@htlkg/core 0.0.1 → 0.0.3

package/README.md

@@ -0,0 +1,51 @@
+# @htlkg/core
+
+Core utilities, types, authentication, and constants for Hotelinking applications.
+
+## Installation
+
+```bash
+npm install @htlkg/core
+```
+
+## Modules
+
+### [Amplify Astro Adapter](src/amplify-astro-adapter/amplify-astro-adapter.md)
+Server-side authentication support for Astro with AWS Amplify. Cookie-based auth context for SSR.
+
+### [Auth](src/auth/auth.md)
+User authentication functions for server-side and client-side. Cognito integration with role-based access.
+
+### [Constants](src/constants/constants.md)
+Centralized constants for routes, products, permissions, and user roles.
+
+### [Errors](src/errors/errors.md)
+Standardized error classes: `AppError`, `AuthError`, `ValidationError`, `NotFoundError`.
+
+### [Routes](src/routes/routes.md)
+Type-safe route definitions with parameter interpolation. Eliminates string literals.
+
+### [Types](src/types/types.md)
+Core TypeScript interfaces: `Brand`, `Account`, `User`, `Product`, `ProductInstance`.
+
+### [Utils](src/utils/utils.md)
+Common utilities: `logger`, `formatDate`, `truncateText`, `groupBy`, `debounce`, `throttle`.
+
+## Quick Start
+
+```typescript
+// Authentication
+import { getUser, hasAccessToBrand } from '@htlkg/core/auth';
+
+// Type-safe routes
+import { adminRoutes, buildUrl } from '@htlkg/core/routes';
+
+// Constants
+import { PERMISSIONS, USER_ROLES } from '@htlkg/core/constants';
+
+// Error handling
+import { NotFoundError, ValidationError } from '@htlkg/core/errors';
+
+// Utilities
+import { formatDate, debounce } from '@htlkg/core/utils';
+```

package/dist/amplify-astro-adapter/index.d.ts

@@ -0,0 +1,109 @@
+import { ResourcesConfig } from 'aws-amplify';
+import * as astro from 'astro';
+import { CookieStorage } from 'aws-amplify/adapter-core';
+export { c as createLogger, l as logger } from '../logger-BTW3fOeM.js';
+
+/**
+ * Amplify configuration structure matching amplify_outputs.json format
+ */
+type AstroAmplifyConfig = ResourcesConfig;
+declare namespace AstroServer {
+    type RuntimeCookieOptions = CookieStorage.SetCookieOptions & {
+        domain?: string;
+    };
+    interface RuntimeOptions {
+        cookies?: RuntimeCookieOptions;
+    }
+    interface AstroComponentContext {
+        cookies: astro.AstroGlobal['cookies'];
+        request: Request;
+    }
+    interface APIEndpointContext {
+        cookies: astro.APIContext['cookies'];
+        request: Request;
+    }
+    type ServerContext = AstroComponentContext | APIEndpointContext | null;
+    interface GlobalSettings {
+        setRuntimeOptions(opts: RuntimeOptions): void;
+        getRuntimeOptions(): RuntimeOptions;
+        enableServerSideAuth(): void;
+        isServerSideAuthEnabled(): boolean;
+        setIsSSLOrigin(val: boolean): void;
+        isSSLOrigin(): boolean;
+    }
+    type RunOperationWithContext = <T>(input: {
+        astroServerContext: ServerContext;
+        operation: (contextSpec: unknown) => Promise<T>;
+    }) => Promise<T>;
+    interface CreateServerRunnerInput {
+        config: ResourcesConfig;
+        runtimeOptions?: RuntimeOptions;
+    }
+    interface CreateServerRunnerOutput {
+        runWithAmplifyServerContext: RunOperationWithContext;
+    }
+}
+
+/**
+ * Creates a function that runs operations within the Amplify server context.
+ *
+ * IMPORTANT: Pass globalSettings explicitly to avoid module singleton issues
+ * when using linked packages or different bundling contexts.
+ */
+declare const createRunWithAmplifyServerContext: ({ config: resourcesConfig, globalSettings, }: {
+    config: ResourcesConfig;
+    globalSettings?: AstroServer.GlobalSettings;
+}) => AstroServer.RunOperationWithContext;
+
+declare function createCookieStorageAdapterFromAstroContext(astroServerContext: AstroServer.ServerContext): Promise<CookieStorage.Adapter>;
+
+declare const globalSettings: AstroServer.GlobalSettings;
+
+/**
+ * Error classes for adapter-specific errors
+ */
+/**
+ * Base error class for Amplify Astro Adapter errors
+ */
+declare class AmplifyAstroAdapterError extends Error {
+    readonly code: string;
+    readonly recoverySuggestion?: string;
+    constructor(message: string, code: string, recoverySuggestion?: string);
+}
+/**
+ * Error codes for different types of adapter errors
+ */
+declare const ErrorCodes: {
+    readonly CONFIG_MISSING: "CONFIG_MISSING";
+    readonly AUTH_FAILED: "AUTH_FAILED";
+    readonly COOKIE_ERROR: "COOKIE_ERROR";
+    readonly GRAPHQL_ERROR: "GRAPHQL_ERROR";
+    readonly CONTEXT_CREATION_FAILED: "CONTEXT_CREATION_FAILED";
+    readonly TOKEN_REFRESH_FAILED: "TOKEN_REFRESH_FAILED";
+};
+/**
+ * Creates a configuration missing error
+ */
+declare function createConfigMissingError(missingConfig: string): AmplifyAstroAdapterError;
+/**
+ * Creates an authentication failed error
+ */
+declare function createAuthFailedError(reason: string): AmplifyAstroAdapterError;
+/**
+ * Creates a cookie error
+ */
+declare function createCookieError(operation: string, reason: string): AmplifyAstroAdapterError;
+/**
+ * Creates a GraphQL error
+ */
+declare function createGraphQLError(operation: string, reason: string): AmplifyAstroAdapterError;
+/**
+ * Creates a context creation failed error
+ */
+declare function createContextCreationError(reason: string): AmplifyAstroAdapterError;
+/**
+ * Creates a token refresh failed error
+ */
+declare function createTokenRefreshError(reason: string): AmplifyAstroAdapterError;
+
+export { AmplifyAstroAdapterError, type AstroAmplifyConfig, AstroServer, ErrorCodes, createAuthFailedError, createConfigMissingError, createContextCreationError, createCookieError, createCookieStorageAdapterFromAstroContext, createGraphQLError, createRunWithAmplifyServerContext, createTokenRefreshError, globalSettings };

package/dist/amplify-astro-adapter/index.js

@@ -0,0 +1,295 @@
+// src/amplify-astro-adapter/createRunWithAmplifyServerContext.ts
+import { sharedInMemoryStorage } from "aws-amplify/utils";
+import {
+  createAWSCredentialsAndIdentityIdProvider,
+  createKeyValueStorageFromCookieStorageAdapter,
+  createUserPoolsTokenProvider,
+  runWithAmplifyServerContext as coreRunWithContext
+} from "aws-amplify/adapter-core";
+
+// src/amplify-astro-adapter/globalSettings.ts
+var globalSettings = /* @__PURE__ */ (() => {
+  let runtimeOptions = {};
+  let serverSideAuthEnabled = true;
+  let sslOrigin = false;
+  return {
+    setRuntimeOptions(opts) {
+      runtimeOptions = opts ?? {};
+    },
+    getRuntimeOptions() {
+      return runtimeOptions;
+    },
+    enableServerSideAuth() {
+      serverSideAuthEnabled = true;
+    },
+    isServerSideAuthEnabled() {
+      return serverSideAuthEnabled;
+    },
+    setIsSSLOrigin(v) {
+      sslOrigin = v;
+    },
+    isSSLOrigin() {
+      return sslOrigin;
+    }
+  };
+})();
+
+// src/utils/logger.ts
+var isDebugEnabled = () => {
+  if (typeof process !== "undefined" && process.env) {
+    return process.env.DEBUG === "true" || process.env.HTLKG_DEBUG === "true" || process.env.DEBUG === "*";
+  }
+  try {
+    if (typeof import.meta !== "undefined" && import.meta.env) {
+      return import.meta.env.DEBUG === "true" || // @ts-ignore
+      import.meta.env.HTLKG_DEBUG === "true" || // @ts-ignore
+      import.meta.env.DEV === true;
+    }
+  } catch {
+  }
+  return false;
+};
+var formatMessage = (namespace, message) => {
+  return `[${namespace}] ${message}`;
+};
+var logger = {
+  /**
+   * Debug log - only shown when DEBUG=true
+   */
+  debug(namespace, message, ...args) {
+    if (isDebugEnabled()) {
+      console.log(formatMessage(namespace, message), ...args);
+    }
+  },
+  /**
+   * Info log - always shown
+   */
+  info(namespace, message, ...args) {
+    console.info(formatMessage(namespace, message), ...args);
+  },
+  /**
+   * Warning log - always shown
+   */
+  warn(namespace, message, ...args) {
+    console.warn(formatMessage(namespace, message), ...args);
+  },
+  /**
+   * Error log - always shown
+   */
+  error(namespace, message, ...args) {
+    console.error(formatMessage(namespace, message), ...args);
+  }
+};
+var createLogger = (namespace) => ({
+  debug: (message, ...args) => logger.debug(namespace, message, ...args),
+  info: (message, ...args) => logger.info(namespace, message, ...args),
+  warn: (message, ...args) => logger.warn(namespace, message, ...args),
+  error: (message, ...args) => logger.error(namespace, message, ...args)
+});
+
+// src/amplify-astro-adapter/createCookieStorageAdapterFromAstroContext.ts
+var log = createLogger("cookie-storage-adapter");
+function ensureEncodedForJSCookie(name) {
+  return encodeURIComponent(name).replace(/%(2[346B]|5E|60|7C)/g, decodeURIComponent);
+}
+function parseCookieHeader(cookieHeader) {
+  const out = {};
+  if (!cookieHeader) return out;
+  for (const part of cookieHeader.split(";")) {
+    const [rawName, ...rest] = part.trim().split("=");
+    const name = decodeURIComponent(rawName || "");
+    const value = decodeURIComponent(rest.join("=") || "");
+    if (name) out[name] = value;
+  }
+  return out;
+}
+function mapSameSite(s) {
+  if (s === true) return "strict";
+  if (s === false) return "lax";
+  if (s === "lax" || s === "strict" || s === "none") return s;
+  return void 0;
+}
+async function createCookieStorageAdapterFromAstroContext(astroServerContext) {
+  if (astroServerContext === null) {
+    log.debug("Context is null, returning no-op adapter");
+    return {
+      get: () => void 0,
+      getAll: () => [],
+      set: () => {
+      },
+      delete: () => {
+      }
+    };
+  }
+  const { cookies, request } = astroServerContext;
+  const cookieHeader = request?.headers?.get("cookie");
+  const headerCookies = parseCookieHeader(cookieHeader ?? null);
+  const cookieNames = Object.keys(headerCookies);
+  const cognitoCookies = cookieNames.filter((name) => name.includes("CognitoIdentityServiceProvider"));
+  log.debug("Available cookies:", cookieNames.length);
+  log.debug("Cognito cookies found:", cognitoCookies.length);
+  if (cognitoCookies.length > 0) {
+    log.debug("Cognito cookie names:", cognitoCookies);
+  }
+  const adapter = {
+    get(name) {
+      const encodedName = ensureEncodedForJSCookie(name);
+      const v = cookies?.get(encodedName)?.value ?? headerCookies[encodedName] ?? headerCookies[name];
+      if (name.includes("accessToken") || name.includes("idToken") || name.includes("refreshToken") || name.includes("LastAuthUser")) {
+        log.debug(`get('${name}'): ${v ? "FOUND" : "NOT FOUND"}`);
+      }
+      return v ? { name, value: v } : void 0;
+    },
+    getAll() {
+      const fromAPI = typeof cookies?.getAll === "function" ? cookies.getAll().map((c) => ({ name: c.name, value: c.value })) : Object.entries(headerCookies).map(([name, value]) => ({ name, value }));
+      return fromAPI;
+    },
+    set(name, value, options) {
+      try {
+        cookies.set(name, value, {
+          ...options ?? {},
+          sameSite: mapSameSite(options?.sameSite)
+        });
+      } catch {
+      }
+    },
+    delete(name) {
+      try {
+        cookies.delete(name);
+      } catch {
+      }
+    }
+  };
+  return adapter;
+}
+
+// src/amplify-astro-adapter/createRunWithAmplifyServerContext.ts
+var log2 = createLogger("amplify-server-context");
+var createRunWithAmplifyServerContext = ({
+  config: resourcesConfig,
+  globalSettings: globalSettings2 = globalSettings
+}) => {
+  const isServerSideAuthEnabled = globalSettings2.isServerSideAuthEnabled();
+  const isSSLOrigin = globalSettings2.isSSLOrigin();
+  const setCookieOptions = globalSettings2.getRuntimeOptions().cookies ?? {};
+  log2.debug("Settings:", {
+    isServerSideAuthEnabled,
+    isSSLOrigin,
+    hasCookieOptions: Object.keys(setCookieOptions).length > 0
+  });
+  const mergedSetCookieOptions = {
+    ...isServerSideAuthEnabled && { httpOnly: true, sameSite: "lax" },
+    ...setCookieOptions,
+    ...isServerSideAuthEnabled && { secure: isSSLOrigin },
+    path: "/"
+  };
+  const runWithContext = async ({
+    astroServerContext,
+    operation
+  }) => {
+    if (resourcesConfig.Auth) {
+      const cookieAdapter = await createCookieStorageAdapterFromAstroContext(astroServerContext);
+      const keyValueStorage = astroServerContext === null ? sharedInMemoryStorage : createKeyValueStorageFromCookieStorageAdapter(
+        cookieAdapter,
+        void 0,
+        mergedSetCookieOptions
+      );
+      const credentialsProvider = createAWSCredentialsAndIdentityIdProvider(
+        resourcesConfig.Auth,
+        keyValueStorage
+      );
+      const tokenProvider = createUserPoolsTokenProvider(
+        resourcesConfig.Auth,
+        keyValueStorage
+      );
+      return coreRunWithContext(
+        resourcesConfig,
+        { Auth: { credentialsProvider, tokenProvider } },
+        operation
+      );
+    }
+    return coreRunWithContext(resourcesConfig, {}, operation);
+  };
+  return runWithContext;
+};
+
+// src/amplify-astro-adapter/errors.ts
+var AmplifyAstroAdapterError = class _AmplifyAstroAdapterError extends Error {
+  code;
+  recoverySuggestion;
+  constructor(message, code, recoverySuggestion) {
+    super(message);
+    this.name = "AmplifyAstroAdapterError";
+    this.code = code;
+    this.recoverySuggestion = recoverySuggestion;
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(this, _AmplifyAstroAdapterError);
+    }
+  }
+};
+var ErrorCodes = {
+  CONFIG_MISSING: "CONFIG_MISSING",
+  AUTH_FAILED: "AUTH_FAILED",
+  COOKIE_ERROR: "COOKIE_ERROR",
+  GRAPHQL_ERROR: "GRAPHQL_ERROR",
+  CONTEXT_CREATION_FAILED: "CONTEXT_CREATION_FAILED",
+  TOKEN_REFRESH_FAILED: "TOKEN_REFRESH_FAILED"
+};
+function createConfigMissingError(missingConfig) {
+  return new AmplifyAstroAdapterError(
+    `Amplify configuration is missing: ${missingConfig}`,
+    ErrorCodes.CONFIG_MISSING,
+    "Ensure amplify_outputs.json is properly configured and accessible to the adapter"
+  );
+}
+function createAuthFailedError(reason) {
+  return new AmplifyAstroAdapterError(
+    `Authentication failed: ${reason}`,
+    ErrorCodes.AUTH_FAILED,
+    "Check that authentication tokens are valid and not expired"
+  );
+}
+function createCookieError(operation, reason) {
+  return new AmplifyAstroAdapterError(
+    `Cookie ${operation} failed: ${reason}`,
+    ErrorCodes.COOKIE_ERROR,
+    "Verify cookie data format and ensure cookies are properly set in the response"
+  );
+}
+function createGraphQLError(operation, reason) {
+  return new AmplifyAstroAdapterError(
+    `GraphQL ${operation} failed: ${reason}`,
+    ErrorCodes.GRAPHQL_ERROR,
+    "Check network connectivity and GraphQL schema configuration"
+  );
+}
+function createContextCreationError(reason) {
+  return new AmplifyAstroAdapterError(
+    `Server context creation failed: ${reason}`,
+    ErrorCodes.CONTEXT_CREATION_FAILED,
+    "Verify Amplify configuration and authentication setup"
+  );
+}
+function createTokenRefreshError(reason) {
+  return new AmplifyAstroAdapterError(
+    `Token refresh failed: ${reason}`,
+    ErrorCodes.TOKEN_REFRESH_FAILED,
+    "User may need to re-authenticate or check refresh token validity"
+  );
+}
+export {
+  AmplifyAstroAdapterError,
+  ErrorCodes,
+  createAuthFailedError,
+  createConfigMissingError,
+  createContextCreationError,
+  createCookieError,
+  createCookieStorageAdapterFromAstroContext,
+  createGraphQLError,
+  createLogger,
+  createRunWithAmplifyServerContext,
+  createTokenRefreshError,
+  globalSettings,
+  logger
+};
+//# sourceMappingURL=index.js.map

package/dist/amplify-astro-adapter/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/amplify-astro-adapter/createRunWithAmplifyServerContext.ts","../../src/amplify-astro-adapter/globalSettings.ts","../../src/utils/logger.ts","../../src/amplify-astro-adapter/createCookieStorageAdapterFromAstroContext.ts","../../src/amplify-astro-adapter/errors.ts"],"sourcesContent":["import type { ResourcesConfig } from 'aws-amplify';\nimport { sharedInMemoryStorage } from 'aws-amplify/utils';\nimport {\n  createAWSCredentialsAndIdentityIdProvider,\n  createKeyValueStorageFromCookieStorageAdapter,\n  createUserPoolsTokenProvider,\n  runWithAmplifyServerContext as coreRunWithContext,\n} from 'aws-amplify/adapter-core';\n\nimport type { AstroServer } from './types';\nimport { globalSettings as defaultGlobalSettings } from './globalSettings';\nimport { createCookieStorageAdapterFromAstroContext } from './createCookieStorageAdapterFromAstroContext';\nimport { createLogger } from '../utils/logger';\n\nconst log = createLogger('amplify-server-context');\n\n/**\n * Creates a function that runs operations within the Amplify server context.\n *\n * IMPORTANT: Pass globalSettings explicitly to avoid module singleton issues\n * when using linked packages or different bundling contexts.\n */\nexport const createRunWithAmplifyServerContext = ({\n  config: resourcesConfig,\n  globalSettings = defaultGlobalSettings,\n}: {\n  config: ResourcesConfig;\n  globalSettings?: AstroServer.GlobalSettings;\n}): AstroServer.RunOperationWithContext => {\n  const isServerSideAuthEnabled = globalSettings.isServerSideAuthEnabled();\n  const isSSLOrigin = globalSettings.isSSLOrigin();\n  const setCookieOptions = globalSettings.getRuntimeOptions().cookies ?? {};\n\n  log.debug('Settings:', {\n    isServerSideAuthEnabled,\n    isSSLOrigin,\n    hasCookieOptions: Object.keys(setCookieOptions).length > 0,\n  });\n  \n  const mergedSetCookieOptions = {\n    ...(isServerSideAuthEnabled && { httpOnly: true, sameSite: 'lax' as const }),\n    ...setCookieOptions,\n    ...(isServerSideAuthEnabled && { secure: isSSLOrigin }),\n    path: '/',\n  };\n\n  const runWithContext: AstroServer.RunOperationWithContext = async ({\n    astroServerContext,\n    operation,\n  }) => {\n    if (resourcesConfig.Auth) {\n      const cookieAdapter = await createCookieStorageAdapterFromAstroContext(astroServerContext);\n      \n      const keyValueStorage =\n        astroServerContext === null\n          ? sharedInMemoryStorage\n          : createKeyValueStorageFromCookieStorageAdapter(\n              cookieAdapter,\n              undefined,\n              mergedSetCookieOptions\n            );\n\n      const credentialsProvider = createAWSCredentialsAndIdentityIdProvider(\n        resourcesConfig.Auth,\n        keyValueStorage\n      );\n      \n      const tokenProvider = createUserPoolsTokenProvider(\n        resourcesConfig.Auth,\n        keyValueStorage\n      );\n\n      return coreRunWithContext(\n        resourcesConfig,\n        { Auth: { credentialsProvider, tokenProvider } },\n        operation\n      );\n    }\n\n    return coreRunWithContext(resourcesConfig, {}, operation);\n  };\n\n  return runWithContext;\n};\n","import type { AstroServer } from './types';\n\nexport const globalSettings: AstroServer.GlobalSettings = (() => {\n  let runtimeOptions: AstroServer.RuntimeOptions = {};\n  let serverSideAuthEnabled = true;\n  let sslOrigin = false;\n\n  return {\n    setRuntimeOptions(opts) { runtimeOptions = opts ?? {}; },\n    getRuntimeOptions() { return runtimeOptions; },\n    enableServerSideAuth() { serverSideAuthEnabled = true; },\n    isServerSideAuthEnabled() { return serverSideAuthEnabled; },\n    setIsSSLOrigin(v: boolean) { sslOrigin = v; },\n    isSSLOrigin() { return sslOrigin; },\n  };\n})();\n","/**\n * Simple debug logger utility\n * \n * Debug logs are only shown when DEBUG=true or HTLKG_DEBUG=true is set in environment.\n * Info logs are always shown.\n * \n * @example\n * ```typescript\n * import { logger } from '@htlkg/core/utils/logger';\n * \n * logger.debug('server-client', 'Detailed debug info', { data });\n * logger.info('server-client', 'Important info message');\n * logger.warn('server-client', 'Warning message');\n * logger.error('server-client', 'Error occurred', error);\n * ```\n */\n\ntype LogLevel = 'debug' | 'info' | 'warn' | 'error';\n\nconst isDebugEnabled = (): boolean => {\n  // Check Node.js environment variables\n  if (typeof process !== 'undefined' && process.env) {\n    return process.env.DEBUG === 'true' || \n           process.env.HTLKG_DEBUG === 'true' ||\n           process.env.DEBUG === '*';\n  }\n  // Browser/Vite environment - check for DEV mode\n  try {\n    // @ts-ignore - import.meta.env is Vite-specific\n    if (typeof import.meta !== 'undefined' && import.meta.env) {\n      // @ts-ignore\n      return import.meta.env.DEBUG === 'true' || \n             // @ts-ignore\n             import.meta.env.HTLKG_DEBUG === 'true' ||\n             // @ts-ignore\n             import.meta.env.DEV === true;\n    }\n  } catch {\n    // Ignore errors accessing import.meta\n  }\n  return false;\n};\n\nconst formatMessage = (namespace: string, message: string): string => {\n  return `[${namespace}] ${message}`;\n};\n\nexport const logger = {\n  /**\n   * Debug log - only shown when DEBUG=true\n   */\n  debug(namespace: string, message: string, ...args: unknown[]): void {\n    if (isDebugEnabled()) {\n      console.log(formatMessage(namespace, message), ...args);\n    }\n  },\n\n  /**\n   * Info log - always shown\n   */\n  info(namespace: string, message: string, ...args: unknown[]): void {\n    console.info(formatMessage(namespace, message), ...args);\n  },\n\n  /**\n   * Warning log - always shown\n   */\n  warn(namespace: string, message: string, ...args: unknown[]): void {\n    console.warn(formatMessage(namespace, message), ...args);\n  },\n\n  /**\n   * Error log - always shown\n   */\n  error(namespace: string, message: string, ...args: unknown[]): void {\n    console.error(formatMessage(namespace, message), ...args);\n  },\n};\n\n/**\n * Create a namespaced logger for a specific module\n */\nexport const createLogger = (namespace: string) => ({\n  debug: (message: string, ...args: unknown[]) => logger.debug(namespace, message, ...args),\n  info: (message: string, ...args: unknown[]) => logger.info(namespace, message, ...args),\n  warn: (message: string, ...args: unknown[]) => logger.warn(namespace, message, ...args),\n  error: (message: string, ...args: unknown[]) => logger.error(namespace, message, ...args),\n});\n","import type { CookieStorage } from 'aws-amplify/adapter-core';\nimport type { AstroServer } from './types';\nimport { createLogger } from '../utils/logger';\n\nconst log = createLogger('cookie-storage-adapter');\n\n// Ensures the cookie names are encoded in order to look up the cookie store\n// that is manipulated by js-cookie on the client side.\n// Details of the js-cookie encoding behavior see:\n// https://github.com/js-cookie/js-cookie#encoding\n// The implementation is borrowed from js-cookie without escaping `[()]` as\n// we are not using those chars in the auth keys.\nfunction ensureEncodedForJSCookie(name: string): string {\n  return encodeURIComponent(name).replace(/%(2[346B]|5E|60|7C)/g, decodeURIComponent);\n}\n\nfunction parseCookieHeader(cookieHeader: string | null) {\n  const out: Record<string, string> = {};\n  if (!cookieHeader) return out;\n  for (const part of cookieHeader.split(';')) {\n    const [rawName, ...rest] = part.trim().split('=');\n    const name = decodeURIComponent(rawName || '');\n    const value = decodeURIComponent(rest.join('=') || '');\n    if (name) out[name] = value;\n  }\n  return out;\n}\n\nfunction mapSameSite(\n  s: CookieStorage.SetCookieOptions['sameSite']\n): 'lax' | 'strict' | 'none' | undefined {\n  if (s === true) return 'strict';\n  if (s === false) return 'lax';\n  if (s === 'lax' || s === 'strict' || s === 'none') return s;\n  return undefined;\n}\n\nexport async function createCookieStorageAdapterFromAstroContext(\n  astroServerContext: AstroServer.ServerContext\n): Promise<CookieStorage.Adapter> {\n  if (astroServerContext === null) {\n    log.debug('Context is null, returning no-op adapter');\n    return {\n      get: () => undefined,\n      getAll: () => [],\n      set: () => {},\n      delete: () => {},\n    };\n  }\n\n  const { cookies, request } = astroServerContext;\n  const cookieHeader = request?.headers?.get('cookie');\n  const headerCookies = parseCookieHeader(cookieHeader ?? null);\n\n  // Debug: Log available cookies (names only for security)\n  const cookieNames = Object.keys(headerCookies);\n  const cognitoCookies = cookieNames.filter(name => name.includes('CognitoIdentityServiceProvider'));\n  log.debug('Available cookies:', cookieNames.length);\n  log.debug('Cognito cookies found:', cognitoCookies.length);\n  if (cognitoCookies.length > 0) {\n    log.debug('Cognito cookie names:', cognitoCookies);\n  }\n\n  const adapter: CookieStorage.Adapter = {\n    get(name) {\n      const encodedName = ensureEncodedForJSCookie(name);\n      const v = cookies?.get(encodedName)?.value ?? headerCookies[encodedName] ?? headerCookies[name];\n      // Debug: Log token lookups (only for auth-related cookies)\n      if (name.includes('accessToken') || name.includes('idToken') || name.includes('refreshToken') || name.includes('LastAuthUser')) {\n        log.debug(`get('${name}'): ${v ? 'FOUND' : 'NOT FOUND'}`);\n      }\n      return v ? { name, value: v } : undefined;\n    },\n    getAll() {\n      const fromAPI =\n        (typeof (cookies as any)?.getAll === 'function'\n          ? (cookies as any).getAll().map((c: any) => ({ name: c.name, value: c.value }))\n          : Object.entries(headerCookies).map(([name, value]) => ({ name, value })));\n      return fromAPI;\n    },\n    set(name, value, options) {\n      try {\n        (cookies as any).set(name, value, {\n          ...(options ?? {}),\n          sameSite: mapSameSite(options?.sameSite),\n        });\n      } catch {}\n    },\n    delete(name: string) {\n      try {\n        (cookies as any).delete(name);\n      } catch {}\n    },\n  };\n\n  return adapter;\n}\n","/**\n * Error classes for adapter-specific errors\n */\n\n/**\n * Base error class for Amplify Astro Adapter errors\n */\nexport class AmplifyAstroAdapterError extends Error {\n  public readonly code: string;\n  public readonly recoverySuggestion?: string;\n\n  constructor(\n    message: string,\n    code: string,\n    recoverySuggestion?: string\n  ) {\n    super(message);\n    this.name = 'AmplifyAstroAdapterError';\n    this.code = code;\n    this.recoverySuggestion = recoverySuggestion;\n\n    // Maintains proper stack trace for where our error was thrown (only available on V8)\n    if (Error.captureStackTrace) {\n      Error.captureStackTrace(this, AmplifyAstroAdapterError);\n    }\n  }\n}\n\n/**\n * Error codes for different types of adapter errors\n */\nexport const ErrorCodes = {\n  CONFIG_MISSING: 'CONFIG_MISSING',\n  AUTH_FAILED: 'AUTH_FAILED',\n  COOKIE_ERROR: 'COOKIE_ERROR',\n  GRAPHQL_ERROR: 'GRAPHQL_ERROR',\n  CONTEXT_CREATION_FAILED: 'CONTEXT_CREATION_FAILED',\n  TOKEN_REFRESH_FAILED: 'TOKEN_REFRESH_FAILED',\n} as const;\n\n/**\n * Creates a configuration missing error\n */\nexport function createConfigMissingError(missingConfig: string): AmplifyAstroAdapterError {\n  return new AmplifyAstroAdapterError(\n    `Amplify configuration is missing: ${missingConfig}`,\n    ErrorCodes.CONFIG_MISSING,\n    'Ensure amplify_outputs.json is properly configured and accessible to the adapter'\n  );\n}\n\n/**\n * Creates an authentication failed error\n */\nexport function createAuthFailedError(reason: string): AmplifyAstroAdapterError {\n  return new AmplifyAstroAdapterError(\n    `Authentication failed: ${reason}`,\n    ErrorCodes.AUTH_FAILED,\n    'Check that authentication tokens are valid and not expired'\n  );\n}\n\n/**\n * Creates a cookie error\n */\nexport function createCookieError(operation: string, reason: string): AmplifyAstroAdapterError {\n  return new AmplifyAstroAdapterError(\n    `Cookie ${operation} failed: ${reason}`,\n    ErrorCodes.COOKIE_ERROR,\n    'Verify cookie data format and ensure cookies are properly set in the response'\n  );\n}\n\n/**\n * Creates a GraphQL error\n */\nexport function createGraphQLError(operation: string, reason: string): AmplifyAstroAdapterError {\n  return new AmplifyAstroAdapterError(\n    `GraphQL ${operation} failed: ${reason}`,\n    ErrorCodes.GRAPHQL_ERROR,\n    'Check network connectivity and GraphQL schema configuration'\n  );\n}\n\n/**\n * Creates a context creation failed error\n */\nexport function createContextCreationError(reason: string): AmplifyAstroAdapterError {\n  return new AmplifyAstroAdapterError(\n    `Server context creation failed: ${reason}`,\n    ErrorCodes.CONTEXT_CREATION_FAILED,\n    'Verify Amplify configuration and authentication setup'\n  );\n}\n\n/**\n * Creates a token refresh failed error\n */\nexport function createTokenRefreshError(reason: string): AmplifyAstroAdapterError {\n  return new AmplifyAstroAdapterError(\n    `Token refresh failed: ${reason}`,\n    ErrorCodes.TOKEN_REFRESH_FAILED,\n    'User may need to re-authenticate or check refresh token validity'\n  );\n}\n"],"mappings":";AACA,SAAS,6BAA6B;AACtC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA,+BAA+B;AAAA,OAC1B;;;ACLA,IAAM,iBAA8C,uBAAM;AAC/D,MAAI,iBAA6C,CAAC;AAClD,MAAI,wBAAwB;AAC5B,MAAI,YAAY;AAEhB,SAAO;AAAA,IACL,kBAAkB,MAAM;AAAE,uBAAiB,QAAQ,CAAC;AAAA,IAAG;AAAA,IACvD,oBAAoB;AAAE,aAAO;AAAA,IAAgB;AAAA,IAC7C,uBAAuB;AAAE,8BAAwB;AAAA,IAAM;AAAA,IACvD,0BAA0B;AAAE,aAAO;AAAA,IAAuB;AAAA,IAC1D,eAAe,GAAY;AAAE,kBAAY;AAAA,IAAG;AAAA,IAC5C,cAAc;AAAE,aAAO;AAAA,IAAW;AAAA,EACpC;AACF,GAAG;;;ACIH,IAAM,iBAAiB,MAAe;AAEpC,MAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,WAAO,QAAQ,IAAI,UAAU,UACtB,QAAQ,IAAI,gBAAgB,UAC5B,QAAQ,IAAI,UAAU;AAAA,EAC/B;AAEA,MAAI;AAEF,QAAI,OAAO,gBAAgB,eAAe,YAAY,KAAK;AAEzD,aAAO,YAAY,IAAI,UAAU;AAAA,MAE1B,YAAY,IAAI,gBAAgB;AAAA,MAEhC,YAAY,IAAI,QAAQ;AAAA,IACjC;AAAA,EACF,QAAQ;AAAA,EAER;AACA,SAAO;AACT;AAEA,IAAM,gBAAgB,CAAC,WAAmB,YAA4B;AACpE,SAAO,IAAI,SAAS,KAAK,OAAO;AAClC;AAEO,IAAM,SAAS;AAAA;AAAA;AAAA;AAAA,EAIpB,MAAM,WAAmB,YAAoB,MAAuB;AAClE,QAAI,eAAe,GAAG;AACpB,cAAQ,IAAI,cAAc,WAAW,OAAO,GAAG,GAAG,IAAI;AAAA,IACxD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,WAAmB,YAAoB,MAAuB;AACjE,YAAQ,KAAK,cAAc,WAAW,OAAO,GAAG,GAAG,IAAI;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,WAAmB,YAAoB,MAAuB;AACjE,YAAQ,KAAK,cAAc,WAAW,OAAO,GAAG,GAAG,IAAI;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAmB,YAAoB,MAAuB;AAClE,YAAQ,MAAM,cAAc,WAAW,OAAO,GAAG,GAAG,IAAI;AAAA,EAC1D;AACF;AAKO,IAAM,eAAe,CAAC,eAAuB;AAAA,EAClD,OAAO,CAAC,YAAoB,SAAoB,OAAO,MAAM,WAAW,SAAS,GAAG,IAAI;AAAA,EACxF,MAAM,CAAC,YAAoB,SAAoB,OAAO,KAAK,WAAW,SAAS,GAAG,IAAI;AAAA,EACtF,MAAM,CAAC,YAAoB,SAAoB,OAAO,KAAK,WAAW,SAAS,GAAG,IAAI;AAAA,EACtF,OAAO,CAAC,YAAoB,SAAoB,OAAO,MAAM,WAAW,SAAS,GAAG,IAAI;AAC1F;;;ACnFA,IAAM,MAAM,aAAa,wBAAwB;AAQjD,SAAS,yBAAyB,MAAsB;AACtD,SAAO,mBAAmB,IAAI,EAAE,QAAQ,wBAAwB,kBAAkB;AACpF;AAEA,SAAS,kBAAkB,cAA6B;AACtD,QAAM,MAA8B,CAAC;AACrC,MAAI,CAAC,aAAc,QAAO;AAC1B,aAAW,QAAQ,aAAa,MAAM,GAAG,GAAG;AAC1C,UAAM,CAAC,SAAS,GAAG,IAAI,IAAI,KAAK,KAAK,EAAE,MAAM,GAAG;AAChD,UAAM,OAAO,mBAAmB,WAAW,EAAE;AAC7C,UAAM,QAAQ,mBAAmB,KAAK,KAAK,GAAG,KAAK,EAAE;AACrD,QAAI,KAAM,KAAI,IAAI,IAAI;AAAA,EACxB;AACA,SAAO;AACT;AAEA,SAAS,YACP,GACuC;AACvC,MAAI,MAAM,KAAM,QAAO;AACvB,MAAI,MAAM,MAAO,QAAO;AACxB,MAAI,MAAM,SAAS,MAAM,YAAY,MAAM,OAAQ,QAAO;AAC1D,SAAO;AACT;AAEA,eAAsB,2CACpB,oBACgC;AAChC,MAAI,uBAAuB,MAAM;AAC/B,QAAI,MAAM,0CAA0C;AACpD,WAAO;AAAA,MACL,KAAK,MAAM;AAAA,MACX,QAAQ,MAAM,CAAC;AAAA,MACf,KAAK,MAAM;AAAA,MAAC;AAAA,MACZ,QAAQ,MAAM;AAAA,MAAC;AAAA,IACjB;AAAA,EACF;AAEA,QAAM,EAAE,SAAS,QAAQ,IAAI;AAC7B,QAAM,eAAe,SAAS,SAAS,IAAI,QAAQ;AACnD,QAAM,gBAAgB,kBAAkB,gBAAgB,IAAI;AAG5D,QAAM,cAAc,OAAO,KAAK,aAAa;AAC7C,QAAM,iBAAiB,YAAY,OAAO,UAAQ,KAAK,SAAS,gCAAgC,CAAC;AACjG,MAAI,MAAM,sBAAsB,YAAY,MAAM;AAClD,MAAI,MAAM,0BAA0B,eAAe,MAAM;AACzD,MAAI,eAAe,SAAS,GAAG;AAC7B,QAAI,MAAM,yBAAyB,cAAc;AAAA,EACnD;AAEA,QAAM,UAAiC;AAAA,IACrC,IAAI,MAAM;AACR,YAAM,cAAc,yBAAyB,IAAI;AACjD,YAAM,IAAI,SAAS,IAAI,WAAW,GAAG,SAAS,cAAc,WAAW,KAAK,cAAc,IAAI;AAE9F,UAAI,KAAK,SAAS,aAAa,KAAK,KAAK,SAAS,SAAS,KAAK,KAAK,SAAS,cAAc,KAAK,KAAK,SAAS,cAAc,GAAG;AAC9H,YAAI,MAAM,QAAQ,IAAI,OAAO,IAAI,UAAU,WAAW,EAAE;AAAA,MAC1D;AACA,aAAO,IAAI,EAAE,MAAM,OAAO,EAAE,IAAI;AAAA,IAClC;AAAA,IACA,SAAS;AACP,YAAM,UACH,OAAQ,SAAiB,WAAW,aAChC,QAAgB,OAAO,EAAE,IAAI,CAAC,OAAY,EAAE,MAAM,EAAE,MAAM,OAAO,EAAE,MAAM,EAAE,IAC5E,OAAO,QAAQ,aAAa,EAAE,IAAI,CAAC,CAAC,MAAM,KAAK,OAAO,EAAE,MAAM,MAAM,EAAE;AAC5E,aAAO;AAAA,IACT;AAAA,IACA,IAAI,MAAM,OAAO,SAAS;AACxB,UAAI;AACF,QAAC,QAAgB,IAAI,MAAM,OAAO;AAAA,UAChC,GAAI,WAAW,CAAC;AAAA,UAChB,UAAU,YAAY,SAAS,QAAQ;AAAA,QACzC,CAAC;AAAA,MACH,QAAQ;AAAA,MAAC;AAAA,IACX;AAAA,IACA,OAAO,MAAc;AACnB,UAAI;AACF,QAAC,QAAgB,OAAO,IAAI;AAAA,MAC9B,QAAQ;AAAA,MAAC;AAAA,IACX;AAAA,EACF;AAEA,SAAO;AACT;;;AHlFA,IAAMA,OAAM,aAAa,wBAAwB;AAQ1C,IAAM,oCAAoC,CAAC;AAAA,EAChD,QAAQ;AAAA,EACR,gBAAAC,kBAAiB;AACnB,MAG2C;AACzC,QAAM,0BAA0BA,gBAAe,wBAAwB;AACvE,QAAM,cAAcA,gBAAe,YAAY;AAC/C,QAAM,mBAAmBA,gBAAe,kBAAkB,EAAE,WAAW,CAAC;AAExE,EAAAD,KAAI,MAAM,aAAa;AAAA,IACrB;AAAA,IACA;AAAA,IACA,kBAAkB,OAAO,KAAK,gBAAgB,EAAE,SAAS;AAAA,EAC3D,CAAC;AAED,QAAM,yBAAyB;AAAA,IAC7B,GAAI,2BAA2B,EAAE,UAAU,MAAM,UAAU,MAAe;AAAA,IAC1E,GAAG;AAAA,IACH,GAAI,2BAA2B,EAAE,QAAQ,YAAY;AAAA,IACrD,MAAM;AAAA,EACR;AAEA,QAAM,iBAAsD,OAAO;AAAA,IACjE;AAAA,IACA;AAAA,EACF,MAAM;AACJ,QAAI,gBAAgB,MAAM;AACxB,YAAM,gBAAgB,MAAM,2CAA2C,kBAAkB;AAEzF,YAAM,kBACJ,uBAAuB,OACnB,wBACA;AAAA,QACE;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEN,YAAM,sBAAsB;AAAA,QAC1B,gBAAgB;AAAA,QAChB;AAAA,MACF;AAEA,YAAM,gBAAgB;AAAA,QACpB,gBAAgB;AAAA,QAChB;AAAA,MACF;AAEA,aAAO;AAAA,QACL;AAAA,QACA,EAAE,MAAM,EAAE,qBAAqB,cAAc,EAAE;AAAA,QAC/C;AAAA,MACF;AAAA,IACF;AAEA,WAAO,mBAAmB,iBAAiB,CAAC,GAAG,SAAS;AAAA,EAC1D;AAEA,SAAO;AACT;;;AI5EO,IAAM,2BAAN,MAAM,kCAAiC,MAAM;AAAA,EAClC;AAAA,EACA;AAAA,EAEhB,YACE,SACA,MACA,oBACA;AACA,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,qBAAqB;AAG1B,QAAI,MAAM,mBAAmB;AAC3B,YAAM,kBAAkB,MAAM,yBAAwB;AAAA,IACxD;AAAA,EACF;AACF;AAKO,IAAM,aAAa;AAAA,EACxB,gBAAgB;AAAA,EAChB,aAAa;AAAA,EACb,cAAc;AAAA,EACd,eAAe;AAAA,EACf,yBAAyB;AAAA,EACzB,sBAAsB;AACxB;AAKO,SAAS,yBAAyB,eAAiD;AACxF,SAAO,IAAI;AAAA,IACT,qCAAqC,aAAa;AAAA,IAClD,WAAW;AAAA,IACX;AAAA,EACF;AACF;AAKO,SAAS,sBAAsB,QAA0C;AAC9E,SAAO,IAAI;AAAA,IACT,0BAA0B,MAAM;AAAA,IAChC,WAAW;AAAA,IACX;AAAA,EACF;AACF;AAKO,SAAS,kBAAkB,WAAmB,QAA0C;AAC7F,SAAO,IAAI;AAAA,IACT,UAAU,SAAS,YAAY,MAAM;AAAA,IACrC,WAAW;AAAA,IACX;AAAA,EACF;AACF;AAKO,SAAS,mBAAmB,WAAmB,QAA0C;AAC9F,SAAO,IAAI;AAAA,IACT,WAAW,SAAS,YAAY,MAAM;AAAA,IACtC,WAAW;AAAA,IACX;AAAA,EACF;AACF;AAKO,SAAS,2BAA2B,QAA0C;AACnF,SAAO,IAAI;AAAA,IACT,mCAAmC,MAAM;AAAA,IACzC,WAAW;AAAA,IACX;AAAA,EACF;AACF;AAKO,SAAS,wBAAwB,QAA0C;AAChF,SAAO,IAAI;AAAA,IACT,yBAAyB,MAAM;AAAA,IAC/B,WAAW;AAAA,IACX;AAAA,EACF;AACF;","names":["log","globalSettings"]}

package/dist/auth/index.d.ts

@@ -20,7 +20,7 @@ interface User {
 }
 /**
  * Get current authenticated user (server-side)
- * This is a simplified version that will be enhanced with Amplify server context
+ * Reads Amplify auth cookies from the request and validates the session
  */
 declare function getUser(context: APIContext): Promise<User | null>;
 /**