@ghostly-solutions/auth 0.1.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/README.md +68 -84
  2. package/dist/{auth-client-CAHMjodm.d.ts → auth-client-Cdkp07ii.d.ts} +14 -6
  3. package/dist/{auth-sdk-error-DKM7PyKC.d.ts → auth-sdk-error-D3gsfK9d.d.ts} +0 -3
  4. package/dist/extension.d.ts +16 -0
  5. package/dist/extension.js +502 -0
  6. package/dist/extension.js.map +1 -0
  7. package/dist/index.d.ts +12 -19
  8. package/dist/index.js +105 -119
  9. package/dist/index.js.map +1 -1
  10. package/dist/next.d.ts +4 -27
  11. package/dist/next.js +125 -383
  12. package/dist/next.js.map +1 -1
  13. package/dist/react.d.ts +4 -20
  14. package/dist/react.js +129 -176
  15. package/dist/react.js.map +1 -1
  16. package/docs/api-reference.md +65 -89
  17. package/docs/architecture.md +28 -46
  18. package/docs/development-and-ci.md +15 -19
  19. package/docs/index.md +1 -15
  20. package/docs/integration-guide.md +46 -81
  21. package/docs/overview.md +24 -30
  22. package/package.json +11 -4
  23. package/react-client.js +3 -0
package/dist/extension.js ADDED
@@ -0,0 +1,502 @@
1
+ // src/constants/auth-endpoints.ts
2
+ var authApiPrefix = "/oauth";
3
+ var authEndpoints = {
4
+ authorize: `${authApiPrefix}/authorize`,
5
+ session: `${authApiPrefix}/session`,
6
+ refresh: `${authApiPrefix}/refresh`,
7
+ logout: `${authApiPrefix}/logout`
8
+ };
9
+
10
+ // src/errors/auth-sdk-error.ts
11
+ var AuthSdkError = class extends Error {
12
+ code;
13
+ details;
14
+ status;
15
+ constructor(payload) {
16
+ super(payload.message);
17
+ this.name = "AuthSdkError";
18
+ this.code = payload.code;
19
+ this.details = payload.details;
20
+ this.status = payload.status;
21
+ }
22
+ };
23
+
24
+ // src/types/auth-error-code.ts
25
+ var authErrorCode = {
26
+ unauthorized: "unauthorized",
27
+ networkError: "network_error",
28
+ apiError: "api_error",
29
+ broadcastChannelUnsupported: "broadcast_channel_unsupported"};
30
+
31
+ // src/core/api-origin.ts
32
+ var slash = "/";
33
+ function normalizeApiOrigin(apiOrigin) {
34
+ const trimmed = apiOrigin.trim();
35
+ if (!trimmed) {
36
+ throw new AuthSdkError({
37
+ code: authErrorCode.apiError,
38
+ details: null,
39
+ message: "Auth API origin must be a non-empty absolute URL.",
40
+ status: null
41
+ });
42
+ }
43
+ let parsed;
44
+ try {
45
+ parsed = new URL(trimmed);
46
+ } catch (error) {
47
+ throw new AuthSdkError({
48
+ code: authErrorCode.apiError,
49
+ details: error,
50
+ message: "Auth API origin must be a valid absolute URL.",
51
+ status: null
52
+ });
53
+ }
54
+ if (parsed.pathname !== slash || parsed.search || parsed.hash) {
55
+ throw new AuthSdkError({
56
+ code: authErrorCode.apiError,
57
+ details: null,
58
+ message: "Auth API origin must not include path, query, or hash.",
59
+ status: null
60
+ });
61
+ }
62
+ return parsed.origin;
63
+ }
64
+ function resolveApiEndpoint(path, apiOrigin) {
65
+ if (!apiOrigin) {
66
+ return path;
67
+ }
68
+ return `${normalizeApiOrigin(apiOrigin)}${path}`;
69
+ }
70
+
71
+ // src/constants/http-status.ts
72
+ var httpStatus = {
73
+ ok: 200,
74
+ noContent: 204,
75
+ unauthorized: 401
76
+ };
77
+
78
+ // src/constants/auth-keys.ts
79
+ var authBroadcast = {
80
+ channelName: "ghostly-auth-channel",
81
+ sessionUpdatedEvent: "session-updated"
82
+ };
83
+ var authRoutes = {
84
+ root: "/"
85
+ };
86
+
87
+ // src/core/object-guards.ts
88
+ function isObjectRecord(value) {
89
+ return typeof value === "object" && value !== null;
90
+ }
91
+ function isStringValue(value) {
92
+ return typeof value === "string";
93
+ }
94
+
95
+ // src/core/session-parser.ts
96
+ function isStringArray(value) {
97
+ return Array.isArray(value) && value.every((entry) => isStringValue(entry));
98
+ }
99
+ function isGhostlySession(value) {
100
+ if (!isObjectRecord(value)) {
101
+ return false;
102
+ }
103
+ return isStringValue(value.id) && isStringValue(value.username) && (value.firstName === null || isStringValue(value.firstName)) && (value.lastName === null || isStringValue(value.lastName)) && isStringValue(value.email) && isStringValue(value.role) && isStringArray(value.permissions);
104
+ }
105
+
106
+ // src/core/broadcast-sync.ts
107
+ function isSessionUpdatedMessage(value) {
108
+ if (!isObjectRecord(value)) {
109
+ return false;
110
+ }
111
+ if (!isStringValue(value.type)) {
112
+ return false;
113
+ }
114
+ if (value.type !== authBroadcast.sessionUpdatedEvent) {
115
+ return false;
116
+ }
117
+ return value.session === null || isGhostlySession(value.session);
118
+ }
119
+ function createUnsupportedBroadcastChannelError() {
120
+ return new AuthSdkError({
121
+ code: authErrorCode.broadcastChannelUnsupported,
122
+ details: null,
123
+ message: "BroadcastChannel is unavailable in this runtime.",
124
+ status: null
125
+ });
126
+ }
127
+ function createBroadcastSync(options) {
128
+ if (typeof BroadcastChannel === "undefined") {
129
+ throw createUnsupportedBroadcastChannelError();
130
+ }
131
+ const channel = new BroadcastChannel(authBroadcast.channelName);
132
+ const onMessage = (event) => {
133
+ const messageEvent = event;
134
+ if (!isSessionUpdatedMessage(messageEvent.data)) {
135
+ return;
136
+ }
137
+ options.onSessionUpdated(messageEvent.data.session);
138
+ };
139
+ channel.addEventListener("message", onMessage);
140
+ return {
141
+ close() {
142
+ channel.removeEventListener("message", onMessage);
143
+ channel.close();
144
+ },
145
+ publishSession(session) {
146
+ const payload = {
147
+ session,
148
+ type: authBroadcast.sessionUpdatedEvent
149
+ };
150
+ channel.postMessage(payload);
151
+ }
152
+ };
153
+ }
154
+
155
+ // src/core/http-client.ts
156
+ var jsonContentType = "application/json";
157
+ var jsonHeaderName = "content-type";
158
+ var includeCredentials = "include";
159
+ var noStoreCache = "no-store";
160
+ function toTypedValue(value) {
161
+ return value;
162
+ }
163
+ function mapHttpStatusToAuthErrorCode(status) {
164
+ if (status === httpStatus.unauthorized) {
165
+ return authErrorCode.unauthorized;
166
+ }
167
+ return authErrorCode.apiError;
168
+ }
169
+ async function parseJsonPayload(response) {
170
+ try {
171
+ return await response.json();
172
+ } catch {
173
+ return null;
174
+ }
175
+ }
176
+ async function parseErrorPayload(response) {
177
+ const payload = await parseJsonPayload(response);
178
+ if (!isObjectRecord(payload)) {
179
+ return {
180
+ code: null,
181
+ details: null,
182
+ message: null
183
+ };
184
+ }
185
+ const maybeCode = payload.code;
186
+ const maybeMessage = payload.message;
187
+ return {
188
+ code: isStringValue(maybeCode) ? maybeCode : null,
189
+ details: "details" in payload ? payload.details : null,
190
+ message: isStringValue(maybeMessage) ? maybeMessage : null
191
+ };
192
+ }
193
+ function buildApiErrorMessage(method, path) {
194
+ return `Auth API request failed: ${method} ${path}`;
195
+ }
196
+ function buildNetworkErrorMessage(method, path) {
197
+ return `Auth API network failure: ${method} ${path}`;
198
+ }
199
+ async function request(options) {
200
+ const expectedStatus = options.expectedStatus ?? httpStatus.ok;
201
+ const headers = new Headers();
202
+ const hasBody = typeof options.body !== "undefined";
203
+ if (hasBody) {
204
+ headers.set(jsonHeaderName, jsonContentType);
205
+ }
206
+ const requestInit = {
207
+ cache: noStoreCache,
208
+ credentials: includeCredentials,
209
+ headers,
210
+ method: options.method
211
+ };
212
+ if (hasBody) {
213
+ requestInit.body = JSON.stringify(options.body);
214
+ }
215
+ let response;
216
+ try {
217
+ response = await fetch(options.path, requestInit);
218
+ } catch (error) {
219
+ throw new AuthSdkError({
220
+ code: authErrorCode.networkError,
221
+ details: error,
222
+ message: buildNetworkErrorMessage(options.method, options.path),
223
+ status: null
224
+ });
225
+ }
226
+ if (response.status !== expectedStatus) {
227
+ const parsed = await parseErrorPayload(response);
228
+ throw new AuthSdkError({
229
+ code: mapHttpStatusToAuthErrorCode(response.status),
230
+ details: {
231
+ apiCode: parsed.code,
232
+ apiDetails: parsed.details
233
+ },
234
+ message: parsed.message ?? buildApiErrorMessage(options.method, options.path),
235
+ status: response.status
236
+ });
237
+ }
238
+ if (response.status === httpStatus.noContent) {
239
+ return toTypedValue(null);
240
+ }
241
+ const payload = await parseJsonPayload(response);
242
+ return toTypedValue(payload);
243
+ }
244
+ function getJson(path) {
245
+ return request({
246
+ method: "GET",
247
+ path
248
+ });
249
+ }
250
+ function postJsonWithoutBody(path) {
251
+ return request({
252
+ method: "POST",
253
+ path
254
+ });
255
+ }
256
+ function postEmpty(path) {
257
+ return request({
258
+ expectedStatus: httpStatus.noContent,
259
+ method: "POST",
260
+ path
261
+ });
262
+ }
263
+
264
+ // src/core/runtime.ts
265
+ var browserRuntimeErrorMessage = "Browser runtime is required for this auth operation.";
266
+ function isBrowserRuntime() {
267
+ return typeof window !== "undefined";
268
+ }
269
+ function assertBrowserRuntime() {
270
+ if (isBrowserRuntime()) {
271
+ return;
272
+ }
273
+ throw new AuthSdkError({
274
+ code: authErrorCode.apiError,
275
+ details: null,
276
+ message: browserRuntimeErrorMessage,
277
+ status: null
278
+ });
279
+ }
280
+
281
+ // src/core/return-to-storage.ts
282
+ function sanitizeReturnTo(value) {
283
+ if (!value) {
284
+ return authRoutes.root;
285
+ }
286
+ if (!value.startsWith(authRoutes.root)) {
287
+ return authRoutes.root;
288
+ }
289
+ const protocolRelativePrefix = "//";
290
+ if (value.startsWith(protocolRelativePrefix)) {
291
+ return authRoutes.root;
292
+ }
293
+ return value;
294
+ }
295
+ function getCurrentBrowserPath() {
296
+ return `${window.location.pathname}${window.location.search}${window.location.hash}`;
297
+ }
298
+ function resolveReturnToPath(returnTo) {
299
+ assertBrowserRuntime();
300
+ const fallbackPath = getCurrentBrowserPath();
301
+ return sanitizeReturnTo(returnTo ?? fallbackPath);
302
+ }
303
+
304
+ // src/core/session-store.ts
305
+ var SessionStore = class {
306
+ listeners = /* @__PURE__ */ new Set();
307
+ resolvedSession = null;
308
+ resolveState = "pending";
309
+ getSessionIfResolved() {
310
+ if (this.resolveState === "pending") {
311
+ return null;
312
+ }
313
+ return this.resolvedSession;
314
+ }
315
+ hasResolvedSession() {
316
+ return this.resolveState === "resolved";
317
+ }
318
+ setSession(session) {
319
+ this.resolveState = "resolved";
320
+ this.resolvedSession = session;
321
+ for (const listener of this.listeners) {
322
+ listener(session);
323
+ }
324
+ }
325
+ subscribe(listener) {
326
+ this.listeners.add(listener);
327
+ return () => {
328
+ this.listeners.delete(listener);
329
+ };
330
+ }
331
+ };
332
+
333
+ // src/core/auth-client.ts
334
+ function createInvalidSessionPayloadError(path) {
335
+ return new AuthSdkError({
336
+ code: authErrorCode.apiError,
337
+ details: null,
338
+ message: `Auth API response has invalid session shape: ${path}`,
339
+ status: null
340
+ });
341
+ }
342
+ function toValidatedSession(payload, path) {
343
+ if (!isGhostlySession(payload)) {
344
+ throw createInvalidSessionPayloadError(path);
345
+ }
346
+ return payload;
347
+ }
348
+ function toSessionPayload(payload, path) {
349
+ if (payload === null) {
350
+ return null;
351
+ }
352
+ return toValidatedSession(payload, path);
353
+ }
354
+ function createNoopBroadcastSync() {
355
+ return {
356
+ close() {
357
+ },
358
+ publishSession() {
359
+ }
360
+ };
361
+ }
362
+ function createSafeBroadcastSync(onSessionUpdated) {
363
+ try {
364
+ return createBroadcastSync({
365
+ onSessionUpdated
366
+ });
367
+ } catch (error) {
368
+ if (error instanceof AuthSdkError && error.code === authErrorCode.broadcastChannelUnsupported) {
369
+ return createNoopBroadcastSync();
370
+ }
371
+ throw error;
372
+ }
373
+ }
374
+ function toInitResult(session) {
375
+ return {
376
+ session,
377
+ status: session ? "authenticated" : "unauthenticated"
378
+ };
379
+ }
380
+ function createAuthClient(options = {}) {
381
+ let initPromise = null;
382
+ const defaultApplication = options.application?.trim() || "";
383
+ const sessionStore = new SessionStore();
384
+ const broadcastSync = createSafeBroadcastSync((session) => {
385
+ sessionStore.setSession(session);
386
+ });
387
+ const resolveEndpoint = (path) => resolveApiEndpoint(path, options.apiOrigin);
388
+ const loadSession = async () => {
389
+ const payload = await getJson(resolveEndpoint(authEndpoints.session));
390
+ return toSessionPayload(payload, authEndpoints.session);
391
+ };
392
+ const init = async (initOptions) => {
393
+ const forceRefresh = initOptions?.forceRefresh ?? false;
394
+ if (sessionStore.hasResolvedSession() && !forceRefresh) {
395
+ return toInitResult(sessionStore.getSessionIfResolved());
396
+ }
397
+ if (initPromise) {
398
+ return initPromise;
399
+ }
400
+ initPromise = (async () => {
401
+ const session = await loadSession();
402
+ sessionStore.setSession(session);
403
+ broadcastSync.publishSession(session);
404
+ return toInitResult(session);
405
+ })();
406
+ try {
407
+ return await initPromise;
408
+ } finally {
409
+ initPromise = null;
410
+ }
411
+ };
412
+ const getSession = async (requestOptions) => {
413
+ const result = await init({
414
+ forceRefresh: requestOptions?.forceRefresh ?? false
415
+ });
416
+ return result.session;
417
+ };
418
+ const refresh = async () => {
419
+ const payload = await postJsonWithoutBody(resolveEndpoint(authEndpoints.refresh));
420
+ const session = toSessionPayload(payload, authEndpoints.refresh);
421
+ sessionStore.setSession(session);
422
+ broadcastSync.publishSession(session);
423
+ return session;
424
+ };
425
+ const requireSession = async () => {
426
+ const session = await getSession();
427
+ if (session) {
428
+ return session;
429
+ }
430
+ throw new AuthSdkError({
431
+ code: authErrorCode.unauthorized,
432
+ details: null,
433
+ message: "Authenticated session is required.",
434
+ status: httpStatus.unauthorized
435
+ });
436
+ };
437
+ const login = (loginOptions) => {
438
+ const returnTo = resolveReturnToPath(loginOptions?.returnTo);
439
+ const authorizeUrl = new URL(resolveEndpoint(authEndpoints.authorize), window.location.origin);
440
+ authorizeUrl.searchParams.set("return_to", returnTo);
441
+ const application = loginOptions?.application?.trim() || defaultApplication;
442
+ if (application) {
443
+ authorizeUrl.searchParams.set("app", application);
444
+ }
445
+ window.location.assign(authorizeUrl.toString());
446
+ };
447
+ const logout = async () => {
448
+ await postEmpty(resolveEndpoint(authEndpoints.logout));
449
+ sessionStore.setSession(null);
450
+ broadcastSync.publishSession(null);
451
+ };
452
+ const subscribe = sessionStore.subscribe.bind(sessionStore);
453
+ return {
454
+ init,
455
+ getSession,
456
+ login,
457
+ logout,
458
+ refresh,
459
+ requireSession,
460
+ subscribe
461
+ };
462
+ }
463
+
464
+ // src/adapters/extension/auth-client.ts
465
+ function buildAuthorizeUrl(apiOrigin, returnTo, application) {
466
+ const authorizeEndpoint = resolveApiEndpoint(authEndpoints.authorize, apiOrigin);
467
+ const authorizeUrl = new URL(authorizeEndpoint, window.location.origin);
468
+ authorizeUrl.searchParams.set("return_to", returnTo);
469
+ if (application?.trim()) {
470
+ authorizeUrl.searchParams.set("app", application.trim());
471
+ }
472
+ return authorizeUrl.toString();
473
+ }
474
+ function createExtensionAuthClient(options) {
475
+ const baseClient = createAuthClient({
476
+ apiOrigin: options.apiOrigin,
477
+ application: options.application
478
+ });
479
+ const loginWithWebAuthFlow = async (loginOptions) => {
480
+ const returnTo = resolveReturnToPath(loginOptions?.returnTo);
481
+ const authorizeUrl = buildAuthorizeUrl(
482
+ options.apiOrigin,
483
+ returnTo,
484
+ loginOptions?.application ?? options.application
485
+ );
486
+ await options.launchWebAuthFlow({
487
+ authorizeUrl
488
+ });
489
+ await baseClient.refresh();
490
+ };
491
+ return {
492
+ ...baseClient,
493
+ login(loginOptions) {
494
+ void loginWithWebAuthFlow(loginOptions);
495
+ },
496
+ loginWithWebAuthFlow
497
+ };
498
+ }
499
+
500
+ export { createExtensionAuthClient };
501
+ //# sourceMappingURL=extension.js.map
502
+ //# sourceMappingURL=extension.js.map
package/dist/extension.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/constants/auth-endpoints.ts","../src/errors/auth-sdk-error.ts","../src/types/auth-error-code.ts","../src/core/api-origin.ts","../src/constants/http-status.ts","../src/constants/auth-keys.ts","../src/core/object-guards.ts","../src/core/session-parser.ts","../src/core/broadcast-sync.ts","../src/core/http-client.ts","../src/core/runtime.ts","../src/core/return-to-storage.ts","../src/core/session-store.ts","../src/core/auth-client.ts","../src/adapters/extension/auth-client.ts"],"names":[],"mappings":";AAAA,IAAM,aAAA,GAAgB,QAAA;AAEf,IAAM,aAAA,GAAgB;AAAA,EAC3B,SAAA,EAAW,GAAG,aAAa,CAAA,UAAA,CAAA;AAAA,EAE3B,OAAA,EAAS,GAAG,aAAa,CAAA,QAAA,CAAA;AAAA,EACzB,OAAA,EAAS,GAAG,aAAa,CAAA,QAAA,CAAA;AAAA,EACzB,MAAA,EAAQ,GAAG,aAAa,CAAA,OAAA;AAC1B,CAAA;;;ACCO,IAAM,YAAA,GAAN,cAA2B,KAAA,CAAM;AAAA,EAC7B,IAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EAET,YAAY,OAAA,EAA8B;AACxC,IAAA,KAAA,CAAM,QAAQ,OAAO,CAAA;AACrB,IAAA,IAAA,CAAK,IAAA,GAAO,cAAA;AACZ,IAAA,IAAA,CAAK,OAAO,OAAA,CAAQ,IAAA;AACpB,IAAA,IAAA,CAAK,UAAU,OAAA,CAAQ,OAAA;AACvB,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,MAAA;AAAA,EACxB;AACF,CAAA;;;ACrBO,IAAM,aAAA,GAAgB;AAAA,EAC3B,YAAA,EAAc,cAAA;AAAA,EACd,YAAA,EAAc,eAAA;AAAA,EACd,QAAA,EAAU,WAAA;AAAA,EACV,2BAAA,EAA6B,+BAE/B,CAAA;;;ACHA,IAAM,KAAA,GAAQ,GAAA;AAEd,SAAS,mBAAmB,SAAA,EAA2B;AACrD,EAAA,MAAM,OAAA,GAAU,UAAU,IAAA,EAAK;AAE/B,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,YAAA,CAAa;AAAA,MACrB,MAAM,aAAA,CAAc,QAAA;AAAA,MACpB,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS,mDAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,MAAA;AAEJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAI,IAAI,OAAO,CAAA;AAAA,EAC1B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,YAAA,CAAa;AAAA,MACrB,MAAM,aAAA,CAAc,QAAA;AAAA,MACpB,OAAA,EAAS,KAAA;AAAA,MACT,OAAA,EAAS,+CAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAO,QAAA,KAAa,KAAA,IAAS,MAAA,CAAO,MAAA,IAAU,OAAO,IAAA,EAAM;AAC7D,IAAA,MAAM,IAAI,YAAA,CAAa;AAAA,MACrB,MAAM,aAAA,CAAc,QAAA;AAAA,MACpB,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS,wDAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,MAAA,CAAO,MAAA;AAChB;AAEO,SAAS,kBAAA,CAAmB,MAAc,SAAA,EAA4B;AAC3E,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,CAAA,EAAG,kBAAA,CAAmB,SAAS,CAAC,GAAG,IAAI,CAAA,CAAA;AAChD;;;AChDO,IAAM,UAAA,GAAa;AAAA,EACxB,EAAA,EAAI,GAAA;AAAA,EAEJ,SAAA,EAAW,GAAA;AAAA,EAEX,YAAA,EAAc;AAChB,CAAA;;;ACNO,IAAM,aAAA,GAAgB;AAAA,EAC3B,WAAA,EAAa,sBAAA;AAAA,EACb,mBAAA,EAAqB;AACvB,CAAA;AAEO,IAAM,UAAA,GAAa;AAAA,EACxB,IAAA,EAAM;AACR,CAAA;;;ACPO,SAAS,eAAe,KAAA,EAAkD;AAC/E,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,KAAU,IAAA;AAChD;AAEO,SAAS,cAAc,KAAA,EAAiC;AAC7D,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA;AAC1B;;;ACHO,SAAS,cAAc,KAAA,EAAmC;AAC/D,EAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,IAAK,KAAA,CAAM,MAAM,CAAC,KAAA,KAAU,aAAA,CAAc,KAAK,CAAC,CAAA;AAC5E;AAEO,SAAS,iBAAiB,KAAA,EAAyC;AACxE,EAAA,IAAI,CAAC,cAAA,CAAe,KAAK,CAAA,EAAG;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,OACE,aAAA,CAAc,KAAA,CAAM,EAAE,CAAA,IACtB,cAAc,KAAA,CAAM,QAAQ,CAAA,KAC3B,KAAA,CAAM,SAAA,KAAc,IAAA,IAAQ,aAAA,CAAc,KAAA,CAAM,SAAS,CAAA,CAAA,KACzD,KAAA,CAAM,QAAA,KAAa,IAAA,IAAQ,aAAA,CAAc,KAAA,CAAM,QAAQ,CAAA,CAAA,IACxD,cAAc,KAAA,CAAM,KAAK,CAAA,IACzB,aAAA,CAAc,KAAA,CAAM,IAAI,CAAA,IACxB,aAAA,CAAc,MAAM,WAAW,CAAA;AAEnC;;;ACAA,SAAS,wBAAwB,KAAA,EAAgD;AAC/E,EAAA,IAAI,CAAC,cAAA,CAAe,KAAK,CAAA,EAAG;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,aAAA,CAAc,KAAA,CAAM,IAAI,CAAA,EAAG;AAC9B,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,KAAA,CAAM,IAAA,KAAS,aAAA,CAAc,mBAAA,EAAqB;AACpD,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,OAAO,KAAA,CAAM,OAAA,KAAY,IAAA,IAAQ,gBAAA,CAAiB,MAAM,OAAO,CAAA;AACjE;AAEA,SAAS,sCAAA,GAAuD;AAC9D,EAAA,OAAO,IAAI,YAAA,CAAa;AAAA,IACtB,MAAM,aAAA,CAAc,2BAAA;AAAA,IACpB,OAAA,EAAS,IAAA;AAAA,IACT,OAAA,EAAS,kDAAA;AAAA,IACT,MAAA,EAAQ;AAAA,GACT,CAAA;AACH;AAEO,SAAS,oBAAoB,OAAA,EAAoD;AACtF,EAAA,IAAI,OAAO,qBAAqB,WAAA,EAAa;AAC3C,IAAA,MAAM,sCAAA,EAAuC;AAAA,EAC/C;AAEA,EAAA,MAAM,OAAA,GAAU,IAAI,gBAAA,CAAiB,aAAA,CAAc,WAAW,CAAA;AAE9D,EAAA,MAAM,SAAA,GAA2B,CAAC,KAAA,KAAU;AAC1C,IAAA,MAAM,YAAA,GAAe,KAAA;AAErB,IAAA,IAAI,CAAC,uBAAA,CAAwB,YAAA,CAAa,IAAI,CAAA,EAAG;AAC/C,MAAA;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,gBAAA,CAAiB,YAAA,CAAa,IAAA,CAAK,OAAO,CAAA;AAAA,EACpD,CAAA;AAEA,EAAA,OAAA,CAAQ,gBAAA,CAAiB,WAAW,SAAS,CAAA;AAE7C,EAAA,OAAO;AAAA,IACL,KAAA,GAAQ;AACN,MAAA,OAAA,CAAQ,mBAAA,CAAoB,WAAW,SAAS,CAAA;AAChD,MAAA,OAAA,CAAQ,KAAA,EAAM;AAAA,IAChB,CAAA;AAAA,IACA,eAAe,OAAA,EAAS;AACtB,MAAA,MAAM,OAAA,GAAiC;AAAA,QACrC,OAAA;AAAA,QACA,MAAM,aAAA,CAAc;AAAA,OACtB;AAEA,MAAA,OAAA,CAAQ,YAAY,OAAO,CAAA;AAAA,IAC7B;AAAA,GACF;AACF;;;AC1EA,IAAM,eAAA,GAAkB,kBAAA;AACxB,IAAM,cAAA,GAAiB,cAAA;AACvB,IAAM,kBAAA,GAAyC,SAAA;AAC/C,IAAM,YAAA,GAA6B,UAAA;AAenC,SAAS,aAAqB,KAAA,EAAwB;AACpD,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,6BAA6B,MAAA,EAAgB;AACpD,EAAA,IAAI,MAAA,KAAW,WAAW,YAAA,EAAc;AACtC,IAAA,OAAO,aAAA,CAAc,YAAA;AAAA,EACvB;AAEA,EAAA,OAAO,aAAA,CAAc,QAAA;AACvB;AAEA,eAAe,iBAAiB,QAAA,EAAsC;AACpE,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,SAAS,IAAA,EAAK;AAAA,EAC7B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,eAAe,kBAAkB,QAAA,EAAiD;AAChF,EAAA,MAAM,OAAA,GAAU,MAAM,gBAAA,CAAiB,QAAQ,CAAA;AAE/C,EAAA,IAAI,CAAC,cAAA,CAAe,OAAO,CAAA,EAAG;AAC5B,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,IAAA;AAAA,MACN,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS;AAAA,KACX;AAAA,EACF;AAEA,EAAA,MAAM,YAAY,OAAA,CAAQ,IAAA;AAC1B,EAAA,MAAM,eAAe,OAAA,CAAQ,OAAA;AAE7B,EAAA,OAAO;AAAA,IACL,IAAA,EAAM,aAAA,CAAc,SAAS,CAAA,GAAI,SAAA,GAAY,IAAA;AAAA,IAC7C,OAAA,EAAS,SAAA,IAAa,OAAA,GAAU,OAAA,CAAQ,OAAA,GAAU,IAAA;AAAA,IAClD,OAAA,EAAS,aAAA,CAAc,YAAY,CAAA,GAAI,YAAA,GAAe;AAAA,GACxD;AACF;AAEA,SAAS,oBAAA,CAAqB,QAA2C,IAAA,EAAsB;AAC7F,EAAA,OAAO,CAAA,yBAAA,EAA4B,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACnD;AAEA,SAAS,wBAAA,CAAyB,QAA2C,IAAA,EAAsB;AACjG,EAAA,OAAO,CAAA,0BAAA,EAA6B,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACpD;AAEA,eAAe,QACb,OAAA,EACoB;AACpB,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,cAAA,IAAkB,UAAA,CAAW,EAAA;AAC5D,EAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,EAAA,MAAM,OAAA,GAAU,OAAO,OAAA,CAAQ,IAAA,KAAS,WAAA;AAExC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAA,CAAQ,GAAA,CAAI,gBAAgB,eAAe,CAAA;AAAA,EAC7C;AAEA,EAAA,MAAM,WAAA,GAA2B;AAAA,IAC/B,KAAA,EAAO,YAAA;AAAA,IACP,WAAA,EAAa,kBAAA;AAAA,IACb,OAAA;AAAA,IACA,QAAQ,OAAA,CAAQ;AAAA,GAClB;AAEA,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,WAAA,CAAY,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA;AAAA,EAChD;AAEA,EAAA,IAAI,QAAA;AAEJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,KAAA,CAAM,OAAA,CAAQ,IAAA,EAAM,WAAW,CAAA;AAAA,EAClD,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,YAAA,CAAa;AAAA,MACrB,MAAM,aAAA,CAAc,YAAA;AAAA,MACpB,OAAA,EAAS,KAAA;AAAA,MACT,OAAA,EAAS,wBAAA,CAAyB,OAAA,CAAQ,MAAA,EAAQ,QAAQ,IAAI,CAAA;AAAA,MAC9D,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,QAAA,CAAS,WAAW,cAAA,EAAgB;AACtC,IAAA,MAAM,MAAA,GAAS,MAAM,iBAAA,CAAkB,QAAQ,CAAA;AAE/C,IAAA,MAAM,IAAI,YAAA,CAAa;AAAA,MACrB,IAAA,EAAM,4BAAA,CAA6B,QAAA,CAAS,MAAM,CAAA;AAAA,MAClD,OAAA,EAAS;AAAA,QACP,SAAS,MAAA,CAAO,IAAA;AAAA,QAChB,YAAY,MAAA,CAAO;AAAA,OACrB;AAAA,MACA,SAAS,MAAA,CAAO,OAAA,IAAW,qBAAqB,OAAA,CAAQ,MAAA,EAAQ,QAAQ,IAAI,CAAA;AAAA,MAC5E,QAAQ,QAAA,CAAS;AAAA,KAClB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,QAAA,CAAS,MAAA,KAAW,UAAA,CAAW,SAAA,EAAW;AAC5C,IAAA,OAAO,aAAwB,IAAI,CAAA;AAAA,EACrC;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,gBAAA,CAAiB,QAAQ,CAAA;AAC/C,EAAA,OAAO,aAAwB,OAAO,CAAA;AACxC;AAEO,SAAS,QAAmB,IAAA,EAAkC;AACnE,EAAA,OAAO,OAAA,CAAmB;AAAA,IACxB,MAAA,EAAQ,KAAA;AAAA,IACR;AAAA,GACD,CAAA;AACH;AAUO,SAAS,oBAA+B,IAAA,EAAkC;AAC/E,EAAA,OAAO,OAAA,CAAmB;AAAA,IACxB,MAAA,EAAQ,MAAA;AAAA,IACR;AAAA,GACD,CAAA;AACH;AAEO,SAAS,UAAU,IAAA,EAA6B;AACrD,EAAA,OAAO,OAAA,CAAc;AAAA,IACnB,gBAAgB,UAAA,CAAW,SAAA;AAAA,IAC3B,MAAA,EAAQ,MAAA;AAAA,IACR;AAAA,GACD,CAAA;AACH;;;AC1JA,IAAM,0BAAA,GAA6B,sDAAA;AAE5B,SAAS,gBAAA,GAA4B;AAC1C,EAAA,OAAO,OAAO,MAAA,KAAW,WAAA;AAC3B;AAEO,SAAS,oBAAA,GAA6B;AAC3C,EAAA,IAAI,kBAAiB,EAAG;AACtB,IAAA;AAAA,EACF;AAEA,EAAA,MAAM,IAAI,YAAA,CAAa;AAAA,IACrB,MAAM,aAAA,CAAc,QAAA;AAAA,IACpB,OAAA,EAAS,IAAA;AAAA,IACT,OAAA,EAAS,0BAAA;AAAA,IACT,MAAA,EAAQ;AAAA,GACT,CAAA;AACH;;;ACjBA,SAAS,iBAAiB,KAAA,EAA0C;AAClE,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,OAAO,UAAA,CAAW,IAAA;AAAA,EACpB;AAEA,EAAA,IAAI,CAAC,KAAA,CAAM,UAAA,CAAW,UAAA,CAAW,IAAI,CAAA,EAAG;AACtC,IAAA,OAAO,UAAA,CAAW,IAAA;AAAA,EACpB;AAEA,EAAA,MAAM,sBAAA,GAAyB,IAAA;AAE/B,EAAA,IAAI,KAAA,CAAM,UAAA,CAAW,sBAAsB,CAAA,EAAG;AAC5C,IAAA,OAAO,UAAA,CAAW,IAAA;AAAA,EACpB;AAEA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,qBAAA,GAAgC;AACvC,EAAA,OAAO,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA;AACpF;AAEO,SAAS,oBAAoB,QAAA,EAAsC;AACxE,EAAA,oBAAA,EAAqB;AAErB,EAAA,MAAM,eAAe,qBAAA,EAAsB;AAC3C,EAAA,OAAO,gBAAA,CAAiB,YAAY,YAAY,CAAA;AAClD;;;ACzBO,IAAM,eAAN,MAAmB;AAAA,EAChB,SAAA,uBAAgB,GAAA,EAAqB;AAAA,EACrC,eAAA,GAAyC,IAAA;AAAA,EACzC,YAAA,GAAoC,SAAA;AAAA,EAE5C,oBAAA,GAA8C;AAC5C,IAAA,IAAI,IAAA,CAAK,iBAAiB,SAAA,EAAW;AACnC,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,OAAO,IAAA,CAAK,eAAA;AAAA,EACd;AAAA,EAEA,kBAAA,GAA8B;AAC5B,IAAA,OAAO,KAAK,YAAA,KAAiB,UAAA;AAAA,EAC/B;AAAA,EAEA,WAAW,OAAA,EAAsC;AAC/C,IAAA,IAAA,CAAK,YAAA,GAAe,UAAA;AACpB,IAAA,IAAA,CAAK,eAAA,GAAkB,OAAA;AAEvB,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,QAAA,CAAS,OAAO,CAAA;AAAA,IAClB;AAAA,EACF;AAAA,EAEA,UAAU,QAAA,EAAuC;AAC/C,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,QAAQ,CAAA;AAE3B,IAAA,OAAO,MAAM;AACX,MAAA,IAAA,CAAK,SAAA,CAAU,OAAO,QAAQ,CAAA;AAAA,IAChC,CAAA;AAAA,EACF;AACF,CAAA;;;ACjBA,SAAS,iCAAiC,IAAA,EAA4B;AACpE,EAAA,OAAO,IAAI,YAAA,CAAa;AAAA,IACtB,MAAM,aAAA,CAAc,QAAA;AAAA,IACpB,OAAA,EAAS,IAAA;AAAA,IACT,OAAA,EAAS,gDAAgD,IAAI,CAAA,CAAA;AAAA,IAC7D,MAAA,EAAQ;AAAA,GACT,CAAA;AACH;AAEA,SAAS,kBAAA,CAAmB,SAAkB,IAAA,EAA8B;AAC1E,EAAA,IAAI,CAAC,gBAAA,CAAiB,OAAO,CAAA,EAAG;AAC9B,IAAA,MAAM,iCAAiC,IAAI,CAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,OAAA;AACT;AAEA,SAAS,gBAAA,CAAiB,SAAkB,IAAA,EAAqC;AAC/E,EAAA,IAAI,YAAY,IAAA,EAAM;AACpB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,kBAAA,CAAmB,SAAS,IAAI,CAAA;AACzC;AAEA,SAAS,uBAAA,GAAyC;AAChD,EAAA,OAAO;AAAA,IACL,KAAA,GAAQ;AAAA,IAAC,CAAA;AAAA,IACT,cAAA,GAAiB;AAAA,IAAC;AAAA,GACpB;AACF;AAEA,SAAS,wBACP,gBAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,OAAO,mBAAA,CAAoB;AAAA,MACzB;AAAA,KACD,CAAA;AAAA,EACH,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,KAAA,YAAiB,YAAA,IAAgB,KAAA,CAAM,IAAA,KAAS,cAAc,2BAAA,EAA6B;AAC7F,MAAA,OAAO,uBAAA,EAAwB;AAAA,IACjC;AAEA,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,SAAS,aAAa,OAAA,EAAgD;AACpE,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,MAAA,EAAQ,UAAU,eAAA,GAAkB;AAAA,GACtC;AACF;AAEO,SAAS,gBAAA,CAAiB,OAAA,GAA6B,EAAC,EAAe;AAC5E,EAAA,IAAI,WAAA,GAA8C,IAAA;AAClD,EAAA,MAAM,kBAAA,GAAqB,OAAA,CAAQ,WAAA,EAAa,IAAA,EAAK,IAAK,EAAA;AAE1D,EAAA,MAAM,YAAA,GAAe,IAAI,YAAA,EAAa;AACtC,EAAA,MAAM,aAAA,GAAgB,uBAAA,CAAwB,CAAC,OAAA,KAAY;AACzD,IAAA,YAAA,CAAa,WAAW,OAAO,CAAA;AAAA,EACjC,CAAC,CAAA;AAED,EAAA,MAAM,kBAAkB,CAAC,IAAA,KAAyB,kBAAA,CAAmB,IAAA,EAAM,QAAQ,SAAS,CAAA;AAE5F,EAAA,MAAM,cAAc,YAA4C;AAC9D,IAAA,MAAM,UAAU,MAAM,OAAA,CAAiB,eAAA,CAAgB,aAAA,CAAc,OAAO,CAAC,CAAA;AAC7E,IAAA,OAAO,gBAAA,CAAiB,OAAA,EAAS,aAAA,CAAc,OAAO,CAAA;AAAA,EACxD,CAAA;AAEA,EAAA,MAAM,IAAA,GAAO,OAAO,WAAA,KAA2D;AAC7E,IAAA,MAAM,YAAA,GAAe,aAAa,YAAA,IAAgB,KAAA;AAElD,IAAA,IAAI,YAAA,CAAa,kBAAA,EAAmB,IAAK,CAAC,YAAA,EAAc;AACtD,MAAA,OAAO,YAAA,CAAa,YAAA,CAAa,oBAAA,EAAsB,CAAA;AAAA,IACzD;AAEA,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,OAAO,WAAA;AAAA,IACT;AAEA,IAAA,WAAA,GAAA,CAAe,YAAY;AACzB,MAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,MAAA,YAAA,CAAa,WAAW,OAAO,CAAA;AAC/B,MAAA,aAAA,CAAc,eAAe,OAAO,CAAA;AACpC,MAAA,OAAO,aAAa,OAAO,CAAA;AAAA,IAC7B,CAAA,GAAG;AAEH,IAAA,IAAI;AACF,MAAA,OAAO,MAAM,WAAA;AAAA,IACf,CAAA,SAAE;AACA,MAAA,WAAA,GAAc,IAAA;AAAA,IAChB;AAAA,EACF,CAAA;AAEA,EAAA,MAAM,UAAA,GAAa,OACjB,cAAA,KACmC;AACnC,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK;AAAA,MACxB,YAAA,EAAc,gBAAgB,YAAA,IAAgB;AAAA,KAC/C,CAAA;AAED,IAAA,OAAO,MAAA,CAAO,OAAA;AAAA,EAChB,CAAA;AAEA,EAAA,MAAM,UAAU,YAA4C;AAC1D,IAAA,MAAM,UAAU,MAAM,mBAAA,CAA6B,eAAA,CAAgB,aAAA,CAAc,OAAO,CAAC,CAAA;AACzF,IAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,OAAA,EAAS,aAAA,CAAc,OAAO,CAAA;AAC/D,IAAA,YAAA,CAAa,WAAW,OAAO,CAAA;AAC/B,IAAA,aAAA,CAAc,eAAe,OAAO,CAAA;AACpC,IAAA,OAAO,OAAA;AAAA,EACT,CAAA;AAEA,EAAA,MAAM,iBAAiB,YAAqC;AAC1D,IAAA,MAAM,OAAA,GAAU,MAAM,UAAA,EAAW;AAEjC,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,OAAO,OAAA;AAAA,IACT;AAEA,IAAA,MAAM,IAAI,YAAA,CAAa;AAAA,MACrB,MAAM,aAAA,CAAc,YAAA;AAAA,MACpB,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS,oCAAA;AAAA,MACT,QAAQ,UAAA,CAAW;AAAA,KACpB,CAAA;AAAA,EACH,CAAA;AAEA,EAAA,MAAM,KAAA,GAAQ,CAAC,YAAA,KAAsC;AACnD,IAAA,MAAM,QAAA,GAAW,mBAAA,CAAoB,YAAA,EAAc,QAAQ,CAAA;AAC3D,IAAA,MAAM,YAAA,GAAe,IAAI,GAAA,CAAI,eAAA,CAAgB,cAAc,SAAS,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA;AAC7F,IAAA,YAAA,CAAa,YAAA,CAAa,GAAA,CAAI,WAAA,EAAa,QAAQ,CAAA;AACnD,IAAA,MAAM,WAAA,GAAc,YAAA,EAAc,WAAA,EAAa,IAAA,EAAK,IAAK,kBAAA;AACzD,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,YAAA,CAAa,YAAA,CAAa,GAAA,CAAI,KAAA,EAAO,WAAW,CAAA;AAAA,IAClD;AACA,IAAA,MAAA,CAAO,QAAA,CAAS,MAAA,CAAO,YAAA,CAAa,QAAA,EAAU,CAAA;AAAA,EAChD,CAAA;AAEA,EAAA,MAAM,SAAS,YAA2B;AACxC,IAAA,MAAM,SAAA,CAAU,eAAA,CAAgB,aAAA,CAAc,MAAM,CAAC,CAAA;AACrD,IAAA,YAAA,CAAa,WAAW,IAAI,CAAA;AAC5B,IAAA,aAAA,CAAc,eAAe,IAAI,CAAA;AAAA,EACnC,CAAA;AAEA,EAAA,MAAM,SAAA,GAAY,YAAA,CAAa,SAAA,CAAU,IAAA,CAAK,YAAY,CAAA;AAE1D,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,UAAA;AAAA,IACA,KAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,cAAA;AAAA,IACA;AAAA,GACF;AACF;;;AC9JA,SAAS,iBAAA,CAAkB,SAAA,EAAmB,QAAA,EAAkB,WAAA,EAA8B;AAC5F,EAAA,MAAM,iBAAA,GAAoB,kBAAA,CAAmB,aAAA,CAAc,SAAA,EAAW,SAAS,CAAA;AAC/E,EAAA,MAAM,eAAe,IAAI,GAAA,CAAI,iBAAA,EAAmB,MAAA,CAAO,SAAS,MAAM,CAAA;AACtE,EAAA,YAAA,CAAa,YAAA,CAAa,GAAA,CAAI,WAAA,EAAa,QAAQ,CAAA;AACnD,EAAA,IAAI,WAAA,EAAa,MAAK,EAAG;AACvB,IAAA,YAAA,CAAa,YAAA,CAAa,GAAA,CAAI,KAAA,EAAO,WAAA,CAAY,MAAM,CAAA;AAAA,EACzD;AACA,EAAA,OAAO,aAAa,QAAA,EAAS;AAC/B;AAEO,SAAS,0BACd,OAAA,EACqB;AACrB,EAAA,MAAM,aAAa,gBAAA,CAAiB;AAAA,IAClC,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,aAAa,OAAA,CAAQ;AAAA,GACtB,CAAA;AAED,EAAA,MAAM,oBAAA,GAAuB,OAAO,YAAA,KAA+C;AACjF,IAAA,MAAM,QAAA,GAAW,mBAAA,CAAoB,YAAA,EAAc,QAAQ,CAAA;AAC3D,IAAA,MAAM,YAAA,GAAe,iBAAA;AAAA,MACnB,OAAA,CAAQ,SAAA;AAAA,MACR,QAAA;AAAA,MACA,YAAA,EAAc,eAAe,OAAA,CAAQ;AAAA,KACvC;AACA,IAAA,MAAM,QAAQ,iBAAA,CAAkB;AAAA,MAC9B;AAAA,KACD,CAAA;AACD,IAAA,MAAM,WAAW,OAAA,EAAQ;AAAA,EAC3B,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,GAAG,UAAA;AAAA,IACH,MAAM,YAAA,EAA6B;AACjC,MAAA,KAAK,qBAAqB,YAAY,CAAA;AAAA,IACxC,CAAA;AAAA,IACA;AAAA,GACF;AACF","file":"extension.js","sourcesContent":["const authApiPrefix = \"/oauth\";\n\nexport const authEndpoints = {\n authorize: `${authApiPrefix}/authorize`,\n providerCallback: `${authApiPrefix}/callback/provider`,\n session: `${authApiPrefix}/session`,\n refresh: `${authApiPrefix}/refresh`,\n logout: `${authApiPrefix}/logout`,\n} as const;\n","import type { AuthErrorCode } from \"../types/auth-error-code\";\n\nexport interface AuthSdkErrorPayload {\n code: AuthErrorCode;\n details: unknown;\n message: string;\n status: number | null;\n}\n\nexport class AuthSdkError extends Error {\n readonly code: AuthErrorCode;\n readonly details: unknown;\n readonly status: number | null;\n\n constructor(payload: AuthSdkErrorPayload) {\n super(payload.message);\n this.name = \"AuthSdkError\";\n this.code = payload.code;\n this.details = payload.details;\n this.status = payload.status;\n }\n}\n","export const authErrorCode = {\n unauthorized: \"unauthorized\",\n networkError: \"network_error\",\n apiError: \"api_error\",\n broadcastChannelUnsupported: \"broadcast_channel_unsupported\",\n serverOriginResolutionFailed: \"server_origin_resolution_failed\",\n} as const;\n\nexport type AuthErrorCode = (typeof authErrorCode)[keyof typeof authErrorCode];\n","import { AuthSdkError } from \"../errors/auth-sdk-error\";\nimport { authErrorCode } from \"../types/auth-error-code\";\n\nconst slash = \"/\";\n\nfunction normalizeApiOrigin(apiOrigin: string): string {\n const trimmed = apiOrigin.trim();\n\n if (!trimmed) {\n throw new AuthSdkError({\n code: authErrorCode.apiError,\n details: null,\n message: \"Auth API origin must be a non-empty absolute URL.\",\n status: null,\n });\n }\n\n let parsed: URL;\n\n try {\n parsed = new URL(trimmed);\n } catch (error) {\n throw new AuthSdkError({\n code: authErrorCode.apiError,\n details: error,\n message: \"Auth API origin must be a valid absolute URL.\",\n status: null,\n });\n }\n\n if (parsed.pathname !== slash || parsed.search || parsed.hash) {\n throw new AuthSdkError({\n code: authErrorCode.apiError,\n details: null,\n message: \"Auth API origin must not include path, query, or hash.\",\n status: null,\n });\n }\n\n return parsed.origin;\n}\n\nexport function resolveApiEndpoint(path: string, apiOrigin?: string): string {\n if (!apiOrigin) {\n return path;\n }\n\n return `${normalizeApiOrigin(apiOrigin)}${path}`;\n}\n","export const httpStatus = {\n ok: 200,\n found: 302,\n noContent: 204,\n badRequest: 400,\n unauthorized: 401,\n} as const;\n","export const authBroadcast = {\n channelName: \"ghostly-auth-channel\",\n sessionUpdatedEvent: \"session-updated\",\n} as const;\n\nexport const authRoutes = {\n root: \"/\",\n} as const;\n","export function isObjectRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null;\n}\n\nexport function isStringValue(value: unknown): value is string {\n return typeof value === \"string\";\n}\n","import type { GhostlySession } from \"../types/ghostly-session\";\nimport { isObjectRecord, isStringValue } from \"./object-guards\";\n\nexport function isStringArray(value: unknown): value is string[] {\n return Array.isArray(value) && value.every((entry) => isStringValue(entry));\n}\n\nexport function isGhostlySession(value: unknown): value is GhostlySession {\n if (!isObjectRecord(value)) {\n return false;\n }\n\n return (\n isStringValue(value.id) &&\n isStringValue(value.username) &&\n (value.firstName === null || isStringValue(value.firstName)) &&\n (value.lastName === null || isStringValue(value.lastName)) &&\n isStringValue(value.email) &&\n isStringValue(value.role) &&\n isStringArray(value.permissions)\n );\n}\n","import { authBroadcast } from \"../constants/auth-keys\";\nimport { AuthSdkError } from \"../errors/auth-sdk-error\";\nimport { authErrorCode } from \"../types/auth-error-code\";\nimport type { GhostlySession } from \"../types/ghostly-session\";\nimport { isObjectRecord, isStringValue } from \"./object-guards\";\nimport { isGhostlySession } from \"./session-parser\";\n\ninterface SessionUpdatedMessage {\n session: GhostlySession | null;\n type: typeof authBroadcast.sessionUpdatedEvent;\n}\n\nexport interface BroadcastSync {\n close(): void;\n publishSession(session: GhostlySession | null): void;\n}\n\ninterface CreateBroadcastSyncOptions {\n onSessionUpdated: (session: GhostlySession | null) => void;\n}\n\nfunction isSessionUpdatedMessage(value: unknown): value is SessionUpdatedMessage {\n if (!isObjectRecord(value)) {\n return false;\n }\n\n if (!isStringValue(value.type)) {\n return false;\n }\n\n if (value.type !== authBroadcast.sessionUpdatedEvent) {\n return false;\n }\n\n return value.session === null || isGhostlySession(value.session);\n}\n\nfunction createUnsupportedBroadcastChannelError(): AuthSdkError {\n return new AuthSdkError({\n code: authErrorCode.broadcastChannelUnsupported,\n details: null,\n message: \"BroadcastChannel is unavailable in this runtime.\",\n status: null,\n });\n}\n\nexport function createBroadcastSync(options: CreateBroadcastSyncOptions): BroadcastSync {\n if (typeof BroadcastChannel === \"undefined\") {\n throw createUnsupportedBroadcastChannelError();\n }\n\n const channel = new BroadcastChannel(authBroadcast.channelName);\n\n const onMessage: EventListener = (event) => {\n const messageEvent = event as MessageEvent<unknown>;\n\n if (!isSessionUpdatedMessage(messageEvent.data)) {\n return;\n }\n\n options.onSessionUpdated(messageEvent.data.session);\n };\n\n channel.addEventListener(\"message\", onMessage);\n\n return {\n close() {\n channel.removeEventListener(\"message\", onMessage);\n channel.close();\n },\n publishSession(session) {\n const payload: SessionUpdatedMessage = {\n session,\n type: authBroadcast.sessionUpdatedEvent,\n };\n\n channel.postMessage(payload);\n },\n };\n}\n","import { httpStatus } from \"../constants/http-status\";\nimport { AuthSdkError } from \"../errors/auth-sdk-error\";\nimport { authErrorCode } from \"../types/auth-error-code\";\nimport { isObjectRecord, isStringValue } from \"./object-guards\";\n\nconst jsonContentType = \"application/json\";\nconst jsonHeaderName = \"content-type\";\nconst includeCredentials: RequestCredentials = \"include\";\nconst noStoreCache: RequestCache = \"no-store\";\n\ninterface RequestOptions<TBody> {\n body?: TBody;\n expectedStatus?: number;\n method: \"GET\" | \"POST\";\n path: string;\n}\n\ninterface ParsedErrorPayload {\n code: string | null;\n details: unknown;\n message: string | null;\n}\n\nfunction toTypedValue<TValue>(value: unknown): TValue {\n return value as TValue;\n}\n\nfunction mapHttpStatusToAuthErrorCode(status: number) {\n if (status === httpStatus.unauthorized) {\n return authErrorCode.unauthorized;\n }\n\n return authErrorCode.apiError;\n}\n\nasync function parseJsonPayload(response: Response): Promise<unknown> {\n try {\n return await response.json();\n } catch {\n return null;\n }\n}\n\nasync function parseErrorPayload(response: Response): Promise<ParsedErrorPayload> {\n const payload = await parseJsonPayload(response);\n\n if (!isObjectRecord(payload)) {\n return {\n code: null,\n details: null,\n message: null,\n };\n }\n\n const maybeCode = payload.code;\n const maybeMessage = payload.message;\n\n return {\n code: isStringValue(maybeCode) ? maybeCode : null,\n details: \"details\" in payload ? payload.details : null,\n message: isStringValue(maybeMessage) ? maybeMessage : null,\n };\n}\n\nfunction buildApiErrorMessage(method: RequestOptions<unknown>[\"method\"], path: string): string {\n return `Auth API request failed: ${method} ${path}`;\n}\n\nfunction buildNetworkErrorMessage(method: RequestOptions<unknown>[\"method\"], path: string): string {\n return `Auth API network failure: ${method} ${path}`;\n}\n\nasync function request<TResponse, TBody = undefined>(\n options: RequestOptions<TBody>,\n): Promise<TResponse> {\n const expectedStatus = options.expectedStatus ?? httpStatus.ok;\n const headers = new Headers();\n const hasBody = typeof options.body !== \"undefined\";\n\n if (hasBody) {\n headers.set(jsonHeaderName, jsonContentType);\n }\n\n const requestInit: RequestInit = {\n cache: noStoreCache,\n credentials: includeCredentials,\n headers,\n method: options.method,\n };\n\n if (hasBody) {\n requestInit.body = JSON.stringify(options.body);\n }\n\n let response: Response;\n\n try {\n response = await fetch(options.path, requestInit);\n } catch (error) {\n throw new AuthSdkError({\n code: authErrorCode.networkError,\n details: error,\n message: buildNetworkErrorMessage(options.method, options.path),\n status: null,\n });\n }\n\n if (response.status !== expectedStatus) {\n const parsed = await parseErrorPayload(response);\n\n throw new AuthSdkError({\n code: mapHttpStatusToAuthErrorCode(response.status),\n details: {\n apiCode: parsed.code,\n apiDetails: parsed.details,\n },\n message: parsed.message ?? buildApiErrorMessage(options.method, options.path),\n status: response.status,\n });\n }\n\n if (response.status === httpStatus.noContent) {\n return toTypedValue<TResponse>(null);\n }\n\n const payload = await parseJsonPayload(response);\n return toTypedValue<TResponse>(payload);\n}\n\nexport function getJson<TResponse>(path: string): Promise<TResponse> {\n return request<TResponse>({\n method: \"GET\",\n path,\n });\n}\n\nexport function postJson<TResponse, TBody>(path: string, body: TBody): Promise<TResponse> {\n return request<TResponse, TBody>({\n body,\n method: \"POST\",\n path,\n });\n}\n\nexport function postJsonWithoutBody<TResponse>(path: string): Promise<TResponse> {\n return request<TResponse>({\n method: \"POST\",\n path,\n });\n}\n\nexport function postEmpty(path: string): Promise<null> {\n return request<null>({\n expectedStatus: httpStatus.noContent,\n method: \"POST\",\n path,\n });\n}\n","import { AuthSdkError } from \"../errors/auth-sdk-error\";\nimport { authErrorCode } from \"../types/auth-error-code\";\n\nconst browserRuntimeErrorMessage = \"Browser runtime is required for this auth operation.\";\n\nexport function isBrowserRuntime(): boolean {\n return typeof window !== \"undefined\";\n}\n\nexport function assertBrowserRuntime(): void {\n if (isBrowserRuntime()) {\n return;\n }\n\n throw new AuthSdkError({\n code: authErrorCode.apiError,\n details: null,\n message: browserRuntimeErrorMessage,\n status: null,\n });\n}\n","import { authRoutes } from \"../constants/auth-keys\";\nimport { assertBrowserRuntime } from \"./runtime\";\n\nfunction sanitizeReturnTo(value: string | null | undefined): string {\n if (!value) {\n return authRoutes.root;\n }\n\n if (!value.startsWith(authRoutes.root)) {\n return authRoutes.root;\n }\n\n const protocolRelativePrefix = \"//\";\n\n if (value.startsWith(protocolRelativePrefix)) {\n return authRoutes.root;\n }\n\n return value;\n}\n\nfunction getCurrentBrowserPath(): string {\n return `${window.location.pathname}${window.location.search}${window.location.hash}`;\n}\n\nexport function resolveReturnToPath(returnTo: string | undefined): string {\n assertBrowserRuntime();\n\n const fallbackPath = getCurrentBrowserPath();\n return sanitizeReturnTo(returnTo ?? fallbackPath);\n}\n","import type { SessionListener } from \"../types/auth-client\";\nimport type { GhostlySession } from \"../types/ghostly-session\";\n\ntype SessionResolveState = \"pending\" | \"resolved\";\n\nexport class SessionStore {\n private listeners = new Set<SessionListener>();\n private resolvedSession: GhostlySession | null = null;\n private resolveState: SessionResolveState = \"pending\";\n\n getSessionIfResolved(): GhostlySession | null {\n if (this.resolveState === \"pending\") {\n return null;\n }\n\n return this.resolvedSession;\n }\n\n hasResolvedSession(): boolean {\n return this.resolveState === \"resolved\";\n }\n\n setSession(session: GhostlySession | null): void {\n this.resolveState = \"resolved\";\n this.resolvedSession = session;\n\n for (const listener of this.listeners) {\n listener(session);\n }\n }\n\n subscribe(listener: SessionListener): () => void {\n this.listeners.add(listener);\n\n return () => {\n this.listeners.delete(listener);\n };\n }\n}\n","import { authEndpoints } from \"../constants/auth-endpoints\";\nimport { httpStatus } from \"../constants/http-status\";\nimport { AuthSdkError } from \"../errors/auth-sdk-error\";\nimport type {\n AuthClient,\n AuthClientOptions,\n AuthInitOptions,\n AuthInitResult,\n LoginOptions,\n SessionRequestOptions,\n} from \"../types/auth-client\";\nimport { authErrorCode } from \"../types/auth-error-code\";\nimport type { GhostlySession } from \"../types/ghostly-session\";\nimport { resolveApiEndpoint } from \"./api-origin\";\nimport type { BroadcastSync } from \"./broadcast-sync\";\nimport { createBroadcastSync } from \"./broadcast-sync\";\nimport { getJson, postEmpty, postJsonWithoutBody } from \"./http-client\";\nimport { resolveReturnToPath } from \"./return-to-storage\";\nimport { isGhostlySession } from \"./session-parser\";\nimport { SessionStore } from \"./session-store\";\n\nfunction createInvalidSessionPayloadError(path: string): AuthSdkError {\n return new AuthSdkError({\n code: authErrorCode.apiError,\n details: null,\n message: `Auth API response has invalid session shape: ${path}`,\n status: null,\n });\n}\n\nfunction toValidatedSession(payload: unknown, path: string): GhostlySession {\n if (!isGhostlySession(payload)) {\n throw createInvalidSessionPayloadError(path);\n }\n\n return payload;\n}\n\nfunction toSessionPayload(payload: unknown, path: string): GhostlySession | null {\n if (payload === null) {\n return null;\n }\n\n return toValidatedSession(payload, path);\n}\n\nfunction createNoopBroadcastSync(): BroadcastSync {\n return {\n close() {},\n publishSession() {},\n };\n}\n\nfunction createSafeBroadcastSync(\n onSessionUpdated: (session: GhostlySession | null) => void,\n): BroadcastSync {\n try {\n return createBroadcastSync({\n onSessionUpdated,\n });\n } catch (error) {\n if (error instanceof AuthSdkError && error.code === authErrorCode.broadcastChannelUnsupported) {\n return createNoopBroadcastSync();\n }\n\n throw error;\n }\n}\n\nfunction toInitResult(session: GhostlySession | null): AuthInitResult {\n return {\n session,\n status: session ? \"authenticated\" : \"unauthenticated\",\n };\n}\n\nexport function createAuthClient(options: AuthClientOptions = {}): AuthClient {\n let initPromise: Promise<AuthInitResult> | null = null;\n const defaultApplication = options.application?.trim() || \"\";\n\n const sessionStore = new SessionStore();\n const broadcastSync = createSafeBroadcastSync((session) => {\n sessionStore.setSession(session);\n });\n\n const resolveEndpoint = (path: string): string => resolveApiEndpoint(path, options.apiOrigin);\n\n const loadSession = async (): Promise<GhostlySession | null> => {\n const payload = await getJson<unknown>(resolveEndpoint(authEndpoints.session));\n return toSessionPayload(payload, authEndpoints.session);\n };\n\n const init = async (initOptions?: AuthInitOptions): Promise<AuthInitResult> => {\n const forceRefresh = initOptions?.forceRefresh ?? false;\n\n if (sessionStore.hasResolvedSession() && !forceRefresh) {\n return toInitResult(sessionStore.getSessionIfResolved());\n }\n\n if (initPromise) {\n return initPromise;\n }\n\n initPromise = (async () => {\n const session = await loadSession();\n sessionStore.setSession(session);\n broadcastSync.publishSession(session);\n return toInitResult(session);\n })();\n\n try {\n return await initPromise;\n } finally {\n initPromise = null;\n }\n };\n\n const getSession = async (\n requestOptions?: SessionRequestOptions,\n ): Promise<GhostlySession | null> => {\n const result = await init({\n forceRefresh: requestOptions?.forceRefresh ?? false,\n });\n\n return result.session;\n };\n\n const refresh = async (): Promise<GhostlySession | null> => {\n const payload = await postJsonWithoutBody<unknown>(resolveEndpoint(authEndpoints.refresh));\n const session = toSessionPayload(payload, authEndpoints.refresh);\n sessionStore.setSession(session);\n broadcastSync.publishSession(session);\n return session;\n };\n\n const requireSession = async (): Promise<GhostlySession> => {\n const session = await getSession();\n\n if (session) {\n return session;\n }\n\n throw new AuthSdkError({\n code: authErrorCode.unauthorized,\n details: null,\n message: \"Authenticated session is required.\",\n status: httpStatus.unauthorized,\n });\n };\n\n const login = (loginOptions?: LoginOptions): void => {\n const returnTo = resolveReturnToPath(loginOptions?.returnTo);\n const authorizeUrl = new URL(resolveEndpoint(authEndpoints.authorize), window.location.origin);\n authorizeUrl.searchParams.set(\"return_to\", returnTo);\n const application = loginOptions?.application?.trim() || defaultApplication;\n if (application) {\n authorizeUrl.searchParams.set(\"app\", application);\n }\n window.location.assign(authorizeUrl.toString());\n };\n\n const logout = async (): Promise<void> => {\n await postEmpty(resolveEndpoint(authEndpoints.logout));\n sessionStore.setSession(null);\n broadcastSync.publishSession(null);\n };\n\n const subscribe = sessionStore.subscribe.bind(sessionStore);\n\n return {\n init,\n getSession,\n login,\n logout,\n refresh,\n requireSession,\n subscribe,\n };\n}\n","import { authEndpoints } from \"../../constants/auth-endpoints\";\nimport { resolveApiEndpoint } from \"../../core/api-origin\";\nimport { createAuthClient } from \"../../core/auth-client\";\nimport { resolveReturnToPath } from \"../../core/return-to-storage\";\nimport type { AuthClient, LoginOptions } from \"../../types/auth-client\";\n\ninterface LaunchWebAuthFlowPayload {\n authorizeUrl: string;\n}\n\nexport interface ExtensionAuthClientOptions {\n apiOrigin: string;\n application?: string;\n launchWebAuthFlow: (payload: LaunchWebAuthFlowPayload) => Promise<void>;\n}\n\nexport interface ExtensionAuthClient extends AuthClient {\n loginWithWebAuthFlow(options?: LoginOptions): Promise<void>;\n}\n\nfunction buildAuthorizeUrl(apiOrigin: string, returnTo: string, application?: string): string {\n const authorizeEndpoint = resolveApiEndpoint(authEndpoints.authorize, apiOrigin);\n const authorizeUrl = new URL(authorizeEndpoint, window.location.origin);\n authorizeUrl.searchParams.set(\"return_to\", returnTo);\n if (application?.trim()) {\n authorizeUrl.searchParams.set(\"app\", application.trim());\n }\n return authorizeUrl.toString();\n}\n\nexport function createExtensionAuthClient(\n options: ExtensionAuthClientOptions,\n): ExtensionAuthClient {\n const baseClient = createAuthClient({\n apiOrigin: options.apiOrigin,\n application: options.application,\n });\n\n const loginWithWebAuthFlow = async (loginOptions?: LoginOptions): Promise<void> => {\n const returnTo = resolveReturnToPath(loginOptions?.returnTo);\n const authorizeUrl = buildAuthorizeUrl(\n options.apiOrigin,\n returnTo,\n loginOptions?.application ?? options.application,\n );\n await options.launchWebAuthFlow({\n authorizeUrl,\n });\n await baseClient.refresh();\n };\n\n return {\n ...baseClient,\n login(loginOptions?: LoginOptions) {\n void loginWithWebAuthFlow(loginOptions);\n },\n loginWithWebAuthFlow,\n };\n}\n"]}
package/dist/index.d.ts CHANGED
@@ -1,34 +1,27 @@
1
- import { A as AuthClient, G as GhostlySession } from './auth-client-CAHMjodm.js';
2
- export { L as LoginOptions, P as ProcessCallbackResult, S as SessionListener, a as SessionRequestOptions } from './auth-client-CAHMjodm.js';
3
- export { A as AuthErrorCode, a as AuthSdkError, b as AuthSdkErrorPayload, c as authErrorCode } from './auth-sdk-error-DKM7PyKC.js';
1
+ import { a as AuthClientOptions, A as AuthClient, G as GhostlySession } from './auth-client-Cdkp07ii.js';
2
+ export { b as AuthInitOptions, c as AuthInitResult, L as LoginOptions, S as SessionListener, d as SessionRequestOptions } from './auth-client-Cdkp07ii.js';
3
+ export { A as AuthErrorCode, a as AuthSdkError, b as AuthSdkErrorPayload, c as authErrorCode } from './auth-sdk-error-D3gsfK9d.js';
4
4
 
5
5
  declare const authEndpoints: {
6
- readonly loginStart: "/v1/auth/keycloak/login";
7
- readonly validateKeycloakToken: "/v1/auth/keycloak/validate";
8
- readonly session: "/v1/auth/me";
9
- readonly logout: "/v1/auth/logout";
6
+ readonly authorize: "/oauth/authorize";
7
+ readonly providerCallback: "/oauth/callback/provider";
8
+ readonly session: "/oauth/session";
9
+ readonly refresh: "/oauth/refresh";
10
+ readonly logout: "/oauth/logout";
10
11
  };
11
12
 
12
- declare const authQueryKeys: {
13
- readonly token: "token";
14
- };
15
13
  declare const authRoutes: {
16
14
  readonly root: "/";
17
- readonly callback: "/auth/callback";
18
15
  };
19
16
 
20
- declare function createAuthClient(): AuthClient;
17
+ declare function createAuthClient(options?: AuthClientOptions): AuthClient;
21
18
 
22
- interface KeycloakValidateRequest {
23
- token: string;
24
- }
25
- interface KeycloakValidateResponse {
26
- session: GhostlySession;
27
- }
19
+ type OauthSessionResponse = GhostlySession | null;
20
+ type OauthRefreshResponse = GhostlySession | null;
28
21
  interface AuthErrorPayload {
29
22
  code: string;
30
23
  details: unknown;
31
24
  message: string;
32
25
  }
33
26
 
34
- export { AuthClient, type AuthErrorPayload, GhostlySession, type KeycloakValidateRequest, type KeycloakValidateResponse, authEndpoints, authQueryKeys, authRoutes, createAuthClient };
27
+ export { AuthClient, AuthClientOptions, type AuthErrorPayload, GhostlySession, type OauthRefreshResponse, type OauthSessionResponse, authEndpoints, authRoutes, createAuthClient };