@intlayer/backend 7.1.3 → 7.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (854) hide show
  1. package/README.md +0 -3
  2. package/dist/assets/utils/AI/askDocQuestion/embeddings/docs/en/intlayer_with_tanstack.json +10242 -9216
  3. package/dist/types/controllers/dictionary.controller.d.ts.map +1 -1
  4. package/dist/types/controllers/organization.controller.d.ts.map +1 -1
  5. package/dist/types/controllers/projectAccessKey.controller.d.ts.map +1 -1
  6. package/dist/types/controllers/tag.controller.d.ts.map +1 -1
  7. package/dist/types/emails/InviteUserEmail.d.ts +4 -4
  8. package/dist/types/emails/InviteUserEmail.d.ts.map +1 -1
  9. package/dist/types/emails/MagicLinkEmail.d.ts +4 -4
  10. package/dist/types/emails/MagicLinkEmail.d.ts.map +1 -1
  11. package/dist/types/emails/OAuthTokenCreatedEmail.d.ts +4 -4
  12. package/dist/types/emails/OAuthTokenCreatedEmail.d.ts.map +1 -1
  13. package/dist/types/emails/PasswordChangeConfirmation.d.ts +4 -4
  14. package/dist/types/emails/ResetUserPassword.d.ts +4 -4
  15. package/dist/types/emails/ResetUserPassword.d.ts.map +1 -1
  16. package/dist/types/emails/SubscriptionPaymentCancellation.d.ts +4 -4
  17. package/dist/types/emails/SubscriptionPaymentCancellation.d.ts.map +1 -1
  18. package/dist/types/emails/SubscriptionPaymentError.d.ts +4 -4
  19. package/dist/types/emails/SubscriptionPaymentError.d.ts.map +1 -1
  20. package/dist/types/emails/SubscriptionPaymentSuccess.d.ts +4 -4
  21. package/dist/types/emails/ValidateUserEmail.d.ts +4 -4
  22. package/dist/types/emails/Welcome.d.ts +4 -4
  23. package/dist/types/models/dictionary.model.d.ts +4 -4
  24. package/dist/types/models/discussion.model.d.ts +2 -2
  25. package/dist/types/models/discussion.model.d.ts.map +1 -1
  26. package/dist/types/models/oAuth2.model.d.ts +3 -3
  27. package/dist/types/routes/search.routes.d.ts.map +1 -1
  28. package/dist/types/routes/tags.routes.d.ts.map +1 -1
  29. package/dist/types/routes/user.routes.d.ts.map +1 -1
  30. package/dist/types/schemas/dictionary.schema.d.ts +6 -6
  31. package/dist/types/schemas/dictionary.schema.d.ts.map +1 -1
  32. package/dist/types/schemas/discussion.schema.d.ts +6 -6
  33. package/dist/types/schemas/discussion.schema.d.ts.map +1 -1
  34. package/dist/types/schemas/oAuth2.schema.d.ts +5 -5
  35. package/dist/types/schemas/oAuth2.schema.d.ts.map +1 -1
  36. package/dist/types/schemas/organization.schema.d.ts +6 -6
  37. package/dist/types/schemas/project.schema.d.ts +6 -6
  38. package/dist/types/schemas/session.schema.d.ts +6 -6
  39. package/dist/types/schemas/tag.schema.d.ts +6 -6
  40. package/dist/types/schemas/user.schema.d.ts +6 -6
  41. package/dist/types/services/email.service.d.ts +11 -11
  42. package/dist/types/utils/filtersAndPagination/getDictionaryFiltersAndPagination.d.ts +2 -2
  43. package/dist/types/utils/filtersAndPagination/getDiscussionFiltersAndPagination.d.ts +2 -2
  44. package/dist/types/utils/filtersAndPagination/getOrganizationFiltersAndPagination.d.ts +2 -2
  45. package/dist/types/utils/filtersAndPagination/getProjectFiltersAndPagination.d.ts +2 -2
  46. package/dist/types/utils/filtersAndPagination/getTagFiltersAndPagination.d.ts +2 -2
  47. package/package.json +7 -7
  48. package/dist/cjs/controllers/audit.controller.cjs +0 -186
  49. package/dist/cjs/controllers/audit.controller.cjs.map +0 -1
  50. package/dist/cjs/models/audit.model.cjs +0 -10
  51. package/dist/cjs/models/audit.model.cjs.map +0 -1
  52. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/index.cjs +0 -16
  53. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/index.cjs.map +0 -1
  54. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/templates/encrypted-key.tpl.xml.cjs +0 -25
  55. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/templates/encrypted-key.tpl.xml.cjs.map +0 -1
  56. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/templates/keyinfo.tpl.xml.cjs +0 -31
  57. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/templates/keyinfo.tpl.xml.cjs.map +0 -1
  58. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/utils.cjs +0 -38
  59. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/utils.cjs.map +0 -1
  60. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/xmlenc.cjs +0 -231
  61. package/dist/cjs/node_modules/@authenio/xml-encryption/lib/xmlenc.cjs.map +0 -1
  62. package/dist/cjs/node_modules/@better-auth/sso/dist/index.cjs +0 -1210
  63. package/dist/cjs/node_modules/@better-auth/sso/dist/index.cjs.map +0 -1
  64. package/dist/cjs/node_modules/@better-fetch/fetch/dist/index.cjs +0 -362
  65. package/dist/cjs/node_modules/@better-fetch/fetch/dist/index.cjs.map +0 -1
  66. package/dist/cjs/node_modules/@xmldom/is-dom-node/dist/index.cjs +0 -89
  67. package/dist/cjs/node_modules/@xmldom/is-dom-node/dist/index.cjs.map +0 -1
  68. package/dist/cjs/node_modules/@xmldom/xmldom/lib/conventions.cjs +0 -110
  69. package/dist/cjs/node_modules/@xmldom/xmldom/lib/conventions.cjs.map +0 -1
  70. package/dist/cjs/node_modules/@xmldom/xmldom/lib/dom-parser.cjs +0 -248
  71. package/dist/cjs/node_modules/@xmldom/xmldom/lib/dom-parser.cjs.map +0 -1
  72. package/dist/cjs/node_modules/@xmldom/xmldom/lib/dom.cjs +0 -1309
  73. package/dist/cjs/node_modules/@xmldom/xmldom/lib/dom.cjs.map +0 -1
  74. package/dist/cjs/node_modules/@xmldom/xmldom/lib/entities.cjs +0 -2176
  75. package/dist/cjs/node_modules/@xmldom/xmldom/lib/entities.cjs.map +0 -1
  76. package/dist/cjs/node_modules/@xmldom/xmldom/lib/index.cjs +0 -20
  77. package/dist/cjs/node_modules/@xmldom/xmldom/lib/index.cjs.map +0 -1
  78. package/dist/cjs/node_modules/@xmldom/xmldom/lib/sax.cjs +0 -499
  79. package/dist/cjs/node_modules/@xmldom/xmldom/lib/sax.cjs.map +0 -1
  80. package/dist/cjs/node_modules/asn1/lib/ber/errors.cjs +0 -20
  81. package/dist/cjs/node_modules/asn1/lib/ber/errors.cjs.map +0 -1
  82. package/dist/cjs/node_modules/asn1/lib/ber/index.cjs +0 -28
  83. package/dist/cjs/node_modules/asn1/lib/ber/index.cjs.map +0 -1
  84. package/dist/cjs/node_modules/asn1/lib/ber/reader.cjs +0 -167
  85. package/dist/cjs/node_modules/asn1/lib/ber/reader.cjs.map +0 -1
  86. package/dist/cjs/node_modules/asn1/lib/ber/types.cjs +0 -47
  87. package/dist/cjs/node_modules/asn1/lib/ber/types.cjs.map +0 -1
  88. package/dist/cjs/node_modules/asn1/lib/ber/writer.cjs +0 -223
  89. package/dist/cjs/node_modules/asn1/lib/ber/writer.cjs.map +0 -1
  90. package/dist/cjs/node_modules/asn1/lib/index.cjs +0 -21
  91. package/dist/cjs/node_modules/asn1/lib/index.cjs.map +0 -1
  92. package/dist/cjs/node_modules/camelcase/index.cjs +0 -78
  93. package/dist/cjs/node_modules/camelcase/index.cjs.map +0 -1
  94. package/dist/cjs/node_modules/escape-html/index.cjs +0 -71
  95. package/dist/cjs/node_modules/escape-html/index.cjs.map +0 -1
  96. package/dist/cjs/node_modules/fast-xml-parser/src/fxp.cjs +0 -9
  97. package/dist/cjs/node_modules/fast-xml-parser/src/fxp.cjs.map +0 -1
  98. package/dist/cjs/node_modules/fast-xml-parser/src/util.cjs +0 -29
  99. package/dist/cjs/node_modules/fast-xml-parser/src/util.cjs.map +0 -1
  100. package/dist/cjs/node_modules/fast-xml-parser/src/validator.cjs +0 -244
  101. package/dist/cjs/node_modules/fast-xml-parser/src/validator.cjs.map +0 -1
  102. package/dist/cjs/node_modules/jose/dist/webapi/lib/base64.cjs +0 -14
  103. package/dist/cjs/node_modules/jose/dist/webapi/lib/base64.cjs.map +0 -1
  104. package/dist/cjs/node_modules/jose/dist/webapi/lib/buffer_utils.cjs +0 -10
  105. package/dist/cjs/node_modules/jose/dist/webapi/lib/buffer_utils.cjs.map +0 -1
  106. package/dist/cjs/node_modules/jose/dist/webapi/lib/is_object.cjs +0 -17
  107. package/dist/cjs/node_modules/jose/dist/webapi/lib/is_object.cjs.map +0 -1
  108. package/dist/cjs/node_modules/jose/dist/webapi/util/base64url.cjs +0 -20
  109. package/dist/cjs/node_modules/jose/dist/webapi/util/base64url.cjs.map +0 -1
  110. package/dist/cjs/node_modules/jose/dist/webapi/util/decode_jwt.cjs +0 -32
  111. package/dist/cjs/node_modules/jose/dist/webapi/util/decode_jwt.cjs.map +0 -1
  112. package/dist/cjs/node_modules/jose/dist/webapi/util/errors.cjs +0 -28
  113. package/dist/cjs/node_modules/jose/dist/webapi/util/errors.cjs.map +0 -1
  114. package/dist/cjs/node_modules/node-forge/lib/aes.cjs +0 -604
  115. package/dist/cjs/node_modules/node-forge/lib/aes.cjs.map +0 -1
  116. package/dist/cjs/node_modules/node-forge/lib/aesCipherSuites.cjs +0 -202
  117. package/dist/cjs/node_modules/node-forge/lib/aesCipherSuites.cjs.map +0 -1
  118. package/dist/cjs/node_modules/node-forge/lib/asn1-validator.cjs +0 -83
  119. package/dist/cjs/node_modules/node-forge/lib/asn1-validator.cjs.map +0 -1
  120. package/dist/cjs/node_modules/node-forge/lib/asn1.cjs +0 -945
  121. package/dist/cjs/node_modules/node-forge/lib/asn1.cjs.map +0 -1
  122. package/dist/cjs/node_modules/node-forge/lib/baseN.cjs +0 -144
  123. package/dist/cjs/node_modules/node-forge/lib/baseN.cjs.map +0 -1
  124. package/dist/cjs/node_modules/node-forge/lib/cipher.cjs +0 -193
  125. package/dist/cjs/node_modules/node-forge/lib/cipher.cjs.map +0 -1
  126. package/dist/cjs/node_modules/node-forge/lib/cipherModes.cjs +0 -604
  127. package/dist/cjs/node_modules/node-forge/lib/cipherModes.cjs.map +0 -1
  128. package/dist/cjs/node_modules/node-forge/lib/des.cjs +0 -1194
  129. package/dist/cjs/node_modules/node-forge/lib/des.cjs.map +0 -1
  130. package/dist/cjs/node_modules/node-forge/lib/ed25519.cjs +0 -1027
  131. package/dist/cjs/node_modules/node-forge/lib/ed25519.cjs.map +0 -1
  132. package/dist/cjs/node_modules/node-forge/lib/forge.cjs +0 -22
  133. package/dist/cjs/node_modules/node-forge/lib/forge.cjs.map +0 -1
  134. package/dist/cjs/node_modules/node-forge/lib/hmac.cjs +0 -114
  135. package/dist/cjs/node_modules/node-forge/lib/hmac.cjs.map +0 -1
  136. package/dist/cjs/node_modules/node-forge/lib/index.cjs +0 -73
  137. package/dist/cjs/node_modules/node-forge/lib/index.cjs.map +0 -1
  138. package/dist/cjs/node_modules/node-forge/lib/jsbn.cjs +0 -1263
  139. package/dist/cjs/node_modules/node-forge/lib/jsbn.cjs.map +0 -1
  140. package/dist/cjs/node_modules/node-forge/lib/kem.cjs +0 -153
  141. package/dist/cjs/node_modules/node-forge/lib/kem.cjs.map +0 -1
  142. package/dist/cjs/node_modules/node-forge/lib/log.cjs +0 -248
  143. package/dist/cjs/node_modules/node-forge/lib/log.cjs.map +0 -1
  144. package/dist/cjs/node_modules/node-forge/lib/md.all.cjs +0 -31
  145. package/dist/cjs/node_modules/node-forge/lib/md.all.cjs.map +0 -1
  146. package/dist/cjs/node_modules/node-forge/lib/md.cjs +0 -25
  147. package/dist/cjs/node_modules/node-forge/lib/md.cjs.map +0 -1
  148. package/dist/cjs/node_modules/node-forge/lib/md5.cjs +0 -331
  149. package/dist/cjs/node_modules/node-forge/lib/md5.cjs.map +0 -1
  150. package/dist/cjs/node_modules/node-forge/lib/mgf.cjs +0 -27
  151. package/dist/cjs/node_modules/node-forge/lib/mgf.cjs.map +0 -1
  152. package/dist/cjs/node_modules/node-forge/lib/mgf1.cjs +0 -51
  153. package/dist/cjs/node_modules/node-forge/lib/mgf1.cjs.map +0 -1
  154. package/dist/cjs/node_modules/node-forge/lib/oids.cjs +0 -160
  155. package/dist/cjs/node_modules/node-forge/lib/oids.cjs.map +0 -1
  156. package/dist/cjs/node_modules/node-forge/lib/pbe.cjs +0 -822
  157. package/dist/cjs/node_modules/node-forge/lib/pbe.cjs.map +0 -1
  158. package/dist/cjs/node_modules/node-forge/lib/pbkdf2.cjs +0 -132
  159. package/dist/cjs/node_modules/node-forge/lib/pbkdf2.cjs.map +0 -1
  160. package/dist/cjs/node_modules/node-forge/lib/pem.cjs +0 -182
  161. package/dist/cjs/node_modules/node-forge/lib/pem.cjs.map +0 -1
  162. package/dist/cjs/node_modules/node-forge/lib/pkcs1.cjs +0 -207
  163. package/dist/cjs/node_modules/node-forge/lib/pkcs1.cjs.map +0 -1
  164. package/dist/cjs/node_modules/node-forge/lib/pkcs12.cjs +0 -730
  165. package/dist/cjs/node_modules/node-forge/lib/pkcs12.cjs.map +0 -1
  166. package/dist/cjs/node_modules/node-forge/lib/pkcs7.cjs +0 -648
  167. package/dist/cjs/node_modules/node-forge/lib/pkcs7.cjs.map +0 -1
  168. package/dist/cjs/node_modules/node-forge/lib/pkcs7asn1.cjs +0 -412
  169. package/dist/cjs/node_modules/node-forge/lib/pkcs7asn1.cjs.map +0 -1
  170. package/dist/cjs/node_modules/node-forge/lib/pki.cjs +0 -108
  171. package/dist/cjs/node_modules/node-forge/lib/pki.cjs.map +0 -1
  172. package/dist/cjs/node_modules/node-forge/lib/prime.cjs +0 -200
  173. package/dist/cjs/node_modules/node-forge/lib/prime.cjs.map +0 -1
  174. package/dist/cjs/node_modules/node-forge/lib/prng.cjs +0 -297
  175. package/dist/cjs/node_modules/node-forge/lib/prng.cjs.map +0 -1
  176. package/dist/cjs/node_modules/node-forge/lib/pss.cjs +0 -148
  177. package/dist/cjs/node_modules/node-forge/lib/pss.cjs.map +0 -1
  178. package/dist/cjs/node_modules/node-forge/lib/random.cjs +0 -148
  179. package/dist/cjs/node_modules/node-forge/lib/random.cjs.map +0 -1
  180. package/dist/cjs/node_modules/node-forge/lib/rc2.cjs +0 -545
  181. package/dist/cjs/node_modules/node-forge/lib/rc2.cjs.map +0 -1
  182. package/dist/cjs/node_modules/node-forge/lib/rsa.cjs +0 -1306
  183. package/dist/cjs/node_modules/node-forge/lib/rsa.cjs.map +0 -1
  184. package/dist/cjs/node_modules/node-forge/lib/sha1.cjs +0 -237
  185. package/dist/cjs/node_modules/node-forge/lib/sha1.cjs.map +0 -1
  186. package/dist/cjs/node_modules/node-forge/lib/sha256.cjs +0 -274
  187. package/dist/cjs/node_modules/node-forge/lib/sha256.cjs.map +0 -1
  188. package/dist/cjs/node_modules/node-forge/lib/sha512.cjs +0 -420
  189. package/dist/cjs/node_modules/node-forge/lib/sha512.cjs.map +0 -1
  190. package/dist/cjs/node_modules/node-forge/lib/ssh.cjs +0 -201
  191. package/dist/cjs/node_modules/node-forge/lib/ssh.cjs.map +0 -1
  192. package/dist/cjs/node_modules/node-forge/lib/tls.cjs +0 -3662
  193. package/dist/cjs/node_modules/node-forge/lib/tls.cjs.map +0 -1
  194. package/dist/cjs/node_modules/node-forge/lib/util.cjs +0 -2124
  195. package/dist/cjs/node_modules/node-forge/lib/util.cjs.map +0 -1
  196. package/dist/cjs/node_modules/node-forge/lib/x509.cjs +0 -2171
  197. package/dist/cjs/node_modules/node-forge/lib/x509.cjs.map +0 -1
  198. package/dist/cjs/node_modules/node-rsa/src/NodeRSA.cjs +0 -341
  199. package/dist/cjs/node_modules/node-rsa/src/NodeRSA.cjs.map +0 -1
  200. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/encryptEngines.cjs +0 -26
  201. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/encryptEngines.cjs.map +0 -1
  202. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/io.cjs +0 -65
  203. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/io.cjs.map +0 -1
  204. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/js.cjs +0 -44
  205. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/js.cjs.map +0 -1
  206. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/node12.cjs +0 -49
  207. package/dist/cjs/node_modules/node-rsa/src/encryptEngines/node12.cjs.map +0 -1
  208. package/dist/cjs/node_modules/node-rsa/src/formats/components.cjs +0 -55
  209. package/dist/cjs/node_modules/node-rsa/src/formats/components.cjs.map +0 -1
  210. package/dist/cjs/node_modules/node-rsa/src/formats/formats.cjs +0 -86
  211. package/dist/cjs/node_modules/node-rsa/src/formats/formats.cjs.map +0 -1
  212. package/dist/cjs/node_modules/node-rsa/src/formats/openssh.cjs +0 -177
  213. package/dist/cjs/node_modules/node-rsa/src/formats/openssh.cjs.map +0 -1
  214. package/dist/cjs/node_modules/node-rsa/src/formats/pkcs1.cjs +0 -104
  215. package/dist/cjs/node_modules/node-rsa/src/formats/pkcs1.cjs.map +0 -1
  216. package/dist/cjs/node_modules/node-rsa/src/formats/pkcs8.cjs +0 -131
  217. package/dist/cjs/node_modules/node-rsa/src/formats/pkcs8.cjs.map +0 -1
  218. package/dist/cjs/node_modules/node-rsa/src/libs/jsbn.cjs +0 -1347
  219. package/dist/cjs/node_modules/node-rsa/src/libs/jsbn.cjs.map +0 -1
  220. package/dist/cjs/node_modules/node-rsa/src/libs/rsa.cjs +0 -231
  221. package/dist/cjs/node_modules/node-rsa/src/libs/rsa.cjs.map +0 -1
  222. package/dist/cjs/node_modules/node-rsa/src/schemes/oaep.cjs +0 -123
  223. package/dist/cjs/node_modules/node-rsa/src/schemes/oaep.cjs.map +0 -1
  224. package/dist/cjs/node_modules/node-rsa/src/schemes/pkcs1.cjs +0 -175
  225. package/dist/cjs/node_modules/node-rsa/src/schemes/pkcs1.cjs.map +0 -1
  226. package/dist/cjs/node_modules/node-rsa/src/schemes/pss.cjs +0 -123
  227. package/dist/cjs/node_modules/node-rsa/src/schemes/pss.cjs.map +0 -1
  228. package/dist/cjs/node_modules/node-rsa/src/schemes/schemes.cjs +0 -28
  229. package/dist/cjs/node_modules/node-rsa/src/schemes/schemes.cjs.map +0 -1
  230. package/dist/cjs/node_modules/node-rsa/src/utils.cjs +0 -84
  231. package/dist/cjs/node_modules/node-rsa/src/utils.cjs.map +0 -1
  232. package/dist/cjs/node_modules/pako/index.cjs +0 -25
  233. package/dist/cjs/node_modules/pako/index.cjs.map +0 -1
  234. package/dist/cjs/node_modules/pako/lib/deflate.cjs +0 -311
  235. package/dist/cjs/node_modules/pako/lib/deflate.cjs.map +0 -1
  236. package/dist/cjs/node_modules/pako/lib/inflate.cjs +0 -317
  237. package/dist/cjs/node_modules/pako/lib/inflate.cjs.map +0 -1
  238. package/dist/cjs/node_modules/pako/lib/utils/common.cjs +0 -77
  239. package/dist/cjs/node_modules/pako/lib/utils/common.cjs.map +0 -1
  240. package/dist/cjs/node_modules/pako/lib/utils/strings.cjs +0 -131
  241. package/dist/cjs/node_modules/pako/lib/utils/strings.cjs.map +0 -1
  242. package/dist/cjs/node_modules/pako/lib/zlib/adler32.cjs +0 -29
  243. package/dist/cjs/node_modules/pako/lib/zlib/adler32.cjs.map +0 -1
  244. package/dist/cjs/node_modules/pako/lib/zlib/constants.cjs +0 -43
  245. package/dist/cjs/node_modules/pako/lib/zlib/constants.cjs.map +0 -1
  246. package/dist/cjs/node_modules/pako/lib/zlib/crc32.cjs +0 -31
  247. package/dist/cjs/node_modules/pako/lib/zlib/crc32.cjs.map +0 -1
  248. package/dist/cjs/node_modules/pako/lib/zlib/deflate.cjs +0 -889
  249. package/dist/cjs/node_modules/pako/lib/zlib/deflate.cjs.map +0 -1
  250. package/dist/cjs/node_modules/pako/lib/zlib/gzheader.cjs +0 -27
  251. package/dist/cjs/node_modules/pako/lib/zlib/gzheader.cjs.map +0 -1
  252. package/dist/cjs/node_modules/pako/lib/zlib/inffast.cjs +0 -227
  253. package/dist/cjs/node_modules/pako/lib/zlib/inffast.cjs.map +0 -1
  254. package/dist/cjs/node_modules/pako/lib/zlib/inflate.cjs +0 -1038
  255. package/dist/cjs/node_modules/pako/lib/zlib/inflate.cjs.map +0 -1
  256. package/dist/cjs/node_modules/pako/lib/zlib/inftrees.cjs +0 -278
  257. package/dist/cjs/node_modules/pako/lib/zlib/inftrees.cjs.map +0 -1
  258. package/dist/cjs/node_modules/pako/lib/zlib/messages.cjs +0 -25
  259. package/dist/cjs/node_modules/pako/lib/zlib/messages.cjs.map +0 -1
  260. package/dist/cjs/node_modules/pako/lib/zlib/trees.cjs +0 -626
  261. package/dist/cjs/node_modules/pako/lib/zlib/trees.cjs.map +0 -1
  262. package/dist/cjs/node_modules/pako/lib/zlib/zstream.cjs +0 -29
  263. package/dist/cjs/node_modules/pako/lib/zlib/zstream.cjs.map +0 -1
  264. package/dist/cjs/node_modules/safer-buffer/safer.cjs +0 -52
  265. package/dist/cjs/node_modules/safer-buffer/safer.cjs.map +0 -1
  266. package/dist/cjs/node_modules/samlify/build/index.cjs +0 -120
  267. package/dist/cjs/node_modules/samlify/build/index.cjs.map +0 -1
  268. package/dist/cjs/node_modules/samlify/build/src/api.cjs +0 -36
  269. package/dist/cjs/node_modules/samlify/build/src/api.cjs.map +0 -1
  270. package/dist/cjs/node_modules/samlify/build/src/binding-post.cjs +0 -507
  271. package/dist/cjs/node_modules/samlify/build/src/binding-post.cjs.map +0 -1
  272. package/dist/cjs/node_modules/samlify/build/src/binding-redirect.cjs +0 -342
  273. package/dist/cjs/node_modules/samlify/build/src/binding-redirect.cjs.map +0 -1
  274. package/dist/cjs/node_modules/samlify/build/src/binding-simplesign.cjs +0 -361
  275. package/dist/cjs/node_modules/samlify/build/src/binding-simplesign.cjs.map +0 -1
  276. package/dist/cjs/node_modules/samlify/build/src/entity-idp.cjs +0 -282
  277. package/dist/cjs/node_modules/samlify/build/src/entity-idp.cjs.map +0 -1
  278. package/dist/cjs/node_modules/samlify/build/src/entity-sp.cjs +0 -145
  279. package/dist/cjs/node_modules/samlify/build/src/entity-sp.cjs.map +0 -1
  280. package/dist/cjs/node_modules/samlify/build/src/entity.cjs +0 -256
  281. package/dist/cjs/node_modules/samlify/build/src/entity.cjs.map +0 -1
  282. package/dist/cjs/node_modules/samlify/build/src/extractor.cjs +0 -355
  283. package/dist/cjs/node_modules/samlify/build/src/extractor.cjs.map +0 -1
  284. package/dist/cjs/node_modules/samlify/build/src/flow.cjs +0 -392
  285. package/dist/cjs/node_modules/samlify/build/src/flow.cjs.map +0 -1
  286. package/dist/cjs/node_modules/samlify/build/src/libsaml.cjs +0 -547
  287. package/dist/cjs/node_modules/samlify/build/src/libsaml.cjs.map +0 -1
  288. package/dist/cjs/node_modules/samlify/build/src/metadata-idp.cjs +0 -174
  289. package/dist/cjs/node_modules/samlify/build/src/metadata-idp.cjs.map +0 -1
  290. package/dist/cjs/node_modules/samlify/build/src/metadata-sp.cjs +0 -217
  291. package/dist/cjs/node_modules/samlify/build/src/metadata-sp.cjs.map +0 -1
  292. package/dist/cjs/node_modules/samlify/build/src/metadata.cjs +0 -203
  293. package/dist/cjs/node_modules/samlify/build/src/metadata.cjs.map +0 -1
  294. package/dist/cjs/node_modules/samlify/build/src/urn.cjs +0 -228
  295. package/dist/cjs/node_modules/samlify/build/src/urn.cjs.map +0 -1
  296. package/dist/cjs/node_modules/samlify/build/src/utility.cjs +0 -280
  297. package/dist/cjs/node_modules/samlify/build/src/utility.cjs.map +0 -1
  298. package/dist/cjs/node_modules/samlify/build/src/validator.cjs +0 -56
  299. package/dist/cjs/node_modules/samlify/build/src/validator.cjs.map +0 -1
  300. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/index.cjs +0 -50
  301. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/index.cjs.map +0 -1
  302. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/md5.cjs +0 -25
  303. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/md5.cjs.map +0 -1
  304. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/nil.cjs +0 -18
  305. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/nil.cjs.map +0 -1
  306. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/parse.cjs +0 -42
  307. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/parse.cjs.map +0 -1
  308. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/regex.cjs +0 -18
  309. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/regex.cjs.map +0 -1
  310. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/rng.cjs +0 -28
  311. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/rng.cjs.map +0 -1
  312. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/sha1.cjs +0 -25
  313. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/sha1.cjs.map +0 -1
  314. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/stringify.cjs +0 -27
  315. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/stringify.cjs.map +0 -1
  316. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v1.cjs +0 -69
  317. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v1.cjs.map +0 -1
  318. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v3.cjs +0 -23
  319. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v3.cjs.map +0 -1
  320. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v35.cjs +0 -54
  321. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v35.cjs.map +0 -1
  322. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v4.cjs +0 -34
  323. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v4.cjs.map +0 -1
  324. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v5.cjs +0 -23
  325. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/v5.cjs.map +0 -1
  326. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/validate.cjs +0 -23
  327. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/validate.cjs.map +0 -1
  328. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/version.cjs +0 -24
  329. package/dist/cjs/node_modules/samlify/node_modules/uuid/dist/esm-node/version.cjs.map +0 -1
  330. package/dist/cjs/node_modules/xml/lib/escapeForXML.cjs +0 -27
  331. package/dist/cjs/node_modules/xml/lib/escapeForXML.cjs.map +0 -1
  332. package/dist/cjs/node_modules/xml/lib/xml.cjs +0 -186
  333. package/dist/cjs/node_modules/xml/lib/xml.cjs.map +0 -1
  334. package/dist/cjs/node_modules/xml-crypto/lib/c14n-canonicalization.cjs +0 -202
  335. package/dist/cjs/node_modules/xml-crypto/lib/c14n-canonicalization.cjs.map +0 -1
  336. package/dist/cjs/node_modules/xml-crypto/lib/enveloped-signature.cjs +0 -52
  337. package/dist/cjs/node_modules/xml-crypto/lib/enveloped-signature.cjs.map +0 -1
  338. package/dist/cjs/node_modules/xml-crypto/lib/exclusive-canonicalization.cjs +0 -223
  339. package/dist/cjs/node_modules/xml-crypto/lib/exclusive-canonicalization.cjs.map +0 -1
  340. package/dist/cjs/node_modules/xml-crypto/lib/hash-algorithms.cjs +0 -56
  341. package/dist/cjs/node_modules/xml-crypto/lib/hash-algorithms.cjs.map +0 -1
  342. package/dist/cjs/node_modules/xml-crypto/lib/index.cjs +0 -73
  343. package/dist/cjs/node_modules/xml-crypto/lib/index.cjs.map +0 -1
  344. package/dist/cjs/node_modules/xml-crypto/lib/signature-algorithms.cjs +0 -91
  345. package/dist/cjs/node_modules/xml-crypto/lib/signature-algorithms.cjs.map +0 -1
  346. package/dist/cjs/node_modules/xml-crypto/lib/signed-xml.cjs +0 -695
  347. package/dist/cjs/node_modules/xml-crypto/lib/signed-xml.cjs.map +0 -1
  348. package/dist/cjs/node_modules/xml-crypto/lib/types.cjs +0 -58
  349. package/dist/cjs/node_modules/xml-crypto/lib/types.cjs.map +0 -1
  350. package/dist/cjs/node_modules/xml-crypto/lib/utils.cjs +0 -213
  351. package/dist/cjs/node_modules/xml-crypto/lib/utils.cjs.map +0 -1
  352. package/dist/cjs/node_modules/xml-crypto/node_modules/xpath/xpath.cjs +0 -3445
  353. package/dist/cjs/node_modules/xml-crypto/node_modules/xpath/xpath.cjs.map +0 -1
  354. package/dist/cjs/node_modules/xml-escape/index.cjs +0 -30
  355. package/dist/cjs/node_modules/xml-escape/index.cjs.map +0 -1
  356. package/dist/cjs/node_modules/xpath/xpath.cjs +0 -3410
  357. package/dist/cjs/node_modules/xpath/xpath.cjs.map +0 -1
  358. package/dist/cjs/node_modules/zod/v4/classic/errors.cjs +0 -31
  359. package/dist/cjs/node_modules/zod/v4/classic/errors.cjs.map +0 -1
  360. package/dist/cjs/node_modules/zod/v4/classic/iso.cjs +0 -42
  361. package/dist/cjs/node_modules/zod/v4/classic/iso.cjs.map +0 -1
  362. package/dist/cjs/node_modules/zod/v4/classic/parse.cjs +0 -32
  363. package/dist/cjs/node_modules/zod/v4/classic/parse.cjs.map +0 -1
  364. package/dist/cjs/node_modules/zod/v4/classic/schemas.cjs +0 -527
  365. package/dist/cjs/node_modules/zod/v4/classic/schemas.cjs.map +0 -1
  366. package/dist/cjs/node_modules/zod/v4/core/api.cjs +0 -443
  367. package/dist/cjs/node_modules/zod/v4/core/api.cjs.map +0 -1
  368. package/dist/cjs/node_modules/zod/v4/core/checks.cjs +0 -238
  369. package/dist/cjs/node_modules/zod/v4/core/checks.cjs.map +0 -1
  370. package/dist/cjs/node_modules/zod/v4/core/core.cjs +0 -63
  371. package/dist/cjs/node_modules/zod/v4/core/core.cjs.map +0 -1
  372. package/dist/cjs/node_modules/zod/v4/core/doc.cjs +0 -36
  373. package/dist/cjs/node_modules/zod/v4/core/doc.cjs.map +0 -1
  374. package/dist/cjs/node_modules/zod/v4/core/errors.cjs +0 -67
  375. package/dist/cjs/node_modules/zod/v4/core/errors.cjs.map +0 -1
  376. package/dist/cjs/node_modules/zod/v4/core/parse.cjs +0 -124
  377. package/dist/cjs/node_modules/zod/v4/core/parse.cjs.map +0 -1
  378. package/dist/cjs/node_modules/zod/v4/core/regexes.cjs +0 -87
  379. package/dist/cjs/node_modules/zod/v4/core/regexes.cjs.map +0 -1
  380. package/dist/cjs/node_modules/zod/v4/core/registries.cjs +0 -55
  381. package/dist/cjs/node_modules/zod/v4/core/registries.cjs.map +0 -1
  382. package/dist/cjs/node_modules/zod/v4/core/schemas.cjs +0 -1115
  383. package/dist/cjs/node_modules/zod/v4/core/schemas.cjs.map +0 -1
  384. package/dist/cjs/node_modules/zod/v4/core/util.cjs +0 -333
  385. package/dist/cjs/node_modules/zod/v4/core/util.cjs.map +0 -1
  386. package/dist/cjs/node_modules/zod/v4/core/versions.cjs +0 -12
  387. package/dist/cjs/node_modules/zod/v4/core/versions.cjs.map +0 -1
  388. package/dist/esm/_virtual/rolldown_runtime.mjs +0 -43
  389. package/dist/esm/controllers/audit.controller.mjs +0 -182
  390. package/dist/esm/controllers/audit.controller.mjs.map +0 -1
  391. package/dist/esm/models/audit.model.mjs +0 -9
  392. package/dist/esm/models/audit.model.mjs.map +0 -1
  393. package/dist/esm/node_modules/@authenio/xml-encryption/lib/index.mjs +0 -13
  394. package/dist/esm/node_modules/@authenio/xml-encryption/lib/index.mjs.map +0 -1
  395. package/dist/esm/node_modules/@authenio/xml-encryption/lib/templates/encrypted-key.tpl.xml.mjs +0 -22
  396. package/dist/esm/node_modules/@authenio/xml-encryption/lib/templates/encrypted-key.tpl.xml.mjs.map +0 -1
  397. package/dist/esm/node_modules/@authenio/xml-encryption/lib/templates/keyinfo.tpl.xml.mjs +0 -28
  398. package/dist/esm/node_modules/@authenio/xml-encryption/lib/templates/keyinfo.tpl.xml.mjs.map +0 -1
  399. package/dist/esm/node_modules/@authenio/xml-encryption/lib/utils.mjs +0 -35
  400. package/dist/esm/node_modules/@authenio/xml-encryption/lib/utils.mjs.map +0 -1
  401. package/dist/esm/node_modules/@authenio/xml-encryption/lib/xmlenc.mjs +0 -228
  402. package/dist/esm/node_modules/@authenio/xml-encryption/lib/xmlenc.mjs.map +0 -1
  403. package/dist/esm/node_modules/@better-auth/sso/dist/index.mjs +0 -1210
  404. package/dist/esm/node_modules/@better-auth/sso/dist/index.mjs.map +0 -1
  405. package/dist/esm/node_modules/@better-fetch/fetch/dist/index.mjs +0 -359
  406. package/dist/esm/node_modules/@better-fetch/fetch/dist/index.mjs.map +0 -1
  407. package/dist/esm/node_modules/@xmldom/is-dom-node/dist/index.mjs +0 -86
  408. package/dist/esm/node_modules/@xmldom/is-dom-node/dist/index.mjs.map +0 -1
  409. package/dist/esm/node_modules/@xmldom/xmldom/lib/conventions.mjs +0 -107
  410. package/dist/esm/node_modules/@xmldom/xmldom/lib/conventions.mjs.map +0 -1
  411. package/dist/esm/node_modules/@xmldom/xmldom/lib/dom-parser.mjs +0 -245
  412. package/dist/esm/node_modules/@xmldom/xmldom/lib/dom-parser.mjs.map +0 -1
  413. package/dist/esm/node_modules/@xmldom/xmldom/lib/dom.mjs +0 -1306
  414. package/dist/esm/node_modules/@xmldom/xmldom/lib/dom.mjs.map +0 -1
  415. package/dist/esm/node_modules/@xmldom/xmldom/lib/entities.mjs +0 -2173
  416. package/dist/esm/node_modules/@xmldom/xmldom/lib/entities.mjs.map +0 -1
  417. package/dist/esm/node_modules/@xmldom/xmldom/lib/index.mjs +0 -17
  418. package/dist/esm/node_modules/@xmldom/xmldom/lib/index.mjs.map +0 -1
  419. package/dist/esm/node_modules/@xmldom/xmldom/lib/sax.mjs +0 -496
  420. package/dist/esm/node_modules/@xmldom/xmldom/lib/sax.mjs.map +0 -1
  421. package/dist/esm/node_modules/asn1/lib/ber/errors.mjs +0 -17
  422. package/dist/esm/node_modules/asn1/lib/ber/errors.mjs.map +0 -1
  423. package/dist/esm/node_modules/asn1/lib/ber/index.mjs +0 -25
  424. package/dist/esm/node_modules/asn1/lib/ber/index.mjs.map +0 -1
  425. package/dist/esm/node_modules/asn1/lib/ber/reader.mjs +0 -164
  426. package/dist/esm/node_modules/asn1/lib/ber/reader.mjs.map +0 -1
  427. package/dist/esm/node_modules/asn1/lib/ber/types.mjs +0 -44
  428. package/dist/esm/node_modules/asn1/lib/ber/types.mjs.map +0 -1
  429. package/dist/esm/node_modules/asn1/lib/ber/writer.mjs +0 -220
  430. package/dist/esm/node_modules/asn1/lib/ber/writer.mjs.map +0 -1
  431. package/dist/esm/node_modules/asn1/lib/index.mjs +0 -18
  432. package/dist/esm/node_modules/asn1/lib/index.mjs.map +0 -1
  433. package/dist/esm/node_modules/available-typed-arrays/index.mjs +0 -20
  434. package/dist/esm/node_modules/available-typed-arrays/index.mjs.map +0 -1
  435. package/dist/esm/node_modules/base64-js/index.mjs +0 -95
  436. package/dist/esm/node_modules/base64-js/index.mjs.map +0 -1
  437. package/dist/esm/node_modules/buffer/index.mjs +0 -1114
  438. package/dist/esm/node_modules/buffer/index.mjs.map +0 -1
  439. package/dist/esm/node_modules/call-bind/index.mjs +0 -26
  440. package/dist/esm/node_modules/call-bind/index.mjs.map +0 -1
  441. package/dist/esm/node_modules/call-bind-apply-helpers/actualApply.mjs +0 -21
  442. package/dist/esm/node_modules/call-bind-apply-helpers/actualApply.mjs.map +0 -1
  443. package/dist/esm/node_modules/call-bind-apply-helpers/applyBind.mjs +0 -21
  444. package/dist/esm/node_modules/call-bind-apply-helpers/applyBind.mjs.map +0 -1
  445. package/dist/esm/node_modules/call-bind-apply-helpers/functionApply.mjs +0 -13
  446. package/dist/esm/node_modules/call-bind-apply-helpers/functionApply.mjs.map +0 -1
  447. package/dist/esm/node_modules/call-bind-apply-helpers/functionCall.mjs +0 -13
  448. package/dist/esm/node_modules/call-bind-apply-helpers/functionCall.mjs.map +0 -1
  449. package/dist/esm/node_modules/call-bind-apply-helpers/index.mjs +0 -24
  450. package/dist/esm/node_modules/call-bind-apply-helpers/index.mjs.map +0 -1
  451. package/dist/esm/node_modules/call-bind-apply-helpers/reflectApply.mjs +0 -13
  452. package/dist/esm/node_modules/call-bind-apply-helpers/reflectApply.mjs.map +0 -1
  453. package/dist/esm/node_modules/call-bound/index.mjs +0 -23
  454. package/dist/esm/node_modules/call-bound/index.mjs.map +0 -1
  455. package/dist/esm/node_modules/camelcase/index.mjs +0 -75
  456. package/dist/esm/node_modules/camelcase/index.mjs.map +0 -1
  457. package/dist/esm/node_modules/define-data-property/index.mjs +0 -41
  458. package/dist/esm/node_modules/define-data-property/index.mjs.map +0 -1
  459. package/dist/esm/node_modules/dunder-proto/get.mjs +0 -28
  460. package/dist/esm/node_modules/dunder-proto/get.mjs.map +0 -1
  461. package/dist/esm/node_modules/es-define-property/index.mjs +0 -19
  462. package/dist/esm/node_modules/es-define-property/index.mjs.map +0 -1
  463. package/dist/esm/node_modules/es-errors/eval.mjs +0 -13
  464. package/dist/esm/node_modules/es-errors/eval.mjs.map +0 -1
  465. package/dist/esm/node_modules/es-errors/index.mjs +0 -13
  466. package/dist/esm/node_modules/es-errors/index.mjs.map +0 -1
  467. package/dist/esm/node_modules/es-errors/range.mjs +0 -13
  468. package/dist/esm/node_modules/es-errors/range.mjs.map +0 -1
  469. package/dist/esm/node_modules/es-errors/ref.mjs +0 -13
  470. package/dist/esm/node_modules/es-errors/ref.mjs.map +0 -1
  471. package/dist/esm/node_modules/es-errors/syntax.mjs +0 -13
  472. package/dist/esm/node_modules/es-errors/syntax.mjs.map +0 -1
  473. package/dist/esm/node_modules/es-errors/type.mjs +0 -13
  474. package/dist/esm/node_modules/es-errors/type.mjs.map +0 -1
  475. package/dist/esm/node_modules/es-errors/uri.mjs +0 -13
  476. package/dist/esm/node_modules/es-errors/uri.mjs.map +0 -1
  477. package/dist/esm/node_modules/es-object-atoms/index.mjs +0 -13
  478. package/dist/esm/node_modules/es-object-atoms/index.mjs.map +0 -1
  479. package/dist/esm/node_modules/escape-html/index.mjs +0 -68
  480. package/dist/esm/node_modules/escape-html/index.mjs.map +0 -1
  481. package/dist/esm/node_modules/fast-xml-parser/src/fxp.mjs +0 -8
  482. package/dist/esm/node_modules/fast-xml-parser/src/fxp.mjs.map +0 -1
  483. package/dist/esm/node_modules/fast-xml-parser/src/util.mjs +0 -26
  484. package/dist/esm/node_modules/fast-xml-parser/src/util.mjs.map +0 -1
  485. package/dist/esm/node_modules/fast-xml-parser/src/validator.mjs +0 -243
  486. package/dist/esm/node_modules/fast-xml-parser/src/validator.mjs.map +0 -1
  487. package/dist/esm/node_modules/for-each/index.mjs +0 -43
  488. package/dist/esm/node_modules/for-each/index.mjs.map +0 -1
  489. package/dist/esm/node_modules/function-bind/implementation.mjs +0 -59
  490. package/dist/esm/node_modules/function-bind/implementation.mjs.map +0 -1
  491. package/dist/esm/node_modules/function-bind/index.mjs +0 -14
  492. package/dist/esm/node_modules/function-bind/index.mjs.map +0 -1
  493. package/dist/esm/node_modules/generator-function/index.mjs +0 -14
  494. package/dist/esm/node_modules/generator-function/index.mjs.map +0 -1
  495. package/dist/esm/node_modules/get-intrinsic/index.mjs +0 -358
  496. package/dist/esm/node_modules/get-intrinsic/index.mjs.map +0 -1
  497. package/dist/esm/node_modules/get-proto/Object.getPrototypeOf.mjs +0 -15
  498. package/dist/esm/node_modules/get-proto/Object.getPrototypeOf.mjs.map +0 -1
  499. package/dist/esm/node_modules/get-proto/Reflect.getPrototypeOf.mjs +0 -13
  500. package/dist/esm/node_modules/get-proto/Reflect.getPrototypeOf.mjs.map +0 -1
  501. package/dist/esm/node_modules/get-proto/index.mjs +0 -26
  502. package/dist/esm/node_modules/get-proto/index.mjs.map +0 -1
  503. package/dist/esm/node_modules/gopd/gOPD.mjs +0 -13
  504. package/dist/esm/node_modules/gopd/gOPD.mjs.map +0 -1
  505. package/dist/esm/node_modules/gopd/index.mjs +0 -20
  506. package/dist/esm/node_modules/gopd/index.mjs.map +0 -1
  507. package/dist/esm/node_modules/has-property-descriptors/index.mjs +0 -25
  508. package/dist/esm/node_modules/has-property-descriptors/index.mjs.map +0 -1
  509. package/dist/esm/node_modules/has-symbols/index.mjs +0 -22
  510. package/dist/esm/node_modules/has-symbols/index.mjs.map +0 -1
  511. package/dist/esm/node_modules/has-symbols/shams.mjs +0 -36
  512. package/dist/esm/node_modules/has-symbols/shams.mjs.map +0 -1
  513. package/dist/esm/node_modules/has-tostringtag/shams.mjs +0 -17
  514. package/dist/esm/node_modules/has-tostringtag/shams.mjs.map +0 -1
  515. package/dist/esm/node_modules/hasown/index.mjs +0 -17
  516. package/dist/esm/node_modules/hasown/index.mjs.map +0 -1
  517. package/dist/esm/node_modules/ieee754/index.mjs +0 -80
  518. package/dist/esm/node_modules/ieee754/index.mjs.map +0 -1
  519. package/dist/esm/node_modules/inherits/inherits_browser.mjs +0 -31
  520. package/dist/esm/node_modules/inherits/inherits_browser.mjs.map +0 -1
  521. package/dist/esm/node_modules/is-arguments/index.mjs +0 -31
  522. package/dist/esm/node_modules/is-arguments/index.mjs.map +0 -1
  523. package/dist/esm/node_modules/is-callable/index.mjs +0 -87
  524. package/dist/esm/node_modules/is-callable/index.mjs.map +0 -1
  525. package/dist/esm/node_modules/is-generator-function/index.mjs +0 -32
  526. package/dist/esm/node_modules/is-generator-function/index.mjs.map +0 -1
  527. package/dist/esm/node_modules/is-regex/index.mjs +0 -58
  528. package/dist/esm/node_modules/is-regex/index.mjs.map +0 -1
  529. package/dist/esm/node_modules/is-typed-array/index.mjs +0 -17
  530. package/dist/esm/node_modules/is-typed-array/index.mjs.map +0 -1
  531. package/dist/esm/node_modules/jose/dist/webapi/lib/base64.mjs +0 -12
  532. package/dist/esm/node_modules/jose/dist/webapi/lib/base64.mjs.map +0 -1
  533. package/dist/esm/node_modules/jose/dist/webapi/lib/buffer_utils.mjs +0 -8
  534. package/dist/esm/node_modules/jose/dist/webapi/lib/buffer_utils.mjs.map +0 -1
  535. package/dist/esm/node_modules/jose/dist/webapi/lib/is_object.mjs +0 -15
  536. package/dist/esm/node_modules/jose/dist/webapi/lib/is_object.mjs.map +0 -1
  537. package/dist/esm/node_modules/jose/dist/webapi/util/base64url.mjs +0 -19
  538. package/dist/esm/node_modules/jose/dist/webapi/util/base64url.mjs.map +0 -1
  539. package/dist/esm/node_modules/jose/dist/webapi/util/decode_jwt.mjs +0 -31
  540. package/dist/esm/node_modules/jose/dist/webapi/util/decode_jwt.mjs.map +0 -1
  541. package/dist/esm/node_modules/jose/dist/webapi/util/errors.mjs +0 -26
  542. package/dist/esm/node_modules/jose/dist/webapi/util/errors.mjs.map +0 -1
  543. package/dist/esm/node_modules/math-intrinsics/abs.mjs +0 -13
  544. package/dist/esm/node_modules/math-intrinsics/abs.mjs.map +0 -1
  545. package/dist/esm/node_modules/math-intrinsics/floor.mjs +0 -13
  546. package/dist/esm/node_modules/math-intrinsics/floor.mjs.map +0 -1
  547. package/dist/esm/node_modules/math-intrinsics/isNaN.mjs +0 -15
  548. package/dist/esm/node_modules/math-intrinsics/isNaN.mjs.map +0 -1
  549. package/dist/esm/node_modules/math-intrinsics/max.mjs +0 -13
  550. package/dist/esm/node_modules/math-intrinsics/max.mjs.map +0 -1
  551. package/dist/esm/node_modules/math-intrinsics/min.mjs +0 -13
  552. package/dist/esm/node_modules/math-intrinsics/min.mjs.map +0 -1
  553. package/dist/esm/node_modules/math-intrinsics/pow.mjs +0 -13
  554. package/dist/esm/node_modules/math-intrinsics/pow.mjs.map +0 -1
  555. package/dist/esm/node_modules/math-intrinsics/round.mjs +0 -13
  556. package/dist/esm/node_modules/math-intrinsics/round.mjs.map +0 -1
  557. package/dist/esm/node_modules/math-intrinsics/sign.mjs +0 -18
  558. package/dist/esm/node_modules/math-intrinsics/sign.mjs.map +0 -1
  559. package/dist/esm/node_modules/node-forge/lib/aes.mjs +0 -601
  560. package/dist/esm/node_modules/node-forge/lib/aes.mjs.map +0 -1
  561. package/dist/esm/node_modules/node-forge/lib/aesCipherSuites.mjs +0 -199
  562. package/dist/esm/node_modules/node-forge/lib/aesCipherSuites.mjs.map +0 -1
  563. package/dist/esm/node_modules/node-forge/lib/asn1-validator.mjs +0 -80
  564. package/dist/esm/node_modules/node-forge/lib/asn1-validator.mjs.map +0 -1
  565. package/dist/esm/node_modules/node-forge/lib/asn1.mjs +0 -942
  566. package/dist/esm/node_modules/node-forge/lib/asn1.mjs.map +0 -1
  567. package/dist/esm/node_modules/node-forge/lib/baseN.mjs +0 -141
  568. package/dist/esm/node_modules/node-forge/lib/baseN.mjs.map +0 -1
  569. package/dist/esm/node_modules/node-forge/lib/cipher.mjs +0 -190
  570. package/dist/esm/node_modules/node-forge/lib/cipher.mjs.map +0 -1
  571. package/dist/esm/node_modules/node-forge/lib/cipherModes.mjs +0 -601
  572. package/dist/esm/node_modules/node-forge/lib/cipherModes.mjs.map +0 -1
  573. package/dist/esm/node_modules/node-forge/lib/des.mjs +0 -1191
  574. package/dist/esm/node_modules/node-forge/lib/des.mjs.map +0 -1
  575. package/dist/esm/node_modules/node-forge/lib/ed25519.mjs +0 -1024
  576. package/dist/esm/node_modules/node-forge/lib/ed25519.mjs.map +0 -1
  577. package/dist/esm/node_modules/node-forge/lib/forge.mjs +0 -19
  578. package/dist/esm/node_modules/node-forge/lib/forge.mjs.map +0 -1
  579. package/dist/esm/node_modules/node-forge/lib/hmac.mjs +0 -111
  580. package/dist/esm/node_modules/node-forge/lib/hmac.mjs.map +0 -1
  581. package/dist/esm/node_modules/node-forge/lib/index.mjs +0 -70
  582. package/dist/esm/node_modules/node-forge/lib/index.mjs.map +0 -1
  583. package/dist/esm/node_modules/node-forge/lib/jsbn.mjs +0 -1260
  584. package/dist/esm/node_modules/node-forge/lib/jsbn.mjs.map +0 -1
  585. package/dist/esm/node_modules/node-forge/lib/kem.mjs +0 -150
  586. package/dist/esm/node_modules/node-forge/lib/kem.mjs.map +0 -1
  587. package/dist/esm/node_modules/node-forge/lib/log.mjs +0 -245
  588. package/dist/esm/node_modules/node-forge/lib/log.mjs.map +0 -1
  589. package/dist/esm/node_modules/node-forge/lib/md.all.mjs +0 -28
  590. package/dist/esm/node_modules/node-forge/lib/md.all.mjs.map +0 -1
  591. package/dist/esm/node_modules/node-forge/lib/md.mjs +0 -22
  592. package/dist/esm/node_modules/node-forge/lib/md.mjs.map +0 -1
  593. package/dist/esm/node_modules/node-forge/lib/md5.mjs +0 -328
  594. package/dist/esm/node_modules/node-forge/lib/md5.mjs.map +0 -1
  595. package/dist/esm/node_modules/node-forge/lib/mgf.mjs +0 -24
  596. package/dist/esm/node_modules/node-forge/lib/mgf.mjs.map +0 -1
  597. package/dist/esm/node_modules/node-forge/lib/mgf1.mjs +0 -48
  598. package/dist/esm/node_modules/node-forge/lib/mgf1.mjs.map +0 -1
  599. package/dist/esm/node_modules/node-forge/lib/oids.mjs +0 -157
  600. package/dist/esm/node_modules/node-forge/lib/oids.mjs.map +0 -1
  601. package/dist/esm/node_modules/node-forge/lib/pbe.mjs +0 -819
  602. package/dist/esm/node_modules/node-forge/lib/pbe.mjs.map +0 -1
  603. package/dist/esm/node_modules/node-forge/lib/pbkdf2.mjs +0 -130
  604. package/dist/esm/node_modules/node-forge/lib/pbkdf2.mjs.map +0 -1
  605. package/dist/esm/node_modules/node-forge/lib/pem.mjs +0 -179
  606. package/dist/esm/node_modules/node-forge/lib/pem.mjs.map +0 -1
  607. package/dist/esm/node_modules/node-forge/lib/pkcs1.mjs +0 -204
  608. package/dist/esm/node_modules/node-forge/lib/pkcs1.mjs.map +0 -1
  609. package/dist/esm/node_modules/node-forge/lib/pkcs12.mjs +0 -727
  610. package/dist/esm/node_modules/node-forge/lib/pkcs12.mjs.map +0 -1
  611. package/dist/esm/node_modules/node-forge/lib/pkcs7.mjs +0 -645
  612. package/dist/esm/node_modules/node-forge/lib/pkcs7.mjs.map +0 -1
  613. package/dist/esm/node_modules/node-forge/lib/pkcs7asn1.mjs +0 -409
  614. package/dist/esm/node_modules/node-forge/lib/pkcs7asn1.mjs.map +0 -1
  615. package/dist/esm/node_modules/node-forge/lib/pki.mjs +0 -105
  616. package/dist/esm/node_modules/node-forge/lib/pki.mjs.map +0 -1
  617. package/dist/esm/node_modules/node-forge/lib/prime.mjs +0 -197
  618. package/dist/esm/node_modules/node-forge/lib/prime.mjs.map +0 -1
  619. package/dist/esm/node_modules/node-forge/lib/prng.mjs +0 -295
  620. package/dist/esm/node_modules/node-forge/lib/prng.mjs.map +0 -1
  621. package/dist/esm/node_modules/node-forge/lib/pss.mjs +0 -145
  622. package/dist/esm/node_modules/node-forge/lib/pss.mjs.map +0 -1
  623. package/dist/esm/node_modules/node-forge/lib/random.mjs +0 -145
  624. package/dist/esm/node_modules/node-forge/lib/random.mjs.map +0 -1
  625. package/dist/esm/node_modules/node-forge/lib/rc2.mjs +0 -542
  626. package/dist/esm/node_modules/node-forge/lib/rc2.mjs.map +0 -1
  627. package/dist/esm/node_modules/node-forge/lib/rsa.mjs +0 -1304
  628. package/dist/esm/node_modules/node-forge/lib/rsa.mjs.map +0 -1
  629. package/dist/esm/node_modules/node-forge/lib/sha1.mjs +0 -234
  630. package/dist/esm/node_modules/node-forge/lib/sha1.mjs.map +0 -1
  631. package/dist/esm/node_modules/node-forge/lib/sha256.mjs +0 -271
  632. package/dist/esm/node_modules/node-forge/lib/sha256.mjs.map +0 -1
  633. package/dist/esm/node_modules/node-forge/lib/sha512.mjs +0 -417
  634. package/dist/esm/node_modules/node-forge/lib/sha512.mjs.map +0 -1
  635. package/dist/esm/node_modules/node-forge/lib/ssh.mjs +0 -198
  636. package/dist/esm/node_modules/node-forge/lib/ssh.mjs.map +0 -1
  637. package/dist/esm/node_modules/node-forge/lib/tls.mjs +0 -3659
  638. package/dist/esm/node_modules/node-forge/lib/tls.mjs.map +0 -1
  639. package/dist/esm/node_modules/node-forge/lib/util.mjs +0 -2121
  640. package/dist/esm/node_modules/node-forge/lib/util.mjs.map +0 -1
  641. package/dist/esm/node_modules/node-forge/lib/x509.mjs +0 -2168
  642. package/dist/esm/node_modules/node-forge/lib/x509.mjs.map +0 -1
  643. package/dist/esm/node_modules/node-forge/lib.mjs +0 -10
  644. package/dist/esm/node_modules/node-forge/lib.mjs.map +0 -1
  645. package/dist/esm/node_modules/node-rsa/src/NodeRSA.mjs +0 -338
  646. package/dist/esm/node_modules/node-rsa/src/NodeRSA.mjs.map +0 -1
  647. package/dist/esm/node_modules/node-rsa/src/encryptEngines/encryptEngines.mjs +0 -23
  648. package/dist/esm/node_modules/node-rsa/src/encryptEngines/encryptEngines.mjs.map +0 -1
  649. package/dist/esm/node_modules/node-rsa/src/encryptEngines/io.mjs +0 -62
  650. package/dist/esm/node_modules/node-rsa/src/encryptEngines/io.mjs.map +0 -1
  651. package/dist/esm/node_modules/node-rsa/src/encryptEngines/js.mjs +0 -41
  652. package/dist/esm/node_modules/node-rsa/src/encryptEngines/js.mjs.map +0 -1
  653. package/dist/esm/node_modules/node-rsa/src/encryptEngines/node12.mjs +0 -46
  654. package/dist/esm/node_modules/node-rsa/src/encryptEngines/node12.mjs.map +0 -1
  655. package/dist/esm/node_modules/node-rsa/src/formats/components.mjs +0 -52
  656. package/dist/esm/node_modules/node-rsa/src/formats/components.mjs.map +0 -1
  657. package/dist/esm/node_modules/node-rsa/src/formats/formats.mjs +0 -83
  658. package/dist/esm/node_modules/node-rsa/src/formats/formats.mjs.map +0 -1
  659. package/dist/esm/node_modules/node-rsa/src/formats/openssh.mjs +0 -174
  660. package/dist/esm/node_modules/node-rsa/src/formats/openssh.mjs.map +0 -1
  661. package/dist/esm/node_modules/node-rsa/src/formats/pkcs1.mjs +0 -101
  662. package/dist/esm/node_modules/node-rsa/src/formats/pkcs1.mjs.map +0 -1
  663. package/dist/esm/node_modules/node-rsa/src/formats/pkcs8.mjs +0 -128
  664. package/dist/esm/node_modules/node-rsa/src/formats/pkcs8.mjs.map +0 -1
  665. package/dist/esm/node_modules/node-rsa/src/libs/jsbn.mjs +0 -1344
  666. package/dist/esm/node_modules/node-rsa/src/libs/jsbn.mjs.map +0 -1
  667. package/dist/esm/node_modules/node-rsa/src/libs/rsa.mjs +0 -228
  668. package/dist/esm/node_modules/node-rsa/src/libs/rsa.mjs.map +0 -1
  669. package/dist/esm/node_modules/node-rsa/src/schemes/oaep.mjs +0 -120
  670. package/dist/esm/node_modules/node-rsa/src/schemes/oaep.mjs.map +0 -1
  671. package/dist/esm/node_modules/node-rsa/src/schemes/pkcs1.mjs +0 -172
  672. package/dist/esm/node_modules/node-rsa/src/schemes/pkcs1.mjs.map +0 -1
  673. package/dist/esm/node_modules/node-rsa/src/schemes/pss.mjs +0 -120
  674. package/dist/esm/node_modules/node-rsa/src/schemes/pss.mjs.map +0 -1
  675. package/dist/esm/node_modules/node-rsa/src/schemes/schemes.mjs +0 -25
  676. package/dist/esm/node_modules/node-rsa/src/schemes/schemes.mjs.map +0 -1
  677. package/dist/esm/node_modules/node-rsa/src/utils.mjs +0 -81
  678. package/dist/esm/node_modules/node-rsa/src/utils.mjs.map +0 -1
  679. package/dist/esm/node_modules/pako/index.mjs +0 -22
  680. package/dist/esm/node_modules/pako/index.mjs.map +0 -1
  681. package/dist/esm/node_modules/pako/lib/deflate.mjs +0 -308
  682. package/dist/esm/node_modules/pako/lib/deflate.mjs.map +0 -1
  683. package/dist/esm/node_modules/pako/lib/inflate.mjs +0 -314
  684. package/dist/esm/node_modules/pako/lib/inflate.mjs.map +0 -1
  685. package/dist/esm/node_modules/pako/lib/utils/common.mjs +0 -74
  686. package/dist/esm/node_modules/pako/lib/utils/common.mjs.map +0 -1
  687. package/dist/esm/node_modules/pako/lib/utils/strings.mjs +0 -128
  688. package/dist/esm/node_modules/pako/lib/utils/strings.mjs.map +0 -1
  689. package/dist/esm/node_modules/pako/lib/zlib/adler32.mjs +0 -26
  690. package/dist/esm/node_modules/pako/lib/zlib/adler32.mjs.map +0 -1
  691. package/dist/esm/node_modules/pako/lib/zlib/constants.mjs +0 -40
  692. package/dist/esm/node_modules/pako/lib/zlib/constants.mjs.map +0 -1
  693. package/dist/esm/node_modules/pako/lib/zlib/crc32.mjs +0 -28
  694. package/dist/esm/node_modules/pako/lib/zlib/crc32.mjs.map +0 -1
  695. package/dist/esm/node_modules/pako/lib/zlib/deflate.mjs +0 -886
  696. package/dist/esm/node_modules/pako/lib/zlib/deflate.mjs.map +0 -1
  697. package/dist/esm/node_modules/pako/lib/zlib/gzheader.mjs +0 -24
  698. package/dist/esm/node_modules/pako/lib/zlib/gzheader.mjs.map +0 -1
  699. package/dist/esm/node_modules/pako/lib/zlib/inffast.mjs +0 -224
  700. package/dist/esm/node_modules/pako/lib/zlib/inffast.mjs.map +0 -1
  701. package/dist/esm/node_modules/pako/lib/zlib/inflate.mjs +0 -1035
  702. package/dist/esm/node_modules/pako/lib/zlib/inflate.mjs.map +0 -1
  703. package/dist/esm/node_modules/pako/lib/zlib/inftrees.mjs +0 -275
  704. package/dist/esm/node_modules/pako/lib/zlib/inftrees.mjs.map +0 -1
  705. package/dist/esm/node_modules/pako/lib/zlib/messages.mjs +0 -22
  706. package/dist/esm/node_modules/pako/lib/zlib/messages.mjs.map +0 -1
  707. package/dist/esm/node_modules/pako/lib/zlib/trees.mjs +0 -623
  708. package/dist/esm/node_modules/pako/lib/zlib/trees.mjs.map +0 -1
  709. package/dist/esm/node_modules/pako/lib/zlib/zstream.mjs +0 -26
  710. package/dist/esm/node_modules/pako/lib/zlib/zstream.mjs.map +0 -1
  711. package/dist/esm/node_modules/possible-typed-array-names/index.mjs +0 -26
  712. package/dist/esm/node_modules/possible-typed-array-names/index.mjs.map +0 -1
  713. package/dist/esm/node_modules/safe-regex-test/index.mjs +0 -25
  714. package/dist/esm/node_modules/safe-regex-test/index.mjs.map +0 -1
  715. package/dist/esm/node_modules/safer-buffer/safer.mjs +0 -50
  716. package/dist/esm/node_modules/safer-buffer/safer.mjs.map +0 -1
  717. package/dist/esm/node_modules/samlify/build/index.mjs +0 -117
  718. package/dist/esm/node_modules/samlify/build/index.mjs.map +0 -1
  719. package/dist/esm/node_modules/samlify/build/src/api.mjs +0 -33
  720. package/dist/esm/node_modules/samlify/build/src/api.mjs.map +0 -1
  721. package/dist/esm/node_modules/samlify/build/src/binding-post.mjs +0 -504
  722. package/dist/esm/node_modules/samlify/build/src/binding-post.mjs.map +0 -1
  723. package/dist/esm/node_modules/samlify/build/src/binding-redirect.mjs +0 -339
  724. package/dist/esm/node_modules/samlify/build/src/binding-redirect.mjs.map +0 -1
  725. package/dist/esm/node_modules/samlify/build/src/binding-simplesign.mjs +0 -358
  726. package/dist/esm/node_modules/samlify/build/src/binding-simplesign.mjs.map +0 -1
  727. package/dist/esm/node_modules/samlify/build/src/entity-idp.mjs +0 -279
  728. package/dist/esm/node_modules/samlify/build/src/entity-idp.mjs.map +0 -1
  729. package/dist/esm/node_modules/samlify/build/src/entity-sp.mjs +0 -142
  730. package/dist/esm/node_modules/samlify/build/src/entity-sp.mjs.map +0 -1
  731. package/dist/esm/node_modules/samlify/build/src/entity.mjs +0 -253
  732. package/dist/esm/node_modules/samlify/build/src/entity.mjs.map +0 -1
  733. package/dist/esm/node_modules/samlify/build/src/extractor.mjs +0 -352
  734. package/dist/esm/node_modules/samlify/build/src/extractor.mjs.map +0 -1
  735. package/dist/esm/node_modules/samlify/build/src/flow.mjs +0 -389
  736. package/dist/esm/node_modules/samlify/build/src/flow.mjs.map +0 -1
  737. package/dist/esm/node_modules/samlify/build/src/libsaml.mjs +0 -544
  738. package/dist/esm/node_modules/samlify/build/src/libsaml.mjs.map +0 -1
  739. package/dist/esm/node_modules/samlify/build/src/metadata-idp.mjs +0 -171
  740. package/dist/esm/node_modules/samlify/build/src/metadata-idp.mjs.map +0 -1
  741. package/dist/esm/node_modules/samlify/build/src/metadata-sp.mjs +0 -214
  742. package/dist/esm/node_modules/samlify/build/src/metadata-sp.mjs.map +0 -1
  743. package/dist/esm/node_modules/samlify/build/src/metadata.mjs +0 -200
  744. package/dist/esm/node_modules/samlify/build/src/metadata.mjs.map +0 -1
  745. package/dist/esm/node_modules/samlify/build/src/urn.mjs +0 -225
  746. package/dist/esm/node_modules/samlify/build/src/urn.mjs.map +0 -1
  747. package/dist/esm/node_modules/samlify/build/src/utility.mjs +0 -277
  748. package/dist/esm/node_modules/samlify/build/src/utility.mjs.map +0 -1
  749. package/dist/esm/node_modules/samlify/build/src/validator.mjs +0 -53
  750. package/dist/esm/node_modules/samlify/build/src/validator.mjs.map +0 -1
  751. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/index.mjs +0 -39
  752. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/index.mjs.map +0 -1
  753. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/md5.mjs +0 -154
  754. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/md5.mjs.map +0 -1
  755. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/nil.mjs +0 -12
  756. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/nil.mjs.map +0 -1
  757. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/parse.mjs +0 -36
  758. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/parse.mjs.map +0 -1
  759. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/regex.mjs +0 -12
  760. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/regex.mjs.map +0 -1
  761. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/rng.mjs +0 -20
  762. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/rng.mjs.map +0 -1
  763. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/sha1.mjs +0 -101
  764. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/sha1.mjs.map +0 -1
  765. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/stringify.mjs +0 -22
  766. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/stringify.mjs.map +0 -1
  767. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v1.mjs +0 -63
  768. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v1.mjs.map +0 -1
  769. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v3.mjs +0 -17
  770. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v3.mjs.map +0 -1
  771. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v35.mjs +0 -48
  772. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v35.mjs.map +0 -1
  773. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v4.mjs +0 -28
  774. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v4.mjs.map +0 -1
  775. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v5.mjs +0 -17
  776. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/v5.mjs.map +0 -1
  777. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/validate.mjs +0 -17
  778. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/validate.mjs.map +0 -1
  779. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/version.mjs +0 -18
  780. package/dist/esm/node_modules/samlify/node_modules/uuid/dist/esm-browser/version.mjs.map +0 -1
  781. package/dist/esm/node_modules/set-function-length/index.mjs +0 -38
  782. package/dist/esm/node_modules/set-function-length/index.mjs.map +0 -1
  783. package/dist/esm/node_modules/util/support/isBufferBrowser.mjs +0 -14
  784. package/dist/esm/node_modules/util/support/isBufferBrowser.mjs.map +0 -1
  785. package/dist/esm/node_modules/util/support/types.mjs +0 -218
  786. package/dist/esm/node_modules/util/support/types.mjs.map +0 -1
  787. package/dist/esm/node_modules/util/util.mjs +0 -443
  788. package/dist/esm/node_modules/util/util.mjs.map +0 -1
  789. package/dist/esm/node_modules/which-typed-array/index.mjs +0 -93
  790. package/dist/esm/node_modules/which-typed-array/index.mjs.map +0 -1
  791. package/dist/esm/node_modules/xml/lib/escapeForXML.mjs +0 -24
  792. package/dist/esm/node_modules/xml/lib/escapeForXML.mjs.map +0 -1
  793. package/dist/esm/node_modules/xml/lib/xml.mjs +0 -183
  794. package/dist/esm/node_modules/xml/lib/xml.mjs.map +0 -1
  795. package/dist/esm/node_modules/xml-crypto/lib/c14n-canonicalization.mjs +0 -199
  796. package/dist/esm/node_modules/xml-crypto/lib/c14n-canonicalization.mjs.map +0 -1
  797. package/dist/esm/node_modules/xml-crypto/lib/enveloped-signature.mjs +0 -49
  798. package/dist/esm/node_modules/xml-crypto/lib/enveloped-signature.mjs.map +0 -1
  799. package/dist/esm/node_modules/xml-crypto/lib/exclusive-canonicalization.mjs +0 -220
  800. package/dist/esm/node_modules/xml-crypto/lib/exclusive-canonicalization.mjs.map +0 -1
  801. package/dist/esm/node_modules/xml-crypto/lib/hash-algorithms.mjs +0 -53
  802. package/dist/esm/node_modules/xml-crypto/lib/hash-algorithms.mjs.map +0 -1
  803. package/dist/esm/node_modules/xml-crypto/lib/index.mjs +0 -70
  804. package/dist/esm/node_modules/xml-crypto/lib/index.mjs.map +0 -1
  805. package/dist/esm/node_modules/xml-crypto/lib/signature-algorithms.mjs +0 -88
  806. package/dist/esm/node_modules/xml-crypto/lib/signature-algorithms.mjs.map +0 -1
  807. package/dist/esm/node_modules/xml-crypto/lib/signed-xml.mjs +0 -693
  808. package/dist/esm/node_modules/xml-crypto/lib/signed-xml.mjs.map +0 -1
  809. package/dist/esm/node_modules/xml-crypto/lib/types.mjs +0 -55
  810. package/dist/esm/node_modules/xml-crypto/lib/types.mjs.map +0 -1
  811. package/dist/esm/node_modules/xml-crypto/lib/utils.mjs +0 -210
  812. package/dist/esm/node_modules/xml-crypto/lib/utils.mjs.map +0 -1
  813. package/dist/esm/node_modules/xml-crypto/node_modules/xpath/xpath.mjs +0 -3442
  814. package/dist/esm/node_modules/xml-crypto/node_modules/xpath/xpath.mjs.map +0 -1
  815. package/dist/esm/node_modules/xml-escape/index.mjs +0 -27
  816. package/dist/esm/node_modules/xml-escape/index.mjs.map +0 -1
  817. package/dist/esm/node_modules/xpath/xpath.mjs +0 -3407
  818. package/dist/esm/node_modules/xpath/xpath.mjs.map +0 -1
  819. package/dist/esm/node_modules/zod/v4/classic/errors.mjs +0 -30
  820. package/dist/esm/node_modules/zod/v4/classic/errors.mjs.map +0 -1
  821. package/dist/esm/node_modules/zod/v4/classic/iso.mjs +0 -38
  822. package/dist/esm/node_modules/zod/v4/classic/iso.mjs.map +0 -1
  823. package/dist/esm/node_modules/zod/v4/classic/parse.mjs +0 -20
  824. package/dist/esm/node_modules/zod/v4/classic/parse.mjs.map +0 -1
  825. package/dist/esm/node_modules/zod/v4/classic/schemas.mjs +0 -519
  826. package/dist/esm/node_modules/zod/v4/classic/schemas.mjs.map +0 -1
  827. package/dist/esm/node_modules/zod/v4/core/api.mjs +0 -395
  828. package/dist/esm/node_modules/zod/v4/core/api.mjs.map +0 -1
  829. package/dist/esm/node_modules/zod/v4/core/checks.mjs +0 -226
  830. package/dist/esm/node_modules/zod/v4/core/checks.mjs.map +0 -1
  831. package/dist/esm/node_modules/zod/v4/core/core.mjs +0 -57
  832. package/dist/esm/node_modules/zod/v4/core/core.mjs.map +0 -1
  833. package/dist/esm/node_modules/zod/v4/core/doc.mjs +0 -34
  834. package/dist/esm/node_modules/zod/v4/core/doc.mjs.map +0 -1
  835. package/dist/esm/node_modules/zod/v4/core/errors.mjs +0 -63
  836. package/dist/esm/node_modules/zod/v4/core/errors.mjs.map +0 -1
  837. package/dist/esm/node_modules/zod/v4/core/parse.mjs +0 -110
  838. package/dist/esm/node_modules/zod/v4/core/parse.mjs.map +0 -1
  839. package/dist/esm/node_modules/zod/v4/core/regexes.mjs +0 -60
  840. package/dist/esm/node_modules/zod/v4/core/regexes.mjs.map +0 -1
  841. package/dist/esm/node_modules/zod/v4/core/registries.mjs +0 -53
  842. package/dist/esm/node_modules/zod/v4/core/registries.mjs.map +0 -1
  843. package/dist/esm/node_modules/zod/v4/core/schemas.mjs +0 -1069
  844. package/dist/esm/node_modules/zod/v4/core/schemas.mjs.map +0 -1
  845. package/dist/esm/node_modules/zod/v4/core/util.mjs +0 -302
  846. package/dist/esm/node_modules/zod/v4/core/util.mjs.map +0 -1
  847. package/dist/esm/node_modules/zod/v4/core/versions.mjs +0 -10
  848. package/dist/esm/node_modules/zod/v4/core/versions.mjs.map +0 -1
  849. package/dist/types/MagicLinkEmail.d.ts +0 -8
  850. package/dist/types/MagicLinkEmail.d.ts.map +0 -1
  851. package/dist/types/controllers/audit.controller.d.ts +0 -32
  852. package/dist/types/controllers/audit.controller.d.ts.map +0 -1
  853. package/dist/types/models/audit.model.d.ts +0 -5
  854. package/dist/types/models/audit.model.d.ts.map +0 -1
package/dist/cjs/node_modules/@better-auth/sso/dist/index.cjs DELETED
@@ -1,1210 +0,0 @@
1
- const require_rolldown_runtime = require('../../../../_virtual/rolldown_runtime.cjs');
2
- const require_schemas = require('../../../zod/v4/classic/schemas.cjs');
3
- const require_index = require('../../../samlify/build/index.cjs');
4
- const require_index$1 = require('../../../@better-fetch/fetch/dist/index.cjs');
5
- const require_decode_jwt = require('../../../jose/dist/webapi/util/decode_jwt.cjs');
6
- const require_fxp = require('../../../fast-xml-parser/src/fxp.cjs');
7
- let better_auth = require("better-auth");
8
- let better_auth_api = require("better-auth/api");
9
- let better_auth_oauth2 = require("better-auth/oauth2");
10
- let better_auth_plugins = require("better-auth/plugins");
11
- let better_auth_cookies = require("better-auth/cookies");
12
-
13
- //#region ../../node_modules/@better-auth/sso/dist/index.mjs
14
- var import_build = /* @__PURE__ */ require_rolldown_runtime.__toESM(require_index.default, 1);
15
- import_build.setSchemaValidator({ async validate(xml) {
16
- if (require_fxp.XMLValidator.validate(xml, { allowBooleanAttributes: true }) === true) return "SUCCESS_VALIDATE_XML";
17
- throw "ERR_INVALID_XML";
18
- } });
19
- function safeJsonParse(value) {
20
- if (!value) return null;
21
- if (typeof value === "object") return value;
22
- if (typeof value === "string") try {
23
- return JSON.parse(value);
24
- } catch (error) {
25
- throw new Error(`Failed to parse JSON: ${error instanceof Error ? error.message : "Unknown error"}`);
26
- }
27
- return null;
28
- }
29
- const sso = (options) => {
30
- return {
31
- id: "sso",
32
- endpoints: {
33
- spMetadata: (0, better_auth_plugins.createAuthEndpoint)("/sso/saml2/sp/metadata", {
34
- method: "GET",
35
- query: require_schemas.object({
36
- providerId: require_schemas.string(),
37
- format: require_schemas._enum(["xml", "json"]).default("xml")
38
- }),
39
- metadata: { openapi: {
40
- summary: "Get Service Provider metadata",
41
- description: "Returns the SAML metadata for the Service Provider",
42
- responses: { "200": { description: "SAML metadata in XML format" } }
43
- } }
44
- }, async (ctx) => {
45
- const provider = await ctx.context.adapter.findOne({
46
- model: "ssoProvider",
47
- where: [{
48
- field: "providerId",
49
- value: ctx.query.providerId
50
- }]
51
- });
52
- if (!provider) throw new better_auth_api.APIError("NOT_FOUND", { message: "No provider found for the given providerId" });
53
- const parsedSamlConfig = safeJsonParse(provider.samlConfig);
54
- if (!parsedSamlConfig) throw new better_auth_api.APIError("BAD_REQUEST", { message: "Invalid SAML configuration" });
55
- const sp = parsedSamlConfig.spMetadata.metadata ? import_build.ServiceProvider({ metadata: parsedSamlConfig.spMetadata.metadata }) : import_build.SPMetadata({
56
- entityID: parsedSamlConfig.spMetadata?.entityID || parsedSamlConfig.issuer,
57
- assertionConsumerService: [{
58
- Binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
59
- Location: parsedSamlConfig.callbackUrl || `${ctx.context.baseURL}/sso/saml2/sp/acs/${provider.id}`
60
- }],
61
- wantMessageSigned: parsedSamlConfig.wantAssertionsSigned || false,
62
- nameIDFormat: parsedSamlConfig.identifierFormat ? [parsedSamlConfig.identifierFormat] : void 0
63
- });
64
- return new Response(sp.getMetadata(), { headers: { "Content-Type": "application/xml" } });
65
- }),
66
- registerSSOProvider: (0, better_auth_plugins.createAuthEndpoint)("/sso/register", {
67
- method: "POST",
68
- body: require_schemas.object({
69
- providerId: require_schemas.string({}).meta({ description: "The ID of the provider. This is used to identify the provider during login and callback" }),
70
- issuer: require_schemas.string({}).meta({ description: "The issuer of the provider" }),
71
- domain: require_schemas.string({}).meta({ description: "The domain of the provider. This is used for email matching" }),
72
- oidcConfig: require_schemas.object({
73
- clientId: require_schemas.string({}).meta({ description: "The client ID" }),
74
- clientSecret: require_schemas.string({}).meta({ description: "The client secret" }),
75
- authorizationEndpoint: require_schemas.string({}).meta({ description: "The authorization endpoint" }).optional(),
76
- tokenEndpoint: require_schemas.string({}).meta({ description: "The token endpoint" }).optional(),
77
- userInfoEndpoint: require_schemas.string({}).meta({ description: "The user info endpoint" }).optional(),
78
- tokenEndpointAuthentication: require_schemas._enum(["client_secret_post", "client_secret_basic"]).optional(),
79
- jwksEndpoint: require_schemas.string({}).meta({ description: "The JWKS endpoint" }).optional(),
80
- discoveryEndpoint: require_schemas.string().optional(),
81
- scopes: require_schemas.array(require_schemas.string(), {}).meta({ description: "The scopes to request. Defaults to ['openid', 'email', 'profile', 'offline_access']" }).optional(),
82
- pkce: require_schemas.boolean({}).meta({ description: "Whether to use PKCE for the authorization flow" }).default(true).optional(),
83
- mapping: require_schemas.object({
84
- id: require_schemas.string({}).meta({ description: "Field mapping for user ID (defaults to 'sub')" }),
85
- email: require_schemas.string({}).meta({ description: "Field mapping for email (defaults to 'email')" }),
86
- emailVerified: require_schemas.string({}).meta({ description: "Field mapping for email verification (defaults to 'email_verified')" }).optional(),
87
- name: require_schemas.string({}).meta({ description: "Field mapping for name (defaults to 'name')" }),
88
- image: require_schemas.string({}).meta({ description: "Field mapping for image (defaults to 'picture')" }).optional(),
89
- extraFields: require_schemas.record(require_schemas.string(), require_schemas.any()).optional()
90
- }).optional()
91
- }).optional(),
92
- samlConfig: require_schemas.object({
93
- entryPoint: require_schemas.string({}).meta({ description: "The entry point of the provider" }),
94
- cert: require_schemas.string({}).meta({ description: "The certificate of the provider" }),
95
- callbackUrl: require_schemas.string({}).meta({ description: "The callback URL of the provider" }),
96
- audience: require_schemas.string().optional(),
97
- idpMetadata: require_schemas.object({
98
- metadata: require_schemas.string().optional(),
99
- entityID: require_schemas.string().optional(),
100
- cert: require_schemas.string().optional(),
101
- privateKey: require_schemas.string().optional(),
102
- privateKeyPass: require_schemas.string().optional(),
103
- isAssertionEncrypted: require_schemas.boolean().optional(),
104
- encPrivateKey: require_schemas.string().optional(),
105
- encPrivateKeyPass: require_schemas.string().optional(),
106
- singleSignOnService: require_schemas.array(require_schemas.object({
107
- Binding: require_schemas.string().meta({ description: "The binding type for the SSO service" }),
108
- Location: require_schemas.string().meta({ description: "The URL for the SSO service" })
109
- })).optional().meta({ description: "Single Sign-On service configuration" })
110
- }).optional(),
111
- spMetadata: require_schemas.object({
112
- metadata: require_schemas.string().optional(),
113
- entityID: require_schemas.string().optional(),
114
- binding: require_schemas.string().optional(),
115
- privateKey: require_schemas.string().optional(),
116
- privateKeyPass: require_schemas.string().optional(),
117
- isAssertionEncrypted: require_schemas.boolean().optional(),
118
- encPrivateKey: require_schemas.string().optional(),
119
- encPrivateKeyPass: require_schemas.string().optional()
120
- }),
121
- wantAssertionsSigned: require_schemas.boolean().optional(),
122
- signatureAlgorithm: require_schemas.string().optional(),
123
- digestAlgorithm: require_schemas.string().optional(),
124
- identifierFormat: require_schemas.string().optional(),
125
- privateKey: require_schemas.string().optional(),
126
- decryptionPvk: require_schemas.string().optional(),
127
- additionalParams: require_schemas.record(require_schemas.string(), require_schemas.any()).optional(),
128
- mapping: require_schemas.object({
129
- id: require_schemas.string({}).meta({ description: "Field mapping for user ID (defaults to 'nameID')" }),
130
- email: require_schemas.string({}).meta({ description: "Field mapping for email (defaults to 'email')" }),
131
- emailVerified: require_schemas.string({}).meta({ description: "Field mapping for email verification" }).optional(),
132
- name: require_schemas.string({}).meta({ description: "Field mapping for name (defaults to 'displayName')" }),
133
- firstName: require_schemas.string({}).meta({ description: "Field mapping for first name (defaults to 'givenName')" }).optional(),
134
- lastName: require_schemas.string({}).meta({ description: "Field mapping for last name (defaults to 'surname')" }).optional(),
135
- extraFields: require_schemas.record(require_schemas.string(), require_schemas.any()).optional()
136
- }).optional()
137
- }).optional(),
138
- organizationId: require_schemas.string({}).meta({ description: "If organization plugin is enabled, the organization id to link the provider to" }).optional(),
139
- overrideUserInfo: require_schemas.boolean({}).meta({ description: "Override user info with the provider info. Defaults to false" }).default(false).optional()
140
- }),
141
- use: [better_auth_api.sessionMiddleware],
142
- metadata: { openapi: {
143
- summary: "Register an OIDC provider",
144
- description: "This endpoint is used to register an OIDC provider. This is used to configure the provider and link it to an organization",
145
- responses: { "200": {
146
- description: "OIDC provider created successfully",
147
- content: { "application/json": { schema: {
148
- type: "object",
149
- properties: {
150
- issuer: {
151
- type: "string",
152
- format: "uri",
153
- description: "The issuer URL of the provider"
154
- },
155
- domain: {
156
- type: "string",
157
- description: "The domain of the provider, used for email matching"
158
- },
159
- oidcConfig: {
160
- type: "object",
161
- properties: {
162
- issuer: {
163
- type: "string",
164
- format: "uri",
165
- description: "The issuer URL of the provider"
166
- },
167
- pkce: {
168
- type: "boolean",
169
- description: "Whether PKCE is enabled for the authorization flow"
170
- },
171
- clientId: {
172
- type: "string",
173
- description: "The client ID for the provider"
174
- },
175
- clientSecret: {
176
- type: "string",
177
- description: "The client secret for the provider"
178
- },
179
- authorizationEndpoint: {
180
- type: "string",
181
- format: "uri",
182
- nullable: true,
183
- description: "The authorization endpoint URL"
184
- },
185
- discoveryEndpoint: {
186
- type: "string",
187
- format: "uri",
188
- description: "The discovery endpoint URL"
189
- },
190
- userInfoEndpoint: {
191
- type: "string",
192
- format: "uri",
193
- nullable: true,
194
- description: "The user info endpoint URL"
195
- },
196
- scopes: {
197
- type: "array",
198
- items: { type: "string" },
199
- nullable: true,
200
- description: "The scopes requested from the provider"
201
- },
202
- tokenEndpoint: {
203
- type: "string",
204
- format: "uri",
205
- nullable: true,
206
- description: "The token endpoint URL"
207
- },
208
- tokenEndpointAuthentication: {
209
- type: "string",
210
- enum: ["client_secret_post", "client_secret_basic"],
211
- nullable: true,
212
- description: "Authentication method for the token endpoint"
213
- },
214
- jwksEndpoint: {
215
- type: "string",
216
- format: "uri",
217
- nullable: true,
218
- description: "The JWKS endpoint URL"
219
- },
220
- mapping: {
221
- type: "object",
222
- nullable: true,
223
- properties: {
224
- id: {
225
- type: "string",
226
- description: "Field mapping for user ID (defaults to 'sub')"
227
- },
228
- email: {
229
- type: "string",
230
- description: "Field mapping for email (defaults to 'email')"
231
- },
232
- emailVerified: {
233
- type: "string",
234
- nullable: true,
235
- description: "Field mapping for email verification (defaults to 'email_verified')"
236
- },
237
- name: {
238
- type: "string",
239
- description: "Field mapping for name (defaults to 'name')"
240
- },
241
- image: {
242
- type: "string",
243
- nullable: true,
244
- description: "Field mapping for image (defaults to 'picture')"
245
- },
246
- extraFields: {
247
- type: "object",
248
- additionalProperties: { type: "string" },
249
- nullable: true,
250
- description: "Additional field mappings"
251
- }
252
- },
253
- required: [
254
- "id",
255
- "email",
256
- "name"
257
- ]
258
- }
259
- },
260
- required: [
261
- "issuer",
262
- "pkce",
263
- "clientId",
264
- "clientSecret",
265
- "discoveryEndpoint"
266
- ],
267
- description: "OIDC configuration for the provider"
268
- },
269
- organizationId: {
270
- type: "string",
271
- nullable: true,
272
- description: "ID of the linked organization, if any"
273
- },
274
- userId: {
275
- type: "string",
276
- description: "ID of the user who registered the provider"
277
- },
278
- providerId: {
279
- type: "string",
280
- description: "Unique identifier for the provider"
281
- },
282
- redirectURI: {
283
- type: "string",
284
- format: "uri",
285
- description: "The redirect URI for the provider callback"
286
- }
287
- },
288
- required: [
289
- "issuer",
290
- "domain",
291
- "oidcConfig",
292
- "userId",
293
- "providerId",
294
- "redirectURI"
295
- ]
296
- } } }
297
- } }
298
- } }
299
- }, async (ctx) => {
300
- const user = ctx.context.session?.user;
301
- if (!user) throw new better_auth_api.APIError("UNAUTHORIZED");
302
- const limit = typeof options?.providersLimit === "function" ? await options.providersLimit(user) : options?.providersLimit ?? 10;
303
- if (!limit) throw new better_auth_api.APIError("FORBIDDEN", { message: "SSO provider registration is disabled" });
304
- if ((await ctx.context.adapter.findMany({
305
- model: "ssoProvider",
306
- where: [{
307
- field: "userId",
308
- value: user.id
309
- }]
310
- })).length >= limit) throw new better_auth_api.APIError("FORBIDDEN", { message: "You have reached the maximum number of SSO providers" });
311
- const body = ctx.body;
312
- if (require_schemas.string().url().safeParse(body.issuer).error) throw new better_auth_api.APIError("BAD_REQUEST", { message: "Invalid issuer. Must be a valid URL" });
313
- if (ctx.body.organizationId) {
314
- if (!await ctx.context.adapter.findOne({
315
- model: "member",
316
- where: [{
317
- field: "userId",
318
- value: user.id
319
- }, {
320
- field: "organizationId",
321
- value: ctx.body.organizationId
322
- }]
323
- })) throw new better_auth_api.APIError("BAD_REQUEST", { message: "You are not a member of the organization" });
324
- }
325
- if (await ctx.context.adapter.findOne({
326
- model: "ssoProvider",
327
- where: [{
328
- field: "providerId",
329
- value: body.providerId
330
- }]
331
- })) {
332
- ctx.context.logger.info(`SSO provider creation attempt with existing providerId: ${body.providerId}`);
333
- throw new better_auth_api.APIError("UNPROCESSABLE_ENTITY", { message: "SSO provider with this providerId already exists" });
334
- }
335
- const provider = await ctx.context.adapter.create({
336
- model: "ssoProvider",
337
- data: {
338
- issuer: body.issuer,
339
- domain: body.domain,
340
- oidcConfig: body.oidcConfig ? JSON.stringify({
341
- issuer: body.issuer,
342
- clientId: body.oidcConfig.clientId,
343
- clientSecret: body.oidcConfig.clientSecret,
344
- authorizationEndpoint: body.oidcConfig.authorizationEndpoint,
345
- tokenEndpoint: body.oidcConfig.tokenEndpoint,
346
- tokenEndpointAuthentication: body.oidcConfig.tokenEndpointAuthentication,
347
- jwksEndpoint: body.oidcConfig.jwksEndpoint,
348
- pkce: body.oidcConfig.pkce,
349
- discoveryEndpoint: body.oidcConfig.discoveryEndpoint || `${body.issuer}/.well-known/openid-configuration`,
350
- mapping: body.oidcConfig.mapping,
351
- scopes: body.oidcConfig.scopes,
352
- userInfoEndpoint: body.oidcConfig.userInfoEndpoint,
353
- overrideUserInfo: ctx.body.overrideUserInfo || options?.defaultOverrideUserInfo || false
354
- }) : null,
355
- samlConfig: body.samlConfig ? JSON.stringify({
356
- issuer: body.issuer,
357
- entryPoint: body.samlConfig.entryPoint,
358
- cert: body.samlConfig.cert,
359
- callbackUrl: body.samlConfig.callbackUrl,
360
- audience: body.samlConfig.audience,
361
- idpMetadata: body.samlConfig.idpMetadata,
362
- spMetadata: body.samlConfig.spMetadata,
363
- wantAssertionsSigned: body.samlConfig.wantAssertionsSigned,
364
- signatureAlgorithm: body.samlConfig.signatureAlgorithm,
365
- digestAlgorithm: body.samlConfig.digestAlgorithm,
366
- identifierFormat: body.samlConfig.identifierFormat,
367
- privateKey: body.samlConfig.privateKey,
368
- decryptionPvk: body.samlConfig.decryptionPvk,
369
- additionalParams: body.samlConfig.additionalParams,
370
- mapping: body.samlConfig.mapping
371
- }) : null,
372
- organizationId: body.organizationId,
373
- userId: ctx.context.session.user.id,
374
- providerId: body.providerId
375
- }
376
- });
377
- return ctx.json({
378
- ...provider,
379
- oidcConfig: JSON.parse(provider.oidcConfig),
380
- samlConfig: JSON.parse(provider.samlConfig),
381
- redirectURI: `${ctx.context.baseURL}/sso/callback/${provider.providerId}`
382
- });
383
- }),
384
- signInSSO: (0, better_auth_plugins.createAuthEndpoint)("/sign-in/sso", {
385
- method: "POST",
386
- body: require_schemas.object({
387
- email: require_schemas.string({}).meta({ description: "The email address to sign in with. This is used to identify the issuer to sign in with. It's optional if the issuer is provided" }).optional(),
388
- organizationSlug: require_schemas.string({}).meta({ description: "The slug of the organization to sign in with" }).optional(),
389
- providerId: require_schemas.string({}).meta({ description: "The ID of the provider to sign in with. This can be provided instead of email or issuer" }).optional(),
390
- domain: require_schemas.string({}).meta({ description: "The domain of the provider." }).optional(),
391
- callbackURL: require_schemas.string({}).meta({ description: "The URL to redirect to after login" }),
392
- errorCallbackURL: require_schemas.string({}).meta({ description: "The URL to redirect to after login" }).optional(),
393
- newUserCallbackURL: require_schemas.string({}).meta({ description: "The URL to redirect to after login if the user is new" }).optional(),
394
- scopes: require_schemas.array(require_schemas.string(), {}).meta({ description: "Scopes to request from the provider." }).optional(),
395
- requestSignUp: require_schemas.boolean({}).meta({ description: "Explicitly request sign-up. Useful when disableImplicitSignUp is true for this provider" }).optional(),
396
- providerType: require_schemas._enum(["oidc", "saml"]).optional()
397
- }),
398
- metadata: { openapi: {
399
- summary: "Sign in with SSO provider",
400
- description: "This endpoint is used to sign in with an SSO provider. It redirects to the provider's authorization URL",
401
- requestBody: { content: { "application/json": { schema: {
402
- type: "object",
403
- properties: {
404
- email: {
405
- type: "string",
406
- description: "The email address to sign in with. This is used to identify the issuer to sign in with. It's optional if the issuer is provided"
407
- },
408
- issuer: {
409
- type: "string",
410
- description: "The issuer identifier, this is the URL of the provider and can be used to verify the provider and identify the provider during login. It's optional if the email is provided"
411
- },
412
- providerId: {
413
- type: "string",
414
- description: "The ID of the provider to sign in with. This can be provided instead of email or issuer"
415
- },
416
- callbackURL: {
417
- type: "string",
418
- description: "The URL to redirect to after login"
419
- },
420
- errorCallbackURL: {
421
- type: "string",
422
- description: "The URL to redirect to after login"
423
- },
424
- newUserCallbackURL: {
425
- type: "string",
426
- description: "The URL to redirect to after login if the user is new"
427
- }
428
- },
429
- required: ["callbackURL"]
430
- } } } },
431
- responses: { "200": {
432
- description: "Authorization URL generated successfully for SSO sign-in",
433
- content: { "application/json": { schema: {
434
- type: "object",
435
- properties: {
436
- url: {
437
- type: "string",
438
- format: "uri",
439
- description: "The authorization URL to redirect the user to for SSO sign-in"
440
- },
441
- redirect: {
442
- type: "boolean",
443
- description: "Indicates that the client should redirect to the provided URL",
444
- enum: [true]
445
- }
446
- },
447
- required: ["url", "redirect"]
448
- } } }
449
- } }
450
- } }
451
- }, async (ctx) => {
452
- const body = ctx.body;
453
- let { email, organizationSlug, providerId, domain } = body;
454
- if (!options?.defaultSSO?.length && !email && !organizationSlug && !domain && !providerId) throw new better_auth_api.APIError("BAD_REQUEST", { message: "email, organizationSlug, domain or providerId is required" });
455
- domain = body.domain || email?.split("@")[1];
456
- let orgId = "";
457
- if (organizationSlug) orgId = await ctx.context.adapter.findOne({
458
- model: "organization",
459
- where: [{
460
- field: "slug",
461
- value: organizationSlug
462
- }]
463
- }).then((res) => {
464
- if (!res) return "";
465
- return res.id;
466
- });
467
- let provider = null;
468
- if (options?.defaultSSO?.length) {
469
- const matchingDefault = providerId ? options.defaultSSO.find((defaultProvider) => defaultProvider.providerId === providerId) : options.defaultSSO.find((defaultProvider) => defaultProvider.domain === domain);
470
- if (matchingDefault) provider = {
471
- issuer: matchingDefault.samlConfig?.issuer || matchingDefault.oidcConfig?.issuer || "",
472
- providerId: matchingDefault.providerId,
473
- userId: "default",
474
- oidcConfig: matchingDefault.oidcConfig,
475
- samlConfig: matchingDefault.samlConfig
476
- };
477
- }
478
- if (!providerId && !orgId && !domain) throw new better_auth_api.APIError("BAD_REQUEST", { message: "providerId, orgId or domain is required" });
479
- if (!provider) provider = await ctx.context.adapter.findOne({
480
- model: "ssoProvider",
481
- where: [{
482
- field: providerId ? "providerId" : orgId ? "organizationId" : "domain",
483
- value: providerId || orgId || domain
484
- }]
485
- }).then((res) => {
486
- if (!res) return null;
487
- return {
488
- ...res,
489
- oidcConfig: res.oidcConfig ? safeJsonParse(res.oidcConfig) || void 0 : void 0,
490
- samlConfig: res.samlConfig ? safeJsonParse(res.samlConfig) || void 0 : void 0
491
- };
492
- });
493
- if (!provider) throw new better_auth_api.APIError("NOT_FOUND", { message: "No provider found for the issuer" });
494
- if (body.providerType) {
495
- if (body.providerType === "oidc" && !provider.oidcConfig) throw new better_auth_api.APIError("BAD_REQUEST", { message: "OIDC provider is not configured" });
496
- if (body.providerType === "saml" && !provider.samlConfig) throw new better_auth_api.APIError("BAD_REQUEST", { message: "SAML provider is not configured" });
497
- }
498
- if (provider.oidcConfig && body.providerType !== "saml") {
499
- const state = await (0, better_auth.generateState)(ctx);
500
- const redirectURI = `${ctx.context.baseURL}/sso/callback/${provider.providerId}`;
501
- const authorizationURL = await (0, better_auth_oauth2.createAuthorizationURL)({
502
- id: provider.issuer,
503
- options: {
504
- clientId: provider.oidcConfig.clientId,
505
- clientSecret: provider.oidcConfig.clientSecret
506
- },
507
- redirectURI,
508
- state: state.state,
509
- codeVerifier: provider.oidcConfig.pkce ? state.codeVerifier : void 0,
510
- scopes: ctx.body.scopes || provider.oidcConfig.scopes || [
511
- "openid",
512
- "email",
513
- "profile",
514
- "offline_access"
515
- ],
516
- authorizationEndpoint: provider.oidcConfig.authorizationEndpoint
517
- });
518
- return ctx.json({
519
- url: authorizationURL.toString(),
520
- redirect: true
521
- });
522
- }
523
- if (provider.samlConfig) {
524
- const parsedSamlConfig = typeof provider.samlConfig === "object" ? provider.samlConfig : safeJsonParse(provider.samlConfig);
525
- if (!parsedSamlConfig) throw new better_auth_api.APIError("BAD_REQUEST", { message: "Invalid SAML configuration" });
526
- const sp = import_build.ServiceProvider({
527
- metadata: parsedSamlConfig.spMetadata.metadata,
528
- allowCreate: true
529
- });
530
- const idp = import_build.IdentityProvider({
531
- metadata: parsedSamlConfig.idpMetadata?.metadata,
532
- entityID: parsedSamlConfig.idpMetadata?.entityID,
533
- encryptCert: parsedSamlConfig.idpMetadata?.cert,
534
- singleSignOnService: parsedSamlConfig.idpMetadata?.singleSignOnService
535
- });
536
- const loginRequest = sp.createLoginRequest(idp, "redirect");
537
- if (!loginRequest) throw new better_auth_api.APIError("BAD_REQUEST", { message: "Invalid SAML request" });
538
- return ctx.json({
539
- url: `${loginRequest.context}&RelayState=${encodeURIComponent(body.callbackURL)}`,
540
- redirect: true
541
- });
542
- }
543
- throw new better_auth_api.APIError("BAD_REQUEST", { message: "Invalid SSO provider" });
544
- }),
545
- callbackSSO: (0, better_auth_plugins.createAuthEndpoint)("/sso/callback/:providerId", {
546
- method: "GET",
547
- query: require_schemas.object({
548
- code: require_schemas.string().optional(),
549
- state: require_schemas.string(),
550
- error: require_schemas.string().optional(),
551
- error_description: require_schemas.string().optional()
552
- }),
553
- metadata: {
554
- isAction: false,
555
- openapi: {
556
- summary: "Callback URL for SSO provider",
557
- description: "This endpoint is used as the callback URL for SSO providers. It handles the authorization code and exchanges it for an access token",
558
- responses: { "302": { description: "Redirects to the callback URL" } }
559
- }
560
- }
561
- }, async (ctx) => {
562
- const { code, state, error, error_description } = ctx.query;
563
- const stateData = await (0, better_auth_oauth2.parseState)(ctx);
564
- if (!stateData) {
565
- const errorURL2 = ctx.context.options.onAPIError?.errorURL || `${ctx.context.baseURL}/error`;
566
- throw ctx.redirect(`${errorURL2}?error=invalid_state`);
567
- }
568
- const { callbackURL, errorURL, newUserURL, requestSignUp } = stateData;
569
- if (!code || error) throw ctx.redirect(`${errorURL || callbackURL}?error=${error}&error_description=${error_description}`);
570
- let provider = null;
571
- if (options?.defaultSSO?.length) {
572
- const matchingDefault = options.defaultSSO.find((defaultProvider) => defaultProvider.providerId === ctx.params.providerId);
573
- if (matchingDefault) provider = {
574
- ...matchingDefault,
575
- issuer: matchingDefault.oidcConfig?.issuer || "",
576
- userId: "default"
577
- };
578
- }
579
- if (!provider) provider = await ctx.context.adapter.findOne({
580
- model: "ssoProvider",
581
- where: [{
582
- field: "providerId",
583
- value: ctx.params.providerId
584
- }]
585
- }).then((res) => {
586
- if (!res) return null;
587
- return {
588
- ...res,
589
- oidcConfig: safeJsonParse(res.oidcConfig) || void 0
590
- };
591
- });
592
- if (!provider) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=provider not found`);
593
- let config = provider.oidcConfig;
594
- if (!config) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=provider not found`);
595
- const discovery = await require_index$1.betterFetch(config.discoveryEndpoint);
596
- if (discovery.data) config = {
597
- tokenEndpoint: discovery.data.token_endpoint,
598
- tokenEndpointAuthentication: discovery.data.token_endpoint_auth_method,
599
- userInfoEndpoint: discovery.data.userinfo_endpoint,
600
- scopes: [
601
- "openid",
602
- "email",
603
- "profile",
604
- "offline_access"
605
- ],
606
- ...config
607
- };
608
- if (!config.tokenEndpoint) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=token_endpoint_not_found`);
609
- const tokenResponse = await (0, better_auth_oauth2.validateAuthorizationCode)({
610
- code,
611
- codeVerifier: config.pkce ? stateData.codeVerifier : void 0,
612
- redirectURI: `${ctx.context.baseURL}/sso/callback/${provider.providerId}`,
613
- options: {
614
- clientId: config.clientId,
615
- clientSecret: config.clientSecret
616
- },
617
- tokenEndpoint: config.tokenEndpoint,
618
- authentication: config.tokenEndpointAuthentication === "client_secret_post" ? "post" : "basic"
619
- }).catch((e) => {
620
- if (e instanceof require_index$1.BetterFetchError) throw ctx.redirect(`${errorURL || callbackURL}?error=invalid_provider&error_description=${e.message}`);
621
- return null;
622
- });
623
- if (!tokenResponse) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=token_response_not_found`);
624
- let userInfo = null;
625
- if (tokenResponse.idToken) {
626
- const idToken = require_decode_jwt.decodeJwt(tokenResponse.idToken);
627
- if (!config.jwksEndpoint) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=jwks_endpoint_not_found`);
628
- const verified = await (0, better_auth_oauth2.validateToken)(tokenResponse.idToken, config.jwksEndpoint).catch((e) => {
629
- ctx.context.logger.error(e);
630
- return null;
631
- });
632
- if (!verified) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=token_not_verified`);
633
- if (verified.payload.iss !== provider.issuer) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=issuer_mismatch`);
634
- const mapping = config.mapping || {};
635
- userInfo = {
636
- ...Object.fromEntries(Object.entries(mapping.extraFields || {}).map(([key, value]) => [key, verified.payload[value]])),
637
- id: idToken[mapping.id || "sub"],
638
- email: idToken[mapping.email || "email"],
639
- emailVerified: options?.trustEmailVerified ? idToken[mapping.emailVerified || "email_verified"] : false,
640
- name: idToken[mapping.name || "name"],
641
- image: idToken[mapping.image || "picture"]
642
- };
643
- }
644
- if (!userInfo) {
645
- if (!config.userInfoEndpoint) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=user_info_endpoint_not_found`);
646
- const userInfoResponse = await require_index$1.betterFetch(config.userInfoEndpoint, { headers: { Authorization: `Bearer ${tokenResponse.accessToken}` } });
647
- if (userInfoResponse.error) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=${userInfoResponse.error.message}`);
648
- userInfo = userInfoResponse.data;
649
- }
650
- if (!userInfo.email || !userInfo.id) throw ctx.redirect(`${errorURL || callbackURL}/error?error=invalid_provider&error_description=missing_user_info`);
651
- const linked = await (0, better_auth_oauth2.handleOAuthUserInfo)(ctx, {
652
- userInfo: {
653
- email: userInfo.email,
654
- name: userInfo.name || userInfo.email,
655
- id: userInfo.id,
656
- image: userInfo.image,
657
- emailVerified: options?.trustEmailVerified ? userInfo.emailVerified || false : false
658
- },
659
- account: {
660
- idToken: tokenResponse.idToken,
661
- accessToken: tokenResponse.accessToken,
662
- refreshToken: tokenResponse.refreshToken,
663
- accountId: userInfo.id,
664
- providerId: provider.providerId,
665
- accessTokenExpiresAt: tokenResponse.accessTokenExpiresAt,
666
- refreshTokenExpiresAt: tokenResponse.refreshTokenExpiresAt,
667
- scope: tokenResponse.scopes?.join(",")
668
- },
669
- callbackURL,
670
- disableSignUp: options?.disableImplicitSignUp && !requestSignUp,
671
- overrideUserInfo: config.overrideUserInfo
672
- });
673
- if (linked.error) throw ctx.redirect(`${errorURL || callbackURL}/error?error=${linked.error}`);
674
- const { session, user } = linked.data;
675
- if (options?.provisionUser) await options.provisionUser({
676
- user,
677
- userInfo,
678
- token: tokenResponse,
679
- provider
680
- });
681
- if (provider.organizationId && !options?.organizationProvisioning?.disabled) {
682
- if (ctx.context.options.plugins?.find((plugin) => plugin.id === "organization")) {
683
- if (!await ctx.context.adapter.findOne({
684
- model: "member",
685
- where: [{
686
- field: "organizationId",
687
- value: provider.organizationId
688
- }, {
689
- field: "userId",
690
- value: user.id
691
- }]
692
- })) {
693
- const role = options?.organizationProvisioning?.getRole ? await options.organizationProvisioning.getRole({
694
- user,
695
- userInfo,
696
- token: tokenResponse,
697
- provider
698
- }) : options?.organizationProvisioning?.defaultRole || "member";
699
- await ctx.context.adapter.create({
700
- model: "member",
701
- data: {
702
- organizationId: provider.organizationId,
703
- userId: user.id,
704
- role,
705
- createdAt: /* @__PURE__ */ new Date(),
706
- updatedAt: /* @__PURE__ */ new Date()
707
- }
708
- });
709
- }
710
- }
711
- }
712
- await (0, better_auth_cookies.setSessionCookie)(ctx, {
713
- session,
714
- user
715
- });
716
- let toRedirectTo;
717
- try {
718
- toRedirectTo = (linked.isRegister ? newUserURL || callbackURL : callbackURL).toString();
719
- } catch {
720
- toRedirectTo = linked.isRegister ? newUserURL || callbackURL : callbackURL;
721
- }
722
- throw ctx.redirect(toRedirectTo);
723
- }),
724
- callbackSSOSAML: (0, better_auth_plugins.createAuthEndpoint)("/sso/saml2/callback/:providerId", {
725
- method: "POST",
726
- body: require_schemas.object({
727
- SAMLResponse: require_schemas.string(),
728
- RelayState: require_schemas.string().optional()
729
- }),
730
- metadata: {
731
- isAction: false,
732
- openapi: {
733
- summary: "Callback URL for SAML provider",
734
- description: "This endpoint is used as the callback URL for SAML providers.",
735
- responses: {
736
- "302": { description: "Redirects to the callback URL" },
737
- "400": { description: "Invalid SAML response" },
738
- "401": { description: "Unauthorized - SAML authentication failed" }
739
- }
740
- }
741
- }
742
- }, async (ctx) => {
743
- const { SAMLResponse, RelayState } = ctx.body;
744
- const { providerId } = ctx.params;
745
- let provider = null;
746
- if (options?.defaultSSO?.length) {
747
- const matchingDefault = options.defaultSSO.find((defaultProvider) => defaultProvider.providerId === providerId);
748
- if (matchingDefault) provider = {
749
- ...matchingDefault,
750
- userId: "default",
751
- issuer: matchingDefault.samlConfig?.issuer || ""
752
- };
753
- }
754
- if (!provider) provider = await ctx.context.adapter.findOne({
755
- model: "ssoProvider",
756
- where: [{
757
- field: "providerId",
758
- value: providerId
759
- }]
760
- }).then((res) => {
761
- if (!res) return null;
762
- return {
763
- ...res,
764
- samlConfig: res.samlConfig ? safeJsonParse(res.samlConfig) || void 0 : void 0
765
- };
766
- });
767
- if (!provider) throw new better_auth_api.APIError("NOT_FOUND", { message: "No provider found for the given providerId" });
768
- const parsedSamlConfig = safeJsonParse(provider.samlConfig);
769
- if (!parsedSamlConfig) throw new better_auth_api.APIError("BAD_REQUEST", { message: "Invalid SAML configuration" });
770
- const idpData = parsedSamlConfig.idpMetadata;
771
- let idp = null;
772
- if (!idpData?.metadata) idp = import_build.IdentityProvider({
773
- entityID: idpData?.entityID || parsedSamlConfig.issuer,
774
- singleSignOnService: [{
775
- Binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
776
- Location: parsedSamlConfig.entryPoint
777
- }],
778
- signingCert: idpData?.cert || parsedSamlConfig.cert,
779
- wantAuthnRequestsSigned: parsedSamlConfig.wantAssertionsSigned || false,
780
- isAssertionEncrypted: idpData?.isAssertionEncrypted || false,
781
- encPrivateKey: idpData?.encPrivateKey,
782
- encPrivateKeyPass: idpData?.encPrivateKeyPass
783
- });
784
- else idp = import_build.IdentityProvider({
785
- metadata: idpData.metadata,
786
- privateKey: idpData.privateKey,
787
- privateKeyPass: idpData.privateKeyPass,
788
- isAssertionEncrypted: idpData.isAssertionEncrypted,
789
- encPrivateKey: idpData.encPrivateKey,
790
- encPrivateKeyPass: idpData.encPrivateKeyPass
791
- });
792
- const spData = parsedSamlConfig.spMetadata;
793
- const sp = import_build.ServiceProvider({
794
- metadata: spData?.metadata,
795
- entityID: spData?.entityID || parsedSamlConfig.issuer,
796
- assertionConsumerService: spData?.metadata ? void 0 : [{
797
- Binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
798
- Location: parsedSamlConfig.callbackUrl
799
- }],
800
- privateKey: spData?.privateKey || parsedSamlConfig.privateKey,
801
- privateKeyPass: spData?.privateKeyPass,
802
- isAssertionEncrypted: spData?.isAssertionEncrypted || false,
803
- encPrivateKey: spData?.encPrivateKey,
804
- encPrivateKeyPass: spData?.encPrivateKeyPass,
805
- wantMessageSigned: parsedSamlConfig.wantAssertionsSigned || false,
806
- nameIDFormat: parsedSamlConfig.identifierFormat ? [parsedSamlConfig.identifierFormat] : void 0
807
- });
808
- let parsedResponse;
809
- try {
810
- const decodedResponse = Buffer.from(SAMLResponse, "base64").toString("utf-8");
811
- try {
812
- parsedResponse = await sp.parseLoginResponse(idp, "post", { body: {
813
- SAMLResponse,
814
- RelayState: RelayState || void 0
815
- } });
816
- } catch (parseError) {
817
- const nameIDMatch = decodedResponse.match(/<saml2:NameID[^>]*>([^<]+)<\/saml2:NameID>/);
818
- if (!nameIDMatch) throw parseError;
819
- parsedResponse = { extract: {
820
- nameID: nameIDMatch[1],
821
- attributes: { nameID: nameIDMatch[1] },
822
- sessionIndex: {},
823
- conditions: {}
824
- } };
825
- }
826
- if (!parsedResponse?.extract) throw new Error("Invalid SAML response structure");
827
- } catch (error) {
828
- ctx.context.logger.error("SAML response validation failed", {
829
- error,
830
- decodedResponse: Buffer.from(SAMLResponse, "base64").toString("utf-8")
831
- });
832
- throw new better_auth_api.APIError("BAD_REQUEST", {
833
- message: "Invalid SAML response",
834
- details: error instanceof Error ? error.message : String(error)
835
- });
836
- }
837
- const { extract } = parsedResponse;
838
- const attributes = extract.attributes || {};
839
- const mapping = parsedSamlConfig.mapping ?? {};
840
- const userInfo = {
841
- ...Object.fromEntries(Object.entries(mapping.extraFields || {}).map(([key, value]) => [key, attributes[value]])),
842
- id: attributes[mapping.id || "nameID"] || extract.nameID,
843
- email: attributes[mapping.email || "email"] || extract.nameID,
844
- name: [attributes[mapping.firstName || "givenName"], attributes[mapping.lastName || "surname"]].filter(Boolean).join(" ") || attributes[mapping.name || "displayName"] || extract.nameID,
845
- emailVerified: options?.trustEmailVerified && mapping.emailVerified ? attributes[mapping.emailVerified] || false : false
846
- };
847
- if (!userInfo.id || !userInfo.email) {
848
- ctx.context.logger.error("Missing essential user info from SAML response", {
849
- attributes: Object.keys(attributes),
850
- mapping,
851
- extractedId: userInfo.id,
852
- extractedEmail: userInfo.email
853
- });
854
- throw new better_auth_api.APIError("BAD_REQUEST", { message: "Unable to extract user ID or email from SAML response" });
855
- }
856
- let user;
857
- const existingUser = await ctx.context.adapter.findOne({
858
- model: "user",
859
- where: [{
860
- field: "email",
861
- value: userInfo.email
862
- }]
863
- });
864
- if (existingUser) user = existingUser;
865
- else user = await ctx.context.adapter.create({
866
- model: "user",
867
- data: {
868
- email: userInfo.email,
869
- name: userInfo.name,
870
- emailVerified: userInfo.emailVerified,
871
- createdAt: /* @__PURE__ */ new Date(),
872
- updatedAt: /* @__PURE__ */ new Date()
873
- }
874
- });
875
- if (!await ctx.context.adapter.findOne({
876
- model: "account",
877
- where: [
878
- {
879
- field: "userId",
880
- value: user.id
881
- },
882
- {
883
- field: "providerId",
884
- value: provider.providerId
885
- },
886
- {
887
- field: "accountId",
888
- value: userInfo.id
889
- }
890
- ]
891
- })) await ctx.context.adapter.create({
892
- model: "account",
893
- data: {
894
- userId: user.id,
895
- providerId: provider.providerId,
896
- accountId: userInfo.id,
897
- createdAt: /* @__PURE__ */ new Date(),
898
- updatedAt: /* @__PURE__ */ new Date(),
899
- accessToken: "",
900
- refreshToken: ""
901
- }
902
- });
903
- if (options?.provisionUser) await options.provisionUser({
904
- user,
905
- userInfo,
906
- provider
907
- });
908
- if (provider.organizationId && !options?.organizationProvisioning?.disabled) {
909
- if (ctx.context.options.plugins?.find((plugin) => plugin.id === "organization")) {
910
- if (!await ctx.context.adapter.findOne({
911
- model: "member",
912
- where: [{
913
- field: "organizationId",
914
- value: provider.organizationId
915
- }, {
916
- field: "userId",
917
- value: user.id
918
- }]
919
- })) {
920
- const role = options?.organizationProvisioning?.getRole ? await options.organizationProvisioning.getRole({
921
- user,
922
- userInfo,
923
- provider
924
- }) : options?.organizationProvisioning?.defaultRole || "member";
925
- await ctx.context.adapter.create({
926
- model: "member",
927
- data: {
928
- organizationId: provider.organizationId,
929
- userId: user.id,
930
- role,
931
- createdAt: /* @__PURE__ */ new Date(),
932
- updatedAt: /* @__PURE__ */ new Date()
933
- }
934
- });
935
- }
936
- }
937
- }
938
- await (0, better_auth_cookies.setSessionCookie)(ctx, {
939
- session: await ctx.context.internalAdapter.createSession(user.id, ctx),
940
- user
941
- });
942
- const callbackUrl = RelayState || parsedSamlConfig.callbackUrl || ctx.context.baseURL;
943
- throw ctx.redirect(callbackUrl);
944
- }),
945
- acsEndpoint: (0, better_auth_plugins.createAuthEndpoint)("/sso/saml2/sp/acs/:providerId", {
946
- method: "POST",
947
- params: require_schemas.object({ providerId: require_schemas.string().optional() }),
948
- body: require_schemas.object({
949
- SAMLResponse: require_schemas.string(),
950
- RelayState: require_schemas.string().optional()
951
- }),
952
- metadata: {
953
- isAction: false,
954
- openapi: {
955
- summary: "SAML Assertion Consumer Service",
956
- description: "Handles SAML responses from IdP after successful authentication",
957
- responses: { "302": { description: "Redirects to the callback URL after successful authentication" } }
958
- }
959
- }
960
- }, async (ctx) => {
961
- const { SAMLResponse, RelayState = "" } = ctx.body;
962
- const { providerId } = ctx.params;
963
- let provider = null;
964
- if (options?.defaultSSO?.length) {
965
- const matchingDefault = providerId ? options.defaultSSO.find((defaultProvider) => defaultProvider.providerId === providerId) : options.defaultSSO[0];
966
- if (matchingDefault) provider = {
967
- issuer: matchingDefault.samlConfig?.issuer || "",
968
- providerId: matchingDefault.providerId,
969
- userId: "default",
970
- samlConfig: matchingDefault.samlConfig
971
- };
972
- } else provider = await ctx.context.adapter.findOne({
973
- model: "ssoProvider",
974
- where: [{
975
- field: "providerId",
976
- value: providerId ?? "sso"
977
- }]
978
- }).then((res) => {
979
- if (!res) return null;
980
- return {
981
- ...res,
982
- samlConfig: res.samlConfig ? safeJsonParse(res.samlConfig) || void 0 : void 0
983
- };
984
- });
985
- if (!provider?.samlConfig) throw new better_auth_api.APIError("NOT_FOUND", { message: "No SAML provider found" });
986
- const parsedSamlConfig = provider.samlConfig;
987
- const sp = import_build.ServiceProvider({
988
- entityID: parsedSamlConfig.spMetadata?.entityID || parsedSamlConfig.issuer,
989
- assertionConsumerService: [{
990
- Binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
991
- Location: parsedSamlConfig.callbackUrl || `${ctx.context.baseURL}/sso/saml2/sp/acs/${providerId}`
992
- }],
993
- wantMessageSigned: parsedSamlConfig.wantAssertionsSigned || false,
994
- metadata: parsedSamlConfig.spMetadata?.metadata,
995
- privateKey: parsedSamlConfig.spMetadata?.privateKey || parsedSamlConfig.privateKey,
996
- privateKeyPass: parsedSamlConfig.spMetadata?.privateKeyPass,
997
- nameIDFormat: parsedSamlConfig.identifierFormat ? [parsedSamlConfig.identifierFormat] : void 0
998
- });
999
- const idpData = parsedSamlConfig.idpMetadata;
1000
- const idp = !idpData?.metadata ? import_build.IdentityProvider({
1001
- entityID: idpData?.entityID || parsedSamlConfig.issuer,
1002
- singleSignOnService: idpData?.singleSignOnService || [{
1003
- Binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
1004
- Location: parsedSamlConfig.entryPoint
1005
- }],
1006
- signingCert: idpData?.cert || parsedSamlConfig.cert
1007
- }) : import_build.IdentityProvider({ metadata: idpData.metadata });
1008
- let parsedResponse;
1009
- try {
1010
- let decodedResponse = Buffer.from(SAMLResponse, "base64").toString("utf-8");
1011
- if (!decodedResponse.includes("StatusCode")) {
1012
- const insertPoint = decodedResponse.indexOf("</saml2:Issuer>");
1013
- if (insertPoint !== -1) decodedResponse = decodedResponse.slice(0, insertPoint + 14) + "<saml2:Status><saml2:StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"/></saml2:Status>" + decodedResponse.slice(insertPoint + 14);
1014
- } else if (!decodedResponse.includes("saml2:Success")) decodedResponse = decodedResponse.replace(/<saml2:StatusCode Value="[^"]+"/, "<saml2:StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"");
1015
- try {
1016
- parsedResponse = await sp.parseLoginResponse(idp, "post", { body: {
1017
- SAMLResponse,
1018
- RelayState: RelayState || void 0
1019
- } });
1020
- } catch (parseError) {
1021
- const nameIDMatch = decodedResponse.match(/<saml2:NameID[^>]*>([^<]+)<\/saml2:NameID>/);
1022
- if (!nameIDMatch) throw parseError;
1023
- parsedResponse = { extract: {
1024
- nameID: nameIDMatch[1],
1025
- attributes: { nameID: nameIDMatch[1] },
1026
- sessionIndex: {},
1027
- conditions: {}
1028
- } };
1029
- }
1030
- if (!parsedResponse?.extract) throw new Error("Invalid SAML response structure");
1031
- } catch (error) {
1032
- ctx.context.logger.error("SAML response validation failed", {
1033
- error,
1034
- decodedResponse: Buffer.from(SAMLResponse, "base64").toString("utf-8")
1035
- });
1036
- throw new better_auth_api.APIError("BAD_REQUEST", {
1037
- message: "Invalid SAML response",
1038
- details: error instanceof Error ? error.message : String(error)
1039
- });
1040
- }
1041
- const { extract } = parsedResponse;
1042
- const attributes = extract.attributes || {};
1043
- const mapping = parsedSamlConfig.mapping ?? {};
1044
- const userInfo = {
1045
- ...Object.fromEntries(Object.entries(mapping.extraFields || {}).map(([key, value]) => [key, attributes[value]])),
1046
- id: attributes[mapping.id || "nameID"] || extract.nameID,
1047
- email: attributes[mapping.email || "email"] || extract.nameID,
1048
- name: [attributes[mapping.firstName || "givenName"], attributes[mapping.lastName || "surname"]].filter(Boolean).join(" ") || attributes[mapping.name || "displayName"] || extract.nameID,
1049
- emailVerified: options?.trustEmailVerified && mapping.emailVerified ? attributes[mapping.emailVerified] || false : false
1050
- };
1051
- if (!userInfo.id || !userInfo.email) {
1052
- ctx.context.logger.error("Missing essential user info from SAML response", {
1053
- attributes: Object.keys(attributes),
1054
- mapping,
1055
- extractedId: userInfo.id,
1056
- extractedEmail: userInfo.email
1057
- });
1058
- throw new better_auth_api.APIError("BAD_REQUEST", { message: "Unable to extract user ID or email from SAML response" });
1059
- }
1060
- let user;
1061
- const existingUser = await ctx.context.adapter.findOne({
1062
- model: "user",
1063
- where: [{
1064
- field: "email",
1065
- value: userInfo.email
1066
- }]
1067
- });
1068
- if (existingUser) {
1069
- if (!await ctx.context.adapter.findOne({
1070
- model: "account",
1071
- where: [
1072
- {
1073
- field: "userId",
1074
- value: existingUser.id
1075
- },
1076
- {
1077
- field: "providerId",
1078
- value: provider.providerId
1079
- },
1080
- {
1081
- field: "accountId",
1082
- value: userInfo.id
1083
- }
1084
- ]
1085
- })) {
1086
- if (!ctx.context.options.account?.accountLinking?.trustedProviders?.includes(provider.providerId)) throw ctx.redirect(`${parsedSamlConfig.callbackUrl}?error=account_not_found`);
1087
- await ctx.context.adapter.create({
1088
- model: "account",
1089
- data: {
1090
- userId: existingUser.id,
1091
- providerId: provider.providerId,
1092
- accountId: userInfo.id,
1093
- createdAt: /* @__PURE__ */ new Date(),
1094
- updatedAt: /* @__PURE__ */ new Date(),
1095
- accessToken: "",
1096
- refreshToken: ""
1097
- }
1098
- });
1099
- }
1100
- user = existingUser;
1101
- } else {
1102
- user = await ctx.context.adapter.create({
1103
- model: "user",
1104
- data: {
1105
- email: userInfo.email,
1106
- name: userInfo.name,
1107
- emailVerified: options?.trustEmailVerified ? userInfo.emailVerified || false : false,
1108
- createdAt: /* @__PURE__ */ new Date(),
1109
- updatedAt: /* @__PURE__ */ new Date()
1110
- }
1111
- });
1112
- await ctx.context.adapter.create({
1113
- model: "account",
1114
- data: {
1115
- userId: user.id,
1116
- providerId: provider.providerId,
1117
- accountId: userInfo.id,
1118
- accessToken: "",
1119
- refreshToken: "",
1120
- accessTokenExpiresAt: /* @__PURE__ */ new Date(),
1121
- refreshTokenExpiresAt: /* @__PURE__ */ new Date(),
1122
- scope: "",
1123
- createdAt: /* @__PURE__ */ new Date(),
1124
- updatedAt: /* @__PURE__ */ new Date()
1125
- }
1126
- });
1127
- }
1128
- if (options?.provisionUser) await options.provisionUser({
1129
- user,
1130
- userInfo,
1131
- provider
1132
- });
1133
- if (provider.organizationId && !options?.organizationProvisioning?.disabled) {
1134
- if (ctx.context.options.plugins?.find((plugin) => plugin.id === "organization")) {
1135
- if (!await ctx.context.adapter.findOne({
1136
- model: "member",
1137
- where: [{
1138
- field: "organizationId",
1139
- value: provider.organizationId
1140
- }, {
1141
- field: "userId",
1142
- value: user.id
1143
- }]
1144
- })) {
1145
- const role = options?.organizationProvisioning?.getRole ? await options.organizationProvisioning.getRole({
1146
- user,
1147
- userInfo,
1148
- provider
1149
- }) : options?.organizationProvisioning?.defaultRole || "member";
1150
- await ctx.context.adapter.create({
1151
- model: "member",
1152
- data: {
1153
- organizationId: provider.organizationId,
1154
- userId: user.id,
1155
- role,
1156
- createdAt: /* @__PURE__ */ new Date(),
1157
- updatedAt: /* @__PURE__ */ new Date()
1158
- }
1159
- });
1160
- }
1161
- }
1162
- }
1163
- await (0, better_auth_cookies.setSessionCookie)(ctx, {
1164
- session: await ctx.context.internalAdapter.createSession(user.id, ctx),
1165
- user
1166
- });
1167
- const callbackUrl = RelayState || parsedSamlConfig.callbackUrl || ctx.context.baseURL;
1168
- throw ctx.redirect(callbackUrl);
1169
- })
1170
- },
1171
- schema: { ssoProvider: { fields: {
1172
- issuer: {
1173
- type: "string",
1174
- required: true
1175
- },
1176
- oidcConfig: {
1177
- type: "string",
1178
- required: false
1179
- },
1180
- samlConfig: {
1181
- type: "string",
1182
- required: false
1183
- },
1184
- userId: {
1185
- type: "string",
1186
- references: {
1187
- model: "user",
1188
- field: "id"
1189
- }
1190
- },
1191
- providerId: {
1192
- type: "string",
1193
- required: true,
1194
- unique: true
1195
- },
1196
- organizationId: {
1197
- type: "string",
1198
- required: false
1199
- },
1200
- domain: {
1201
- type: "string",
1202
- required: true
1203
- }
1204
- } } }
1205
- };
1206
- };
1207
-
1208
- //#endregion
1209
- exports.sso = sso;
1210
- //# sourceMappingURL=index.cjs.map