npm - @mulverse/mulguard-core - Versions diffs - 1.0.0 - Mend

@mulverse/mulguard-core 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (600) hide show

package/README.md +24 -0
package/adapters.d.ts +522 -0
package/adapters.d.ts.map +1 -0
package/adapters.js +170 -0
package/errors.d.ts +429 -0
package/errors.d.ts.map +1 -0
package/errors.js +473 -0
package/index.d.ts +547 -0
package/index.d.ts.map +1 -0
package/index.js +142 -0
package/jwt.d.ts +132 -0
package/jwt.d.ts.map +1 -0
package/jwt.js +123 -0
package/lib/actions/callback/handle-login.d.ts +35 -0
package/lib/actions/callback/handle-login.d.ts.map +1 -0
package/lib/actions/callback/handle-login.js +275 -0
package/lib/actions/callback/index.d.ts +5 -0
package/lib/actions/callback/index.d.ts.map +1 -0
package/lib/actions/callback/index.js +409 -0
package/lib/actions/callback/oauth/callback.d.ts +36 -0
package/lib/actions/callback/oauth/callback.d.ts.map +1 -0
package/lib/actions/callback/oauth/callback.js +248 -0
package/lib/actions/callback/oauth/checks.d.ts +70 -0
package/lib/actions/callback/oauth/checks.d.ts.map +1 -0
package/lib/actions/callback/oauth/checks.js +188 -0
package/lib/actions/callback/oauth/csrf-token.d.ts +33 -0
package/lib/actions/callback/oauth/csrf-token.d.ts.map +1 -0
package/lib/actions/callback/oauth/csrf-token.js +39 -0
package/lib/actions/index.d.ts +6 -0
package/lib/actions/index.d.ts.map +1 -0
package/lib/actions/index.js +5 -0
package/lib/actions/session.d.ts +5 -0
package/lib/actions/session.d.ts.map +1 -0
package/lib/actions/session.js +127 -0
package/lib/actions/signin/authorization-url.d.ts +12 -0
package/lib/actions/signin/authorization-url.d.ts.map +1 -0
package/lib/actions/signin/authorization-url.js +94 -0
package/lib/actions/signin/index.d.ts +4 -0
package/lib/actions/signin/index.d.ts.map +1 -0
package/lib/actions/signin/index.js +22 -0
package/lib/actions/signin/send-token.d.ts +10 -0
package/lib/actions/signin/send-token.d.ts.map +1 -0
package/lib/actions/signin/send-token.js +98 -0
package/lib/actions/signout.d.ts +11 -0
package/lib/actions/signout.d.ts.map +1 -0
package/lib/actions/signout.js +30 -0
package/lib/actions/webauthn-options.d.ts +8 -0
package/lib/actions/webauthn-options.d.ts.map +1 -0
package/lib/actions/webauthn-options.js +60 -0
package/lib/index.d.ts +2 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +70 -0
package/lib/init.d.ts +25 -0
package/lib/init.d.ts.map +1 -0
package/lib/init.js +172 -0
package/lib/pages/error.d.ts +17 -0
package/lib/pages/error.d.ts.map +1 -0
package/lib/pages/error.js +40 -0
package/lib/pages/index.d.ts +42 -0
package/lib/pages/index.d.ts.map +1 -0
package/lib/pages/index.js +136 -0
package/lib/pages/signin.d.ts +10 -0
package/lib/pages/signin.d.ts.map +1 -0
package/lib/pages/signin.js +75 -0
package/lib/pages/signout.d.ts +8 -0
package/lib/pages/signout.d.ts.map +1 -0
package/lib/pages/signout.js +17 -0
package/lib/pages/styles.d.ts +3 -0
package/lib/pages/styles.d.ts.map +1 -0
package/lib/pages/styles.js +381 -0
package/lib/pages/verify-request.d.ts +8 -0
package/lib/pages/verify-request.d.ts.map +1 -0
package/lib/pages/verify-request.js +11 -0
package/lib/symbols.d.ts +50 -0
package/lib/symbols.d.ts.map +1 -0
package/lib/symbols.js +57 -0
package/lib/utils/actions.d.ts +3 -0
package/lib/utils/actions.d.ts.map +1 -0
package/lib/utils/actions.js +14 -0
package/lib/utils/assert.d.ts +14 -0
package/lib/utils/assert.d.ts.map +1 -0
package/lib/utils/assert.js +168 -0
package/lib/utils/callback-url.d.ts +17 -0
package/lib/utils/callback-url.d.ts.map +1 -0
package/lib/utils/callback-url.js +27 -0
package/lib/utils/cookie.d.ts +111 -0
package/lib/utils/cookie.d.ts.map +1 -0
package/lib/utils/cookie.js +205 -0
package/lib/utils/date.d.ts +7 -0
package/lib/utils/date.d.ts.map +1 -0
package/lib/utils/date.js +8 -0
package/lib/utils/email.d.ts +20 -0
package/lib/utils/email.d.ts.map +1 -0
package/lib/utils/email.js +57 -0
package/lib/utils/env.d.ts +9 -0
package/lib/utils/env.d.ts.map +1 -0
package/lib/utils/env.js +96 -0
package/lib/utils/logger.d.ts +18 -0
package/lib/utils/logger.d.ts.map +1 -0
package/lib/utils/logger.js +50 -0
package/lib/utils/merge.d.ts +3 -0
package/lib/utils/merge.d.ts.map +1 -0
package/lib/utils/merge.js +23 -0
package/lib/utils/providers.d.ts +19 -0
package/lib/utils/providers.d.ts.map +1 -0
package/lib/utils/providers.js +149 -0
package/lib/utils/session.d.ts +7 -0
package/lib/utils/session.d.ts.map +1 -0
package/lib/utils/session.js +29 -0
package/lib/utils/web.d.ts +10 -0
package/lib/utils/web.d.ts.map +1 -0
package/lib/utils/web.js +109 -0
package/lib/utils/webauthn-client.d.ts +30 -0
package/lib/utils/webauthn-client.d.ts.map +1 -0
package/lib/utils/webauthn-client.js +197 -0
package/lib/utils/webauthn-utils.d.ts +81 -0
package/lib/utils/webauthn-utils.d.ts.map +1 -0
package/lib/utils/webauthn-utils.js +343 -0
package/lib/vendored/cookie.d.ts +120 -0
package/lib/vendored/cookie.d.ts.map +1 -0
package/lib/vendored/cookie.js +237 -0
package/package.json +118 -0
package/providers/42-school.d.ts +240 -0
package/providers/42-school.d.ts.map +1 -0
package/providers/42-school.js +78 -0
package/providers/apple.d.ts +149 -0
package/providers/apple.d.ts.map +1 -0
package/providers/apple.js +104 -0
package/providers/asgardeo.d.ts +102 -0
package/providers/asgardeo.d.ts.map +1 -0
package/providers/asgardeo.js +93 -0
package/providers/atlassian.d.ts +94 -0
package/providers/atlassian.d.ts.map +1 -0
package/providers/atlassian.js +84 -0
package/providers/auth0.d.ts +116 -0
package/providers/auth0.d.ts.map +1 -0
package/providers/auth0.js +49 -0
package/providers/authentik.d.ts +90 -0
package/providers/authentik.d.ts.map +1 -0
package/providers/authentik.js +65 -0
package/providers/azure-ad-b2c.d.ts +104 -0
package/providers/azure-ad-b2c.d.ts.map +1 -0
package/providers/azure-ad-b2c.js +100 -0
package/providers/azure-ad.d.ts +19 -0
package/providers/azure-ad.d.ts.map +1 -0
package/providers/azure-ad.js +23 -0
package/providers/azure-devops.d.ts +128 -0
package/providers/azure-devops.d.ts.map +1 -0
package/providers/azure-devops.js +158 -0
package/providers/bankid-no.d.ts +134 -0
package/providers/bankid-no.d.ts.map +1 -0
package/providers/bankid-no.js +65 -0
package/providers/battlenet.d.ts +85 -0
package/providers/battlenet.d.ts.map +1 -0
package/providers/battlenet.js +81 -0
package/providers/beyondidentity.d.ts +77 -0
package/providers/beyondidentity.d.ts.map +1 -0
package/providers/beyondidentity.js +84 -0
package/providers/bitbucket.d.ts +89 -0
package/providers/bitbucket.d.ts.map +1 -0
package/providers/bitbucket.js +92 -0
package/providers/box.d.ts +63 -0
package/providers/box.d.ts.map +1 -0
package/providers/box.js +73 -0
package/providers/boxyhq-saml.d.ts +121 -0
package/providers/boxyhq-saml.d.ts.map +1 -0
package/providers/boxyhq-saml.js +127 -0
package/providers/bungie.d.ts +167 -0
package/providers/bungie.d.ts.map +1 -0
package/providers/bungie.js +174 -0
package/providers/click-up.d.ts +75 -0
package/providers/click-up.d.ts.map +1 -0
package/providers/click-up.js +89 -0
package/providers/cognito.d.ts +81 -0
package/providers/cognito.d.ts.map +1 -0
package/providers/cognito.js +73 -0
package/providers/coinbase.d.ts +69 -0
package/providers/coinbase.d.ts.map +1 -0
package/providers/coinbase.js +78 -0
package/providers/concept2.d.ts +81 -0
package/providers/concept2.d.ts.map +1 -0
package/providers/concept2.js +86 -0
package/providers/credentials.d.ts +132 -0
package/providers/credentials.d.ts.map +1 -0
package/providers/credentials.js +74 -0
package/providers/descope.d.ts +91 -0
package/providers/descope.d.ts.map +1 -0
package/providers/descope.js +78 -0
package/providers/discord.d.ts +139 -0
package/providers/discord.d.ts.map +1 -0
package/providers/discord.js +86 -0
package/providers/dribbble.d.ts +88 -0
package/providers/dribbble.d.ts.map +1 -0
package/providers/dribbble.js +85 -0
package/providers/dropbox.d.ts +65 -0
package/providers/dropbox.d.ts.map +1 -0
package/providers/dropbox.js +88 -0
package/providers/duende-identity-server6.d.ts +91 -0
package/providers/duende-identity-server6.d.ts.map +1 -0
package/providers/duende-identity-server6.js +80 -0
package/providers/email.d.ts +41 -0
package/providers/email.d.ts.map +1 -0
package/providers/email.js +18 -0
package/providers/eventbrite.d.ts +78 -0
package/providers/eventbrite.d.ts.map +1 -0
package/providers/eventbrite.js +88 -0
package/providers/eveonline.d.ts +94 -0
package/providers/eveonline.d.ts.map +1 -0
package/providers/eveonline.js +92 -0
package/providers/facebook.d.ts +84 -0
package/providers/facebook.d.ts.map +1 -0
package/providers/facebook.js +93 -0
package/providers/faceit.d.ts +64 -0
package/providers/faceit.d.ts.map +1 -0
package/providers/faceit.js +74 -0
package/providers/figma.d.ts +75 -0
package/providers/figma.d.ts.map +1 -0
package/providers/figma.js +81 -0
package/providers/forwardemail.d.ts +4 -0
package/providers/forwardemail.d.ts.map +1 -0
package/providers/forwardemail.js +32 -0
package/providers/foursquare.d.ts +71 -0
package/providers/foursquare.d.ts.map +1 -0
package/providers/foursquare.js +91 -0
package/providers/freshbooks.d.ts +66 -0
package/providers/freshbooks.d.ts.map +1 -0
package/providers/freshbooks.js +76 -0
package/providers/frontegg.d.ts +95 -0
package/providers/frontegg.d.ts.map +1 -0
package/providers/frontegg.js +88 -0
package/providers/fusionauth.d.ts +279 -0
package/providers/fusionauth.d.ts.map +1 -0
package/providers/fusionauth.js +292 -0
package/providers/github.d.ts +127 -0
package/providers/github.d.ts.map +1 -0
package/providers/github.js +115 -0
package/providers/gitlab.d.ts +115 -0
package/providers/gitlab.d.ts.map +1 -0
package/providers/gitlab.js +75 -0
package/providers/google.d.ts +138 -0
package/providers/google.d.ts.map +1 -0
package/providers/google.js +119 -0
package/providers/hubspot.d.ts +76 -0
package/providers/hubspot.d.ts.map +1 -0
package/providers/hubspot.js +93 -0
package/providers/huggingface.d.ts +216 -0
package/providers/huggingface.d.ts.map +1 -0
package/providers/huggingface.js +101 -0
package/providers/identity-server4.d.ts +69 -0
package/providers/identity-server4.d.ts.map +1 -0
package/providers/identity-server4.js +64 -0
package/providers/index.d.ts +61 -0
package/providers/index.d.ts.map +1 -0
package/providers/index.js +3 -0
package/providers/instagram.d.ts +74 -0
package/providers/instagram.d.ts.map +1 -0
package/providers/instagram.js +87 -0
package/providers/kakao.d.ts +148 -0
package/providers/kakao.d.ts.map +1 -0
package/providers/kakao.js +103 -0
package/providers/keycloak.d.ts +100 -0
package/providers/keycloak.d.ts.map +1 -0
package/providers/keycloak.js +73 -0
package/providers/kinde.d.ts +73 -0
package/providers/kinde.d.ts.map +1 -0
package/providers/kinde.js +51 -0
package/providers/line.d.ts +83 -0
package/providers/line.d.ts.map +1 -0
package/providers/line.js +73 -0
package/providers/linkedin.d.ts +77 -0
package/providers/linkedin.d.ts.map +1 -0
package/providers/linkedin.js +65 -0
package/providers/logto.d.ts +98 -0
package/providers/logto.d.ts.map +1 -0
package/providers/logto.js +81 -0
package/providers/loops.d.ts +40 -0
package/providers/loops.d.ts.map +1 -0
package/providers/loops.js +59 -0
package/providers/mailchimp.d.ts +66 -0
package/providers/mailchimp.d.ts.map +1 -0
package/providers/mailchimp.js +76 -0
package/providers/mailgun.d.ts +55 -0
package/providers/mailgun.d.ts.map +1 -0
package/providers/mailgun.js +74 -0
package/providers/mailru.d.ts +63 -0
package/providers/mailru.d.ts.map +1 -0
package/providers/mailru.js +61 -0
package/providers/mastodon.d.ts +90 -0
package/providers/mastodon.d.ts.map +1 -0
package/providers/mastodon.js +75 -0
package/providers/mattermost.d.ts +132 -0
package/providers/mattermost.d.ts.map +1 -0
package/providers/mattermost.js +83 -0
package/providers/medium.d.ts +68 -0
package/providers/medium.d.ts.map +1 -0
package/providers/medium.js +84 -0
package/providers/microsoft-entra-id.d.ts +428 -0
package/providers/microsoft-entra-id.d.ts.map +1 -0
package/providers/microsoft-entra-id.js +156 -0
package/providers/naver.d.ts +80 -0
package/providers/naver.d.ts.map +1 -0
package/providers/naver.js +79 -0
package/providers/netlify.d.ts +66 -0
package/providers/netlify.d.ts.map +1 -0
package/providers/netlify.js +85 -0
package/providers/netsuite.d.ts +189 -0
package/providers/netsuite.d.ts.map +1 -0
package/providers/netsuite.js +170 -0
package/providers/nextcloud.d.ts +150 -0
package/providers/nextcloud.d.ts.map +1 -0
package/providers/nextcloud.js +99 -0
package/providers/nodemailer.d.ts +27 -0
package/providers/nodemailer.d.ts.map +1 -0
package/providers/nodemailer.js +34 -0
package/providers/notion.d.ts +99 -0
package/providers/notion.d.ts.map +1 -0
package/providers/notion.js +110 -0
package/providers/oauth.d.ts +188 -0
package/providers/oauth.d.ts.map +1 -0
package/providers/oauth.js +1 -0
package/providers/okta.d.ts +99 -0
package/providers/okta.d.ts.map +1 -0
package/providers/okta.js +63 -0
package/providers/onelogin.d.ts +65 -0
package/providers/onelogin.d.ts.map +1 -0
package/providers/onelogin.js +61 -0
package/providers/ory-hydra.d.ts +79 -0
package/providers/ory-hydra.d.ts.map +1 -0
package/providers/ory-hydra.js +67 -0
package/providers/osso.d.ts +79 -0
package/providers/osso.d.ts.map +1 -0
package/providers/osso.js +77 -0
package/providers/osu.d.ts +116 -0
package/providers/osu.d.ts.map +1 -0
package/providers/osu.js +75 -0
package/providers/passage.d.ts +88 -0
package/providers/passage.d.ts.map +1 -0
package/providers/passage.js +75 -0
package/providers/passkey.d.ts +65 -0
package/providers/passkey.d.ts.map +1 -0
package/providers/passkey.js +87 -0
package/providers/patreon.d.ts +73 -0
package/providers/patreon.d.ts.map +1 -0
package/providers/patreon.js +77 -0
package/providers/ping-id.d.ts +57 -0
package/providers/ping-id.d.ts.map +1 -0
package/providers/ping-id.js +40 -0
package/providers/pinterest.d.ts +79 -0
package/providers/pinterest.d.ts.map +1 -0
package/providers/pinterest.js +85 -0
package/providers/pipedrive.d.ts +99 -0
package/providers/pipedrive.d.ts.map +1 -0
package/providers/pipedrive.js +71 -0
package/providers/postmark.d.ts +4 -0
package/providers/postmark.d.ts.map +1 -0
package/providers/postmark.js +36 -0
package/providers/provider-types.d.ts +3 -0
package/providers/provider-types.d.ts.map +1 -0
package/providers/provider-types.js +1 -0
package/providers/reddit.d.ts +88 -0
package/providers/reddit.d.ts.map +1 -0
package/providers/reddit.js +90 -0
package/providers/resend.d.ts +4 -0
package/providers/resend.d.ts.map +1 -0
package/providers/resend.js +32 -0
package/providers/roblox.d.ts +67 -0
package/providers/roblox.d.ts.map +1 -0
package/providers/roblox.js +53 -0
package/providers/salesforce.d.ts +59 -0
package/providers/salesforce.d.ts.map +1 -0
package/providers/salesforce.js +52 -0
package/providers/sendgrid.d.ts +4 -0
package/providers/sendgrid.d.ts.map +1 -0
package/providers/sendgrid.js +35 -0
package/providers/simplelogin.d.ts +87 -0
package/providers/simplelogin.d.ts.map +1 -0
package/providers/simplelogin.js +83 -0
package/providers/slack.d.ts +102 -0
package/providers/slack.d.ts.map +1 -0
package/providers/slack.js +69 -0
package/providers/spotify.d.ts +75 -0
package/providers/spotify.d.ts.map +1 -0
package/providers/spotify.js +73 -0
package/providers/strava.d.ts +68 -0
package/providers/strava.d.ts.map +1 -0
package/providers/strava.js +80 -0
package/providers/threads.d.ts +108 -0
package/providers/threads.d.ts.map +1 -0
package/providers/threads.js +89 -0
package/providers/tiktok.d.ts +248 -0
package/providers/tiktok.d.ts.map +1 -0
package/providers/tiktok.js +195 -0
package/providers/todoist.d.ts +76 -0
package/providers/todoist.d.ts.map +1 -0
package/providers/todoist.js +97 -0
package/providers/trakt.d.ts +93 -0
package/providers/trakt.d.ts.map +1 -0
package/providers/trakt.js +91 -0
package/providers/twitch.d.ts +71 -0
package/providers/twitch.d.ts.map +1 -0
package/providers/twitch.js +96 -0
package/providers/twitter.d.ts +183 -0
package/providers/twitter.d.ts.map +1 -0
package/providers/twitter.js +100 -0
package/providers/united-effects.d.ts +80 -0
package/providers/united-effects.d.ts.map +1 -0
package/providers/united-effects.js +72 -0
package/providers/vipps.d.ts +71 -0
package/providers/vipps.d.ts.map +1 -0
package/providers/vipps.js +33 -0
package/providers/vk.d.ts +334 -0
package/providers/vk.d.ts.map +1 -0
package/providers/vk.js +103 -0
package/providers/webauthn.d.ts +148 -0
package/providers/webauthn.d.ts.map +1 -0
package/providers/webauthn.js +128 -0
package/providers/webex.d.ts +78 -0
package/providers/webex.d.ts.map +1 -0
package/providers/webex.js +73 -0
package/providers/wechat.d.ts +78 -0
package/providers/wechat.d.ts.map +1 -0
package/providers/wechat.js +105 -0
package/providers/wikimedia.d.ts +99 -0
package/providers/wikimedia.d.ts.map +1 -0
package/providers/wikimedia.js +90 -0
package/providers/wordpress.d.ts +65 -0
package/providers/wordpress.d.ts.map +1 -0
package/providers/wordpress.js +71 -0
package/providers/workos.d.ts +154 -0
package/providers/workos.d.ts.map +1 -0
package/providers/workos.js +143 -0
package/providers/yandex.d.ts +131 -0
package/providers/yandex.d.ts.map +1 -0
package/providers/yandex.js +80 -0
package/providers/zitadel.d.ts +117 -0
package/providers/zitadel.d.ts.map +1 -0
package/providers/zitadel.js +95 -0
package/providers/zoho.d.ts +63 -0
package/providers/zoho.d.ts.map +1 -0
package/providers/zoho.js +79 -0
package/providers/zoom.d.ts +93 -0
package/providers/zoom.d.ts.map +1 -0
package/providers/zoom.js +82 -0
package/src/adapters/server-actions-helpers.ts +126 -0
package/src/adapters.ts +603 -0
package/src/errors.ts +551 -0
package/src/index.ts +689 -0
package/src/jwt.ts +283 -0
package/src/lib/actions/callback/handle-login.ts +334 -0
package/src/lib/actions/callback/index.ts +554 -0
package/src/lib/actions/callback/oauth/callback.ts +347 -0
package/src/lib/actions/callback/oauth/checks.ts +258 -0
package/src/lib/actions/callback/oauth/csrf-token.ts +60 -0
package/src/lib/actions/index.ts +5 -0
package/src/lib/actions/session.ts +167 -0
package/src/lib/actions/signin/authorization-url.ts +123 -0
package/src/lib/actions/signin/index.ts +37 -0
package/src/lib/actions/signin/send-token.ts +124 -0
package/src/lib/actions/signout.ts +38 -0
package/src/lib/actions/webauthn-options.ts +100 -0
package/src/lib/index.ts +97 -0
package/src/lib/init.ts +236 -0
package/src/lib/pages/error.tsx +106 -0
package/src/lib/pages/index.ts +181 -0
package/src/lib/pages/signin.tsx +255 -0
package/src/lib/pages/signout.tsx +49 -0
package/src/lib/pages/styles.css +377 -0
package/src/lib/pages/styles.ts +381 -0
package/src/lib/pages/verify-request.tsx +36 -0
package/src/lib/symbols.ts +60 -0
package/src/lib/utils/actions.ts +17 -0
package/src/lib/utils/assert.ts +259 -0
package/src/lib/utils/callback-url.ts +42 -0
package/src/lib/utils/cookie.ts +248 -0
package/src/lib/utils/date.ts +8 -0
package/src/lib/utils/email.ts +65 -0
package/src/lib/utils/env.ts +113 -0
package/src/lib/utils/logger.ts +75 -0
package/src/lib/utils/merge.ts +30 -0
package/src/lib/utils/providers.ts +203 -0
package/src/lib/utils/session.ts +41 -0
package/src/lib/utils/web.ts +151 -0
package/src/lib/utils/webauthn-client.js +229 -0
package/src/lib/utils/webauthn-utils.ts +531 -0
package/src/lib/vendored/cookie.ts +383 -0
package/src/providers/42-school.ts +256 -0
package/src/providers/apple.ts +206 -0
package/src/providers/asgardeo.ts +118 -0
package/src/providers/atlassian.ts +120 -0
package/src/providers/auth0.ts +127 -0
package/src/providers/authentik.ts +100 -0
package/src/providers/azure-ad-b2c.ts +124 -0
package/src/providers/azure-ad.ts +30 -0
package/src/providers/azure-devops.ts +184 -0
package/src/providers/bankid-no.ts +161 -0
package/src/providers/battlenet.ts +107 -0
package/src/providers/beyondidentity.ts +102 -0
package/src/providers/bitbucket.ts +122 -0
package/src/providers/box.ts +87 -0
package/src/providers/boxyhq-saml.ts +148 -0
package/src/providers/bungie.ts +192 -0
package/src/providers/click-up.ts +104 -0
package/src/providers/cognito.ts +94 -0
package/src/providers/coinbase.ts +93 -0
package/src/providers/concept2.ts +108 -0
package/src/providers/credentials.ts +157 -0
package/src/providers/descope.ts +105 -0
package/src/providers/discord.ts +176 -0
package/src/providers/dribbble.ts +122 -0
package/src/providers/dropbox.ts +102 -0
package/src/providers/duende-identity-server6.ts +101 -0
package/src/providers/email.ts +60 -0
package/src/providers/eventbrite.ts +105 -0
package/src/providers/eveonline.ts +117 -0
package/src/providers/facebook.ts +119 -0
package/src/providers/faceit.ts +90 -0
package/src/providers/figma.ts +105 -0
package/src/providers/forwardemail.ts +37 -0
package/src/providers/foursquare.ts +105 -0
package/src/providers/freshbooks.ts +90 -0
package/src/providers/frontegg.ts +111 -0
package/src/providers/fusionauth.ts +336 -0
package/src/providers/github.ts +187 -0
package/src/providers/gitlab.ts +140 -0
package/src/providers/google.ts +152 -0
package/src/providers/hubspot.ts +117 -0
package/src/providers/huggingface.ts +234 -0
package/src/providers/identity-server4.ts +78 -0
package/src/providers/index.ts +115 -0
package/src/providers/instagram.ts +103 -0
package/src/providers/kakao.ts +184 -0
package/src/providers/keycloak.ts +111 -0
package/src/providers/kinde.ts +85 -0
package/src/providers/line.ts +99 -0
package/src/providers/linkedin.ts +91 -0
package/src/providers/logto.ts +122 -0
package/src/providers/loops.ts +79 -0
package/src/providers/mailchimp.ts +90 -0
package/src/providers/mailgun.ts +98 -0
package/src/providers/mailru.ts +75 -0
package/src/providers/mastodon.ts +112 -0
package/src/providers/mattermost.ts +154 -0
package/src/providers/medium.ts +89 -0
package/src/providers/microsoft-entra-id.ts +497 -0
package/src/providers/naver.ts +102 -0
package/src/providers/netlify.ts +90 -0
package/src/providers/netsuite.ts +225 -0
package/src/providers/nextcloud.ts +207 -0
package/src/providers/nodemailer.ts +84 -0
package/src/providers/notion.ts +166 -0
package/src/providers/oauth.ts +310 -0
package/src/providers/okta.ts +111 -0
package/src/providers/onelogin.ts +75 -0
package/src/providers/ory-hydra.ts +93 -0
package/src/providers/osso.ts +91 -0
package/src/providers/osu.ts +138 -0
package/src/providers/passage.ts +103 -0
package/src/providers/passkey.ts +94 -0
package/src/providers/patreon.ts +98 -0
package/src/providers/ping-id.ts +68 -0
package/src/providers/pinterest.ts +106 -0
package/src/providers/pipedrive.ts +120 -0
package/src/providers/postmark.ts +38 -0
package/src/providers/provider-types.ts +107 -0
package/src/providers/reddit.ts +104 -0
package/src/providers/resend.ts +35 -0
package/src/providers/roblox.ts +94 -0
package/src/providers/salesforce.ts +73 -0
package/src/providers/sendgrid.ts +36 -0
package/src/providers/simplelogin.ts +107 -0
package/src/providers/slack.ts +115 -0
package/src/providers/spotify.ts +99 -0
package/src/providers/strava.ts +101 -0
package/src/providers/threads.ts +135 -0
package/src/providers/tiktok.ts +319 -0
package/src/providers/todoist.ts +122 -0
package/src/providers/trakt.ts +120 -0
package/src/providers/twitch.ts +121 -0
package/src/providers/twitter.ts +207 -0
package/src/providers/united-effects.ts +89 -0
package/src/providers/vipps.ts +86 -0
package/src/providers/vk.ts +401 -0
package/src/providers/webauthn.ts +296 -0
package/src/providers/webex.ts +102 -0
package/src/providers/wechat.ts +141 -0
package/src/providers/wikimedia.ts +258 -0
package/src/providers/wordpress.ts +86 -0
package/src/providers/workos.ts +180 -0
package/src/providers/yandex.ts +159 -0
package/src/providers/zitadel.ts +128 -0
package/src/providers/zoho.ts +84 -0
package/src/providers/zoom.ts +119 -0
package/src/types.ts +430 -0
package/src/warnings.ts +21 -0
package/types.d.ts +309 -0
package/types.d.ts.map +1 -0
package/types.js +53 -0
package/warnings.d.ts +17 -0
package/warnings.d.ts.map +1 -0
package/warnings.js +1 -0

package/index.js ADDED Viewed

@@ -0,0 +1,142 @@
+/**
+ *
+ * :::warning Experimental
+ * `@mulverse/mulguard-core` is under active development.
+ * :::
+ *
+ * This is the main entry point to the MulGuard library.
+ *
+ * Based on the {@link https://developer.mozilla.org/en-US/docs/Web/API/Request Request}
+ * and {@link https://developer.mozilla.org/en-US/docs/Web/API/Response Response} Web standard APIs.
+ * Primarily used to implement framework-specific packages,
+ * but it can also be used directly.
+ *
+ * ## Installation
+ *
+ * ```bash npm2yarn
+ * npm install @mulverse/mulguard-core
+ * ```
+ *
+ * ## Usage
+ *
+ * ```ts
+ * import { Auth } from "@mulverse/mulguard-core"
+ *
+ * const request = new Request("https://example.com")
+ * const response = await Auth(request, {...})
+ *
+ * console.log(response instanceof Response) // true
+ * ```
+ *
+ * ## Resources
+ *
+ * - [Getting started](https://authjs.dev/getting-started)
+ * - [Guides](https://authjs.dev/guides)
+ *
+ * @module @mulverse/mulguard-core
+ */
+import { assertConfig } from "./lib/utils/assert.js";
+import { AuthError, CredentialsSignin, ErrorPageLoop, isClientError, } from "./errors.js";
+import { AuthInternal, raw, skipCSRFCheck } from "./lib/index.js";
+import { setEnvDefaults, createActionURL } from "./lib/utils/env.js";
+import renderPage from "./lib/pages/index.js";
+import { setLogger } from "./lib/utils/logger.js";
+import { toInternalRequest, toResponse } from "./lib/utils/web.js";
+import { isAuthAction } from "./lib/utils/actions.js";
+export { customFetch } from "./lib/symbols.js";
+export { skipCSRFCheck, raw, setEnvDefaults, createActionURL, isAuthAction };
+/**
+ * Core functionality provided by Auth.js.
+ *
+ * Receives a standard {@link Request} and returns a {@link Response}.
+ *
+ * @example
+ * ```ts
+ * import { Auth } from "@mulverse/mulguard-core"
+ *
+ * const request = new Request("https://example.com")
+ * const response = await Auth(request, {
+ *   providers: [Google],
+ *   secret: "...",
+ *   trustHost: true,
+ * })
+ *```
+ * @see [Documentation](https://authjs.dev)
+ */
+export async function Auth(request, config) {
+    const logger = setLogger(config);
+    const internalRequest = await toInternalRequest(request, config);
+    // There was an error parsing the request
+    if (!internalRequest)
+        return Response.json(`Bad request.`, { status: 400 });
+    const warningsOrError = assertConfig(internalRequest, config);
+    if (Array.isArray(warningsOrError)) {
+        warningsOrError.forEach(logger.warn);
+    }
+    else if (warningsOrError) {
+        // If there's an error in the user config, bail out early
+        logger.error(warningsOrError);
+        const htmlPages = new Set([
+            "signin",
+            "signout",
+            "error",
+            "verify-request",
+        ]);
+        if (!htmlPages.has(internalRequest.action) ||
+            internalRequest.method !== "GET") {
+            const message = "There was a problem with the server configuration. Check the server logs for more information.";
+            return Response.json({ message }, { status: 500 });
+        }
+        const { pages, theme } = config;
+        // If this is true, the config required auth on the error page
+        // which could cause a redirect loop
+        const authOnErrorPage = pages?.error &&
+            internalRequest.url.searchParams
+                .get("callbackUrl")
+                ?.startsWith(pages.error);
+        // Either there was no error page configured or the configured one contains infinite redirects
+        if (!pages?.error || authOnErrorPage) {
+            if (authOnErrorPage) {
+                logger.error(new ErrorPageLoop(`The error page ${pages?.error} should not require authentication`));
+            }
+            const page = renderPage({ theme }).error("Configuration");
+            return toResponse(page);
+        }
+        const url = `${internalRequest.url.origin}${pages.error}?error=Configuration`;
+        return Response.redirect(url);
+    }
+    const isRedirect = request.headers?.has("X-Auth-Return-Redirect");
+    const isRaw = config.raw === raw;
+    try {
+        const internalResponse = await AuthInternal(internalRequest, config);
+        if (isRaw)
+            return internalResponse;
+        const response = toResponse(internalResponse);
+        const url = response.headers.get("Location");
+        if (!isRedirect || !url)
+            return response;
+        return Response.json({ url }, { headers: response.headers });
+    }
+    catch (e) {
+        const error = e;
+        logger.error(error);
+        const isAuthError = error instanceof AuthError;
+        if (isAuthError && isRaw && !isRedirect)
+            throw error;
+        // If the CSRF check failed for POST/session, return a 400 status code.
+        // We should not redirect to a page as this is an API route
+        if (request.method === "POST" && internalRequest.action === "session")
+            return Response.json(null, { status: 400 });
+        const isClientSafeErrorType = isClientError(error);
+        const type = isClientSafeErrorType ? error.type : "Configuration";
+        const params = new URLSearchParams({ error: type });
+        if (error instanceof CredentialsSignin)
+            params.set("code", error.code);
+        const pageKind = (isAuthError && error.kind) || "error";
+        const pagePath = config.pages?.[pageKind] ?? `${config.basePath}/${pageKind.toLowerCase()}`;
+        const url = `${internalRequest.url.origin}${pagePath}?${params}`;
+        if (isRedirect)
+            return Response.json({ url });
+        return Response.redirect(url);
+    }
+}

package/jwt.d.ts ADDED Viewed

@@ -0,0 +1,132 @@
+/**
+ *
+ *
+ * This module contains functions and types
+ * to encode and decode {@link https://authjs.dev/concepts/session-strategies#jwt-session JWT}s
+ * issued and used by Auth.js.
+ *
+ * The JWT issued by Auth.js is _encrypted by default_, using the _A256CBC-HS512_ algorithm ({@link https://www.rfc-editor.org/rfc/rfc7518.html#section-5.2.5 JWE}).
+ * It uses the `AUTH_SECRET` environment variable or the passed `secret` property to derive a suitable encryption key.
+ *
+ * :::info Note
+ * Auth.js JWTs are meant to be used by the same app that issued them.
+ * If you need JWT authentication for your third-party API, you should rely on your Identity Provider instead.
+ * :::
+ *
+ * ## Installation
+ *
+ * ```bash npm2yarn
+ * npm install @auth/core
+ * ```
+ *
+ * You can then import this submodule from `@auth/core/jwt`.
+ *
+ * ## Usage
+ *
+ * :::warning Warning
+ * This module *will* be refactored/changed. We do not recommend relying on it right now.
+ * :::
+ *
+ *
+ * ## Resources
+ *
+ * - [What is a JWT session strategy](https://authjs.dev/concepts/session-strategies#jwt-session)
+ * - [RFC7519 - JSON Web Token (JWT)](https://www.rfc-editor.org/rfc/rfc7519)
+ *
+ * @module jwt
+ */
+import { Awaitable } from "./types.js";
+import type { LoggerInstance } from "./lib/utils/logger.js";
+/** Issues a JWT. By default, the JWT is encrypted using "A256CBC-HS512". */
+export declare function encode<Payload = JWT>(params: JWTEncodeParams<Payload>): Promise<string>;
+/** Decodes an Auth.js issued JWT. */
+export declare function decode<Payload = JWT>(params: JWTDecodeParams): Promise<Payload | null>;
+type GetTokenParamsBase = {
+    secret?: JWTDecodeParams["secret"];
+    salt?: JWTDecodeParams["salt"];
+};
+export interface GetTokenParams<R extends boolean = false> extends GetTokenParamsBase {
+    /** The request containing the JWT either in the cookies or in the `Authorization` header. */
+    req: Request | {
+        headers: Headers | Record<string, string>;
+    };
+    /**
+     * Use secure prefix for cookie name, unless URL in `NEXTAUTH_URL` is http://
+     * or not set (e.g. development or test instance) case use unprefixed name
+     */
+    secureCookie?: boolean;
+    /** If the JWT is in the cookie, what name `getToken()` should look for. */
+    cookieName?: string;
+    /**
+     * `getToken()` will return the raw JWT if this is set to `true`
+     *
+     * @default false
+     */
+    raw?: R;
+    decode?: JWTOptions["decode"];
+    logger?: LoggerInstance | Console;
+}
+/**
+ * Takes an Auth.js request (`req`) and returns either the Auth.js issued JWT's payload,
+ * or the raw JWT string. We look for the JWT in the either the cookies, or the `Authorization` header.
+ */
+export declare function getToken<R extends boolean = false>(params: GetTokenParams<R>): Promise<R extends true ? string : JWT | null>;
+export interface DefaultJWT extends Record<string, unknown> {
+    name?: string | null;
+    email?: string | null;
+    picture?: string | null;
+    sub?: string;
+    iat?: number;
+    exp?: number;
+    jti?: string;
+}
+/**
+ * Returned by the `jwt` callback when using JWT sessions
+ *
+ * [`jwt` callback](https://authjs.dev/reference/core/types#jwt)
+ */
+export interface JWT extends Record<string, unknown>, DefaultJWT {
+}
+export interface JWTEncodeParams<Payload = JWT> {
+    /**
+     * The maximum age of the Auth.js issued JWT in seconds.
+     *
+     * @default 30 * 24 * 60 * 60 // 30 days
+     */
+    maxAge?: number;
+    /** Used in combination with `secret`, to derive the encryption secret for JWTs. */
+    salt: string;
+    /** Used in combination with `salt`, to derive the encryption secret for JWTs. */
+    secret: string | string[];
+    /** The JWT payload. */
+    token?: Payload;
+}
+export interface JWTDecodeParams {
+    /** Used in combination with `secret`, to derive the encryption secret for JWTs. */
+    salt: string;
+    /**
+     * Used in combination with `salt`, to derive the encryption secret for JWTs.
+     *
+     * @note
+     * You can also pass an array of secrets, in which case the first secret that successfully
+     * decrypts the JWT will be used. This is useful for rotating secrets without invalidating existing sessions.
+     * The newer secret should be added to the start of the array, which will be used for all new sessions.
+     */
+    secret: string | string[];
+    /** The Auth.js issued JWT to be decoded */
+    token?: string;
+}
+export interface JWTOptions {
+    /**
+     * The maximum age of the Auth.js issued JWT in seconds.
+     *
+     * @default 30 * 24 * 60 * 60 // 30 days
+     */
+    maxAge: number;
+    /** Override this method to control the Auth.js issued JWT encoding. */
+    encode: (params: JWTEncodeParams) => Awaitable<string>;
+    /** Override this method to control the Auth.js issued JWT decoding. */
+    decode: (params: JWTDecodeParams) => Awaitable<JWT | null>;
+}
+export {};
+//# sourceMappingURL=jwt.d.ts.map

package/jwt.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["src/jwt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAKH,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AACtC,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AAa3D,4EAA4E;AAC5E,wBAAsB,MAAM,CAAC,OAAO,GAAG,GAAG,EAAE,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,mBAgB3E;AAED,qCAAqC;AACrC,wBAAsB,MAAM,CAAC,OAAO,GAAG,GAAG,EACxC,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CA+BzB;AAED,KAAK,kBAAkB,GAAG;IACxB,MAAM,CAAC,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAA;IAClC,IAAI,CAAC,EAAE,eAAe,CAAC,MAAM,CAAC,CAAA;CAC/B,CAAA;AAED,MAAM,WAAW,cAAc,CAAC,CAAC,SAAS,OAAO,GAAG,KAAK,CACvD,SAAQ,kBAAkB;IAC1B,6FAA6F;IAC7F,GAAG,EAAE,OAAO,GAAG;QAAE,OAAO,EAAE,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,CAAA;IAC5D;;;OAGG;IACH,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,2EAA2E;IAC3E,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;OAIG;IACH,GAAG,CAAC,EAAE,CAAC,CAAA;IACP,MAAM,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;IAC7B,MAAM,CAAC,EAAE,cAAc,GAAG,OAAO,CAAA;CAClC;AAED;;;GAGG;AACH,wBAAsB,QAAQ,CAAC,CAAC,SAAS,OAAO,GAAG,KAAK,EACtD,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,GACxB,OAAO,CAAC,CAAC,SAAS,IAAI,GAAG,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,CAAA;AA0EhD,MAAM,WAAW,UAAW,SAAQ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IACzD,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED;;;;GAIG;AACH,MAAM,WAAW,GAAI,SAAQ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,UAAU;CAAG;AAEnE,MAAM,WAAW,eAAe,CAAC,OAAO,GAAG,GAAG;IAC5C;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,mFAAmF;IACnF,IAAI,EAAE,MAAM,CAAA;IACZ,iFAAiF;IACjF,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IACzB,uBAAuB;IACvB,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,WAAW,eAAe;IAC9B,mFAAmF;IACnF,IAAI,EAAE,MAAM,CAAA;IACZ;;;;;;;OAOG;IACH,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IACzB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,UAAU;IAQzB;;;;OAIG;IACH,MAAM,EAAE,MAAM,CAAA;IACd,uEAAuE;IACvE,MAAM,EAAE,CAAC,MAAM,EAAE,eAAe,KAAK,SAAS,CAAC,MAAM,CAAC,CAAA;IACtD,uEAAuE;IACvE,MAAM,EAAE,CAAC,MAAM,EAAE,eAAe,KAAK,SAAS,CAAC,GAAG,GAAG,IAAI,CAAC,CAAA;CAC3D"}

package/jwt.js ADDED Viewed

@@ -0,0 +1,123 @@
+/**
+ *
+ *
+ * This module contains functions and types
+ * to encode and decode {@link https://authjs.dev/concepts/session-strategies#jwt-session JWT}s
+ * issued and used by Auth.js.
+ *
+ * The JWT issued by Auth.js is _encrypted by default_, using the _A256CBC-HS512_ algorithm ({@link https://www.rfc-editor.org/rfc/rfc7518.html#section-5.2.5 JWE}).
+ * It uses the `AUTH_SECRET` environment variable or the passed `secret` property to derive a suitable encryption key.
+ *
+ * :::info Note
+ * Auth.js JWTs are meant to be used by the same app that issued them.
+ * If you need JWT authentication for your third-party API, you should rely on your Identity Provider instead.
+ * :::
+ *
+ * ## Installation
+ *
+ * ```bash npm2yarn
+ * npm install @auth/core
+ * ```
+ *
+ * You can then import this submodule from `@auth/core/jwt`.
+ *
+ * ## Usage
+ *
+ * :::warning Warning
+ * This module *will* be refactored/changed. We do not recommend relying on it right now.
+ * :::
+ *
+ *
+ * ## Resources
+ *
+ * - [What is a JWT session strategy](https://authjs.dev/concepts/session-strategies#jwt-session)
+ * - [RFC7519 - JSON Web Token (JWT)](https://www.rfc-editor.org/rfc/rfc7519)
+ *
+ * @module jwt
+ */
+import { hkdf } from "@panva/hkdf";
+import { EncryptJWT, base64url, calculateJwkThumbprint, jwtDecrypt } from "jose";
+import { defaultCookies, SessionStore } from "./lib/utils/cookie.js";
+import { MissingSecret } from "./errors.js";
+import * as cookie from "./lib/vendored/cookie.js";
+const { parse: parseCookie } = cookie;
+const DEFAULT_MAX_AGE = 30 * 24 * 60 * 60; // 30 days
+const now = () => (Date.now() / 1000) | 0;
+const alg = "dir";
+const enc = "A256CBC-HS512";
+/** Issues a JWT. By default, the JWT is encrypted using "A256CBC-HS512". */
+export async function encode(params) {
+    const { token = {}, secret, maxAge = DEFAULT_MAX_AGE, salt } = params;
+    const secrets = Array.isArray(secret) ? secret : [secret];
+    const encryptionSecret = await getDerivedEncryptionKey(enc, secrets[0], salt);
+    const thumbprint = await calculateJwkThumbprint({ kty: "oct", k: base64url.encode(encryptionSecret) }, `sha${encryptionSecret.byteLength << 3}`);
+    // @ts-expect-error `jose` allows any object as payload.
+    return await new EncryptJWT(token)
+        .setProtectedHeader({ alg, enc, kid: thumbprint })
+        .setIssuedAt()
+        .setExpirationTime(now() + maxAge)
+        .setJti(crypto.randomUUID())
+        .encrypt(encryptionSecret);
+}
+/** Decodes an Auth.js issued JWT. */
+export async function decode(params) {
+    const { token, secret, salt } = params;
+    const secrets = Array.isArray(secret) ? secret : [secret];
+    if (!token)
+        return null;
+    const { payload } = await jwtDecrypt(token, async ({ kid, enc }) => {
+        for (const secret of secrets) {
+            const encryptionSecret = await getDerivedEncryptionKey(enc, secret, salt);
+            if (kid === undefined)
+                return encryptionSecret;
+            const thumbprint = await calculateJwkThumbprint({ kty: "oct", k: base64url.encode(encryptionSecret) }, `sha${encryptionSecret.byteLength << 3}`);
+            if (kid === thumbprint)
+                return encryptionSecret;
+        }
+        throw new Error("no matching decryption secret");
+    }, {
+        clockTolerance: 15,
+        keyManagementAlgorithms: [alg],
+        contentEncryptionAlgorithms: [enc, "A256GCM"],
+    });
+    return payload;
+}
+export async function getToken(params) {
+    const { secureCookie, cookieName = defaultCookies(secureCookie ?? false).sessionToken.name, decode: _decode = decode, salt = cookieName, secret, logger = console, raw, req, } = params;
+    if (!req)
+        throw new Error("Must pass `req` to JWT getToken()");
+    const headers = req.headers instanceof Headers ? req.headers : new Headers(req.headers);
+    const sessionStore = new SessionStore({ name: cookieName, options: { secure: secureCookie } }, parseCookie(headers.get("cookie") ?? ""), logger);
+    let token = sessionStore.value;
+    const authorizationHeader = headers.get("authorization");
+    if (!token && authorizationHeader?.split(" ")[0] === "Bearer") {
+        const urlEncodedToken = authorizationHeader.split(" ")[1];
+        token = decodeURIComponent(urlEncodedToken);
+    }
+    if (!token)
+        return null;
+    if (raw)
+        return token;
+    if (!secret)
+        throw new MissingSecret("Must pass `secret` if not set to JWT getToken()");
+    try {
+        return await _decode({ token, secret, salt });
+    }
+    catch {
+        return null;
+    }
+}
+async function getDerivedEncryptionKey(enc, keyMaterial, salt) {
+    let length;
+    switch (enc) {
+        case "A256CBC-HS512":
+            length = 64;
+            break;
+        case "A256GCM":
+            length = 32;
+            break;
+        default:
+            throw new Error("Unsupported JWT Content Encryption Algorithm");
+    }
+    return await hkdf("sha256", keyMaterial, salt, `Auth.js Generated Encryption Key (${salt})`, length);
+}

package/lib/actions/callback/handle-login.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import type { AdapterAccount, AdapterSession, AdapterUser } from "../../../adapters.js";
+import type { Account, InternalOptions, User } from "../../../types.js";
+import type { JWT } from "../../../jwt.js";
+import type { SessionToken } from "../../utils/cookie.js";
+/**
+ * This function handles the complex flow of signing users in, and either creating,
+ * linking (or not linking) accounts depending on if the user is currently logged
+ * in, if they have account already and the authentication mechanism they are using.
+ *
+ * It prevents insecure behaviour, such as linking OAuth accounts unless a user is
+ * signed in and authenticated with an existing valid account.
+ *
+ * All verification (e.g. OAuth flows or email address verification flows) are
+ * done prior to this handler being called to avoid additional complexity in this
+ * handler.
+ */
+export declare function handleLoginOrRegister(sessionToken: SessionToken, _profile: User | AdapterUser | {
+    email: string;
+}, _account: AdapterAccount | Account | null, options: InternalOptions): Promise<{
+    user: User;
+    account: Account;
+    session?: undefined;
+    isNewUser?: undefined;
+} | {
+    session: AdapterSession | JWT | null;
+    user: AdapterUser;
+    isNewUser: boolean;
+    account: AdapterAccount;
+} | {
+    session: AdapterSession | JWT | null;
+    user: AdapterUser;
+    isNewUser: boolean;
+    account?: undefined;
+}>;
+//# sourceMappingURL=handle-login.d.ts.map

package/lib/actions/callback/handle-login.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"handle-login.d.ts","sourceRoot":"","sources":["../../../src/lib/actions/callback/handle-login.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EACd,WAAW,EACZ,MAAM,sBAAsB,CAAA;AAC7B,OAAO,KAAK,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AACvE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AAE1C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AAEzD;;;;;;;;;;;GAWG;AACH,wBAAsB,qBAAqB,CACzC,YAAY,EAAE,YAAY,EAC1B,QAAQ,EAAE,IAAI,GAAG,WAAW,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,EAChD,QAAQ,EAAE,cAAc,GAAG,OAAO,GAAG,IAAI,EACzC,OAAO,EAAE,eAAe;;;;;;;;;;;;;;;GAgTzB"}