4KB).
+    // We skip storing the full tokens (accessToken, idToken) as they're large JWTs.
+    // The refreshToken is stored to enable token refresh for API calls when needed.
+    session.set('refreshToken', tokens.refreshToken);
+    session.set('expiresAt', Date.now() + tokens.expiresIn * 1000);
+    session.set('userId', payload.sub);
+    session.set('email', payload.email ?? '');
+    session.set('groups', payload['cognito:groups'] ?? []);
+    return (0, node_1.redirect)(redirectTo, {
+        headers: {
+            'Set-Cookie': await sessionStorage.commitSession(session),
+        },
+    });
 }
 /**
  * Requires authentication for a route.
@@ -176,19 +177,19 @@ async function createUserSession(tokens, redirectTo, storage) {
  * ```
  */
 async function requireAuth(request, redirectTo = '/login', storage) {
-  const session = await getSession(request, storage);
-  const userId = session.get('userId');
-  if (!userId) {
-    throw (0, node_1.redirect)(redirectTo);
-  }
-  // Check if tokens are near expiry (within 5 minutes)
-  const expiresAt = session.get('expiresAt');
-  if (expiresAt && Date.now() > expiresAt - 5 * 60 * 1000) {
-    // Tokens are near expiry
-    // In a full implementation, this would refresh tokens
-    // For now, we just return the userId as the session is still valid
-  }
-  return userId;
+    const session = await getSession(request, storage);
+    const userId = session.get('userId');
+    if (!userId) {
+        throw (0, node_1.redirect)(redirectTo);
+    }
+    // Check if tokens are near expiry (within 5 minutes)
+    const expiresAt = session.get('expiresAt');
+    if (expiresAt && Date.now() > expiresAt - 5 * 60 * 1000) {
+        // Tokens are near expiry
+        // In a full implementation, this would refresh tokens
+        // For now, we just return the userId as the session is still valid
+    }
+    return userId;
 }
 /**
  * Gets the optional user from the session.
@@ -209,16 +210,16 @@ async function requireAuth(request, redirectTo = '/login', storage) {
  * ```
  */
 async function getOptionalUser(request, storage) {
-  const session = await getSession(request, storage);
-  const userId = session.get('userId');
-  if (!userId) {
-    return null;
-  }
-  return {
-    userId,
-    email: session.get('email') ?? '',
-    groups: session.get('groups') ?? [],
-  };
+    const session = await getSession(request, storage);
+    const userId = session.get('userId');
+    if (!userId) {
+        return null;
+    }
+    return {
+        userId,
+        email: session.get('email') ?? '',
+        groups: session.get('groups') ?? [],
+    };
 }
 /**
  * Gets full session data including tokens.
@@ -243,20 +244,22 @@ async function getOptionalUser(request, storage) {
  * ```
  */
 async function getUserSession(request, storage) {
-  const session = await getSession(request, storage);
-  const userId = session.get('userId');
-  if (!userId) {
-    return null;
-  }
-  return {
-    accessToken: session.get('accessToken'),
-    idToken: session.get('idToken'),
-    refreshToken: session.get('refreshToken'),
-    expiresAt: session.get('expiresAt'),
-    userId,
-    email: session.get('email') ?? '',
-    groups: session.get('groups') ?? [],
-  };
+    const session = await getSession(request, storage);
+    const userId = session.get('userId');
+    if (!userId) {
+        return null;
+    }
+    return {
+        // Note: accessToken and idToken are not stored in session to stay under cookie limits.
+        // Use refreshToken to obtain fresh tokens when needed for API calls.
+        accessToken: session.get('accessToken'),
+        idToken: session.get('idToken'),
+        refreshToken: session.get('refreshToken'),
+        expiresAt: session.get('expiresAt'),
+        userId,
+        email: session.get('email') ?? '',
+        groups: session.get('groups') ?? [],
+    };
 }
 /**
  * Logs out the user and redirects to the login page.
@@ -276,12 +279,12 @@ async function getUserSession(request, storage) {
  * ```
  */
 async function logout(request, redirectTo = '/login', storage) {
-  const sessionStorage = storage ?? getDefaultStorage();
-  const session = await getSession(request, storage);
-  return (0, node_1.redirect)(redirectTo, {
-    headers: {
-      'Set-Cookie': await sessionStorage.destroySession(session),
-    },
-  });
+    const sessionStorage = storage ?? getDefaultStorage();
+    const session = await getSession(request, storage);
+    return (0, node_1.redirect)(redirectTo, {
+        headers: {
+            'Set-Cookie': await sessionStorage.destroySession(session),
+        },
+    });
 }
-//# sourceMappingURL=session.server.js.map
+//# sourceMappingURL=session.server.js.map

package/lib/remix/session.server.js.map

@@ -1 +1 @@
-{"version":3,"file":"session.server.js","sourceRoot":"","sources":["../../src/remix/session.server.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AAsCH,oDAcC;AAoBD,kDAEC;AAiBD,gCAGC;AAuCD,8CAyBC;AAuBD,kCAqBC;AAoBD,0CAgBC;AAwBD,wCAoBC;AAmBD,wBAaC;AAxTD,0CAAuE;AAIvE;;;GAGG;AACH,IAAI,qBAAqB,GAA0B,IAAI,CAAC;AAExD;;GAEG;AACH,MAAM,aAAa,GAAG;IACpB,IAAI,EAAE,eAAe;IACrB,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,SAAS;IACnC,IAAI,EAAE,GAAG;IACT,QAAQ,EAAE,KAAc;CACzB,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,SAAgB,oBAAoB,CAAC,MAAe;IAClD,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;IAE3D,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,IAAA,iCAA0B,EAAC;QAChC,MAAM,EAAE;YACN,GAAG,aAAa;YAChB,OAAO,EAAE,CAAC,aAAa,CAAC;YACxB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;SAC9C;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB;IACxB,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC3B,qBAAqB,GAAG,oBAAoB,EAAE,CAAC;IACjD,CAAC;IACD,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAED;;;;GAIG;AACH,SAAgB,mBAAmB;IACjC,qBAAqB,GAAG,IAAI,CAAC;AAC/B,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACI,KAAK,UAAU,UAAU,CAAC,OAAgB,EAAE,OAAwB;IACzE,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,OAAO,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACI,KAAK,UAAU,iBAAiB,CACrC,MAAkB,EAClB,UAAkB,EAClB,OAAwB;IAExB,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE,CAAC;IAElD,mCAAmC;IACnC,MAAM,OAAO,GAAG,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnD,wCAAwC;IACxC,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAa,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,OAAO,EAAG,OAAO,CAAC,KAAgB,IAAI,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAG,OAAO,CAAC,gBAAgB,CAAc,IAAI,EAAE,CAAC,CAAC;IAErE,OAAO,IAAA,eAAQ,EAAC,UAAU,EAAE;QAC1B,OAAO,EAAE;YACP,YAAY,EAAE,MAAM,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC;SAC1D;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,WAAW,CAC/B,OAAgB,EAChB,UAAU,GAAG,QAAQ,EACrB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAA,eAAQ,EAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,qDAAqD;IACrD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAuB,CAAC;IACjE,IAAI,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;QACxD,yBAAyB;QACzB,sDAAsD;QACtD,mEAAmE;IACrE,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACI,KAAK,UAAU,eAAe,CACnC,OAAgB,EAChB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,MAAM;QACN,KAAK,EAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAY,IAAI,EAAE;QAC7C,MAAM,EAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAc,IAAI,EAAE;KAClD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACI,KAAK,UAAU,cAAc,CAClC,OAAgB,EAChB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAW;QACjD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAW;QACzC,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAW;QACnD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAW;QAC7C,MAAM;QACN,KAAK,EAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAY,IAAI,EAAE;QAC7C,MAAM,EAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAc,IAAI,EAAE;KAClD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACI,KAAK,UAAU,MAAM,CAC1B,OAAgB,EAChB,UAAU,GAAG,QAAQ,EACrB,OAAwB;IAExB,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAEnD,OAAO,IAAA,eAAQ,EAAC,UAAU,EAAE;QAC1B,OAAO,EAAE;YACP,YAAY,EAAE,MAAM,cAAc,CAAC,cAAc,CAAC,OAAO,CAAC;SAC3D;KACF,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"session.server.js","sourceRoot":"","sources":["../../src/remix/session.server.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AAsCH,oDAcC;AAoBD,kDAEC;AAiBD,gCAGC;AAuCD,8CAyBC;AAuBD,kCAqBC;AAoBD,0CAgBC;AAwBD,wCAsBC;AAmBD,wBAaC;AA1TD,0CAAuE;AAIvE;;;GAGG;AACH,IAAI,qBAAqB,GAA0B,IAAI,CAAC;AAExD;;GAEG;AACH,MAAM,aAAa,GAAG;IACpB,IAAI,EAAE,eAAe;IACrB,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,SAAS;IACnC,IAAI,EAAE,GAAG;IACT,QAAQ,EAAE,KAAc;CACzB,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,SAAgB,oBAAoB,CAAC,MAAe;IAClD,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;IAE3D,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,IAAA,iCAA0B,EAAC;QAChC,MAAM,EAAE;YACN,GAAG,aAAa;YAChB,OAAO,EAAE,CAAC,aAAa,CAAC;YACxB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;SAC9C;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB;IACxB,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC3B,qBAAqB,GAAG,oBAAoB,EAAE,CAAC;IACjD,CAAC;IACD,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAED;;;;GAIG;AACH,SAAgB,mBAAmB;IACjC,qBAAqB,GAAG,IAAI,CAAC;AAC/B,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACI,KAAK,UAAU,UAAU,CAAC,OAAgB,EAAE,OAAwB;IACzE,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,OAAO,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACI,KAAK,UAAU,iBAAiB,CACrC,MAAkB,EAClB,UAAkB,EAClB,OAAwB;IAExB,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE,CAAC;IAElD,mCAAmC;IACnC,MAAM,OAAO,GAAG,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnD,oFAAoF;IACpF,gFAAgF;IAChF,gFAAgF;IAChF,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAa,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,OAAO,EAAG,OAAO,CAAC,KAAgB,IAAI,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAG,OAAO,CAAC,gBAAgB,CAAc,IAAI,EAAE,CAAC,CAAC;IAErE,OAAO,IAAA,eAAQ,EAAC,UAAU,EAAE;QAC1B,OAAO,EAAE;YACP,YAAY,EAAE,MAAM,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC;SAC1D;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,WAAW,CAC/B,OAAgB,EAChB,UAAU,GAAG,QAAQ,EACrB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAA,eAAQ,EAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,qDAAqD;IACrD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAuB,CAAC;IACjE,IAAI,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;QACxD,yBAAyB;QACzB,sDAAsD;QACtD,mEAAmE;IACrE,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACI,KAAK,UAAU,eAAe,CACnC,OAAgB,EAChB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,MAAM;QACN,KAAK,EAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAY,IAAI,EAAE;QAC7C,MAAM,EAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAc,IAAI,EAAE;KAClD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACI,KAAK,UAAU,cAAc,CAClC,OAAgB,EAChB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,uFAAuF;QACvF,qEAAqE;QACrE,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAuB;QAC7D,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAuB;QACrD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAW;QACnD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAW;QAC7C,MAAM;QACN,KAAK,EAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAY,IAAI,EAAE;QAC7C,MAAM,EAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAc,IAAI,EAAE;KAClD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACI,KAAK,UAAU,MAAM,CAC1B,OAAgB,EAChB,UAAU,GAAG,QAAQ,EACrB,OAAwB;IAExB,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAEnD,OAAO,IAAA,eAAQ,EAAC,UAAU,EAAE;QAC1B,OAAO,EAAE;YACP,YAAY,EAAE,MAAM,cAAc,CAAC,cAAc,CAAC,OAAO,CAAC;SAC3D;KACF,CAAC,CAAC;AACL,CAAC"}

package/lib/types.d.ts

@@ -7,155 +7,189 @@
  * Cognito JWT payload structure from access token.
  */
 export interface CognitoAccessTokenPayload {
-  /** User's unique identifier */
-  sub: string;
-  /** Cognito groups the user belongs to */
-  'cognito:groups'?: string[];
-  /** Token use type */
-  token_use: 'access';
-  /** Token scopes */
-  scope?: string;
-  /** Issuer URL */
-  iss: string;
-  /** Expiration timestamp */
-  exp: number;
-  /** Issued at timestamp */
-  iat: number;
-  /** Client ID */
-  client_id: string;
-  /** Username */
-  username: string;
+    /** User's unique identifier */
+    sub: string;
+    /** Cognito groups the user belongs to */
+    'cognito:groups'?: string[];
+    /** Token use type */
+    token_use: 'access';
+    /** Token scopes */
+    scope?: string;
+    /** Issuer URL */
+    iss: string;
+    /** Expiration timestamp */
+    exp: number;
+    /** Issued at timestamp */
+    iat: number;
+    /** Client ID */
+    client_id: string;
+    /** Username */
+    username: string;
 }
 /**
  * Cognito JWT payload structure from ID token.
  */
 export interface CognitoIdTokenPayload {
-  /** User's unique identifier */
-  sub: string;
-  /** User's email address */
-  email?: string;
-  /** Whether email is verified */
-  email_verified?: boolean;
-  /** Cognito groups the user belongs to */
-  'cognito:groups'?: string[];
-  /** Cognito username */
-  'cognito:username'?: string;
-  /** Token use type */
-  token_use: 'id';
-  /** Issuer URL */
-  iss: string;
-  /** Expiration timestamp */
-  exp: number;
-  /** Issued at timestamp */
-  iat: number;
-  /** Audience (client ID) */
-  aud: string;
+    /** User's unique identifier */
+    sub: string;
+    /** User's email address */
+    email?: string;
+    /** Whether email is verified */
+    email_verified?: boolean;
+    /** Cognito groups the user belongs to */
+    'cognito:groups'?: string[];
+    /** Cognito username */
+    'cognito:username'?: string;
+    /** Token use type */
+    token_use: 'id';
+    /** Issuer URL */
+    iss: string;
+    /** Expiration timestamp */
+    exp: number;
+    /** Issued at timestamp */
+    iat: number;
+    /** Audience (client ID) */
+    aud: string;
 }
 /**
  * Configuration for JWT verification.
  */
 export interface JwtVerifierConfig {
-  /** Cognito User Pool ID */
-  userPoolId: string;
-  /** Cognito Client ID */
-  clientId: string;
-  /** Token type to verify */
-  tokenUse?: 'access' | 'id';
+    /** Cognito User Pool ID */
+    userPoolId: string;
+    /** Cognito Client ID */
+    clientId: string;
+    /** Token type to verify */
+    tokenUse?: 'access' | 'id';
 }
 /**
  * Configuration options for the auth middleware.
  */
 export interface CognitoAuthOptions {
-  /** Cognito User Pool ID (defaults to COGNITO_USER_POOL_ID env var) */
-  userPoolId?: string;
-  /** Cognito Client ID (defaults to COGNITO_CLIENT_ID env var) */
-  clientId?: string;
-  /** Required roles (Cognito groups). User must have at least one. */
-  roles?: string[];
-  /** Paths to skip authentication for */
-  skipPaths?: string[];
-  /** Token type to verify */
-  tokenUse?: 'access' | 'id';
+    /** Cognito User Pool ID (defaults to COGNITO_USER_POOL_ID env var) */
+    userPoolId?: string;
+    /** Cognito Client ID (defaults to COGNITO_CLIENT_ID env var) */
+    clientId?: string;
+    /** Required roles (Cognito groups). User must have at least one. */
+    roles?: string[];
+    /** Paths to skip authentication for */
+    skipPaths?: string[];
+    /** Token type to verify */
+    tokenUse?: 'access' | 'id';
 }
 /**
  * Result of successful token verification.
  */
 export interface TokenVerificationResult {
-  /** User ID (sub claim) */
-  userId: string;
-  /** User email (from ID token or access token if present) */
-  email?: string;
-  /** User's Cognito groups */
-  groups: string[];
-  /** Raw token payload */
-  payload: CognitoAccessTokenPayload | CognitoIdTokenPayload;
+    /** User ID (sub claim) */
+    userId: string;
+    /** User email (from ID token or access token if present) */
+    email?: string;
+    /** User's Cognito groups */
+    groups: string[];
+    /** Raw token payload */
+    payload: CognitoAccessTokenPayload | CognitoIdTokenPayload;
 }
 /**
  * Configuration for FndAuthClient.
  */
 export interface AuthClientConfig {
-  /** Cognito User Pool ID */
-  userPoolId: string;
-  /** Cognito Client ID */
-  clientId: string;
-  /** AWS region (defaults to AWS_REGION env var) */
-  region?: string;
+    /** Cognito User Pool ID */
+    userPoolId: string;
+    /** Cognito Client ID */
+    clientId: string;
+    /** AWS region (defaults to AWS_REGION env var) */
+    region?: string;
 }
 /**
  * Authentication tokens returned from Cognito.
  */
 export interface AuthTokens {
-  /** JWT access token */
-  accessToken: string;
-  /** JWT ID token */
-  idToken: string;
-  /** Refresh token for obtaining new tokens */
-  refreshToken: string;
-  /** Token expiration in seconds */
-  expiresIn: number;
+    /** JWT access token */
+    accessToken: string;
+    /** JWT ID token */
+    idToken: string;
+    /** Refresh token for obtaining new tokens */
+    refreshToken: string;
+    /** Token expiration in seconds */
+    expiresIn: number;
 }
 /**
  * Result of sign-up operation.
  */
 export interface SignUpResult {
-  /** Whether user confirmation is required */
-  userConfirmed: boolean;
-  /** Delivery details for confirmation code (if applicable) */
-  codeDeliveryDetails?: {
-    /** Destination (masked email/phone) */
-    destination?: string;
-    /** Delivery medium */
-    deliveryMedium?: 'EMAIL' | 'SMS';
-  };
+    /** Whether user confirmation is required */
+    userConfirmed: boolean;
+    /** Delivery details for confirmation code (if applicable) */
+    codeDeliveryDetails?: {
+        /** Destination (masked email/phone) */
+        destination?: string;
+        /** Delivery medium */
+        deliveryMedium?: 'EMAIL' | 'SMS';
+    };
+}
+/**
+ * Challenge types that may be returned during sign-in.
+ */
+export type AuthChallenge = 'NEW_PASSWORD_REQUIRED' | 'SMS_MFA' | 'SOFTWARE_TOKEN_MFA';
+/**
+ * Result of sign-in operation.
+ *
+ * May return either tokens (successful auth) or a challenge (requires additional action).
+ */
+export type SignInResult = {
+    success: true;
+    tokens: AuthTokens;
+} | {
+    success: false;
+    challenge: AuthChallenge;
+    session: string;
+    email: string;
+};
+/**
+ * Result of forgot password initiation.
+ */
+export interface ForgotPasswordResult {
+    /** Delivery details for reset code */
+    codeDeliveryDetails?: {
+        /** Destination (masked email/phone) */
+        destination?: string;
+        /** Delivery medium */
+        deliveryMedium?: 'EMAIL' | 'SMS';
+    };
 }
 /**
  * Session data stored in cookies.
+ *
+ * Note: accessToken and idToken are optional because they are not stored
+ * in the cookie session to stay under browser cookie size limits (~4KB).
+ * Use the refreshToken to obtain fresh tokens when needed for API calls.
  */
 export interface SessionData {
-  /** JWT access token */
-  accessToken: string;
-  /** JWT ID token */
-  idToken: string;
-  /** Refresh token */
-  refreshToken: string;
-  /** Expiration timestamp (ms since epoch) */
-  expiresAt: number;
-  /** User ID (sub claim) */
-  userId: string;
-  /** User email */
-  email: string;
-  /** User's Cognito groups */
-  groups: string[];
+    /** JWT access token (not stored in session, use refreshToken to obtain) */
+    accessToken?: string;
+    /** JWT ID token (not stored in session, use refreshToken to obtain) */
+    idToken?: string;
+    /** Refresh token */
+    refreshToken: string;
+    /** Expiration timestamp (ms since epoch) */
+    expiresAt: number;
+    /** User ID (sub claim) */
+    userId: string;
+    /** User email */
+    email: string;
+    /** User's Cognito groups */
+    groups: string[];
 }
 /**
  * User information extracted from session.
  */
 export interface SessionUser {
-  /** User ID */
-  userId: string;
-  /** User email */
-  email: string;
-  /** User's groups/roles */
-  groups: string[];
+    /** User ID */
+    userId: string;
+    /** User email */
+    email: string;
+    /** User's groups/roles */
+    groups: string[];
 }
-//# sourceMappingURL=types.d.ts.map
+//# sourceMappingURL=types.d.ts.map

package/lib/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,+BAA+B;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,yCAAyC;IACzC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,qBAAqB;IACrB,SAAS,EAAE,QAAQ,CAAC;IACpB,mBAAmB;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,0BAA0B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,+BAA+B;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gCAAgC;IAChC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,yCAAyC;IACzC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,uBAAuB;IACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,qBAAqB;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,iBAAiB;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,0BAA0B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,2BAA2B;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,sEAAsE;IACtE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gEAAgE;IAChE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oEAAoE;IACpE,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,uCAAuC;IACvC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,0BAA0B;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,4DAA4D;IAC5D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,wBAAwB;IACxB,OAAO,EAAE,yBAAyB,GAAG,qBAAqB,CAAC;CAC5D;AAID;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,2BAA2B;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,6CAA6C;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,4CAA4C;IAC5C,aAAa,EAAE,OAAO,CAAC;IACvB,6DAA6D;IAC7D,mBAAmB,CAAC,EAAE;QACpB,uCAAuC;QACvC,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,sBAAsB;QACtB,cAAc,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC;KAClC,CAAC;CACH;AAID;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,4CAA4C;IAC5C,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,4BAA4B;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,cAAc;IACd,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,+BAA+B;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,yCAAyC;IACzC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,qBAAqB;IACrB,SAAS,EAAE,QAAQ,CAAC;IACpB,mBAAmB;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,0BAA0B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,+BAA+B;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gCAAgC;IAChC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,yCAAyC;IACzC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,uBAAuB;IACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,qBAAqB;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,iBAAiB;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,0BAA0B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,2BAA2B;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,sEAAsE;IACtE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gEAAgE;IAChE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oEAAoE;IACpE,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,uCAAuC;IACvC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,0BAA0B;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,4DAA4D;IAC5D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,wBAAwB;IACxB,OAAO,EAAE,yBAAyB,GAAG,qBAAqB,CAAC;CAC5D;AAID;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,2BAA2B;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,6CAA6C;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,4CAA4C;IAC5C,aAAa,EAAE,OAAO,CAAC;IACvB,6DAA6D;IAC7D,mBAAmB,CAAC,EAAE;QACpB,uCAAuC;QACvC,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,sBAAsB;QACtB,cAAc,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC;KAClC,CAAC;CACH;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,uBAAuB,GAAG,SAAS,GAAG,oBAAoB,CAAC;AAEvF;;;;GAIG;AACH,MAAM,MAAM,YAAY,GACpB;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,UAAU,CAAA;CAAE,GACrC;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,SAAS,EAAE,aAAa,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAEjF;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,sCAAsC;IACtC,mBAAmB,CAAC,EAAE;QACpB,uCAAuC;QACvC,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,sBAAsB;QACtB,cAAc,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC;KAClC,CAAC;CACH;AAID;;;;;;GAMG;AACH,MAAM,WAAW,WAAW;IAC1B,2EAA2E;IAC3E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,uEAAuE;IACvE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oBAAoB;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,4CAA4C;IAC5C,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,4BAA4B;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,cAAc;IACd,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB"}

package/lib/types.js

@@ -1,8 +1,8 @@
-'use strict';
+"use strict";
 /**
  * Type definitions for cognito-auth middleware and utilities.
  *
  * @packageDocumentation
  */
-Object.defineProperty(exports, '__esModule', { value: true });
-//# sourceMappingURL=types.js.map
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map