@hexclave/next 1.0.21 → 1.0.22

package/dist/lib/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","names":[],"sources":["../../src/lib/auth.ts"],"mappings":";;;;iBAWsB,6BAAA,CACpB,KAAA,EAAO,uBAAA,EACP,OAAA;EACE,QAAA;EACA,WAAA;EACA,gBAAA;EACA,aAAA;AAAA,GAEF,OAAA,EAAS,eAAA,GACR,OAAA;AAAA,iBA0HmB,iBAAA,CACpB,KAAA,EAAO,uBAAA,EACP,WAAA,UACA,OAAA;EACE,+BAAA;AAAA,IACD,OAAA"}
+{"version":3,"file":"auth.d.ts","names":[],"sources":["../../src/lib/auth.ts"],"mappings":";;;;iBAWsB,6BAAA,CACpB,KAAA,EAAO,uBAAA,EACP,OAAA;EACE,QAAA;EACA,WAAA;EACA,gBAAA;EACA,aAAA;AAAA,GAEF,OAAA,EAAS,eAAA,GACR,OAAA;AAAA,iBA4JmB,iBAAA,CACpB,KAAA,EAAO,uBAAA,EACP,WAAA,UACA,OAAA;EACE,+BAAA;AAAA,IACD,OAAA"}

package/dist/lib/auth.js

@@ -22,14 +22,29 @@ async function getNewOAuthProviderOrScopeUrl(iface, options, session) {
 		providerScope: options.providerScope
 	});
 }
+const oauthErrorParams = [
+	"error",
+	"error_description",
+	"errorCode",
+	"message",
+	"details"
+];
+function removeOAuthErrorParamsFromHistory(originalUrl) {
+	const newUrl = new URL(originalUrl);
+	for (const param of oauthErrorParams) newUrl.searchParams.delete(param);
+	window.history.replaceState({}, "", newUrl.toString());
+}
+function getProviderOAuthErrorFromUrl(originalUrl) {
+	const providerError = originalUrl.searchParams.get("error");
+	const providerErrorDescription = originalUrl.searchParams.get("error_description");
+	if (providerError == null && providerErrorDescription == null) return null;
+	switch (providerError) {
+		case "access_denied":
+		case "consent_required": return new _hexclave_shared.KnownErrors.OAuthProviderAccessDenied();
+		default: return new _hexclave_shared.KnownErrors.OAuthProviderTemporarilyUnavailable();
+	}
+}
 function consumeOAuthCallbackQueryParams(options) {
-	const oauthErrorParams = [
-		"error",
-		"error_description",
-		"errorCode",
-		"message",
-		"details"
-	];
 	const requiredParams = ["code", "state"];
 	const originalUrl = new URL(window.location.href);
 	const knownErrorCode = originalUrl.searchParams.get("errorCode");
@@ -45,9 +60,7 @@ function consumeOAuthCallbackQueryParams(options) {
 				cause: error
 			});
 		}
-		const newUrl = new URL(originalUrl);
-		for (const param of oauthErrorParams) newUrl.searchParams.delete(param);
-		window.history.replaceState({}, "", newUrl.toString());
+		removeOAuthErrorParamsFromHistory(originalUrl);
 		return {
 			type: "known-error",
 			error: _hexclave_shared.KnownError.fromJson({
@@ -57,6 +70,14 @@ function consumeOAuthCallbackQueryParams(options) {
 			})
 		};
 	}
+	const providerOAuthError = getProviderOAuthErrorFromUrl(originalUrl);
+	if (providerOAuthError != null && !requiredParams.every((param) => originalUrl.searchParams.has(param))) {
+		removeOAuthErrorParamsFromHistory(originalUrl);
+		return {
+			type: "known-error",
+			error: providerOAuthError
+		};
+	}
 	for (const param of requiredParams) if (!originalUrl.searchParams.has(param)) {
 		if (!options?.dontWarnAboutMissingQueryParams) console.warn(/* @__PURE__ */ new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));
 		return null;

package/dist/lib/auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.js","names":["HexclaveAssertionError","KnownError","Result"],"sources":["../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { KnownError, HexclaveClientInterface } from \"@hexclave/shared\";\nimport { InternalSession } from \"@hexclave/shared/dist/sessions\";\nimport { HexclaveAssertionError, throwErr } from \"@hexclave/shared/dist/utils/errors\";\nimport { Result } from \"@hexclave/shared/dist/utils/results\";\nimport { deindent } from \"@hexclave/shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\nexport async function getNewOAuthProviderOrScopeUrl(\n  iface: HexclaveClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  },\n  session: InternalSession,\n): Promise<string> {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  return await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n    afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n    codeChallenge,\n    state,\n    type: \"link\",\n    session,\n    providerScope: options.providerScope,\n  });\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\ntype OAuthCallbackConsumptionResult =\n  | {\n    type: \"oauth-response\",\n    originalUrl: URL,\n    codeVerifier: string,\n    state: string,\n  }\n  | {\n    type: \"known-error\",\n    error: KnownError,\n  };\n\nfunction consumeOAuthCallbackQueryParams(options?: {\n  dontWarnAboutMissingQueryParams?: boolean,\n}): OAuthCallbackConsumptionResult | null {\n  const oauthErrorParams = [\"error\", \"error_description\", \"errorCode\", \"message\", \"details\"] as const;\n  const requiredParams = [\"code\", \"state\"];\n  const originalUrl = new URL(window.location.href);\n  const knownErrorCode = originalUrl.searchParams.get(\"errorCode\");\n  const knownErrorMessage = originalUrl.searchParams.get(\"message\");\n  if (knownErrorCode && knownErrorMessage) {\n    const details = originalUrl.searchParams.get(\"details\");\n    let detailsJson = {};\n    if (details) {\n      try {\n        detailsJson = JSON.parse(details);\n      } catch (error) {\n        throw new HexclaveAssertionError(\"OAuth callback returned malformed known-error details\", {\n          details,\n          cause: error,\n        });\n      }\n    }\n\n    const newUrl = new URL(originalUrl);\n    for (const param of oauthErrorParams) {\n      newUrl.searchParams.delete(param);\n    }\n    window.history.replaceState({}, \"\", newUrl.toString());\n\n    return {\n      type: \"known-error\",\n      error: KnownError.fromJson({\n        code: knownErrorCode,\n        message: knownErrorMessage,\n        details: detailsJson,\n      }),\n    };\n  }\n\n  for (const param of requiredParams) {\n    if (!originalUrl.searchParams.has(param)) {\n      if (!options?.dontWarnAboutMissingQueryParams) {\n        console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n      }\n      return null;\n    }\n  }\n\n  const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n  const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n  if (!cookieResult) {\n    // If the state can't be found in the cookies, then the callback wasn't meant for us.\n    // Maybe the website uses another OAuth library?\n    console.warn(deindent`\n      Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n\n      This could have multiple reasons:\n        - The cookie expired, because the OAuth flow took too long.\n        - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n        - The cookie was already consumed by this page, and the user already logged in.\n        - You are using another OAuth client library with the same callback URL as Stack.\n        - The user opened the OAuth callback page from their history.\n\n      Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n    `);\n    return null;\n  }\n\n\n  const newUrl = new URL(originalUrl);\n  for (const param of requiredParams) {\n    newUrl.searchParams.delete(param);\n  }\n\n  // let's get rid of the authorization code in the history as we\n  // don't redirect to `redirectUrl` if there's a validation error\n  // (as the redirectUrl might be malicious!).\n  //\n  // We use history.replaceState instead of location.assign(...) to\n  // prevent an unnecessary reload\n  window.history.replaceState({}, \"\", newUrl.toString());\n\n  return {\n    type: \"oauth-response\",\n    originalUrl,\n    codeVerifier: cookieResult.codeVerifier,\n    state: expectedState,\n  };\n}\n\nexport async function callOAuthCallback(\n  iface: HexclaveClientInterface,\n  redirectUrl: string,\n  options?: {\n    dontWarnAboutMissingQueryParams?: boolean,\n  },\n) {\n  // note: this part of the function (until the return) needs\n  // to be synchronous, to prevent race conditions when\n  // callOAuthCallback is called multiple times in parallel\n  const consumed = consumeOAuthCallbackQueryParams(options);\n  if (!consumed) return Result.ok(undefined);\n  if (consumed.type === \"known-error\") {\n    throw consumed.error;\n  }\n\n  // the rest can be asynchronous (we now know that we are the\n  // intended recipient of the callback, and the only instance\n  // of callOAuthCallback that's running)\n  try {\n    return Result.ok(await iface.callOAuthCallback({\n      oauthParams: consumed.originalUrl.searchParams,\n      redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n      codeVerifier: consumed.codeVerifier,\n      state: consumed.state,\n    }));\n  } catch (e) {\n    if (KnownError.isKnownError(e)) {\n      throw e;\n    }\n    throw new HexclaveAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n  }\n}\n"],"mappings":";;;;;;;;;;AAWA,eAAsB,8BACpB,OACA,SAMA,SACiB;CACjB,MAAM,EAAE,eAAe,UAAU,6CAA4B;AAC7D,QAAO,MAAM,MAAM,YAAY;EAC7B,UAAU,QAAQ;EAClB,uDAAkC,QAAQ,aAAa,cAAc;EACrE,4DAAuC,QAAQ,kBAAkB,mBAAmB;EACpF,oEAA+C,OAAO,SAAS,MAAM,2BAA2B;EAChG;EACA;EACA,MAAM;EACN;EACA,eAAe,QAAQ;EACxB,CAAC;;AAoBJ,SAAS,gCAAgC,SAEC;CACxC,MAAM,mBAAmB;EAAC;EAAS;EAAqB;EAAa;EAAW;EAAU;CAC1F,MAAM,iBAAiB,CAAC,QAAQ,QAAQ;CACxC,MAAM,cAAc,IAAI,IAAI,OAAO,SAAS,KAAK;CACjD,MAAM,iBAAiB,YAAY,aAAa,IAAI,YAAY;CAChE,MAAM,oBAAoB,YAAY,aAAa,IAAI,UAAU;AACjE,KAAI,kBAAkB,mBAAmB;EACvC,MAAM,UAAU,YAAY,aAAa,IAAI,UAAU;EACvD,IAAI,cAAc,EAAE;AACpB,MAAI,QACF,KAAI;AACF,iBAAc,KAAK,MAAM,QAAQ;WAC1B,OAAO;AACd,SAAM,IAAIA,0DAAuB,yDAAyD;IACxF;IACA,OAAO;IACR,CAAC;;EAIN,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,OAAK,MAAM,SAAS,iBAClB,QAAO,aAAa,OAAO,MAAM;AAEnC,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,SAAO;GACL,MAAM;GACN,OAAOC,4BAAW,SAAS;IACzB,MAAM;IACN,SAAS;IACT,SAAS;IACV,CAAC;GACH;;AAGH,MAAK,MAAM,SAAS,eAClB,KAAI,CAAC,YAAY,aAAa,IAAI,MAAM,EAAE;AACxC,MAAI,CAAC,SAAS,gCACZ,SAAQ,qBAAK,IAAI,MAAM,uDAAuD,MAAM,2EAA2E,CAAC;AAElK,SAAO;;CAIX,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ,qDAAa,wDAAwD;CAChI,MAAM,8DAA6C,cAAc;AAEjE,KAAI,CAAC,cAAc;AAGjB,UAAQ,KAAK,4CAAQ;;;;;;;;;;;MAWnB;AACF,SAAO;;CAIT,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,eAClB,QAAO,aAAa,OAAO,MAAM;AASnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,QAAO;EACL,MAAM;EACN;EACA,cAAc,aAAa;EAC3B,OAAO;EACR;;AAGH,eAAsB,kBACpB,OACA,aACA,SAGA;CAIA,MAAM,WAAW,gCAAgC,QAAQ;AACzD,KAAI,CAAC,SAAU,QAAOC,2CAAO,GAAG,OAAU;AAC1C,KAAI,SAAS,SAAS,cACpB,OAAM,SAAS;AAMjB,KAAI;AACF,SAAOA,2CAAO,GAAG,MAAM,MAAM,kBAAkB;GAC7C,aAAa,SAAS,YAAY;GAClC,uDAAkC,aAAa,cAAc;GAC7D,cAAc,SAAS;GACvB,OAAO,SAAS;GACjB,CAAC,CAAC;UACI,GAAG;AACV,MAAID,4BAAW,aAAa,EAAE,CAC5B,OAAM;AAER,QAAM,IAAID,0DAAuB,6DAA6D,EAAE,OAAO,GAAG,CAAC"}
+{"version":3,"file":"auth.js","names":["KnownErrors","HexclaveAssertionError","KnownError","Result"],"sources":["../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { KnownError, KnownErrors, HexclaveClientInterface } from \"@hexclave/shared\";\nimport { InternalSession } from \"@hexclave/shared/dist/sessions\";\nimport { HexclaveAssertionError, throwErr } from \"@hexclave/shared/dist/utils/errors\";\nimport { Result } from \"@hexclave/shared/dist/utils/results\";\nimport { deindent } from \"@hexclave/shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\nexport async function getNewOAuthProviderOrScopeUrl(\n  iface: HexclaveClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  },\n  session: InternalSession,\n): Promise<string> {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  return await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n    afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n    codeChallenge,\n    state,\n    type: \"link\",\n    session,\n    providerScope: options.providerScope,\n  });\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\ntype OAuthCallbackConsumptionResult =\n  | {\n    type: \"oauth-response\",\n    originalUrl: URL,\n    codeVerifier: string,\n    state: string,\n  }\n  | {\n    type: \"known-error\",\n    error: KnownError,\n  };\n\nconst oauthErrorParams = [\"error\", \"error_description\", \"errorCode\", \"message\", \"details\"] as const;\n\nfunction removeOAuthErrorParamsFromHistory(originalUrl: URL): void {\n  const newUrl = new URL(originalUrl);\n  for (const param of oauthErrorParams) {\n    newUrl.searchParams.delete(param);\n  }\n  window.history.replaceState({}, \"\", newUrl.toString());\n}\n\nfunction getProviderOAuthErrorFromUrl(originalUrl: URL): KnownError | null {\n  const providerError = originalUrl.searchParams.get(\"error\");\n  const providerErrorDescription = originalUrl.searchParams.get(\"error_description\");\n  if (providerError == null && providerErrorDescription == null) {\n    return null;\n  }\n\n  switch (providerError) {\n    case \"access_denied\":\n    case \"consent_required\": {\n      return new KnownErrors.OAuthProviderAccessDenied();\n    }\n    case \"server_error\":\n    case \"temporarily_unavailable\":\n    default: {\n      return new KnownErrors.OAuthProviderTemporarilyUnavailable();\n    }\n  }\n}\n\nfunction consumeOAuthCallbackQueryParams(options?: {\n  dontWarnAboutMissingQueryParams?: boolean,\n}): OAuthCallbackConsumptionResult | null {\n  const requiredParams = [\"code\", \"state\"];\n  const originalUrl = new URL(window.location.href);\n  const knownErrorCode = originalUrl.searchParams.get(\"errorCode\");\n  const knownErrorMessage = originalUrl.searchParams.get(\"message\");\n  if (knownErrorCode && knownErrorMessage) {\n    const details = originalUrl.searchParams.get(\"details\");\n    let detailsJson = {};\n    if (details) {\n      try {\n        detailsJson = JSON.parse(details);\n      } catch (error) {\n        throw new HexclaveAssertionError(\"OAuth callback returned malformed known-error details\", {\n          details,\n          cause: error,\n        });\n      }\n    }\n\n    removeOAuthErrorParamsFromHistory(originalUrl);\n\n    return {\n      type: \"known-error\",\n      error: KnownError.fromJson({\n        code: knownErrorCode,\n        message: knownErrorMessage,\n        details: detailsJson,\n      }),\n    };\n  }\n\n  const providerOAuthError = getProviderOAuthErrorFromUrl(originalUrl);\n  if (providerOAuthError != null && !requiredParams.every(param => originalUrl.searchParams.has(param))) {\n    removeOAuthErrorParamsFromHistory(originalUrl);\n    return {\n      type: \"known-error\",\n      error: providerOAuthError,\n    };\n  }\n\n  for (const param of requiredParams) {\n    if (!originalUrl.searchParams.has(param)) {\n      if (!options?.dontWarnAboutMissingQueryParams) {\n        console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n      }\n      return null;\n    }\n  }\n\n  const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n  const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n  if (!cookieResult) {\n    // If the state can't be found in the cookies, then the callback wasn't meant for us.\n    // Maybe the website uses another OAuth library?\n    console.warn(deindent`\n      Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n\n      This could have multiple reasons:\n        - The cookie expired, because the OAuth flow took too long.\n        - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n        - The cookie was already consumed by this page, and the user already logged in.\n        - You are using another OAuth client library with the same callback URL as Stack.\n        - The user opened the OAuth callback page from their history.\n\n      Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n    `);\n    return null;\n  }\n\n\n  const newUrl = new URL(originalUrl);\n  for (const param of requiredParams) {\n    newUrl.searchParams.delete(param);\n  }\n\n  // let's get rid of the authorization code in the history as we\n  // don't redirect to `redirectUrl` if there's a validation error\n  // (as the redirectUrl might be malicious!).\n  //\n  // We use history.replaceState instead of location.assign(...) to\n  // prevent an unnecessary reload\n  window.history.replaceState({}, \"\", newUrl.toString());\n\n  return {\n    type: \"oauth-response\",\n    originalUrl,\n    codeVerifier: cookieResult.codeVerifier,\n    state: expectedState,\n  };\n}\n\nexport async function callOAuthCallback(\n  iface: HexclaveClientInterface,\n  redirectUrl: string,\n  options?: {\n    dontWarnAboutMissingQueryParams?: boolean,\n  },\n) {\n  // note: this part of the function (until the return) needs\n  // to be synchronous, to prevent race conditions when\n  // callOAuthCallback is called multiple times in parallel\n  const consumed = consumeOAuthCallbackQueryParams(options);\n  if (!consumed) return Result.ok(undefined);\n  if (consumed.type === \"known-error\") {\n    throw consumed.error;\n  }\n\n  // the rest can be asynchronous (we now know that we are the\n  // intended recipient of the callback, and the only instance\n  // of callOAuthCallback that's running)\n  try {\n    return Result.ok(await iface.callOAuthCallback({\n      oauthParams: consumed.originalUrl.searchParams,\n      redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n      codeVerifier: consumed.codeVerifier,\n      state: consumed.state,\n    }));\n  } catch (e) {\n    if (KnownError.isKnownError(e)) {\n      throw e;\n    }\n    throw new HexclaveAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n  }\n}\n"],"mappings":";;;;;;;;;;AAWA,eAAsB,8BACpB,OACA,SAMA,SACiB;CACjB,MAAM,EAAE,eAAe,UAAU,6CAA4B;AAC7D,QAAO,MAAM,MAAM,YAAY;EAC7B,UAAU,QAAQ;EAClB,uDAAkC,QAAQ,aAAa,cAAc;EACrE,4DAAuC,QAAQ,kBAAkB,mBAAmB;EACpF,oEAA+C,OAAO,SAAS,MAAM,2BAA2B;EAChG;EACA;EACA,MAAM;EACN;EACA,eAAe,QAAQ;EACxB,CAAC;;AAoBJ,MAAM,mBAAmB;CAAC;CAAS;CAAqB;CAAa;CAAW;CAAU;AAE1F,SAAS,kCAAkC,aAAwB;CACjE,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,iBAClB,QAAO,aAAa,OAAO,MAAM;AAEnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;;AAGxD,SAAS,6BAA6B,aAAqC;CACzE,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ;CAC3D,MAAM,2BAA2B,YAAY,aAAa,IAAI,oBAAoB;AAClF,KAAI,iBAAiB,QAAQ,4BAA4B,KACvD,QAAO;AAGT,SAAQ,eAAR;EACE,KAAK;EACL,KAAK,mBACH,QAAO,IAAIA,6BAAY,2BAA2B;EAIpD,QACE,QAAO,IAAIA,6BAAY,qCAAqC;;;AAKlE,SAAS,gCAAgC,SAEC;CACxC,MAAM,iBAAiB,CAAC,QAAQ,QAAQ;CACxC,MAAM,cAAc,IAAI,IAAI,OAAO,SAAS,KAAK;CACjD,MAAM,iBAAiB,YAAY,aAAa,IAAI,YAAY;CAChE,MAAM,oBAAoB,YAAY,aAAa,IAAI,UAAU;AACjE,KAAI,kBAAkB,mBAAmB;EACvC,MAAM,UAAU,YAAY,aAAa,IAAI,UAAU;EACvD,IAAI,cAAc,EAAE;AACpB,MAAI,QACF,KAAI;AACF,iBAAc,KAAK,MAAM,QAAQ;WAC1B,OAAO;AACd,SAAM,IAAIC,0DAAuB,yDAAyD;IACxF;IACA,OAAO;IACR,CAAC;;AAIN,oCAAkC,YAAY;AAE9C,SAAO;GACL,MAAM;GACN,OAAOC,4BAAW,SAAS;IACzB,MAAM;IACN,SAAS;IACT,SAAS;IACV,CAAC;GACH;;CAGH,MAAM,qBAAqB,6BAA6B,YAAY;AACpE,KAAI,sBAAsB,QAAQ,CAAC,eAAe,OAAM,UAAS,YAAY,aAAa,IAAI,MAAM,CAAC,EAAE;AACrG,oCAAkC,YAAY;AAC9C,SAAO;GACL,MAAM;GACN,OAAO;GACR;;AAGH,MAAK,MAAM,SAAS,eAClB,KAAI,CAAC,YAAY,aAAa,IAAI,MAAM,EAAE;AACxC,MAAI,CAAC,SAAS,gCACZ,SAAQ,qBAAK,IAAI,MAAM,uDAAuD,MAAM,2EAA2E,CAAC;AAElK,SAAO;;CAIX,MAAM,gBAAgB,YAAY,aAAa,IAAI,QAAQ,qDAAa,wDAAwD;CAChI,MAAM,8DAA6C,cAAc;AAEjE,KAAI,CAAC,cAAc;AAGjB,UAAQ,KAAK,4CAAQ;;;;;;;;;;;MAWnB;AACF,SAAO;;CAIT,MAAM,SAAS,IAAI,IAAI,YAAY;AACnC,MAAK,MAAM,SAAS,eAClB,QAAO,aAAa,OAAO,MAAM;AASnC,QAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,OAAO,UAAU,CAAC;AAEtD,QAAO;EACL,MAAM;EACN;EACA,cAAc,aAAa;EAC3B,OAAO;EACR;;AAGH,eAAsB,kBACpB,OACA,aACA,SAGA;CAIA,MAAM,WAAW,gCAAgC,QAAQ;AACzD,KAAI,CAAC,SAAU,QAAOC,2CAAO,GAAG,OAAU;AAC1C,KAAI,SAAS,SAAS,cACpB,OAAM,SAAS;AAMjB,KAAI;AACF,SAAOA,2CAAO,GAAG,MAAM,MAAM,kBAAkB;GAC7C,aAAa,SAAS,YAAY;GAClC,uDAAkC,aAAa,cAAc;GAC7D,cAAc,SAAS;GACvB,OAAO,SAAS;GACjB,CAAC,CAAC;UACI,GAAG;AACV,MAAID,4BAAW,aAAa,EAAE,CAC5B,OAAM;AAER,QAAM,IAAID,0DAAuB,6DAA6D,EAAE,OAAO,GAAG,CAAC"}

package/dist/lib/auth.test.js

@@ -14,17 +14,20 @@ vitest.vi.mock("./cookie", async (importOriginal) => {
 		})
 	};
 });
+function createTestInterface() {
+	return new _hexclave_shared.HexclaveClientInterface({
+		clientVersion: "test",
+		getBaseUrl: () => "https://api.example.com",
+		getApiUrls: () => ["https://api.example.com"],
+		extraRequestHeaders: {},
+		projectId: "00000000-0000-4000-8000-000000000000",
+		publishableClientKey: "pck_test"
+	});
+}
 (0, vitest.describe)("getNewOAuthProviderOrScopeUrl", () => {
 	(0, vitest.it)("returns the OAuth URL without performing navigation", async () => {
 		window.history.replaceState({}, "", "/account?after_auth_return_to=%2Fsettings");
-		const iface = new _hexclave_shared.HexclaveClientInterface({
-			clientVersion: "test",
-			getBaseUrl: () => "https://api.example.com",
-			getApiUrls: () => ["https://api.example.com"],
-			extraRequestHeaders: {},
-			projectId: "00000000-0000-4000-8000-000000000000",
-			publishableClientKey: "pck_test"
-		});
+		const iface = createTestInterface();
 		const location = await (0, __auth_js.getNewOAuthProviderOrScopeUrl)(iface, {
 			provider: "github",
 			redirectUrl: "/handler/oauth-callback",
@@ -55,6 +58,18 @@ vitest.vi.mock("./cookie", async (importOriginal) => {
     `);
 	});
 });
+(0, vitest.describe)("callOAuthCallback", () => {
+	(0, vitest.it)("turns provider access denial callback params into a known error", async () => {
+		window.history.replaceState({}, "", "/handler/oauth-callback?error=access_denied&error_description=User+cancelled");
+		await (0, vitest.expect)((0, __auth_js.callOAuthCallback)(createTestInterface(), "/handler/oauth-callback")).rejects.toSatisfy((error) => _hexclave_shared.KnownErrors.OAuthProviderAccessDenied.isInstance(error));
+		(0, vitest.expect)(window.location.href).toBe("http://localhost:3000/handler/oauth-callback");
+	});
+	(0, vitest.it)("turns generic provider error callback params into a known error", async () => {
+		window.history.replaceState({}, "", "/handler/oauth-callback?error=server_error&error_description=Provider+failed");
+		await (0, vitest.expect)((0, __auth_js.callOAuthCallback)(createTestInterface(), "/handler/oauth-callback")).rejects.toSatisfy((error) => _hexclave_shared.KnownErrors.OAuthProviderTemporarilyUnavailable.isInstance(error));
+		(0, vitest.expect)(window.location.href).toBe("http://localhost:3000/handler/oauth-callback");
+	});
+});
 
 //#endregion
 //# sourceMappingURL=auth.test.js.map

package/dist/lib/auth.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.test.js","names":["vi","HexclaveClientInterface"],"sources":["../../src/lib/auth.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\n// @vitest-environment jsdom\n\nimport { HexclaveClientInterface } from \"@hexclave/shared\";\nimport { describe, expect, it, vi } from \"vitest\";\nimport { getNewOAuthProviderOrScopeUrl } from \"./auth\";\n\nvi.mock(\"./cookie\", async (importOriginal) => {\n  const actual = await importOriginal<typeof import(\"./cookie\")>();\n  return {\n    ...actual,\n    saveVerifierAndState: async () => ({\n      codeChallenge: \"<stripped code challenge>\",\n      state: \"<stripped state>\",\n    }),\n  };\n});\n\ndescribe(\"getNewOAuthProviderOrScopeUrl\", () => {\n  it(\"returns the OAuth URL without performing navigation\", async () => {\n    window.history.replaceState({}, \"\", \"/account?after_auth_return_to=%2Fsettings\");\n\n    const iface = new HexclaveClientInterface({\n      clientVersion: \"test\",\n      getBaseUrl: () => \"https://api.example.com\",\n      getApiUrls: () => [\"https://api.example.com\"],\n      extraRequestHeaders: {},\n      projectId: \"00000000-0000-4000-8000-000000000000\",\n      publishableClientKey: \"pck_test\",\n    });\n    const session = iface.createSession({ refreshToken: null, accessToken: null });\n\n    const location = await getNewOAuthProviderOrScopeUrl(\n      iface,\n      {\n        provider: \"github\",\n        redirectUrl: \"/handler/oauth-callback\",\n        errorRedirectUrl: \"/handler/error\",\n        providerScope: \"repo user\",\n      },\n      session,\n    );\n\n    const url = new URL(location);\n    expect(`${url.origin}${url.pathname}`).toBe(\"https://api.example.com/api/v1/auth/oauth/authorize/github\");\n    expect(Object.fromEntries(url.searchParams.entries())).toMatchInlineSnapshot(`\n      {\n        \"after_callback_redirect_url\": \"http://localhost:3000/account?after_auth_return_to=%2Fsettings\",\n        \"client_id\": \"00000000-0000-4000-8000-000000000000\",\n        \"client_secret\": \"pck_test\",\n        \"code_challenge\": \"<stripped code challenge>\",\n        \"code_challenge_method\": \"S256\",\n        \"error_redirect_url\": \"http://localhost:3000/handler/error?after_auth_return_to=%2Fsettings\",\n        \"grant_type\": \"authorization_code\",\n        \"provider_scope\": \"repo user\",\n        \"redirect_uri\": \"http://localhost:3000/handler/oauth-callback?after_auth_return_to=%2Fsettings\",\n        \"response_type\": \"code\",\n        \"scope\": \"legacy\",\n        \"state\": \"<stripped state>\",\n        \"type\": \"link\",\n      }\n    `);\n  });\n});\n"],"mappings":";;;;;;;AAUAA,UAAG,KAAK,YAAY,OAAO,mBAAmB;AAE5C,QAAO;EACL,GAFa,MAAM,gBAA2C;EAG9D,sBAAsB,aAAa;GACjC,eAAe;GACf,OAAO;GACR;EACF;EACD;qBAEO,uCAAuC;AAC9C,gBAAG,uDAAuD,YAAY;AACpE,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,4CAA4C;EAEhF,MAAM,QAAQ,IAAIC,yCAAwB;GACxC,eAAe;GACf,kBAAkB;GAClB,kBAAkB,CAAC,0BAA0B;GAC7C,qBAAqB,EAAE;GACvB,WAAW;GACX,sBAAsB;GACvB,CAAC;EAGF,MAAM,WAAW,mDACf,OACA;GACE,UAAU;GACV,aAAa;GACb,kBAAkB;GAClB,eAAe;GAChB,EATa,MAAM,cAAc;GAAE,cAAc;GAAM,aAAa;GAAM,CAAC,CAW7E;EAED,MAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,qBAAO,GAAG,IAAI,SAAS,IAAI,WAAW,CAAC,KAAK,6DAA6D;AACzG,qBAAO,OAAO,YAAY,IAAI,aAAa,SAAS,CAAC,CAAC,CAAC,sBAAsB;;;;;;;;;;;;;;;;MAgB3E;GACF;EACF"}
+{"version":3,"file":"auth.test.js","names":["vi","HexclaveClientInterface","KnownErrors"],"sources":["../../src/lib/auth.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\n// @vitest-environment jsdom\n\nimport { HexclaveClientInterface, KnownErrors } from \"@hexclave/shared\";\nimport { describe, expect, it, vi } from \"vitest\";\nimport { callOAuthCallback, getNewOAuthProviderOrScopeUrl } from \"./auth\";\n\nvi.mock(\"./cookie\", async (importOriginal) => {\n  const actual = await importOriginal<typeof import(\"./cookie\")>();\n  return {\n    ...actual,\n    saveVerifierAndState: async () => ({\n      codeChallenge: \"<stripped code challenge>\",\n      state: \"<stripped state>\",\n    }),\n  };\n});\n\nfunction createTestInterface() {\n  return new HexclaveClientInterface({\n    clientVersion: \"test\",\n    getBaseUrl: () => \"https://api.example.com\",\n    getApiUrls: () => [\"https://api.example.com\"],\n    extraRequestHeaders: {},\n    projectId: \"00000000-0000-4000-8000-000000000000\",\n    publishableClientKey: \"pck_test\",\n  });\n}\n\ndescribe(\"getNewOAuthProviderOrScopeUrl\", () => {\n  it(\"returns the OAuth URL without performing navigation\", async () => {\n    window.history.replaceState({}, \"\", \"/account?after_auth_return_to=%2Fsettings\");\n\n    const iface = createTestInterface();\n    const session = iface.createSession({ refreshToken: null, accessToken: null });\n\n    const location = await getNewOAuthProviderOrScopeUrl(\n      iface,\n      {\n        provider: \"github\",\n        redirectUrl: \"/handler/oauth-callback\",\n        errorRedirectUrl: \"/handler/error\",\n        providerScope: \"repo user\",\n      },\n      session,\n    );\n\n    const url = new URL(location);\n    expect(`${url.origin}${url.pathname}`).toBe(\"https://api.example.com/api/v1/auth/oauth/authorize/github\");\n    expect(Object.fromEntries(url.searchParams.entries())).toMatchInlineSnapshot(`\n      {\n        \"after_callback_redirect_url\": \"http://localhost:3000/account?after_auth_return_to=%2Fsettings\",\n        \"client_id\": \"00000000-0000-4000-8000-000000000000\",\n        \"client_secret\": \"pck_test\",\n        \"code_challenge\": \"<stripped code challenge>\",\n        \"code_challenge_method\": \"S256\",\n        \"error_redirect_url\": \"http://localhost:3000/handler/error?after_auth_return_to=%2Fsettings\",\n        \"grant_type\": \"authorization_code\",\n        \"provider_scope\": \"repo user\",\n        \"redirect_uri\": \"http://localhost:3000/handler/oauth-callback?after_auth_return_to=%2Fsettings\",\n        \"response_type\": \"code\",\n        \"scope\": \"legacy\",\n        \"state\": \"<stripped state>\",\n        \"type\": \"link\",\n      }\n    `);\n  });\n});\n\ndescribe(\"callOAuthCallback\", () => {\n  it(\"turns provider access denial callback params into a known error\", async () => {\n    window.history.replaceState({}, \"\", \"/handler/oauth-callback?error=access_denied&error_description=User+cancelled\");\n\n    await expect(callOAuthCallback(createTestInterface(), \"/handler/oauth-callback\"))\n      .rejects.toSatisfy((error: unknown) => KnownErrors.OAuthProviderAccessDenied.isInstance(error));\n    expect(window.location.href).toBe(\"http://localhost:3000/handler/oauth-callback\");\n  });\n\n  it(\"turns generic provider error callback params into a known error\", async () => {\n    window.history.replaceState({}, \"\", \"/handler/oauth-callback?error=server_error&error_description=Provider+failed\");\n\n    await expect(callOAuthCallback(createTestInterface(), \"/handler/oauth-callback\"))\n      .rejects.toSatisfy((error: unknown) => KnownErrors.OAuthProviderTemporarilyUnavailable.isInstance(error));\n    expect(window.location.href).toBe(\"http://localhost:3000/handler/oauth-callback\");\n  });\n});\n"],"mappings":";;;;;;;AAUAA,UAAG,KAAK,YAAY,OAAO,mBAAmB;AAE5C,QAAO;EACL,GAFa,MAAM,gBAA2C;EAG9D,sBAAsB,aAAa;GACjC,eAAe;GACf,OAAO;GACR;EACF;EACD;AAEF,SAAS,sBAAsB;AAC7B,QAAO,IAAIC,yCAAwB;EACjC,eAAe;EACf,kBAAkB;EAClB,kBAAkB,CAAC,0BAA0B;EAC7C,qBAAqB,EAAE;EACvB,WAAW;EACX,sBAAsB;EACvB,CAAC;;qBAGK,uCAAuC;AAC9C,gBAAG,uDAAuD,YAAY;AACpE,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,4CAA4C;EAEhF,MAAM,QAAQ,qBAAqB;EAGnC,MAAM,WAAW,mDACf,OACA;GACE,UAAU;GACV,aAAa;GACb,kBAAkB;GAClB,eAAe;GAChB,EATa,MAAM,cAAc;GAAE,cAAc;GAAM,aAAa;GAAM,CAAC,CAW7E;EAED,MAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,qBAAO,GAAG,IAAI,SAAS,IAAI,WAAW,CAAC,KAAK,6DAA6D;AACzG,qBAAO,OAAO,YAAY,IAAI,aAAa,SAAS,CAAC,CAAC,CAAC,sBAAsB;;;;;;;;;;;;;;;;MAgB3E;GACF;EACF;qBAEO,2BAA2B;AAClC,gBAAG,mEAAmE,YAAY;AAChF,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,+EAA+E;AAEnH,4DAA+B,qBAAqB,EAAE,0BAA0B,CAAC,CAC9E,QAAQ,WAAW,UAAmBC,6BAAY,0BAA0B,WAAW,MAAM,CAAC;AACjG,qBAAO,OAAO,SAAS,KAAK,CAAC,KAAK,+CAA+C;GACjF;AAEF,gBAAG,mEAAmE,YAAY;AAChF,SAAO,QAAQ,aAAa,EAAE,EAAE,IAAI,+EAA+E;AAEnH,4DAA+B,qBAAqB,EAAE,0BAA0B,CAAC,CAC9E,QAAQ,WAAW,UAAmBA,6BAAY,oCAAoC,WAAW,MAAM,CAAC;AAC3G,qBAAO,OAAO,SAAS,KAAK,CAAC,KAAK,+CAA+C;GACjF;EACF"}

package/dist/lib/hexclave-app/apps/implementations/admin-app-impl.d.ts

@@ -376,6 +376,7 @@ declare class _HexclaveAdminAppImplIncomplete<HasTokenStore extends boolean, Pro
   listOutboxEmails(options?: {
     status?: string;
     simpleStatus?: string;
+    userId?: string;
     limit?: number;
     cursor?: string;
   }): Promise<{

package/dist/lib/hexclave-app/apps/implementations/admin-app-impl.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"admin-app-impl.d.ts","names":[],"sources":["../../../../../src/lib/hexclave-app/apps/implementations/admin-app-impl.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA2Ea,+BAAA,kEAAiG,gCAAA,CAAiC,aAAA,EAAe,SAAA,aAAsB,aAAA,CAAc,aAAA,EAAe,SAAA;EAAA,UAC7L,UAAA,EAAY,sBAAA;EAAA,iBAEb,kBAAA;EAAA,iBAGA,qBAAA;EAAA,iBAIA,qBAAA;EAAA,iBAGA,sBAAA;EAAA,iBAGA,yBAAA;EAAA,iBAGA,sBAAA;EAAA,iBAGA,oCAAA;EAAA,iBAGA,uCAAA;EAAA,iBAGA,eAAA;EAAA,iBAMA,aAAA;EAAA,iBAIA,kBAAA;EAAA,iBAGA,uBAAA;EAAA,iBAGA,kBAAA;EAAA,iBAGA,qCAAA;EAAA,iBAGA,qBAAA;EAAA,iBAGA,uBAAA;EAAA,iBAUA,kBAAA;cAIL,OAAA,EAAS,+BAAA,CAAgC,aAAA,EAAe,SAAA,GAAY,YAAA;IAAiB,gBAAA;IAA2B,WAAA;IAAsB,SAAA,GAAY,sBAAA;EAAA;EA2B9J,oBAAA,CAAqB,IAAA;IAAQ,aAAA;EAAA,IAA0B,cAAA;EAIvD,0BAAA,CAA2B,IAAA,EAAM,YAAA,mBAA+B,SAAA,QAAiB,OAAA,SAAgB,iBAAA;EAUjG,qBAAA,CAAsB,IAAA,EAAM,YAAA,mBAA+B,SAAA,QAAiB,OAAA,SAAgB,YAAA;EA6I5F,2BAAA,CAA4B,IAAA,EAAM,iBAAA,oBAAqC,kBAAA;EASxD,UAAA,CAAA,GAAc,OAAA,CAAQ,YAAA;EAO5B,UAAA,CAAA,GAAc,YAAA;EAAA,UAQb,iCAAA,CAAkC,IAAA,EAAM,0BAAA,GAA6B,kBAAA;EAAA,UAwBrE,6BAAA,CAA8B,IAAA,EAAM,mBAAA,oBAAuC,cAAA;EAAA,UAS3E,sCAAA,CAAuC,IAAA,EAAM,gCAAA,GAAmC,uBAAA;EASpF,mBAAA,CAAA,GAAuB,OAAA,CAAQ,cAAA;EAKrC,kBAAA,CAAA,GAAsB,cAAA;EAOhB,oBAAA,CAAqB,OAAA,EAAS,2BAAA,GAA8B,OAAA,CAAQ,uBAAA;EAO1E,cAAA,CAAA;IAAoB,EAAA;IAAY,WAAA;EAAA;EAShC,iBAAA,CAAA;IAAuB,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAkB,SAAA;EAAA;EAW1E,cAAA,CAAA;IAAoB,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAqC,SAAA;IAAmB,MAAA,EAAQ,IAAA;EAAA;EAY/G,eAAA,CAAA,GAAmB,OAAA;IAAU,EAAA;IAAY,WAAA;EAAA;EAQzC,kBAAA,CAAA,GAAsB,OAAA;IAAU,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAkB,SAAA;EAAA;EAUnF,eAAA,CAAA,GAAmB,OAAA;IAAU,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAqC,SAAA;IAAmB,MAAA,EAAQ,IAAA;EAAA;EAY9H,8BAAA,CAA+B,IAAA,EAAM,0CAAA,GAA6C,OAAA,CAAQ,mBAAA;EAM1F,8BAAA,CAA+B,YAAA,UAAsB,IAAA,EAAM,0CAAA,GAA0C,OAAA;EAKrG,8BAAA,CAA+B,YAAA,WAAuB,OAAA;EAKtD,6BAAA,CAAA,GAAiC,OAAA,CAAQ,6BAAA;EAKzC,sCAAA,CACJ,OAAA;IAAW,KAAA;IAAe,MAAA;IAAiB,KAAA;EAAA,IAC1C,OAAA;IAAU,KAAA,EAAO,6BAAA;IAAiC,UAAA;EAAA;EAQrD,4BAAA,CAAA,GAAgC,6BAAA;EAO1B,iCAAA,CAAkC,IAAA,EAAM,6CAAA,GAAgD,OAAA,CAAQ,sBAAA;EAMhG,iCAAA,CAAkC,YAAA,UAAsB,IAAA,EAAM,6CAAA,GAA6C,OAAA;EAK3G,iCAAA,CAAkC,YAAA,WAAuB,OAAA;EAKzD,gCAAA,CAAA,GAAoC,OAAA,CAAQ,gCAAA;EAKlD,+BAAA,CAAA,GAAmC,gCAAA;EAMnC,YAAA,CAAA;IAAkB,KAAA;IAAe,GAAA;EAAA;EAAA,UAKR,eAAA,CAAA,GAAe,OAAA;EAAA,UAOxB,qBAAA,CAAA,GAAqB,OAAA;EAAA,UAOrB,uBAAA,CAAA,GAAuB,OAAA;EAAA,UAId,aAAA,CAAA,GAAa,OAAA;EAAA,KAQjC,0BAAA;6CAI0B,OAAA;MACb,YAAA;MAAuB,QAAA;MAAmB,OAAA;MAAkB,EAAA;MAAa,MAAA;MAAiB,KAAA;MAAgB,KAAA;IAAA,MACrH,eAAA;yCAYgC,oBAAA;gCAGT,iBAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;iGAssBstzH,eAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAhsB9uzH,aAAA,CAAc,OAAA;IAClB,cAAA;IACA,WAAA,EAAa,WAAA;EAAA,IACX,OAAA,CAAQ,MAAA;IAAoB,YAAA;EAAA;EAgC1B,eAAA,CAAgB,OAAA;IAAW,UAAA;EAAA,IAAuB,OAAA,CAAQ,MAAA;IAAoB,YAAA;EAAA;EAY9E,cAAA,CAAA,GAAkB,OAAA,CAAQ,cAAA;EAY1B,yBAAA,CAA0B,OAAA;IAAW,SAAA;IAAmB,eAAA;EAAA,IAA4B,OAAA,CAAQ,+BAAA;EAc5F,uBAAA,CAAwB,OAAA;IAAW,QAAA;IAAkB,SAAA;IAAmB,eAAA;EAAA,IAA4B,OAAA,CAAQ,0BAAA;EAW5G,uBAAA,CAAA,GAA2B,OAAA,CAAQ,4BAAA;EAWnC,yBAAA,CAA0B,OAAA;IAAW,QAAA;EAAA,IAAqB,OAAA;IAAU,MAAA;EAAA;EAQpE,wBAAA,CAAyB,OAAA;IAAW,cAAA;EAAA,IAA2B,OAAA;IAAU,MAAA;EAAA;EAMzE,yBAAA,CAA0B,KAAA,UAAe,WAAA,WAAsB,OAAA;EAI/D,mBAAA,CAAoB,WAAA,WAAsB,OAAA;IAAU,EAAA;EAAA;EAOpD,mBAAA,CAAoB,EAAA,WAAa,OAAA;EAKjC,gBAAA,CAAiB,OAAA;IAAW,WAAA;IAAqB,OAAA;IAA0B,SAAA;EAAA,IAAuB,OAAA;IAAU,EAAA;EAAA;EAU5G,gBAAA,CAAiB,EAAA,UAAY,IAAA;IAAQ,WAAA;IAAsB,OAAA;IAAsC,SAAA;EAAA,IAAuB,OAAA;EASxH,gBAAA,CAAiB,EAAA,WAAa,OAAA;EAS9B,kBAAA,CAAA,GAAsB,OAAA;EAItB,eAAA,CAAgB,QAAA,UAAkB,OAAA,QAAe,OAAA;EAIjD,gBAAA,CAAiB,QAAA,WAAmB,OAAA;IAAU,QAAA,EAAU,KAAA;EAAA;EAIxD,2BAAA,CAA4B,iBAAA,WAA4B,OAAA;IAAU,SAAA;EAAA;EAKlE,gBAAA,CAAiB,WAAA,WAAsB,OAAA;IAAU,EAAA;EAAA;EAMjD,eAAA,CAAgB,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;EAAA,IAA+B,OAAA;EAG/I,eAAA,CAAgB,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;EAAA;EAIpG,kCAAA,CAAmC,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;IAA4B,cAAA;EAAA,IAAmD,OAAA;IAAU,IAAA;IAAc,eAAA,GAAkB,MAAA;EAAA;EAI5P,kCAAA,CAAmC,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;IAA4B,cAAA;EAAA;IAAqD,IAAA;IAAc,eAAA,GAAkB,MAAA;EAAA;EAI9O,aAAA,CAAc,EAAA;IAAe,WAAA;IAAqB,SAAA;EAAA;EAO5C,gBAAA,CAAiB,EAAA,UAAY,SAAA,WAAoB,OAAA;EAMjD,gBAAA,CAAiB,EAAA,WAAa,OAAA;EAM9B,mBAAA,CAAoB,EAAA,UAAY,SAAA,UAAmB,OAAA,0BAAiC,OAAA;IAAU,YAAA;EAAA;EAM9F,aAAA,CAAA,GAAiB,OAAA;IAAU,GAAA;EAAA;EAM3B,gCAAA,CAAA,GAAoC,OAAA;IAAU,aAAA;EAAA;EAI9C,uBAAA,CAAA,GAA2B,OAAA;IAAU,QAAA;IAAkB,OAAA,EAAS,KAAA;MAAQ,EAAA;MAAY,IAAA;MAAc,OAAA;MAAkB,SAAA;MAAoB,WAAA;IAAA;EAAA;EAIxI,0BAAA,CAA2B,QAAA,UAAkB,OAAA,EAAS,MAAA,yBAA+B,OAAA;EAIrF,wBAAA,CAAyB,OAAA;IAC3B,MAAA;IAAgB,MAAA;IAAgB,QAAA;IAAkB,SAAA;IAAoB,WAAA;EAAA;IACtE,MAAA;IAAgB,MAAA;IAAgB,QAAA;IAAkB,SAAA;IAAoB,WAAA;EAAA;IACtE,gBAAA;IAA0B,MAAA;IAAgB,QAAA;IAAkB,SAAA;IAAoB,WAAA;EAAA,KAChF,OAAA;EAYE,iBAAA,CAAkB,OAAA;IACtB,IAAA;IACA,EAAA;IACA,SAAA;IACA,SAAA,EAAW,WAAA;IACX,SAAA;EAAA,IACE,OAAA;IAAU,mBAAA;EAAA;EAYR,gBAAA,CAAiB,MAAA;IAAU,MAAA;IAAiB,KAAA;IAAgB,IAAA,GAAO,eAAA;IAAiB,YAAA;IAA2C,UAAA;EAAA,IAAwB,OAAA;IAAU,YAAA,EAAc,WAAA;IAAe,UAAA;EAAA;EAAA,QAQ5L,uBAAA;EAgOF,gBAAA,CAAiB,OAAA;IAAY,MAAA;IAAiB,YAAA;IAAuB,KAAA;IAAgB,MAAA;EAAA,IAAoB,OAAA;IAAU,KAAA,EAAO,gBAAA;IAAoB,UAAA;EAAA;EAa9I,cAAA,CAAe,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAKpC,iBAAA,CAAkB,EAAA,UAAY,OAAA,EAAS,wBAAA,GAA2B,OAAA,CAAQ,gBAAA;EAW1E,gBAAA,CAAiB,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAItC,kBAAA,CAAmB,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAIxC,iBAAA,CAAkB,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAI7C,eAAA,CAAgB,MAAA;IAAU,MAAA;IAAiB,KAAA;IAAgB,IAAA,GAAO,eAAA;IAAiB,YAAA;IAA2C,UAAA;EAAA;IAA0B,YAAA,EAAc,WAAA;IAAe,UAAA;EAAA;EAK/K,oBAAA,CAAA,GAAwB,OAAA;IAAiB,UAAA;IAAoB,eAAA;IAA0B,iBAAA;IAA4B,eAAA;EAAA;EAIzH,oBAAA,CAAA;IAA0B,UAAA;IAAoB,eAAA;IAA0B,iBAAA;IAA4B,eAAA;EAAA;EAK9F,cAAA,CAAe,OAAA,EAAS,qBAAA,GAAwB,OAAA,CAAQ,sBAAA;EAIxD,oBAAA,CAAqB,OAAA,EAAS,wBAAA,GAA2B,OAAA,CAAQ,yBAAA;EAkBjE,4BAAA,CAA6B,OAAA;IAAW,MAAA;EAAA,IAAmB,OAAA,CAAQ,8BAAA;EAInE,kBAAA,CAAmB,OAAA,GAAU,yBAAA,GAA4B,OAAA,CAAQ,wBAAA;EAgCjE,gBAAA,CAAiB,eAAA,WAA0B,OAAA,CAAQ,kBAAA;EAgBnD,uBAAA,CAAwB,eAAA,UAAyB,OAAA,GAAU,8BAAA,GAAiC,OAAA,CAAQ,6BAAA;EAwBpG,2BAAA,CAA4B,eAAA,UAAyB,OAAA,WAAkB,OAAA,CAAQ,wCAAA;EAI/E,sBAAA,CAAuB,eAAA,UAAyB,OAAA;IAAY,MAAA;IAAiB,KAAA;EAAA,IAAmB,OAAA,CAAQ,4BAAA;EAoBxG,sCAAA,CACJ,UAAA;IAAc,wBAAA;EAAA,GACd,KAAA,YACC,OAAA;IACD,aAAA,EAAe,KAAA;MACb,EAAA;MACA,WAAA;MACA,YAAA;MACA,gBAAA,EAAkB,gBAAA;IAAA;IAEpB,kBAAA;EAAA;AAAA"}
+{"version":3,"file":"admin-app-impl.d.ts","names":[],"sources":["../../../../../src/lib/hexclave-app/apps/implementations/admin-app-impl.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA2Ea,+BAAA,kEAAiG,gCAAA,CAAiC,aAAA,EAAe,SAAA,aAAsB,aAAA,CAAc,aAAA,EAAe,SAAA;EAAA,UAC7L,UAAA,EAAY,sBAAA;EAAA,iBAEb,kBAAA;EAAA,iBAGA,qBAAA;EAAA,iBAIA,qBAAA;EAAA,iBAGA,sBAAA;EAAA,iBAGA,yBAAA;EAAA,iBAGA,sBAAA;EAAA,iBAGA,oCAAA;EAAA,iBAGA,uCAAA;EAAA,iBAGA,eAAA;EAAA,iBAMA,aAAA;EAAA,iBAIA,kBAAA;EAAA,iBAGA,uBAAA;EAAA,iBAGA,kBAAA;EAAA,iBAGA,qCAAA;EAAA,iBAGA,qBAAA;EAAA,iBAGA,uBAAA;EAAA,iBAUA,kBAAA;cAIL,OAAA,EAAS,+BAAA,CAAgC,aAAA,EAAe,SAAA,GAAY,YAAA;IAAiB,gBAAA;IAA2B,WAAA;IAAsB,SAAA,GAAY,sBAAA;EAAA;EA2B9J,oBAAA,CAAqB,IAAA;IAAQ,aAAA;EAAA,IAA0B,cAAA;EAIvD,0BAAA,CAA2B,IAAA,EAAM,YAAA,mBAA+B,SAAA,QAAiB,OAAA,SAAgB,iBAAA;EAUjG,qBAAA,CAAsB,IAAA,EAAM,YAAA,mBAA+B,SAAA,QAAiB,OAAA,SAAgB,YAAA;EA6I5F,2BAAA,CAA4B,IAAA,EAAM,iBAAA,oBAAqC,kBAAA;EASxD,UAAA,CAAA,GAAc,OAAA,CAAQ,YAAA;EAO5B,UAAA,CAAA,GAAc,YAAA;EAAA,UAQb,iCAAA,CAAkC,IAAA,EAAM,0BAAA,GAA6B,kBAAA;EAAA,UAwBrE,6BAAA,CAA8B,IAAA,EAAM,mBAAA,oBAAuC,cAAA;EAAA,UAS3E,sCAAA,CAAuC,IAAA,EAAM,gCAAA,GAAmC,uBAAA;EASpF,mBAAA,CAAA,GAAuB,OAAA,CAAQ,cAAA;EAKrC,kBAAA,CAAA,GAAsB,cAAA;EAOhB,oBAAA,CAAqB,OAAA,EAAS,2BAAA,GAA8B,OAAA,CAAQ,uBAAA;EAO1E,cAAA,CAAA;IAAoB,EAAA;IAAY,WAAA;EAAA;EAShC,iBAAA,CAAA;IAAuB,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAkB,SAAA;EAAA;EAW1E,cAAA,CAAA;IAAoB,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAqC,SAAA;IAAmB,MAAA,EAAQ,IAAA;EAAA;EAY/G,eAAA,CAAA,GAAmB,OAAA;IAAU,EAAA;IAAY,WAAA;EAAA;EAQzC,kBAAA,CAAA,GAAsB,OAAA;IAAU,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAkB,SAAA;EAAA;EAUnF,eAAA,CAAA,GAAmB,OAAA;IAAU,EAAA;IAAY,WAAA;IAAqB,OAAA;IAAqC,SAAA;IAAmB,MAAA,EAAQ,IAAA;EAAA;EAY9H,8BAAA,CAA+B,IAAA,EAAM,0CAAA,GAA6C,OAAA,CAAQ,mBAAA;EAM1F,8BAAA,CAA+B,YAAA,UAAsB,IAAA,EAAM,0CAAA,GAA0C,OAAA;EAKrG,8BAAA,CAA+B,YAAA,WAAuB,OAAA;EAKtD,6BAAA,CAAA,GAAiC,OAAA,CAAQ,6BAAA;EAKzC,sCAAA,CACJ,OAAA;IAAW,KAAA;IAAe,MAAA;IAAiB,KAAA;EAAA,IAC1C,OAAA;IAAU,KAAA,EAAO,6BAAA;IAAiC,UAAA;EAAA;EAQrD,4BAAA,CAAA,GAAgC,6BAAA;EAO1B,iCAAA,CAAkC,IAAA,EAAM,6CAAA,GAAgD,OAAA,CAAQ,sBAAA;EAMhG,iCAAA,CAAkC,YAAA,UAAsB,IAAA,EAAM,6CAAA,GAA6C,OAAA;EAK3G,iCAAA,CAAkC,YAAA,WAAuB,OAAA;EAKzD,gCAAA,CAAA,GAAoC,OAAA,CAAQ,gCAAA;EAKlD,+BAAA,CAAA,GAAmC,gCAAA;EAMnC,YAAA,CAAA;IAAkB,KAAA;IAAe,GAAA;EAAA;EAAA,UAKR,eAAA,CAAA,GAAe,OAAA;EAAA,UAOxB,qBAAA,CAAA,GAAqB,OAAA;EAAA,UAOrB,uBAAA,CAAA,GAAuB,OAAA;EAAA,UAId,aAAA,CAAA,GAAa,OAAA;EAAA,KAQjC,0BAAA;6CAI0B,OAAA;MACb,YAAA;MAAuB,QAAA;MAAmB,OAAA;MAAkB,EAAA;MAAa,MAAA;MAAiB,KAAA;MAAgB,KAAA;IAAA,MACrH,eAAA;yCAYgC,oBAAA;gCAGT,iBAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;iGAusB6h2H,eAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAjsBrj2H,aAAA,CAAc,OAAA;IAClB,cAAA;IACA,WAAA,EAAa,WAAA;EAAA,IACX,OAAA,CAAQ,MAAA;IAAoB,YAAA;EAAA;EAgC1B,eAAA,CAAgB,OAAA;IAAW,UAAA;EAAA,IAAuB,OAAA,CAAQ,MAAA;IAAoB,YAAA;EAAA;EAY9E,cAAA,CAAA,GAAkB,OAAA,CAAQ,cAAA;EAY1B,yBAAA,CAA0B,OAAA;IAAW,SAAA;IAAmB,eAAA;EAAA,IAA4B,OAAA,CAAQ,+BAAA;EAc5F,uBAAA,CAAwB,OAAA;IAAW,QAAA;IAAkB,SAAA;IAAmB,eAAA;EAAA,IAA4B,OAAA,CAAQ,0BAAA;EAW5G,uBAAA,CAAA,GAA2B,OAAA,CAAQ,4BAAA;EAWnC,yBAAA,CAA0B,OAAA;IAAW,QAAA;EAAA,IAAqB,OAAA;IAAU,MAAA;EAAA;EAQpE,wBAAA,CAAyB,OAAA;IAAW,cAAA;EAAA,IAA2B,OAAA;IAAU,MAAA;EAAA;EAMzE,yBAAA,CAA0B,KAAA,UAAe,WAAA,WAAsB,OAAA;EAI/D,mBAAA,CAAoB,WAAA,WAAsB,OAAA;IAAU,EAAA;EAAA;EAOpD,mBAAA,CAAoB,EAAA,WAAa,OAAA;EAKjC,gBAAA,CAAiB,OAAA;IAAW,WAAA;IAAqB,OAAA;IAA0B,SAAA;EAAA,IAAuB,OAAA;IAAU,EAAA;EAAA;EAU5G,gBAAA,CAAiB,EAAA,UAAY,IAAA;IAAQ,WAAA;IAAsB,OAAA;IAAsC,SAAA;EAAA,IAAuB,OAAA;EASxH,gBAAA,CAAiB,EAAA,WAAa,OAAA;EAS9B,kBAAA,CAAA,GAAsB,OAAA;EAItB,eAAA,CAAgB,QAAA,UAAkB,OAAA,QAAe,OAAA;EAIjD,gBAAA,CAAiB,QAAA,WAAmB,OAAA;IAAU,QAAA,EAAU,KAAA;EAAA;EAIxD,2BAAA,CAA4B,iBAAA,WAA4B,OAAA;IAAU,SAAA;EAAA;EAKlE,gBAAA,CAAiB,WAAA,WAAsB,OAAA;IAAU,EAAA;EAAA;EAMjD,eAAA,CAAgB,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;EAAA,IAA+B,OAAA;EAG/I,eAAA,CAAgB,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;EAAA;EAIpG,kCAAA,CAAmC,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;IAA4B,cAAA;EAAA,IAAmD,OAAA;IAAU,IAAA;IAAc,eAAA,GAAkB,MAAA;EAAA;EAI5P,kCAAA,CAAmC,OAAA;IAAW,OAAA;IAAiC,cAAA;IAAyB,UAAA;IAAqB,iBAAA;IAA4B,cAAA;EAAA;IAAqD,IAAA;IAAc,eAAA,GAAkB,MAAA;EAAA;EAI9O,aAAA,CAAc,EAAA;IAAe,WAAA;IAAqB,SAAA;EAAA;EAO5C,gBAAA,CAAiB,EAAA,UAAY,SAAA,WAAoB,OAAA;EAMjD,gBAAA,CAAiB,EAAA,WAAa,OAAA;EAM9B,mBAAA,CAAoB,EAAA,UAAY,SAAA,UAAmB,OAAA,0BAAiC,OAAA;IAAU,YAAA;EAAA;EAM9F,aAAA,CAAA,GAAiB,OAAA;IAAU,GAAA;EAAA;EAM3B,gCAAA,CAAA,GAAoC,OAAA;IAAU,aAAA;EAAA;EAI9C,uBAAA,CAAA,GAA2B,OAAA;IAAU,QAAA;IAAkB,OAAA,EAAS,KAAA;MAAQ,EAAA;MAAY,IAAA;MAAc,OAAA;MAAkB,SAAA;MAAoB,WAAA;IAAA;EAAA;EAIxI,0BAAA,CAA2B,QAAA,UAAkB,OAAA,EAAS,MAAA,yBAA+B,OAAA;EAIrF,wBAAA,CAAyB,OAAA;IAC3B,MAAA;IAAgB,MAAA;IAAgB,QAAA;IAAkB,SAAA;IAAoB,WAAA;EAAA;IACtE,MAAA;IAAgB,MAAA;IAAgB,QAAA;IAAkB,SAAA;IAAoB,WAAA;EAAA;IACtE,gBAAA;IAA0B,MAAA;IAAgB,QAAA;IAAkB,SAAA;IAAoB,WAAA;EAAA,KAChF,OAAA;EAYE,iBAAA,CAAkB,OAAA;IACtB,IAAA;IACA,EAAA;IACA,SAAA;IACA,SAAA,EAAW,WAAA;IACX,SAAA;EAAA,IACE,OAAA;IAAU,mBAAA;EAAA;EAYR,gBAAA,CAAiB,MAAA;IAAU,MAAA;IAAiB,KAAA;IAAgB,IAAA,GAAO,eAAA;IAAiB,YAAA;IAA2C,UAAA;EAAA,IAAwB,OAAA;IAAU,YAAA,EAAc,WAAA;IAAe,UAAA;EAAA;EAAA,QAQ5L,uBAAA;EAgOF,gBAAA,CAAiB,OAAA;IAAY,MAAA;IAAiB,YAAA;IAAuB,MAAA;IAAiB,KAAA;IAAgB,MAAA;EAAA,IAAoB,OAAA;IAAU,KAAA,EAAO,gBAAA;IAAoB,UAAA;EAAA;EAc/J,cAAA,CAAe,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAKpC,iBAAA,CAAkB,EAAA,UAAY,OAAA,EAAS,wBAAA,GAA2B,OAAA,CAAQ,gBAAA;EAW1E,gBAAA,CAAiB,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAItC,kBAAA,CAAmB,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAIxC,iBAAA,CAAkB,EAAA,WAAa,OAAA,CAAQ,gBAAA;EAI7C,eAAA,CAAgB,MAAA;IAAU,MAAA;IAAiB,KAAA;IAAgB,IAAA,GAAO,eAAA;IAAiB,YAAA;IAA2C,UAAA;EAAA;IAA0B,YAAA,EAAc,WAAA;IAAe,UAAA;EAAA;EAK/K,oBAAA,CAAA,GAAwB,OAAA;IAAiB,UAAA;IAAoB,eAAA;IAA0B,iBAAA;IAA4B,eAAA;EAAA;EAIzH,oBAAA,CAAA;IAA0B,UAAA;IAAoB,eAAA;IAA0B,iBAAA;IAA4B,eAAA;EAAA;EAK9F,cAAA,CAAe,OAAA,EAAS,qBAAA,GAAwB,OAAA,CAAQ,sBAAA;EAIxD,oBAAA,CAAqB,OAAA,EAAS,wBAAA,GAA2B,OAAA,CAAQ,yBAAA;EAkBjE,4BAAA,CAA6B,OAAA;IAAW,MAAA;EAAA,IAAmB,OAAA,CAAQ,8BAAA;EAInE,kBAAA,CAAmB,OAAA,GAAU,yBAAA,GAA4B,OAAA,CAAQ,wBAAA;EAgCjE,gBAAA,CAAiB,eAAA,WAA0B,OAAA,CAAQ,kBAAA;EAgBnD,uBAAA,CAAwB,eAAA,UAAyB,OAAA,GAAU,8BAAA,GAAiC,OAAA,CAAQ,6BAAA;EAwBpG,2BAAA,CAA4B,eAAA,UAAyB,OAAA,WAAkB,OAAA,CAAQ,wCAAA;EAI/E,sBAAA,CAAuB,eAAA,UAAyB,OAAA;IAAY,MAAA;IAAiB,KAAA;EAAA,IAAmB,OAAA,CAAQ,4BAAA;EAoBxG,sCAAA,CACJ,UAAA;IAAc,wBAAA;EAAA,GACd,KAAA,YACC,OAAA;IACD,aAAA,EAAe,KAAA;MACb,EAAA;MACA,WAAA;MACA,YAAA;MACA,gBAAA,EAAkB,gBAAA;IAAA;IAEpB,kBAAA;EAAA;AAAA"}

package/dist/lib/hexclave-app/apps/implementations/admin-app-impl.js

@@ -912,6 +912,7 @@ var _HexclaveAdminAppImplIncomplete = class extends __server_app_impl_js._Hexcla
 		const response = await this._interface.listOutboxEmails({
 			status: options?.status,
 			simple_status: options?.simpleStatus,
+			user_id: options?.userId,
 			limit: options?.limit,
 			cursor: options?.cursor
 		});