@jmlq/auth 0.0.1-alpha.31 → 0.0.1-alpha.33

package/dist/domain/errors/auth.errors.d.ts

@@ -13,6 +13,18 @@ export declare abstract class AuthDomainError extends Error {
         code: AuthErrorCode;
         details: unknown;
     };
+    /**
+     * Guard estable para errores del core.
+     *
+     * - `instanceof` es el camino ideal, pero puede fallar si hay:
+     *   - múltiples copias del paquete en runtime (resolución/hoisting),
+     *   - bundles,
+     *   - errores creados por hosts que replican forma (code/message).
+     *
+     * Regla:
+     * - Si tiene forma mínima { code: string, message: string }, lo tratamos como AuthDomainError.
+     * - El core sigue siendo el “owner” de los códigos y su significado.
+     */
     static isAuthError(e: unknown): e is AuthDomainError;
 }
 /** El token ya no es válido por exp (exp < now) */

package/dist/domain/errors/auth.errors.js

@@ -1,6 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.EmailNotVerifiedError = exports.SessionAuthError = exports.AuthenticationError = exports.InvalidSignatureError = exports.InvalidTokenFormatError = exports.TokenExpiredError = exports.AuthDomainError = void 0;
+function asAuthErrorLike(value) {
+    if (value && typeof value === "object")
+        return value;
+    return {};
+}
 class AuthDomainError extends Error {
     constructor(message, code, details) {
         super(message);
@@ -8,7 +13,8 @@ class AuthDomainError extends Error {
         this.details = details;
         this.name = new.target.name;
         // Compatible con V8; ignora silenciosamente en otros engines
-        if (typeof Error.captureStackTrace === "function") {
+        if (typeof Error
+            .captureStackTrace === "function") {
             Error.captureStackTrace(this, new.target);
         }
     }
@@ -20,8 +26,23 @@ class AuthDomainError extends Error {
             details: this.details,
         };
     }
+    /**
+     * Guard estable para errores del core.
+     *
+     * - `instanceof` es el camino ideal, pero puede fallar si hay:
+     *   - múltiples copias del paquete en runtime (resolución/hoisting),
+     *   - bundles,
+     *   - errores creados por hosts que replican forma (code/message).
+     *
+     * Regla:
+     * - Si tiene forma mínima { code: string, message: string }, lo tratamos como AuthDomainError.
+     * - El core sigue siendo el “owner” de los códigos y su significado.
+     */
     static isAuthError(e) {
-        return e instanceof AuthDomainError;
+        if (e instanceof AuthDomainError)
+            return true;
+        const like = asAuthErrorLike(e);
+        return typeof like.code === "string" && typeof like.message === "string";
     }
 }
 exports.AuthDomainError = AuthDomainError;

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-export { optionalAudience } from "./domain/services/helpers";
+export { optionalAudience, assertJwtStructure, } from "./domain/services/helpers";
 export type { IAuthServiceContainer } from "./infrastructure/types";
 export { AuthServiceFactoryOptions } from "./application/types";
 /**
@@ -12,7 +12,7 @@ export { normalizeJwtPayload } from "./domain/services";
  * Aunque ya se exporta vía `export * from "./domain/errors"`,
  * se expone de forma directa para que el host/plugins lo consuman sin ambigüedad.
  */
-export { InvalidJwtPayloadError } from "./domain/errors";
+export { InvalidJwtPayloadError, InvalidJwtEmptyError, InvalidJwtMalformedError, } from "./domain/errors";
 export * from "./domain/ports";
 export * from "./domain/entities";
 export { readNonEmptyString } from "./domain/services/helpers";

package/dist/index.js

@@ -14,9 +14,10 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.readNonEmptyString = exports.InvalidJwtPayloadError = exports.normalizeJwtPayload = exports.optionalAudience = void 0;
+exports.readNonEmptyString = exports.InvalidJwtMalformedError = exports.InvalidJwtEmptyError = exports.InvalidJwtPayloadError = exports.normalizeJwtPayload = exports.assertJwtStructure = exports.optionalAudience = void 0;
 var helpers_1 = require("./domain/services/helpers");
 Object.defineProperty(exports, "optionalAudience", { enumerable: true, get: function () { return helpers_1.optionalAudience; } });
+Object.defineProperty(exports, "assertJwtStructure", { enumerable: true, get: function () { return helpers_1.assertJwtStructure; } });
 /**
  * Contrato público (JWT payload):
  * - Los plugins devuelven payload verificado criptográficamente como unknown.
@@ -31,6 +32,8 @@ Object.defineProperty(exports, "normalizeJwtPayload", { enumerable: true, get: f
  */
 var errors_1 = require("./domain/errors");
 Object.defineProperty(exports, "InvalidJwtPayloadError", { enumerable: true, get: function () { return errors_1.InvalidJwtPayloadError; } });
+Object.defineProperty(exports, "InvalidJwtEmptyError", { enumerable: true, get: function () { return errors_1.InvalidJwtEmptyError; } });
+Object.defineProperty(exports, "InvalidJwtMalformedError", { enumerable: true, get: function () { return errors_1.InvalidJwtMalformedError; } });
 // Contratos (ports) + config
 __exportStar(require("./domain/ports"), exports);
 // Entities

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@jmlq/auth",
   "description": "JWT authentication package with clean architecture",
-  "version": "0.0.1-alpha.31",
+  "version": "0.0.1-alpha.33",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "scripts": {