npm - @mulverse/mulguard-core - Versions diffs - 1.0.0 - Mend

@mulverse/mulguard-core 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (600) hide show

package/README.md +24 -0
package/adapters.d.ts +522 -0
package/adapters.d.ts.map +1 -0
package/adapters.js +170 -0
package/errors.d.ts +429 -0
package/errors.d.ts.map +1 -0
package/errors.js +473 -0
package/index.d.ts +547 -0
package/index.d.ts.map +1 -0
package/index.js +142 -0
package/jwt.d.ts +132 -0
package/jwt.d.ts.map +1 -0
package/jwt.js +123 -0
package/lib/actions/callback/handle-login.d.ts +35 -0
package/lib/actions/callback/handle-login.d.ts.map +1 -0
package/lib/actions/callback/handle-login.js +275 -0
package/lib/actions/callback/index.d.ts +5 -0
package/lib/actions/callback/index.d.ts.map +1 -0
package/lib/actions/callback/index.js +409 -0
package/lib/actions/callback/oauth/callback.d.ts +36 -0
package/lib/actions/callback/oauth/callback.d.ts.map +1 -0
package/lib/actions/callback/oauth/callback.js +248 -0
package/lib/actions/callback/oauth/checks.d.ts +70 -0
package/lib/actions/callback/oauth/checks.d.ts.map +1 -0
package/lib/actions/callback/oauth/checks.js +188 -0
package/lib/actions/callback/oauth/csrf-token.d.ts +33 -0
package/lib/actions/callback/oauth/csrf-token.d.ts.map +1 -0
package/lib/actions/callback/oauth/csrf-token.js +39 -0
package/lib/actions/index.d.ts +6 -0
package/lib/actions/index.d.ts.map +1 -0
package/lib/actions/index.js +5 -0
package/lib/actions/session.d.ts +5 -0
package/lib/actions/session.d.ts.map +1 -0
package/lib/actions/session.js +127 -0
package/lib/actions/signin/authorization-url.d.ts +12 -0
package/lib/actions/signin/authorization-url.d.ts.map +1 -0
package/lib/actions/signin/authorization-url.js +94 -0
package/lib/actions/signin/index.d.ts +4 -0
package/lib/actions/signin/index.d.ts.map +1 -0
package/lib/actions/signin/index.js +22 -0
package/lib/actions/signin/send-token.d.ts +10 -0
package/lib/actions/signin/send-token.d.ts.map +1 -0
package/lib/actions/signin/send-token.js +98 -0
package/lib/actions/signout.d.ts +11 -0
package/lib/actions/signout.d.ts.map +1 -0
package/lib/actions/signout.js +30 -0
package/lib/actions/webauthn-options.d.ts +8 -0
package/lib/actions/webauthn-options.d.ts.map +1 -0
package/lib/actions/webauthn-options.js +60 -0
package/lib/index.d.ts +2 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +70 -0
package/lib/init.d.ts +25 -0
package/lib/init.d.ts.map +1 -0
package/lib/init.js +172 -0
package/lib/pages/error.d.ts +17 -0
package/lib/pages/error.d.ts.map +1 -0
package/lib/pages/error.js +40 -0
package/lib/pages/index.d.ts +42 -0
package/lib/pages/index.d.ts.map +1 -0
package/lib/pages/index.js +136 -0
package/lib/pages/signin.d.ts +10 -0
package/lib/pages/signin.d.ts.map +1 -0
package/lib/pages/signin.js +75 -0
package/lib/pages/signout.d.ts +8 -0
package/lib/pages/signout.d.ts.map +1 -0
package/lib/pages/signout.js +17 -0
package/lib/pages/styles.d.ts +3 -0
package/lib/pages/styles.d.ts.map +1 -0
package/lib/pages/styles.js +381 -0
package/lib/pages/verify-request.d.ts +8 -0
package/lib/pages/verify-request.d.ts.map +1 -0
package/lib/pages/verify-request.js +11 -0
package/lib/symbols.d.ts +50 -0
package/lib/symbols.d.ts.map +1 -0
package/lib/symbols.js +57 -0
package/lib/utils/actions.d.ts +3 -0
package/lib/utils/actions.d.ts.map +1 -0
package/lib/utils/actions.js +14 -0
package/lib/utils/assert.d.ts +14 -0
package/lib/utils/assert.d.ts.map +1 -0
package/lib/utils/assert.js +168 -0
package/lib/utils/callback-url.d.ts +17 -0
package/lib/utils/callback-url.d.ts.map +1 -0
package/lib/utils/callback-url.js +27 -0
package/lib/utils/cookie.d.ts +111 -0
package/lib/utils/cookie.d.ts.map +1 -0
package/lib/utils/cookie.js +205 -0
package/lib/utils/date.d.ts +7 -0
package/lib/utils/date.d.ts.map +1 -0
package/lib/utils/date.js +8 -0
package/lib/utils/email.d.ts +20 -0
package/lib/utils/email.d.ts.map +1 -0
package/lib/utils/email.js +57 -0
package/lib/utils/env.d.ts +9 -0
package/lib/utils/env.d.ts.map +1 -0
package/lib/utils/env.js +96 -0
package/lib/utils/logger.d.ts +18 -0
package/lib/utils/logger.d.ts.map +1 -0
package/lib/utils/logger.js +50 -0
package/lib/utils/merge.d.ts +3 -0
package/lib/utils/merge.d.ts.map +1 -0
package/lib/utils/merge.js +23 -0
package/lib/utils/providers.d.ts +19 -0
package/lib/utils/providers.d.ts.map +1 -0
package/lib/utils/providers.js +149 -0
package/lib/utils/session.d.ts +7 -0
package/lib/utils/session.d.ts.map +1 -0
package/lib/utils/session.js +29 -0
package/lib/utils/web.d.ts +10 -0
package/lib/utils/web.d.ts.map +1 -0
package/lib/utils/web.js +109 -0
package/lib/utils/webauthn-client.d.ts +30 -0
package/lib/utils/webauthn-client.d.ts.map +1 -0
package/lib/utils/webauthn-client.js +197 -0
package/lib/utils/webauthn-utils.d.ts +81 -0
package/lib/utils/webauthn-utils.d.ts.map +1 -0
package/lib/utils/webauthn-utils.js +343 -0
package/lib/vendored/cookie.d.ts +120 -0
package/lib/vendored/cookie.d.ts.map +1 -0
package/lib/vendored/cookie.js +237 -0
package/package.json +118 -0
package/providers/42-school.d.ts +240 -0
package/providers/42-school.d.ts.map +1 -0
package/providers/42-school.js +78 -0
package/providers/apple.d.ts +149 -0
package/providers/apple.d.ts.map +1 -0
package/providers/apple.js +104 -0
package/providers/asgardeo.d.ts +102 -0
package/providers/asgardeo.d.ts.map +1 -0
package/providers/asgardeo.js +93 -0
package/providers/atlassian.d.ts +94 -0
package/providers/atlassian.d.ts.map +1 -0
package/providers/atlassian.js +84 -0
package/providers/auth0.d.ts +116 -0
package/providers/auth0.d.ts.map +1 -0
package/providers/auth0.js +49 -0
package/providers/authentik.d.ts +90 -0
package/providers/authentik.d.ts.map +1 -0
package/providers/authentik.js +65 -0
package/providers/azure-ad-b2c.d.ts +104 -0
package/providers/azure-ad-b2c.d.ts.map +1 -0
package/providers/azure-ad-b2c.js +100 -0
package/providers/azure-ad.d.ts +19 -0
package/providers/azure-ad.d.ts.map +1 -0
package/providers/azure-ad.js +23 -0
package/providers/azure-devops.d.ts +128 -0
package/providers/azure-devops.d.ts.map +1 -0
package/providers/azure-devops.js +158 -0
package/providers/bankid-no.d.ts +134 -0
package/providers/bankid-no.d.ts.map +1 -0
package/providers/bankid-no.js +65 -0
package/providers/battlenet.d.ts +85 -0
package/providers/battlenet.d.ts.map +1 -0
package/providers/battlenet.js +81 -0
package/providers/beyondidentity.d.ts +77 -0
package/providers/beyondidentity.d.ts.map +1 -0
package/providers/beyondidentity.js +84 -0
package/providers/bitbucket.d.ts +89 -0
package/providers/bitbucket.d.ts.map +1 -0
package/providers/bitbucket.js +92 -0
package/providers/box.d.ts +63 -0
package/providers/box.d.ts.map +1 -0
package/providers/box.js +73 -0
package/providers/boxyhq-saml.d.ts +121 -0
package/providers/boxyhq-saml.d.ts.map +1 -0
package/providers/boxyhq-saml.js +127 -0
package/providers/bungie.d.ts +167 -0
package/providers/bungie.d.ts.map +1 -0
package/providers/bungie.js +174 -0
package/providers/click-up.d.ts +75 -0
package/providers/click-up.d.ts.map +1 -0
package/providers/click-up.js +89 -0
package/providers/cognito.d.ts +81 -0
package/providers/cognito.d.ts.map +1 -0
package/providers/cognito.js +73 -0
package/providers/coinbase.d.ts +69 -0
package/providers/coinbase.d.ts.map +1 -0
package/providers/coinbase.js +78 -0
package/providers/concept2.d.ts +81 -0
package/providers/concept2.d.ts.map +1 -0
package/providers/concept2.js +86 -0
package/providers/credentials.d.ts +132 -0
package/providers/credentials.d.ts.map +1 -0
package/providers/credentials.js +74 -0
package/providers/descope.d.ts +91 -0
package/providers/descope.d.ts.map +1 -0
package/providers/descope.js +78 -0
package/providers/discord.d.ts +139 -0
package/providers/discord.d.ts.map +1 -0
package/providers/discord.js +86 -0
package/providers/dribbble.d.ts +88 -0
package/providers/dribbble.d.ts.map +1 -0
package/providers/dribbble.js +85 -0
package/providers/dropbox.d.ts +65 -0
package/providers/dropbox.d.ts.map +1 -0
package/providers/dropbox.js +88 -0
package/providers/duende-identity-server6.d.ts +91 -0
package/providers/duende-identity-server6.d.ts.map +1 -0
package/providers/duende-identity-server6.js +80 -0
package/providers/email.d.ts +41 -0
package/providers/email.d.ts.map +1 -0
package/providers/email.js +18 -0
package/providers/eventbrite.d.ts +78 -0
package/providers/eventbrite.d.ts.map +1 -0
package/providers/eventbrite.js +88 -0
package/providers/eveonline.d.ts +94 -0
package/providers/eveonline.d.ts.map +1 -0
package/providers/eveonline.js +92 -0
package/providers/facebook.d.ts +84 -0
package/providers/facebook.d.ts.map +1 -0
package/providers/facebook.js +93 -0
package/providers/faceit.d.ts +64 -0
package/providers/faceit.d.ts.map +1 -0
package/providers/faceit.js +74 -0
package/providers/figma.d.ts +75 -0
package/providers/figma.d.ts.map +1 -0
package/providers/figma.js +81 -0
package/providers/forwardemail.d.ts +4 -0
package/providers/forwardemail.d.ts.map +1 -0
package/providers/forwardemail.js +32 -0
package/providers/foursquare.d.ts +71 -0
package/providers/foursquare.d.ts.map +1 -0
package/providers/foursquare.js +91 -0
package/providers/freshbooks.d.ts +66 -0
package/providers/freshbooks.d.ts.map +1 -0
package/providers/freshbooks.js +76 -0
package/providers/frontegg.d.ts +95 -0
package/providers/frontegg.d.ts.map +1 -0
package/providers/frontegg.js +88 -0
package/providers/fusionauth.d.ts +279 -0
package/providers/fusionauth.d.ts.map +1 -0
package/providers/fusionauth.js +292 -0
package/providers/github.d.ts +127 -0
package/providers/github.d.ts.map +1 -0
package/providers/github.js +115 -0
package/providers/gitlab.d.ts +115 -0
package/providers/gitlab.d.ts.map +1 -0
package/providers/gitlab.js +75 -0
package/providers/google.d.ts +138 -0
package/providers/google.d.ts.map +1 -0
package/providers/google.js +119 -0
package/providers/hubspot.d.ts +76 -0
package/providers/hubspot.d.ts.map +1 -0
package/providers/hubspot.js +93 -0
package/providers/huggingface.d.ts +216 -0
package/providers/huggingface.d.ts.map +1 -0
package/providers/huggingface.js +101 -0
package/providers/identity-server4.d.ts +69 -0
package/providers/identity-server4.d.ts.map +1 -0
package/providers/identity-server4.js +64 -0
package/providers/index.d.ts +61 -0
package/providers/index.d.ts.map +1 -0
package/providers/index.js +3 -0
package/providers/instagram.d.ts +74 -0
package/providers/instagram.d.ts.map +1 -0
package/providers/instagram.js +87 -0
package/providers/kakao.d.ts +148 -0
package/providers/kakao.d.ts.map +1 -0
package/providers/kakao.js +103 -0
package/providers/keycloak.d.ts +100 -0
package/providers/keycloak.d.ts.map +1 -0
package/providers/keycloak.js +73 -0
package/providers/kinde.d.ts +73 -0
package/providers/kinde.d.ts.map +1 -0
package/providers/kinde.js +51 -0
package/providers/line.d.ts +83 -0
package/providers/line.d.ts.map +1 -0
package/providers/line.js +73 -0
package/providers/linkedin.d.ts +77 -0
package/providers/linkedin.d.ts.map +1 -0
package/providers/linkedin.js +65 -0
package/providers/logto.d.ts +98 -0
package/providers/logto.d.ts.map +1 -0
package/providers/logto.js +81 -0
package/providers/loops.d.ts +40 -0
package/providers/loops.d.ts.map +1 -0
package/providers/loops.js +59 -0
package/providers/mailchimp.d.ts +66 -0
package/providers/mailchimp.d.ts.map +1 -0
package/providers/mailchimp.js +76 -0
package/providers/mailgun.d.ts +55 -0
package/providers/mailgun.d.ts.map +1 -0
package/providers/mailgun.js +74 -0
package/providers/mailru.d.ts +63 -0
package/providers/mailru.d.ts.map +1 -0
package/providers/mailru.js +61 -0
package/providers/mastodon.d.ts +90 -0
package/providers/mastodon.d.ts.map +1 -0
package/providers/mastodon.js +75 -0
package/providers/mattermost.d.ts +132 -0
package/providers/mattermost.d.ts.map +1 -0
package/providers/mattermost.js +83 -0
package/providers/medium.d.ts +68 -0
package/providers/medium.d.ts.map +1 -0
package/providers/medium.js +84 -0
package/providers/microsoft-entra-id.d.ts +428 -0
package/providers/microsoft-entra-id.d.ts.map +1 -0
package/providers/microsoft-entra-id.js +156 -0
package/providers/naver.d.ts +80 -0
package/providers/naver.d.ts.map +1 -0
package/providers/naver.js +79 -0
package/providers/netlify.d.ts +66 -0
package/providers/netlify.d.ts.map +1 -0
package/providers/netlify.js +85 -0
package/providers/netsuite.d.ts +189 -0
package/providers/netsuite.d.ts.map +1 -0
package/providers/netsuite.js +170 -0
package/providers/nextcloud.d.ts +150 -0
package/providers/nextcloud.d.ts.map +1 -0
package/providers/nextcloud.js +99 -0
package/providers/nodemailer.d.ts +27 -0
package/providers/nodemailer.d.ts.map +1 -0
package/providers/nodemailer.js +34 -0
package/providers/notion.d.ts +99 -0
package/providers/notion.d.ts.map +1 -0
package/providers/notion.js +110 -0
package/providers/oauth.d.ts +188 -0
package/providers/oauth.d.ts.map +1 -0
package/providers/oauth.js +1 -0
package/providers/okta.d.ts +99 -0
package/providers/okta.d.ts.map +1 -0
package/providers/okta.js +63 -0
package/providers/onelogin.d.ts +65 -0
package/providers/onelogin.d.ts.map +1 -0
package/providers/onelogin.js +61 -0
package/providers/ory-hydra.d.ts +79 -0
package/providers/ory-hydra.d.ts.map +1 -0
package/providers/ory-hydra.js +67 -0
package/providers/osso.d.ts +79 -0
package/providers/osso.d.ts.map +1 -0
package/providers/osso.js +77 -0
package/providers/osu.d.ts +116 -0
package/providers/osu.d.ts.map +1 -0
package/providers/osu.js +75 -0
package/providers/passage.d.ts +88 -0
package/providers/passage.d.ts.map +1 -0
package/providers/passage.js +75 -0
package/providers/passkey.d.ts +65 -0
package/providers/passkey.d.ts.map +1 -0
package/providers/passkey.js +87 -0
package/providers/patreon.d.ts +73 -0
package/providers/patreon.d.ts.map +1 -0
package/providers/patreon.js +77 -0
package/providers/ping-id.d.ts +57 -0
package/providers/ping-id.d.ts.map +1 -0
package/providers/ping-id.js +40 -0
package/providers/pinterest.d.ts +79 -0
package/providers/pinterest.d.ts.map +1 -0
package/providers/pinterest.js +85 -0
package/providers/pipedrive.d.ts +99 -0
package/providers/pipedrive.d.ts.map +1 -0
package/providers/pipedrive.js +71 -0
package/providers/postmark.d.ts +4 -0
package/providers/postmark.d.ts.map +1 -0
package/providers/postmark.js +36 -0
package/providers/provider-types.d.ts +3 -0
package/providers/provider-types.d.ts.map +1 -0
package/providers/provider-types.js +1 -0
package/providers/reddit.d.ts +88 -0
package/providers/reddit.d.ts.map +1 -0
package/providers/reddit.js +90 -0
package/providers/resend.d.ts +4 -0
package/providers/resend.d.ts.map +1 -0
package/providers/resend.js +32 -0
package/providers/roblox.d.ts +67 -0
package/providers/roblox.d.ts.map +1 -0
package/providers/roblox.js +53 -0
package/providers/salesforce.d.ts +59 -0
package/providers/salesforce.d.ts.map +1 -0
package/providers/salesforce.js +52 -0
package/providers/sendgrid.d.ts +4 -0
package/providers/sendgrid.d.ts.map +1 -0
package/providers/sendgrid.js +35 -0
package/providers/simplelogin.d.ts +87 -0
package/providers/simplelogin.d.ts.map +1 -0
package/providers/simplelogin.js +83 -0
package/providers/slack.d.ts +102 -0
package/providers/slack.d.ts.map +1 -0
package/providers/slack.js +69 -0
package/providers/spotify.d.ts +75 -0
package/providers/spotify.d.ts.map +1 -0
package/providers/spotify.js +73 -0
package/providers/strava.d.ts +68 -0
package/providers/strava.d.ts.map +1 -0
package/providers/strava.js +80 -0
package/providers/threads.d.ts +108 -0
package/providers/threads.d.ts.map +1 -0
package/providers/threads.js +89 -0
package/providers/tiktok.d.ts +248 -0
package/providers/tiktok.d.ts.map +1 -0
package/providers/tiktok.js +195 -0
package/providers/todoist.d.ts +76 -0
package/providers/todoist.d.ts.map +1 -0
package/providers/todoist.js +97 -0
package/providers/trakt.d.ts +93 -0
package/providers/trakt.d.ts.map +1 -0
package/providers/trakt.js +91 -0
package/providers/twitch.d.ts +71 -0
package/providers/twitch.d.ts.map +1 -0
package/providers/twitch.js +96 -0
package/providers/twitter.d.ts +183 -0
package/providers/twitter.d.ts.map +1 -0
package/providers/twitter.js +100 -0
package/providers/united-effects.d.ts +80 -0
package/providers/united-effects.d.ts.map +1 -0
package/providers/united-effects.js +72 -0
package/providers/vipps.d.ts +71 -0
package/providers/vipps.d.ts.map +1 -0
package/providers/vipps.js +33 -0
package/providers/vk.d.ts +334 -0
package/providers/vk.d.ts.map +1 -0
package/providers/vk.js +103 -0
package/providers/webauthn.d.ts +148 -0
package/providers/webauthn.d.ts.map +1 -0
package/providers/webauthn.js +128 -0
package/providers/webex.d.ts +78 -0
package/providers/webex.d.ts.map +1 -0
package/providers/webex.js +73 -0
package/providers/wechat.d.ts +78 -0
package/providers/wechat.d.ts.map +1 -0
package/providers/wechat.js +105 -0
package/providers/wikimedia.d.ts +99 -0
package/providers/wikimedia.d.ts.map +1 -0
package/providers/wikimedia.js +90 -0
package/providers/wordpress.d.ts +65 -0
package/providers/wordpress.d.ts.map +1 -0
package/providers/wordpress.js +71 -0
package/providers/workos.d.ts +154 -0
package/providers/workos.d.ts.map +1 -0
package/providers/workos.js +143 -0
package/providers/yandex.d.ts +131 -0
package/providers/yandex.d.ts.map +1 -0
package/providers/yandex.js +80 -0
package/providers/zitadel.d.ts +117 -0
package/providers/zitadel.d.ts.map +1 -0
package/providers/zitadel.js +95 -0
package/providers/zoho.d.ts +63 -0
package/providers/zoho.d.ts.map +1 -0
package/providers/zoho.js +79 -0
package/providers/zoom.d.ts +93 -0
package/providers/zoom.d.ts.map +1 -0
package/providers/zoom.js +82 -0
package/src/adapters/server-actions-helpers.ts +126 -0
package/src/adapters.ts +603 -0
package/src/errors.ts +551 -0
package/src/index.ts +689 -0
package/src/jwt.ts +283 -0
package/src/lib/actions/callback/handle-login.ts +334 -0
package/src/lib/actions/callback/index.ts +554 -0
package/src/lib/actions/callback/oauth/callback.ts +347 -0
package/src/lib/actions/callback/oauth/checks.ts +258 -0
package/src/lib/actions/callback/oauth/csrf-token.ts +60 -0
package/src/lib/actions/index.ts +5 -0
package/src/lib/actions/session.ts +167 -0
package/src/lib/actions/signin/authorization-url.ts +123 -0
package/src/lib/actions/signin/index.ts +37 -0
package/src/lib/actions/signin/send-token.ts +124 -0
package/src/lib/actions/signout.ts +38 -0
package/src/lib/actions/webauthn-options.ts +100 -0
package/src/lib/index.ts +97 -0
package/src/lib/init.ts +236 -0
package/src/lib/pages/error.tsx +106 -0
package/src/lib/pages/index.ts +181 -0
package/src/lib/pages/signin.tsx +255 -0
package/src/lib/pages/signout.tsx +49 -0
package/src/lib/pages/styles.css +377 -0
package/src/lib/pages/styles.ts +381 -0
package/src/lib/pages/verify-request.tsx +36 -0
package/src/lib/symbols.ts +60 -0
package/src/lib/utils/actions.ts +17 -0
package/src/lib/utils/assert.ts +259 -0
package/src/lib/utils/callback-url.ts +42 -0
package/src/lib/utils/cookie.ts +248 -0
package/src/lib/utils/date.ts +8 -0
package/src/lib/utils/email.ts +65 -0
package/src/lib/utils/env.ts +113 -0
package/src/lib/utils/logger.ts +75 -0
package/src/lib/utils/merge.ts +30 -0
package/src/lib/utils/providers.ts +203 -0
package/src/lib/utils/session.ts +41 -0
package/src/lib/utils/web.ts +151 -0
package/src/lib/utils/webauthn-client.js +229 -0
package/src/lib/utils/webauthn-utils.ts +531 -0
package/src/lib/vendored/cookie.ts +383 -0
package/src/providers/42-school.ts +256 -0
package/src/providers/apple.ts +206 -0
package/src/providers/asgardeo.ts +118 -0
package/src/providers/atlassian.ts +120 -0
package/src/providers/auth0.ts +127 -0
package/src/providers/authentik.ts +100 -0
package/src/providers/azure-ad-b2c.ts +124 -0
package/src/providers/azure-ad.ts +30 -0
package/src/providers/azure-devops.ts +184 -0
package/src/providers/bankid-no.ts +161 -0
package/src/providers/battlenet.ts +107 -0
package/src/providers/beyondidentity.ts +102 -0
package/src/providers/bitbucket.ts +122 -0
package/src/providers/box.ts +87 -0
package/src/providers/boxyhq-saml.ts +148 -0
package/src/providers/bungie.ts +192 -0
package/src/providers/click-up.ts +104 -0
package/src/providers/cognito.ts +94 -0
package/src/providers/coinbase.ts +93 -0
package/src/providers/concept2.ts +108 -0
package/src/providers/credentials.ts +157 -0
package/src/providers/descope.ts +105 -0
package/src/providers/discord.ts +176 -0
package/src/providers/dribbble.ts +122 -0
package/src/providers/dropbox.ts +102 -0
package/src/providers/duende-identity-server6.ts +101 -0
package/src/providers/email.ts +60 -0
package/src/providers/eventbrite.ts +105 -0
package/src/providers/eveonline.ts +117 -0
package/src/providers/facebook.ts +119 -0
package/src/providers/faceit.ts +90 -0
package/src/providers/figma.ts +105 -0
package/src/providers/forwardemail.ts +37 -0
package/src/providers/foursquare.ts +105 -0
package/src/providers/freshbooks.ts +90 -0
package/src/providers/frontegg.ts +111 -0
package/src/providers/fusionauth.ts +336 -0
package/src/providers/github.ts +187 -0
package/src/providers/gitlab.ts +140 -0
package/src/providers/google.ts +152 -0
package/src/providers/hubspot.ts +117 -0
package/src/providers/huggingface.ts +234 -0
package/src/providers/identity-server4.ts +78 -0
package/src/providers/index.ts +115 -0
package/src/providers/instagram.ts +103 -0
package/src/providers/kakao.ts +184 -0
package/src/providers/keycloak.ts +111 -0
package/src/providers/kinde.ts +85 -0
package/src/providers/line.ts +99 -0
package/src/providers/linkedin.ts +91 -0
package/src/providers/logto.ts +122 -0
package/src/providers/loops.ts +79 -0
package/src/providers/mailchimp.ts +90 -0
package/src/providers/mailgun.ts +98 -0
package/src/providers/mailru.ts +75 -0
package/src/providers/mastodon.ts +112 -0
package/src/providers/mattermost.ts +154 -0
package/src/providers/medium.ts +89 -0
package/src/providers/microsoft-entra-id.ts +497 -0
package/src/providers/naver.ts +102 -0
package/src/providers/netlify.ts +90 -0
package/src/providers/netsuite.ts +225 -0
package/src/providers/nextcloud.ts +207 -0
package/src/providers/nodemailer.ts +84 -0
package/src/providers/notion.ts +166 -0
package/src/providers/oauth.ts +310 -0
package/src/providers/okta.ts +111 -0
package/src/providers/onelogin.ts +75 -0
package/src/providers/ory-hydra.ts +93 -0
package/src/providers/osso.ts +91 -0
package/src/providers/osu.ts +138 -0
package/src/providers/passage.ts +103 -0
package/src/providers/passkey.ts +94 -0
package/src/providers/patreon.ts +98 -0
package/src/providers/ping-id.ts +68 -0
package/src/providers/pinterest.ts +106 -0
package/src/providers/pipedrive.ts +120 -0
package/src/providers/postmark.ts +38 -0
package/src/providers/provider-types.ts +107 -0
package/src/providers/reddit.ts +104 -0
package/src/providers/resend.ts +35 -0
package/src/providers/roblox.ts +94 -0
package/src/providers/salesforce.ts +73 -0
package/src/providers/sendgrid.ts +36 -0
package/src/providers/simplelogin.ts +107 -0
package/src/providers/slack.ts +115 -0
package/src/providers/spotify.ts +99 -0
package/src/providers/strava.ts +101 -0
package/src/providers/threads.ts +135 -0
package/src/providers/tiktok.ts +319 -0
package/src/providers/todoist.ts +122 -0
package/src/providers/trakt.ts +120 -0
package/src/providers/twitch.ts +121 -0
package/src/providers/twitter.ts +207 -0
package/src/providers/united-effects.ts +89 -0
package/src/providers/vipps.ts +86 -0
package/src/providers/vk.ts +401 -0
package/src/providers/webauthn.ts +296 -0
package/src/providers/webex.ts +102 -0
package/src/providers/wechat.ts +141 -0
package/src/providers/wikimedia.ts +258 -0
package/src/providers/wordpress.ts +86 -0
package/src/providers/workos.ts +180 -0
package/src/providers/yandex.ts +159 -0
package/src/providers/zitadel.ts +128 -0
package/src/providers/zoho.ts +84 -0
package/src/providers/zoom.ts +119 -0
package/src/types.ts +430 -0
package/src/warnings.ts +21 -0
package/types.d.ts +309 -0
package/types.d.ts.map +1 -0
package/types.js +53 -0
package/warnings.d.ts +17 -0
package/warnings.d.ts.map +1 -0
package/warnings.js +1 -0

package/lib/utils/assert.js ADDED Viewed

@@ -0,0 +1,168 @@
+import { defaultCookies } from "./cookie.js";
+import { AuthError, DuplicateConditionalUI, ExperimentalFeatureNotEnabled, InvalidCallbackUrl, InvalidEndpoints, MissingAdapter, MissingAdapterMethods, MissingAuthorize, MissingSecret, MissingWebAuthnAutocomplete, UnsupportedStrategy, UntrustedHost, } from "../../errors.js";
+import { createServerActionsAdapter } from "../../adapters/server-actions-helpers.js";
+let warned = false;
+function isValidHttpUrl(url, baseUrl) {
+    try {
+        return /^https?:/.test(new URL(url, url.startsWith("/") ? baseUrl : undefined).protocol);
+    }
+    catch {
+        return false;
+    }
+}
+function isSemverString(version) {
+    return /^v\d+(?:\.\d+){0,2}$/.test(version);
+}
+let hasCredentials = false;
+let hasEmail = false;
+let hasWebAuthn = false;
+const emailMethods = [
+    "createVerificationToken",
+    "useVerificationToken",
+    "getUserByEmail",
+];
+const sessionMethods = [
+    "createUser",
+    "getUser",
+    "getUserByEmail",
+    "getUserByAccount",
+    "updateUser",
+    "linkAccount",
+    "createSession",
+    "getSessionAndUser",
+    "updateSession",
+    "deleteSession",
+];
+const webauthnMethods = [
+    "createUser",
+    "getUser",
+    "linkAccount",
+    "getAccount",
+    "getAuthenticator",
+    "createAuthenticator",
+    "listAuthenticatorsByUserId",
+    "updateAuthenticatorCounter",
+];
+/**
+ * Verify that the user configured Auth.js correctly.
+ * Good place to mention deprecations as well.
+ *
+ * This is invoked before the init method, so default values are not available yet.
+ */
+export function assertConfig(request, options) {
+    const { url } = request;
+    const warnings = [];
+    if (!warned && options.debug)
+        warnings.push("debug-enabled");
+    if (!options.trustHost) {
+        return new UntrustedHost(`Host must be trusted. URL was: ${request.url}`);
+    }
+    if (!options.secret?.length) {
+        return new MissingSecret("Please define a `secret`");
+    }
+    const callbackUrlParam = request.query?.callbackUrl;
+    if (callbackUrlParam && !isValidHttpUrl(callbackUrlParam, url.origin)) {
+        return new InvalidCallbackUrl(`Invalid callback URL. Received: ${callbackUrlParam}`);
+    }
+    const { callbackUrl: defaultCallbackUrl } = defaultCookies(options.useSecureCookies ?? url.protocol === "https:");
+    const callbackUrlCookie = request.cookies?.[options.cookies?.callbackUrl?.name ?? defaultCallbackUrl.name];
+    if (callbackUrlCookie && !isValidHttpUrl(callbackUrlCookie, url.origin)) {
+        return new InvalidCallbackUrl(`Invalid callback URL. Received: ${callbackUrlCookie}`);
+    }
+    // Keep track of webauthn providers that use conditional UI
+    let hasConditionalUIProvider = false;
+    for (const p of options.providers) {
+        const provider = typeof p === "function" ? p() : p;
+        if ((provider.type === "oauth" || provider.type === "oidc") &&
+            !(provider.issuer ?? provider.options?.issuer)) {
+            const { authorization: a, token: t, userinfo: u } = provider;
+            let key;
+            if (typeof a !== "string" && !a?.url)
+                key = "authorization";
+            else if (typeof t !== "string" && !t?.url)
+                key = "token";
+            else if (typeof u !== "string" && !u?.url)
+                key = "userinfo";
+            if (key) {
+                return new InvalidEndpoints(`Provider "${provider.id}" is missing both \`issuer\` and \`${key}\` endpoint config. At least one of them is required`);
+            }
+        }
+        if (provider.type === "credentials")
+            hasCredentials = true;
+        else if (provider.type === "email")
+            hasEmail = true;
+        else if (provider.type === "webauthn") {
+            hasWebAuthn = true;
+            // Validate simpleWebAuthnBrowserVersion
+            if (provider.simpleWebAuthnBrowserVersion &&
+                !isSemverString(provider.simpleWebAuthnBrowserVersion)) {
+                return new AuthError(`Invalid provider config for "${provider.id}": simpleWebAuthnBrowserVersion "${provider.simpleWebAuthnBrowserVersion}" must be a valid semver string.`);
+            }
+            if (provider.enableConditionalUI) {
+                // Make sure only one webauthn provider has "enableConditionalUI" set to true
+                if (hasConditionalUIProvider) {
+                    return new DuplicateConditionalUI(`Multiple webauthn providers have 'enableConditionalUI' set to True. Only one provider can have this option enabled at a time`);
+                }
+                hasConditionalUIProvider = true;
+                // Make sure at least one formField has "webauthn" in its autocomplete param
+                const hasWebauthnFormField = Object.values(provider.formFields).some((f) => f.autocomplete && f.autocomplete.toString().indexOf("webauthn") > -1);
+                if (!hasWebauthnFormField) {
+                    return new MissingWebAuthnAutocomplete(`Provider "${provider.id}" has 'enableConditionalUI' set to True, but none of its formFields have 'webauthn' in their autocomplete param`);
+                }
+            }
+        }
+    }
+    if (hasCredentials) {
+        const dbStrategy = options.session?.strategy === "database";
+        const onlyCredentials = !options.providers.some((p) => (typeof p === "function" ? p() : p).type !== "credentials");
+        if (dbStrategy && onlyCredentials) {
+            return new UnsupportedStrategy("Signing in with credentials only supported if JWT strategy is enabled");
+        }
+        const credentialsNoAuthorize = options.providers.some((p) => {
+            const provider = typeof p === "function" ? p() : p;
+            return provider.type === "credentials" && !provider.authorize;
+        });
+        if (credentialsNoAuthorize) {
+            return new MissingAuthorize("Must define an authorize() handler to use credentials authentication provider");
+        }
+    }
+    const { adapter, serverActions, session } = options;
+    // Convert serverActions to adapter if provided and no adapter exists
+    const effectiveAdapter = adapter || (serverActions ? createServerActionsAdapter(serverActions) : undefined);
+    const requiredMethods = [];
+    if (hasEmail ||
+        session?.strategy === "database" ||
+        (!session?.strategy && effectiveAdapter)) {
+        if (hasEmail) {
+            if (!effectiveAdapter)
+                return new MissingAdapter("Email login requires an adapter or serverActions");
+            requiredMethods.push(...emailMethods);
+        }
+        else {
+            if (!effectiveAdapter)
+                return new MissingAdapter("Database session requires an adapter or serverActions");
+            requiredMethods.push(...sessionMethods);
+        }
+    }
+    if (hasWebAuthn) {
+        // Log experimental warning
+        if (options.experimental?.enableWebAuthn) {
+            warnings.push("experimental-webauthn");
+        }
+        else {
+            return new ExperimentalFeatureNotEnabled("WebAuthn is an experimental feature. To enable it, set `experimental.enableWebAuthn` to `true` in your config");
+        }
+        if (!effectiveAdapter)
+            return new MissingAdapter("WebAuthn requires an adapter or serverActions");
+        requiredMethods.push(...webauthnMethods);
+    }
+    if (effectiveAdapter) {
+        const missing = requiredMethods.filter((m) => !(m in effectiveAdapter));
+        if (missing.length) {
+            return new MissingAdapterMethods(`Required adapter methods were missing: ${missing.join(", ")}`);
+        }
+    }
+    if (!warned)
+        warned = true;
+    return warnings;
+}

package/lib/utils/callback-url.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { InternalOptions } from "../../types.js";
+interface CreateCallbackUrlParams {
+    options: InternalOptions;
+    /** Try reading value from request body (POST) then from query param (GET) */
+    paramValue?: string;
+    cookieValue?: string;
+}
+/**
+ * Get callback URL based on query param / cookie + validation,
+ * and add it to `req.options.callbackUrl`.
+ */
+export declare function createCallbackUrl({ options, paramValue, cookieValue, }: CreateCallbackUrlParams): Promise<{
+    callbackUrl: string;
+    callbackUrlCookie: string | undefined;
+}>;
+export {};
+//# sourceMappingURL=callback-url.d.ts.map

package/lib/utils/callback-url.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"callback-url.d.ts","sourceRoot":"","sources":["../../src/lib/utils/callback-url.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAErD,UAAU,uBAAuB;IAC/B,OAAO,EAAE,eAAe,CAAA;IACxB,6EAA6E;IAC7E,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CAAC,EACtC,OAAO,EACP,UAAU,EACV,WAAW,GACZ,EAAE,uBAAuB;;;GAwBzB"}

package/lib/utils/callback-url.js ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * Get callback URL based on query param / cookie + validation,
+ * and add it to `req.options.callbackUrl`.
+ */
+export async function createCallbackUrl({ options, paramValue, cookieValue, }) {
+    const { url, callbacks } = options;
+    let callbackUrl = url.origin;
+    if (paramValue) {
+        // If callbackUrl form field or query parameter is passed try to use it if allowed
+        callbackUrl = await callbacks.redirect({
+            url: paramValue,
+            baseUrl: url.origin,
+        });
+    }
+    else if (cookieValue) {
+        // If no callbackUrl specified, try using the value from the cookie if allowed
+        callbackUrl = await callbacks.redirect({
+            url: cookieValue,
+            baseUrl: url.origin,
+        });
+    }
+    return {
+        callbackUrl,
+        // Save callback URL in a cookie so that it can be used for subsequent requests in signin/signout/callback flow
+        callbackUrlCookie: callbackUrl !== cookieValue ? callbackUrl : undefined,
+    };
+}

package/lib/utils/cookie.d.ts ADDED Viewed

@@ -0,0 +1,111 @@
+import type { CookieOption, LoggerInstance, RequestInternal } from "../../types.js";
+/** Stringified form of `JWT`. Extract the content with `jwt.decode` */
+export type JWTString = string;
+export type SetCookieOptions = Partial<CookieOption["options"]> & {
+    expires?: Date | string;
+    encode?: (val: unknown) => string;
+};
+/**
+ * If `options.session.strategy` is set to `jwt`, this is a stringified `JWT`.
+ * In case of `strategy: "database"`, this is the `sessionToken` of the session in the database.
+ */
+export type SessionToken<T extends "jwt" | "database" = "jwt"> = T extends "jwt" ? JWTString : string;
+/**
+ * Use secure cookies if the site uses HTTPS
+ * This being conditional allows cookies to work non-HTTPS development URLs
+ * Honour secure cookie option, which sets 'secure' and also adds '__Secure-'
+ * prefix, but enable them by default if the site URL is HTTPS; but not for
+ * non-HTTPS URLs like http://localhost which are used in development).
+ * For more on prefixes see https://googlechrome.github.io/samples/cookie-prefixes/
+ *
+ * @TODO Review cookie settings (names, options)
+ */
+export declare function defaultCookies(useSecureCookies: boolean): {
+    readonly sessionToken: {
+        readonly name: "__Secure-authjs.session-token" | "authjs.session-token";
+        readonly options: {
+            readonly httpOnly: true;
+            readonly sameSite: "lax";
+            readonly path: "/";
+            readonly secure: boolean;
+        };
+    };
+    readonly callbackUrl: {
+        readonly name: "__Secure-authjs.callback-url" | "authjs.callback-url";
+        readonly options: {
+            readonly httpOnly: true;
+            readonly sameSite: "lax";
+            readonly path: "/";
+            readonly secure: boolean;
+        };
+    };
+    readonly csrfToken: {
+        readonly name: "authjs.csrf-token" | "__Host-authjs.csrf-token";
+        readonly options: {
+            readonly httpOnly: true;
+            readonly sameSite: "lax";
+            readonly path: "/";
+            readonly secure: boolean;
+        };
+    };
+    readonly pkceCodeVerifier: {
+        readonly name: "__Secure-authjs.pkce.code_verifier" | "authjs.pkce.code_verifier";
+        readonly options: {
+            readonly httpOnly: true;
+            readonly sameSite: "lax";
+            readonly path: "/";
+            readonly secure: boolean;
+            readonly maxAge: number;
+        };
+    };
+    readonly state: {
+        readonly name: "__Secure-authjs.state" | "authjs.state";
+        readonly options: {
+            readonly httpOnly: true;
+            readonly sameSite: "lax";
+            readonly path: "/";
+            readonly secure: boolean;
+            readonly maxAge: number;
+        };
+    };
+    readonly nonce: {
+        readonly name: "__Secure-authjs.nonce" | "authjs.nonce";
+        readonly options: {
+            readonly httpOnly: true;
+            readonly sameSite: "lax";
+            readonly path: "/";
+            readonly secure: boolean;
+        };
+    };
+    readonly webauthnChallenge: {
+        readonly name: "__Secure-authjs.challenge" | "authjs.challenge";
+        readonly options: {
+            readonly httpOnly: true;
+            readonly sameSite: "lax";
+            readonly path: "/";
+            readonly secure: boolean;
+            readonly maxAge: number;
+        };
+    };
+};
+export interface Cookie extends CookieOption {
+    value: string;
+}
+export declare class SessionStore {
+    #private;
+    constructor(option: CookieOption, cookies: RequestInternal["cookies"], logger: LoggerInstance | Console);
+    /**
+     * The JWT Session or database Session ID
+     * constructed from the cookie chunks.
+     */
+    get value(): string;
+    /**
+     * Given a cookie value, return new cookies, chunked, to fit the allowed cookie size.
+     * If the cookie has changed from chunked to unchunked or vice versa,
+     * it deletes the old cookies as well.
+     */
+    chunk(value: string, options: Partial<Cookie["options"]>): Cookie[];
+    /** Returns a list of cookies that should be cleaned. */
+    clean(): Cookie[];
+}
+//# sourceMappingURL=cookie.d.ts.map

package/lib/utils/cookie.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cookie.d.ts","sourceRoot":"","sources":["../../src/lib/utils/cookie.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,YAAY,EAEZ,cAAc,EACd,eAAe,EAChB,MAAM,gBAAgB,CAAA;AA2BvB,uEAAuE;AACvE,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAE9B,MAAM,MAAM,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,GAAG;IAChE,OAAO,CAAC,EAAE,IAAI,GAAG,MAAM,CAAA;IACvB,MAAM,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAA;CAClC,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,YAAY,CAAC,CAAC,SAAS,KAAK,GAAG,UAAU,GAAG,KAAK,IAAI,CAAC,SAAS,KAAK,GAC5E,SAAS,GACT,MAAM,CAAA;AAEV;;;;;;;;;GASG;AACH,wBAAgB,cAAc,CAAC,gBAAgB,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyEvD;AAED,MAAM,WAAW,MAAO,SAAQ,YAAY;IAC1C,KAAK,EAAE,MAAM,CAAA;CACd;AAID,qBAAa,YAAY;;gBAMrB,MAAM,EAAE,YAAY,EACpB,OAAO,EAAE,eAAe,CAAC,SAAS,CAAC,EACnC,MAAM,EAAE,cAAc,GAAG,OAAO;IAclC;;;OAGG;IACH,IAAI,KAAK,WAWR;IA2CD;;;;OAIG;IACH,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,MAAM,EAAE;IAmBnE,wDAAwD;IACxD,KAAK,IAAI,MAAM,EAAE;CAGlB"}

package/lib/utils/cookie.js ADDED Viewed

@@ -0,0 +1,205 @@
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _SessionStore_instances, _SessionStore_chunks, _SessionStore_option, _SessionStore_logger, _SessionStore_chunk, _SessionStore_clean;
+// Uncomment to recalculate the estimated size
+// of an empty session cookie
+// import * as cookie from "../vendored/cookie.js"
+// const { serialize } = cookie
+// console.log(
+//   "Cookie estimated to be ",
+//   serialize(`__Secure.authjs.session-token.0`, "", {
+//     expires: new Date(),
+//     httpOnly: true,
+//     maxAge: Number.MAX_SAFE_INTEGER,
+//     path: "/",
+//     sameSite: "strict",
+//     secure: true,
+//     domain: "example.com",
+//   }).length,
+//   " bytes"
+// )
+const ALLOWED_COOKIE_SIZE = 4096;
+// Based on commented out section above
+const ESTIMATED_EMPTY_COOKIE_SIZE = 160;
+const CHUNK_SIZE = ALLOWED_COOKIE_SIZE - ESTIMATED_EMPTY_COOKIE_SIZE;
+/**
+ * Use secure cookies if the site uses HTTPS
+ * This being conditional allows cookies to work non-HTTPS development URLs
+ * Honour secure cookie option, which sets 'secure' and also adds '__Secure-'
+ * prefix, but enable them by default if the site URL is HTTPS; but not for
+ * non-HTTPS URLs like http://localhost which are used in development).
+ * For more on prefixes see https://googlechrome.github.io/samples/cookie-prefixes/
+ *
+ * @TODO Review cookie settings (names, options)
+ */
+export function defaultCookies(useSecureCookies) {
+    const cookiePrefix = useSecureCookies ? "__Secure-" : "";
+    return {
+        // default cookie options
+        sessionToken: {
+            name: `${cookiePrefix}authjs.session-token`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure: useSecureCookies,
+            },
+        },
+        callbackUrl: {
+            name: `${cookiePrefix}authjs.callback-url`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure: useSecureCookies,
+            },
+        },
+        csrfToken: {
+            // Default to __Host- for CSRF token for additional protection if using useSecureCookies
+            // NB: The `__Host-` prefix is stricter than the `__Secure-` prefix.
+            name: `${useSecureCookies ? "__Host-" : ""}authjs.csrf-token`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure: useSecureCookies,
+            },
+        },
+        pkceCodeVerifier: {
+            name: `${cookiePrefix}authjs.pkce.code_verifier`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure: useSecureCookies,
+                maxAge: 60 * 15, // 15 minutes in seconds
+            },
+        },
+        state: {
+            name: `${cookiePrefix}authjs.state`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure: useSecureCookies,
+                maxAge: 60 * 15, // 15 minutes in seconds
+            },
+        },
+        nonce: {
+            name: `${cookiePrefix}authjs.nonce`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure: useSecureCookies,
+            },
+        },
+        webauthnChallenge: {
+            name: `${cookiePrefix}authjs.challenge`,
+            options: {
+                httpOnly: true,
+                sameSite: "lax",
+                path: "/",
+                secure: useSecureCookies,
+                maxAge: 60 * 15, // 15 minutes in seconds
+            },
+        },
+    };
+}
+export class SessionStore {
+    constructor(option, cookies, logger) {
+        _SessionStore_instances.add(this);
+        _SessionStore_chunks.set(this, {});
+        _SessionStore_option.set(this, void 0);
+        _SessionStore_logger.set(this, void 0);
+        __classPrivateFieldSet(this, _SessionStore_logger, logger, "f");
+        __classPrivateFieldSet(this, _SessionStore_option, option, "f");
+        if (!cookies)
+            return;
+        const { name: sessionCookiePrefix } = option;
+        for (const [name, value] of Object.entries(cookies)) {
+            if (!name.startsWith(sessionCookiePrefix) || !value)
+                continue;
+            __classPrivateFieldGet(this, _SessionStore_chunks, "f")[name] = value;
+        }
+    }
+    /**
+     * The JWT Session or database Session ID
+     * constructed from the cookie chunks.
+     */
+    get value() {
+        // Sort the chunks by their keys before joining
+        const sortedKeys = Object.keys(__classPrivateFieldGet(this, _SessionStore_chunks, "f")).sort((a, b) => {
+            const aSuffix = parseInt(a.split(".").pop() || "0");
+            const bSuffix = parseInt(b.split(".").pop() || "0");
+            return aSuffix - bSuffix;
+        });
+        // Use the sorted keys to join the chunks in the correct order
+        return sortedKeys.map((key) => __classPrivateFieldGet(this, _SessionStore_chunks, "f")[key]).join("");
+    }
+    /**
+     * Given a cookie value, return new cookies, chunked, to fit the allowed cookie size.
+     * If the cookie has changed from chunked to unchunked or vice versa,
+     * it deletes the old cookies as well.
+     */
+    chunk(value, options) {
+        // Assume all cookies should be cleaned by default
+        const cookies = __classPrivateFieldGet(this, _SessionStore_instances, "m", _SessionStore_clean).call(this);
+        // Calculate new chunks
+        const chunked = __classPrivateFieldGet(this, _SessionStore_instances, "m", _SessionStore_chunk).call(this, {
+            name: __classPrivateFieldGet(this, _SessionStore_option, "f").name,
+            value,
+            options: { ...__classPrivateFieldGet(this, _SessionStore_option, "f").options, ...options },
+        });
+        // Update stored chunks / cookies
+        for (const chunk of chunked) {
+            cookies[chunk.name] = chunk;
+        }
+        return Object.values(cookies);
+    }
+    /** Returns a list of cookies that should be cleaned. */
+    clean() {
+        return Object.values(__classPrivateFieldGet(this, _SessionStore_instances, "m", _SessionStore_clean).call(this));
+    }
+}
+_SessionStore_chunks = new WeakMap(), _SessionStore_option = new WeakMap(), _SessionStore_logger = new WeakMap(), _SessionStore_instances = new WeakSet(), _SessionStore_chunk = function _SessionStore_chunk(cookie) {
+    const chunkCount = Math.ceil(cookie.value.length / CHUNK_SIZE);
+    if (chunkCount === 1) {
+        __classPrivateFieldGet(this, _SessionStore_chunks, "f")[cookie.name] = cookie.value;
+        return [cookie];
+    }
+    const cookies = [];
+    for (let i = 0; i < chunkCount; i++) {
+        const name = `${cookie.name}.${i}`;
+        const value = cookie.value.substr(i * CHUNK_SIZE, CHUNK_SIZE);
+        cookies.push({ ...cookie, name, value });
+        __classPrivateFieldGet(this, _SessionStore_chunks, "f")[name] = value;
+    }
+    __classPrivateFieldGet(this, _SessionStore_logger, "f").debug("CHUNKING_SESSION_COOKIE", {
+        message: `Session cookie exceeds allowed ${ALLOWED_COOKIE_SIZE} bytes.`,
+        emptyCookieSize: ESTIMATED_EMPTY_COOKIE_SIZE,
+        valueSize: cookie.value.length,
+        chunks: cookies.map((c) => c.value.length + ESTIMATED_EMPTY_COOKIE_SIZE),
+    });
+    return cookies;
+}, _SessionStore_clean = function _SessionStore_clean() {
+    const cleanedChunks = {};
+    for (const name in __classPrivateFieldGet(this, _SessionStore_chunks, "f")) {
+        delete __classPrivateFieldGet(this, _SessionStore_chunks, "f")?.[name];
+        cleanedChunks[name] = {
+            name,
+            value: "",
+            options: { ...__classPrivateFieldGet(this, _SessionStore_option, "f").options, maxAge: 0 },
+        };
+    }
+    return cleanedChunks;
+};

package/lib/utils/date.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Takes a number in seconds and returns the date in the future.
+ * Optionally takes a second date parameter. In that case
+ * the date in the future will be calculated from that date instead of now.
+ */
+export declare function fromDate(time: number, date?: number): Date;
+//# sourceMappingURL=date.d.ts.map

package/lib/utils/date.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"date.d.ts","sourceRoot":"","sources":["../../src/lib/utils/date.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,wBAAgB,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,SAAa,QAEvD"}

package/lib/utils/date.js ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * Takes a number in seconds and returns the date in the future.
+ * Optionally takes a second date parameter. In that case
+ * the date in the future will be calculated from that date instead of now.
+ */
+export function fromDate(time, date = Date.now()) {
+    return new Date(date + time * 1000);
+}

package/lib/utils/email.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type { Theme } from "../../types.js";
+/**
+ * Email HTML body
+ * Insert invisible space into domains from being turned into a hyperlink by email
+ * clients like Outlook and Apple mail, as this is confusing because it seems
+ * like they are supposed to click on it to sign in.
+ *
+ * @note We don't add the email address to avoid needing to escape it, if you do, remember to sanitize it!
+ */
+export declare function html(params: {
+    url: string;
+    host: string;
+    theme: Theme;
+}): string;
+/** Email Text body (fallback for email clients that don't render HTML, e.g. feature phones) */
+export declare function text({ url, host }: {
+    url: string;
+    host: string;
+}): string;
+//# sourceMappingURL=email.d.ts.map

package/lib/utils/email.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"email.d.ts","sourceRoot":"","sources":["../../src/lib/utils/email.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAE3C;;;;;;;GAOG;AACH,wBAAgB,IAAI,CAAC,MAAM,EAAE;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,KAAK,CAAA;CAAE,UAiDvE;AAED,+FAA+F;AAC/F,wBAAgB,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,UAEhE"}

package/lib/utils/email.js ADDED Viewed

@@ -0,0 +1,57 @@
+/**
+ * Email HTML body
+ * Insert invisible space into domains from being turned into a hyperlink by email
+ * clients like Outlook and Apple mail, as this is confusing because it seems
+ * like they are supposed to click on it to sign in.
+ *
+ * @note We don't add the email address to avoid needing to escape it, if you do, remember to sanitize it!
+ */
+export function html(params) {
+    const { url, host, theme } = params;
+    const escapedHost = host.replace(/\./g, "&#8203;.");
+    const brandColor = theme.brandColor || "#346df1";
+    const buttonText = theme.buttonText || "#fff";
+    const color = {
+        background: "#f9f9f9",
+        text: "#444",
+        mainBackground: "#fff",
+        buttonBackground: brandColor,
+        buttonBorder: brandColor,
+        buttonText,
+    };
+    return `
+<body style="background: ${color.background};">
+  <table width="100%" border="0" cellspacing="20" cellpadding="0"
+    style="background: ${color.mainBackground}; max-width: 600px; margin: auto; border-radius: 10px;">
+    <tr>
+      <td align="center"
+        style="padding: 10px 0px; font-size: 22px; font-family: Helvetica, Arial, sans-serif; color: ${color.text};">
+        Sign in to <strong>${escapedHost}</strong>
+      </td>
+    </tr>
+    <tr>
+      <td align="center" style="padding: 20px 0;">
+        <table border="0" cellspacing="0" cellpadding="0">
+          <tr>
+            <td align="center" style="border-radius: 5px;" bgcolor="${color.buttonBackground}"><a href="${url}"
+                target="_blank"
+                style="font-size: 18px; font-family: Helvetica, Arial, sans-serif; color: ${color.buttonText}; text-decoration: none; border-radius: 5px; padding: 10px 20px; border: 1px solid ${color.buttonBorder}; display: inline-block; font-weight: bold;">Sign
+                in</a></td>
+          </tr>
+        </table>
+      </td>
+    </tr>
+    <tr>
+      <td align="center"
+        style="padding: 0px 0px 10px 0px; font-size: 16px; line-height: 22px; font-family: Helvetica, Arial, sans-serif; color: ${color.text};">
+        If you did not request this email you can safely ignore it.
+      </td>
+    </tr>
+  </table>
+</body>
+`;
+}
+/** Email Text body (fallback for email clients that don't render HTML, e.g. feature phones) */
+export function text({ url, host }) {
+    return `Sign in to ${host}\n${url}\n\n`;
+}

package/lib/utils/env.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { AuthAction } from "../../types.js";
+import type { AuthConfig } from "../../index.js";
+/**
+ *  Set default env variables on the config object
+ * @param suppressWarnings intended for framework authors.
+ */
+export declare function setEnvDefaults(envObject: any, config: AuthConfig, suppressBasePathWarning?: boolean): void;
+export declare function createActionURL(action: AuthAction, protocol: string, headers: Headers, envObject: any, config: Pick<AuthConfig, "basePath" | "logger">): URL;
+//# sourceMappingURL=env.d.ts.map

package/lib/utils/env.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/lib/utils/env.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAChD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAGhD;;;GAGG;AACH,wBAAgB,cAAc,CAC5B,SAAS,EAAE,GAAG,EACd,MAAM,EAAE,UAAU,EAClB,uBAAuB,UAAQ,QA2DhC;AAED,wBAAgB,eAAe,CAC7B,MAAM,EAAE,UAAU,EAClB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,GAAG,EACd,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,GAAG,QAAQ,CAAC,GAC9C,GAAG,CAkCL"}